diff options
Diffstat (limited to 'templates')
48 files changed, 331 insertions, 47 deletions
diff --git a/templates/interfaces/bonding/node.def b/templates/interfaces/bonding/node.def new file mode 100644 index 00000000..a0a56a8d --- /dev/null +++ b/templates/interfaces/bonding/node.def @@ -0,0 +1,9 @@ +tag: +type: txt +help: Set bonding interface +syntax:expression: pattern $VAR(@) "^bond[0-9]+$" \ + ; "bonding must be (bond0-bond99)" +create: ${vyatta_sbindir}/vyatta-bonding.pl --create $VAR(@) +delete: ${vyatta_sbindir}/vyatta-bonding.pl --delete $VAR(@) +end: ${vyatta_sbindir}/vyatta-bonding.pl --mode-change $VAR(@) +comp_help: Enter bond interface name (bond0 - bond99) diff --git a/templates/interfaces/bonding/node.tag/address/node.def b/templates/interfaces/bonding/node.tag/address/node.def new file mode 100644 index 00000000..d5237934 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/address/node.def @@ -0,0 +1,12 @@ +multi: +type: txt +help: Set an IP address for this interface +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" +update:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; "Error setting address $VAR(@) on interface $VAR(../@)" +delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; "Error deleting address $VAR(@) on interface $VAR(../@)" +allowed: echo "dhcp <>" +comp_help:Possible completions: + <x.x.x.x/x> Set the IP address and prefix length + <h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length + dhcp Set the IP address and prefix length via DHCP + diff --git a/templates/interfaces/bonding/node.tag/bridge-group/bridge/node.def b/templates/interfaces/bonding/node.tag/bridge-group/bridge/node.def new file mode 100644 index 00000000..79609a86 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/bridge-group/bridge/node.def @@ -0,0 +1,11 @@ +type: txt +help: Set this interface to a bridge-group +syntax:expression: exec " \ + if [ -z \"`sudo brctl show | grep $VAR(@) `\" ]; then \ + echo bridge interface $VAR(@) doesn\\'t exist on this system ; \ + exit 1 ; \ + fi ; " +delete: echo $VAR(@) > /tmp/bridge-no.$PPID +allowed: local -a array ; + array=( /sys/class/net/br* ) ; + echo -n ${array[@]##*/} diff --git a/templates/interfaces/bonding/node.tag/bridge-group/cost/node.def b/templates/interfaces/bonding/node.tag/bridge-group/cost/node.def new file mode 100644 index 00000000..ef2d9940 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/bridge-group/cost/node.def @@ -0,0 +1,4 @@ +type: u32 +help: Set the path cost for this port +comp_help: possible completions: + <0-2147483647> Set port cost diff --git a/templates/interfaces/bonding/node.tag/bridge-group/node.def b/templates/interfaces/bonding/node.tag/bridge-group/node.def new file mode 100644 index 00000000..fc3af5f5 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/bridge-group/node.def @@ -0,0 +1,23 @@ +help: Add this interface to a bridge group + +create: sudo brctl addif $VAR(./bridge/@) $VAR(../@); + +delete: touch /tmp/bond-$VAR(../@)-bridge.$PPID; + +end: if [ -f "/tmp/bond-$VAR(../@)-bridge.$PPID" ]; then + rm -f /tmp/bond-$VAR(../@)-bridge.$PPID; + brno=$(cat /tmp/bridge-no.$PPID); + sudo brctl delif $brno $VAR(../@); + rm -f /tmp/bridge-no.