diff options
-rw-r--r-- | Makefile.am | 1 | ||||
-rw-r--r-- | scripts/vyatta-encapsulation | 11 | ||||
-rwxr-xr-x | scripts/vyatta-tunnel-cleanup | 3 | ||||
-rw-r--r-- | templates/interfaces/tunnel/node.def | 29 | ||||
-rw-r--r-- | templates/interfaces/tunnel/node.tag/address/node.def | 2 | ||||
-rw-r--r-- | templates/interfaces/tunnel/node.tag/encapsulation/node.def | 7 | ||||
-rw-r--r-- | templates/interfaces/tunnel/node.tag/local-ip/node.def | 4 | ||||
-rw-r--r-- | templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def | 4 | ||||
-rw-r--r-- | templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def | 4 | ||||
-rw-r--r-- | templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def | 4 |
10 files changed, 27 insertions, 42 deletions
diff --git a/Makefile.am b/Makefile.am index 7b6218eb..88bbf983 100644 --- a/Makefile.am +++ b/Makefile.am @@ -76,7 +76,6 @@ sbin_SCRIPTS += scripts/vyatta-bridge.pl sbin_SCRIPTS += scripts/vyatta-bridgegroup-depedency.pl sbin_SCRIPTS += scripts/vyatta-dhcpv6-client.pl sbin_SCRIPTS += scripts/vyatta-update-grub.pl -sbin_SCRIPTS += scripts/vyatta-encapsulation sbin_SCRIPTS += scripts/vyos-intfwatchd sbin_PROGRAMS = src/valid_address diff --git a/scripts/vyatta-encapsulation b/scripts/vyatta-encapsulation deleted file mode 100644 index f1cae8b1..00000000 --- a/scripts/vyatta-encapsulation +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -list="gre gre-bridge gre-multipoint ipip sit ipip6 ip6ip6" -full_list="${list}" -if [[ -n "$1" ]]; then - for f in ${full_list}; do if [[ "$1" = "$f" ]]; then exit 0; fi; done - echo "Must be (${full_list})" - exit 1; -else - echo ${full_list} -fi diff --git a/scripts/vyatta-tunnel-cleanup b/scripts/vyatta-tunnel-cleanup index af73bc04..979fb7bd 100755 --- a/scripts/vyatta-tunnel-cleanup +++ b/scripts/vyatta-tunnel-cleanup @@ -26,9 +26,6 @@ my %tunnel; foreach my $tun ( $config->listEffectiveNodes() ) { my $mode = $config->returnEffectiveValue("$tun encapsulation"); next if ($interface eq $tun); # don't count the one being deleted - if ($mode eq "gre-multipoint") { - $mode = "gre"; - } $tunnel{$mode} = 1; } diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def index 9c7b4f5f..63f2bb59 100644 --- a/templates/interfaces/tunnel/node.def +++ b/templates/interfaces/tunnel/node.def @@ -12,31 +12,30 @@ commit:expression: $VAR(./encapsulation/) != "" ; \ "Must configure the tunnel encapsulation for $VAR(@)" commit:expression: exec " - if [ $VAR(./encapsulation/@) == gre-multipoint ] && [ -n \"$VAR(./remote-ip/)\" ]; then \ - echo \"Remote-ip shouldn't be set for mGRE mode for $VAR(@)\"; \ - exit 1; \ + if [ $VAR(./encapsulation/@) = gre ] && [ ! -n \"$VAR(./remote-ip/)\" ]; then \ + echo \"No remote-ip configured for $VAR(@), tunnel can only be used for mGRE.\"; \ fi; \ - if [ $VAR(./encapsulation/@) != gre-multipoint ] && [ ! -n \"$VAR(./remote-ip/)\" ]; then \ + if [ $VAR(./encapsulation/@) != gre ] && [ ! -n \"$VAR(./remote-ip/)\" ]; then \ echo \"Must configure the tunnel remote-ip for $VAR(@)\"; \ exit 1; \ fi; exit 0" -commit:expression: (!(pattern $VAR(./local-ip/@) ".*:.*") && $VAR(./encapsulation/@) == "gre-multipoint") || \ - $VAR(./encapsulation/@) != "gre-multipoint"; "IPv6 local-ip ($VAR(./local-ip/@)) is forbidden for gre-multipoint encapsulation type." +commit:expression: (!(pattern $VAR(./local-ip/@) ".*:.*") && $VAR(./encapsulation/@) == "gre" && $VAR(./remote-ip/) == "") || \ + $VAR(./encapsulation/@) != "gre" || ($VAR(./encapsulation/@) == "gre" && $VAR(./remote-ip/) != ""); "IPv6 local-ip ($VAR(./local-ip/@)) is forbidden for mGRE tunnels." -commit:expression: (!