summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile.am16
-rw-r--r--debian/control4
-rw-r--r--debian/vyatta-cfg-system.postinst.in101
-rw-r--r--debian/vyatta-cfg-system.postrm10
-rwxr-xr-xetc/init.d/vyatta-udev58
-rwxr-xr-xscripts/add_bootfile_eth_hwid30
-rwxr-xr-xscripts/init-floppy54
-rwxr-xr-xscripts/install-system.in2
-rwxr-xr-xscripts/keepalived/VyattaKeepalived.pm17
-rwxr-xr-xscripts/keepalived/vyatta-keepalived.pl121
-rwxr-xr-xscripts/keepalived/vyatta-show-vrrp.pl21
-rwxr-xr-xscripts/mod_bootfile_eth_hwid37
-rwxr-xr-xscripts/rl-system.init307
-rwxr-xr-xscripts/vyatta_net_name153
-rw-r--r--sysconf/vyatta-net.rules13
-rw-r--r--templates/interfaces/bridge/node.def7
-rw-r--r--templates/interfaces/bridge/node.tag/aging/node.def5
-rw-r--r--templates/interfaces/bridge/node.tag/description/node.def2
-rw-r--r--templates/interfaces/bridge/node.tag/disable/node.def8
-rw-r--r--templates/interfaces/bridge/node.tag/forwarding-delay/node.def5
-rw-r--r--templates/interfaces/bridge/node.tag/hello-time/node.def5
-rw-r--r--templates/interfaces/bridge/node.tag/max-age/node.def5
-rw-r--r--templates/interfaces/bridge/node.tag/node.def1
-rw-r--r--templates/interfaces/bridge/node.tag/priority/node.def5
-rw-r--r--templates/interfaces/bridge/node.tag/stp/node.def9
-rw-r--r--templates/interfaces/ethernet/node.tag/bridge-group/bridge/node.def12
-rw-r--r--templates/interfaces/ethernet/node.tag/bridge-group/cost/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/bridge-group/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/bridge-group/priority/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def (renamed from templates/interfaces/ethernet/node.tag/vrrp/advertise-interval/node.def)0
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def (renamed from templates/interfaces/ethernet/node.tag/vrrp/authentication/node.def)0
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def (renamed from templates/interfaces/ethernet/node.tag/vrrp/authentication/password/node.def)0
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def (renamed from templates/interfaces/ethernet/node.tag/vrrp/authentication/type/node.def)0
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def1
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def (renamed from templates/interfaces/ethernet/node.tag/vrrp/preempt/node.def)0
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def (renamed from templates/interfaces/ethernet/node.tag/vrrp/priority/node.def)0
-rw-r--r--templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def (renamed from templates/interfaces/ethernet/node.tag/vrrp/virtual-address/node.def)1
-rw-r--r--templates/service/telnet/allow-root/node.def28
-rw-r--r--templates/service/telnet/node.def20
-rw-r--r--templates/system/host-name/node.def21
-rw-r--r--templates/system/static-host-mapping/host-name/node.def7
-rw-r--r--templates/system/static-host-mapping/host-name/node.tag/alias/node.def15
-rw-r--r--templates/system/static-host-mapping/host-name/node.tag/inet/node.def14
-rw-r--r--test_bootfile44
46 files changed, 699 insertions, 474 deletions
diff --git a/Makefile.am b/Makefile.am
index c3aea76e..2d109577 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1,5 +1,8 @@
-cfgdir = $(datadir)/vyatta-cfg/templates
-share_perl5dir = /opt/vyatta/share/perl5
+cfgdir = $(datadir)/vyatta-cfg/templates
+share_perl5dir = $(datarootdir)/perl5
+libudevdir = /lib/udev
+etcudevdir = /etc/udev
+initddir = /etc/init.d
bin_SCRIPTS =
sbin_SCRIPTS =
@@ -21,6 +24,10 @@ sbin_SCRIPTS += scripts/keepalived/vyatta-keepalived.pl
sbin_SCRIPTS += scripts/keepalived/vyatta-vrrp-state.pl
sbin_SCRIPTS += scripts/keepalived/vyatta-show-vrrp.pl
sbin_SCRIPTS += scripts/telnetd.init
+sbin_SCRIPTS += scripts/add_bootfile_eth_hwid
+sbin_SCRIPTS += scripts/mod_bootfile_eth_hwid
+
+noinst_DATA = test_bootfile
share_perl5_DATA = scripts/keepalived/VyattaKeepalived.pm
@@ -30,6 +37,11 @@ sysconf_DATA += sysconf/syslog.conf
sysconf_DATA += sysconf/default_ssh
sysconf_DATA += sysconf/config.boot.default
+libudev_SCRIPTS = scripts/vyatta_net_name
+etcudev_DATA = sysconf/vyatta-net.rules
+
+initd_SCRIPTS = etc/init.d/vyatta-udev
+
cpiop = find . ! -regex '\(.*~\|.*\.bak\|.*\.swp\|.*\#.*\#\)' -print0 | \
cpio -0pd
diff --git a/debian/control b/debian/control
index 88938b4a..d950155d 100644
--- a/debian/control
+++ b/debian/control
@@ -12,8 +12,8 @@ Depends: bash (>= 3.1),
perl (>= 5.8.8),
procps (>= 1:3.2.7-3),
coreutils (>= 5.97-5.3),
- vyatta-cfg, sysv-rc, ifrename, ntp, sysklogd, busybox, ssh, whois, sudo,
- snmpd, keepalived, vyatta-bash
+ vyatta-cfg, sysv-rc, ntp, sysklogd, busybox, ssh, whois, sudo,
+ snmpd, keepalived, vyatta-bash, bridge-utils
Suggests: util-linux (>= 2.13-5),
net-tools,
ethtool,
diff --git a/debian/vyatta-cfg-system.postinst.in b/debian/vyatta-cfg-system.postinst.in
index eae046f7..b747b786 100644
--- a/debian/vyatta-cfg-system.postinst.in
+++ b/debian/vyatta-cfg-system.postinst.in
@@ -11,71 +11,46 @@ for init in ntp ssh snmpd keepalived ipvsadm; do
update-rc.d -f ${init} remove >/dev/null
done
-# create symlinks
-for bb in telnetd telnet tftp ftpget ftpput; do
- ln -sf /bin/busybox ${sbindir}/${bb}
-done
-ln -sf ${bindir}/progress-indicator /usr/bin/progress-indicator
+case `grep '^RULES_FILE=' /lib/udev/write_net_rules` in
+*z25_persistent-net.rules* )
+ vyatta_net_rules=z24_vyatta-net.rules;;
+*70-persistent-net.rules* )
+ vyatta_net_rules=69-vyatta-net.rules;;
+* )
+ vyatta_net_rules=21-vyatta-net.rules;;
+esac
-if [ "$sysconfdir" != "/etc" ]; then
- # remove the config files and replace with blank ones
- for conf in motd.tail ntp.conf syslog.conf logrotate.d/messages \
- default/ssh ssh/ssh_host_key quagga/daemons quagga/zebra.conf \
- quagga/bgpd.conf quagga/ospfd.conf quagga/ospf6d.conf \
- quagga/ripd.conf quagga/ripngd.conf quagga/isisd.conf \
- snmp/snmpd.conf snmp/snmptrapd.conf keepalived/keepalived.conf \
- ipvsadm.rules default/ipvsadm resolv.conf
- do
- [ -f /etc/$conf ] && mv -f /etc/$conf /etc/$conf.vyatta-save
- touch /etc/$conf
- done
+ln -sf ../vyatta-net.rules /etc/udev/rules.d/$vyatta_net_rules
- # use our config files
- for conf in motd.tail syslog.conf; do
- cp $sysconfdir/$conf /etc/$conf
- done
- cp $sysconfdir/logrotate_messages /etc/logrotate.d/messages
- cp $sysconfdir/default_ssh /etc/default/ssh
+update-rc.d vyatta-udev start 21 S .
