diff options
| -rw-r--r-- | .gitignore | 43 | ||||
| -rw-r--r-- | Makefile.am | 8 | ||||
| -rw-r--r-- | configure.ac | 4 | ||||
| -rw-r--r-- | debian/control | 9 | ||||
| -rw-r--r-- | scripts/vyatta-address | 45 | ||||
| -rwxr-xr-x | scripts/vyatta-dhcpv6-client.pl | 98 | ||||
| -rwxr-xr-x | scripts/vyatta-interfaces.pl | 17 | ||||
| -rw-r--r-- | scripts/vyatta-tunnel-cleanup | 29 | ||||
| -rw-r--r-- | src/local_ip.c | 64 | ||||
| -rw-r--r-- | src/valid_address.c | 153 | ||||
| -rw-r--r-- | templates/interfaces/bonding/node.tag/address/node.def | 7 | ||||
| -rw-r--r-- | templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def | 7 | ||||
| -rw-r--r-- | templates/interfaces/bridge/node.tag/address/node.def | 22 | ||||
| -rw-r--r-- | templates/interfaces/ethernet/node.tag/address/node.def | 36 | ||||
| -rw-r--r-- | templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def | 7 | ||||
| -rw-r--r-- | templates/interfaces/loopback/node.tag/address/node.def | 9 | ||||
| -rw-r--r-- | templates/interfaces/pseudo-ethernet/node.tag/address/node.def | 11 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.def | 8 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/address/node.def | 6 | ||||
| -rw-r--r-- | templates/interfaces/tunnel/node.tag/local-ip/node.def | 5 |
20 files changed, 432 insertions, 156 deletions
@@ -3,21 +3,28 @@ *# *~ .*.swp -/aclocal.m4 -/autom4te.cache -/build-stamp -/config -/config.log -/config.guess -/config.status -/config.sub -/configure -/debian/files -/debian/vyatta-cfg-system -/debian/vyatta-cfg-system.postinst -/debian/*.log -/debian/*.substvars -/INSTALL -/Makefile.in -/Makefile - +*.[oa] +*.l[oa] +*.so +*.libs +*.deps +.dirstamp +aclocal.m4 +autom4te.cache +build-stamp +config +config.log +config.guess +config.status +config.sub +configure +debian/files +debian/vyatta-cfg-system +debian/vyatta-cfg-system.postinst +debian/*.log +debian/*.substvars +INSTALL +Makefile.in +Makefile +src/valid_address +src/local_ip diff --git a/Makefile.am b/Makefile.am index 20312755..5ff82c17 100644 --- a/Makefile.am +++ b/Makefile.am @@ -43,6 +43,8 @@ sbin_SCRIPTS += scripts/dns-forwarding/vyatta-dns-forwarding.pl sbin_SCRIPTS += scripts/dynamic-dns/vyatta-dynamic-dns.pl sbin_SCRIPTS += scripts/vyatta-system-nameservers sbin_SCRIPTS += scripts/vyatta-interfaces.pl +sbin_SCRIPTS += scripts/vyatta-address +sbin_SCRIPTS += scripts/vyatta-tunnel-cleanup sbin_SCRIPTS += scripts/check-ipv4-ipv6.pl sbin_SCRIPTS += scripts/vyatta-bonding.pl sbin_SCRIPTS += scripts/vyatta-raid-event @@ -60,6 +62,12 @@ sbin_SCRIPTS += scripts/vyatta-bridgegroup-depedency.pl sbin_SCRIPTS += scripts/vyatta-dhcpv6-client.pl sbin_SCRIPTS += scripts/vyatta-update-grub.pl +sbin_PROGRAMS = src/valid_address +sbin_PROGRAMS += src/local_ip + +src_valid_address = src/valid_address.c +src_local_ip = src/local_ip.c + share_perl5_DATA = lib/Vyatta/Login/User.pm share_perl5_DATA += lib/Vyatta/Login/RadiusServer.pm diff --git a/configure.ac b/configure.ac index 39771f0a..f7417452 100644 --- a/configure.ac +++ b/configure.ac @@ -26,5 +26,9 @@ AC_CONFIG_FILES( AC_SUBST(NOSTRIP) +AC_PROG_CC +AC_PROG_CXX +AM_PROG_AS +AM_PROG_CC_C_O AC_OUTPUT diff --git a/debian/control b/debian/control index 8b3aac01..4f8d26c5 100644 --- a/debian/control +++ b/debian/control @@ -6,16 +6,17 @@ Build-Depends: debhelper (>= 5), autotools-dev Standards-Version: 3.7.2 Package: vyatta-cfg-system -Architecture: all +Architecture: any Depends: acpid, adduser, sed (>= 4.1.5), - perl (>= 5.8.8), + perl (>= 5.10.1), libnetaddr-ip-perl, procps (>= 1:3.2.7-3), coreutils (>= 5.97-5.3), libpam-radius-auth, vyatta-cfg (>= 0.18), + libc6 (>= 2.7-6), libpam-runtime (>= 1.0.1-5), vyatta-bash | bash (>= 3.1), sysv-rc, @@ -58,5 +59,5 @@ Suggests: util-linux (>= 2.13-5), ntpdate Replaces: vyatta-cfg (<< 0.17.33), vyatta-cfg-quagga (<< 0.18.17) -Description: Vyatta system-level configuration templates/scripts - Vyatta system-level configuration templates and scripts. +Description: Vyatta system-level configuration + Vyatta system-level configuration utiliites, templates and scripts. diff --git a/scripts/vyatta-address b/scripts/vyatta-address new file mode 100644 index 00000000..2e521c26 --- /dev/null +++ b/scripts/vyatta-address @@ -0,0 +1,45 @@ +#! /bin/bash +# +# Wrapper around ip link command that handles IPv4, IPv6 and DHCP +# This is done in shell rather than perl to avoid the overhead of recompilation + +if [ $# -ne 3 ]; then + echo "Usage: $0 {add|delete} interface address" + exit 1 +fi + +case $1 in + add) + if [[ "$3" = "dhcp" ]] + then + exec /opt/vyatta/sbin/vyatta-interfaces.pl --dev="$2" --dhcp=start + elif [[ "$3" = "dhcpv6" ]] + then + exec /opt/vyatta/sbin/vyatta-dhcpv6-client.pl --start -ifname "$2" + elif [[ "$3" =~ ":" ]] + then # Ipv6 address + exec ip -6 addr add "$3" dev "$2" + else + exec ip addr add "$3" broadcast + dev "$2" + fi ;; + + delete) + if [ ! -d "/sys/class/net/$2" ] + then # device is already gone + exit 0 + elif [[ "$3" = "dhcp" ]] + then + exec /opt/vyatta/sbin/vyatta-interfaces.pl --dev="$2" --dhcp=stop + elif [[ "$3" = "dhcpv6" ]] + then + exec /opt/vyatta/sbin/vyatta-dhcpv6-client.pl --stop --ifname $ifname + elif [[ "$3" =~ ":" ]] + then + exec ip -6 addr del "$3" dev "$2" + else + exec ip addr del "$3" dev "$2" + fi ;; + *) + echo "Unknown option $1" + exit 1 ;; +esac diff --git a/scripts/vyatta-dhcpv6-client.pl b/scripts/vyatta-dhcpv6-client.pl index 3f01a677..283b6d2b 100755 --- a/scripts/vyatta-dhcpv6-client.pl +++ b/scripts/vyatta-dhcpv6-client.pl @@ -26,7 +26,7 @@ use strict; use lib "/opt/vyatta/share/perl5/"; -use FileHandle; +use Sys::hostname; use Vyatta::Config; use Getopt::Long; @@ -34,26 +34,17 @@ my $start_flag; # Start the daemon my $stop_flag; # Stop the daemon and delete all config files my $release_flag; # Stop the daemon, but leave config file my $renew_flag; # Re-start the daemon. Functionally same as start_flag -my $temp_flag; -my $params_only_flag; my $ifname; - sub gen_conf_file { my ($conffile, $ifname) = @_; + my $FD_WR; - my $FD_WR = new FileHandle; + open($FD_WR, '>', $conffile) + or die "Can't write config file: $conffile : $!\n"; - if (!open($FD_WR, ">$conffile")) { - printf("Can't write config file: $conffile\n"); - exit 1; - } - my $date = `date`; - my $user = `id -un`; - my $hostname = `hostname`; - chomp($date); - chomp($user); - chomp($hostname); + my $date = localtime; + my $user = getpwuid($<); print $FD_WR "# This file was auto-generated by the Vyatta\n"; print $FD_WR "# configuration sub-system. Do not edit it.\n"; @@ -61,11 +52,37 @@ sub gen_conf_file { print $FD_WR "# Generated on $date by $user\n"; print $FD_WR "#\n"; print $FD_WR "interface \"$ifname\" {\n"; +# my $hostname = hostname; # print $FD_WR " send host-name \"$hostname\";\n"; # print $FD_WR " send dhcp6.oro 1, 2, 7, 12, 13, 23, 24, 39;\n"; print $FD_WR "}\n"; + close $FD_WR; } +sub usage { + print "Usage: $0 --ifname=ethX --{start|stop|renew|release}\n"; + exit 1; +} + +sub dhcpv6_options { + my $ifname = shift; + my $intf = new Vyatta::Interface($name); + + die "Unknown interface type for $ifname" unless $intf; + + my $config = new Vyatta::Config; + $config->setLevel($intf->path()); + + my $args = ""; + + $args .= " -T" + if ($config->exists("dhcpv6-options/temporary")); + + $args .