From 456422fdc7c0cbe84ab837cba8f47270c0e75ad5 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Mon, 10 Mar 2008 23:11:17 -0700 Subject: fix for bugs 2541, 2888, 2676 --- scripts/policy/vyatta-policy.pl | 24 ++++++++++++++++++++++ templates/policy/route-map/node.tag/rule/node.def | 9 ++++---- .../node.tag/rule/node.tag/action/node.def | 10 ++++++--- .../rule/node.tag/match/community/node.def | 1 + .../node.tag/rule/node.tag/set/comm-list/node.def | 1 + 5 files changed, 38 insertions(+), 7 deletions(-) diff --git a/scripts/policy/vyatta-policy.pl b/scripts/policy/vyatta-policy.pl index 51aa163a..b47d9c96 100755 --- a/scripts/policy/vyatta-policy.pl +++ b/scripts/policy/vyatta-policy.pl @@ -9,12 +9,14 @@ GetOptions("update-access-list=s" => \$accesslist, "update-aspath-list=s" => \$aspathlist, "update-community-list=s" => \$communitylist, "check-peer-syntax=s" => \$peer, + "check-routemap-action=s" => \$routemap, ); if (defined $accesslist) { update_access_list($accesslist); } if (defined $aspathlist) { update_as_path($aspathlist); } if (defined $communitylist) { update_community_list($communitylist); } if (defined $peer) { check_peer_syntax($peer); } +if (defined $routemap) { check_routemap_action($routemap); } exit 0; @@ -209,3 +211,25 @@ sub update_access_list() { exit 0; } +## check_routemap_action +# check if the action has been changed since the last commit. +# we need to do this because quagga will wipe the entire config if +# the action is changed. +# $1 = policy route-map rule +sub check_routemap_action() { + my $routemap = shift; + my $config = new VyattaConfig; + + my $action = $config->setLevel("$routemap"); + my $origvalue = $config->returnOrigValue(); + if ($origvalue) { + my $value = $config->returnValue(); + if ("$value" ne "$origvalue") { + print "You can not change the action for $routemap.\n"; + print "To change the action you must first delete the rule and commit it.\n\n"; + exit 1; + } + } + + exit 0; +} diff --git a/templates/policy/route-map/node.tag/rule/node.def b/templates/policy/route-map/node.tag/rule/node.def index c3079f54..7b96dd0d 100644 --- a/templates/policy/route-map/node.tag/rule/node.def +++ b/templates/policy/route-map/node.tag/rule/node.def @@ -2,7 +2,8 @@ tag: type: u32 help: Specify route-map rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "route-map $VAR(../@): rule number $VAR(@) must be between 1 and 65535" -end:expression: "if [ -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ]; then \ - ${vyatta_sbindir}/vyatta-policy-action-verify.pl $VAR(../@) $VAR(@) $( cat /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ); \ - fi" - +delete:expression: "if [ -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ]; then \ + ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ + -c \"no route-map $VAR(../@) $VAR(./@/action/@) $VAR(@)\"; \ + rm -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@); \ + fi" diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def index 83e092e8..1fcc4a8c 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def @@ -1,7 +1,11 @@ type: txt help: Action to take on prefixes matching this rule syntax:expression: $VAR(@) in "permit", "deny"; "route-map $VAR(../../@) $VAR(@) $VAR(../@) action: must be permit or deny" -update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\" " -update:expression: exec "sudo rm -f /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@) 2>/dev/null" +update:expression: "/opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action \"policy route-map $VAR(../../@) rule $VAR(../@) action\"; \ + if [ \"$?\" -eq \"0\" ]; then \ + ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\"; \ + else \ + exit 1; \ + fi ; " delete:expression: exec "sudo echo $VAR(@) > /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@)" - +# note: delete is handled by parent 'rule' node because the action is required for a route-map in quagga diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def index 29298fac..e7ff7a0f 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def @@ -1,5 +1,6 @@ help: Match BGP community list delete:expression: "touch /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID" +## this will always return exact-match pending bug 2525 being fixed end:expression: "if [ -z \"$VAR(./community-list/)\" ]; then \ echo You must configure a community-list ; \ exit 1 ; \ diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def index f1e98001..0dea5ab1 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/node.def @@ -1,5 +1,6 @@ help: Set BGP community list delete:expression: "touch /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-set-comm-list.