$PPID; + else + if [ -z "$VAR(./bridge/@)" ]; then + echo "Must set the bridge interface"; + exit 1; + fi; + if [ -n "$VAR(./cost/@)" ]; then + sudo brctl setpathcost $VAR(./bridge/@) $VAR(../@) $VAR(./cost/@); + fi; + if [ -n "$VAR(./priority/@)" ]; then + sudo brctl setportprio $VAR(./bridge/@) $VAR(../@) $VAR(./priority/@); + fi; + fi; diff --git a/templates/interfaces/bonding/node.tag/bridge-group/priority/node.def b/templates/interfaces/bonding/node.tag/bridge-group/priority/node.def new file mode 100644 index 00000000..8688c394 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/bridge-group/priority/node.def @@ -0,0 +1,4 @@ +type: u32 +help: Set the path priority for this port +comp_help: possible completions: + <0-255> Set port priority diff --git a/templates/interfaces/bonding/node.tag/description/node.def b/templates/interfaces/bonding/node.tag/description/node.def new file mode 100644 index 00000000..aeb40f0b --- /dev/null +++ b/templates/interfaces/bonding/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: Set description for this interface diff --git a/templates/interfaces/bonding/node.tag/disable/node.def b/templates/interfaces/bonding/node.tag/disable/node.def new file mode 100644 index 00000000..54090cc4 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/disable/node.def @@ -0,0 +1,3 @@ +help: Set interface disabled +update:expression: "sudo ip link set $VAR(../@) down"; "Error disabling dev $VAR(../@)" +delete:expression: "sudo ip link set $VAR(../@) up"; "Error enabling dev $VAR(../@)" diff --git a/templates/interfaces/bonding/node.tag/mac/node.def b/templates/interfaces/bonding/node.tag/mac/node.def new file mode 100644 index 00000000..abafa7ab --- /dev/null +++ b/templates/interfaces/bonding/node.tag/mac/node.def @@ -0,0 +1,7 @@ +type: macaddr +help: Set the Media Access Control (MAC) address of this interface +syntax:expression: exec "\ + /opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(../@) --valid-mac $VAR(@)" +update: /opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(../@) --set-mac $VAR(@) +delete: /opt/vyatta/sbin/vyatta-interfaces.pl --dev $VAR(../@) --set-mac $VAR(../hw-id/@) + diff --git a/templates/interfaces/bonding/node.tag/mode/node.def b/templates/interfaces/bonding/node.tag/mode/node.def new file mode 100644 index 00000000..a059f615 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/mode/node.def @@ -0,0 +1,14 @@ +type: txt +default: "802.3ad" +syntax:expression: $VAR(@) in \ + "round-robin", "active-backup", "xor-hash","broadcast","802.3ad", \ + "transmit-load-balance", "adaptive-load-balance" +help: Sets the bonding mode +comp_help: Possible bonding mode +802.3ad IEEE 802.3ad Dynamic link aggregation (Default) +active-backup Active-backup policy: Only one slave in the bond is active +balance-alb Adaptive load balancing based on transmit and receive +balance-rr Round-robin policy: Transmit packets in sequential order +balance-tlb Adaptive transmit load balancing based on transmit speed +balance-xor XOR policy: Transmit based on the selected transmit hash policy +broadcast Broadcast policy: transmits everything on all slave interfaces diff --git a/templates/interfaces/bonding/node.tag/mtu/node.def b/templates/interfaces/bonding/node.tag/mtu/node.def new file mode 100644 index 00000000..07c102ac --- /dev/null +++ b/templates/interfaces/bonding/node.tag/mtu/node.def @@ -0,0 +1,5 @@ +type: u32 +help: Set the Maximum Transmission Unit (MTU) for this interface +syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000" +update:expression: "sudo ip link set $VAR(../@) mtu $VAR(@)"; "Error setting MTU on dev $VAR(../@)" +delete:expression: "sudo ip link set $VAR(../@) mtu 1500"; "Error deleting MTU on dev $VAR(../@)" diff --git a/templates/interfaces/bonding/node.tag/primary/node.def b/templates/interfaces/bonding/node.tag/primary/node.def new file mode 100644 index 00000000..171c8daf --- /dev/null +++ b/templates/interfaces/bonding/node.tag/primary/node.def @@ -0,0 +1,12 @@ +type: txt +syntax:expression: exec \ + "grep -s $VAR(@) /sys/class/net/$VAR(../@)/bonding/slaves" \ + ; "Ethernet interface must be part of the bonding group" +allowed: cat /sys/class/net/$VAR(../@)/bonding/slaves +update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/bonding/primary" +help: Specify the primary device + + + + + diff --git a/templates/interfaces/bonding/node.tag/vif/node.def b/templates/interfaces/bonding/node.tag/vif/node.def new file mode 100644 index 00000000..d37b045e --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.def @@ -0,0 +1,12 @@ +tag: +type: u32 +help: Set Virtual Local Area Network (VLAN) ID +syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4094; "VLAN ID must be between 0 and 4094" +create: sudo modprobe 8021q + sudo vconfig add "$VAR(../@)" "$VAR(@)" + sudo ip link set "$VAR(../@).