= " -S" + if ($config->exists("dhcpv6-options/parameters-only")); + + return $args; +} # # Main Section @@ -75,46 +92,31 @@ GetOptions("start" => \$start_flag, "stop" => \$stop_flag, "release" => \$release_flag, "renew" => \$renew_flag, - "temporary" => \$temp_flag, - "parameters-only" => \$params_only_flag, "ifname=s" => \$ifname, - ); + ) or usage(); -if ((defined $temp_flag) && (defined $params_only_flag)) { - printf("Error: --temporary and --parameters-only flags are mutually exclusive.\n"); - exit 1; -} - -if (!defined $ifname) { - printf("Error: Interface name must be specified with --ifname parameter.\n"); - exit 1; -} +die "Error: Interface name must be specified with --ifname parameter.\n" + unless $ifname; my $pidfile = "/var/lib/dhcp3/dhclient_v6_$ifname.pid"; my $leasefile = "/var/lib/dhcp3/dhclient_v6_$ifname.leases"; my $conffile = "/var/lib/dhcp3/dhclient_v6_$ifname.conf"; my $cmdname = "/sbin/dhclient"; -if (defined $release_flag) { - if (! -e $conffile) { - printf("DHCPv6 client is not configured on interface $ifname.\n"); - exit 1; - } +if ($release_flag) { + die "DHCPv6 client is not configured on interface $ifname.\n" + unless (-e $conffile); - if (! -e $pidfile) { - printf("DHCPv6 client is already released on interface $ifname.\n"); - exit 1; - } + die "DHCPv6 client is already released on interface $ifname.\n" + unless (-e $pidfile); } -if (defined $renew_flag) { - if (! -e $conffile) { - printf("DHCPv6 client is not configured on interface $ifname.\n"); - exit 1; - } +if ($renew_flag) { + die "DHCPv6 client is not configured on interface $ifname.\n" + unless (-e $conffile); } -if (defined $stop_flag || defined $release_flag) { +if (defined($stop_flag)|| defined ($release_flag)) { # Stop dhclient -6 on $ifname printf("Stopping daemon...\n"); @@ -131,7 +133,8 @@ if (defined $stop_flag || defined $release_flag) { } } -if (defined $start_flag || defined $renew_flag) { +if (defined($start_flag) || defined ($renew_flag)) { + # Generate the DHCP client config file... gen_conf_file($conffile, $ifname); @@ -142,14 +145,7 @@ if (defined $start_flag || defined $renew_flag) { printf($output); # start "dhclient -6" on $ifname - - my $args = ""; - if (defined $temp_flag) { - $args .= " -T"; - } - if (defined $params_only_flag) { - $args .= " -S"; - } + my $args = dhcpv6_options($ifname); printf("Starting new daemon...\n"); my $output=`$cmdname -6 -nw -cf $conffile -pf $pidfile -lf $leasefile $args $ifname`; diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index d625d262..a7384eea 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -486,10 +486,10 @@ sub dhcp { my ($request, $intf) = @_; die "$intf is not using DHCP to get an IP address\n" - unless is_dhcp_enabled($intf); + unless ($request eq 'start' || is_dhcp_enabled($intf)); - die "$intf is disabled. Unable to release/renew lease\n" - if is_intf_down($intf); + die "$intf is disabled.\n" + if ($request ne 'stop' && is_intf_down($intf)); my $tmp_dhclient_dir = '/var/run/vyatta/dhclient/'; my $release_file = $tmp_dhclient_dir . 'dhclient_release_' . $intf; @@ -505,6 +505,17 @@ sub dhcp { print "Renewing DHCP lease on $intf ...\n"; run_dhclient($intf); unlink ($release_file); + } elsif ($request eq "start") { + print "Starting DHCP client on $intf ...\n"; + touch("/var/lib/dhcp3/$intf"); + run_dhclient($intf); + } elsif ($request eq "stop") { + print "Stopping DHCP client on $intf ...