- # sudoers
- [ -f /etc/sudoers ] && cp -pf /etc/sudoers /etc/sudoers.vyatta-save
-
- # for "admin" level (FIXME)
- sed -i 's/^# %sudo ALL=NOPASSWD: ALL/%sudo ALL=NOPASSWD: ALL/' /etc/sudoers
- if ! grep -q '^%sudo ALL=NOPASSWD: ALL' /etc/sudoers; then
- echo -e "\n%sudo ALL=NOPASSWD: ALL" >> /etc/sudoers
- fi
+if [ "$sysconfdir" != "/etc" ]; then
+ # for "admin" level (FIXME)
+ sed -i 's/^# %sudo ALL=NOPASSWD: ALL/%sudo ALL=NOPASSWD: ALL/' /etc/sudoers
+ if ! grep -q '^%sudo ALL=NOPASSWD: ALL' /etc/sudoers; then
+ echo -e "\n%sudo ALL=NOPASSWD: ALL" >> /etc/sudoers
+ fi
- # for "users" level
- if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then
- echo -e "\n%users ALL=NOPASSWD: ${bindir}/sudo-users/" >> /etc/sudoers
- fi
-
- # keep env vars
- echo "Defaults env_keep+=VYATTA_*" >> /etc/sudoers
-
- # ssh v1. remove the empty key file
- rm /etc/ssh/ssh_host_key
-
- # remove unnecessary files
- rm /etc/logrotate.d/*.vyatta-save >& /dev/null
-
- # quagga/daemons
- sed 's/zebra=no/zebra=yes/' /etc/quagga/daemons.vyatta-save > /etc/quagga/daemons
- sed -i 's/bgpd=no/bgpd=yes/' /etc/quagga/daemons
- sed -i 's/ospfd=no/ospfd=yes/' /etc/quagga/daemons
- sed -i 's/ripd=no/ripd=yes/' /etc/quagga/daemons
-
- echo "log syslog warnings" >> /etc/quagga/bgpd.conf
- echo "log syslog warnings" >> /etc/quagga/isisd.conf
- echo "log syslog warnings" >> /etc/quagga/ospf6d.conf
- echo "log syslog warnings" >> /etc/quagga/ospf.conf
- echo "log syslog warnings" >> /etc/quagga/ripd.conf
- echo "log syslog warnings" >> /etc/quagga/ripngd.conf
- echo "log syslog warnings" >> /etc/quagga/zebra.conf
-
- # add temporary version
- echo "Version : eureka (beta)" > $sysconfdir/version
+ # for "users" level
+ if ! grep -q "^%users ALL=NOPASSWD: ${bindir}/sudo-users/" /etc/sudoers; then
+ echo -e "\n%users ALL=NOPASSWD: ${bindir}/sudo-users/" >> /etc/sudoers
+ fi
+
+ # keep env vars
+ if ! grep -q 'env_keep+=VYATTA_*' /etc/sudoers ; then
+ echo "Defaults env_keep+=VYATTA_*" >> /etc/sudoers
+ fi
+
+ # quagga/daemons
+ sed -i 's/zebra=no/zebra=yes/' /etc/quagga/daemons
+ sed -i 's/bgpd=no/bgpd=yes/' /etc/quagga/daemons
+ sed -i 's/ospfd=no/ospfd=yes/' /etc/quagga/daemons
+ sed -i 's/ripd=no/ripd=yes/' /etc/quagga/daemons
+
+ echo "log syslog warnings" >> /etc/quagga/Quagga.conf
+
+ # add temporary version
+ echo "Version : eureka (beta)" > $sysconfdir/version
fi
# update crontab for logrotate
@@ -91,3 +66,7 @@ mkdir -p /var/log/{user,vrrpd}
touch /etc/environment
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 4
+# End:
diff --git a/debian/vyatta-cfg-system.postrm b/debian/vyatta-cfg-system.postrm
new file mode 100644
index 00000000..d668f55d
--- /dev/null
+++ b/debian/vyatta-cfg-system.postrm
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+if [ "$1" = "purge" ]; then
+ rm -f /etc/udev/rules.d/*vyatta-net.rules
+fi
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 4
+# End:
diff --git a/etc/init.d/vyatta-udev b/etc/init.d/vyatta-udev
new file mode 100755
index 00000000..5c2c1d37
--- /dev/null
+++ b/etc/init.d/vyatta-udev
@@ -0,0 +1,58 @@
+#!/bin/bash
+### BEGIN INIT INFO
+# Provides: vyatta-udev
+# Required-Start: udev module-init-tools
+# Required-Stop:
+# Default-Start: S
+# Default-Stop:
+# Short-Description: Trigger udev net subsystem to process interface renaming
+### END INIT INFO
+# **** License ****
+# Version: VPL 1.0
+#
+# The contents of this file are subject to the Vyatta Public License
+# Version 1.0 ("License"); you may not use this file except in
+# compliance with the License. You may obtain a copy of the License at
+# http://www.vyatta.com/vpl
+#
+# Software distributed under the License is distributed on an "AS IS"
+# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+# the License for the specific language governing rights and limitations
+# under the License.
+#
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
+# All Rights Reserved.
+#
+# Author: Tom Grennan <tgrennan@vyatta.com>
+# **** End License ****
+
+. /lib/lsb/init-functions
+
+: ${vyatta_env:=/etc/default/vyatta}
+source $vyatta_env
+
+declare progname=${0##*/}
+declare action=$1; shift
+
+start ()
+{
+ log_action_begin_msg "Trigger rename of network interfaces"
+ udevtrigger --subsystem-match=net
+ udevsettle
+ log_action_end_msg $?
+}
+
+case "$action" in
+ start) start ;;
+ stop|restart|force-reload) true ;;
+ *) log_failure_msg "usage: $progname [ start|stop|restart ]" ;
+ false ;;
+esac
+
+exit $?
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 4
+# End:
diff --git a/scripts/add_bootfile_eth_hwid b/scripts/add_bootfile_eth_hwid
new file mode 100755
index 00000000..2a9cc69c
--- /dev/null
+++ b/scripts/add_bootfile_eth_hwid
@@ -0,0 +1,30 @@
+#!/bin/bash
+
+# add ethnet interface sub-block to configure file
+
+shopt -s extglob
+
+if [[ "$*" == *--help* ]] ; then
+ echo ${0##*/} [test_]FILE INTERFACE HWID
+ exit 0
+fi
+
+if [[ "$1" == test_* ]] ; then
+ origfile=$1
+ bootfile=/tmp/${1##*/}_$$
+ cp $origfile $bootfile
+ trap "diff -c $origfile $bootfile; rm -f $bootfile; exit 0" $?
+else
+ origfile=
+ bootfile=$1
+fi
+eth=$2
+hwid=$3
+
+sed -i '/^interfaces {$/,/^}$/ {
+ /^}$/i\
+ ethernet '"$eth"' {\
+ hw-id: '"$hwid"'\
+ link-detect\
+ }
+ }' $bootfile
diff --git a/scripts/init-floppy b/scripts/init-floppy
index 6d67965b..0f12c0ba 100755
--- a/scripts/init-floppy
+++ b/scripts/init-floppy
@@ -32,10 +32,15 @@ else
DRIVE="/dev/fd0"
fi
+failure ()
+{
+ echo "$*"
+ exit 1
+}
+
# Look and see if we have a floopy drive
if sed -n '/[0-9]\+ fd$/ { q 1 }' /proc/devices || [ ! -e $DRIVE ] ; then
- echo "No floppy device"
- exit 1
+ failure "No floppy device"
fi
echo "This will erase all data on floppy $DRIVE."