$PPID" +## this will always return delete pending bug 2525 being fixed end:expression: "if [ -z \"$VAR(./comm-list/)\" ]; then \ echo You must configure a comm-list ; \ exit 1 ; \ -- cgit v1.2.3 From f97e8ee8ac983a8f404e60f99693b6aed58837c9 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Mon, 10 Mar 2008 23:32:51 -0700 Subject: fix for bug 2713 --- scripts/bgp/vyatta-bgp.pl | 7 +++++++ templates/policy/route-map/node.tag/rule/node.tag/action/node.def | 3 ++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index 059ce1a5..bf29a56e 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -36,6 +36,13 @@ sub check_peer_name() { print "malformed neighbor address $neighbor\n"; exit 1; } + + # Quagga treats the first byte as a potential IPv6 address + # so we can't use it as a peer group name. So let's check for it. + if (/^[A-Ga-g]{1,4}$/) { + print "malformed neighbor address $neighbor\n"; + exit 1; + } } # Make sure we aren't deleteing a peer-group that has diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def index 1fcc4a8c..2c6557eb 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def @@ -1,11 +1,12 @@ type: txt help: Action to take on prefixes matching this rule syntax:expression: $VAR(@) in "permit", "deny"; "route-map $VAR(../../@) $VAR(@) $VAR(../@) action: must be permit or deny" +# we need to check if the action has been changed since the previous commit update:expression: "/opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action \"policy route-map $VAR(../../@) rule $VAR(../@) action\"; \ if [ \"$?\" -eq \"0\" ]; then \ ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\"; \ else \ exit 1; \ fi ; " -delete:expression: exec "sudo echo $VAR(@) > /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@)" # note: delete is handled by parent 'rule' node because the action is required for a route-map in quagga +delete:expression: exec "sudo echo $VAR(@) > /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@)" -- cgit v1.2.3 From a751288a698709ca97bc897d0cb4a33382a1159e Mon Sep 17 00:00:00 2001 From: Arthur Xiong Date: Tue, 11 Mar 2008 17:57:46 -0700 Subject: Change the type from "txt" to "u32" for "protocols ospf access-list <>" --- templates/protocols/ospf/access-list/node.def | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/protocols/ospf/access-list/node.def b/templates/protocols/ospf/access-list/node.def index 6ec0f65e..e806f106 100644 --- a/templates/protocols/ospf/access-list/node.def +++ b/templates/protocols/ospf/access-list/node.def @@ -1,4 +1,4 @@ tag: -type: txt +type: u32 commit:expression: $VAR(./export/) != ""; "must add protocol to filter" -help: access-list to filter networks in routing updates +help: Access-list to filter networks in routing updates -- cgit v1.2.3 From 8a3b25bcf8f6e2b866c6f03d5b3af2b50197b2a7 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Tue, 11 Mar 2008 22:00:52 -0700 Subject: fixes for bugs 2713, 2541, 2888, 2676 --- scripts/policy/vyatta-policy.pl | 22 +++++++++++-- templates/policy/route-map/node.tag/rule/node.def | 9 +++--- .../node.tag/rule/node.tag/action/node.def | 26 +++++++++------ .../rule/node.tag/match/community/node.def | 37 +++++++++++----------- 4 files changed, 59 insertions(+), 35 deletions(-) diff --git a/scripts/policy/vyatta-policy.pl b/scripts/policy/vyatta-policy.pl index b47d9c96..e840271e 100755 --- a/scripts/policy/vyatta-policy.pl +++ b/scripts/policy/vyatta-policy.pl @@ -10,6 +10,7 @@ GetOptions("update-access-list=s" => \$accesslist, "update-community-list=s" => \$communitylist, "check-peer-syntax=s" => \$peer, "check-routemap-action=s" => \$routemap, + "check-delete-routemap-action=s" => \$deleteroutemap, ); if (defined $accesslist) { update_access_list($accesslist); } @@ -17,6 +18,7 @@ if (defined $aspathlist) { update_as_path($aspathlist); } if (defined $communitylist) { update_community_list($communitylist); } if (defined $peer) { check_peer_syntax($peer); } if (defined $routemap) { check_routemap_action($routemap); } +if (defined $deleteroutemap) { check_delete_routemap_action($deleteroutemap); } exit 0; @@ -215,7 +217,7 @@ sub update_access_list() { # check if the action has been changed since the last commit. # we need to do this because quagga will wipe the entire config if # the action is changed. -# $1 = policy route-map rule +# $1 = policy route-map rule action sub check_routemap_action() { my $routemap = shift; my $config = new VyattaConfig; @@ -225,11 +227,25 @@ sub check_routemap_action() { if ($origvalue) { my $value = $config->returnValue(); if ("$value" ne "$origvalue") { - print "You can not change the action for $routemap.