From 0e1f76414aad46e320ca173c5b5d29faa7f5a87e Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen.hemminger@vyatta.com>
Date: Thu, 23 Oct 2008 20:45:40 -0700
Subject: Fix bad tab completion on interfaces/bonding

Can't use $VAR(../@) in allowed tag, it doesn't get expanded properly.
---
 templates/interfaces/bonding/node.tag/primary/node.def | 6 ------
 1 file changed, 6 deletions(-)

(limited to 'templates')

diff --git a/templates/interfaces/bonding/node.tag/primary/node.def b/templates/interfaces/bonding/node.tag/primary/node.def
index 171c8daf..bae8a499 100644
--- a/templates/interfaces/bonding/node.tag/primary/node.def
+++ b/templates/interfaces/bonding/node.tag/primary/node.def
@@ -2,11 +2,5 @@ type: txt
 syntax:expression: exec \
     "grep -s $VAR(@) /sys/class/net/$VAR(../@)/bonding/slaves" \
     ; "Ethernet interface must be part of the bonding group"
-allowed: cat /sys/class/net/$VAR(../@)/bonding/slaves
 update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/bonding/primary"
 help: Specify the primary device
-
-
-
-
-
-- 
cgit v1.2.3


From 48bec978b2e2be9327163b8342a253cf69b61c6c Mon Sep 17 00:00:00 2001
From: An-Cheng Huang <ancheng@vyatta.com>
Date: Fri, 24 Oct 2008 15:29:54 -0700
Subject: add firewall configuration to bridge interface

---
 .../bridge/node.tag/firewall/in/name/node.def          | 18 ++++++++++++++++++
 .../interfaces/bridge/node.tag/firewall/in/node.def    |  1 +
 .../bridge/node.tag/firewall/local/name/node.def       | 18 ++++++++++++++++++
 .../interfaces/bridge/node.tag/firewall/local/node.def |  1 +
 templates/interfaces/bridge/node.tag/firewall/node.def |  1 +
 .../bridge/node.tag/firewall/out/name/node.def         | 18 ++++++++++++++++++
 .../interfaces/bridge/node.tag/firewall/out/node.def   |  1 +
 7 files changed, 58 insertions(+)
 create mode 100644 templates/interfaces/bridge/node.tag/firewall/in/name/node.def
 create mode 100644 templates/interfaces/bridge/node.tag/firewall/in/node.def
 create mode 100644 templates/interfaces/bridge/node.tag/firewall/local/name/node.def
 create mode 100644 templates/interfaces/bridge/node.tag/firewall/local/node.def
 create mode 100644 templates/interfaces/bridge/node.tag/firewall/node.def
 create mode 100644 templates/interfaces/bridge/node.tag/firewall/out/name/node.def
 create mode 100644 templates/interfaces/bridge/node.tag/firewall/out/node.def

(limited to 'templates')

diff --git a/templates/interfaces/bridge/node.tag/firewall/in/name/node.def b/templates/interfaces/bridge/node.tag/firewall/in/name/node.def
new file mode 100644
index 00000000..45ddefa1
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/firewall/in/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set inbound interface filter name
+
+create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/bridge/node.tag/firewall/in/node.def b/templates/interfaces/bridge/node.tag/firewall/in/node.def
new file mode 100644
index 00000000..eccc79b4
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/firewall/in/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on inbound interface
diff --git a/templates/interfaces/bridge/node.tag/firewall/local/name/node.def b/templates/interfaces/bridge/node.tag/firewall/local/name/node.def
new file mode 100644
index 00000000..29082074
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/firewall/local/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set local filter name
+
+create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/bridge/node.tag/firewall/local/node.def b/templates/interfaces/bridge/node.tag/firewall/local/node.def
new file mode 100644
index 00000000..25958359
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/firewall/local/node.def
@@ -0,0 +1 @@
+help: Set filter for packets destined for this router
diff --git a/templates/interfaces/bridge/node.tag/firewall/node.def b/templates/interfaces/bridge/node.tag/firewall/node.def
new file mode 100644
index 00000000..11748d20
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/firewall/node.def
@@ -0,0 +1 @@
+help: Set firewall options
diff --git a/templates/interfaces/bridge/node.tag/firewall/out/name/node.def b/templates/interfaces/bridge/node.tag/firewall/out/name/node.def
new file mode 100644
index 00000000..13a7c312
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/firewall/out/name/node.def
@@ -0,0 +1,18 @@
+type: txt
+
+help: Set outbound interface filter name
+
+create:expression: "sh -c \"echo create eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+update:expression: "sh -c \"echo update eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces update $VAR(../../../@) $VAR(..) $VAR(@)\" "
+
+delete:expression: "sh -c \"echo delete eth=[$VAR(../../../@)] dir=[$VAR(..)] name=[$VAR(@)] \
+>> /tmp/cli.log && \
+sudo /opt/vyatta/sbin/vyatta-firewall.pl \
+--update-interfaces delete $VAR(../../../@) $VAR(..) $VAR(@)\" "
diff --git a/templates/interfaces/bridge/node.tag/firewall/out/node.def b/templates/interfaces/bridge/node.tag/firewall/out/node.def
new file mode 100644
index 00000000..3aec5f05
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/firewall/out/node.def
@@ -0,0 +1 @@
+help: Set filter for forwarded packets on outbound interface
-- 
cgit v1.2.3