From 017493c2e93d04a52b5f0825bb8f8582111c49bb Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Tue, 13 Nov 2018 20:49:55 +0100 Subject: T1006: replace check_prefix_boundary with ipaddrcheck. --- src/.gitignore | 2 - src/check_prefix_boundary.c | 138 -------------------------------------------- 2 files changed, 140 deletions(-) delete mode 100644 src/.gitignore delete mode 100644 src/check_prefix_boundary.c diff --git a/src/.gitignore b/src/.gitignore deleted file mode 100644 index 1d995110..00000000 --- a/src/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -check_prefix_boundary -*.o diff --git a/src/check_prefix_boundary.c b/src/check_prefix_boundary.c deleted file mode 100644 index 5fa80d50..00000000 --- a/src/check_prefix_boundary.c +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Check format of network prefix - */ -#include -#include -#include -#include -#include -#include -#include -#include - -typedef struct -{ - uint8_t family; - uint8_t bytelen; - unsigned int plen; - uint32_t data[4]; -} inet_prefix; - -static void err(const char *fmt, ...) -{ - va_list ap; - - va_start(ap, fmt); - vfprintf(stderr, fmt, ap); - va_end(ap); - - exit(1); -} - -static void usage(void) -{ - fprintf(stderr, "Usage: check-prefix-boundary [-4|-6] address/prefix\n"); - exit(1); -} - -static void get_addr_1(inet_prefix *addr, const char *name, int family) -{ - memset(addr, 0, sizeof(*addr)); - - if (strchr(name, ':')) { - addr->family = AF_INET6; - addr->bytelen = 16; - if (family != AF_UNSPEC && family != AF_INET6) - err("IPV6 address not allowed\n"); - - if (inet_pton(AF_INET6, name, addr->data) <= 0) - err("Invalid IPV6 address: %s\n", name); - - return; - } - - addr->family = AF_INET; - addr->bytelen = 4; - if (family != AF_UNSPEC && family != AF_INET) - err("IPV4 address not allowed\n"); - - if (inet_pton(AF_INET, name, addr->data) <= 0) - err("Invalid IPV4 address: %s\n", name); - return; -} - -static void get_prefix_1(inet_prefix *dst, char *arg, int family) -{ - char *slash, *endp; - - memset(dst, 0, sizeof(*dst)); - - slash = strchr(arg, '/'); - if (!slash || slash[1] == '\0') - err("Missing prefix length\n"); - *slash = 0; - - get_addr_1(dst, arg, family); - - dst->plen = strtoul(slash+1, &endp, 0); - if (*endp != '\0') - err("Invalid character in prefix length\n"); - - if (dst->plen > 8 * dst->bytelen) - err("Prefix length is too large\n"); - - *slash = '/'; -} - -static void get_netmask(inet_prefix *msk, const inet_prefix *dst) -{ - int i, plen = dst->plen; - - memset(msk, 0, sizeof(*msk)); - msk->family = dst->family; - msk->bytelen = dst->bytelen; - - for (i = 0; plen > 0 && i < dst->bytelen / sizeof(uint32_t); i++) { - uint32_t m = (plen > 32) ? ~0 : htonl(~0 << (32 - plen)); - - msk->data[i] = dst->data[i] & m; - plen -= 32; - } -} - -int main(int argc, char **argv) -{ - int family = AF_UNSPEC; - - while (--argc) { - char *arg = *++argv; - inet_prefix dst, msk; - - if (arg[0] == '-') { - switch(arg[1]) { - case '4': - family = AF_INET; - break; - case '6': - family = AF_INET6; - break; - default: - usage(); - } - continue; - } - - get_prefix_1(&dst, arg, family); - get_netmask(&msk, &dst); - - if (memcmp(msk.data, dst.data, dst.bytelen) != 0) { - char buf[INET_ADDRSTRLEN]; - err("Prefix not on a natural network boundary." - "Did you mean %s?