diff options
59 files changed, 165 insertions, 67 deletions
diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index d20ad8fa..059ce1a5 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -1,15 +1,33 @@ #!/usr/bin/perl use lib "/opt/vyatta/share/perl5/"; +use VyattaConfig; use VyattaMisc; use Getopt::Long; GetOptions("check-peer-name=s" => \$peername, + "check-as" => \$checkas, + "check-peer-groups" => \$checkpeergroups, + "peergroup=s" => \$pg, + "as=s" => \$as, + "neighbor=s" => \$neighbor, ); -if (defined $peername) { check_peer_name($peername); } +if (defined $peername) { check_peer_name($peername); } +elsif (defined $checkpeergroups && + defined $pg && + defined $as) { check_for_peer_groups($pg, $as); } +elsif (defined $neighbor && + defined $as && + defined $checkas && + defined $pg) { check_as($pg, $neighbor, $as); } +elsif (defined $neighbor && + defined $as && + defined $checkas) { check_as(-1, $neighbor, $as); } + exit 0; +# Make sure the neighbor is a proper IP or name sub check_peer_name() { my $neighbor = shift; @@ -18,5 +36,80 @@ sub check_peer_name() { print "malformed neighbor address $neighbor\n"; exit 1; } - exit 0; +} + +# Make sure we aren't deleteing a peer-group that has +# neighbors configured to us it +sub check_for_peer_groups() { + my $config = new VyattaConfig; + my $pg = shift; + my $as = shift; + my $node = $pg; + my @peers, @neighbors; + + # short circuit if the neighbor is an IP rather than name + $node =~ s/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}//; + if ($node eq "") { return; } + + # get the list of neighbors and see if they have a peer-group set + $config->setLevel("protocols bgp $as neighbor"); + my @neighbors = $config->listNodes(); + + foreach $node (@neighbors) { + my $peergroup = $config->returnValue("$node peer-group"); + if ($peergroup eq $pg) { push @peers, $node; } + } + + # if we found peers in the previous statements + # notify an return errors + if (@peers) { + foreach $node (@peers) { + print "neighbor $node uses peer-group $pg\n"; + } + + print "please delete these peers before removing the peer-group\n"; + exit 1; + } + + return; +} + +# make sure nodes are either in a peer group of have +# a remote AS assigned to them. +sub check_as() { + my $pg = shift; + my $neighbor = shift; + my $as = shift; + my $config = new VyattaConfig; + my $pgtest = $neighbor; + + # if this is peer-group then short circuit this + $pgtest =~ s/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}//; + if ($pgtest ne "") { return; } + + $config->setLevel("protocols bgp $as neighbor $neighbor"); + $remoteas = $config->returnValue("remote-as"); + + if (! defined $remoteas) { + if ($pg > 0) { + $peergroup = 1; + $peergroupas = 1; + } + else { + $peergroup = $config->returnValue("peer-group"); + $peergroupas = $config->returnValue(" .. $peergroup remote-as"); + } + + if (! defined $peergroup) { + print "You must define a remote-as or peer-group for neighbor $neighbor before commiting\n"; + exit 1; + } + + if (! defined $peergroupas) { + print "You must define a remote-as in neighbor $neighbor or peer-group $peergroup before commiting\n"; + exit 1; + } + } + + return; } diff --git a/templates/protocols/bgp/node.tag/neighbor/node.def b/templates/protocols/bgp/node.tag/neighbor/node.def index b3f2eb82..a655ae93 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.def @@ -2,8 +2,8 @@ tag: type: txt help: "Specify neighbor router" syntax: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-peer-name $(@)" -# if this neighbor has a text name it is a peer group. setup the peer-group option update: "if [ -n \"`echo $(@) | sed 's/[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}//'`\" ]; then \ /usr/bin/vtysh -c \"configure terminal\" -c\"router bgp $(../@)\" -c\"neighbor $(@) peer-group\" ; \ fi ; " -delete: "/usr/bin/vtysh -c \"configure terminal\" -c\"router bgp $(../@)\" -c\"no neighbor $(@) \" " +delete: "/opt/vyatta/sbin/vyatta-bgp.pl --check-peer-groups --peergroup $(@) --as $(../@); \ + /usr/bin/vtysh -c \"configure terminal\" -c\"router bgp $(../@)\" -c\"no neighbor $(@) \" " diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/advertisement-interval/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/advertisement-interval/node.def index 9ae0051d..89406145 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/advertisement-interval/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/advertisement-interval/node.def @@ -1,7 +1,7 @@ type: u32 help: "Minimum interval between sending BGP routing updates" syntax: $(@) >= 0 && $(@) <= 600; "remote-as must be between 0 and 600" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified first" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/node.def index a1cebf2e..e8cb6c9e 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/node.def @@ -1,5 +1,5 @@ help: "Accept as-path with my AS present in it." -commit: ($(../peer-group/@) != "") || ($(../remote-as/@) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" delete: "touch /tmp/bgp-neighbor-$(../@)-allowas-in.\\$PPID" end: "/usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ -c \"no neighbor $(../@) allowas-in \"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/number/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/number/node.def index e3a85be5..468dfa3c 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/number/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/allowas-in/number/node.def @@ -1,4 +1,4 @@ type: u32 help: "Number of occurrences of AS number" syntax: $(@) >= 1 && $(@) <= 10; "allowas-in number must be between 1 and 10" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/as-path/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/as-path/node.def index b7238bea..a004417e 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/as-path/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/as-path/node.def @@ -1,2 +1 @@ help: "AS path attribute" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/med/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/med/node.def index b770c14b..ad1fd4f3 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/med/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/med/node.def @@ -1,2 +1 @@ help: "Multi-exit discriminator attribute" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/next-hop/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/next-hop/node.def index f5a908a3..13cba663 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/next-hop/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/next-hop/node.def @@ -1,2 +1 @@ help: "Nexthop attribute" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/node.def index c1cf0737..8dd65018 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/attribute-unchanged/node.def @@ -1,5 +1,6 @@ help: "BGP attribute is propagated unchanged to this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set attribute-unchanged for neighbor $(../@) in peer-group $(../peer-group/@)" delete: "touch /tmp/bgp-neighbor-$(../@)-attribute-unchanged.\\$PPID" end: "/usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ -c \"no neighbor $(../@) attribute-unchanged \"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/dynamic/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/dynamic/node.def index 49afb733..0e354176 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/dynamic/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/dynamic/node.def @@ -1,5 +1,5 @@ help: "Advertise dynamic capability to this neighbor" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/receive/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/receive/node.def index 41b24925..89b4cd60 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/receive/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/receive/node.def @@ -1,5 +1,6 @@ help: "Capability to RECEIVE the ORF to this neighbor" -commit: ($(../../../../peer-group/) != "") || ($(../../../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../../../@) --neighbor $(../../../../@)" +commit: $(../../../../peer-group/) == ""; "You can't set orf capability receive for neighbor $(../../../../@) in peer-group $(../../../../peer-group/@)" update: "if [ -n \"$(../../../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../../../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/send/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/send/node.def index 99ee3e9d..e26917ac 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/send/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/capability/orf/prefix-list/send/node.def @@ -1,5 +1,6 @@ help: "Capability to SEND the ORF to this neighbor" -commit: ($(../../../../peer-group/) != "") || ($(../../../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../../../@) --neighbor $(../../../../@)" +commit: $(../../../../peer-group/) == ""; "You can't set capability orf send for neighbor $(../../../../@) in peer-group $(../../../../peer-group/@)" update: "if [ -n \"$(../../../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../../../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/node.def index a1eb6bfb..b781dcaf 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/node.def @@ -1,5 +1,6 @@ help: "Originate default route to this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set default-originate for neighbor $(../@) in peer-group $(../peer-group/@)" delete: "touch /tmp/bgp-neighbor-$(../@)-default-originate.\\$PPID" end: "/usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ -c \"no neighbor $(../@) default-originate \"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/route-map/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/route-map/node.def index ae918ddc..8c437d12 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/route-map/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/default-originate/route-map/node.def @@ -1,3 +1,4 @@ type: txt help: "Route-map to specify criteria to originate default" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $(@)\" " "; "route-map $(@) doesn't exist" +commit: $(../../peer-group/) == ""; "You can't set a default-originate route-map for neighbor $(../../@) in peer-group $(../../peer-group/@)" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/disable-connected-check/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/disable-connected-check/node.def index 3b862fc2..8a7199f3 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/disable-connected-check/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/disable-connected-check/node.def @@ -1,5 +1,5 @@ help: "One hop distant EBGP peer using loopback address" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/in/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/in/node.def index f12c5a0f..32f406c5 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/in/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/in/node.def @@ -1,6 +1,7 @@ type: u32 help: "Filter incoming updates" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a distribute-list for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\" ";"access-list $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/node.def index 0c3731c0..8e96b2b5 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/node.def @@ -1,2 +1 @@ help: "Filter updates to/from this neighbor" -commit: ($(../peer-group/@) != "") || ($(../remote-as/@) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/out/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/out/node.def index ed6ce2d1..7d70fae2 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/out/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/distribute-list/out/node.def @@ -1,6 +1,7 @@ type: u32 help: "Filter outgoing updates" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a distribute-list for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\" ";"access-list $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/dont-capability-negotiate/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/dont-capability-negotiate/node.def index c0bd172b..6dc7c734 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/dont-capability-negotiate/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/dont-capability-negotiate/node.def @@ -1,5 +1,5 @@ help: "Do not perform capability negotiation" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/ebgp-multihop/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/ebgp-multihop/node.def index 0d639210..eef363b5 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/ebgp-multihop/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/ebgp-multihop/node.def @@ -1,6 +1,6 @@ type: u32 help: "Allow EBGP neighbors not on directly connected networks" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" syntax: $(@) >=1 && $(@) <= 255; "ebgp-multihop must be between 1 and 255" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/enforce-multihop/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/enforce-multihop/node.def index 78d7f28e..5c4fd5a2 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/enforce-multihop/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/enforce-multihop/node.def @@ -1,5 +1,5 @@ help: "Enforce EBGP neighbors perform multihop" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/in/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/in/node.def index c2ef75b6..44618b3b 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/in/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/in/node.def @@ -1,6 +1,7 @@ type: txt help: "Filter incoming updates based on AS path" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a filter-list for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy as-path-list $(@)\" ";"as-path-list $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/node.def index 788b4f1d..648a1783 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/node.def @@ -1,2 +1 @@ help: "Establish BGP filters" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/out/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/out/node.def index 7b6678f9..07945538 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/out/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/filter-list/out/node.def @@ -1,6 +1,7 @@ type: txt help: "Filter outgoing updates" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a filter-list for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy as-path-list $(@)\" ";"as-path-list $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def index 8e13afda..29ec3a17 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def @@ -1,6 +1,6 @@ type: txt help: "Interface name" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" syntax: exec " \ if [ -z \"`ip addr | grep $(@) `\" ]; then \ echo $(@) doesn\\'t exist on this system ; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/local-as/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/local-as/node.def index 64f46365..cdf0775f 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/local-as/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/local-as/node.def @@ -1,5 +1,6 @@ type: u32 help: "Local AS number" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../peer-group/) == ""; "You can't set a local-as for neighbor $(../@) in peer-group $(../peer-group/@)" syntax: $(@) >=1 && $(@) <= 65535; "local-as must be between 1 and 65535" syntax: $(@) != $(../../../@); "Cannot have local-as same as BGP AS number" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/no-prepend/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/no-prepend/node.def index 3d540eb0..99b52bdd 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/no-prepend/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/no-prepend/node.def @@ -1,2 +1 @@ help: "Do not prepend local-as to updates from EBGP peers" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def index 4dbc9486..7330c76e 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/local-as/node.def @@ -1,5 +1,6 @@ help: "Specify a local-as number" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set a local-as for neighbor $(../../@) in peer-group $(../../peer-group/@)" delete: "touch /tmp/bgp-neighbor-$(../@)-local-as.\\$PPID" end: "/usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ -c \"no neighbor $(../@) local-as \"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/maximum-prefix/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/maximum-prefix/node.def index 438b562c..a412da4e 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/maximum-prefix/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/maximum-prefix/node.def @@ -1,6 +1,6 @@ type: u32 help: "Maximum number of prefixes to accept from this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/nexthop-self/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/nexthop-self/node.def index ae986b8e..9e1aa94a 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/nexthop-self/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/nexthop-self/node.def @@ -1,5 +1,6 @@ help: "Disable the next hop calculation for this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set next-hop-self for neighbor $(../@) in peer-group $(../peer-group/@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-activate/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-activate/node.def index 6525b28d..6f203b5a 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-activate/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-activate/node.def @@ -1,5 +1,5 @@ help: "Disable the Address Family for this Neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/extended/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/extended/node.def index bf3ca2a5..98c1b64a 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/extended/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/extended/node.def @@ -1,5 +1,6 @@ help: "Do not send extended community attributes" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set no-send-community for neighbor $(../../@) in peer-group $(../../peer-group/@)" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/node.def index 5dc502b5..6251cb84 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/node.def @@ -1,3 +1,2 @@ help: "Do not send community attributes to this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" commit: ($(./extended/) != "") || ($(./standard/) != ""); "You must specify the type of community." diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/standard/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/standard/node.def index 5422c97c..60787ebb 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/standard/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/no-send-community/standard/node.def @@ -1,5 +1,5 @@ help: "Do not send standard community attributes" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/override-capability/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/override-capability/node.def index