\n"; - print "To change the action you must first delete the rule and commit it.\n\n"; exit 1; } } exit 0; } + +## check_delete_routemap_action +# don't allow deleteing the route-map action if other sibling nodes exist. +# action is required for all other route-map definitions +# $1 = policy route-map rule +sub check_delete_routemap_action() { + my $routemap = shift; + my $config = new VyattaConfig; + + my @nodes = $config->listNodes("$routemap"); + if (defined @nodes) { + exit 1 + } + + exit 0; +} diff --git a/templates/policy/route-map/node.tag/rule/node.def b/templates/policy/route-map/node.tag/rule/node.def index 7b96dd0d..b5a8e367 100644 --- a/templates/policy/route-map/node.tag/rule/node.def +++ b/templates/policy/route-map/node.tag/rule/node.def @@ -2,8 +2,7 @@ tag: type: u32 help: Specify route-map rule number syntax:expression: $VAR(@) >= 1 && $VAR(@) <= 65535; "route-map $VAR(../@): rule number $VAR(@) must be between 1 and 65535" -delete:expression: "if [ -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@) ]; then \ - ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ - -c \"no route-map $VAR(../@) $VAR(./@/action/@) $VAR(@)\"; \ - rm -f /tmp/delete-policy-route-map-$VAR(../@)-rule-$VAR(@); \ - fi" +delete: if [ -f /tmp/route-map-$VAR(../@)-rule-$VAR(@)-action.$PPID ]; then + ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" -c "no route-map $VAR(../@) $VAR(./@/action/@) $VAR(@)"; + rm -f /tmp/route-map-$VAR(../@)-rule-$VAR(@)-action.$PPID; + fi; diff --git a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def index 2c6557eb..3967558c 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/action/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/action/node.def @@ -1,12 +1,20 @@ type: txt help: Action to take on prefixes matching this rule syntax:expression: $VAR(@) in "permit", "deny"; "route-map $VAR(../../@) $VAR(@) $VAR(../@) action: must be permit or deny" -# we need to check if the action has been changed since the previous commit -update:expression: "/opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action \"policy route-map $VAR(../../@) rule $VAR(../@) action\"; \ - if [ \"$?\" -eq \"0\" ]; then \ - ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"route-map $VAR(../../@) $VAR(@) $VAR(../@)\"; \ - else \ - exit 1; \ - fi ; " -# note: delete is handled by parent 'rule' node because the action is required for a route-map in quagga -delete:expression: exec "sudo echo $VAR(@) > /tmp/delete-policy-route-map-$VAR(../../@)-rule-$VAR(../@)" +update: /opt/vyatta/sbin/vyatta-policy.pl --check-routemap-action "policy route-map $VAR(../../@) rule $VAR(../@) action"; + if [ $? -eq 0 ]; then + ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" -c "route-map $VAR(../../@) $VAR(@) $VAR(../@)"; + else + echo " You can not change the action for \"route-map $VAR(../../@) rule $VAR(../@)\"."; + echo " To change the action you must first delete the rule "; + echo -e " \"delete route-map $VAR(../../@) rule $VAR(../@)\" and commit it. \\n"; + exit 1; + fi; +delete: /opt/vyatta/sbin/vyatta-policy.pl --check-delete-routemap-action "policy route-map $VAR(../../@) rule $VAR(../@)"; + if [ $? -eq 0 ]; then + touch /tmp/route-map-$VAR(../../@)-rule-$VAR(../@)-action.$PPID ; + else + echo " Action is a required node for \"route-map $VAR(../../@) rule $VAR(../@)\". "; + echo -e " To delete that node you must delete \"route-map $VAR(../../@) rule $VAR(../@)\". \\n"; + exit 1; + fi; diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def index e7ff7a0f..84c2ca62 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def @@ -1,20 +1,21 @@ help: Match BGP community list -delete:expression: "touch /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID" +delete: echo route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@) >> /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID ## this will always return exact-match pending bug 2525 being fixed -end:expression: "if [ -z \"$VAR(./community-list/)\" ]; then \ - echo You must configure a community-list ; \ - exit 1 ; \ - fi ; \ - ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c \"configure terminal\" \ - -c \"route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)\" \ - -c \"no match community \" ; \ - if [ -f \"/tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID\" ]; then \ - rm -rf /tmp/policy-route-map-$VAR(../../../@)-$VAR(../../action/@)-$VAR(../../@)-match-community.