@@ -48,6 +53,8 @@ fi
fd=/media/floppy
+unbind_notice="\rUnbinding config from floppy...\c"
+unbind__error="\rError: Couldn't unbind ${vyatta_sysconfdir}/config."
umount_notice="\rAttempting to unmount floppy...\c"
umount__error="\rError: Couldn't unmount $DRIVE."
format_notice="\rFormatting floppy $DRIVE... \c"
@@ -64,51 +71,40 @@ saved__notice="\rYour configuration was saved in: $fd/config/config.boot"
mkdir -p $fd
-if mount | grep -q $fd/config ; then
- umount $fd/config
+if grep -q "$DRIVE ${vyatta_sysconfdir}/config" /proc/mounts ; then
+ echo "$unbind_notice"
+ /bin/umount ${vyatta_sysconfdir}/config &>/dev/null || \
+ failure $unbind__error
fi
if grep -q $DRIVE /proc/mounts ; then
echo "$umount_notice"
- if ! /bin/umount $fd >/dev/null 2>&1 ; then
- echo "$umount__error"
- exit
- fi
+ /bin/umount $fd &>/dev/null || \
+ failure "$umount__error"
fi
echo "$format_notice"
-if ! /usr/bin/fdformat -n $DRIVE >/dev/null 2>&1 ; then
- echo "$format__error"
- exit
-fi
+/usr/bin/fdformat -n $DRIVE &>/dev/null || \
+ failure "$format__error"
echo "$create_notice"
-if ! /sbin/mke2fs -q $DRIVE >/dev/null 2>&1 ; then
- echo "$create__error"
- exit
-fi
+/sbin/mke2fs -q $DRIVE &>/dev/null || \
+ failure "$create__error"
echo "$mount__notice"
-if ! /bin/mount /dev/fd0 $fd -t ext2 -o sync >/dev/null 2>&1 ; then
- echo "$mount___error"
- exit
-fi
+/bin/mount /dev/fd0 $fd -t ext2 -o sync &>/dev/null || \
+ failure "$mount___error"
/bin/mkdir $fd/config
/bin/chmod 777 $fd/config
echo "$config_notice"
-if ! ${vyatta_sbindir}/vyatta-save-config.pl $fd/config/config.boot >/dev/null
-then
- echo "$config__error"
- exit
-fi
+${vyatta_sbindir}/vyatta-save-config.pl $fd/config/config.boot &>/dev/null || \
+ failure "$config__error"
echo "$bind___notice"
-if ! /bin/mount -o bind $fd/config ${vyatta_sysconfdir}/config 2>&1 ; then
- echo "$bind____error"
- exit
-fi
+/bin/mount -o bind $fd/config ${vyatta_sysconfdir}/config &>/dev/null || \
+ failure "$bind____error"
echo "$saved__notice"
diff --git a/scripts/install-system.in b/scripts/install-system.in
index 4c31b2ad..c4e46217 100755
--- a/scripts/install-system.in
+++ b/scripts/install-system.in
@@ -843,7 +843,7 @@ unmount () {
progress_indicator () {
case "$1" in
- "start") /usr/bin/progress-indicator $SPID &
+ "start") $bindir/progress-indicator $SPID &
;;
"stop") rm -f /tmp/pi.$SPID
sleep 1
diff --git a/scripts/keepalived/VyattaKeepalived.pm b/scripts/keepalived/VyattaKeepalived.pm
index c2d446e4..e0e84af3 100755
--- a/scripts/keepalived/VyattaKeepalived.pm
+++ b/scripts/keepalived/VyattaKeepalived.pm
@@ -129,6 +129,17 @@ sub get_state_files {
return @state_files;
}
+sub get_vips_per_intf {
+ my ($intf) = @_;
+
+ my $config = new VyattaConfig;
+ my @groups = ();
+
+ $config->setLevel("interfaces ethernet $intf vrrp vrrp-group");
+ @groups = $config->listOrigNodes();
+ return scalar(@groups);
+}
+
sub vrrp_get_config {
my ($intf, $group) = @_;
@@ -144,8 +155,8 @@ sub vrrp_get_config {
$primary_addr = $1;
}
- $config->setLevel("interfaces ethernet $intf vrrp");
- my $vip = $config->returnOrigValue("virtual-address");
+ $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group");
+ my @vips = $config->returnOrigValues("virtual-address");
my $priority = $config->returnOrigValue("priority");
if (!defined $priority) {
$priority = 1;
@@ -165,7 +176,7 @@ sub vrrp_get_config {
} else {
$auth_type = uc($auth_type);
}
- return ($primary_addr, $vip, $priority, $preempt, $advert_int, $auth_type);
+ return ($primary_addr, $priority, $preempt, $advert_int, $auth_type, @vips);
}
sub vrrp_state_parse {
diff --git a/scripts/keepalived/vyatta-keepalived.pl b/scripts/keepalived/vyatta-keepalived.pl
index 15346855..e9df03df 100755
--- a/scripts/keepalived/vyatta-keepalived.pl
+++ b/scripts/keepalived/vyatta-keepalived.pl
@@ -38,72 +38,75 @@ use warnings;
sub keepalived_get_values {
my ($intf) = @_;
- my $output;
+ my $output = '';
my $config = new VyattaConfig;
- $config->setLevel("interfaces ethernet $intf vrrp");
- my $group = $config->returnValue("vrrp-group");
- if (!defined $group) {
- $group = 1;
- }
- my $vip = $config->returnValue("virtual-address");
- if (!defined $vip) {
- print "must define a virtual-address for vrrp-group $group\n";
- exit 1;
- }
- my $priority = $config->returnValue("priority");
- if (!defined $priority) {
- $priority = 1;
- }
- my $preempt = $config->returnValue("preempt");
- if (!defined $preempt) {
- $preempt = "true";
- }
- my $advert_int = $config->returnValue("advertise-interval");
- if (!defined $advert_int) {
- $advert_int = 1;
- }
- $config->setLevel("interfaces ethernet $intf vrrp authentication");
- my $auth_type = $config->returnValue("type");
- my $auth_pass;
- if (defined $auth_type) {
- $auth_type = uc($auth_type);
- $auth_pass = $config->returnValue("password");
- if (! defined $auth_pass) {
- print "vrrp authentication password not set";
+ my $state_transition_script = VyattaKeepalived::get_state_script();
+
+ $config->setLevel("interfaces ethernet $intf vrrp vrrp-group");
+ my @groups = $config->listNodes();
+ foreach my $group (@groups) {
+ $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group");
+ my @vips = $config->returnValues("virtual-address");
+ if (scalar(@vips) == 0) {
+ print "must define a virtual-address for vrrp-group $group\n";
exit 1;
}
- }
- my $state_transition_script = VyattaKeepalived::get_state_script();
+ my $priority = $config->returnValue("priority");
+ if (!defined $priority) {
+ $priority = 1;
+ }
+ my $preempt = $config->returnValue("preempt");
+ if (!defined $preempt) {
+ $preempt = "true";
+ }
+ my $advert_int = $config->returnValue("advertise-interval");
+ if (!defined $advert_int) {
+ $advert_int = 1;
+ }
+ $config->setLevel("interfaces ethernet $intf vrrp vrrp-group $group authentication");
+ my $auth_type = $config->returnValue("type");
+ my $auth_pass;
+ if (defined $auth_type) {
+ $auth_type = uc($auth_type);
+ $auth_pass = $config->returnValue("password");
+ if (! defined $auth_pass) {
+ print "vrrp authentication password not set";
+ exit 1;
+ }
+ }
- $output = "vrrp_instance vyatta-$intf-$group \{\n";
- if ($preempt eq "false") {
