diff options
Diffstat (limited to 'templates/policy')
82 files changed, 557 insertions, 0 deletions
diff --git a/templates/policy/access-list/node.def b/templates/policy/access-list/node.def new file mode 100644 index 00000000..b97eb0a6 --- /dev/null +++ b/templates/policy/access-list/node.def @@ -0,0 +1,14 @@ +tag: +type: u32 +help: "access-list number must be \n \ + <1-99> IP standard access list \n \ + <100-199> IP extended access list \n \ + <1300-1999> IP standard access list (expanded range) \n \ + <2000-2699> IP extended access list (expanded range) \n " +syntax: ($(@) >= 1 && $(@) <= 199) || ($(@) >= 1300 && $(@) <= 2699); \ +"access-list number must be \n \ + <1-99> IP standard access list \n \ + <100-199> IP extended access list \n \ + <1300-1999> IP standard access list (expanded range) \n \ + <2000-2699> IP extended access list (expanded range) \n " +end: "/opt/vyatta/sbin/vyatta_policy.pl --update-access-list $(@)" diff --git a/templates/policy/access-list/node.tag/description/node.def b/templates/policy/access-list/node.tag/description/node.def new file mode 100644 index 00000000..c5b70286 --- /dev/null +++ b/templates/policy/access-list/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "access-list description" diff --git a/templates/policy/access-list/node.tag/rule/node.def b/templates/policy/access-list/node.tag/rule/node.def new file mode 100644 index 00000000..fb9ca24a --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.def @@ -0,0 +1,4 @@ +tag: +type: u32 +help: "Specify access-list rule number" +syntax: $(@) >= 1 && $(@) <= 65535; "rule number must be between 1 and 65535" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/action/node.def b/templates/policy/access-list/node.tag/rule/node.tag/action/node.def new file mode 100644 index 00000000..bca61186 --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/action/node.def @@ -0,0 +1,3 @@ +type: txt +help: "action to take on packets matching this rule" +syntax: $(@) in "permit", "deny"; "must be permit or deny" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/description/node.def b/templates/policy/access-list/node.tag/rule/node.tag/description/node.def new file mode 100644 index 00000000..3d61ac85 --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "description for this rule" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def new file mode 100644 index 00000000..6dbee23b --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/any/node.def @@ -0,0 +1,9 @@ +help: "filter any IP address" +# TODO: won't work until 2220 is fixed +syntax: $(../host/@) == "" && $(../network/@) == ""; "You may only define one filter type. (host|network|any)" +# TODO: pending 2284 +syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \ +To set destination filter parameters, the access-list rule number must be \n \ + <100-199> IP extended access list \n \ + <2000-2699> IP extended access list (expanded range) \n" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def new file mode 100644 index 00000000..993c64ea --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/host/node.def @@ -0,0 +1,9 @@ +type: ipv4 +help: "filter a host IP address" +syntax: $(../any/@) == "" && $(../network/@) == ""; "You may only define one filter type. (host|network|any)" +# TODO: pending 2284 +syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \ +To set destination filter parameters, the access-list rule number must be \n \ + <100-199> IP extended access list \n \ + <2000-2699> IP extended access list (expanded range) \n" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def new file mode 100644 index 00000000..37bbc95a --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/inverse-mask/node.def @@ -0,0 +1,10 @@ +type: ipv4 +help: "filter a network IP netmask" +syntax: $(../any/@) == "" && $(../host/@) == ""; "You may only define one filter type. (host|network|any)" +# TODO: pending 2284 +syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \ +To set destination filter parameters, the access-list rule number must be \n \ + <100-199> IP extended access list \n \ + <2000-2699> IP extended access list (expanded range) \n" +commit: $(../network/@) != ""; "You must specify a network before committing" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def new file mode 100644 index 00000000..c016170f --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/network/node.def @@ -0,0 +1,10 @@ +type: ipv4 +help: "filter a network IP address" +syntax: $(../host/@) != "" || $(../any/@) != ""; "You may only define one filter type. (host|network|any)" +# TODO: pending 2284 +syntax: ($(../../@) >= 100 && $(../../@) <= 199) || ($(../../@) >= 2000) && $(../../@) <= 2699); " \ +To set destination filter parameters, the access-list rule number must be \n \ + <100-199> IP extended access list \n \ + <2000-2699> IP extended access list (expanded range) \n" +commit: $(../inverse-mask/@) != ""; "You must specify an inverse-mask before comitting" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/destination/node.def b/templates/policy/access-list/node.tag/rule/node.tag/destination/node.def new file mode 100644 index 00000000..21f3005a --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/destination/node.def @@ -0,0 +1 @@ +help: "define a destination address or network filter" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def new file mode 100644 index 00000000..34c30831 --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/any/node.def @@ -0,0 +1,4 @@ +help: "filter any IP address" +# TODO: won't work until 2220 is fixed +syntax: $(../host/@) == "" && $(../network/@) == ""; "You may only define one filter type. (host|network|any)" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def new file mode 100644 index 00000000..5b1b6257 --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/host/node.def @@ -0,0 +1,4 @@ +type: ipv4 +help: "filter a host IP address" +syntax: $(../any/@) == "" && $(../network/@) == ""; "You may only define one filter type. (host|network|any)" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def new file mode 100644 index 00000000..8b77960d --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/inverse-mask/node.def @@ -0,0 +1,5 @@ +type: ipv4 +help: "filter a network IP netmask" +syntax: $(../any/@) == "" || $(../host/@) == ""; "You may only define one filter type. (host|network|any)" +commit: $(../network/@) != ""; "You must specify a network before committing" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def new file mode 100644 index 00000000..f95182ac --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/network/node.def @@ -0,0 +1,5 @@ +type: ipv4 +help: "filter a network IP address" +syntax: $(../host/@) == "" && $(../any/@) == ""; "You may only define one filter type. (host|network|any)" +commit: $(../inverse-mask/@) != ""; "You must specify an inverse-mask before comitting" +commit: $(../../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/access-list/node.tag/rule/node.tag/source/node.def b/templates/policy/access-list/node.tag/rule/node.tag/source/node.def new file mode 100644 index 00000000..69a6c7b4 --- /dev/null +++ b/templates/policy/access-list/node.tag/rule/node.tag/source/node.def @@ -0,0 +1 @@ +help: "define a source address or network filter" diff --git a/templates/policy/as-path-list/node.def b/templates/policy/as-path-list/node.def new file mode 100644 index 00000000..04ba5e7b --- /dev/null +++ b/templates/policy/as-path-list/node.def @@ -0,0 +1,5 @@ +tag: +type: txt +help: "BGP autonomous system path filter" +syntax: pattern $(@) "^[-a-zA-Z0-9.]+$" ; "as-path-list name must be alpha-numeric" +end: "/opt/vyatta/sbin/vyatta_policy.pl --update-aspath-list $(@)" diff --git a/templates/policy/as-path-list/node.tag/description/node.def b/templates/policy/as-path-list/node.tag/description/node.def new file mode 100644 index 00000000..1d708acb --- /dev/null +++ b/templates/policy/as-path-list/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "as-path-list description" diff --git a/templates/policy/as-path-list/node.tag/rule/node.def b/templates/policy/as-path-list/node.tag/rule/node.def new file mode 100644 index 00000000..3a0c33bd --- /dev/null +++ b/templates/policy/as-path-list/node.tag/rule/node.def @@ -0,0 +1,4 @@ +tag: +type: u32 +help: "Specify as-path-list rule number" +syntax: $(@) >= 1 && $(@) <= 65535; "rule number must be between 1 and 65535" diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def new file mode 100644 index 00000000..26f6c631 --- /dev/null +++ b/templates/policy/as-path-list/node.tag/rule/node.tag/action/node.def @@ -0,0 +1,3 @@ +type: txt +help: "action to take on AS paths matching this rule" +syntax: $(@) in "permit", "deny"; "action must be permit or deny" diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def new file mode 100644 index 00000000..3d61ac85 --- /dev/null +++ b/templates/policy/as-path-list/node.tag/rule/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "description for this rule" diff --git a/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def b/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def new file mode 100644 index 00000000..39cc3615 --- /dev/null +++ b/templates/policy/as-path-list/node.tag/rule/node.tag/regex/node.def @@ -0,0 +1,5 @@ +type: txt +help: "AS path regular expression" +# TODO: check regex syntax; \ +# "invalid chars in regex syntax" +commit: $(../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/community-list/node.def b/templates/policy/community-list/node.def new file mode 100644 index 00000000..812dd436 --- /dev/null +++ b/templates/policy/community-list/node.def @@ -0,0 +1,8 @@ +tag: +type: u32 +help: "Add a community list entry" +syntax: $(@) >= 1 && $(@) <= 500; " \ +community-list must be \ + <1-99> Community list number (standard) \ + <100-500> Community list number (expanded) " +end: "/opt/vyatta/sbin/vyatta_policy.pl --update-community-list $(@)" diff --git a/templates/policy/community-list/node.tag/description/node.def b/templates/policy/community-list/node.tag/description/node.def new file mode 100644 index 00000000..c6f76be3 --- /dev/null +++ b/templates/policy/community-list/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "community-list description" diff --git a/templates/policy/community-list/node.tag/rule/node.def b/templates/policy/community-list/node.tag/rule/node.def new file mode 100644 index 00000000..3a0c33bd --- /dev/null +++ b/templates/policy/community-list/node.tag/rule/node.def @@ -0,0 +1,4 @@ +tag: +type: u32 +help: "Specify as-path-list rule number" +syntax: $(@) >= 1 && $(@) <= 65535; "rule number must be between 1 and 65535" diff --git a/templates/policy/community-list/node.tag/rule/node.tag/action/node.def b/templates/policy/community-list/node.tag/rule/node.tag/action/node.def new file mode 100644 index 00000000..92e66ad2 --- /dev/null +++ b/templates/policy/community-list/node.tag/rule/node.tag/action/node.def @@ -0,0 +1,3 @@ +type: txt +help: "action to take on communities matching this rule" +syntax: $(@) in "permit", "deny"; "action must be permit or deny" diff --git a/templates/policy/community-list/node.tag/rule/node.tag/description/node.def b/templates/policy/community-list/node.tag/rule/node.tag/description/node.def new file mode 100644 index 00000000..3d61ac85 --- /dev/null +++ b/templates/policy/community-list/node.tag/rule/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "description for this rule" diff --git a/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def b/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def new file mode 100644 index 00000000..6b116123 --- /dev/null +++ b/templates/policy/community-list/node.tag/rule/node.tag/regex/node.def @@ -0,0 +1,11 @@ +type: txt +help: "community list regular expression" +# pending bug 2285 +syntax: exec " \ +if [ $(../../@) -ge 1 ] && [ $(../../@) -le 99 ]; then \ + if [ -n \"`echo $(@) | sed 's/[0-9]*:[0-9]*//g' | sed -e 's/internet//g' -e 's/local-AS//g' -e 's/no-advertise//g' -e 's/no-export//g'`\" ]; then \ + echo regex $(@) is invalid for a standard community list; \ + exit 1 ; \ + fi ; \ +fi ; " +commit: $(../action/@) != ""; "You must specify an action before committing" diff --git a/templates/policy/node.def b/templates/policy/node.def new file mode 100644 index 00000000..56991078 --- /dev/null +++ b/templates/policy/node.def @@ -0,0 +1 @@ +help: "configure routing policy" diff --git a/templates/policy/prefix-list/node.def b/templates/policy/prefix-list/node.def new file mode 100644 index 00000000..de9d34ab --- /dev/null +++ b/templates/policy/prefix-list/node.def @@ -0,0 +1,4 @@ +tag: +type: txt +help: "Add a prefix list entry" +syntax: pattern $(@) "^[-a-zA-Z0-9.]+$" ; "prefix-list name must be alpha-numeric" diff --git a/templates/policy/prefix-list/node.tag/description/node.def b/templates/policy/prefix-list/node.tag/description/node.def new file mode 100644 index 00000000..effa9577 --- /dev/null +++ b/templates/policy/prefix-list/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "prefix-list description" diff --git a/templates/policy/prefix-list/node.tag/rule/node.def b/templates/policy/prefix-list/node.tag/rule/node.def new file mode 100644 index 00000000..7750cba9 --- /dev/null +++ b/templates/policy/prefix-list/node.tag/rule/node.def @@ -0,0 +1,35 @@ +tag: +type: u32; "prefix-list rule number must be an integer" +help: "Specify prefix-list rule number" +delete: "touch /tmp/protocols-$(../@)-$(@).\\$PPID \ + LEN=`echo $(@) | awk -F/ '{ print \\$2 }'` ; \ + if [ -n \"$(./ge/@)\" ]; then \ + COND=\"ge $(./ge/@) \"; + fi; + if [ -n \"$(./le/@)\" ] && [ $(./le/@) -ne 32 ]; then \ + COND=\"\\$COND le $(./le/@) \"; \ + fi; \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"no ip prefix-list $(../@) seq $(@) $(./action/@) $(./prefix/@) \\$COND \" " +end: "LEN=`echo $(@) | awk -F/ '{ print \\$2 }'` ; \ + if [ -n \"$(./ge/@)\" ]; then \ + if [ \\$LEN -le $(./ge/@) ]; then \ + echo ge must be greater than prefix length ;\ + exit 1 ; \ + fi ; \ + COND=\"ge $(./ge/@) \"; + fi; + if [ -n \"$(./le/@)\" ] && [ $(./le/@) -ne 32 ]; then \ + if [ $(./le/@) -le $(./ge/@) ]; then \ + echo le must be greater than or equal to ge ; \ + exit 1 ; \ + fi ; \ + COND=\"\\$COND le $(./le/@) \"; \ + fi; \ + if [ -f \"/tmp/protocols-$(../@)-$(@).\\$PPID\" ]; then \ + rm -f \"protocols-$(../@)-$(@).\\$PPID\" ; \ + else \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"ip prefix-list $(../@) seq $(@) $(./action/@) $(./prefix/@) \\$COND \" ; \ + fi ; \ + exit 0 ; " diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def new file mode 100644 index 00000000..4eada21b --- /dev/null +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/action/node.def @@ -0,0 +1,3 @@ +type: txt +help: "action to take on prefixes matching this rule" +syntax: $(@) in "permit", "deny"; "action must be permit or deny" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def new file mode 100644 index 00000000..3d61ac85 --- /dev/null +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "description for this rule" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def new file mode 100644 index 00000000..638c2b61 --- /dev/null +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/ge/node.def @@ -0,0 +1,3 @@ +type: u32 +help: "prefix greater than or equal to" +syntax: $(@) >= 0 && $(@) <= 32; "ge must be between 0 and 32" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def new file mode 100644 index 00000000..e83ae034 --- /dev/null +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/le/node.def @@ -0,0 +1,3 @@ +type: u32 +help: "prefix less than or equal to" +syntax: $(@) >= 0 && $(@) <= 32; "le must be between 0 and 32" diff --git a/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def new file mode 100644 index 00000000..ed167d00 --- /dev/null +++ b/templates/policy/prefix-list/node.tag/rule/node.tag/prefix/node.def @@ -0,0 +1,2 @@ +type: ipv4net; "prefix-list $(../../@) rule $(../@) prefix: must be an IPv4 prefix" +help: "prefix to match against this rule" diff --git a/templates/policy/route-map/node.def b/templates/policy/route-map/node.def new file mode 100644 index 00000000..9b5a830b --- /dev/null +++ b/templates/policy/route-map/node.def @@ -0,0 +1,5 @@ +tag: +type: txt +help: "Create route-map or enter route-map command mode" +syntax: pattern $(@) "^[-a-zA-Z0-9.]