From 49be1d412287ba9b18e1561da34df11a131facb6 Mon Sep 17 00:00:00 2001
From: Robert Bays <robert@vyatta.com>
Date: Tue, 26 Jun 2012 13:33:49 -0700
Subject: initial checkin for pbr functionality

---
 templates/protocols/static/table/node.def          |  5 +++
 .../static/table/node.tag/interface-route/node.def |  7 ++++
 .../node.tag/next-hop-interface/node.def           | 34 +++++++++++++++++++
 .../next-hop-interface/node.tag/disable/node.def   |  1 +
 .../next-hop-interface/node.tag/distance/node.def  |  4 +++
 .../protocols/static/table/node.tag/route/node.def |  7 ++++
 .../route/node.tag/blackhole/distance/node.def     |  4 +++
 .../node.tag/route/node.tag/blackhole/node.def     | 22 +++++++++++++
 .../node.tag/route/node.tag/next-hop/node.def      | 38 ++++++++++++++++++++++
 .../node.tag/next-hop/node.tag/disable/node.def    |  1 +
 .../node.tag/next-hop/node.tag/distance/node.def   |  4 +++
 11 files changed, 127 insertions(+)
 create mode 100644 templates/protocols/static/table/node.def
 create mode 100644 templates/protocols/static/table/node.tag/interface-route/node.def
 create mode 100644 templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.def
 create mode 100644 templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/disable/node.def
 create mode 100644 templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/distance/node.def
 create mode 100644 templates/protocols/static/table/node.tag/route/node.def
 create mode 100644 templates/protocols/static/table/node.tag/route/node.tag/blackhole/distance/node.def
 create mode 100644 templates/protocols/static/table/node.tag/route/node.tag/blackhole/node.def
 create mode 100644 templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.def
 create mode 100644 templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/disable/node.def
 create mode 100644 templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/distance/node.def