- $output .= "\tstate BACKUP\n";
- } else {
- $output .= "\tstate MASTER\n";
+ $output .= "vrrp_instance vyatta-$intf-$group \{\n";
+ if ($preempt eq "false") {
+ $output .= "\tstate BACKUP\n";
+ } else {
+ $output .= "\tstate MASTER\n";
}
- $output .= "\tinterface $intf\n";
- $output .= "\tvirtual_router_id $group\n";
- $output .= "\tpriority $priority\n";
- if ($preempt eq "false") {
- $output .= "\tnopreempt\n";
- }
- $output .= "\tadvert_int $advert_int\n";
- if (defined $auth_type) {
- $output .= "\tauthentication {\n";
- $output .= "\t\tauth_type $auth_type\n";
- $output .= "\t\tauth_pass $auth_pass\n\t}\n";
+ $output .= "\tinterface $intf\n";
+ $output .= "\tvirtual_router_id $group\n";
+ $output .= "\tpriority $priority\n";
+ if ($preempt eq "false") {
+ $output .= "\tnopreempt\n";
+ }
+ $output .= "\tadvert_int $advert_int\n";
+ if (defined $auth_type) {
+ $output .= "\tauthentication {\n";
+ $output .= "\t\tauth_type $auth_type\n";
+ $output .= "\t\tauth_pass $auth_pass\n\t}\n";
+ }
+ $output .= "\tvirtual_ipaddress \{\n";
+ foreach my $vip (@vips) {
+ $output .= "\t\t$vip\n";
+ }
+ $output .= "\t\}\n";
+ $output .= "\tnotify_master ";
+ $output .= "\"$state_transition_script master $intf $group @vips\" \n";
+ $output .= "\tnotify_backup ";
+ $output .= "\"$state_transition_script backup $intf $group @vips\" \n";
+ $output .= "\t notify_fault ";
+ $output .= "\"$state_transition_script fault $intf $group @vips\" \n";
+ $output .= "\}\n";
}
- $output .= "\tvirtual_ipaddress \{\n";
- $output .= "\t\t$vip\n";
- $output .= "\t\}\n";
- $output .= "\tnotify_master ";
- $output .= "\"$state_transition_script master $intf $group $vip\" \n";
- $output .= "\tnotify_backup ";
- $output .= "\"$state_transition_script backup $intf $group $vip\" \n";
- $output .= "\t notify_fault ";
- $output .= "\"$state_transition_script fault $intf $group $vip\" \n";
- $output .= "\}\n";
return $output;
}
diff --git a/scripts/keepalived/vyatta-show-vrrp.pl b/scripts/keepalived/vyatta-show-vrrp.pl
index 6540eaf5..934808f6 100755
--- a/scripts/keepalived/vyatta-show-vrrp.pl
+++ b/scripts/keepalived/vyatta-show-vrrp.pl
@@ -81,7 +81,7 @@ sub link_updown {
}
sub get_master_info {
- my ($intf, $group, $vip) = @_;
+ my ($intf, $group) = @_;
my $file = VyattaKeepalived::get_master_file($intf, $group);
if ( -f $file) {
@@ -113,18 +113,27 @@ sub vrrp_show {
VyattaKeepalived::vrrp_state_parse($file);
my $link = link_updown($intf);
if ($state eq "master" || $state eq "backup" || $state eq "fault") {
- my ($primary_addr, $vip, $priority, $preempt, $advert_int, $auth_type) =
- VyattaKeepalived::vrrp_get_config($intf, $group);
+ my ($primary_addr, $priority, $preempt, $advert_int, $auth_type,
+ @vips) = VyattaKeepalived::vrrp_get_config($intf, $group);
print "Physical interface: $intf, Address $primary_addr\n";
print " Interface state: $link, Group $group, State: $state\n";
print " Priority: $priority, Advertisement interval: $advert_int, ";
print "Authentication type: $auth_type\n";
- print " Preempt: $preempt, VIP count: 1, VIP: $vip\n";
+ my $vip_count = scalar(@vips);
+ my $string = " Preempt: $preempt, VIP count: $vip_count, VIP: ";
+ my $strlen = length($string);
+ print $string;
+ foreach my $vip (@vips) {
+ if ($vip_count != scalar(@vips)) {
+ print " " x $strlen;
+ }
+ print "$vip\n";
+ $vip_count--;
+ }
if ($state eq "master") {
print " Master router: $primary_addr\n";
} elsif ($state eq "backup") {
- my ($master_rtr, $master_prio) = get_master_info($intf,
- $group, $vip);
+ my ($master_rtr, $master_prio) = get_master_info($intf, $group);
print " Master router: $master_rtr, ";
print "Master Priority: $master_prio\n";
}
diff --git a/scripts/mod_bootfile_eth_hwid b/scripts/mod_bootfile_eth_hwid
new file mode 100755
index 00000000..b913d121
--- /dev/null
+++ b/scripts/mod_bootfile_eth_hwid
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# modify interface sub-block
+
+shopt -s extglob
+
+if [[ "$*" == *--help* ]] ; then
+ echo ${0##*/} [test_]FILE INTERFACE HWID
+ exit 0
+fi
+
+if [[ "$1" == test_* ]] ; then
+ origfile=$1
+ bootfile=/tmp/${1##*/}_$$
+ cp $origfile $bootfile
+ trap "diff -c $origfile $bootfile; rm -f $bootfile; exit 0" $?
+else
+ origfile=
+ bootfile=$1
+fi
+eth=$2
+hwid=$3
+
+sed -i '/^interfaces {$/,/^}$/ {
+ /^ ethernet '"$eth"' {$/ {
+ :join
+ /\n }$/ {
+ /hw-id: / s/\(hw-id:\) [0-9a-fA-F:]\+/\1 '"$hwid"'/
+ /hw-id: /! s/}$/ hw-id: '"$hwid"'\n }/
+ /link-detect/! s/}$/ link-detect\n }/
+ b
+ }
+ N
+ b join
+ }
+}' $bootfile
+
diff --git a/scripts/rl-system.init b/scripts/rl-system.init
index 779a7610..96f648c1 100755
--- a/scripts/rl-system.init
+++ b/scripts/rl-system.init
@@ -24,248 +24,24 @@
ACTION=$1
-[[ $PATH == *${ofr_bindir}* ]] || PATH+=:${ofr_bindir}
-[[ $PATH == *${ofr_sbindir}* ]] || PATH+=:${ofr_sbindir}
+source /etc/default/vyatta
+
+: ${vyatta_prefix:=/opt/vyatta}
+: ${vyatta_bindir:=${vyatta_prefix}/bin}
+: ${vyatta_sbindir:=${vyatta_prefix}/sbin}
+: ${vyatta_sysconfdir:=${vyatta_prefix}/etc}
+
+[[ $PATH == *${vyatta_bindir}* ]] || PATH+=:${vyatta_bindir}
+[[ $PATH == *${vyatta_sbindir}* ]] || PATH+=:${vyatta_sbindir}
export PATH
. /lib/lsb/init-functions
-IPROUTE2IP=ip
-INIT_PID=$$
-IFTAB=/etc/iftab
-
## BOOTFILE is provided by ofr.init
: ${BOOTFILE:=$prefix/etc/config/config.boot}
-declare -a cfg_eth_hwid
-declare -a sys_eth_mac
-declare -a sys_vmnets
-
-# load hwid array from config file as follows
-# interface {
-# ...
-# ethernet eth# {
-# ...
-# hw-id: XX:XX:XX:XX:XX:XX
-# ...
-# }
-# }
-#
-# cfg_eth_hwid[#]=xx:xx:xx:xx:xx:xx
-
-load_cfg_eth_hwid ()
-{
- eval $( sed -n '
- /^interfaces {/,/^}/ {
- /^ *ethernet eth[0-9]* {/,/^ $/ {
- /^ *ethernet/ {
- s/.* eth\([0-9]\+\) {$/cfg_eth_hwid[\1]=/
-# hold interface name
- h
- }
- /^.*hw-id:/ {
-# translate field name
- s/.*hw-id: *//
-# tolower hex mac address
- y/ABCDEF/abcdef/
-# exchange hold and pattern space
- x
-# concatenate hold and pattern
- G
- s/\n//p
- }
- }
- }' $BOOTFILE )
-}
-
-# load system eth mac tabled from ip link
-
-load_sys_eth_mac ()
-{
- eval $( ip link show | sed -n '
- /^[0-9]*: eth[0-9]*: /,+1 {
-# combine 2 line interface output...
