summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xscripts/policy/vyatta-policy.pl2
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def5
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def5
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def8
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def8
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def6
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def5
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def7
-rw-r--r--templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def7
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/call/node.def2
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/continue/node.def8
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def9
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def9
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def9
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def9
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def9
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def9
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def2
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def7
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def5
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def1
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def11
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def2
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def4
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def2
25 files changed, 106 insertions, 45 deletions
diff --git a/scripts/policy/vyatta-policy.pl b/scripts/policy/vyatta-policy.pl
index 928c69f6..ae04470f 100755
--- a/scripts/policy/vyatta-policy.pl
+++ b/scripts/policy/vyatta-policy.pl
@@ -25,7 +25,7 @@ sub check_peer_syntax() {
$_ = $peer;
if (/^local$/) { exit 0; }
- if (! isIpAddress("$peer")) { exit 0; }
+ if (isIpAddress("$peer")) { exit 0; }
exit 1;
}
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def
index 49b185d1..7b7d73b8 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def
@@ -1,7 +1,8 @@
help: "Filter any IP address"
-syntax: $(../host/@) = "" && $(../network/@) = ""; "You may only define one filter type. (host|network|any)"
syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \
To set destination filter parameters, the access-list rule number must be \n \
<100-199> IP extended access list \n \
<2000-2699> IP extended access list (expanded range) \n"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+commit: $(../../action/) != ""; "You must specify an action before committing"
+# TODO - comparison not working
+#commit: $(../host/) != "" || $(../network/) != ""; "You may only define one filter type. (host|network|any)"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def
index cf235bdd..13c3ae78 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def
@@ -1,8 +1,9 @@
type: ipv4
help: "Filter a host IP address"
-syntax: $(../any/@) = "" && $(../network/@) = ""; "You may only define one filter type. (host|network|any)"
syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \
To set destination filter parameters, the access-list rule number must be \n \
<100-199> IP extended access list \n \
<2000-2699> IP extended access list (expanded range) \n"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+# TODO - comparison not working
+#commit: $(../any/) != "" || $(../network/) != ""; "You may only define one filter type. (host|network|any)"
+commit: $(../../action/) != ""; "You must specify an action before committing"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def
index 6f10c045..e9d61cdb 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def
@@ -1,10 +1,10 @@
type: ipv4
help: "Filter a network IP netmask"
-syntax: $(../any/@) = "" && $(../host/@) = ""; "You may only define one filter type. (host|network|any)"
-# TODO: pending 2284
syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \
To set destination filter parameters, the access-list rule number must be \n \
<100-199> IP extended access list \n \
<2000-2699> IP extended access list (expanded range) \n"
-commit: $(../network/@) != ""; "You must specify a network before committing"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+commit: $(../network/) != ""; "You must specify a network before committing"
+commit: $(../../action/) != ""; "You must specify an action before committing"
+# TODO - comparison not working
+#commit: $(../any/) != "" || $(../host/) != ""; "You may only define one filter type. (host|network|any)"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def
index 3f5b0261..ca98a8f1 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def
@@ -1,10 +1,10 @@
type: ipv4
help: "Filter a network IP address"
-syntax: $(../host/@) != "" || $(../any/@) != ""; "You may only define one filter type (host|network|any)"
-# TODO: pending 2284
syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \
To set destination filter parameters, the access-list rule number must be \n \
<100-199> IP extended access list \n \
<2000-2699> IP extended access list (expanded range) \n"
-commit: $(../inverse-mask/@) != ""; "You must specify an inverse-mask before committing"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+commit: $(../inverse-mask/) != ""; "You must specify an inverse-mask before committing"
+commit: $(../../action/) != ""; "You must specify an action before committing"
+# TODO - comaprison not working
+#commit: $(../host/) != "" || $(../any/) != ""; "You may only define one filter type (host|network|any)"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def
index 224c58b2..3985197c 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def
@@ -1,4 +1,4 @@
help: "Filter any IP address"
-# TODO: won't work until 2220 is fixed
-syntax: $(../host/@) = "" && $(../network/@) = ""; "You may only define one filter type. (host|network|any)"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+# TODO - comparison not working
+#commit: $(../host/) != "" || $(../network/) != ""; "You may only define one filter type. (host|network|any)"
+commit: $(../../action/) != ""; "You must specify an action before committing"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def
index 52175605..9136ce01 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def
