summaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
Diffstat (limited to 'templates')
-rw-r--r--templates/policy/access-list/node.def6
-rw-r--r--templates/policy/route-map/node.tag/rule/node.def8
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/action/node.def21
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def44
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def1
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def1
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def1
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def1
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def1
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def1
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def2
-rw-r--r--templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def1
-rw-r--r--templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def12
-rw-r--r--templates/protocols/bgp/node.tag/network/node.def50
-rw-r--r--templates/protocols/bgp/node.tag/network/node.tag/backdoor/node.def (renamed from templates/protocols/bgp/node.tag/network/node.tag/.backdoor/node.def)0
-rw-r--r--templates/protocols/ospf/access-list/node.def4
16 files changed, 83 insertions, 71 deletions
diff --git a/templates/policy/access-list/node.def b/templates/policy/access-list/node.def
index a6f1b05a..de8ec16e 100644
--- a/templates/policy/access-list/node.def
+++ b/templates/policy/access-list/node.def
@@ -1,10 +1,6 @@
tag:
type: u32
-help: Access list number must be
- <1-99> IP standard access list
- <100-199> IP extended access list
- <1300-1999> IP standard access list (expanded range)
- <2000-2699> IP extended access list (expanded range)
+help: IP access list number
syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 199) || ($VAR(@) >= 1300 && $VAR(@) <= 2699); \
"Access list number must be \n \
<1-99> IP standard access list \n \
diff --git a/templates/policy/route-map/node.tag/rule/node.def b/templates/policy/route-map/node.tag/rule/node.def
index c3079f54..b5a8e367 100644
--- a/templates/policy/route-map/node.tag/rule/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.def
@@ -2,7 +2,7 @@ tag:
type: u32
help: Specify route-map rule number
syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "route-map $VAR(../@): rule number $VAR(@) must be between 1 and 65535"
-end:expression: "if [ -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ]; then \
- ${vyatta_sbindir}/vyatta-policy-action-verify.pl $VAR(../@) $VAR(@) $( cat /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ); \
- fi"
-
+delete: if [ -f /tmp/route-map-$VAR(../@)-rule-$VAR(@)-action.$PPID ]; then
+ ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" -c "no route-map $VAR(../@) $VAR(./@/action/@) $VAR(@)";
+ rm -f /tmp/route-map-$VAR(../@)-rule-$VAR(@)-action.$PPID;
+ fi;
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def
index 83e092e8..3967558c 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def
@@ -1,7 +1,20 @@
type: txt
help: Action to take on prefixes matching this rule
syntax:expression: $VAR(@) in "permit", "deny"; "route-map $VAR(../../@) $VAR(@) $VAR(../@) action: must be permit or deny"
-update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\" "
-update:expression: exec "sudo rm -f /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@) 2>/dev/null"
-delete:expression: exec "sudo echo $VAR(@) > /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@)"
-
+update: /opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action "policy route-map $VAR(../../@) rule $VAR(../@) action";
+ if [ $? -eq 0 ]; then
+ ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" -c "route-map $VAR(../../@) $VAR(@) $VAR(../@)";
+ else
+ echo " You can not change the action for \"route-map $VAR(../../@) rule $VAR(../@)\".";
+ echo " To change the action you must first delete the rule ";
+ echo -e " \"delete route-map $VAR(../../@) rule $VAR(../@)\" and commit it. \\n";
+ exit 1;
+ fi;
+delete: /opt/vyatta/sbin/vyatta-policy.pl --check-delete-routemap-action "policy route-map $VAR(../../@) rule $VAR(../@)";
+ if [ $? -eq 0 ]; then
+ touch /tmp/route-map-$VAR(../../@)-rule-$VAR(../@)-action.$PPID ;
+ else
+ echo " Action is a required node for \"route-map $VAR(../../@) rule $VAR(../@)\". ";
+ echo -e " To delete that node you must delete \"route-map $VAR(../../@) rule $VAR(../@)\". \\n";
+ exit 1;
+ fi;
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def
index 29298fac..3ac8e05e 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def
@@ -1,19 +1,27 @@
help: Match BGP community list
-delete:expression: "touch /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID"
-end:expression: "if [ -z \"$VAR(./community-list/)\" ]; then \
- echo You must configure a community-list ; \
- exit 1 ; \
- fi ; \
- ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c \"configure terminal\" \
- -c \"route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)\" \
- -c \"no match community \" ; \