-# 2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 1000
-# link/ether 00:13:72:57:48:f9 brd ff:ff:ff:ff:ff:ff
- h
- n
- x
- G
- s/\n//
-# translate to:
-# #=00:13:72:57:48:f9
- s/^.*eth\([0-9]\+\):.*link\/ether \([0-9A-Fa-f:]\+\) .*$/sys_eth_mac[\1]=\2/p
- }' )
-}
-
-load_sys_vmnets ()
-{
- sys_vmnets=( $( ip link show |
- sed -n 's/^[0-9]*: \(vmnet[0-9]*\).*$/\1/p' ) )
-}
-
-
-have_cfg_eth_hwid ()
-{
- local mac=$1
-
- for hwid in ${cfg_eth_hwid[@]} ; do
- [ $hwid == $mac ] && return 0
- done
- false
-}
-
-have_sys_eth_mac ()
-{
- local hwid=$1
-
- for mac in ${sys_eth_mac[@]} ; do
- [ $hwid == $mac ] && return 0
- done
- false
-}
-
-# update cfg table with results from system mac detection
-# first remove cfg itfs that are no longer in sys table
-# if sys mac is already in cfg table, use cfg itf assignment;
-# if sys mac isnot in cfg table but given index has hwid of
-# another sys itf, add to cfg table in first available slot
-# otherwise, [re-]assign cfg eth hwid with sys mac
-
-update_cfg_eth_hwid ()
-{
- local -i i
-
- for i in ${!cfg_eth_hwid[@]} ; do
- if ! have_sys_eth_mac ${cfg_eth_hwid[$i]} ; then
- unset cfg_eth_hwid[$i]
- fi
- done
- for i in ${!sys_eth_mac[@]} ; do
- if ! have_cfg_eth_hwid ${sys_eth_mac[$i]} ; then
- if [ -n "${cfg_eth_hwid[$i]}" ] ; then
- # cfg[#] has mac of another sys itf;
- # so, add another cfg itf for this mac
- # to the first available slot
- for (( j=0 ; true ; j++ )) ; do
- if [ -z "${cfg_eth_hwid[$j]}" ] ; then
- cfg_eth_hwid[$j]=${sys_eth_mac[$i]}
- break 1
- fi
- done
- else
- cfg_eth_hwid[$i]=${sys_eth_mac[$i]}
- fi
- fi
- done
-}
-
-write_iftab ()
-{
- local -i i
-
- rm -f $IFTAB
- for i in ${!cfg_eth_hwid[@]} ; do
- echo "etha$i mac ${cfg_eth_hwid[$i]}" >> $IFTAB
- done
-}
-
-write_iftab_real ()
-{
- local -i i
-
- rm -f $IFTAB
- for i in ${!cfg_eth_hwid[@]} ; do
- echo "eth$i mac ${cfg_eth_hwid[$i]}" >> $IFTAB
- done
-}
-
-mod_bootfile_eth_hwid ()
-{
- local eth=$1 hwid=$2
-
- sed -i '/^interfaces {$/,/^}/ {
- /^ ethernet '"$eth"' {$/,/^ }$/ {
- /^ *hw-id/c\
- hw-id: '"$hwid"'
- }}' $BOOTFILE
-}
-
-add_bootfile_eth_hwid ()
-{
- local eth=$1 hwid=$2
-
- sed -i '/^interfaces {$/,/^}$/ {
- /^}$/i\
- ethernet '"$eth"' {\
- hw-id: '"$hwid"'\
- }
- }' $BOOTFILE
-}
-
-add_bootfile_eth_linkdetect ()
-{
- local eth=$1
-
- sed -i '/^interfaces {$/,/^}$/ {
- /^}$/i\
- ethernet '"$eth"' {\
- link-detect\
- }
- }' $BOOTFILE
-}
-
-update_bootfile_eths ()
-{
- local -i i
-
- for i in ${!cfg_eth_hwid[@]} ; do
- if grep -q "ethernet eth$i {" $BOOTFILE ; then
- mod_bootfile_eth_hwid eth$i ${cfg_eth_hwid[$i]}
- else
- add_bootfile_eth_hwid eth$i ${cfg_eth_hwid[$i]}
- add_bootfile_eth_linkdetect eth$i
- fi
- done
-}
-
-add_bootfile_vmnet ()
-{
- local vmnet=$1
-
- sed -i '/^interfaces {/,/^}$/ {
- /^}$/i\
- ethernet '"$vmnet"' {\
- }
- }' $BOOTFILE
-}
-
-update_bootfile_vmnets ()
-{
- for vmnet in ${sys_vmnets[@]} ; do
- if ! grep -q "ethernet $vmnet {" $BOOTFILE ; then
- add_bootfile_vmnet $vmnet
- fi
- done
-}
-
-itfmess ()
-{
- load_cfg_eth_hwid
- load_sys_eth_mac
- load_sys_vmnets
- update_cfg_eth_hwid
- write_iftab
- update_bootfile_eths
- update_bootfile_vmnets
-}
-
-maybe_ifrename () {
- if [ -e $IFTAB ] ; then
- ifrename -d -p
- fi
-}
+shopt -s extglob nullglob
search_config_if_wan () {
grep "\<serial\>.*\<$1\>" $BOOTFILE >/dev/null
@@ -290,56 +66,72 @@ add_new_serial_if () {
fi
}
-reset_promiscous_arp_response () {
+proc_flags ()
+{
+ # reset_promiscous_arp_response
echo 1 > /proc/sys/net/ipv4/conf/default/arp_filter
-}
-
-set_ip_forwarding () {
+ # set_ip_forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
-}
-## if a primary address is removed from an interface promote and
-## secondary available
-set_promote_secondaries () {
+ # if a primary address is removed from an interface promote and
+ # secondary available
echo 1 > /proc/sys/net/ipv4/conf/all/promote_secondaries
}
## Update the version information
update_version_info () {
- if [ -f ${ofr_sysconfdir}/version.master ]; then
- cp ${ofr_sysconfdir}/version.master ${ofr_sysconfdir}/version
+ if [ -f ${vyatta_sysconfdir}/version.master ]; then
+ cp ${vyatta_sysconfdir}/version.master ${vyatta_sysconfdir}/version
fi
}
## Clear out apt config file--it will be filled in by rtrmgr
clear_apt_config()
{
- >/etc/apt/sources.list
+ cat /dev/null >/etc/apt/sources.list || true
}
## snmp should be a separate package,
## but for now load the kernel module here
add_snmp_stats_module()
{
- modprobe ipt_rlsnmpstats
+ modprobe ipt_rlsnmpstats || true
}
set_reboot_on_panic()
{
- echo 1 > /proc/sys/kernel/panic_on_oops
- echo 60 > /proc/sys/kernel/panic
+ echo 1 > /proc/sys/kernel/panic_on_oops
+ echo 60 > /proc/sys/kernel/panic
+}
+
+clear_or_override_config_files ()
+{
+ for conf in motd.tail ntp.conf syslog.conf logrotate.d/messages \
+ snmp/snmpd.conf snmp/snmptrapd.conf keepalived/keepalived.conf \
+ ipvsadm.rules default/ipvsadm resolv.conf
+ do
+ if [ -f /etc/$conf ] ; then
+ cat /dev/null > /etc/$conf || true
+ fi
+ done
+ for conf in motd.tail syslog.conf; do
+ cp $vyatta_sysconfdir/$conf /etc/$conf
+ done
+ cp $vyatta_sysconfdir/logrotate_messages /etc/logrotate.d/messages
+ cp $vyatta_sysconfdir/default_ssh /etc/default/ssh
+ # ssh v1. remove the empty key file
+ rm -f /etc/ssh/ssh_host_key
}
start () {
- set_reboot_on_panic
- itfmess
- maybe_ifrename
- write_iftab_real
- maybe_ifrename
- add_new_serial_if
- reset_promiscous_arp_response
- set_ip_forwarding
- set_promote_secondaries
+ clear_or_override_config_files || \
+ log_failure_msg "can\'t reset config files"
+ set_reboot_on_panic || \
+ log_failure_msg "can\'t set reboot on panic"
+ add_new_serial_if || \
+ log_failure_msg "can\'t add serial interfaces"
+ proc_flags || \
+ log_failure_msg "can\'t reset proc flags"
update_version_info
clear_apt_config
add_snmp_stats_module
@@ -354,7 +146,6 @@ esac
exit $?
-
# Local Variables:
# mode: shell-script
# sh-indentation: 4
diff --git a/scripts/vyatta_net_name b/scripts/vyatta_net_name
new file mode 100755
index 00000000..43c71c1d
--- /dev/null
+++ b/scripts/vyatta_net_name
@@ -0,0 +1,153 @@
+#!/bin/bash
+# **** License ****
+# Version: VPL 1.0
+#
+# The contents of this file are subject to the Vyatta Public License
+# Version 1.0 ("License"); you may not use this file except in
+# compliance with the License. You may obtain a copy of the License at
+# http://www.vyatta.com/vpl
+#
+# Software distributed under the License is distributed on an "AS IS"
+# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+# the License for the specific language governing rights and limitations
+# under the License.
+#
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
+# All Rights Reserved.