@@ -1,4 +1,5 @@
type: ipv4
help: "Filter a host IP address"
-syntax: $(../any/@) = "" && $(../network/@) = ""; "You may only define one filter type. (host|network|any)"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+# TODO - comparison not working
+#commit: $(../any/) != "" || $(../network/) != ""; "You may only define one filter type. (host|network|any)"
+commit: $(../../action/) != ""; "You must specify an action before committing"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def
index ce7813bc..929ccb3d 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def
@@ -1,5 +1,6 @@
type: ipv4
help: "Filter a network IP netmask"
-syntax: $(../any/@) = "" || $(../host/@) = ""; "You may only define one filter type. (host|network|any)"
-commit: $(../network/@) != ""; "You must specify a network before committing"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+# TODO - comparison not working
+#commit: $(../any/) != "" || $(../host/) != ""; "You may only define one filter type. (host|network|any)"
+commit: $(../network/) != ""; "You must specify a network before committing"
+commit: $(../../action/) != ""; "You must specify an action before committing"
diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def
index d124b83d..53e3375b 100644
--- a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def
+++ b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def
@@ -1,5 +1,6 @@
type: ipv4
help: "Filter a network IP address"
-syntax: $(../host/@) = "" && $(../any/@) = ""; "You may only define one filter type (host|network|any)"
-commit: $(../inverse-mask/@) != ""; "You must specify an inverse-mask before committing"
-commit: $(../../action/@) != ""; "You must specify an action before committing"
+# TODO - commparison not working
+#commit: $(../host/) != "" || $(../any/) != ""; "You may only define one filter type (host|network|any)"
+commit: $(../inverse-mask/) != ""; "You must specify an inverse-mask before committing"
+commit: $(../../action/) != ""; "You must specify an action before committing"
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/call/node.def b/templates/policy/route-map/node.tag/rule/node.tag/call/node.def
index 1b9df581..8eaa720a 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/call/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/call/node.def
@@ -1,6 +1,6 @@
type: txt
help: "Target route-map name"
-syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $(@)\" "; "route-map $(@) doesn't exist"
+commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $(@)\" "; "route-map $(@) doesn't exist"
commit: $(../action/) != ""; "must define an action for route-map $(../../@) rule $(../@)"
update: "/usr/bin/vtysh -c \"configure terminal\" -c \"route-map $(../../@) $(../action/@) $(../@)\" \
-c \"call $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def b/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def
index e26d72c8..f46fd5dd 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def
@@ -1,3 +1,11 @@
type: u32
help: "Continue on a different entry within the route-map"
syntax: $(@) >= 1 && $(@) <= 65535; "continue must be between 1 and 65535"
+# TODO - conditional not working
+#syntax: $(@) > $(../../@); "you may only continue forward in the route-map"
+update: "/usr/bin/vtysh -c \"configure terminal\"
+ -c \"route-map $(../../@) $(../action/@) $(../@)\" \
+ -c \"continue $(@)\" "
+delete: "/usr/bin/vtysh -c \"configure terminal\"
+ -c \"route-map $(../../@) $(../action/@) $(../@)\" \
+ -c \"no continue \" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def
index 7f803c4a..33c698b1 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def
@@ -1,4 +1,11 @@
type: u32
help: "access-list number"
-commit: $(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
+# TODO - comparison not working
+#commit: $(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\" "; "access-list $(@) does not exist"
+update: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"match ip address $(@)\" "
+delete: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"no match ip address $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def
index 18c02c7b..b7870eb4 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def
@@ -1,4 +1,11 @@
type: txt
help: "prefix-list name"
-commit: $(../access-list/) == ""; "You can only specify a prefix-list or access-list"
+# TODO - comparison not working
+#commit: $(../access-list/) == ""; "You can only specify a prefix-list or access-list"
commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\" "; "prefix-list $(@) does not exist"
+update: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"match ip address prefix-list $(@)\" "
+delete: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"no match ip address prefix-list $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def
index 7f803c4a..d83479e9 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def
@@ -1,4 +1,11 @@
type: u32
help: "access-list number"
-commit: $(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
+# TODO - comparison not working
+#commit: $(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\" "; "access-list $(@) does not exist"
+update: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"match ip next-hop $(@)\" "
+delete: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"no match ip next-hop $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def
index 18c02c7b..cf8a0844 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def
@@ -1,4 +1,11 @@
type: txt
help: "prefix-list name"
-commit: $(../access-list/) == ""; "You can only specify a prefix-list or access-list"
+# TODO - comparison not working
+#commit: $(../access-list/) == ""; "You can only specify a prefix-list or access-list"
commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\" "; "prefix-list $(@) does not exist"
+update: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"match ip next-hop prefix-list $(@)\" "
+delete: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"no match ip next-hop prefix-list $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def
index 7f803c4a..18b46ebb 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def
@@ -1,4 +1,11 @@
type: u32
help: "access-list number"
