diff options
| author | Saurabh Mohan <saurabh@vyatta.com> | 2013-05-09 13:58:05 -0700 |
|---|---|---|
| committer | Saurabh Mohan <saurabh@vyatta.com> | 2013-05-09 13:58:05 -0700 |
| commit | fec8fc84b3ab39cf7cb448c9542bdca3ca6f28bf (patch) | |
| tree | 67c312e6bd0119124e1d5832f0703719c10080fc | |
| parent | b75dc3236179ffe13e6c3531dcecf6f21f21421d (diff) | |
| parent | 2ce614b5b76309c2257e8d11bea929278c96f428 (diff) | |
| download | vyatta-cfg-system-fec8fc84b3ab39cf7cb448c9542bdca3ca6f28bf.tar.gz vyatta-cfg-system-fec8fc84b3ab39cf7cb448c9542bdca3ca6f28bf.zip | |
Merge daisy support for mGRE
| -rw-r--r-- | .frlog | 2 | ||||
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rw-r--r-- | debian/changelog | 115 | ||||
| -rw-r--r-- | scripts/vyatta-encapsulation | 12 | ||||
| -rwxr-xr-x | scripts/vyatta-tunnel-cleanup | 3 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.def | 48 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/address/node.def | 2 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/encapsulation/node.def | 6 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/local-ip/node.def | 11 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def | 4 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def | 4 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def | 4 | ||||
| -rw-r--r-- | templates/system/ipv6/disable-forwarding/node.def | 25 |
13 files changed, 205 insertions, 32 deletions
@@ -2,3 +2,5 @@ Tue Dec 28 13:47:50 PST 2010: [new branch] at [debian/0.19.24] Thu Jul 7 20:55:58 PDT 2011: [new branch] at [debian/0.19.99] Sat Mar 3 02:25:37 PST 2012: [new branch] at [debian/0.19.174] Fri Oct 12 19:46:58 PDT 2012: [new branch] at [debian/0.20.41] +Sat Oct 13 13:30:43 PDT 2012: [create daisy branch] at [debian/0.20.42] +Fri Apr 12 09:13:35 PDT 2013: [Bugfix 8804] at [debian/0.20.42+daisy13] diff --git a/Makefile.am b/Makefile.am index a020d246..77cdfb07 100644 --- a/Makefile.am +++ b/Makefile.am @@ -74,6 +74,7 @@ sbin_SCRIPTS += scripts/vyatta-bridge.pl sbin_SCRIPTS += scripts/vyatta-bridgegroup-depedency.pl sbin_SCRIPTS += scripts/vyatta-dhcpv6-client.pl sbin_SCRIPTS += scripts/vyatta-update-grub.pl +sbin_SCRIPTS += scripts/vyatta-encapsulation sbin_PROGRAMS = src/valid_address sbin_PROGRAMS += src/local_ip diff --git a/debian/changelog b/debian/changelog index 28fc8927..b20b5f92 100644 --- a/debian/changelog +++ b/debian/changelog @@ -145,6 +145,121 @@ vyatta-cfg-system (0.20.43) unstable; urgency=low -- James Davidson <james.davidson@vyatta.com> Fri, 19 Oct 2012 16:02:20 -0700 +vyatta-cfg-system (0.20.42+daisy18) unstable; urgency=low + + * Replace original config file handling behaviour + + -- James Davidson <james.davidson@vyatta.com> Mon, 15 Apr 2013 14:26:25 -0700 + +vyatta-cfg-system (0.20.42+daisy17) unstable; urgency=low + + * Bugfix 8711: Switch to Bash syntax for conditionals + + -- John Southworth <john.southworth@vyatta.com> Fri, 12 Apr 2013 14:16:11 -0700 + +vyatta-cfg-system (0.20.42+daisy16) unstable; urgency=low + + [ Stephen Hemminger ] + * ethernet: deleting device should put in admin down + + [ John Southworth ] + + -- John Southworth <john.southworth@vyatta.com> Fri, 12 Apr 2013 09:28:34 -0700 + +vyatta-cfg-system (0.20.42+daisy15) unstable; urgency=low + + * Bugfix 8526: don't use REQUIRED on remote-ip + + -- John Southworth <john.southworth@vyatta.com> Fri, 