+#
+# Author: Tom Grennan <tgrennan@vyatta.com>
+# Description: search Vyatta config for interface name given address
+#
+# **** End License ****
+
+debug=
+match=
+attr_address=0:0:0:0:0:0
+declare -i ethn=0 last_ethn=0
+
+test -r /etc/default/vyatta && source /etc/default/vyatta
+
+# process command line variable overrides
+
+for arg ; do
+ case "$arg" in
+ --debug )
+ debug=echo
+ ;;
+ --*=* )
+ arg=${arg#--}
+ eval ${arg%=*}=\"${arg#*=}\"
+ ;;
+ *=* )
+ eval ${arg%=*}=\"${arg#*=}\"
+ ;;
+ *:*:*:*:*:* )
+ attr_address=$arg
+ ;;
+ * )
+ kname=$arg
+ ;;
+ esac
+done
+
+: ${vyatta_prefix:=/opt/vyatta}
+: ${vyatta_sbindir:=${vyatta_prefix}/sbin}
+: ${vyatta_sysconfdir:=${vyatta_prefix}/etc}
+: ${BOOTFILE:=${vyatta_sysconfdir:-/opt/vyatta/etc}/config/config.boot}
+: ${DEFAULT_BOOTFILE:=${vyatta_sysconfdir:-/opt/vyatta/etc}/config.boot.default}
+
+if [ ! -f $BOOTFILE ] ; then
+ cp $DEFAULT_BOOTFILE $BOOTFILE
+ chgrp quaggavty $BOOTFILE
+ chmod 660 $BOOTFILE
+fi
+
+shopt -s extglob nullglob
+
+# load cfg_eth_hwid array from config file as follows
+# interface {
+# ...
+# ethernet eth# {
+# ...
+# hw-id: XX:XX:XX:XX:XX:XX
+# ...
+# }
+# }
+#
+# cfg_eth_hwid=( "eth#=xx:xx:xx:xx:xx:xx" ... )
+
+declare -a cfg_net_hwid=( $( sed -ne '
+ /^interfaces {/,/^}/ {
+ /^ *ethernet eth[0-9]* {/,/^ $/ {
+ /^ *ethernet/ {
+ s/.* eth\([0-9]\+\) {$/ eth\1=/
+# hold interface name
+ h
+ }
+ /^.*hw-id:/ {
+# translate field name
+ s/.*hw-id: *//
+# tolower hex mac address
+ y/ABCDEF/abcdef/
+# exchange hold and pattern space
+ x
+# concatenate hold and pattern
+ G
+ s/\n//p
+ }
+ }
+ }' $BOOTFILE ))
+
+for name_hwid in ${cfg_net_hwid[@]} ; do
+ name=${name_hwid%=*}
+ hwid=${name_hwid#*=}
+ ethn=${name/eth/}
+ [[ $ethn -gt $last_ethn ]] && \
+ last_ethn=$ethn
+ if [ "$hwid" == "$attr_address" ] ; then
+ # we mod the config file interface sub-clock in case it is missing
+ # "link-detect"
+ [[ "$BOOTFILE" != *test_* ]] && \
+ ${vyatta_sbindir}/mod_bootfile_eth_hwid $BOOTFILE $name $attr_address
+ echo $name
+ exit 0
+ fi
+ [ "$name" == "$kname" ] && \
+ match=$name_hwid
+done
+
+[ -z "$kname" ] && \
+ exit 1
+
+# have not found matching hwid in config, see if we can use kernel name
+if [ -z "$match" ] ; then
+ # the kernel interface name isnot in config
+ # so, we might as well use it
+ name=$kname
+ cmd=add
+elif [ -z "${match#*=}" ] ; then
+ # the config has this interface but the sub-block is missing the hwid
+ # so again, we might as well use the kernel name
+ name=$kname
+ cmd=mod
+else
+ # The device mac address is not in the config but the config
+ # has another hwid associated with the device name. This
+ # indicates that the device is either a replacement or new but
+ # detected earlier than the device configured with this name.
+ # Since this is non-deterministic, we make a new name.
+ (( ethn = last_ethn + 1 ))
+ name=eth$ethn
+ cmd=add
+fi
+
+[[ "$BOOTFILE" != *test_* ]] && \
+ ${vyatta_sbindir}/${cmd}_bootfile_eth_hwid $BOOTFILE $name $attr_address
+
+echo $name
+
+# Local Variables:
+# mode: shell-script
+# sh-indentation: 4
+# End:
diff --git a/sysconf/vyatta-net.rules b/sysconf/vyatta-net.rules
new file mode 100644
index 00000000..31901b42
--- /dev/null
+++ b/sysconf/vyatta-net.rules
@@ -0,0 +1,13 @@
+# These rules use vyatta_net_name to persistently name network interfaces
+# per "hwid" association with the interface block of the vyatta config file.
+
+ACTION!="add", GOTO="vyatta_net_end"
+SUBSYSTEM!="net", GOTO="vyatta_net_end"
+
+# ignore interfaces without a driver link like bridges and VLANs
+KERNEL=="eth*|ath*|wlan*|ra*|sta*|ctc*|lcs*|hsi*", DRIVERS=="?*",\
+ PROGRAM="vyatta_net_name %k $attr{address}", \
+ NAME="%c"
+
+LABEL="vyatta_net_end"
+
diff --git a/templates/interfaces/bridge/node.def b/templates/interfaces/bridge/node.def
new file mode 100644
index 00000000..d85c9afc
--- /dev/null
+++ b/templates/interfaces/bridge/node.def
@@ -0,0 +1,7 @@
+tag:
+type: txt
+help: "Enter bridge interface name (br0 - br9)"
+syntax: $(@) in "br0", "br1", "br2", "br3", "br4", "br5", "br6", "br7", "br8", "br9" ; "Must be (br0 - br9)"
+create: "sudo brctl addbr $(@)"
+delete: "sudo brctl delbr $(@)"
+
diff --git a/templates/interfaces/bridge/node.tag/aging/node.def b/templates/interfaces/bridge/node.tag/aging/node.def
new file mode 100644
index 00000000..0b1dcd03
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/aging/node.def
@@ -0,0 +1,5 @@
+type: u32
+help: "Set the number of seconds a MAC address will be kept in the forwarding database"
+default: 300
+update: "sudo brctl setageing $(../@) $(@)"
+delete: "sudo brctl setageing $(../@) $(@)"
diff --git a/templates/interfaces/bridge/node.tag/description/node.def b/templates/interfaces/bridge/node.tag/description/node.def
new file mode 100644
index 00000000..481dce47
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/description/node.def
@@ -0,0 +1,2 @@
+type: txt
+help: "Add a human-readable description of an interface"
diff --git a/templates/interfaces/bridge/node.tag/disable/node.def b/templates/interfaces/bridge/node.tag/disable/node.def
new file mode 100644
index 00000000..f72b8af3
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/disable/node.def
@@ -0,0 +1,8 @@
+type: bool
+help: "Disable the bridge interface"
+default: false
+update: "if [ x$(@) == xtrue ]; then \
+ sudo ip link set $(../@) down; \
+ else \
+ sudo ip link set $(../@) up; \
+ fi; "
diff --git a/templates/interfaces/bridge/node.tag/forwarding-delay/node.def b/templates/interfaces/bridge/node.tag/forwarding-delay/node.def
new file mode 100644
index 00000000..6634a7cc
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/forwarding-delay/node.def
@@ -0,0 +1,5 @@
+type: u32
+help: "Set the forwarding delay"
+default: 15
+update: "sudo brctl setfd $(../@) $(@)"
+delete: "sudo brctl setfd $(../@) $(@)"
diff --git a/templates/interfaces/bridge/node.tag/hello-time/node.def b/templates/interfaces/bridge/node.tag/hello-time/node.def
new file mode 100644
index 00000000..e7b59ab3
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/hello-time/node.def
@@ -0,0 +1,5 @@
+type: u32
+help: "Set the hello packet advertisment interval"
+default: 2
+update: "sudo brctl sethello $(../@) $(@)"
+delete: "sudo brctl sethello $(../@) $(@)"
diff --git a/templates/interfaces/bridge/node.tag/max-age/node.def b/templates/interfaces/bridge/node.tag/max-age/node.def
new file mode 100644
index 00000000..7fa3ecbe
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/max-age/node.def
@@ -0,0 +1,5 @@
+type: u32
+help: "Set the interval at which neighbor bridges are removed"
+default: 20
+update: "sudo brctl setmaxage $(../@) $(@)"
+delete: "sudo brctl setmaxage $(../@) $(@)"
diff --git a/templates/interfaces/bridge/node.tag/node.def b/templates/interfaces/bridge/node.tag/node.def
new file mode 100644
index 00000000..07e13e91
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/node.def
@@ -0,0 +1 @@
+help: "Set bridge parameters"
diff --git a/templates/interfaces/bridge/node.tag/priority/node.def b/templates/interfaces/bridge/node.tag/priority/node.def
new file mode 100644
index 00000000..650958ef
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/priority/node.def
@@ -0,0 +1,5 @@
+type: u32
+help: "Set the priority for this bridge"
+default: 0
+update: "sudo brctl setbridgeprio $(../@) $(@)"
+delete: "sudo brctl setbridgeprio $(../@) $(@)"
diff --git a/templates/interfaces/bridge/node.tag/stp/node.def b/templates/interfaces/bridge/node.tag/stp/node.def
new file mode 100644
index 00000000..eb87287b
--- /dev/null
+++ b/templates/interfaces/bridge/node.tag/stp/node.def
@@ -0,0 +1,9 @@
+type: bool
+help: "Enable spanning tree protocol"
+default: false
+update: "if [ x$(@) == xtrue ]; then \
+ sudo brctl stp $(../@) on; \
+ else \
+ sudo brctl stp $(../@) off; \
+ fi; "
+delete: "sudo brctl stp $(../@) off"
diff --git a/templates/interfaces/ethernet/node.tag/bridge-group/bridge/node.def b/templates/interfaces/ethernet/node.tag/bridge-group/bridge/node.def
new file mode 100644
index 00000000..f6ca51e4
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/bridge-group/bridge/node.def
@@ -0,0 +1,12 @@
+type: txt
+help: "Add this interface to a bridge-group"
+syntax: exec " \
+ if [ -z \"`sudo brctl show | grep $(@) `\" ]; then \
+ echo bridge interface $(@) doesn\\'t exist on this system ; \
+ exit 1 ; \
+ fi ; "
+update: "sudo brctl addif $(@) $(../../@)"
+delete: "sudo brctl delif $(@) $(../../@)"
+#allowed: local -a array ;
+# array=( /sys/class/net/br* ) ;
+# echo -n ${array[@]##*/}
diff --git a/templates/interfaces/ethernet/node.tag/bridge-group/cost/node.def b/templates/interfaces/ethernet/node.tag/bridge-group/cost/node.def
new file mode 100644
index 00000000..1c2bbde1
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/bridge-group/cost/node.def
@@ -0,0 +1,4 @@
+type: u32
+help: "Set the path cost for this port"
+commit: $(../bridge/) != ""; "Must configure bridge interface"
+update: "sudo brctl setpathcost $(../../@) $(@)"
diff --git a/templates/interfaces/ethernet/node.tag/bridge-group/node.def b/templates/interfaces/ethernet/node.tag/bridge-group/node.def
new file mode 100644
index 00000000..b76b5d71
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/bridge-group/node.def
@@ -0,0 +1,2 @@
+help: "Add this interface to a bridge group"
+commit: $(./bridge/) != ""; "Must set the bridge interface"
diff --git a/templates/interfaces/ethernet/node.tag/bridge-group/priority/node.def b/templates/interfaces/ethernet/node.tag/bridge-group/priority/node.def
new file mode 100644
index 00000000..d254b082
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/bridge-group/priority/node.def
@@ -0,0 +1,4 @@
+type: u32
+help: "Set the path priority for this port"
+commit: $(../bridge/) != ""; "Must configure bridge interface"
+update: "sudo brctl setportprio $(../../@) $(@)"
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/node.def b/templates/interfaces/ethernet/node.tag/vrrp/node.def
index de3253a5..2c8cc58a 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/node.def
@@ -1,5 +1,3 @@
help: "Configure VRRP"
commit: $(../address/) != ""; "Must define a primary IP address on $(../@)"
-commit: $(virtual-address/) != ""; "Must define the virtual-address for vrrp-group $(../vrrp-group/@)"
end: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action update --intf $(../@) "
-
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def
index fe9690d8..dfb9c6a2 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.def
@@ -1,4 +1,6 @@
+tag:
type: u32
syntax: $(@) >= 0 && $(@) <= 255; "VRRP group must be between 1-255"
+commit: $(virtual-address/) != ""; "Must define the virtual-address for vrrp-group $(@)"
help: "Configure VRRP group number"
delete: "sudo /opt/vyatta/sbin/vyatta-keepalived.pl --vrrp-action delete --intf $(../../@) --group $(@) "
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/advertise-interval/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def
index edfbc3a4..edfbc3a4 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/advertise-interval/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/advertise-interval/node.def
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/authentication/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def
index e3120d51..e3120d51 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/authentication/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/node.def
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/authentication/password/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def
index 87855962..87855962 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/authentication/password/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/password/node.def
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/authentication/type/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
index 72e53f4b..72e53f4b 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/authentication/type/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/authentication/type/node.def
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def
new file mode 100644
index 00000000..a4f3c074
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/node.def
@@ -0,0 +1 @@
+help: "VRRP configuration for this VRRP group"
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/preempt/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def
index a9869373..a9869373 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/preempt/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/preempt/node.def
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/priority/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def
index 3f7aacbf..3f7aacbf 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/priority/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/priority/node.def
diff --git a/templates/interfaces/ethernet/node.tag/vrrp/virtual-address/node.def b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
index badf657e..bcf9392f 100644
--- a/templates/interfaces/ethernet/node.tag/vrrp/virtual-address/node.def
+++ b/templates/interfaces/ethernet/node.tag/vrrp/vrrp-group/node.tag/virtual-address/node.def
@@ -1,2 +1,3 @@
+multi:
type: ipv4
help: "Configure virtual address"
diff --git a/templates/service/telnet/allow-root/node.def b/templates/service/telnet/allow-root/node.def
index 654023af..9c3ff97d 100644
--- a/templates/service/telnet/allow-root/node.def
+++ b/templates/service/telnet/allow-root/node.def
@@ -1,10 +1,24 @@
type: bool
default: false
help: "Enable/disable root login"
-update: "if [ \"$(@)\" == \"true\" ]; then \
- sudo mv -f /etc/securetty /etc/securetty.allow-root >&/dev/null; \
- else
- sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null; \
- fi ; /bin/true"
-delete: "sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null ; \
- /bin/true"
+update: " \
+ if ! env | grep -q SSH_TTY=; then \
+ if [[ \"`tty`\" == /dev/pts/* ]]; then \
+ echo \"Please configure telnet settings via ssh or console.\"; \
+ exit 1; \
+ fi; \
+ fi; \
+ if [ \"$(@)\" == \"true\" ]; then \
+ sudo mv -f /etc/securetty /etc/securetty.allow-root >&/dev/null; \
+ else
+ sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null; \
+ fi ; /bin/true"
+delete: " \
+ if ! env | grep -q SSH_TTY=; then \
+ if [[ \"`tty`\" == /dev/pts/* ]]; then \
+ echo \"Please configure telnet settings via ssh or console.\"; \
+ exit 1; \
+ fi; \
+ fi; \
+ sudo mv -f /etc/securetty.allow-root /etc/securetty >&/dev/null ; \
+ /bin/true"
diff --git a/templates/service/telnet/node.def b/templates/service/telnet/node.def
index 5f4c1c7c..844aec98 100644
--- a/templates/service/telnet/node.def
+++ b/templates/service/telnet/node.def
@@ -1,4 +1,18 @@
help: "Enable/disable telnet protocol"
-delete: "sudo /opt/vyatta/sbin/telnetd.init stop"
-end: "if [ -z \"$(port/@)\" ]; then exit 0; fi; \
- sudo /opt/vyatta/sbin/telnetd.init restart $(port/@)"
+delete: " \
+ if ! env | grep -q SSH_TTY=; then \
+ if [[ \"`tty`\" == /dev/pts/* ]]; then \
+ echo \"Please configure telnet settings via ssh or console.\"; \
+ exit 1; \
+ fi; \
+ fi; \
+ sudo /opt/vyatta/sbin/telnetd.init stop"
+end: " \
+ if ! env | grep -q SSH_TTY=; then \
+ if [[ \"`tty`\" == /dev/pts/* ]]; then \
+ echo \"Please configure telnet settings via ssh or console.\"; \
+ exit 1; \
+ fi; \
+ fi; \
+ if [ -z \"$(port/@)\" ]; then exit 0; fi; \
+ sudo /opt/vyatta/sbin/telnetd.init restart $(port/@)"
diff --git a/templates/system/host-name/node.def b/templates/system/host-name/node.def
index aeed3986..e1370b70 100644
--- a/templates/system/host-name/node.def
+++ b/templates/system/host-name/node.def
@@ -2,21 +2,18 @@ type: txt
help: "Configure system host name"
default: "vyatta"
syntax: pattern $(@) "^[-a-zA-Z0-9.]+$" ; "invalid host name $(@)"
-# do we need to add ntpd restart here?