+$" ; "route-map $(@): name must be alpha-numeric" +delete: "/opt/vyatta/sbin/vtysh -c\"configure terminal\" -c\"no route-map $(@)\" " diff --git a/templates/policy/route-map/node.tag/description/node.def b/templates/policy/route-map/node.tag/description/node.def new file mode 100644 index 00000000..b43c9b77 --- /dev/null +++ b/templates/policy/route-map/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "route-map description" diff --git a/templates/policy/route-map/node.tag/rule/node.def b/templates/policy/route-map/node.tag/rule/node.def new file mode 100644 index 00000000..b59435f0 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.def @@ -0,0 +1,4 @@ +tag: +type: u32 +help: "Specify route-map rule number" +syntax: $(@) >= 1 && $(@) <= 65535; "route-map $(../@): rule number $(@) must be between 1 and 65535" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def new file mode 100644 index 00000000..f594fdb6 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def @@ -0,0 +1,6 @@ +type: txt +help: "action to take on prefixes matching this rule" +syntax: $(@) in "permit", "deny"; "route-map $(../../@) $(@) $(../@) action: must be permit or deny" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" -c \"route-map $(../../@) $(@) $(../@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" -c \"route-map $(../../@) $(@) $(../@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" -c \"no route-map $(../../@) $(@) $(../@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/call/node.def b/templates/policy/route-map/node.tag/rule/node.tag/call/node.def new file mode 100644 index 00000000..bfddaec9 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/call/node.def @@ -0,0 +1,10 @@ +type: txt +help: "Target route-map name" +syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy route-map $(@)\"; "route-map $(@) doesn't exist" +commit: $(../action/@); "must define an action for route-map $(../../@) rule $(../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" -c \"route-map $(../../@) $(../action/@) $(../@)\" \ + -c \"call $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" -c \"route-map $(../../@) $(../action/@) $(../@)\" \ + -c \"call $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" -c \"route-map $(../../@) $(../action/@) $(../@)\" \ + -c \"no call \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def b/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def new file mode 100644 index 00000000..e26d72c8 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/continue/node.def @@ -0,0 +1,3 @@ +type: u32 +help: "Continue on a different entry within the route-map" +syntax: $(@) >= 1 && $(@) <= 65535; "continue must be between 1 and 65535" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/description/node.def b/templates/policy/route-map/node.tag/rule/node.tag/description/node.def new file mode 100644 index 00000000..146d4535 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: "route-map rule description" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/as-path/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/as-path/node.def new file mode 100644 index 00000000..1054bdb5 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/as-path/node.def @@ -0,0 +1,13 @@ +type: txt +help: "Match BGP AS path list" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy as-path-list $(@)\"; "aspath-list $(@) doesn't exist" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match as-path $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match as-path $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no match as-path $(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/community-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/community-list/node.def new file mode 100644 index 00000000..6e6687fe --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/community-list/node.def @@ -0,0 +1,3 @@ +type: txt +help: "Match community list" +commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $(@)\"; "community-list $(@) doesn't exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/exact-match/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/exact-match/node.def new file mode 100644 index 00000000..439b06bb --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/exact-match/node.def @@ -0,0 +1 @@ +help: "Do exact matching of communities" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def new file mode 100644 index 00000000..64c477ad --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def @@ -0,0 +1,19 @@ +help: "Match BGP community list" +delete: "touch /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-match-community.\\$PPID" +end: "if [ -z \"$(./community-list/)\" ]; then \ + echo You must configure a community-list ; \ + exit 1 ; \ + fi ; \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no match community \" ; \ + if [ -f \"/tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-match-community.\\$PPID\" ]; then \ + rm -rf /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-match-community.