diff options
24 files changed, 89 insertions, 20 deletions
diff --git a/Jenkinsfile b/Jenkinsfile index 7a760b40..cd252695 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,4 +1,4 @@ -// Copyright (C) 2020 VyOS maintainers and contributors +// Copyright (C) 2020-2021 VyOS maintainers and contributors // // This program is free software; you can redistribute it and/or modify // in order to easy exprort images built to "external" world @@ -12,13 +12,12 @@ // // You should have received a copy of the GNU General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. - @NonCPS // Using a version specifier library, use 'current' branch. The underscore (_) // is not a typo! You need this underscore if the line immediately after the // @Library annotation is not an import statement! -@Library('vyos-build@current')_ +@Library('vyos-build@equuleus')_ -// Start package build using library function from https://github.com/c-po/vyos-build +// Start package build using library function from https://github.com/vyos/vyos-build buildPackage() diff --git a/debian/vyatta-cfg-quagga.install b/debian/vyatta-cfg-quagga.install index 24f1d536..6f5b0659 100644 --- a/debian/vyatta-cfg-quagga.install +++ b/debian/vyatta-cfg-quagga.install @@ -8,13 +8,14 @@ opt/vyatta/share/vyatta-cfg/templates/interfaces/bonding opt/vyatta/share/vyatta-cfg/templates/interfaces/bridge opt/vyatta/share/vyatta-cfg/templates/interfaces/ethernet opt/vyatta/share/vyatta-cfg/templates/interfaces/loopback +opt/vyatta/share/vyatta-cfg/templates/interfaces/macsec opt/vyatta/share/vyatta-cfg/templates/interfaces/openvpn opt/vyatta/share/vyatta-cfg/templates/interfaces/pppoe opt/vyatta/share/vyatta-cfg/templates/interfaces/pseudo-ethernet opt/vyatta/share/vyatta-cfg/templates/interfaces/tunnel opt/vyatta/share/vyatta-cfg/templates/interfaces/vti opt/vyatta/share/vyatta-cfg/templates/interfaces/wireless -opt/vyatta/share/vyatta-cfg/templates/interfaces/wirelessmodem +opt/vyatta/share/vyatta-cfg/templates/interfaces/wwan opt/vyatta/share/vyatta-cfg/templates/interfaces/dummy opt/vyatta/share/vyatta-cfg/templates/interfaces/l2tpv3 opt/vyatta/share/vyatta-cfg/templates/interfaces/vxlan diff --git a/gen-interface-templates.pl b/gen-interface-templates.pl index 937af0b7..1b30851d 100755 --- a/gen-interface-templates.pl +++ b/gen-interface-templates.pl @@ -48,8 +48,9 @@ my %interface_hash = ( 'tunnel/node.tag' => '$VAR(@)', 'vti/node.tag' => '$VAR(@)', 'bridge/node.tag' => '$VAR(@)', + 'macsec/node.tag' => '$VAR(@)', 'openvpn/node.tag' => '$VAR(@)', - 'wirelessmodem/node.tag' => '$VAR(@)', + 'wwan/node.tag' => '$VAR(@)', 'dummy/node.tag' => '$VAR(@)', 'l2tpv3/node.tag' => '$VAR(@)', 'vxlan/node.tag' => '$VAR(@)', diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 129224ed..3c6b7dd5 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -775,6 +775,10 @@ my %qcom = ( set => 'router bgp #3 ; bgp graceful-restart stalepath-time #7', del => 'router bgp #3 ; no bgp graceful-restart stalepath-time #7', }, + 'protocols bgp var parameters graceful-shutdown' => { + set => 'router bgp #3 ; bgp graceful-shutdown', + del => 'router bgp #3 ; no bgp graceful-shutdown', + }, 'protocols bgp var parameters log-neighbor-changes' => { set => 'router bgp #3 ; bgp log-neighbor-changes', del => 'router bgp #3 ; no bgp log-neighbor-changes', @@ -797,7 +801,7 @@ my %qcom = ( }, 'protocols bgp var peer-group var' => { set => 'router bgp #3 ; neighbor #5 peer-group', - del => 'router bgp #3 ; no neighbor #5 peer-group', + del => 'router bgp #3 ; no neighbor #5', noerr => 'set', }, 'protocols bgp var peer-group var address-family' => { diff --git a/scripts/policy/vyatta-policy.pl b/scripts/policy/vyatta-policy.pl index 3e73a3bb..f098b48a 100755 --- a/scripts/policy/vyatta-policy.pl +++ b/scripts/policy/vyatta-policy.pl @@ -116,7 +116,7 @@ sub update_large_community_list { if (!($regex =~ /(.*):(.*):(.