update: "sudo sh -c \"hostname '$(@)' && \
+echo '$(@)' > /etc/hostname && \
touch /etc/hosts && \
-sed -i '/localhost/d' /etc/hosts && \
-echo \\\"127.0.0.1\t localhost $(@)\t #vyatta entry\\\" >> /etc/hosts && \
+sed -i '/^127.0.1.1/d' /etc/hosts && \
+echo \\\"127.0.1.1\t $(@)\t #vyatta entry\\\" >> /etc/hosts && \
if [ x$(../domain-name/@) != x ]; then \
-echo \\\"127.0.0.1\t localhost $(@).$(../domain-name/@)\t #vyatta entry\\\" \
+echo \\\"127.0.1.1\t $(@).$(../domain-name/@)\t #vyatta entry\\\" \
>> /etc/hosts; fi\" "
-# do we need to add ntpd restart here?
-delete: "sudo sh -c \"echo > /etc/hostname.conf && hostname 'vyatta' && \
+delete: "sudo sh -c \"echo 'vyatta' > /etc/hostname && hostname 'vyatta' && \
touch /etc/hosts && \
-sed -i '/localhost.*#vyatta entry/d' /etc/hosts && \
-echo \\\"127.0.0.1\t localhost vyatta\t #vyatta entry\\\" >> /etc/hosts && \
+sed -i '/^127.0.1.1/d' /etc/hosts && \
+echo \\\"127.0.1.1\t vyatta\t #vyatta entry\\\" >> /etc/hosts && \
if [ x$(../domain-name/@) != x ]; then \
-echo \\\"127.0.0.1\t localhost vyatta.$(../domain-name/@)\t #vyatta entry\\\" \
->> /etc/hosts; fi && \
-if [ -f /etc/ntp/ntp.conf ] && grep -q 'server' /etc/ntp/ntp.conf; then \
-/opt/vyatta/sbin/ntpd.init restart; fi\" "
+echo \\\"127.0.1.1\t vyatta.$(../domain-name/@)\t #vyatta entry\\\" \
+>> /etc/hosts; fi\" "
diff --git a/templates/system/static-host-mapping/host-name/node.def b/templates/system/static-host-mapping/host-name/node.def
index ea0000af..275aa867 100644
--- a/templates/system/static-host-mapping/host-name/node.def
+++ b/templates/system/static-host-mapping/host-name/node.def
@@ -2,3 +2,10 @@ tag:
type: txt
help: "Map DNS names to system interfaces"
syntax: pattern $(@) "^[-a-zA-Z0-9.]+$" ; "invalid host name $(@)"
+commit: $(./inet) != ""; "IP address for the static mapping must be set"
+end: "sudo sh -c \"\
+ touch /etc/hosts; \
+ sed -i '/ $(@) .*#vyatta entry/d' /etc/hosts; \
+ if [ -z \"$(./inet/@)\" ]; then exit 0; fi; \
+ declare -a aliases=( $(alias/@@) ); \
+ echo \\\"$(inet/@)\t $(@) \\\\\${aliases[*]} \t #vyatta entry\\\" \ >> /etc/hosts\" "
diff --git a/templates/system/static-host-mapping/host-name/node.tag/alias/node.def b/templates/system/static-host-mapping/host-name/node.tag/alias/node.def
index c8f5cdef..e9f1de7c 100644
--- a/templates/system/static-host-mapping/host-name/node.tag/alias/node.def
+++ b/templates/system/static-host-mapping/host-name/node.tag/alias/node.def
@@ -1,18 +1,3 @@
multi:
type: txt
help: "Alias for this address"
-update: "sudo sh -c \"touch /etc/hosts && \
-sed -i '/$(../@).*#vyatta entry/d;/127\\.0\\.0\\.1.*#vyatta entry/d' \
- /etc/hosts && \
-echo \\\"$(../inet/@)\t $(../@) $(@) \t #vyatta entry\\\" \
- >> /etc/hosts && \
-if [ x$(../../../domain-name/@) == x ]; then \
- echo \\\"127.0.0.1\t localhost $(../../../host-name/@)\t #vyatta entry\\\" \
- >> /etc/hosts; \
-else \
- echo \\\"127.0.0.1\t localhost \
-$(../../../host-name/@).$(../../../domain-name/@)\t #vyatta entry\\\" \
- >> /etc/hosts; \
-fi\" "
-delete: "sudo sh -c \"touch /etc/hosts && \
-sed -i '/ $(../@) .*#vyatta entry/{/localhost/!d}' /etc/hosts\" "
diff --git a/templates/system/static-host-mapping/host-name/node.tag/inet/node.def b/templates/system/static-host-mapping/host-name/node.tag/inet/node.def
index 47a84733..4a069d9e 100644
--- a/templates/system/static-host-mapping/host-name/node.tag/inet/node.def
+++ b/templates/system/static-host-mapping/host-name/node.tag/inet/node.def
@@ -1,16 +1,2 @@
type: ipv4
help: "Internet address"
-update: "sudo sh -c \"touch /etc/hosts && \
-sed -i '/$(../@).*#vyatta entry/d;/127\\.0\\.0\\.1.*#vyatta entry/d' \
- /etc/hosts && \
-echo \\\"$(@)\t $(../@) \t #vyatta entry\\\" >> /etc/hosts && \
-if [ x$(../../../domain-name/@) == x ]; then \
- echo \\\"127.0.0.1\t localhost $(../../../host-name/@)\t #vyatta entry\\\" \
- >> /etc/hosts; \
-else \
- echo \\\"127.0.0.1\t localhost \
-$(../../../host-name/@).$(../../../domain-name/@)\t #vyatta entry\\\" \
- >> /etc/hosts; \
-fi\" "
-delete: "sudo sh -c \"touch /etc/hosts && \
-sed -i '/ $(../@) .*#vyatta entry/{/localhost/!d}' /etc/hosts\" "
diff --git a/test_bootfile b/test_bootfile
new file mode 100644
index 00000000..df024b69
--- /dev/null
+++ b/test_bootfile
@@ -0,0 +1,44 @@
+system {
+ ntp-server "69.59.150.135"
+ login {
+ user root {
+ authentication {
+ encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
+ }
+ }
+ user vyatta {
+ authentication {
+ encrypted-password: "$1$$Ht7gBYnxI1xCdO/JOnodh."
+ }
+ }
+ }
+ package {
+ repository community {
+ component: "main"
+ url: "http://archive.vyatta.com/vyatta"
+ }
+ }
+}
+
+interfaces {
+ loopback lo {
+ }
+ ethernet eth0 {
+ hw-id: 52:54:00:12:34:56
+ link-detect
+ }
+ ethernet eth1 {
+ link-detect
+ }
+ ethernet eth2 {
+ hw-id: 52:54:00:12:34:54
+ }
+ ethernet eth3 {
+ address: 192.168.1.1
+ }
+ ethernet eth4 {
+ }
+}
+
+/* Warning: Do not remove the following line. */
+/* === vyatta-config-version: "cluster@1:dhcp-relay@1:dhcp-server@1:firewall@1:nat@2:serial@1:webgui@1" === */