$PPID; \ - else \ - if [ -n \"$VAR(./exact-match/)\" ]; then \ - cond=\"exact-match \"; \ - fi ; \ - ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ - -c \"route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)\" \ - -c \"match community $VAR(./community-list/@) $cond\" ; \ - fi; " +end: if [ -z "$VAR(./community-list/)" ]; then + echo You must configure a community-list ; + exit 1 ; + fi ; + if [ -f /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID ]; then + routemap=`cat /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID` + rm -f /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID; + ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c "configure terminal" -c "$routemap " -c "no match community " ; + exit 0; + else + routemap='route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)'; + + if [ -n "$VAR(./exact-match/)" ]; then + cond="exact-match "; + fi ; + ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c "configure terminal" -c "$routemap " -c "no match community " ; + ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c "$routemap " -c "match community $VAR(./community-list/@) $cond" ; + fi -- cgit v1.2.3 From d8fd1b99cac5302f42bf6e7fbea86e3be634b27d Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Wed, 12 Mar 2008 16:45:53 -0700 Subject: updated fix for bug 2713. neighbor now allows g/G. --- scripts/bgp/vyatta-bgp.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/bgp/vyatta-bgp.pl b/scripts/bgp/vyatta-bgp.pl index bf29a56e..d0f9c94c 100755 --- a/scripts/bgp/vyatta-bgp.pl +++ b/scripts/bgp/vyatta-bgp.pl @@ -39,7 +39,7 @@ sub check_peer_name() { # Quagga treats the first byte as a potential IPv6 address # so we can't use it as a peer group name. So let's check for it. - if (/^[A-Ga-g]{1,4}$/) { + if (/^[A-Fa-f]{1,4}$/) { print "malformed neighbor address $neighbor\n"; exit 1; } -- cgit v1.2.3 From e1d0d9a781e5ccf7941809e8e75e607b2e9197c9 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 14 Mar 2008 13:18:28 -0700 Subject: fix for bugs 2725 and 2999 --- .../rule/node.tag/match/community/node.def | 10 ++++- .../rule/node.tag/set/comm-list/comm-list/node.def | 2 +- templates/protocols/bgp/node.tag/network/node.def | 50 +++++++++++----------- .../node.tag/network/node.tag/.backdoor/node.def | 1 - .../node.tag/network/node.tag/backdoor/node.def | 1 + 5 files changed, 35 insertions(+), 29 deletions(-) delete mode 100644 templates/protocols/bgp/node.tag/network/node.tag/.backdoor/node.def create mode 100644 templates/protocols/bgp/node.tag/network/node.tag/backdoor/node.def diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def index 84c2ca62..3ac8e05e 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/community/node.def @@ -1,7 +1,7 @@ help: Match BGP community list delete: echo route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@) >> /tmp/delete-policy-route-map-$VAR(../../../@)-$VAR(../../@)-match-community.$PPID ## this will always return exact-match pending bug 2525 being fixed -end: if [ -z "$VAR(./community-list/)" ]; then +end: if [ -z "$VAR(./community-list/@)" ]; then echo You must configure a community-list ; exit 1 ; fi ; @@ -13,9 +13,15 @@ end: if [ -z "$VAR(./community-list/)" ]; then else routemap='route-map $VAR(../../../@) $VAR(../../action/@) $VAR(../../@)'; - if [ -n "$VAR(./exact-match/)" ]; then + # uncomment and replace the call to vyatta-check-typeless-node.pl pending bug 2525 + #if [ -n "$VAR(./exact-match/)" ]; then + # cond="exact-match "; + #fi ; + ${vyatta_sbindir}/vyatta-check-typeless-node.pl "policy route-map $VAR(../../../@) rule $VAR(../../@) match community exact-match"; + if [ $? -eq 0 ]; then cond="exact-match "; fi ; + ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c "configure terminal" -c "$routemap " -c "no match community " ; ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c "$routemap " -c "match community $VAR(./community-list/@) $cond" ; fi diff --git a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def index 5fd3eaae..eed327b9 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/set/comm-list/comm-list/node.def @@ -1,3 +1,3 @@ -type: txt +type: u32 help: Set BGP community list commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy community-list $VAR(@)\""; "community list $VAR(@) does not exist" diff --git a/templates/protocols/bgp/node.tag/network/node.def b/templates/protocols/bgp/node.tag/network/node.def index acd2475b..c6061749 100644 --- a/templates/protocols/bgp/node.tag/network/node.def +++ b/templates/protocols/bgp/node.tag/network/node.def @@ -1,31 +1,31 @@ tag: type: ipv4net help: Specify a network to announce via BGP -syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-prefix-boundry $VAR(@)" +syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-prefix-boundry $VAR(@)"; + "Prefix doesn't fall on a natural boundry" -commit:expression: !