\n", - inet_ntop(msk.family, msk.data, buf, sizeof buf)); - } - - } - - return 0; -} -- cgit v1.2.3 From 41690fd4eeb365131da537f24cbc1904867b1d41 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Tue, 13 Nov 2018 21:20:23 +0100 Subject: T1006: replace all occurences of check_prefix_boundary with ipaddrcheck. --- Makefile.am | 2 -- .../bgp/node.tag/address-family/ipv4-unicast/aggregate-address/node.def | 2 +- .../protocols/bgp/node.tag/address-family/ipv4-unicast/network/node.def | 2 +- .../bgp/node.tag/address-family/ipv6-unicast/aggregate-address/node.def | 2 +- .../protocols/bgp/node.tag/address-family/ipv6-unicast/network/node.def | 2 +- templates/protocols/bgp/node.tag/parameters/distance/prefix/node.def | 2 +- templates/protocols/ospf/area/node.tag/network/node.def | 2 +- templates/protocols/ospf/area/node.tag/range/node.def | 2 +- .../protocols/ospf/area/node.tag/range/node.tag/substitute/node.def | 2 +- templates/protocols/ospfv3/area/node.tag/range/node.def | 2 +- templates/protocols/rip/network-distance/node.def | 2 +- templates/protocols/rip/network/node.def | 2 +- templates/protocols/rip/route/node.def | 2 +- templates/protocols/ripng/aggregate-address/node.def | 2 +- templates/protocols/ripng/network/node.def | 2 +- templates/protocols/ripng/route/node.def | 2 +- templates/protocols/static/interface-route/node.def | 2 +- templates/protocols/static/interface-route6/node.def | 2 +- templates/protocols/static/route/node.def | 2 +- templates/protocols/static/route6/node.def | 2 +- templates/protocols/static/table/node.tag/interface-route/node.def | 2 +- templates/protocols/static/table/node.tag/interface-route6/node.def | 2 +- templates/protocols/static/table/node.tag/route/node.def | 2 +- templates/protocols/static/table/node.tag/route6/node.def | 2 +- 24 files changed, 23 insertions(+), 25 deletions(-) diff --git a/Makefile.am b/Makefile.am index c1edf30f..ec9ca5fc 100644 --- a/Makefile.am +++ b/Makefile.am @@ -16,8 +16,6 @@ sbin_SCRIPTS += scripts/vyatta-update-static-route.pl bin_sudo_users_SCRIPTS = scripts/vyatta-static-dhcp.pl -sbin_PROGRAMS = src/check_prefix_boundary - share_perl5_DATA = lib/Vyatta/Quagga/Config.pm src_check_prefix_boundary = src/check_prefix_boundary.c diff --git a/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/aggregate-address/node.def b/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/aggregate-address/node.def index e03339ca..84b4222e 100644 --- a/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/aggregate-address/node.def +++ b/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/aggregate-address/node.def @@ -1,4 +1,4 @@ tag: type: ipv4net help: BGP aggregate network -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" diff --git a/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/network/node.def b/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/network/node.def index a1b6068c..1a86f394 100644 --- a/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/network/node.def +++ b/templates/protocols/bgp/node.tag/address-family/ipv4-unicast/network/node.def @@ -1,5 +1,5 @@ tag: type: ipv4net help: BGP network -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" commit:expression: !($VAR(./backdoor/) != "" && $VAR(./route-map/) != ""); "you may specify route-map or backdoor but not both" diff --git a/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/aggregate-address/node.def b/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/aggregate-address/node.def index a17bfe81..fa7a9ae4 100644 --- a/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/aggregate-address/node.def +++ b/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/aggregate-address/node.def @@ -2,4 +2,4 @@ tag: type: ipv6net help: BGP IPv6 aggregate network val_help: IPv6 aggregate network -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" diff --git