diff --git a/templates/protocols/static/table/node.def b/templates/protocols/static/table/node.def
new file mode 100644
index 00000000..3f639363
--- /dev/null
+++ b/templates/protocols/static/table/node.def
@@ -0,0 +1,5 @@
+tag:
+type: u32
+help: Policy route table number
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 250; "Must be between (1-250)"
+val_help: u32:1-250; Policy route table number
diff --git a/templates/protocols/static/table/node.tag/interface-route/node.def b/templates/protocols/static/table/node.tag/interface-route/node.def
new file mode 100644
index 00000000..73dd97a3
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/interface-route/node.def
@@ -0,0 +1,7 @@
+tag:
+type: ipv4net
+help: Interface based static route
+syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)"
+
+commit:expression: $VAR(./next-hop-interface/) != "" ; \
+       "Must add a next-hop-interface for route $VAR(@)"
diff --git a/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.def b/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.def
new file mode 100644
index 00000000..255e572d
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.def
@@ -0,0 +1,34 @@
+tag:
+type: txt
+help: Next-hop interface [REQUIRED]
+# show all current interface
+# but syntax accepts any interface since it may exist later (ppp etc)
+allowed: ${vyatta_sbindir}/vyatta-interfaces.pl --show all
+
+
+end:
+  if [[ -n "$VAR(../../../table/@)" ]]
+  then
+    table="table $VAR(../../../table/@)"
+  fi
+  if [[ -z "$VAR(./disable)" ]]
+  then
+    if [[ ${COMMIT_ACTION} = 'DELETE' ]]
+    then
+      if ! ${vyatta_sbindir}/vyatta-next-hop-check $VAR(../@) ipv4 interface; then
+        exit 1;
+      fi
+      vtysh -c "configure terminal" \
+                   -c "no ip route $VAR(../@) $VAR(@) $table"
+    else
+      if [[ -n "$VAR(./distance/@)" ]]
+      then
+        dist="$VAR(./distance/@)"
+      fi
+      vtysh -c "configure terminal" \
+                   -c "ip route $VAR(../@) $VAR(@) $table $dist";
+    fi
+  else
+      vtysh -c "configure terminal" \
+                   -c "no ip route $VAR(../@) $VAR(@) $table"
+  fi
diff --git a/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/disable/node.def b/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/disable/node.def
new file mode 100644
index 00000000..92f2ba51
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/disable/node.def
@@ -0,0 +1 @@
+help: Disable IPv4 interface static route
diff --git a/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/distance/node.def b/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/distance/node.def
new file mode 100644
index 00000000..61abcc65
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/interface-route/node.tag/next-hop-interface/node.tag/distance/node.def
@@ -0,0 +1,4 @@
+type: u32
+help: Distance value for this route
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 255; "Must be between (1-255)"
+val_help: u32:1-255; Distance for this route
diff --git a/templates/protocols/static/table/node.tag/route/node.def b/templates/protocols/static/table/node.tag/route/node.def
new file mode 100644
index 00000000..682ca944
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/route/node.def
@@ -0,0 +1,7 @@
+tag:
+type: ipv4net
+help: Static route
+syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)"
+
+commit:expression: $VAR(./next-hop/) != "" || $VAR(./blackhole/) != ""; \
+                   "Must add either a next-hop or blackhole for route $VAR(@)"
diff --git a/templates/protocols/static/table/node.tag/route/node.tag/blackhole/distance/node.def b/templates/protocols/static/table/node.tag/route/node.tag/blackhole/distance/node.def
new file mode 100644
index 00000000..61abcc65
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/route/node.tag/blackhole/distance/node.def
@@ -0,0 +1,4 @@
+type: u32
+help: Distance value for this route
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 255; "Must be between (1-255)"
+val_help: u32:1-255; Distance for this route
diff --git a/templates/protocols/static/table/node.tag/route/node.tag/blackhole/node.def b/templates/protocols/static/table/node.tag/route/node.tag/blackhole/node.def
new file mode 100644
index 00000000..06dbe5ae
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/route/node.tag/blackhole/node.def
@@ -0,0 +1,22 @@
+help: Silently discard pkts when matched
+
+end:
+    if [[ -n "$VAR(../../../table/@)" ]]
+      then
+      table="table $VAR(../../../table/@)"
+    fi
+    if [ ${COMMIT_ACTION} = 'DELETE' ]; then
+      if ! ${vyatta_sbindir}/vyatta-next-hop-check $VAR(../@) ipv4 address; then
+        exit 1;
+      fi
+
+      vtysh -c "configure terminal" \
+                    -c "no ip route $VAR(../@) null0 $table";
+     else
+       if [ -n "$VAR(./distance/@)" ]; then
+         dist="$VAR(./distance/@)";
+       fi;
+
+       vtysh -c "configure terminal" \
+                    -c "ip route $VAR(../@) null0 $table $dist";
+     fi;
diff --git a/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.def b/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.def
new file mode 100644
index 00000000..5fb54a8b
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.def
@@ -0,0 +1,38 @@
+tag:
+type: ipv4
+help: Next-hop router [REQUIRED]
+end:
+  if [[ -n "$VAR(../../../table/@)" ]]
+  then
+    table="table $VAR(../../../table/@)"
+  fi
+  if [[ -z "$VAR(./disable)" ]]
+  then
+    if [[ ${COMMIT_ACTION} = 'DELETE' ]]
+    then
+      if ! ${vyatta_sbindir}/vyatta-next-hop-check $VAR(../@) ipv4 address; then
+        exit 1;
+      fi
+      if ${vyatta_sbindir}/vyatta-gateway-static_route-check.pl \
+          "$VAR(../@)" "$VAR(@)"
+      then
+        vtysh -c "configure terminal" \
+                     -c "no ip route $VAR(../@) $VAR(@) $table"
+      fi
+    else
+      if [[ -n "$VAR(./distance/@)" ]]
+      then
+                    dist="$VAR(./distance/@)"
+      fi
+            vtysh -c "configure terminal" \
+                   -c "ip route $VAR(../@) $VAR(@) $table $dist";
+    fi
+  else
+    if ${vyatta_sbindir}/vyatta-gateway-static_route-check.pl \
+        "$VAR(../@)" "$VAR(@)"
+    then
+      vtysh -c "configure terminal" \
+                   -c "no ip route $VAR(../@) $VAR(@) $table"
+    fi
+  fi
+
diff --git a/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/disable/node.def b/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/disable/node.def
new file mode 100644
index 00000000..de3afda4
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/disable/node.def
@@ -0,0 +1 @@
+help: Disable IPv4 next-hop static route
diff --git a/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/distance/node.def b/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/distance/node.def
new file mode 100644
index 00000000..61abcc65
--- /dev/null
+++ b/templates/protocols/static/table/node.tag/route/node.tag/next-hop/node.tag/distance/node.def
@@ -0,0 +1,4 @@
+type: u32
+help: Distance value for this route
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 255; "Must be between (1-255)"
+val_help: u32:1-255; Distance for this route
-- 
cgit v1.2.3


From 376c272c53c65468983b396307cb535af31a988c Mon Sep 17 00:00:00 2001
From: Robert Bays <robert@vyatta.com>
Date: Tue, 26 Jun 2012 15:46:14 -0700
Subject: move policy priority tag to each policy type