- if [ -f \"/tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID\" ]; then \
- rm -rf /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID; \
- else \
- if [ -n \"$VAR(./exact-match/)\" ]; then \
- cond=\"exact-match \"; \
- fi ; \
- ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
- -c \"route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)\" \
- -c \"match community $VAR(./community-list/@) $cond\" ; \
- fi; "
+delete: echo route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@) >> /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID
+## this will always return exact-match pending bug 2525 being fixed
+end: if [ -z "$VAR(./community-list/@)" ]; then
+ echo You must configure a community-list ;
+ exit 1 ;
+ fi ;
+ if [ -f /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID ]; then
+ routemap=`cat /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID`
+ rm -f /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID;
+ ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c "configure terminal" -c "$routemap " -c "no match community " ;
+ exit 0;
+ else
+ routemap='route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)';
+
+ # uncomment and replace the call to vyatta-check-typeless-node.pl pending bug 2525
+ #if [ -n "$VAR(./exact-match/)" ]; then
+ # cond="exact-match ";
+ #fi ;
+ ${vyatta_sbindir}/vyatta-check-typeless-node.pl "policy route-map $VAR(../../../@) rule $VAR(../../@) match community exact-match";
+ if [ $? -eq 0 ]; then
+ cond="exact-match ";
+ fi ;
+
+ ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c "configure terminal" -c "$routemap " -c "no match community " ;
+ ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c "$routemap " -c "match community $VAR(./community-list/@) $cond" ;
+ fi
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def
index d5a1a6d8..b9335c70 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def
@@ -2,6 +2,7 @@ type: u32
help: access-list number
commit:expression: $VAR(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) does not exist"
+commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)"
update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
-c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \
-c \"match ip address $VAR(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def
index 826af72f..c3ab9b28 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def
@@ -2,6 +2,7 @@ type: txt
help: prefix-list name
commit:expression: $VAR(../access-list/) == ""; "You can only specify a prefix-list or access-list"
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) does not exist"
+commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)"
update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
-c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \
-c \"match ip address prefix-list $VAR(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def
index 9a8daf82..6bcb4a3c 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def
@@ -2,6 +2,7 @@ type: u32
help: access-list number
commit:expression: $VAR(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) does not exist"
+commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)"
update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
-c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \
-c \"match ip next-hop $VAR(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def
index f4809ad2..346794ca 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def
@@ -2,6 +2,7 @@ type: txt
help: prefix-list name
commit:expression: $VAR(../access-list/) == ""; "You can only specify a prefix-list or access-list"
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) does not exist"
+commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)"
update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
-c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \
-c \"match ip next-hop prefix-list $VAR(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def
index 45fcbfdc..85bcf447 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def
@@ -2,6 +2,7 @@ type: u32
help: access-list number
commit:expression: $VAR(../prefix-list/) == ""; "You may only specify a prefix-list or access-list"
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) does not exist"
+commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)"
update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
-c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \
-c \"match ip route-source $VAR(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def
index f6c21378..2db6c602 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def
@@ -2,6 +2,7 @@ type: txt
help: prefix-list name
commit:expression: $VAR(../access-list/) == ""; "You can only specify a prefix-list or access-list"
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) does not exist"
+commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)"
update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \
-c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \
-c \"match ip route-source prefix-list $VAR(@)\" "
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def
index 5fd3eaae..eed327b9 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def
@@ -1,3 +1,3 @@
-type: txt
+type: u32
help: Set BGP community list
commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $VAR(@)\""; "community list $VAR(@) does not exist"
diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def
index f1e98001..0dea5ab1 100644
--- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def
+++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def
@@ -1,5 +1,6 @@
help: Set BGP community list
delete:expression: "touch /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-set-comm-list.$PPID"
+## this will always return delete pending bug 2525 being fixed
end:expression: "if [ -z \"$VAR(./comm-list/)\" ]; then \
echo You must configure a comm-list ; \
exit 1 ; \
diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def
deleted file mode 100644
index 673af92f..00000000
--- a/templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def
+++ /dev/null
@@ -1,12 +0,0 @@
-help: Disable the Address Family for this Neighbor
-commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $VAR(../../@) --neighbor $VAR(../@)"
-update:expression: "if [ -n \"$VAR(../remote-as/@)\" ]; then \
- peer=\"remote-as $VAR(../remote-as/@)\"; \
- else \
- peer=\"peer-group $VAR(../peer-group/@)\"; \
- fi; \
- ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"router bgp $VAR(../../@)\" \
- -c \"neighbor $VAR(../@) $peer\" \
- -c \"no neighbor $VAR(../@) activate \" "
-delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"router bgp $VAR(../../@)\" \
- -c \"neighbor $VAR(../@) activate \" "
diff --git a/templates/protocols/bgp/node.tag/network/node.def b/templates/protocols/bgp/node.tag/network/node.def
index acd2475b..c6061749 100644
--- a/templates/protocols/bgp/node.tag/network/node.def
+++ b/templates/protocols/bgp/node.tag/network/node.def
@@ -1,31 +1,31 @@
tag:
type: ipv4net
help: Specify a network to announce via BGP
-syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-prefix-boundry $VAR(@)"
+syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-prefix-boundry $VAR(@)";
+ "Prefix doesn't fall on a natural boundry"
-commit:expression: !($VAR(./backdoor/) != "" && $VAR(./route-map/) != ""); \
- "May specify route-map or backdoor but not both"
+commit:expression: !($VAR(./backdoor/) != "" && $VAR(./route-map/) != "");
+ "May specify route-map or backdoor but not both"
-delete:expression: "touch /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID"
+delete: touch /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID
-end:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -noerr \
- -c \"configure terminal\" \
- -c \"router bgp $VAR(../@)\" \
- -c \"no network $VAR(@)\"; \
- if [ -f \"/tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID\" ]; then \
- rm -rf /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID; \
- else \
-#
-# Commenting out until cli bug 2525 is fixed
-#
-# if [ -n \"$VAR(./backdoor/)\" ]; then
-# COND=\"backdoor\";
-# fi;
- if [ -n \"$VAR(./route-map/@)\" ]; then \
- COND=\"route-map $VAR(./route-map/@)\"; \
- fi; \
- ${vyatta_sbindir}/vyatta-vtysh.pl \
- -c \"configure terminal\" \
- -c \"router bgp $VAR(../@)\" \
- -c \"network $VAR(@) $COND\"; \
- fi; "
+end: ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c "configure terminal" -c "router bgp $VAR(../@)" -c "no network $VAR(@)";
+
+ if [ -f "/tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID" ]; then
+ rm -rf /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID;
+ else
+ # uncomment and replace the call to vyatta-check-typeless-node.pl pending bug 2525
+ #if [ -n \"$VAR(./backdoor/)\" ]; then
+ # COND=\"backdoor\";
+ #fi;
+ ${vyatta_sbindir}/vyatta-check-typeless-node.pl "protocols bgp $VAR(../@) network $VAR(@) backdoor";
+ if [ $? -eq 0 ]; then
+ cond="backdoor ";
+ fi ;
+
+ if [ -n "$VAR(./route-map/@)" ]; then
+ COND="route-map $VAR(./route-map/@)";
+ fi;
+
+ ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" -c "router bgp $VAR(../@)" -c "network $VAR(@) $cond";
+ fi;
diff --git a/templates/protocols/bgp/node.tag/network/node.tag/.backdoor/node.def b/templates/protocols/bgp/node.tag/network/node.tag/backdoor/node.def
index b7dc6950..b7dc6950 100644
--- a/templates/protocols/bgp/node.tag/network/node.tag/.backdoor/node.def
+++ b/templates/protocols/bgp/node.tag/network/node.tag/backdoor/node.def
diff --git a/templates/protocols/ospf/access-list/node.def b/templates/protocols/ospf/access-list/node.def
index 6ec0f65e..e806f106 100644
--- a/templates/protocols/ospf/access-list/node.def
+++ b/templates/protocols/ospf/access-list/node.def
@@ -1,4 +1,4 @@
tag:
-type: txt
+type: u32
commit:expression: $VAR(./export/) != ""; "must add protocol to filter"
-help: access-list to filter networks in routing updates
+help: Access-list to filter networks in routing updates