a/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/network/node.def b/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/network/node.def index ad75e82b..41256748 100644 --- a/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/network/node.def +++ b/templates/protocols/bgp/node.tag/address-family/ipv6-unicast/network/node.def @@ -2,4 +2,4 @@ tag: type: ipv6net help: BGP IPv6 network val_help: IPv6 network -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" diff --git a/templates/protocols/bgp/node.tag/parameters/distance/prefix/node.def b/templates/protocols/bgp/node.tag/parameters/distance/prefix/node.def index ed1a6e05..10ffb85e 100644 --- a/templates/protocols/bgp/node.tag/parameters/distance/prefix/node.def +++ b/templates/protocols/bgp/node.tag/parameters/distance/prefix/node.def @@ -1,5 +1,5 @@ tag: type: ipv4net help: Administrative distance for a specific BGP prefix -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-any-net $VAR(@)" commit:expression: $VAR(./distance/) != ""; "you must set a route distance for this prefix" diff --git a/templates/protocols/ospf/area/node.tag/network/node.def b/templates/protocols/ospf/area/node.tag/network/node.def index 9422f008..ebf346db 100644 --- a/templates/protocols/ospf/area/node.tag/network/node.def +++ b/templates/protocols/ospf/area/node.tag/network/node.def @@ -1,7 +1,7 @@ multi: type: ipv4net help: OSPF network [REQUIRED] -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" create:vtysh -c "configure terminal" \ -c "router ospf" -c "network $VAR(@) area $VAR(../@)" delete:vtysh -c "configure terminal" \ diff --git a/templates/protocols/ospf/area/node.tag/range/node.def b/templates/protocols/ospf/area/node.tag/range/node.def index 94a90ed3..d29b775f 100644 --- a/templates/protocols/ospf/area/node.tag/range/node.def +++ b/templates/protocols/ospf/area/node.tag/range/node.def @@ -1,7 +1,7 @@ tag: type: ipv4net help: Summarize routes matching prefix (border routers only) -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" delete: touch /tmp/ospf-range.$PPID diff --git a/templates/protocols/ospf/area/node.tag/range/node.tag/substitute/node.def b/templates/protocols/ospf/area/node.tag/range/node.tag/substitute/node.def index f3a8e64d..b5ebba1d 100644 --- a/templates/protocols/ospf/area/node.tag/range/node.tag/substitute/node.def +++ b/templates/protocols/ospf/area/node.tag/range/node.tag/substitute/node.def @@ -1,3 +1,3 @@ type: ipv4net help: Announce area range as another prefix -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" diff --git a/templates/protocols/ospfv3/area/node.tag/range/node.def b/templates/protocols/ospfv3/area/node.tag/range/node.def index 4b594cd9..de886a72 100644 --- a/templates/protocols/ospfv3/area/node.tag/range/node.def +++ b/templates/protocols/ospfv3/area/node.tag/range/node.def @@ -1,7 +1,7 @@ tag: type: ipv6net help: Specify IPv6 prefix (border routers only) -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" delete: touch /tmp/ospf6-range.$PPID diff --git a/templates/protocols/rip/network-distance/node.def b/templates/protocols/rip/network-distance/node.def index 5430f67e..67d50ab7 100644 --- a/templates/protocols/rip/network-distance/node.def +++ b/templates/protocols/rip/network-distance/node.def @@ -1,7 +1,7 @@ tag: type: ipv4net help: Source network -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" commit:expression: $VAR(./distance/) != ""; "Must specify distance for network $VAR(@)" delete:expression: "touch /tmp/rip-dist.