-commit: $(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
+# TODO - comparison not working
+#commit: $(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\" "; "access-list $(@) does not exist"
+update: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"match ip route-source $(@)\" "
+delete: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"no match ip route-source $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def
index 18c02c7b..c8016bcc 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def
@@ -1,4 +1,11 @@
type: txt
help: "prefix-list name"
-commit: $(../access-list/) == ""; "You can only specify a prefix-list or access-list"
+# TODO - comparison not working
+#commit: $(../access-list/) == ""; "You can only specify a prefix-list or access-list"
commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\" "; "prefix-list $(@) does not exist"
+update: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"match ip route-source prefix-list $(@)\" "
+delete: "/usr/bin/vtysh -c \"configure terminal\" \
+ -c \"route-map $(../../../../../@) $(../../../../action/@) $(../../../../@)\" \
+ -c \"no match ip route-source prefix-list $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def
index 4f8aa922..89e352e3 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def
@@ -1,7 +1,7 @@
type: u32
help: "Match tag of route"
syntax: $(@) >= 1 && $(@) <= 65535; "tag must be between 1 and 65535"
-commit: $(../../action/); "You must specify an action for route-map $(../../../@) rule $(../../@)"
+commit: $(../../action/) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)"
update: "/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \
-c \"match tag $(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def b/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def
index 2b8abb2d..deaa79b7 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def
@@ -1,11 +1,12 @@
type: u32
help: "Goto sequence number"
-syntax: $(../next/) != ""; "you can set only goto or next"
+# TODO - comparison doesn't work
+#syntax: $(../next/) == ""; "you can set only goto or next"
syntax: $(@) >= 1 && $(@) <= 65535; "tag must be between 1 and 65535"
-commit: $(../../action/@); "You must specify an action for route-map $(../../../@) rule $(../../@)"
+commit: $(../../action/) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)"
update: "/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \
-c \"on-match goto $(@)\" "
delete: "/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \
- -c \"no on-match goto $(@)\" "
+ -c \"no on-match goto \" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def b/templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def
index c8e39ec8..839a5c37 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def
@@ -1,6 +1,7 @@
help: "Goto next sequence number"
-syntax: $(../goto/) != ""; "you can set only goto or next"
-commit: $(../../action/@); "You must specify an action for route-map $(../../../@) rule $(../../@)"
+# TODO - comparison doesn't work
+#syntax: $(../goto/) == ""; "you can set only goto or next"
+commit: $(../../action/) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)"
update: "/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \
-c \"on-match next \" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def
index 1bfbe125..5cc75381 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def
@@ -1,3 +1,2 @@
type: ipv4
help: "IP address of aggregator"
-syntax: $(@) >= 1 && $(@) <= 65535; "AS number must be between 1 and 65535"
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def
index 28a564a5..e32c3214 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def
@@ -1,16 +1,21 @@
help: "BGP aggregator attribute"
-delete: "touch /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID"
+delete: "echo $(./as/@) $(./ip/@) > /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID"
end: "if [ -z \"$(./as/)\" ] || [ -z \"$(./ip/)\" ]; then \
echo You must configure as and ip ; \
exit 1 ; \
fi ; \
+ if [ -f \"/tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID\" ]; then \
+ as=\\$(cat /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID); \
+ else \
+ as=\"$(./as/@) $(./ip/@)\"; \
+ fi ; \
/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \
- -c \"no set aggregator \" ; \
+ -c \"no set aggregator as \\$as\" ; \
if [ -f \"/tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID\" ]; then \
rm -rf /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID; \
else \
/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \
- -c \"match community $(./as/@) $(./ip/@)\" ; \
+ -c \"set aggregator as \\$as\" ; \
fi; "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def
index 9f61e27d..068c096c 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def
@@ -1,3 +1,3 @@
type: txt
help: "Set BGP community list"
-commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $(@)\"; "community list $(@) does not exist"
+commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $(@)\""; "community list $(@) does not exist"
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def
index a12707d8..c54c7fef 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def
@@ -11,9 +11,9 @@ end: "if [ -z \"$(./comm-list/)\" ]; then \
rm -rf /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-comm-list.\\$PPID; \
else \
if [ -n \"$(./delete/)\" ]; then \
- COND=\"delete\" ; \
+ cond=\"delete\" ; \
fi ; \
/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \
- -c \"set comm-list $(./comm-list/@) \\$COND\" ; \
+ -c \"set comm-list $(./comm-list/@) \\$cond\" ; \
fi; "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def
index 392027e7..dd661452 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def
@@ -1,6 +1,6 @@
type: txt
help: "Metric value for destination routing protocol"
-syntax: exec "if [ -n `echo $(@) | sed 's/[+0123456789]*-*//g'` ]; then exit 1; fi; "; "metric must be an integer with an optional +/- prepend"
+syntax: exec "if [ -n \"\\$(echo $(@) | sed 's/^[+-]*[0123456789]*//')\" ]; then exit 1; fi; "; "metric must be an integer with an optional +/- prepend"
commit: $(../../action/) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)"
update: "/usr/bin/vtysh -c \"configure terminal\" \
-c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \