diff options
Diffstat (limited to 'templates/policy')
69 files changed, 211 insertions, 141 deletions
diff --git a/templates/policy/access-list/node.def b/templates/policy/access-list/node.def index 83216365..4a3ee522 100644 --- a/templates/policy/access-list/node.def +++ b/templates/policy/access-list/node.def @@ -7,8 +7,10 @@ syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 199) || ($VAR(@) >= 1300 && $VAR( <100-199>\tIP extended access list <1300-1999>\tIP standard access list (expanded range) <2000-2699>\tIP extended access list (expanded range)" -comp_help: \1 <1-99>\tIP standard access list - <100-199>\tIP extended access list - <1300-1999>\tIP standard access list (expanded range) - <2000-2699>\tIP extended access list (expanded range) + +val_help: u32:1-99; IP standard access list +val_help: u32:100-199; IP extended access list +val_help: u32:1300-1999; IP standard access list (expanded range) +val_help: u32:2000-2699; IP extended access list (expanded range) + end: /opt/vyatta/sbin/vyatta-policy.pl --update-access-list $VAR(@) diff --git a/templates/policy/access-list/node.tag/rule/node.def b/templates/policy/access-list/node.tag/rule/node.def index 747614b7..77233931 100644 --- a/templates/policy/access-list/node.tag/rule/node.def +++ b/templates/policy/access-list/node.tag/rule/node.def @@ -1,5 +1,5 @@ tag: type: u32 help: Set a rule for this access-list -comp_help: \1 <1-65535>\taccess-list rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535" +val_help: u32:1-65535>; Access-list rule number diff --git a/templates/policy/access-list/node.tag/rule/node.tag/action/node.def b/templates/policy/access-list/node.tag/rule/node.tag/action/node.def index 9861a18c..9567d02d 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/action/node.def @@ -1,5 +1,5 @@ type: txt help: Set action to take on networks matching this rule [REQUIRED] -comp_help: \1 permit\tpermit matching networks - deny\t\tdeny matching networks syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny" +val_help: permit; Permit matching networks +val_help: deny; Deny matching networks diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def index ab9bc4da..814e64c2 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def @@ -1,6 +1,6 @@ type: ipv4 help: Set a single host IP address to match -comp_help: \1 <x.x.x.x>\thost address to match +val_help: Host address to match commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\ policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches" commit:expression: ($VAR(../any/) == "") && ($VAR(../network/) == ""); "\ diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def index 6966a613..25e9fb9b 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def @@ -1,6 +1,6 @@ type: ipv4 help: Set a network/netmask to match (requires network be defined) -comp_help: \1 <x.x.x.x>\tinverse-mask to match +val_help: Inverse-mask to match commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\ policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches" commit:expression: ($VAR(../any/) == "") && ($VAR(../host/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) destination: you may only define one filter type. (host|network|any)" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def index 4df7afa6..5cb86d84 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def @@ -1,6 +1,6 @@ type: ipv4 help: Set a network/netmask to match (requires inverse-mask be defined) -comp_help: \1 <x.x.x.x>\tnetwork to match +val_help: Network to match commit:expression: ($VAR(../../../@) >= 100 && $VAR(../../../@) <= 199) || ($VAR(../../../@) >= 2000 && $VAR(../../../@) <= 2699); "\ policy access-list $VAR(../../../@) rule $VAR(../../@) destination: access-list number must be <100-199> or <2000-2699> to set destination matches" commit:expression: ($VAR(../host/) == "") && ($VAR(../any/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) destination: you may only define one filter type. (host|network|any)" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def index 47177ac8..25e8bb80 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def @@ -1,5 +1,5 @@ type: ipv4 help: Set a single host IP address to match -comp_help: \1 <x.x.x.x>\thost address to match +val_help: Host address to match commit:expression: ($VAR(../any/) == "") && ($VAR(../network/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)" commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def index 64c0fb44..0f5c235b 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def @@ -1,6 +1,7 @@ type: ipv4 help: Set a network/netmask to match (requires network be defined) -comp_help: \1 <x.x.x.x>\tinverse-mask to match +val_help: Inverse-mast to match + commit:expression: ($VAR(../any/) == "") && ($VAR(../host/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)" commit:expression: $VAR(../network/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify a network if you configure an inverse-mask" commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def index c58b4a2c..c2ad6458 100644 --- a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def @@ -1,6 +1,7 @@ type: ipv4 help: Set a network/netmask to match (requires inverse-mask be defined) -comp_help: \1 <x.x.x.x>\tnetwork to match +val_help: Network to match + commit:expression: ($VAR(../host/) == "") && ($VAR(../any/) == ""); "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (host|network|any)" commit:expression: $VAR(../inverse-mask/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an inverse-mask if you configure a network" commit:expression: $VAR(../../action/) != ""; "policy access-list $VAR(../../../@) rule $VAR(../../@) source: you must specify an action" diff --git a/templates/policy/access-list6/node.def b/templates/policy/access-list6/node.def index 