$PPID" end:expression: "if [ -n \"$VAR(./access-list/@)\" ]; then \ diff --git a/templates/protocols/rip/network/node.def b/templates/protocols/rip/network/node.def index 28f92307..59af0bd8 100644 --- a/templates/protocols/rip/network/node.def +++ b/templates/protocols/rip/network/node.def @@ -1,7 +1,7 @@ multi: type: ipv4net help: RIP network -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" create:expression: "vtysh -c \"configure terminal\" -c \"router rip\" \ -c \"network $VAR(@)\"; " delete:expression: "vtysh -c \"configure terminal\" -c \"router rip\" \ diff --git a/templates/protocols/rip/route/node.def b/templates/protocols/rip/route/node.def index f92b933f..cd43d891 100644 --- a/templates/protocols/rip/route/node.def +++ b/templates/protocols/rip/route/node.def @@ -1,7 +1,7 @@ multi: type: ipv4net help: RIP static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" create:expression: "vtysh -c \"configure terminal\" -c \"router rip\" \ -c \"route $VAR(@)\" " delete:expression: "vtysh -c \"configure terminal\" -c \"router rip\" \ diff --git a/templates/protocols/ripng/aggregate-address/node.def b/templates/protocols/ripng/aggregate-address/node.def index 9b8c90d1..811ed064 100644 --- a/templates/protocols/ripng/aggregate-address/node.def +++ b/templates/protocols/ripng/aggregate-address/node.def @@ -2,7 +2,7 @@ multi: type: ipv6net help: Aggregate RIPng route announcement -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" create: vtysh -c "configure terminal" \ -c "router ripng" \ diff --git a/templates/protocols/ripng/network/node.def b/templates/protocols/ripng/network/node.def index 158fa54c..058bcaec 100644 --- a/templates/protocols/ripng/network/node.def +++ b/templates/protocols/ripng/network/node.def @@ -2,7 +2,7 @@ multi: type: ipv6net help: RIPng network -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" create: vtysh -c "configure terminal" \ -c "router ripng" \ diff --git a/templates/protocols/ripng/route/node.def b/templates/protocols/ripng/route/node.def index 5c12110f..b88f31c3 100644 --- a/templates/protocols/ripng/route/node.def +++ b/templates/protocols/ripng/route/node.def @@ -2,7 +2,7 @@ multi: type: ipv6net help: RIPng static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" create: vtysh -c "configure terminal" \ -c "router ripng" \ diff --git a/templates/protocols/static/interface-route/node.def b/templates/protocols/static/interface-route/node.def index 73dd97a3..2b9d75ad 100644 --- a/templates/protocols/static/interface-route/node.def +++ b/templates/protocols/static/interface-route/node.def @@ -1,7 +1,7 @@ tag: type: ipv4net help: Interface based static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" commit:expression: $VAR(./next-hop-interface/) != "" ; \ "Must add a next-hop-interface for route $VAR(@)" diff --git a/templates/protocols/static/interface-route6/node.def b/templates/protocols/static/interface-route6/node.def index 0015e601..e823dbd6 100644 --- a/templates/protocols/static/interface-route6/node.def +++ b/templates/protocols/static/interface-route6/node.def @@ -1,7 +1,7 @@ tag: type: ipv6net help: Interface based IPv6 static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" commit:expression: $VAR(./next-hop-interface/) != "" ; \ "Must add a next-hop-interface for route $VAR(@)" diff --git a/templates/protocols/static/route/node.def b/templates/protocols/static/route/node.def index e46227e5..0d17bb4b 100644 --- a/templates/protocols/static/route/node.def +++ b/templates/protocols/static/route/node.def @@ -2,7 +2,7 @@ tag: priority: 482 type: ipv4net help: Static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" commit:expression: $VAR(./next-hop/) != "" || $VAR(./blackhole/) != "" || $VAR(./dhcp-interface/) != ""; \ "Must add either a next-hop or blackhole or dhcp-interface for route $VAR(@)" diff --git a/templates/protocols/static/route6/node.def b/templates/protocols/static/route6/node.def index de3f1cd8..597578a4 100644 --- a/templates/protocols/static/route6/node.def +++ b/templates/protocols/static/route6/node.def @@ -1,7 +1,7 @@ tag: type: ipv6net help: Static IPv6 route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" commit:expression: $VAR(./next-hop/) != "" || $VAR(./blackhole/) != ""; \ "Must add either a next-hop or blackhole for route $VAR(@)" diff --git a/templates/protocols/static/table/node.tag/interface-route/node.def b/templates/protocols/static/table/node.tag/interface-route/node.def index 73dd97a3..2b9d75ad 100644 --- a/templates/protocols/static/table/node.tag/interface-route/node.def +++ b/templates/protocols/static/table/node.tag/interface-route/node.def @@ -1,7 +1,7 @@ tag: type: ipv4net help: Interface based static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" commit:expression: $VAR(./next-hop-interface/) != "" ; \ "Must add a next-hop-interface for route $VAR(@)" diff --git a/templates/protocols/static/table/node.tag/interface-route6/node.def b/templates/protocols/static/table/node.tag/interface-route6/node.def index 0015e601..e823dbd6 100644 --- a/templates/protocols/static/table/node.tag/interface-route6/node.def +++ b/templates/protocols/static/table/node.tag/interface-route6/node.def @@ -1,7 +1,7 @@ tag: type: ipv6net help: Interface based IPv6 static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" commit:expression: $VAR(./next-hop-interface/) != "" ; \ "Must add a next-hop-interface for route $VAR(@)" diff --git a/templates/protocols/static/table/node.tag/route/node.def b/templates/protocols/static/table/node.tag/route/node.def index e86812db..85e75fe7 100644 --- a/templates/protocols/static/table/node.tag/route/node.def +++ b/templates/protocols/static/table/node.tag/route/node.def @@ -1,7 +1,7 @@ tag: type: ipv4net help: Static route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv4-net $VAR(@)" commit:expression: $VAR(./next-hop/) != "" || $VAR(./blackhole/) != "" || $VAR(./dhcp-interface/) != ""; \ "Must add either a next-hop or blackhole or dhcp-interface for route $VAR(@)" diff --git a/templates/protocols/static/table/node.tag/route6/node.def b/templates/protocols/static/table/node.tag/route6/node.def index de3f1cd8..597578a4 100644 --- a/templates/protocols/static/table/node.tag/route6/node.def +++ b/templates/protocols/static/table/node.tag/route6/node.def @@ -1,7 +1,7 @@ tag: type: ipv6net help: Static IPv6 route -syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +syntax:expression: exec "ipaddrcheck --verbose --is-ipv6-net $VAR(@)" commit:expression: $VAR(./next-hop/) != "" || $VAR(./blackhole/) != ""; \ "Must add either a next-hop or blackhole for route $VAR(@)" -- cgit v1.2.3 From eca1842c10541f59f3bebe603651cad2ca8eccb2 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Tue, 13 Nov 2018 21:20:51 +0100 Subject: T1006: set the architecture to 'all' since this package has no architecture-dependent files anymore. --- debian/control | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/debian/control b/debian/control index e5a3f34a..c15e220d 100644 --- a/debian/control +++ b/debian/control @@ -6,7 +6,7 @@ Build-Depends: debhelper (>= 5), autotools-dev, automake, autoconf, cpio Standards-Version: 3.7.2 Package: vyatta-cfg-quagga -Architecture: any +Architecture: all Depends: sed (>= 4.1.5), perl (>= 5.8.8), procps (>= 1:3.2.7-3), @@ -15,7 +15,8 @@ Depends: sed (>= 4.1.5), vyatta-cfg-system (>= 0.19.125), libc6 (>= 2.7-6), vyatta-bash | bash (>= 3.1), - frr (>= 6.1) + frr (>= 6.1), + ipaddrcheck (>=1.1) Suggests: util-linux (>= 2.13-5), net-tools, ethtool, -- cgit v1.2.3 From c3fa5fd1e8cc670afaa73fedd75ceba758d307f3 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sun, 18 Nov 2018 13:21:08 +0100 Subject: T941: add "interface" option to enable using IPv6 link-local peer addresses. --- scripts/bgp/vyatta-bgp.pl | 4 ++++ templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def | 2 ++ 2 files changed, 6 insertions(+) create mode 100644 templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 31f97dea..522a0788 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -494,6 +494,10 @@ my %qcom = ( set => 'router bgp #3 ; neighbor #5 remote-as #7 ; neighbor #5 activate', del => 'router bgp #3 ; no neighbor #5 remote-as #7', }, + 'protocols bgp var neighbor var interface' => { + set => 'router bgp #3 ; neighbor #5 interface #7', + del => 'router bgp #3 ; no neighbor #5 interface #7', + }, 'protocols bgp var neighbor var disable-capability-negotiation' => { set => 'router bgp #3 ; neighbor #5 dont-capability-negotiate', del => 'router bgp #3 ; no neighbor #5 dont-capability-negotiate', diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def new file mode 100644 index 00000000..4f49f816 --- /dev/null +++ b/templates/protocols/bgp/node.tag/neighbor/node.tag/interface/node.def @@ -0,0 +1,2 @@ +type: txt +help: Network interface to use for the BGP session -- cgit v1.2.3 From 7d8ac201a990be7664ec79d27c85076fdd079f85 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sun, 18 Nov 2018 15:21:45 +0100 Subject: T799: remove a workaround for FRR#3215, it's not possible to delete a community-list at once The problem still exists for extcommunity-lists. --- scripts/policy/vyatta-policy.pl | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/scripts/policy/vyatta-policy.pl b/scripts/policy/vyatta-policy.pl index 7d3edb58..23cf93ca 100755 --- a/scripts/policy/vyatta-policy.pl +++ b/scripts/policy/vyatta-policy.pl @@ -117,11 +117,7 @@ sub update_community_list { # remove the old rule if ( is_community_list($num) ) { - my $clist = `$VTYSH -c \"show ip community-list $num\" | grep -v \"access list $num\"`; - my @oldrules = split(/\n/, $clist); - foreach my $oldrule (@oldrules) { - system("$VTYSH -c \"conf t\" -c \"no bgp community-list expanded $num $oldrule\""); - } + system("$VTYSH -c \"conf t\" -c \"no bgp community-list expanded $num\""); } $config->setLevel("policy community-list $num rule"); -- cgit v1.2.3 From b044a897acb35c31df7756e3d6d0c70bb2aab9da Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sun, 25 Nov 2018 21:11:28 +0100 Subject: T981: disallow decimal area notation in OSPFv3 since neither FRR no Quagga support it. --- scripts/vyatta_quagga_utils.pl | 17 ++++++++++++++++- templates/protocols/ospfv3/area/node.def | 2 +- 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/scripts/vyatta_quagga_utils.pl b/scripts/vyatta_quagga_utils.pl index df263a08..ffeeaa04 100755 --- a/scripts/vyatta_quagga_utils.pl +++ b/scripts/vyatta_quagga_utils.pl @@ -6,7 +6,7 @@ use Vyatta::Misc; use NetAddr::IP; use Getopt::Long; -my ( $prefix, $exists, $not_exists, $area, $community, $passive ); +my ( $prefix, $exists, $not_exists, $area, $area6, $community, $passive ); # Allowed well-know community values (see set commuinity) my %communities = ( @@ -23,6 +23,7 @@ GetOptions( "not-exists=s" => \$not_exists, "exists=s" => \$exists, "check-ospf-area=s" => \$area, + "check-ospfv3-area=s" => \$area6, "check-community" => \$community, "check-ospf-passive=s" => \$passive, ); @@ -31,6 +32,7 @@ check_community(@ARGV) if ($community); check_prefix_boundry($prefix) if ($prefix); check_not_exists($not_exists) if ($not_exists); check_exists($exists) if ($exists); +check_ospfv3_area($area6) if ($area6); check_ospf_area($area) if ($area); check_ospf_passive($passive) if ($passive); @@ -88,6 +90,19 @@ sub check_ospf_area { die "Invalid OSPF area: $area\n"; } +sub check_ospfv3_area { + my $area = shift; + + if ( $area =~ m/^(\d+)\.(\d+)\.(\d+)\.(\d+)$/ ) { + foreach my $octet ( $1, $2, $3, $4 ) { + if ( ( $octet < 0 ) || ( $octet > 255 ) ) { exit 1; } + } + exit 0; + } + + die "Invalid OSPF area: $area. Only dotted decimal notation is allowed.\n"; +} + sub check_community { foreach my $arg (@_) { next if ($arg =~ /\d+:\d+/); diff --git a/templates/protocols/ospfv3/area/node.def b/templates/protocols/ospfv3/area/node.def index 73750abb..56e42038 100644 --- a/templates/protocols/ospfv3/area/node.def +++ b/templates/protocols/ospfv3/area/node.def @@ -1,6 +1,6 @@ tag: type: txt help: OSPFv3 Area -syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-ospf-area $VAR(@)"; "Invalid OSFPv3 area \"$VAR(@)\" " +syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-ospfv3-area $VAR(@)"; "Invalid OSFPv3 area \"$VAR(@)\" " val_help: u32; OSPFv3 area in decimal notation val_help: ipv4; OSPFv3 area in dotted decimal notation -- cgit v1.2.3 From 7be3368205b44ffb57342424a8ec54457e832156 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sun, 25 Nov 2018 22:08:52 +0100 Subject: T1034: fix the ipv4-unicast redistribute ospf command. Turns our the code is sensitive to extra spaces. --- scripts/bgp/vyatta-bgp.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 522a0788..7431405c 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -170,7 +170,7 @@ my %qcom = ( del => 'router bgp #3 ; address-family ipv4 unicast ; no redistribute kernel', noerr => 'set', }, - 'protocols bgp var address-family ipv4-unicast redistribute ospf' => { + 'protocols bgp var address-family ipv4-unicast redistribute ospf' => { set => 'router bgp #3 ; address-family ipv4 unicast ; no redistribute ospf ; redistribute ospf ?route-map ?metric', del => 'router bgp #3 ; address-family ipv4 unicast ; no redistribute ospf', noerr => 'set', -- cgit v1.2.3 From 83e483b9bea55cefc281fd417173427235b24a36 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Sun, 16 Dec 2018 15:59:27 +0100 Subject: T1063: add wireguard to interface template generator. --- debian/vyatta-cfg-quagga.install | 1 + gen-interface-templates.pl | 1 + 2 files changed, 2 insertions(+) diff --git a/debian/vyatta-cfg-quagga.install b/debian/vyatta-cfg-quagga.install index b8b66da3..8bb25cc1 100644 --- a/debian/vyatta-cfg-quagga.install +++ b/debian/vyatta-cfg-quagga.install @@ -17,3 +17,4 @@ opt/vyatta/share/vyatta-cfg/templates/interfaces/wirelessmodem opt/vyatta/share/vyatta-cfg/templates/interfaces/dummy opt/vyatta/share/vyatta-cfg/templates/interfaces/l2tpv3 opt/vyatta/share/vyatta-cfg/templates/interfaces/vxlan +opt/vyatta/share/vyatta-cfg/templates/interfaces/wireguard diff --git a/gen-interface-templates.pl b/gen-interface-templates.pl index 6573937d..ef8c0a3a 100755 --- a/gen-interface-templates.pl +++ b/gen-interface-templates.pl @@ -54,6 +54,7 @@ my %interface_hash = ( 'dummy/node.tag' => '$VAR(@)', 'l2tpv3/node.tag' => '$VAR(@)', 'vxlan/node.tag' => '$VAR(@)', + 'wireguard/node.tag' => '$VAR(@)', ); # Hash table to check if the priority needs to set @ root -- cgit v1.2.3