$VAR(@)" up + vyatta-vtysh -c "configure terminal" \ + -c "interface $VAR(../@).$VAR(@)" -c "link-detect" +delete: sudo vconfig rem "$VAR(../@).$VAR(@)" +comp_help: possible completions: + <0-4094> Set VLAN ID diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def new file mode 100644 index 00000000..625130af --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def @@ -0,0 +1,11 @@ +multi: +type: txt +help: Set an IP address for this interface +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)" +create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Error setting address $VAR(@) on dev $VAR(../../@).$VAR(../@) " +delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Error deleting address $VAR(@) on dev $VAR(../../@).$VAR(../@) " +allowed: echo "dhcp <>" +comp_help:Possible completions: + <x.x.x.x/x> Set the IP address and prefix length + <h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length + dhcp Set the IP address and prefix length via DHCP diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/bridge/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/bridge/node.def new file mode 100644 index 00000000..e3674bcd --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/bridge/node.def @@ -0,0 +1,11 @@ +type: txt +help: Set this interface to a bridge-group +syntax:expression: exec " \ + if [ -z \"`sudo brctl show | grep $VAR(@) `\" ]; then \ + echo bridge interface $VAR(@) doesn\\'t exist on this system ; \ + exit 1 ; \ + fi ; " +delete:expression: "sudo brctl delif $VAR(@) $VAR(../../../@).$VAR(../../@)" +allowed: local -a array ; + array=( /sys/class/net/br* ) ; + echo -n ${array[@]##*/} diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/cost/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/cost/node.def new file mode 100644 index 00000000..ef2d9940 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/cost/node.def @@ -0,0 +1,4 @@ +type: u32 +help: Set the path cost for this port +comp_help: possible completions: + <0-2147483647> Set port cost diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/node.def new file mode 100644 index 00000000..3e93d112 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/node.def @@ -0,0 +1,14 @@ +help: Set this interface to a bridge group +commit:expression: $VAR(./bridge/) != ""; "Must set the bridge interface" +create:sudo brctl addif $VAR(./bridge/@) $VAR(../../@).$VAR(../@) +delete:touch /tmp/bond-$VAR(../@)-bridge.$PPID +end: if [ -f "/tmp/bond-$VAR(../@)-bridge.$PPID" ]; then + rm -f "/tmp/bond-$VAR(../@)-bridge.$PPID" + else + if [ -n "$VAR(./cost/@)" ]; then + sudo brctl setpathcost $VAR(./bridge/@) "$VAR(../../@).$VAR(../@)" "$VAR(./cost/@)" + fi + if [ -n "$VAR(./priority/@)" ]; then + sudo brctl setportprio $VAR(./bridge/@) "$VAR(../../@).