01a5f90f..72f7f9e5 100644 --- a/templates/policy/access-list6/node.def +++ b/templates/policy/access-list6/node.def @@ -1,8 +1,7 @@ tag: - type: txt - help: Set IPv6 access-list filter +val_help: Name of IPv6 access-list syntax:expression: pattern $VAR(@) "^[[:graph:]]{1,64}$" ; \ "access-list name must be 64 characters or less" @@ -13,5 +12,3 @@ syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \ end: /opt/vyatta/sbin/vyatta-policy.pl --update-access-list6 "$VAR(@)" -comp_help: possible completions: - <txt> Set name of ipv6 access-list diff --git a/templates/policy/access-list6/node.tag/rule/node.def b/templates/policy/access-list6/node.tag/rule/node.def index 68666a4e..736e1e49 100644 --- a/templates/policy/access-list6/node.tag/rule/node.def +++ b/templates/policy/access-list6/node.tag/rule/node.def @@ -1,11 +1,7 @@ tag: - type: u32 - help: Set a rule for this access-list6 +val_help: u32:1-65535; Access-list6 rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; \ "rule number must be between 1 and 65535" - -comp_help: possible completions: - <1-65535> Set access-list6 rule number diff --git a/templates/policy/access-list6/node.tag/rule/node.tag/action/node.def b/templates/policy/access-list6/node.tag/rule/node.tag/action/node.def index 00d8d511..c6b30231 100644 --- a/templates/policy/access-list6/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/access-list6/node.tag/rule/node.tag/action/node.def @@ -1,9 +1,6 @@ type: txt - help: Set action to take on networks matching this rule [REQUIRED] +val_help: permit; Permit matching networks +val_help: deny; Deny matching networks syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny" - -comp_help: possible completions - permit permit matching networks - deny deny matching networks diff --git a/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def b/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def index 085a59ec..b6758c87 100644 --- a/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def +++ b/templates/policy/access-list6/node.tag/rule/node.tag/source/network/node.def @@ -1,9 +1,6 @@ type: ipv6net - help: Set a network/netmask to match (requires inverse-mask be defined) - -comp_help: possible completions: - <h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length +val_help: IPv6 address and prefix length commit:expression: ($VAR(../any/) == ""); "policy access-list6 $VAR(../../../@) rule $VAR(../../@) source: you may only define one filter type. (network|any)" diff --git a/templates/policy/as-path-list/node.def b/templates/policy/as-path-list/node.def index 3beb59ea..a2713bf1 100644 --- a/templates/policy/as-path-list/node.def +++ b/templates/policy/as-path-list/node.def @@ -1,6 +1,9 @@ tag: type: txt help: Set Border Gateway Protocol (BGP) autonomous system path filter +val_help: AS path list name + syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "as-path-list name must be alpha-numeric" + end: /opt/vyatta/sbin/vyatta-policy.pl --update-aspath-list $VAR(@) -comp_help: \1 <txt>\t\tas-path-list name + diff --git a/templates/policy/as-path-list/node.tag/rule/node.def b/templates/policy/as-path-list/node.tag/rule/node.def index fed3dd56..afd67fe4 100644 --- a/templates/policy/as-path-list/node.tag/rule/node.def +++ b/templates/policy/as-path-list/node.tag/rule/node.def @@ -1,6 +1,7 @@ tag: type: u32 help: Set a rule for this as-path-list -comp_help: \1 <1-65535>\tas-path-list rule number +val_help: u32:1-65535; AS path list rule number + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535" diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def index c7bd4189..ed0a4329 100644 --- a/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def @@ -1,5 +1,6 @@ type: txt help: Set action to take on AS paths matching this rule [REQUIRED] -comp_help: \1 permit\tpermit matching as-paths - deny\t\tdeny matching as-paths +val_help: permit; Permit matching as-paths +val_help: deny; Deny matching as-paths + syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny" diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def index ff44785c..372c6b9b 100644 --- a/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def +++ b/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def @@ -1,6 +1,7 @@ type: txt help: Set regular expression to match against an AS path -comp_help: \1 <aa:nn>\tas-path regular expression (ex: "50:1 6553:1201") +val_help: <aa:nn>; AS path regular expression (ex: "50:1 6553:1201") # TODO: check regex syntax; \ # "invalid chars in regex syntax" + commit:expression: $VAR(../action/@) != ""; "policy as-path-list $VAR(../../@) rule $VAR(../@): You must specify an action" diff --git a/templates/policy/community-list/node.def b/templates/policy/community-list/node.def index e6f9c91e..df10f694 100644 --- a/templates/policy/community-list/node.def +++ b/templates/policy/community-list/node.def @@ -1,10 +1,13 @@ tag: type: u32 help: Set Border Gateway Protocol (BGP) community-list filter + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 500; " community-list must be <1-99>\tBGP community list (standard) <100-500>\tBGP community list (expanded) " -comp_help: \1 <1-99>\tBGP community list (standard) - <100-500>\tBGP community list (expanded) + +val_help: u32:1-99; BGP community list (standard) +val_help: u32:100-500; BGP community list (expanded) + end: /opt/vyatta/sbin/vyatta-policy.pl --update-community-list $VAR(@) diff --git a/templates/policy/community-list/node.tag/rule/node.def b/templates/policy/community-list/node.tag/rule/node.def index 94bb576e..9f2cbb18 100644 --- a/templates/policy/community-list/node.tag/rule/node.def +++ b/templates/policy/community-list/node.tag/rule/node.def @@ -1,5 +1,6 @@ tag: type: u32 help: create a rule for this BGP community list -comp_help: \1 <1-65535>\tcommunity-list rule number +val_help: u32:1-65535; Community-list rule number + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535" diff --git a/templates/policy/community-list/node.tag/rule/node.tag/action/node.def b/templates/policy/community-list/node.tag/rule/node.tag/action/node.def index b8145b68..3fd50c8b 100644 --- a/templates/policy/community-list/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/community-list/node.tag/rule/node.tag/action/node.def @@ -1,5 +1,6 @@ type: txt help: Set action to take on communities matching this rule [REQUIRED] -comp_help: \1 permit\tpermit matching communities - deny\t\tdeny matching communities +val_help: permit; Permit matching communities +val_help: deny; Deny matching communities + syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny" diff --git a/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def b/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def index bee966ff..e8406d6e 100644 --- a/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def +++ b/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def @@ -1,6 +1,7 @@ type: txt help: Set regular expression to match against a community list -comp_help: \1 <txt>\t\tcommunity-list regular expression +val_help: Community list regular expression + syntax:expression: exec " \ if [ $VAR(../../@) -ge 1 ] && [ $VAR(../../@) -le 99 ]; then \ if [ -n \"`echo $VAR(@) | sed 's/[0-9]*:[0-9]*//g' | sed -e 's/internet//g' -e 's/local-AS//g' -e 's/no-advertise//g' -e 's/no-export//g'`\" ]; then \ @@ -8,4 +9,5 @@ if [ $VAR(../../@) -ge 1 ] && [ $VAR(../../@) -le 99 ]; then \ exit 1 ; \ fi ; \ fi ; " + commit:expression: $VAR(../action/@) != ""; "policy community-list $VAR(../../@) rule $VAR(../@): You must specify an action" diff --git a/templates/policy/prefix-list/node.def b/templates/policy/prefix-list/node.def index 64bee643..cb741618 100644 --- a/templates/policy/prefix-list/node.def +++ b/templates/policy/prefix-list/node.def @@ -1,5 +1,6 @@ tag: type: txt help: Set IP prefix-list filter -comp_help: \1 <txt>\tprefix-list list name +val_help: Prefix list name + syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "prefix-list name must be alpha-numeric" diff --git a/templates/policy/prefix-list/node.tag/rule/node.def b/templates/policy/prefix-list/node.tag/rule/node.def index 5b97a5f0..e0d8e866 100644 --- a/templates/policy/prefix-list/node.tag/rule/node.def +++ b/templates/policy/prefix-list/node.tag/rule/node.def @@ -1,10 +1,13 @@ tag: type: u32 help: Set a rule for this prefix-list -comp_help: \1 <1-65535>\tprefix-list rule number +val_help: u32:1-65535; Prefix-list rule number + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535" + commit:expression: $VAR(./prefix/) != ""; "policy prefix-list $VAR(../@) rule $VAR(@): You must specify a prefix" commit:expression: $VAR(./action/) != ""; "policy prefix-list $VAR(../@) rule $VAR(@): You must specify an action" + delete: touch /tmp/protocols-$VAR(../@)-$VAR(@).$PPID ; len=`echo $VAR(@) | awk -F/ '{ print $2 }'` ; if [ -n "$VAR(./ge/@)" ]; then @@ -15,6 +18,7 @@ delete: touch /tmp/protocols-$VAR(../@)-$VAR(@).$PPID ; fi; vtysh -c "configure terminal" \ -c "no ip prefix-list $VAR(../@) seq $VAR(@) $VAR(./action/@) $VAR(./prefix/@) $cond " + end: len=`echo $VAR(./prefix/@) | awk -F/ '{ print $2 }'` ; if [ -n "$VAR(./ge/@)" ]; then if [ $len -ge $VAR(./ge/@) ]; then diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def index 00612d90..1d5d05dc 100644 --- a/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def @@ -1,5 +1,6 @@ type: txt help: Set action to take on prefixes matching this rule [REQUIRED] -comp_help: \1 permit\tpermit matching prefixes - deny\t\tdeny matching prefixes +val_help: permit; Permit matching prefixes +val_help: deny; Deny matching prefixes + syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def index 8e102057..a89204f8 100644 --- a/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def @@ -1,4 +1,5 @@ type: u32 help: Set prefix length to match a netmask greater than or equal to it -comp_help: \1 <0-32>\tnetmask greater than length +val_help: u32:0-32; Netmask greater than length + syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 32; "ge must be between 0 and 32" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def index 56296cf4..5a91bc53 100644 --- a/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def @@ -1,4 +1,5 @@ type: u32 help: Set prefix length to match a netmask less than or equal to it -comp_help: \1 <0-32>\tnetmask less than length +val_help: u32:0-32; Netmask less than length + syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 32; "le must be between 0 and 32" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def index 1581769a..f7e7ef39 100644 --- a/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def @@ -1,3 +1,3 @@ type: ipv4net help: Set a prefix to match -comp_help: \1 <x.x.x.x/x>\tprefix to match against +val_help: Prefix to match against diff --git a/templates/policy/prefix-list6/node.def b/templates/policy/prefix-list6/node.def index 07796eae..728107a8 100644 --- a/templates/policy/prefix-list6/node.def +++ b/templates/policy/prefix-list6/node.def @@ -1,8 +1,6 @@ tag: type: txt help: Set IPv6 prefix-list filter +val_help: Prefix list name syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "prefix-list6 name must be alpha-numeric" - -comp_help: possible completions: - <txt> prefix-list list name diff --git a/templates/policy/prefix-list6/node.tag/rule/node.def b/templates/policy/prefix-list6/node.tag/rule/node.def index bee35245..e5ea49a3 100644 --- a/templates/policy/prefix-list6/node.tag/rule/node.def +++ b/templates/policy/prefix-list6/node.tag/rule/node.def @@ -1,6 +1,7 @@ tag: type: u32 help: Set a rule for this prefix-list6 +val_help: u32:1-65535; Prefix list rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535" @@ -39,6 +40,3 @@ end: len=`echo $VAR(./prefix/@) | awk -F/ '{ print $2 }'` ; -c "ipv6 prefix-list $VAR(../@) seq $VAR(@) $VAR(./action/@) $VAR(./prefix/@) $cond " ; fi; exit 0 ; - -comp_help: possible completions: - <1-65535> prefix-list rule number
\ No newline at end of file diff --git a/templates/policy/prefix-list6/node.tag/rule/node.tag/action/node.def b/templates/policy/prefix-list6/node.tag/rule/node.tag/action/node.def index 479c8100..1da5e2d4 100644 --- a/templates/policy/prefix-list6/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/prefix-list6/node.tag/rule/node.tag/action/node.def @@ -1,8 +1,6 @@ type: txt help: Set action to take on prefixes matching this rule +val_help: permit; Permit matching prefixes +val_help: deny; Deny matching prefixes syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny" - -comp_help: possible completions: - permit permit matching prefixes - deny deny matching prefixes diff --git a/templates/policy/prefix-list6/node.tag/rule/node.tag/ge/node.def b/templates/policy/prefix-list6/node.tag/rule/node.tag/ge/node.def index 729089a3..135e1da9 100644 --- a/templates/policy/prefix-list6/node.tag/rule/node.tag/ge/node.def +++ b/templates/policy/prefix-list6/node.tag/rule/node.tag/ge/node.def @@ -1,7 +1,5 @@ type: u32 help: Set prefix length to match a netmask greater than or equal to it +val_help: u32:0-128; Netmask greater than length syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 128; "ge must be between 0 and 128" - -comp_help: possible completions: - <0-128> netmask greater than length diff --git a/templates/policy/prefix-list6/node.tag/rule/node.tag/le/node.def b/templates/policy/prefix-list6/node.tag/rule/node.tag/le/node.def index 1bb344b9..15c674d3 100644 --- a/templates/policy/prefix-list6/node.tag/rule/node.tag/le/node.def +++ b/templates/policy/prefix-list6/node.tag/rule/node.tag/le/node.def @@ -1,7 +1,5 @@ type: u32 help: Set prefix length to match a netmask less than or equal to it +val_help: u32:0-128; Netmask less than length syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 128; "le must be between 0 and 128" - -comp_help: possible completions: - <0-128> netmask less than length diff --git a/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def b/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def index ff9875dc..a478035d 100644 --- a/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def +++ b/templates/policy/prefix-list6/node.tag/rule/node.tag/prefix/node.def @@ -1,5 +1,3 @@ type: ipv6net help: Set a prefix to match - -comp_help: possible completions: - <h:h:h:h:h:h:h:h/x> Set the IPv6 prefix +val_help: IPv5 prefix diff --git a/templates/policy/route-map/node.def b/templates/policy/route-map/node.def index f90f9006..7d712c1f 100644 --- a/templates/policy/route-map/node.def +++ b/templates/policy/route-map/node.def @@ -1,5 +1,6 @@ tag: type: txt help: Set IP route-map -comp_help: \1 <txt>\t\troute-map name +val_help: Route map name + syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "route-map $VAR(@): name must be alpha-numeric" diff --git a/templates/policy/route-map/node.tag/rule/node.def b/templates/policy/route-map/node.tag/rule/node.def index 2322ebe9..35c7be15 100644 --- a/templates/policy/route-map/node.tag/rule/node.def +++ b/templates/policy/route-map/node.tag/rule/node.def @@ -1,8 +1,10 @@ tag: type: u32 help: Set a rule for this route-map -comp_help: \1 <1-65535>\troute-map rule number +val_help: u32:1-65535; Route-map rule number + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "rule number must be between 1 and 65535" + delete: if [ -f /tmp/route-map-$VAR(../@)-rule-$VAR(@)-action.$PPID ]; then vtysh -c "configure terminal" -c "no route-map $VAR(../@) $VAR(./@/action/@) $VAR(@)"; rm -f /tmp/route-map-$VAR(../@)-rule-$VAR(@)-action.$PPID; diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def index 065b2637..64f5b852 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def @@ -1,8 +1,10 @@ type: txt help: Set action to take on prefixes matching this rule [REQUIRED] -comp_help: \1 permit\tpermit matching prefixes - deny\t\tdeny matching prefixes +val_help: permit; Permit matching prefixes +val_help: deny; Deny matching prefixes + syntax:expression: $VAR(@) in "permit", "deny"; "action must be permit or deny" + update: /opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action "policy route-map $VAR(../../@) rule $VAR(../@) action"; if [ $? -eq 0 ]; then vtysh -c "configure terminal" -c "route-map $VAR(../../@) $VAR(@) $VAR(../@)"; @@ -12,6 +14,7 @@ update: /opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action "policy route- echo -e " \"delete route-map $VAR(../../@) rule $VAR(../@)\" and commit it. \\n"; exit 1; fi; + delete: /opt/vyatta/sbin/vyatta-policy.pl --check-delete-routemap-action "policy route-map $VAR(../../@) rule $VAR(../@)"; if [ $? -eq 0 ]; then touch /tmp/route-map-$VAR(../../@)-rule-$VAR(../@)-action.$PPID ; diff --git a/templates/policy/route-map/node.tag/rule/node.tag/call/node.def b/templates/policy/route-map/node.tag/rule/node.tag/call/node.def index 903f393f..46a41c0f 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/call/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/call/node.def @@ -1,9 +1,12 @@ type: txt help: Set to call another route-map on match -comp_help: \1 <txt>\t\troute-map name +val_help: Route map name + commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $VAR(@)\" "; "policy route-map $VAR(../../@) rule $VAR(../@) call: called route-map $VAR(@) doesn't exist" commit:expression: $VAR(../action/) != ""; "policy route-map $VAR(../../@) rule $VAR(../@): you must define an action" + update: vtysh -c "configure terminal" -c "route-map $VAR(../../@) $VAR(../action/@) $VAR(../@)" \ -c "call $VAR(@)" + delete: vtysh -c "configure terminal" -c "route-map $VAR(../../@) $VAR(../action/@) $VAR(../@)" \ -c "no call " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def b/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def index 2e53e0e0..2e34ed6c 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def @@ -1,12 +1,16 @@ type: u32 help: Set to jump to a different rule in this route-map on a match -comp_help: \1 <1-65535>\trule number +val_help: u32:1-65535; Rule number + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "continue must be between 1 and 65535" + commit:expression: $VAR(@) > $VAR(../@); "you may only continue forward in the route-map" commit:expression: $VAR(../action/) != ""; "policy route-map $VAR(../../@) rule $VAR(../@): you must define an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../@) $VAR(../action/@) $VAR(../@)" \ -c "continue $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../@) $VAR(../action/@) $VAR(../@)" \ -c "no continue " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/as-path/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/as-path/node.def index 8fcf6329..fe249ff1 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/as-path/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/as-path/node.def @@ -1,11 +1,14 @@ type: txt help: Set a BGP as-path-list to match -comp_help: \1 <txt>\t\tas-path-list name +val_help: AS path list name + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): You must specify an action" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy as-path-list $VAR(@)\" "; "policy route-map $VAR(../../../@) rule $VAR(../../@) match as-path: AS path list $VAR(@) doesn't exist" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "match as-path $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no match as-path $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/community-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/community-list/node.def index 4906d07e..bf58724a 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/community/community-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/community-list/node.def @@ -1,5 +1,6 @@ type: u32 help: Set a BGP community-list to match -comp_help: \1 <1-99>\tBGP community list (standard) - <100-500>\tBGP community list (expanded) +val_help: u32:1-99; BGP community list (standard) +val_help: u32:100-500; BGP community list (expanded) + commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $VAR(@)\" "; "policy route-map $VAR(../../../../@) rule $VAR(../../../@) match community: community-list $VAR(@) doesn't exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/interface/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/interface/node.def index 794f2d4d..4e322633 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/interface/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/interface/node.def @@ -1,15 +1,18 @@ type: txt help: Set the first hop interface of a route to match -comp_help: \1 <txt>\t\tinterface name +val_help: Interface name + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): You must specify an action" commit:expression: exec " \ if [ -z \"`ip addr | grep $VAR(@) `\" ]; then \ echo policy route-map $VAR(../../../@) rule $VAR(../../@) match interface: interface $VAR(@) doesn\\'t exist on this system ; \ exit 1 ; \ fi ; " + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "match interface $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no match interface $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def index 6347b93d..7d15a49f 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def @@ -1,11 +1,9 @@ type: u32 help: Set an IP access-list to match - -comp_help: possible completions: - <1-99> IP standard access list number - <100-199> IP extended access list number - <1300-1999> IP standard access list number (expanded range) - <2000-2699> IP extended access list number (expanded range) +val_help: u32:1-99; IP standard access list number +val_help: u32:100-199; IP extended access list number +val_help: u32:1300-1999; IP standard access list number (expanded range) +val_help: u32:2000-2699; IP extended access list number (expanded range) allowed: local -a params params=( /opt/vyatta/config/active/policy/access-list/* ) diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def index 9fc64b12..6f143bec 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def @@ -1,8 +1,6 @@ type: txt help: Set an IP prefix-list to match - -comp_help: possible completions: - <txt> prefix-list name +val_help: Prefix list name allowed: local -a params params=( /opt/vyatta/config/active/policy/prefix-list/* ) diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def index caa58290..568d5ca3 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def @@ -1,15 +1,18 @@ type: u32 help: Set an IP access-list to match -comp_help: \1 <1-99>\tIP standard access list number - <100-199>\tIP extended access list number - <1300-1999>\tIP standard access list number (expanded range) - <2000-2699>\tIP extended access list number (expanded range) +val_help: u32:1-99; IP standard access list number +val_help: u32:100-199; IP extended access list number +val_help: u32:1300-1999; IP standard access list number (expanded range) +val_help: u32:2000-2699; IP extended access list number (expanded range) + commit:expression: $VAR(../prefix-list/) == ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ip nexthop access-list: you may only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ip nexthop access-list: access-list $VAR(@) does not exist" commit:expression: $VAR(../../../../action/) != ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "match ip next-hop $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "no match ip next-hop $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def index 5e13d9a5..832ab55f 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def @@ -1,12 +1,15 @@ type: txt help: Set an IP prefix-list to match -comp_help: \1 <txt>\t\tprefix-list name +val_help: Prefix list name + commit:expression: $VAR(../access-list/) == ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ip nexthop prefix-list: you can only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ip nexthop prefix-list: prefix-list $VAR(@) does not exist" commit:expression: $VAR(../../../../action/) != ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "match ip next-hop prefix-list $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "no match ip next-hop prefix-list $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def index c77f2bb2..c353c0db 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def @@ -1,15 +1,18 @@ type: u32 help: Set an IP access-list to match -comp_help: \1 <1-99>\tIP standard access list number - <100-199>\tIP extended access list number - <1300-1999>\tIP standard access list number (expanded range) - <2000-2699>\tIP extended access list number (expanded range) +val_help: u32:1-99; IP standard access list number +val_help: u32:100-199; IP extended access list number +val_help: u32:1300-1999; IP standard access list number (expanded range) +val_help: u32:2000-2699; IP extended access list number (expanded range) + commit:expression: $VAR(../prefix-list/) == ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ip route-source access-list: you may only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ip route-source access-list: access-list $VAR(@) does not exist" commit:expression: $VAR(../../../../action/) != ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "match ip route-source $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "no match ip route-source $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def index 9d0b9092..adc64356 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def @@ -1,6 +1,6 @@ type: txt help: Set an IP prefix-list to match -comp_help: \1 <txt>\t\tprefix-list name +val_help: Prefix list name commit:expression: $VAR(../access-list/) == ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ip route-source prefix-list: you can only specify a prefix-list or access-list" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/access-list/node.def index 0a51fc26..18157e09 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/access-list/node.def @@ -1,5 +1,6 @@ type: txt help: Set an IPv6 access-list6 to match +val_help: IPV6 access list name allowed: local -a params params=( /opt/vyatta/config/active/policy/access-list6/* ) @@ -18,6 +19,3 @@ update: vtysh -c "configure terminal" \ delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "no match ipv6 address $VAR(@) " - -comp_help: possible completions: - <txt> name of an IPv6 access-list6 diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/prefix-list/node.def index b8537f61..a3aee610 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/address/prefix-list/node.def @@ -1,5 +1,6 @@ type: txt help: Set an IPv6 prefix-list to match +val_help: IPv6 prefix list name allowed: local -a params params=( /opt/vyatta/config/active/policy/prefix-list6/* ) @@ -18,6 +19,3 @@ update: vtysh -c "configure terminal" \ delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "no match ipv6 address prefix-list $VAR(@)" - -comp_help: possible completions: - <txt> prefix-list6 name diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/access-list/node.def index 98410f1c..f24a8fa7 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/access-list/node.def @@ -1,5 +1,6 @@ type: txt help: Set an IPv6 access-list6 to match +val_help: IPv6 access list commit:expression: $VAR(../prefix-list/) == ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ipv6 nexthop access-list: you may only specify a prefix-list or access-list" @@ -14,6 +15,3 @@ update: vtysh -c "configure terminal" \ delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "no match ipv6 next-hop $VAR(@)" - -comp_help: possible completions: - <txt> name of IPv6 access-list6 diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/prefix-list/node.def index aab547ed..189cd3cd 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ipv6/nexthop/prefix-list/node.def @@ -1,5 +1,6 @@ type: txt help: Set an IPv6 prefix-list to match +val_help: IPv6 prefix list name commit:expression: $VAR(../access-list/) == ""; "policy route-map $VAR(../../../../../@) rule $VAR(../../../../@) match ipv6 nexthop prefix-list: you can only specify a prefix-list or access-list" @@ -14,6 +15,3 @@ update: vtysh -c "configure terminal" \ delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)" \ -c "no match ipv6 next-hop prefix-list $VAR(@)" - -comp_help: possible completions: - <txt> prefix-list6 name diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/metric/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/metric/node.def index cf7edf51..799e3876 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/metric/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/metric/node.def @@ -1,11 +1,15 @@ type: u32 help: Set metric of route to match -comp_help: \1 <1-65535>\troute metric +val_help: u32:1-65535; Rrute metric + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "metric must be between 1 and 65535" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "match metric $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no match metric $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/origin/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/origin/node.def index a43d7fb2..66c5762e 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/origin/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/origin/node.def @@ -1,13 +1,17 @@ type: txt help: Set Border Gateway Protocol (BGP) origin code to match -comp_help: \1 egp\t\texterior gateway protocol origin - igp\t\tinterior gateway protocol origin - incomplete\tincomplete origin +val_help: egp; Exterior gateway protocol origin +val_help: igp; Interior gateway protocol origin +val_help: incomplete; Incomplete origin + syntax:expression: $VAR(@) in "egp", "igp", "incomplete"; "origin must be egp, igp, or incomplete" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "match origin $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no match origin $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/peer/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/peer/node.def index da94b0f9..178085fc 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/peer/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/peer/node.def @@ -1,13 +1,16 @@ type: txt help: Set peer address to match -comp_help: \1 <x.x.x.x>\tpeer IP address - local\t\tstatic or redistributed routes +val_help: ipv4; Peer IP address +val_help: local: Static or redistributed routes + syntax:expression: exec "/opt/vyatta/sbin/vyatta-policy.pl --check-peer-syntax $VAR(@)"; "peer must be either an IP or local" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "match peer $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no match peer " - diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def index 29b87acb..21a2c802 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def @@ -1,11 +1,15 @@ type: u32 help: Set route tag to match -comp_help: \1 <1-65535>\troute tag +val_help: u32:1-65535; Route tag + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "tag must be between 1 and 65535" + commit:expression: $VAR(../../action) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "match tag $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no match tag $VAR(@)" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def b/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def index 63164f95..eaef24fb 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def @@ -1,13 +1,17 @@ type: u32 help: Set rule number to goto on match -comp_help: \1 <1-65535>\trule number +val_help: u32:1-65535; Rule number + syntax:expression: $VAR(../next/) == ""; "you may set only goto or next" syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "goto must be a rule number between 1 and 65535" + commit:expression: $VAR(@) > $VAR(../../@); "policy route-map $VAR(../../../@) rule $VAR(../../@): you may only go forward in the route-map" commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "on-match goto $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no on-match goto " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def index 58d82457..9f63f0d3 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def @@ -1,4 +1,5 @@ type: u32 help: Set the AS number of an aggregation -comp_help: \1 <1-65535>\tBGP AS number +val_help: u32:1-65535; BGP AS number + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 4294967294; "BGP AS number must be between 1 and 4294967294" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def index 4edc633e..bfae6d5e 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def @@ -1,3 +1,3 @@ type: ipv4 help: Set the IP address of an aggregation -comp_help: \1 <x.x.x.x>\tIP address +val_help: IP address diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/as-path-prepend/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/as-path-prepend/node.def index 2b41c884..39da12bf 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/as-path-prepend/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/as-path-prepend/node.def @@ -1,11 +1,15 @@ type: txt help: Set prepend string for a Border Gateway Protocol (BGP) AS-path attribute -comp_help: \1 <txt>\t\tBGP AS path prepend string (ex: "456 64500 45001") +val_help: BGP AS path prepend string (ex: "456 64500 45001") + syntax:expression: exec "/opt/vyatta/sbin/vyatta-check-as-prepend.pl \"$VAR(@)\" "; "invalid AS path string" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set as-path prepend $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set as-path prepend " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def index 43476a24..5a969077 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def @@ -1,5 +1,6 @@ type: u32 help: Set BGP communities with a community-list -comp_help: \1 <1-99>\t\tBGP community list (standard) - <100-500>\t\tBGP community list (expanded) +val_help: u32:1-99; BGP community list (standard) +val_help: u32:100-500; BGP community list (expanded) + commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $VAR(@)\""; "policy route-map $VAR(../../../@) rule $VAR(../../@) set comm-list: community list $VAR(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/community/node.def index 8ac47b4b..685b23d8 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/community/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/community/node.def @@ -1,11 +1,10 @@ type: txt help: Set the Border Gateway Protocl (BGP) community attribute -comp_help: \1 <AA:NN>\tcommunity in 4 octet AS:value format - local-AS\t\tadvertise communities in local AS only (NO_EXPORT_SUBCONFED) - no-advertise\tdon't advertise this route to any peer (NO_ADVERTISE) - no-export\t\tdon't advertise outside of this AS of confederation boundry (NO_EXPORT) - internet\t\tsymbolic Internet community 0 - The above maybe prefixed by "additive " +val_help: <AA:NN>; Community in 4 octet AS:value format +val_help: local-AS; Advertise communities in local AS only (NO_EXPORT_SUBCONFED) +val_help: no-advertise; Don't advertise this route to any peer (NO_ADVERTISE) +val_help: no-export; Don't advertise outside of this AS of confederation boundry (NO_EXPORT) +val_help: internet; Symbolic Internet