---
 templates/policy/access-list/node.def    | 1 +
 templates/policy/access-list6/node.def   | 1 +
 templates/policy/as-path-list/node.def   | 1 +
 templates/policy/community-list/node.def | 1 +
 templates/policy/node.def                | 1 -
 templates/policy/prefix-list/node.def    | 1 +
 templates/policy/prefix-list6/node.def   | 1 +
 templates/policy/route-map/node.def      | 1 +
 8 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/templates/policy/access-list/node.def b/templates/policy/access-list/node.def
index 92323da0..173acf0d 100644
--- a/templates/policy/access-list/node.def
+++ b/templates/policy/access-list/node.def
@@ -1,4 +1,5 @@
 tag:
+priority: 470
 type: u32
 help: IP access-list filter
 syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 199) || ($VAR(@) >= 1300 && $VAR(@) <= 2699); \
diff --git a/templates/policy/access-list6/node.def b/templates/policy/access-list6/node.def
index 7ddb65ac..c9323c70 100644
--- a/templates/policy/access-list6/node.def
+++ b/templates/policy/access-list6/node.def
@@ -1,4 +1,5 @@
 tag:
+priority: 470
 type: txt
 help: IPv6 access-list filter
 val_help: Name of IPv6 access-list
diff --git a/templates/policy/as-path-list/node.def b/templates/policy/as-path-list/node.def
index 96a616a6..faa1268c 100644
--- a/templates/policy/as-path-list/node.def
+++ b/templates/policy/as-path-list/node.def
@@ -1,4 +1,5 @@
 tag:
+priority: 470
 type: txt
 help: Border Gateway Protocol (BGP) autonomous system path filter
 val_help: AS path list name
diff --git a/templates/policy/community-list/node.def b/templates/policy/community-list/node.def
index bf41b6a1..5d4dc0bb 100644
--- a/templates/policy/community-list/node.def
+++ b/templates/policy/community-list/node.def
@@ -1,4 +1,5 @@
 tag:
+priority: 470
 type: u32
 help: Border Gateway Protocol (BGP) community-list filter
 
diff --git a/templates/policy/node.def b/templates/policy/node.def
index 837ff6be..2dfa390f 100644
--- a/templates/policy/node.def
+++ b/templates/policy/node.def
@@ -1,2 +1 @@
-priority: 470
 help: Routing policy
diff --git a/templates/policy/prefix-list/node.def b/templates/policy/prefix-list/node.def
index 3b1f2a20..bdf9dcec 100644
--- a/templates/policy/prefix-list/node.def
+++ b/templates/policy/prefix-list/node.def
@@ -1,4 +1,5 @@
 tag:
+priority: 470
 type: txt
 help: IP prefix-list filter
 val_help: Prefix list name
diff --git a/templates/policy/prefix-list6/node.def b/templates/policy/prefix-list6/node.def
index 0dd244ca..effbbbf2 100644
--- a/templates/policy/prefix-list6/node.def
+++ b/templates/policy/prefix-list6/node.def
@@ -1,4 +1,5 @@
 tag:
+priority: 470
 type: txt
 help: IPv6 prefix-list filter
 val_help: Prefix list name
diff --git a/templates/policy/route-map/node.def b/templates/policy/route-map/node.def
index b2fa6b8c..1a3fd8b7 100644
--- a/templates/policy/route-map/node.def
+++ b/templates/policy/route-map/node.def
@@ -1,4 +1,5 @@
 tag:
+priority: 470
 type: txt
 help: IP route-map
 val_help: Route map name
-- 
cgit v1.2.3


From 4c7b6b48402a203c13a716a7cb8ac772055191c3 Mon Sep 17 00:00:00 2001
From: Robert Bays <robert@vyatta.com>
Date: Wed, 5 Sep 2012 14:25:48 -0700
Subject: 0.18.154

---
 debian/changelog | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 752cdfde..47f67a01 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+vyatta-cfg-quagga (0.18.154) unstable; urgency=low
+
+  * initial checkin for pbr functionality
+  * move policy priority tag to each policy type
+
+ -- Robert Bays <robert@vyatta.com>  Wed, 05 Sep 2012 14:25:48 -0700
+
 vyatta-cfg-quagga (0.18.153) unstable; urgency=low
 
   * Bugfix 8217: VTI: add routing cfg commands under interfaces vti
-- 
cgit v1.2.3


From bbe11c30bad5707503e246c4c28a851df347c736 Mon Sep 17 00:00:00 2001
From: Robert Bays <robert@vyatta.com>
Date: Wed, 5 Sep 2012 15:34:20 -0700
Subject: reserve tables for future use

---
 templates/protocols/static/table/node.def | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/templates/protocols/static/table/node.def b/templates/protocols/static/table/node.def
index 3f639363..86ec8a44 100644
--- a/templates/protocols/static/table/node.def
+++ b/templates/protocols/static/table/node.def
@@ -1,5 +1,5 @@
 tag:
 type: u32
 help: Policy route table number
-syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 250; "Must be between (1-250)"
-val_help: u32:1-250; Policy route table number
+syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 200; "Must be between (1-200)"
+val_help: u32:1-200; Policy route table number
-- 
cgit v1.2.3


From 5588a6fb0aa332ac94df5f2879cab7fbde571aca Mon Sep 17 00:00:00 2001
From: Robert Bays <robert@vyatta.com>
Date: Wed, 5 Sep 2012 15:34:37 -0700
Subject: 0.18.155

---
 debian/changelog | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 47f67a01..3b6795be 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+vyatta-cfg-quagga (0.18.155) unstable; urgency=low
+
+  * reserve tables for future use
+
+ -- Robert Bays <robert@vyatta.com>  Wed, 05 Sep 2012 15:34:37 -0700
+
 vyatta-cfg-quagga (0.18.154) unstable; urgency=low
 
   * initial checkin for pbr functionality
-- 
cgit v1.2.3