12 Apr 2013 09:26:47 -0700 + +vyatta-cfg-system (0.20.42+daisy14) unstable; urgency=low + + * Bugfix 8804 + + -- John Southworth <john.southworth@vyatta.com> Fri, 12 Apr 2013 09:13:36 -0700 + +vyatta-cfg-system (0.20.42+daisy13) unstable; urgency=low + + [ Stephen Hemminger ] + * snmpv3: enable strict warnings and fix perlcritic + * fix device naming on boot + + [ James Davidson ] + + -- James Davidson <james.davidson@vyatta.com> Tue, 02 Apr 2013 08:52:37 -0700 + +vyatta-cfg-system (0.20.42+daisy12) unstable; urgency=low + + * Fix typo in domain-name delete action + + -- James Davidson <james.davidson@vyatta.com> Mon, 01 Apr 2013 09:26:05 -0700 + +vyatta-cfg-system (0.20.42+daisy11) unstable; urgency=low + + * SNMP: Add multicast smux peers + + -- James Davidson <james.davidson@vyatta.com> Wed, 20 Mar 2013 09:07:37 -0700 + +vyatta-cfg-system (0.20.42+daisy10) unstable; urgency=low + + * Sync up SNMPv3 support + + -- James Davidson <james.davidson@vyatta.com> Wed, 06 Mar 2013 11:24:17 -0800 + +vyatta-cfg-system (0.20.42+daisy9) unstable; urgency=low + + * mGRE bug fixes local-ip address changes and v6 check. + + -- Saurabh Mohan <saurabh@vyatta.com> Tue, 12 Feb 2013 16:11:05 -0800 + +vyatta-cfg-system (0.20.42+daisy8) unstable; urgency=low + + * Initial SNMPv3 support + + -- James Davidson <james.davidson@vyatta.com> Tue, 12 Feb 2013 13:39:56 -0800 + +vyatta-cfg-system (0.20.42+daisy7) unstable; urgency=low + + * Skip biosdevname if running in Xen + + -- James Davidson <james.davidson@vyatta.com> Wed, 06 Feb 2013 15:27:01 -0800 + +vyatta-cfg-system (0.20.42+daisy6) unstable; urgency=low + + * Add ability to restart services when hostname changes + + -- James Davidson <james.davidson@vyatta.com> Tue, 29 Jan 2013 09:58:49 -0800 + +vyatta-cfg-system (0.20.42+daisy5) unstable; urgency=low + + * Dmvpn merge with mirantis jan22-2013 + + -- Saurabh Mohan <saurabh@vyatta.com> Tue, 22 Jan 2013 12:30:35 -0800 + +vyatta-cfg-system (0.20.42+daisy4) unstable; urgency=low + + * Bug 7856: Set default neighbour table size to 8192 + + -- James Davidson <james.davidson@vyatta.com> Tue, 08 Jan 2013 15:14:20 -0800 + +vyatta-cfg-system (0.20.42+daisy3) unstable; urgency=low + + * mgre support initial commit. + + -- Saurabh Mohan <saurabh@vyatta.com> Wed, 26 Dec 2012 15:31:07 -0800 + +vyatta-cfg-system (0.20.42+daisy2) unstable; urgency=low + + * revert 918bd40d3e3f238a800b1486f70e2d5ee1d71a72 + + -- John Southworth <john.southworth@vyatta.com> Wed, 12 Dec 2012 14:40:34 -0800 + +vyatta-cfg-system (0.20.42+daisy1) unstable; urgency=low + + * create daisy branch + + -- John Southworth <john.southworth@vyatta.com> Sat, 13 Oct 2012 13:30:43 -0700 + vyatta-cfg-system (0.20.42) unstable; urgency=low * new branch diff --git a/scripts/vyatta-encapsulation b/scripts/vyatta-encapsulation new file mode 100644 index 00000000..8c64341e --- /dev/null +++ b/scripts/vyatta-encapsulation @@ -0,0 +1,12 @@ +#!