*)/) and (isIpAddress($1)or($1=~/^\d+$/) ) and ($2=~/^\d+$/)) { die "large-community-list $name rule $rule: Malformed large-community-list regex"; } - system("$VTYSH -c \"conf t\" -c \"bgp large-community-list expanded $name $action $regex\""); + system("$VTYSH -c \"conf t\" -c \"bgp large-community-list expanded $name seq $rule $action $regex\""); } exit(0); @@ -153,7 +153,7 @@ sub update_ext_community_list { if (!($regex =~ /(.*):(.*)/) and (isIpAddress($1)or($1=~/^\d+$/) ) and ($2=~/^\d+$/)) { die "extcommunity-list $name rule $rule: Malformed extcommunity-list regex"; } - system("$VTYSH -c \"conf t\" -c \"bgp extcommunity-list expanded $name $action $regex\""); + system("$VTYSH -c \"conf t\" -c \"bgp extcommunity-list expanded $name seq $rule $action $regex\""); } exit(0); @@ -187,7 +187,7 @@ sub update_community_list { unless $regex; system( -"$VTYSH -c \"configure terminal\" -c \"bgp community-list expanded $num $action $regex\" " +"$VTYSH -c \"configure terminal\" -c \"bgp community-list expanded $num seq $rule $action $regex\" " ); } diff --git a/templates/policy/prefix-list/node.def b/templates/policy/prefix-list/node.def index bdf9dcec..ff283737 100644 --- a/templates/policy/prefix-list/node.def +++ b/templates/policy/prefix-list/node.def @@ -4,4 +4,4 @@ type: txt help: IP prefix-list filter val_help: Prefix list name -syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "prefix-list name must be alpha-numeric" +syntax:expression: pattern $VAR(@) "^[-_a-zA-Z0-9.]+$" ; "prefix-list name can only contain alpha-numeric letters, hyphen and underscores" diff --git a/templates/policy/prefix-list6/node.def b/templates/policy/prefix-list6/node.def index effbbbf2..f298dbf3 100644 --- a/templates/policy/prefix-list6/node.def +++ b/templates/policy/prefix-list6/node.def @@ -4,4 +4,4 @@ type: txt help: IPv6 prefix-list filter val_help: Prefix list name -syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "prefix-list6 name must be alpha-numeric" +syntax:expression: pattern $VAR(@) "^[-_a-zA-Z0-9.]+$" ; "prefix-list name can only contain alpha-numeric letters, hyphen and underscores" diff --git a/templates/policy/route-map/node.def b/templates/policy/route-map/node.def index 1a3fd8b7..bbbc5f74 100644 --- a/templates/policy/route-map/node.def +++ b/templates/policy/route-map/node.def @@ -4,4 +4,4 @@ type: txt help: IP route-map val_help: Route map name -syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "route-map $VAR(@): name must be alpha-numeric" +syntax:expression: pattern $VAR(@) "^[-_a-zA-Z0-9.]+$" ; "route-map $VAR(@): can only contain alpha-numeric letters, hyphen and underscores" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def index b42b4972..5e62a1c4 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def @@ -1,5 +1,5 @@ type: u32 help: AS number of an aggregation -val_help: u32:1-65535; BGP AS number +val_help: u32:1-4294967295; BGP AS number -syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967294; "BGP AS number must be between 1 and 4294967294" +syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967295; "BGP AS number must be between 1 and 4294967295" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/ipv6-next-hop/prefer-global/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/ipv6-next-hop/prefer-global/node.def new file mode 100644 index 00000000..83061d4c --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/ipv6-next-hop/prefer-global/node.def @@ -0,0 +1,12 @@ +help: Prefer global address as the nexthop + +commit:expression: $VAR(../../../action/) != ""; "you must specify an action" + +update: vtysh -c "configure terminal" \ + -c "route-map $VAR(../../../../@) $VAR(../../../action/@) $VAR(../../../@)" \ + -c "set ipv6 next-hop prefer-global" + +delete: vtysh -c "configure terminal" \ + -c "route-map $VAR(../../../../@) $VAR(../../../action/@) $VAR(../../../@)" \ + -c "no set ipv6 next-hop prefer-global" + diff --git a/templates/protocols/bgp/node.def b/templates/protocols/bgp/node.def index 08c0a91a..ca7a448b 100644 --- a/templates/protocols/bgp/node.def +++ b/templates/protocols/bgp/node.def @@ -8,8 +8,15 @@ syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967294 ; \ "AS number must be between 1 and 4294967294" end: if [ -z "$VAR(.)" ] || [ "$COMMIT_ACTION" != DELETE ]; then + vtysh -d bgpd -c 'conf t' -c 'router bgp $VAR(@)' -c 'no bgp ebgp-requires-policy' + + if [ -z $VAR(./parameters/network-import-check/) ]; then + vtysh -d bgpd -c 'conf t' -c 'router bgp $VAR(@)' -c 'no bgp network import-check' + fi + /opt/vyatta/sbin/vyatta-bgp.pl --main vtysh -d bgpd -c 'sh run' > /opt/vyatta/etc/quagga/bgpd.conf + sudo vtysh --writeconfig --noerror else rm -f /opt/vyatta/etc/quagga/bgpd.conf fi diff --git a/templates/protocols/bgp/node.tag/parameters/graceful-shutdown/node.def b/templates/protocols/bgp/node.tag/parameters/graceful-shutdown/node.def new file mode 100644 index 00000000..4ff73f05 --- /dev/null +++ b/templates/protocols/bgp/node.tag/parameters/graceful-shutdown/node.def @@ -0,0 +1 @@ +help: Graceful shutdown diff --git a/templates/protocols/ospf/node.def b/templates/protocols/ospf/node.def index 613aee78..cf33ba11 100644 --- a/templates/protocols/ospf/node.def +++ b/templates/protocols/ospf/node.def @@ -15,4 +15,5 @@ end: if [ "$COMMIT_ACTION" == DELETE ]; then rm -f /opt/vyatta/etc/quagga/ospfd.conf else vtysh -d ospfd -c 'sh run' > /opt/vyatta/etc/quagga/ospfd.conf + sudo vtysh --writeconfig --noerror fi diff --git a/templates/protocols/ospfv3/area/node.tag/area-type/node.def b/templates/protocols/ospfv3/area/node.tag/area-type/node.def new file mode 100644 index 00000000..21d70cb7 --- /dev/null +++ b/templates/protocols/ospfv3/area/node.tag/area-type/node.def @@ -0,0 +1,2 @@ +help: OSPFv3 Area type +val_help: stub; Stub Area type diff --git a/templates/protocols/ospfv3/area/node.tag/area-type/stub/no-summary/node.def b/templates/protocols/ospfv3/area/node.tag/area-type/stub/no-summary/node.def new file mode 100644 index 00000000..10ce5dd4 --- /dev/null +++ b/templates/protocols/ospfv3/area/node.tag/area-type/stub/no-summary/node.def @@ -0,0 +1,12 @@ +help: Do not inject inter-area routes into stub + +create: + vtysh -c "configure terminal" \ + -c "router ospf6" \ + -c "area $VAR(../../../@) stub no-summary " + +delete: + vtysh -c "configure terminal" \ + -c "router ospf6" \ + -c "no area $VAR(../../../@) stub no-summary " \ + -c "area $VAR(../../../@) stub " diff --git a/templates/protocols/ospfv3/area/node.tag/area-type/stub/node.def b/templates/protocols/ospfv3/area/node.tag/area-type/stub/node.def new file mode 100644 index 00000000..4b49cd3f --- /dev/null +++ b/templates/protocols/ospfv3/area/node.tag/area-type/stub/node.def @@ -0,0 +1,11 @@ +help: Stub OSPFv3 area + +create: + vtysh -c "configure terminal" \ + -c "router ospf6" \ + -c "area $VAR(../../@) stub" + +delete: + vtysh -c "configure terminal" \ + -c "router ospf6" \ + -c "no area $VAR(../../@) stub" diff --git a/templates/protocols/ospfv3/node.def b/templates/protocols/ospfv3/node.def index ffcf8dbc..4bf54837 100644 --- a/templates/protocols/ospfv3/node.def +++ b/templates/protocols/ospfv3/node.def @@ -9,6 +9,7 @@ begin: if [ "$COMMIT_ACTION" != DELETE ]; then -c "no ospf6 router-id" fi vtysh -d ospf6d -c 'sh run' > /opt/vyatta/etc/quagga/ospf6d.conf + sudo vtysh --writeconfig --noerror fi end: if [ "$COMMIT_ACTION" == DELETE ]; then vtysh -c "configure terminal" -c "router ospf6" -c "no router-id" diff --git a/templates/protocols/ripng/node.def b/templates/protocols/ripng/node.def index 6f12edce..ae4e0ebb 100644 --- a/templates/protocols/ripng/node.def +++ b/templates/protocols/ripng/node.def @@ -5,6 +5,7 @@ delete: vtysh -c "configure terminal" -c "no router ripng" end: if [ "$COMMIT_ACTION" != "DELETE" ]; then vtysh -d ripngd -c 'sh run' > /opt/vyatta/etc/quagga/ripngd.conf + sudo vtysh --writeconfig --noerror else rm -f /opt/vyatta/etc/quagga/ripngd.conf fi diff --git a/templates/protocols/static/node.def