$VAR(../@)" "$VAR(./priority/@)" + fi + fi diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/priority/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/priority/node.def new file mode 100644 index 00000000..8688c394 --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/bridge-group/priority/node.def @@ -0,0 +1,4 @@ +type: u32 +help: Set the path priority for this port +comp_help: possible completions: + <0-255> Set port priority diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/description/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/description/node.def new file mode 100644 index 00000000..aeb40f0b --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/description/node.def @@ -0,0 +1,2 @@ +type: txt +help: Set description for this interface diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def new file mode 100644 index 00000000..66efddcc --- /dev/null +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/disable/node.def @@ -0,0 +1,3 @@ +help: Set interface disabled +update:sudo ip link set $VAR(../../@).$VAR(../@) down +delete:sudo ip link set $VAR(../../@).$VAR(../@) up diff --git a/templates/interfaces/bridge/node.def b/templates/interfaces/bridge/node.def index 0dc3670c..641d369d 100644 --- a/templates/interfaces/bridge/node.def +++ b/templates/interfaces/bridge/node.def @@ -2,7 +2,7 @@ tag: type: txt help: Set bridge interface -syntax:expression: $VAR(@) in "br0", "br1", "br2", "br3", "br4", "br5", "br6", "br7", "br8", "br9" ; "Must be (br0 - br9)" +syntax:expression: pattern $VAR(@) "^br[0-9]+$" ; "Must be (br0 - br999)" create: sudo brctl addbr $VAR(@) @@ -13,4 +13,4 @@ delete: if [ -n "`/usr/sbin/brctl show | grep $VAR(@) | grep eth`" ]; then sudo ip link set $VAR(@) down; sudo brctl delbr $VAR(@); -comp_help: "Enter bridge interface name (br0 - br9)" +comp_help: "Enter bridge interface name (br0 - br999)" diff --git a/templates/interfaces/bridge/node.tag/address/node.def b/templates/interfaces/bridge/node.tag/address/node.def index 52188386..3f04ec06 100644 --- a/templates/interfaces/bridge/node.tag/address/node.def +++ b/templates/interfaces/bridge/node.tag/address/node.def @@ -7,5 +7,6 @@ delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete allowed: echo "dhcp <>" comp_help:Possible completions: <x.x.x.x/x> Set the IP address and prefix length - dhcp\t\t\t\tSet the IP address and prefix length via DHCP + <h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length + dhcp Set the IP address and prefix length via DHCP diff --git a/templates/interfaces/ethernet/node.tag/bond-group/node.def b/templates/interfaces/ethernet/node.tag/bond-group/node.def new file mode 100644 index 00000000..e62e37ab --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/bond-group/node.def @@ -0,0 +1,9 @@ +type: txt +help: Add this interface to a bonding group +create: sudo ifenslave $VAR(@) $VAR(../@) +delete: sudo ifenslave -d $VAR(@) $VAR(../@) +allowed: for dev in /sys/class/net/* + do if [[ -d $dev/bonding ]] + then echo -n ${dev##*/} " " + fi + done diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def index d152dbe5..89ee200c 100644 --- a/templates/interfaces/tunnel/node.def +++ b/templates/interfaces/tunnel/node.def @@ -2,7 +2,8 @@ tag: type: txt help: Set tunnel interface -syntax:expression: exec "echo $VAR(@) | grep \"tun[0-9][0-9]\\{0,2\\}\$\" > /dev/null "; "tunnel must be (tun0-tun999)" +syntax:expression: pattern $VAR(@) "^tun[0-9]+$" \ + ; "tunnel must be (tun0-tun999)" commit:expression: $VAR(./local-ip/) != "" ; \ "Must configure the tunnel local-ip for $VAR(@)" diff --git a/templates/interfaces/tunnel/node.tag/address/node.def b/templates/interfaces/tunnel/node.tag/address/node.def index 07ea4a0e..3310ee00 100644 --- a/templates/interfaces/tunnel/node.tag/address/node.def +++ b/templates/interfaces/tunnel/node.tag/address/node.def @@ -9,4 +9,5 @@ update:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; "Error deleting address $VAR(@) on interface $VAR(../@)" comp_help:Possible completions: - <x.x.x.x/x> Set the IP address and prefix length + <x.x.x.x/x> Set the IP address and prefix length + <h:h:h:h:h:h:h:h/x> Set the IPv6 address and prefix length diff --git a/templates/service/dns/dynamic/interface/node.def