e7ad91c2..34615d31 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/override-capability/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/override-capability/node.def @@ -1,5 +1,6 @@ help: "Override capability negotiation result" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../strict-capability/) == ""; "You can't set strict-capability and override-capability for neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/passive/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/passive/node.def index e9019f61..33a13007 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/passive/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/passive/node.def @@ -1,5 +1,5 @@ help: "Don't send open messages to this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/password/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/password/node.def index 7ac547a5..a5a6931c 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/password/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/password/node.def @@ -1,6 +1,6 @@ type: txt help: "Specify BGP neighbor password" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def index 24162911..fab209fe 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/peer-group/node.def @@ -1,17 +1,11 @@ type: txt help: "Member of the peer-group" -syntax: $(../remote-as/) == ""; "remote-as must not be defined if putting this neighbor in a peer group" syntax: exec "if [ -n \"`echo $(../@) | sed 's/[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}.[0-9]\\{1,3\\}//'`\" ]; then \ exit 1; \ fi; "; "peer-group token may not be specified for a peer-group" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --peergroup=$(@) --as $(../../@) --neighbor $(../@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"protocols bgp $(../../@) neighbor $(@)\" "; "peer-group $(@) doesn't exist" -update: "if [ -n \"$(../remote-as/@)\" ]; then \ - peer=\"remote-as $(../remote-as/@)\"; \ - else \ - peer=\"peer-group $(../peer-group/@)\"; \ - fi; \ - /usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ - -c \"neighbor $(../@) \\$peer\" \ +update: "/usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ -c \"neighbor $(../@) peer-group $(@)\" " delete: "/usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ -c \"no neighbor $(../@) peer-group $(@)\" " diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/port/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/port/node.def index 34c62264..5ea945f6 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/port/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/port/node.def @@ -1,7 +1,7 @@ type: u32 help: "Neighbor's BGP port" syntax: $(@) >= 1 && $(@) <= 65535; "remote-as must be between 1 and 65535" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/in/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/in/node.def index 508df816..1d320e55 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/in/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/in/node.def @@ -1,6 +1,7 @@ type: txt help: "Filter incoming updates" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified first" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a prefix-list for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\" ";"prefix-list $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/node.def index 2ecfea03..8e96b2b5 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/node.def @@ -1,2 +1 @@ help: "Filter updates to/from this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/out/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/out/node.def index c3a0ba71..c2277ea9 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/out/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/prefix-list/out/node.def @@ -1,6 +1,7 @@ type: txt help: "Filter outgoing updates" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified first" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a prefix-list for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\" ";"prefix-list $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/remove-private-as/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/remove-private-as/node.def index db27b183..0189f477 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/remove-private-as/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/remove-private-as/node.def @@ -1,5 +1,6 @@ help: "Remove private AS number from outbound updates" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set a remove-private-as for neighbor $(../@) in peer-group $(../peer-group/@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/export/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/export/node.def index d904726e..913dc1cf 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/export/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/export/node.def @@ -1,6 +1,7 @@ type: txt help: "Route-map to apply to incoming updates" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a route-map for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $(@)\" ";"route-map $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/import/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/import/node.def index d904726e..913dc1cf 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/import/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/import/node.def @@ -1,6 +1,7 @@ type: txt help: "Route-map to apply to incoming updates" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../../@) --neighbor $(../../@)" +commit: $(../../peer-group/) == ""; "You can't set a route-map for neighbor $(../../@) in peer-group $(../../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $(@)\" ";"route-map $(@) doesn't exist" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/node.def index dc87e574..db8271a6 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-map/node.def @@ -1,2 +1 @@ help: "Route-map to apply on updates to/from this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-reflector-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-reflector-client/node.def index 3e5d92fc..22a8c4ce 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-reflector-client/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-reflector-client/node.def @@ -1,5 +1,6 @@ help: "Configure a neighbor as Route Reflector client" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set route-reflector-client for neighbor $(../@) in peer-group $(../peer-group/@)" commit: $(../../@) == $(../remote-as/@); "remote-as must equal local-as to be a route-reflector client" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-server-client/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-server-client/node.def index cf759e9f..3770f479 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/route-server-client/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/route-server-client/node.def @@ -1,5 +1,6 @@ help: "Configure a neighbor as Route Server client" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set route-server-client for neighbor $(../@) in peer-group $(../peer-group/@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/shutdown/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/shutdown/node.def index 173c44a3..12665c17 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/shutdown/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/shutdown/node.def @@ -1,5 +1,5 @@ help: "Administratively shut down this neighbor" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/inbound/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/inbound/node.def index 3e56b2f3..b4c0da6b 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/inbound/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/inbound/node.def @@ -1,5 +1,5 @@ help: "Allow inbound soft reconfiguration for this neighbor" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../../remote-as/@)\" ]; then \ peer=\"remote-as $(../../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/node.def index facd4713..e2400e17 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/soft-reconfiguration/node.def @@ -1,3 +1,2 @@ help: "Per neighbor soft reconfiguration" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" commit: $(./inbound/@) != ""; "You must specify the type of soft-reconfiguration" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/strict-capability-match/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/strict-capability-match/node.def index 3bf24ba5..cdacff33 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/strict-capability-match/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/strict-capability-match/node.def @@ -1,5 +1,6 @@ help: "Strict capability negotiation match" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../override-capability/) == ""; "You can't set strict-capability and override-capability for neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/connect/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/connect/node.def index a5df6f79..badde464 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/connect/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/connect/node.def @@ -1,4 +1,3 @@ type: u32 help: "BGP connect timer" syntax: $(@) >=0 && $(@) <= 65535; "BGP connect timer must be between 0 and 65535" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/holdtime/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/holdtime/node.def index bc689e27..b7da119e 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/holdtime/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/holdtime/node.def @@ -1,4 +1,3 @@ type: u32 help: "Holdtime interval" syntax: $(@) == 0 || ($(@) >= 4 && $(@) <= 65535); "Holdtime interval must be 0 or between 4 and 65535" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/keepalive/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/keepalive/node.def index 4f3d0087..59067fdc 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/keepalive/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/keepalive/node.def @@ -1,4 +1,3 @@ type: u32 help: "Keepalive interval" syntax: $(@) >= 1 && $(@) <= 65535; "Keepalive interval must be between 1 and 65535" -commit: ($(../../peer-group/) != "") || ($(../../remote-as/) != ""); "remote-as or peer-group must be specified before commit" diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/node.def index 15521ae7..63ac6219 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/timers/node.def @@ -1,5 +1,6 @@ help: "BGP per neighbor timers" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set timers for neighbor $(../@) in peer-group $(../peer-group/@)" delete: "touch /tmp/bgp-neighbor-$(../@)-timers.\\$PPID" end: "/usr/bin/vtysh -c \"configure terminal\" -c \"router bgp $(../../@)\" \ -c \"no neighbor $(../@) timers \"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/unsuppress-map/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/unsuppress-map/node.def index a23afb3c..7ab36809 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/unsuppress-map/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/unsuppress-map/node.def @@ -1,6 +1,7 @@ type: txt help: "Route-map to selectively unsuppress suppressed routes" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" +commit: $(../peer-group/) == ""; "You can't set an unsuppress-map for neighbor $(../@) in peer-group $(../peer-group/@)" commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $(@)\" ";"route-map $(@) doesn't exist" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/update-source/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/update-source/node.def index bd01a2fd..95f565f1 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/update-source/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/update-source/node.def @@ -5,7 +5,7 @@ syntax: exec " \ echo $(@) doesn\\'t exist on this system ; \ exit 1 ; \ fi ; " -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/weight/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/weight/node.def index a368bad5..980e6cfc 100644 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/weight/node.def +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/weight/node.def @@ -1,7 +1,7 @@ type: u32 help: "Set default weight for routes from this neighbor" syntax: $(@) >= 1 && $(@) <= 65535; "weight must be between 1 and 65535" -commit: ($(../peer-group/) != "") || ($(../remote-as/) != ""); "remote-as or peer-group must be specified before commit" +commit: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $(../../@) --neighbor $(../@)" update: "if [ -n \"$(../remote-as/@)\" ]; then \ peer=\"remote-as $(../remote-as/@)\"; \ else \ |