(pattern $VAR(./address/@@) ".*:.*") && $VAR(./encapsulation/@) == "gre-multipoint") || \ - $VAR(./encapsulation/@) != "gre-multipoint"; "IPv6 addresses ($VAR(./address/@@)) are forbidden for gre-multipoint encapsulation type." +commit:expression: (!(pattern $VAR(./address/@@) ".*:.*") && $VAR(./encapsulation/@) == "gre" && $VAR(./remote-ip/) == "") || \ + $VAR(./encapsulation/@) != "gre" || ($VAR(./encapsulation/@) == "gre" && $VAR(./remote-ip/) != ""); "IPv6 addresses ($VAR(./address/@@)) are forbidden for mGRE tunnels." create: - if [ "$VAR(./encapsulation/@)" == "gre-multipoint" ]; then + if [ $VAR(./encapsulation/@) = gre ] && [ -z $VAR(./remote-ip/) ]; then sudo invoke-rc.d opennhrp.init start; fi if [ x$VAR(./multicast/@) == xenable ]; then MC="multicast on allmulticast on"; fi case "$VAR(./encapsulation/@)" in - "gre" | "ipip" | "sit" | "gre-multipoint") + "gre" | "ipip" | "sit") if [ -n "$VAR(./parameters/ip/bridge-group/)" ] ; then echo "interfaces tunnel $VAR(@): Tunnel encapsulation type must be gre-bridge if a bridge group is defined"; exit 1; @@ -47,7 +46,7 @@ create: if [ -n "$VAR(./parameters/ip/key/@)" ]; then KEY="key $VAR(./parameters/ip/key/@)"; fi - if [ "$VAR(./encapsulation/@)" == "gre-multipoint" ]; then + if [ "$VAR(./encapsulation/@)" == "gre" ] && [ -z $VAR(./remote-ip/) ]; then ip tunnel add $VAR(@) local $VAR(./local-ip/@) mode gre $KEY $TTL else ip tunnel add $VAR(@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) $KEY $TTL @@ -74,13 +73,15 @@ delete: ip link set $VAR(@) down case "$VAR(./encapsulation/@)" in "gre" | "ipip" | "sit") - ip tunnel del $VAR(@) mode $VAR(./encapsulation/@);; + if [ -z $VAR(./remote-ip/) ]; then + ip tunnel del $VAR(@) mode gre + else + ip tunnel del $VAR(@) mode $VAR(./encapsulation/@);; + fi;; "gre-bridge") ip link delete $VAR(@) ;; "ipip6" | "ip6ip6") ip -6 tunnel del $VAR(@) mode $VAR(./encapsulation/@);; - "gre-multipoint") - ip tunnel del $VAR(@) mode gre;; esac diff --git a/templates/interfaces/tunnel/node.tag/address/node.def b/templates/interfaces/tunnel/node.tag/address/node.def index 539f7509..26c2f860 100644 --- a/templates/interfaces/tunnel/node.tag/address/node.def +++ b/templates/interfaces/tunnel/node.tag/address/node.def @@ -1,7 +1,7 @@ multi: type: ipv4net,ipv6net val_help: ipv4net; IPv4 address and prefix length -val_help: ipv6net; IPv6 address and prefix length [NOTICE: unavailable for gre-multipoint encapsulation] +val_help: ipv6net; IPv6 address and prefix length [NOTICE: unavailable for mGRE tunnels] help: IP address syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" diff --git a/templates/interfaces/tunnel/node.tag/encapsulation/node.def b/templates/interfaces/tunnel/node.tag/encapsulation/node.def index 5b47e5a9..c8d0c7c2 100644 --- a/templates/interfaces/tunnel/node.tag/encapsulation/node.def +++ b/templates/interfaces/tunnel/node.tag/encapsulation/node.def @@ -1,9 +1,9 @@ type: txt help: Encapsulation of this tunnel interface [REQUIRED] -syntax:expression: ((pattern $VAR(@) "^[-a-zA-Z0-9_]+$") && (exec "sudo /opt/vyatta/sbin/vyatta-encapsulation $VAR(@)")) - -allowed: sudo /opt/vyatta/sbin/vyatta-encapsulation +syntax:expression: ((pattern $VAR(@) "^[-a-zA-Z0-9_]+$") && \ + ($VAR(@) in "gre", "gre-bridge", "ipip", "sit", "ipip6", "ip6ip6"; \ + "Must be (gre gre-bridge ipip sit ipip6 ip6ip6)\n")) create:expression: "true" update:expression: "false" ; \ @@ -11,7 +11,6 @@ update:expression: "false" ; \ val_help: gre; Generic Routing Encapsulation val_help: gre-bridge; Generic Routing Encapsulation bridge interface -val_help: gre-multipoint; Multipoint Generic Routing Encapsulation val_help: ipip; IP in IP encapsulation val_help: sit; Simple Internet Transition encapsulation val_help: ipip6; IP in IP6 encapsulation diff --git a/templates/interfaces/tunnel/node.tag/local-ip/node.def b/templates/interfaces/tunnel/node.tag/local-ip/node.def index c6a82a03..8275243a 100644 --- a/templates/interfaces/tunnel/node.tag/local-ip/node.def +++ b/templates/interfaces/tunnel/node.tag/local-ip/node.def @@ -1,7 +1,7 @@ type: ipv4, ipv6 help: Local IP address for this tunnel [REQUIRED] val_help: ipv4; Local IPv4 address for this tunnel [REQUIRED] -val_help: ipv6; Local IPv6 address for this tunnel [REQUIRED] [NOTICE: unavailable for gre-multipoint encapsulation] +val_help: ipv6; Local IPv6 address for this tunnel [REQUIRED] [NOTICE: unavailable for mGRE tunnels] update:if ! /opt/vyatta/sbin/local_ip $VAR(@) then @@ -11,7 +11,7 @@ update:if ! /opt/vyatta/sbin/local_ip $VAR(@) case "$VAR(../encapsulation/@)" in "gre-bridge") ;; - "gre" | "gre-multipoint" | "ipip" | "sit") + "gre" | "ipip" | "sit") sudo ip tunnel cha $VAR(../@) local $VAR(@) if [ -e "/opt/vyatta/sbin/dmvpn-config.pl" ]; then sudo /opt/vyatta/sbin/dmvpn-config.pl \ diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def index a6ba8708..b9ed181e 100644 --- a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def +++ b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def @@ -10,8 +10,8 @@ syntax:expression: exec " \ exit 1 ; \ fi ; " -commit:expression: $VAR(../../../encapsulation/@) in "gre", "gre-multipoint" ; \ - "Key only valid for GRE/GRE-MULTIPOINT for $VAR(../../../@)" +commit:expression: $VAR(../../../encapsulation/@) in "gre" ; \ + "Key only valid for GRE for $VAR(../../../@)" create:expression: "true" update:expression: "false" ; \ diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def index 32080dce..c784e512 100644 --- a/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def +++ b/templates/interfaces/tunnel/node.tag/parameters/ip/tos/node.def @@ -3,8 +3,8 @@ help: Type of Service (TOS) syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 99; "Must be between 0-99" val_help: u32:0-99; Type Of Service (TOS) -commit:expression: $VAR(../../../encapsulation/@) in "gre", "gre-multipoint", "sit", "ipip" ; \ - "tunnel encapsulation must be GRE, GRE-MULTIPOINT, SIT or IPIP" +commit:expression: $VAR(../../../encapsulation/@) in "gre", "sit", "ipip" ; \ + "tunnel encapsulation must be GRE, SIT or IPIP" update: ip tunnel change $VAR(../../../@) tos $VAR(@) delete: ip tunnel change $VAR(../../../@) tos inherit diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def index 3bb2ec72..24d27104 100644 --- a/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def +++ b/templates/interfaces/tunnel/node.tag/parameters/ip/ttl/node.def @@ -3,8 +3,8 @@ help: Time to live field val_help: u32:0-255; Time to live (default 255) syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 255; "Must be between 0-255" -commit:expression: $VAR(../../../encapsulation/@) in "gre", "gre-multipoint", "sit", "ipip" ; \ - "tunnel encapsulation must be GRE, GRE-MULTIPOINT, SIT or IPIP" +commit:expression: $VAR(../../../encapsulation/@) in "gre", "sit", "ipip" ; \ + "tunnel encapsulation must be GRE, SIT or IPIP" update:sudo ip tunnel change $VAR(../../../@) ttl $VAR(@) delete:sudo ip tunnel change $VAR(../../../@) ttl inherit |