b/templates/service/dns/dynamic/interface/node.def new file mode 100644 index 00000000..bbf0c310 --- /dev/null +++ b/templates/service/dns/dynamic/interface/node.def @@ -0,0 +1,31 @@ +tag: +help: Set interface to send DDNS updates for +type: txt +syntax:expression: exec " + intf_array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)) + intf_array_len=${#intf_array[*]} + i=0 + while [ $i -lt $intf_array_len ]; do + temp=${intf_array[$i]%:*} + if [ \"$temp\" == \"$VAR(@)\" ] ; then + exit 0 + fi + let i++ + done + echo Invalid interface [$VAR(@)] + exit 1 " + +allowed: local -a array ; + array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)); + echo -n ${array[@]%:*} + +commit:expression: $VAR(./@/service/@@) != ""; "Atleast one service must be set to send DDNS updates for $VAR(@)" + +delete:expression: "touch /tmp/ddclient_$VAR(@).$PPID" + +end:expression: "if [ -f \"/tmp/ddclient_$VAR(@).$PPID\" ]; then \ + sudo /opt/vyatta/sbin/vyatta-dynamic-dns.pl --stop-dynamicdns --interface $VAR(@) \ + rm /tmp/ddclient_$VAR(@).$PPID; \ + else \ + sudo /opt/vyatta/sbin/vyatta-dynamic-dns.pl --update-dynamicdns --interface $VAR(@); \ + fi; " diff --git a/templates/service/dns/dynamic/interface/node.tag/service/node.def b/templates/service/dns/dynamic/interface/node.tag/service/node.def new file mode 100644 index 00000000..a515351e --- /dev/null +++ b/templates/service/dns/dynamic/interface/node.tag/service/node.def @@ -0,0 +1,23 @@ +tag: +help: Set service being used for Dynamic DNS +type: txt +syntax:expression: exec " + service_array=(dnspark dslreports dyndns easydns namecheap sitelutions zoneedit) + service_array_len=${#service_array[*]} + i=0 + while [ $i -lt $service_array_len ]; do + if [ \"${service_array[$i]}\" == \"$VAR(@)\" ] ; then + exit 0 + fi + let i++ + done + echo Invalid service [$VAR(@)] + exit 1 " + +allowed: local -a array ; + array=(dnspark dslreports dyndns easydns namecheap sitelutions zoneedit); + echo -n ${array[@]} + +commit:expression: $VAR(./@/login) != ""; "Set login for service $VAR(./@) to send DDNS updates for interface $VAR(../@)" +commit:expression: $VAR(./@/password) != ""; "Set password for service $VAR(./@) to send DDNS updates for interface $VAR(../@)" +commit:expression: $VAR(./@/host-name) != ""; "Set atleast one host-name registered with service $VAR(./@) to send DDNS updates for interface $VAR(../@)" diff --git a/templates/service/dns/dynamic/interface/node.tag/service/node.tag/host-name/node.def b/templates/service/dns/dynamic/interface/node.tag/service/node.tag/host-name/node.def new file mode 100644 index 00000000..e104ae8f --- /dev/null +++ b/templates/service/dns/dynamic/interface/node.tag/service/node.tag/host-name/node.def @@ -0,0 +1,3 @@ +multi: +help: Set host-name registered with DDNS service +type: txt diff --git a/templates/service/dns/dynamic/interface/node.tag/service/node.tag/login/node.def b/templates/service/dns/dynamic/interface/node.tag/service/node.tag/login/node.def new file mode 100644 index 00000000..4a6ca920 --- /dev/null +++ b/templates/service/dns/dynamic/interface/node.tag/service/node.tag/login/node.def @@ -0,0 +1,2 @@ +help: Set login for DDNS service +type: txt diff --git a/templates/service/dns/dynamic/interface/node.tag/service/node.tag/password/node.def b/templates/service/dns/dynamic/interface/node.tag/service/node.tag/password/node.def new file mode 100644 index 00000000..9dceae00 --- /dev/null +++ b/templates/service/dns/dynamic/interface/node.tag/service/node.tag/password/node.def @@ -0,0 +1,2 @@ +help: Set password for DDNS service +type: txt diff --git a/templates/service/dns/dynamic/node.def b/templates/service/dns/dynamic/node.def new file mode 100644 index 00000000..d713fc1c --- /dev/null +++ b/templates/service/dns/dynamic/node.def @@ -0,0 +1,2 @@ +help: Configure Dynamic DNS +commit:expression: $VAR(./interface/@@) != ""; "Atleast one interface must be set to send DDNS updates for" diff --git a/templates/service/dns/forwarding/cache-size/node.def b/templates/service/dns/forwarding/cache-size/node.def new file mode 100644 index 00000000..3a73f308 --- /dev/null +++ b/templates/service/dns/forwarding/cache-size/node.def @@ -0,0 +1,4 @@ +type: u32 +default:150 +help: Set DNS forwarding cache size +syntax:expression: ($VAR(@) >=0 && $VAR(@) < 10001) ; "Cache size must be between 0 and 10000" diff --git a/templates/service/dns/forwarding/dhcp/node.def b/templates/service/dns/forwarding/dhcp/node.def new file mode 100644 index 00000000..8ce8c83f --- /dev/null +++ b/templates/service/dns/forwarding/dhcp/node.def @@ -0,0 +1,8 @@ +multi: +type: txt +help: Set to use nameservers received from DHCP server for specified interface +commit:expression: exec "/opt/vyatta/sbin/vyatta-dns-forwarding.pl --dhcp-interface $VAR(@)" +allowed: + local -a array ; + array=( /var/lib/dhcp3/eth* /var/lib/dhcp3/br* ) ; + echo -n ${array[@]##*/} diff --git a/templates/service/dns/forwarding/listen-on/node.def b/templates/service/dns/forwarding/listen-on/node.def new file mode 100644 index 00000000..9510cebe --- /dev/null +++ b/templates/service/dns/forwarding/listen-on/node.def @@ -0,0 +1,20 @@ +multi: +type: txt +help: Set interface to listen for DNS queries +syntax:expression: exec " + intf_array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)) + intf_array_len=${#intf_array[*]} + i=0 + while [ $i -lt $intf_array_len ]; do + temp=${intf_array[$i]%:*} + if [ \"$temp\" == \"$VAR(@)\" ] ; then + exit 0 + fi + let i++ + done + echo Invalid interface [$VAR(@)] + exit 1 " + +allowed: local -a array ; + array=($(awk '$1 ~ /:/ { print $1 }' /proc/net/dev)); + echo -n ${array[@]%:*} diff --git a/templates/service/dns/forwarding/name-server/node.def b/templates/service/dns/forwarding/name-server/node.def new file mode 100644 index 00000000..ad67c6de --- /dev/null +++ b/templates/service/dns/forwarding/name-server/node.def @@ -0,0 +1,3 @@ +multi: +type: ipv4 +help: Set DNS server to forward queries diff --git a/templates/service/dns/forwarding/node.def b/templates/service/dns/forwarding/node.def new file mode 100644 index 00000000..d3c32bb1 --- /dev/null +++ b/templates/service/dns/forwarding/node.def @@ -0,0 +1,9 @@ +help: Configure DNS forwarding +commit:expression: $VAR(./listen-on) != ""; "Atleast one interface must be configured for DNS forwarding parameter 'listen-on'" +delete:expression: "touch /tmp/dnsmasq.$PPID" +end:expression: "if [ -f \"/tmp/dnsmasq.$PPID\" ]; then \ + sudo /opt/vyatta/sbin/vyatta-dns-forwarding.pl --stop-dnsforwarding \ + rm /tmp/dnsmasq.$PPID; \ + else \ + sudo /opt/vyatta/sbin/vyatta-dns-forwarding.pl --update-dnsforwarding; \ + fi; " diff --git a/templates/service/dns/forwarding/system/node.def b/templates/service/dns/forwarding/system/node.def new file mode 100644 index 00000000..e92a7ad6 --- /dev/null +++ b/templates/service/dns/forwarding/system/node.def @@ -0,0 +1,2 @@ +help: Set DNS forwarding to system nameservers +commit:expression: exec "/opt/vyatta/sbin/vyatta-dns-forwarding.pl --system-nameserver" diff --git a/templates/service/dns/node.def b/templates/service/dns/node.def new file mode 100644 index 00000000..d7040d0d --- /dev/null +++ b/templates/service/dns/node.def @@ -0,0 +1 @@ +help: Configure Domain Name Server (DNS) parameters diff --git a/templates/service/ssh/allow-root/node.def b/templates/service/ssh/allow-root/node.def index 9aa98826..87ff1ded 100644 --- a/templates/service/ssh/allow-root/node.def +++ b/templates/service/ssh/allow-root/node.def @@ -1,16 +1,8 @@ -type: txt +type: bool default: false help: Enable/disable root login over ssh -syntax:expression: $VAR(@) in "true", "false" ; "must be true or false" -update: if [ \"$VAR(@)\" == \"true\" ]; then - sudo ed - /etc/ssh/sshd_config <<-"EOF" - /^PermitRootLogin/s/no/yes/ - wq - EOF - else - sudo ed - /etc/ssh/sshd_config <<-"EOF" - /^PermitRootLogin/s/yes/no/ - wq - EOF +update: if [ "$VAR(@)" == "true" ]; + then regex='/^PermitRootLogin/s/no/yes/' + else regex='/^PermitRootLogin/s/yes/no/' fi - /bin/true + sudo sed -i -e "$regex" /etc/ssh/sshd_config diff --git a/templates/system/name-server/node.def b/templates/system/name-server/node.def index 3866e82c..f762a8a1 100644 --- a/templates/system/name-server/node.def +++ b/templates/system/name-server/node.def @@ -1,19 +1,5 @@ multi: type: ipv4 help: Set Domain Name Server (DNS) -update:expression: "sudo sh -c \"touch /etc/resolv.conf && \ -if grep -q '$VAR(@)' /etc/resolv.conf; then \ - exit 0; \ -else \ - mv -f /etc/resolv.conf /etc/old_resolv.conf && \ - echo \\\"nameserver\t $VAR(@)\\\" >> /etc/resolv.conf && \ - cat /etc/old_resolv.conf >> /etc/resolv.conf; \ -fi && \ -if [ -f /etc/ntp.conf ] && grep -q 'server' /etc/ntp.conf; then \ - /usr/sbin/invoke-rc.d ntp restart >&/dev/null; \ -fi\" " -delete:expression: "sudo sh -c \"touch /etc/resolv.conf && \ -sed -i '/$VAR(@)/d' /etc/resolv.conf && \ -if [ -f /etc/ntp.conf ] && grep -q 'server' /etc/ntp.conf; then \ - /usr/sbin/invoke-rc.d ntp restart >&/dev/null; \ -fi\" " +update: sudo /opt/vyatta/sbin/vyatta-system-nameservers update $VAR(@) +delete: sudo /opt/vyatta/sbin/vyatta-system-nameservers delete $VAR(@) diff --git a/templates/system/static-host-mapping/host-name/node.def b/templates/system/static-host-mapping/host-name/node.def index 189025e3..bd9cfab1 100644 --- a/templates/system/static-host-mapping/host-name/node.def +++ b/templates/system/static-host-mapping/host-name/node.def @@ -3,9 +3,14 @@ type: txt help: Set to map DNS names to system interfaces syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9.]+$" ; "invalid host name $VAR(@)" commit:expression: $VAR(./inet) != ""; "IP address for the static mapping must be set" -end:expression: "sudo sh -c \"\ - touch /etc/hosts; \ - sed -i '/ $VAR(@) .*#vyatta entry/d' /etc/hosts; \ - if [ -z \"$VAR(./inet/@)\" ]; then exit 0; fi; \ - declare -a aliases=( $VAR(alias/@@) ); \ - echo \\\"$VAR(inet/@)\t $VAR(@) \\${aliases[*]} \t #vyatta entry\\\" \ >> /etc/hosts\" " +end: sudo sh -c " + touch /etc/hosts + sed -i '/ $VAR(@) .*#vyatta entry/d' /etc/hosts + if [ -z \"$VAR(./inet/@)\" ]; then + if [ -d /opt/vyatta/config/active/service/dns/forwarding ]; then /etc/init.d/dnsmasq restart >&/dev/null; fi + exit 0 + fi + declare -a aliases=( $VAR(alias/@@) ) + echo -e \"$VAR(inet/@)\\t $VAR(@) \${aliases[*]} \\t #vyatta entry\" >> /etc/hosts + if [ -d /opt/vyatta/config/active/service/dns/forwarding ]; then /etc/init.d/dnsmasq restart >&/dev/null; fi" + diff --git a/templates/system/syslog/console/node.def b/templates/system/syslog/console/node.def index ec620885..7252ad79 100644 --- a/templates/system/syslog/console/node.def +++ b/templates/system/syslog/console/node.def @@ -1 +1,2 @@ help: Set console logging +commit:expression: $VAR(./facility/@@) != ""; "Atleast one facility must be configured to log messages to $VAR(.)" diff --git a/templates/system/syslog/file/node.def b/templates/system/syslog/file/node.def index e2c7759f..a1ac1c4d 100644 --- a/templates/system/syslog/file/node.def +++ b/templates/system/syslog/file/node.def @@ -2,4 +2,4 @@ tag: type: txt help: Set the name of syslog file to save log messages to syntax:expression: pattern $VAR(@) "^[-a-zA-Z0-9_.]