\\$PPID; \ + else \ + if [ -n \"$(./exact-match/)\" ]; then \ + COND=\"exact-match \"; \ + fi ; \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match community $(./community-list/@) \\$COND\" ; \ + fi; " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/interface/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/interface/node.def new file mode 100644 index 00000000..2db98b6c --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/interface/node.def @@ -0,0 +1,18 @@ +type: txt +help: "Match first hop interface of route" +# TODO: this node isn't returning an error, but it also isn't adding anything to vyatta +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +syntax: exec " \ + if [ -z \"`ip addr | grep $(@) `\" ]; then \ + echo $(@) doesn\\'t exist on this system ; \ + exit 1 ; \ + fi ; " +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match interface $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match interface $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no match interface $(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def new file mode 100644 index 00000000..fae2c56c --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "IP access-list number" +syntax: $(../prefix-list/@) == ""; "You can only specify a prefix-list or access-list" +syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\"; "access-list $(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/node.def new file mode 100644 index 00000000..d37d5622 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/node.def @@ -0,0 +1 @@ +help: "Match address of route" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def new file mode 100644 index 00000000..1cf23475 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "IP access-list number" +syntax: $(../access-list/@) == ""; "You can only specify a prefix-list or access-list" +syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\"; "prefix-list $(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def new file mode 100644 index 00000000..fae2c56c --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "IP access-list number" +syntax: $(../prefix-list/@) == ""; "You can only specify a prefix-list or access-list" +syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\"; "access-list $(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/node.def new file mode 100644 index 00000000..f7fbc26c --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/node.def @@ -0,0 +1 @@ +help: "Match nexthop of route" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def new file mode 100644 index 00000000..1cf23475 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "IP access-list number" +syntax: $(../access-list/@) == ""; "You can only specify a prefix-list or access-list" +syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\"; "prefix-list $(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/node.def new file mode 100644 index 00000000..ce13dd49 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/node.def @@ -0,0 +1 @@ +help: "IP information" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def new file mode 100644 index 00000000..fae2c56c --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "IP access-list number" +syntax: $(../prefix-list/@) == ""; "You can only specify a prefix-list or access-list" +syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $(@)\"; "access-list $(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/node.def new file mode 100644 index 00000000..61fc71bf --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/node.def @@ -0,0 +1 @@ +help: "Match route-source of route" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def new file mode 100644 index 00000000..1cf23475 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def @@ -0,0 +1,4 @@ +type: u32 +help: "IP access-list number" +syntax: $(../access-list/@) == ""; "You can only specify a prefix-list or access-list" +syntax: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $(@)\"; "prefix-list $(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/metric/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/metric/node.def new file mode 100644 index 00000000..6b7dcab7 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/metric/node.def @@ -0,0 +1,13 @@ +type: u32; "route-map $(../../../@) $(../../action/@) $(../../@) metric: must be an integer" +help: "Match metric of route" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match metric $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match metric $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no match metric $(@)\" " + diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/origin/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/origin/node.def new file mode 100644 index 00000000..84ecc6e4 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/origin/node.def @@ -0,0 +1,14 @@ +type: txt +help: "BGP origin code" +syntax: $(@) in "egp", "igp", "incomplete"; "origin must be egp, igp, or incomplete" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match origin $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match origin $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no match origin $(@)\" " + diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/peer/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/peer/node.def new file mode 100644 index 00000000..a71801c7 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/peer/node.def @@ -0,0 +1,14 @@ +type: txt +help: "Match peer address" +syntax: exec "/opt/vyatta/sbin/vyatta_policy.pl --check-peer-syntax $(@)"; "peer must be either an IP or local" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match peer $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match peer $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no match peer \" " + diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def new file mode 100644 index 00000000..14d0c0f9 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/tag/node.def @@ -0,0 +1,14 @@ +type: u32 +help: "Match tag of route" +syntax: $(@) >= 1 && $(@) <= 65535; "tag must be between 1 and 65535" +commit: $(../../action/@); "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match tag $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match tag $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no match tag $(@)\" " + diff --git a/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def b/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def new file mode 100644 index 00000000..d4fc4dfc --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/on-match/goto/node.def @@ -0,0 +1,14 @@ +type: u32 +help: "Goto sequence number" +syntax: $(../next/@) != ""; "you can set only goto or next" +syntax: $(@) >= 1 && $(@) <= 65535; "tag must be between 1 and 65535" +commit: $(../../action/@); "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"on-match goto $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"on-match goto $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no on-match goto $(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def b/templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def new file mode 100644 index 00000000..eaffea3c --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/on-match/next/node.def @@ -0,0 +1,13 @@ +help: "Goto next sequence number" +syntax: $(../goto/@) != ""; "you can set only goto or next" +commit: $(../../action/@); "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"on-match next \" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"on-match next \" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no on-match next \" " + diff --git a/templates/policy/route-map/node.tag/rule/node.tag/on-match/node.def b/templates/policy/route-map/node.tag/rule/node.tag/on-match/node.def new file mode 100644 index 00000000..22ea4938 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/on-match/node.def @@ -0,0 +1,2 @@ +help: "Exit policy on matches" + diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def new file mode 100644 index 00000000..74b860d2 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/as/node.def @@ -0,0 +1,3 @@ +type: u32 +help: "AS number of aggregator" +syntax: $(@) >= 1 && $(@) <= 65535; "AS number must be between 1 and 65535" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def new file mode 100644 index 00000000..1bfbe125 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/ip/node.def @@ -0,0 +1,3 @@ +type: ipv4 +help: "IP address of aggregator" +syntax: $(@) >= 1 && $(@) <= 65535; "AS number must be between 1 and 65535" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def new file mode 100644 index 00000000..f86cfe5d --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/aggregator/node.def @@ -0,0 +1,16 @@ +help: "BGP aggregator attribute" +delete: "touch /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID" +end: "if [ -z \"$(./as/)\" ] || [ -z \"$(./ip/)\" ]; then \ + echo You must configure as and ip ; \ + exit 1 ; \ + fi ; \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set aggregator \" ; \ + if [ -f \"/tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID\" ]; then \ + rm -rf /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-aggregator.\\$PPID; \ + else \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"match community $(./as/@) $(./ip/@)\" ; \ + fi; " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/as-path-prepend/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/as-path-prepend/node.def new file mode 100644 index 00000000..9e602cb2 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/as-path-prepend/node.def @@ -0,0 +1,12 @@ +type: txt; +help: "Prepend string for a BGP AS-path attribute" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set as-path prepend $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set as-path prepend $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set as-path prepend \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/atomic-aggregate/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/atomic-aggregate/node.def new file mode 100644 index 00000000..233ee4a5 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/atomic-aggregate/node.def @@ -0,0 +1,11 @@ +help: "BGP atomic aggregate attribute" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set atomic-aggregate\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set atomic-aggregate\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set atomic-aggregate\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def new file mode 100644 index 00000000..a8e1029e --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def @@ -0,0 +1,3 @@ +type: txt +help: "set BGP community list" +commit: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $(@)\"; "community list $(@) does not exist" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/delete/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/delete/node.def new file mode 100644 index 00000000..f8ca6637 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/delete/node.def @@ -0,0 +1 @@ +help: "Delete matching communities" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def new file mode 100644 index 00000000..613897fd --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def @@ -0,0 +1,19 @@ +help: "set BGP community list" +delete: "touch /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-comm-list.