($VAR(./backdoor/) != "" && $VAR(./route-map/) != ""); \ - "May specify route-map or backdoor but not both" +commit:expression: !($VAR(./backdoor/) != "" && $VAR(./route-map/) != ""); + "May specify route-map or backdoor but not both" -delete:expression: "touch /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID" +delete: touch /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID -end:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -noerr \ - -c \"configure terminal\" \ - -c \"router bgp $VAR(../@)\" \ - -c \"no network $VAR(@)\"; \ - if [ -f \"/tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID\" ]; then \ - rm -rf /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID; \ - else \ -# -# Commenting out until cli bug 2525 is fixed -# -# if [ -n \"$VAR(./backdoor/)\" ]; then -# COND=\"backdoor\"; -# fi; - if [ -n \"$VAR(./route-map/@)\" ]; then \ - COND=\"route-map $VAR(./route-map/@)\"; \ - fi; \ - ${vyatta_sbindir}/vyatta-vtysh.pl \ - -c \"configure terminal\" \ - -c \"router bgp $VAR(../@)\" \ - -c \"network $VAR(@) $COND\"; \ - fi; " +end: ${vyatta_sbindir}/vyatta-vtysh.pl -noerr -c "configure terminal" -c "router bgp $VAR(../@)" -c "no network $VAR(@)"; + + if [ -f "/tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID" ]; then + rm -rf /tmp/`echo $VAR(@) | sed 's!/!!'`.$PPID; + else + # uncomment and replace the call to vyatta-check-typeless-node.pl pending bug 2525 + #if [ -n \"$VAR(./backdoor/)\" ]; then + # COND=\"backdoor\"; + #fi; + ${vyatta_sbindir}/vyatta-check-typeless-node.pl "protocols bgp $VAR(../@) network $VAR(@) backdoor"; + if [ $? -eq 0 ]; then + cond="backdoor "; + fi ; + + if [ -n "$VAR(./route-map/@)" ]; then + COND="route-map $VAR(./route-map/@)"; + fi; + + ${vyatta_sbindir}/vyatta-vtysh.pl -c "configure terminal" -c "router bgp $VAR(../@)" -c "network $VAR(@) $cond"; + fi; diff --git a/templates/protocols/bgp/node.tag/network/node.tag/.backdoor/node.def b/templates/protocols/bgp/node.tag/network/node.tag/.backdoor/node.def deleted file mode 100644 index b7dc6950..00000000 --- a/templates/protocols/bgp/node.tag/network/node.tag/.backdoor/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Specify a BGP backdoor route diff --git a/templates/protocols/bgp/node.tag/network/node.tag/backdoor/node.def b/templates/protocols/bgp/node.tag/network/node.tag/backdoor/node.def new file mode 100644 index 00000000..b7dc6950 --- /dev/null +++ b/templates/protocols/bgp/node.tag/network/node.tag/backdoor/node.def @@ -0,0 +1 @@ +help: Specify a BGP backdoor route -- cgit v1.2.3 From e25ca7876ca5fd62d8f03cb21020f3d263653201 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 14 Mar 2008 14:00:40 -0700 Subject: fix for bug 2993 --- .../bgp/node.tag/neighbor/node.tag/disable/node.def | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def diff --git a/templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def b/templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def deleted file mode 100644 index 673af92f..00000000 --- a/templates/protocols/bgp/node.tag/neighbor/node.tag/disable/node.def +++ /dev/null @@ -1,12 +0,0 @@ -help: Disable the Address Family for this Neighbor -commit:expression: exec "/opt/vyatta/sbin/vyatta-bgp.pl --check-as --as $VAR(../../@) --neighbor $VAR(../@)" -update:expression: "if [ -n \"$VAR(../remote-as/@)\" ]; then \ - peer=\"remote-as $VAR(../remote-as/@)\"; \ - else \ - peer=\"peer-group $VAR(../peer-group/@)\"; \ - fi; \ - ${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"router bgp $VAR(../../@)\" \ - -c \"neighbor $VAR(../@) $peer\" \ - -c \"no neighbor $VAR(../@) activate \" " -delete:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" -c \"router bgp $VAR(../../@)\" \ - -c \"neighbor $VAR(../@) activate \" " -- cgit v1.2.3 From 8d008f9f2cbbd80a54d30e94c1b7daa3d1c172f7 Mon Sep 17 00:00:00 2001 From: Robert Bays Date: Fri, 14 Mar 2008 14:39:39 -0700 Subject: fix for bug 2800 --- templates/policy/access-list/node.def | 6 +----- .../node.tag/rule/node.tag/match/ip/address/access-list/node.def | 1 + .../node.tag/rule/node.tag/match/ip/address/prefix-list/node.def | 1 + .../node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def | 1 + .../node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def | 1 + .../rule/node.tag/match/ip/route-source/access-list/node.def | 1 + .../rule/node.tag/match/ip/route-source/prefix-list/node.def | 1 + 7 files changed, 7 insertions(+), 5 deletions(-) diff --git a/templates/policy/access-list/node.def b/templates/policy/access-list/node.def index a6f1b05a..de8ec16e 100644 --- a/templates/policy/access-list/node.def +++ b/templates/policy/access-list/node.def @@ -1,10 +1,6 @@ tag: type: u32 -help: Access list number must be - <1-99> IP standard access list - <100-199> IP extended access list - <1300-1999> IP standard access list (expanded range) - <2000-2699> IP extended access list (expanded range) +help: IP access list number syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 199) || ($VAR(@) >= 1300 && $VAR(@) <= 2699); \ "Access list number must be \n \ <1-99> IP standard access list \n \ diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def index d5a1a6d8..b9335c70 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/access-list/node.def @@ -2,6 +2,7 @@ type: u32 help: access-list number commit:expression: $VAR(../prefix-list/) == ""; "You may only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) does not exist" +commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)" update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ -c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \ -c \"match ip address $VAR(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def index 826af72f..c3ab9b28 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/address/prefix-list/node.def @@ -2,6 +2,7 @@ type: txt help: prefix-list name commit:expression: $VAR(../access-list/) == ""; "You can only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) does not exist" +commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)" update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ -c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \ -c \"match ip address prefix-list $VAR(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def index 9a8daf82..6bcb4a3c 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/access-list/node.def @@ -2,6 +2,7 @@ type: u32 help: access-list number commit:expression: $VAR(../prefix-list/) == ""; "You may only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) does not exist" +commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)" update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ -c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \ -c \"match ip next-hop $VAR(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def index f4809ad2..346794ca 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/nexthop/prefix-list/node.def @@ -2,6 +2,7 @@ type: txt help: prefix-list name commit:expression: $VAR(../access-list/) == ""; "You can only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) does not exist" +commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)" update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ -c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \ -c \"match ip next-hop prefix-list $VAR(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def index 45fcbfdc..85bcf447 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/access-list/node.def @@ -2,6 +2,7 @@ type: u32 help: access-list number commit:expression: $VAR(../prefix-list/) == ""; "You may only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy access-list $VAR(@)\" "; "access-list $VAR(@) does not exist" +commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)" update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ -c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \ -c \"match ip route-source $VAR(@)\" " diff --git a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def index f6c21378..2db6c602 100644 --- a/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def +++ b/templates/policy/route-map/node.tag/rule/node.tag/match/ip/route-source/prefix-list/node.def @@ -2,6 +2,7 @@ type: txt help: prefix-list name commit:expression: $VAR(../access-list/) == ""; "You can only specify a prefix-list or access-list" commit:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --exists \"policy prefix-list $VAR(@)\" "; "prefix-list $VAR(@) does not exist" +commit:expression: $VAR(../../../../action/) != ""; "You must specify an action for route-map $VAR(../../../../../@) rule $VAR(../../../../@)" update:expression: "${vyatta_sbindir}/vyatta-vtysh.pl -c \"configure terminal\" \ -c \"route-map $VAR(../../../../../@) $VAR(../../../../action/@) $VAR(../../../../@)\" \ -c \"match ip route-source prefix-list $VAR(@)\" " -- cgit v1.2.3