+$" ; "invalid file name $VAR(@)" -commit:expression: $VAR(./facility/) != "" || $VAR(./archive/) != ""; "Must specify either facility or archive for syslog file" +commit:expression: $VAR(./@/facility/@@) != ""; "Atleast one facility must be configured to log messages to file $VAR(./@)" diff --git a/templates/system/syslog/global/facility/node.def b/templates/system/syslog/global/facility/node.def index cff98650..8133aebf 100644 --- a/templates/system/syslog/global/facility/node.def +++ b/templates/system/syslog/global/facility/node.def @@ -4,12 +4,12 @@ help: Set facility for system logging syntax:expression: $VAR(@) in "auth", "authpriv", "cron", "daemon", "kern", "lpr", "mail", "mark", "news", "security", "syslog", "user", "uucp", "local0", "local1", "local2", "local3", "local4", "local5", "local6", "local7", "all"; "\"$VAR(@)\" is not a valid logging facility" update:expression: "sudo sh -c \"LVL=`echo -n $VAR(level/@) | tr '[a-z]' '[A-Z]'` && \ FAC='$VAR(@)' ; if [ x\\$FAC == xall ]; then FAC='*'; fi && \ -/opt/vyatta/sbin/vyatta_update_syslog.pl '' '\\/var\\/log\\/messages' \ - \\\"\\$FAC.\\$LVL\t/var/log/messages \n\\\"\" " +/opt/vyatta/sbin/vyatta_update_syslog.pl \\\"\\$FAC\\.\\\" '\\/var\\/log\\/messages' \ + \\\"\\$FAC.\\$LVL\t-/var/log/messages \n\\\"\" " delete:expression: "sudo sh -c \"FAC='$VAR(@)' ; \ if [ x\\$FAC == xall ]; then FAC='*'; fi && \ /opt/vyatta/sbin/vyatta_update_syslog.pl \ - '' '\\/var\\/log\\/messages' '*.warning\t/var/log/messages \n'\" " + \\\"\\$FAC\\.\\\" '\\/var\\/log\\/messages' ''\" " comp_help:Available logging facilities: all All facilities excluding "mark" auth Authentication and authorization diff --git a/templates/system/syslog/global/node.def b/templates/system/syslog/global/node.def index 175d85e1..e5c441a8 100644 --- a/templates/system/syslog/global/node.def +++ b/templates/system/syslog/global/node.def @@ -1 +1,2 @@ help: Set system logging +commit:expression: $VAR(./facility/) != "" || $VAR(./archive/) != ""; "Must specify either facility or archive for syslog file" diff --git a/templates/system/syslog/host/node.def b/templates/system/syslog/host/node.def index 0e757cbc..255fc37b 100644 --- a/templates/system/syslog/host/node.def +++ b/templates/system/syslog/host/node.def @@ -1,3 +1,4 @@ tag: type: txt help: Set IP address or hostname of remote syslog server +commit:expression: $VAR(./@/facility/@@) != ""; "Atleast one facility must be configured to log messages to host $VAR(./@)" diff --git a/templates/system/syslog/node.def b/templates/system/syslog/node.def index 72a82d78..7fd911f7 100644 --- a/templates/system/syslog/node.def +++ b/templates/system/syslog/node.def @@ -1,3 +1,11 @@ -help: Set syslog daemon -delete:expression: "sudo sh -c \"/opt/vyatta/sbin/vyatta_update_syslog.pl \ -'' '\\/var\\/log\\/messages' '*.warning\t/var/log/messages \n'\" " +help: Configure syslog daemon +end: if [ -n "$VAR(./global/facility/@@)" ]; then + # remove the default config for global messages + sudo sh -c "sed -i '/\*\.notice[[:space:]]*-\/var\/log\/messages/d' /etc/syslog.conf" + else + # if not already there then write the default config for global messages + if ! grep -q "\*\.notice[[:space:]]*-/var/log/messages" /etc/syslog.conf; then + sudo sh -c "echo \"*.notice -/var/log/messages\" >> /etc/syslog.conf" + fi + fi + sudo /usr/sbin/invoke-rc.d sysklogd restart diff --git a/templates/system/syslog/user/node.def b/templates/system/syslog/user/node.def index a432f326..eabd7f8f 100644 --- a/templates/system/syslog/user/node.def +++ b/templates/system/syslog/user/node.def @@ -1,5 +1,6 @@ tag: type: txt help: Set logging to specific user's terminal +commit:expression: $VAR(./@/facility/@@) != ""; "Atleast one facility must be configured to log messages to user $VAR(./@)" comp_help: Possible completions: <username> Send log messages to this user's terminal |