\\$PPID" +end: "if [ -z \"$(./comm-list/)\" ]; then \ + echo You must configure a comm-list ; \ + exit 1 ; \ + fi ; \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set comm-list \" ; \ + if [ -f \"/tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-comm-list.\\$PPID\" ]; then \ + rm -rf /tmp/policy-route-map-$(../../../@)-$(../../action/@)-$(../../@)-set-comm-list.\\$PPID; \ + else \ + if [ -n \"$(./delete/)\" ]; then \ + COND=\"delete\" ; \ + fi ; \ + /opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set comm-list $(./comm-list/@) \\$COND\" ; \ + fi; " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/community/node.def new file mode 100644 index 00000000..ccac5e10 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/community/node.def @@ -0,0 +1,13 @@ +type: txt +help: "Community number in aa:nn format or local-AS|no-advertise|no-export|internet|additive or none" +# TODO: check syntax +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set community $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set community $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set community \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/ip-next-hop/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/ip-next-hop/node.def new file mode 100644 index 00000000..ff440e80 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/ip-next-hop/node.def @@ -0,0 +1,13 @@ +type: ipv4 +help: "Next hop IP address" +# TODO: can also set to peer for BGP +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set ip next-hop $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set ip next-hop $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set ip next-hop \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/local-preference/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/local-preference/node.def new file mode 100644 index 00000000..929adaf1 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/local-preference/node.def @@ -0,0 +1,12 @@ +type: u32 +help: "BGP local preference path attribute" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set local-preference $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set local-preference $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set local-preference \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def new file mode 100644 index 00000000..47a19621 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/metric/node.def @@ -0,0 +1,13 @@ +type: txt +help: "Metric value for destination routing protocol" +syntax: exec "if [ -n `echo $(@) | sed 's/[+0123456789]*-*//g'` ]; then exit 1; fi; "; "metric must be an integer with an optional +/- prepend" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set metric $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set metric $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set metric \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/node.def new file mode 100644 index 00000000..6d30b42f --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/node.def @@ -0,0 +1 @@ +help: "Set values in destination routing protocol" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/origin/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/origin/node.def new file mode 100644 index 00000000..46c33586 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/origin/node.def @@ -0,0 +1,13 @@ +type: txt +help: "BGP origin code" +syntax: $(@) in "igp", "egp", "incomplete"; "origin must be one of igp, egp, or incomplete" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set origin $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set origin $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set origin \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/originator-id/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/originator-id/node.def new file mode 100644 index 00000000..ae749c15 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/originator-id/node.def @@ -0,0 +1,12 @@ +type: ipv4 +help: "BGP originator ID attribute" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set originator-id $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set originator-id $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set originator-id \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/tag/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/tag/node.def new file mode 100644 index 00000000..a0812733 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/tag/node.def @@ -0,0 +1,13 @@ +type: u32 +help: "Tag value for routing protocol" +syntax: $(@) >= 1 && $(@) <= 65535; "tag must be between 1 and 65535" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set tag $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set tag $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set tag \" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/weight/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/weight/node.def new file mode 100644 index 00000000..34fed745 --- /dev/null +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/weight/node.def @@ -0,0 +1,12 @@ +type: u32 +help: "BGP weight for routing table" +commit: $(../../action/@) != ""; "You must specify an action for route-map $(../../../@) rule $(../../@)" +create: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set weight $(@)\" " +update: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"set weight $(@)\" " +delete: "/opt/vyatta/bin/vtysh -c \"configure terminal\" \ + -c \"route-map $(../../../@) $(../../action/@) $(../../@)\" \ + -c \"no set weight \" " |