community 0 allowed:echo "none local-AS no-advertise no-export internet" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/ip-next-hop/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/ip-next-hop/node.def index e39866d0..1f2b8fcb 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/ip-next-hop/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/ip-next-hop/node.def @@ -1,11 +1,14 @@ type: ipv4 help: Set nexthop IP address -comp_help: \1 <x.x.x.x>\tIP address +val_help: IP address + # TODO: can also set to peer for BGP commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set ip next-hop $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set ip next-hop " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/local-preference/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/local-preference/node.def index b643391e..3a9bee60 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/local-preference/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/local-preference/node.def @@ -1,10 +1,13 @@ type: u32 help: Set Border Gateway Protocol (BGP) local preference attribute -comp_help: \1 <0-4294967295>\tlocal preference value +val_help: Local preference value + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set local-preference $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set local-preference " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/metric-type/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/metric-type/node.def index 633ea289..ffade540 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/metric-type/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/metric-type/node.def @@ -1,12 +1,16 @@ type: txt help: Set Open Shortest Path First (OSPF) external metric-type -comp_help: \1 type-1\tOSPF external type 1 metric - type-2\tOSPF external type 2 metric +val_help: type-1; OSPF external type 1 metric +val_help: type-2; OSPF external type 2 metric + syntax:expression: $VAR(@) in "type-1", "type-2"; "Must be (type-1, type-2)" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set metric-type $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set metric-type " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def index be83a312..bd5e0d3c 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def @@ -1,12 +1,16 @@ type: txt help: Set destination routing protocol metric -comp_help: \1 <+/-metric>\tadd or subtract metric - <0-4294967295>\tmetric value +val_help: <+/-metric>; Add or subtract metric +val_help: u32:0-4294967295; Metric value + syntax:expression: exec "if [ -n \"$(echo $VAR(@) | sed 's/^[+-]*[0123456789]*//')\" ]; then exit 1; fi; "; "metric must be an integer with an optional +/- prepend" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set metric $VAR(@)" + delete: vtysh --noerror -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set metric " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/origin/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/origin/node.def index d84c002c..aa5c0e5c 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/origin/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/origin/node.def @@ -1,13 +1,18 @@ type: txt help: Set Border Gateway Protocl (BGP) origin code -comp_help: \1 igp\t\tinterior gateway protocol origin - egp\t\texterior gateway protocol origin - incomplete\tincomplete origin +val_help: igp; Interior gateway protocol origin +val_help: egp; Exterior gateway protocol origin +val_help: incomplete; Incomplete origin +allowed: echo "igp egp incomplete" + syntax:expression: $VAR(@) in "igp", "egp", "incomplete"; "origin must be one of igp, egp, or incomplete" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set origin $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set origin " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/originator-id/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/originator-id/node.def index 1f54bb5e..c1807d16 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/originator-id/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/originator-id/node.def @@ -1,10 +1,13 @@ type: ipv4 help: Set Border Gateway Protocol (BGP) originator ID attribute -comp_help: \1 <x.x.x.x>\toriginator IP address +val_help: Orignator IP address + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set originator-id $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set originator-id " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/tag/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/tag/node.def index 3a30051d..f6e5ad5d 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/tag/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/tag/node.def @@ -1,11 +1,15 @@ type: u32 help: Set tag value for routing protocol -comp_help: \1 <1-65535>\t\ttag value +val_help: u32:1-65535; Tag value + syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "tag must be between 1 and 65535" + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set tag $VAR(@)" + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set tag " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/weight/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/weight/node.def index 7f831ca7..3fe1fe56 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/weight/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/weight/node.def @@ -1,10 +1,13 @@ type: u32 help: Set Border Gateway Protocol (BGP) weight attribute -comp_help: \1 <0-4294967295>\tBGP weight +val_help: BGP weight + commit:expression: $VAR(../../action/) != ""; "policy route-map $VAR(../../../@) rule $VAR(../../@): you must specify an action" + update: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "set weight $VAR(@) " + delete: vtysh -c "configure terminal" \ -c "route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)" \ -c "no set weight " |