b/templates/protocols/static/node.def index 0cbd6d1b..0afb363e 100644 --- a/templates/protocols/static/node.def +++ b/templates/protocols/static/node.def @@ -3,6 +3,7 @@ help: Static route parameters end: if [ "$COMMIT_ACTION" != "DELETE" ]; then vtysh -d zebra -c 'sh run' > /opt/vyatta/etc/quagga/zebra.conf + sudo vtysh --writeconfig --noerror else rm -f /opt/vyatta/etc/quagga/zebra.conf fi diff --git a/templates/protocols/static/route/node.tag/dhcp-interface/node.def b/templates/protocols/static/route/node.tag/dhcp-interface/node.def index 7820800b..e1793c08 100644 --- a/templates/protocols/static/route/node.tag/dhcp-interface/node.def +++ b/templates/protocols/static/route/node.tag/dhcp-interface/node.def @@ -1,9 +1,8 @@ type: txt -help: DHCP interface that supplies the next-hop IP address for this static route -allowed: - local -a array ; - array=( /var/lib/dhcp/en* /var/lib/dhcp/eth* /var/lib/dhcp/br* /var/lib/dhcp/bond* ) ; - echo -n ${array[@]##*/} +help: DHCP interface supplying next-hop IP address +val_help: txt; DHCP interface name +allowed: sh -c "${vyos_completion_dir}/list_interfaces.py" +syntax:expression: exec "${vyos_libexec_dir}/validate-value --exec \"${vyos_validators_dir}/interface-name \" --value \'$VAR(@)\'"; "Invalid value" create: sudo /opt/vyatta/sbin/vyatta-update-static-route.pl --interface=$VAR(@) --route=$VAR(../@) --table=main --option=create RIP=$(/opt/vyatta/sbin/vyatta-dhcp-helper.pl --interface=$VAR(@) --want=router) diff --git a/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def b/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def index ee872997..da20f231 100644 --- a/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def +++ b/templates/protocols/vrf/node.tag/static/interface-route/node.tag/next-hop-interface/node.tag/next-hop-vrf/node.def @@ -6,6 +6,10 @@ allowed: local -a params echo -n "${params[@]}" val_help: <vrf> ; Name of VRF to leak to end: + if [ ! -e /sys/class/net/$VAR(@) ] && [ $VAR(@) != "default" ]; then + echo 'VRF "$VAR(@)" does not exist!' + exit 1 + fi if [[ ${COMMIT_ACTION} = 'DELETE' ]] then if ! ${vyatta_sbindir}/vyatta-next-hop-check $VAR(../@) ipv4 address; then diff --git a/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def b/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def index 52f198b1..bf406bb0 100644 --- a/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def +++ b/templates/protocols/vrf/node.tag/static/interface-route6/node.tag/next-hop-interface/node.def @@ -24,6 +24,10 @@ end: fi if [[ -n "$VAR(./next-hop-vrf/@)" ]]; then NEXTHOP_VRF="nexthop-vrf $VAR(./next-hop-vrf/@)" + if [ ! -e /sys/class/net/$NEXTHOP_VRF ] && [ $NEXTHOP_VRF != "default" ]; then + echo 'VRF "$NEXTHOP_VRF" does not exist!' + exit 1 + fi fi vtysh -c "configure terminal" \ diff --git a/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def b/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def index ad3e92a9..c67fe1c4 100644 --- a/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def +++ b/templates/protocols/vrf/node.tag/static/route/node.tag/next-hop/node.tag/next-hop-vrf/node.def @@ -6,6 +6,10 @@ allowed: local -a params echo -n "${params[@]}" val_help: <vrf> ; Name of VRF to leak to end: + if [ ! -e /sys/class/net/$VAR(@) ] && [ $VAR(@) != "default" ]; then + echo 'VRF "$VAR(@)" does not exist!' + exit 1 + fi VRF_NAME=$VAR(../../../../@) if [[ ${COMMIT_ACTION} = 'DELETE' ]] then diff --git a/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def b/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def index 3fb5b798..1c45d0c1 100644 --- a/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def +++ b/templates/protocols/vrf/node.tag/static/route6/node.tag/next-hop/node.def @@ -41,6 +41,10 @@ end: exit 1 fi NEXTHOP_VRF="nexthop-vrf $VAR(./next-hop-vrf/@)" + if [ ! -e /sys/class/net/$NEXTHOP_VRF ] && [ $NEXTHOP_VRF != "default" ]; then + echo 'VRF "$NEXTHOP_VRF" does not exist!' + exit 1 + fi fi vtysh -c "configure terminal" \ |