/bin/sh + +list="gre gre-bridge ipip sit ipip6 ip6ip6" +if [[ `dpkg -l | grep "vyatta-nhrp" | awk '{print $1}'` = "ii" ]]; then tmp="gre-multipoint"; fi +full_list="${list} ${tmp}" +if [[ -n "$1" ]]; then + for f in ${full_list}; do if [[ "$1" = "$f" ]]; then exit 0; fi; done + echo "Must be (${full_list})" + exit 1; +else + echo ${full_list} +fi diff --git a/scripts/vyatta-tunnel-cleanup b/scripts/vyatta-tunnel-cleanup index 979fb7bd..af73bc04 100755 --- a/scripts/vyatta-tunnel-cleanup +++ b/scripts/vyatta-tunnel-cleanup @@ -26,6 +26,9 @@ my %tunnel; foreach my $tun ( $config->listEffectiveNodes() ) { my $mode = $config->returnEffectiveValue("$tun encapsulation"); next if ($interface eq $tun); # don't count the one being deleted + if ($mode eq "gre-multipoint") { + $mode = "gre"; + } $tunnel{$mode} = 1; } diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def index 85bed6ac..cc99c1f5 100644 --- a/templates/interfaces/tunnel/node.def +++ b/templates/interfaces/tunnel/node.def @@ -8,17 +8,35 @@ syntax:expression: pattern $VAR(@) "^tun[0-9]+$" \ commit:expression: $VAR(./local-ip/) != "" ; \ "Must configure the tunnel local-ip for $VAR(@)" -commit:expression: $VAR(./remote-ip/) != "" ; \ - "Must configure the tunnel remote-ip for $VAR(@)" commit:expression: $VAR(./encapsulation/) != "" ; \ "Must configure the tunnel encapsulation for $VAR(@)" +commit:expression: +exec " + if [ $VAR(./encapsulation/@) == gre-multipoint ] && [ -n \"$VAR(./remote-ip/)\" ]; then \ + echo \"Remote-ip shouldn't be set for mGRE mode for $VAR(@)\"; \ + exit 1; \ + fi; \ + if [ $VAR(./encapsulation/@) != gre-multipoint ] && [ ! -n \"$VAR(./remote-ip/)\" ]; then \ + echo \"Must configure the tunnel remote-ip for $VAR(@)\"; \ + exit 1; \ + fi; + + exit 0" +commit:expression: (!(pattern $VAR(./local-ip/@) ".*:.*") && $VAR(./encapsulation/@) == "gre-multipoint") || \ + $VAR(./encapsulation/@) != "gre-multipoint"; "IPv6 local-ip ($VAR(./local-ip/@)) is forbidden for gre-multipoint encapsulation type." + +commit:expression: (!(pattern $VAR(./address/@@) ".*:.*") && $VAR(./encapsulation/@) == "gre-multipoint") || \ + $VAR(./encapsulation/@) != "gre-multipoint"; "IPv6 addresses ($VAR(./address/@@)) are forbidden for gre-multipoint encapsulation type." create: + if [ "$VAR(./encapsulation/@)" == "gre-multipoint" ]; then + sudo invoke-rc.d opennhrp.init start; + fi if [ x$VAR(./multicast/@) == xenable ]; then MC="multicast on allmulticast on"; fi case "$VAR(./encapsulation/@)" in - "gre" | "ipip" | "sit") + "gre" | "ipip" | "sit" | "gre-multipoint") if [ -n "$VAR(./parameters/ip/bridge-group/)" ] ; then echo "interfaces tunnel $VAR(@): Tunnel encapsulation type must be gre-bridge if a bridge group is defined"; exit 1; @@ -29,8 +47,15 @@ create: if [ -n "$VAR(./parameters/ip/key/@)" ]; then KEY="key $VAR(./parameters/ip/key/@)"; fi - ip tunnel add $VAR(@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) $KEY $TTL || - echo "interfaces tunnel $VAR(@): error creating tunnel interface" + if [ "$VAR(./encapsulation/@)" == "gre-multipoint" ]; then + ip tunnel add $VAR(@) local $VAR(./local-ip/@) mode gre $KEY $TTL + else + ip tunnel add $VAR(@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) $KEY $TTL + fi + if [ -z "`ip tun sh | grep $VAR(@)`" ]; then + echo interfaces tunnel $VAR(@): error creating tunnel interface + exit 1 + fi ;; "gre-bridge") ip link add $VAR(@) type gretap local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) || @@ -53,10 +78,15 @@ delete: ip link delete $VAR(@) ;; "ipip6" | "ip6ip6") ip -6 tunnel del $VAR(@) mode $VAR(./encapsulation/@);; + "gre-multipoint") + ip tunnel del $VAR(@) mode gre;; esac -end: -if [ "${COMMIT_ACTION}" == DELETE ]; then - /opt/vyatta/sbin/vyatta-tunnel-cleanup $VAR(@) -fi +end: + if [ "${COMMIT_ACTION}" == DELETE ]; then + /opt/vyatta/sbin/vyatta-tunnel-cleanup $VAR(@) + fi + if [ -e /opt/vyatta/sbin/vyatta-update-nhrp.pl ]; then + sudo /opt/vyatta/sbin/vyatta-update-nhrp.pl --tun "$VAR(@)" --commit_tun; + fi diff --git a/templates/interfaces/tunnel/node.tag/address/node.def b/templates/interfaces/tunnel/node.tag/address/node.def index 04612379..539f7509 100644 --- a/templates/interfaces/tunnel/node.tag/address/node.def +++ b/templates/interfaces/tunnel/node.tag/address/node.def @@ -1,7 +1,7 @@ multi: type: ipv4net,ipv6net val_help: ipv4net; IPv4 address and prefix length -val_help: ipv6net; IPv6 address and prefix length +val_help: ipv6net; IPv6 address and prefix length [NOTICE: unavailable for gre-multipoint encapsulation] help: IP address syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" diff --git a/templates/interfaces/tunnel/node.tag/encapsulation/node.def b/templates/interfaces/tunnel/node.tag/encapsulation/node.def index b0df7a10..54e4f950 100644 --- a/templates/interfaces/tunnel/node.tag/encapsulation/node.def +++ b/templates/interfaces/tunnel/node.tag/encapsulation/node.def @@ -1,8 +1,9 @@ type: txt help: Encapsulation of this tunnel interface [REQUIRED] -syntax:expression: $VAR(@) in "ipip", "gre", "sit", "gre-bridge", "ipip6", "ip6ip6"; "Must be (ipip, gre, gre-bridge, sit, ipip6, ip6ip6)" -allowed: echo gre gre-bridge ipip sit ipip6 ip6ip6 +syntax:expression: ((pattern $VAR(@) "^[-a-zA-Z0-9_]+$") && (exec "sudo /opt/vyatta/sbin/vyatta-encapsulation $VAR(@)")) + +allowed: sudo /opt/vyatta/sbin/vyatta-encapsulation create:expression: "true" update:expression: "false" ; \ @@ -10,6 +11,7 @@ update:expression: "false" ; \ val_help: gre; Generic Routing Encapsulation val_help: gre-bridge; Generic Routing Encapsulation bridge interface +val_help: gre-multipoint; Multipoint Generic Routing Encapsulation(allowed if the package vyatta-nhrp installed) val_help: ipip; IP in IP encapsulation val_help: sit; Simple Internet Transition encapsulation val_help: ipip6; IP in IP6 encapsulation diff --git a/templates/interfaces/tunnel/node.tag/local-ip/node.def b/templates/interfaces/tunnel/node.tag/local-ip/node.def index e393f35c..c6a82a03 100644 --- a/templates/interfaces/tunnel/node.tag/local-ip/node.def +++ b/templates/interfaces/tunnel/node.tag/local-ip/node.def @@ -1,7 +1,7 @@ type: ipv4, ipv6 help: Local IP address for this tunnel [REQUIRED] val_help: ipv4; Local IPv4 address for this tunnel [REQUIRED] -val_help: ipv6; Local IPv6 address for this tunnel [REQUIRED] +val_help: ipv6; Local IPv6 address for this tunnel [REQUIRED] [NOTICE: unavailable for gre-multipoint encapsulation] update:if ! /opt/vyatta/sbin/local_ip $VAR(@) then @@ -11,8 +11,15 @@ update:if ! /opt/vyatta/sbin/local_ip $VAR(@) case "$VAR(../encapsulation/@)" in "gre-bridge") ;; - "gre" | "ipip" | "sit") + "gre" | "gre-multipoint" | "ipip" | "sit") sudo ip tunnel cha $VAR(../@) local $VAR(@) + if [ -e "/opt/vyatta/sbin/dmvpn-config.pl" ]; then + sudo /opt/vyatta/sbin/dmvpn-config.pl \ + --config_file='/etc/dmvpn.conf' \ + --secrets_file='/etc/dmvpn.secrets' \ + --init_script='/etc/init.d/ipsec' \ + --tunnel_context --tun_id=$VAR(../@) || exit 1 + fi ;; "ipip6" | "ip6ip6") if [ -n "$VAR(../parameters/ipv6/encaplimit/@)" ]; then diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def index b9ed181e..a6ba8708 100644 --- a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def +++ b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def @@ -10,8 +10,8 @@ syntax:expression: exec " \ exit 1 ; \ fi ; " -commit:expression: $VAR(../../../encapsulation/@) in "gre" ; \ - "Key only valid for GRE for $VAR(../../../@)" +commit:expression: $VAR(../../../encapsulation/@) in "gre", "gre-multipoint" ; \ + "Key only valid for GRE/GRE-MULTIPOINT for $VAR(../../../@)" create:expression: "true" update:expression: "false" ; \ diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def index c784e512..32080dce 100644 --- a/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def +++ b/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def @@ -3,8 +3,8 @@ help: Type of Service (TOS) syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 99; "Must be between 0-99" val_help: u32:0-99; Type Of Service (TOS) -commit:expression: $VAR(../../../encapsulation/@) in "gre", "sit", "ipip" ; \ - "tunnel encapsulation must be GRE, SIT or IPIP" +commit:expression: $VAR(../../../encapsulation/@) in "gre", "gre-multipoint", "sit", "ipip" ; \ + "tunnel encapsulation must be GRE, GRE-MULTIPOINT, SIT or IPIP" update: ip tunnel change $VAR(../../../@) tos $VAR(@) delete: ip tunnel change $VAR(../../../@) tos inherit diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def index 24d27104..3bb2ec72 100644 --- a/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def +++ b/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def @@ -3,8 +3,8 @@ help: Time to live field val_help: u32:0-255; Time to live (default 255) syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 255; "Must be between 0-255" -commit:expression: $VAR(../../../encapsulation/@) in "gre", "sit", "ipip" ; \ - "tunnel encapsulation must be GRE, SIT or IPIP" +commit:expression: $VAR(../../../encapsulation/@) in "gre", "gre-multipoint", "sit", "ipip" ; \ + "tunnel encapsulation must be GRE, GRE-MULTIPOINT, SIT or IPIP" update:sudo ip tunnel change $VAR(../../../@) ttl $VAR(@) delete:sudo ip tunnel change $VAR(../../../@) ttl inherit diff --git a/templates/system/ipv6/disable-forwarding/node.def b/templates/system/ipv6/disable-forwarding/node.def index b930e3d2..eefb8328 100644 --- a/templates/system/ipv6/disable-forwarding/node.def +++ b/templates/system/ipv6/disable-forwarding/node.def @@ -23,23 +23,24 @@ delete: sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/all/forwarding" cd /proc/sys/net/ipv6/conf for i in * ; do - if [[ "$i" == "default" ]] || - [[ "$i" == "all" ]] || - [[ ! -d "$i" ]]; then - continue - fi - if [[ -e /var/run/vyatta/ipv6_no_fwd.$i ]]; then - sudo sh -c "echo 0 > $i/forwarding" - fi + if [[ "$i" == "default" ]] || + [[ "$i" == "all" ]] || + [[ ! -d "$i" ]; then + continue + fi + if [[ -e /var/run/vyatta/ipv6_no_fwd.$i ]]; then + sudo sh -c "echo 0 > $i/forwarding" + fi done sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/default/forwarding" # # If router advertisements were configured while global IPv6 # forwarding was disabled, we will need to start the radvd daemon # now. - if [[ -e /etc/radvd.conf ]]; then - if [[ -z "$(pgrep -u radvd radvd)" ]]; then - /etc/init.d/radvd start - fi + running=$(pgrep -n radvd) + if [[ $running -eq 0 ]] && + [[ -e /etc/radvd.conf ]] && + [[ -x /etc/init.d/radvd ]; then + /etc/init.d/radvd start fi |