\n"; + stop_dhclient($intf); + unlink("/var/lib/dhcp3/dhclient_$intf\_lease"); + unlink("/var/lib/dhcp3/$intf"); + unlink("/var/run/vyatta/dhclient/dhclient_release_$intf"); + unlink("/var/lib/dhcp3/dhclient_$intf\.conf"); } else { die "Unknown DHCP request: $request\n"; } diff --git a/scripts/vyatta-tunnel-cleanup b/scripts/vyatta-tunnel-cleanup new file mode 100644 index 00000000..fdca80a3 --- /dev/null +++ b/scripts/vyatta-tunnel-cleanup @@ -0,0 +1,29 @@ +#! /usr/bin/perl + +# This script gets run after tunnels have been deleted, it removes +# the underlying tunnel link, if all tunnels of that type are gone. + +# Create map of encapsulations still in use +my $confg = new Vyatta::Config; +$config->setLevel("interfaces tunnel"); +my %tunnel; +foreach my $tun ($config->listNodes()) { + my $mode = $config->returnValue("$tun encapsulation"); + $tunnel{$mode} = 1; +} + +my %encapsulation = ( + 'gre' => 'gre0', + 'ipip' => 'tunl0', + 'sit' => 'sit0', +); + +foreach my $type (keys %encapsulation) { + next if $tunnel{$type}; + + my $dev = $tunnels{$type}; + next unless ( -d "/sys/class/net/$dev" ); + + system("ip link del $dev") == 0 + or die "Can't delete $dev\n"; +} diff --git a/src/local_ip.c b/src/local_ip.c new file mode 100644 index 00000000..3707559f --- /dev/null +++ b/src/local_ip.c @@ -0,0 +1,64 @@ +/* + * Test if an IP address is assigned to the local system + * + * This uses the fact Linux will not allow binding to an address that + * is not on the system. It is much faster than scanning all the + * interface addresses. + */ + +#include <stdio.h> +#include <string.h> +#include <errno.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <arpa/inet.h> + +int main(int argc, char **argv) +{ + int af, s; + + if (argc != 2) { + fprintf(stderr, "Usage: %s x.x.x.x\n", argv[0]); + return -1; + } + + af = strchr(argv[1], ':') ? AF_INET6 : AF_INET; + s = socket(af, SOCK_STREAM, 0); + if (s < 0) { + perror("socket"); + return -1; + } + + if (af == AF_INET) { + struct sockaddr_in sin = { + .sin_family = AF_INET, + }; + + if (inet_pton(af, argv[1], &sin.sin_addr) <= 0) { + fprintf(stderr, "%s: invalid address\n", argv[1]); + return -1; + } + + if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) < 0) { + if (errno == EADDRNOTAVAIL) + return 1; + perror("bind"); + return -1; + } + } else { + struct sockaddr_in6 sin6; + + if (inet_pton(af, argv[1], &sin6.sin6_addr) <= 0) { + fprintf(stderr, "%s: invalid address\n", argv[1]); + return -1; + } + + if (bind(s, (struct sockaddr *)&sin6, sizeof(sin6)) < 0) { + if (errno == EADDRNOTAVAIL) + return 1; + perror("bind"); + return -1; + } + } + return 0; +} diff --git a/src/valid_address.c b/src/valid_address.c new file mode 100644 index 00000000..a98d0f56 --- /dev/null +++ b/src/valid_address.c @@ -0,0 +1,153 @@ +/* + * **** License **** + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * # + * A copy of the GNU General Public License is available as + * `/usr/share/common-licenses/GPL' in the Debian GNU/Linux distribution + * or on the World Wide Web at `http://www.gnu.org/copyleft/gpl.html'. + * You can also obtain it by writing to the Free Software Foundation, + * Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + * MA 02110-1301, USA. + * + * This code was originally developed by Vyatta, Inc. + * Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc. + * All Rights Reserved. + * + * This code validates IPv4 and IPv6 network prefixes using + * the same rules as the iproute utilities. It is a replacement + * for earlier perl code which did not scale well. + */ + +#include <stdio.h> +#include <sys/types.h> +#include <string.h> +#include <stdlib.h> +#include <netinet/in.h> +#include <arpa/inet.h> + +/* + * Note: this code requires full four-tuple when specifying IPv4 + * address because the iproute utilites uses a non-standard parsing + * (ie not inet_aton, or inet_pton) + * because of legacy choice to parse 10.8 as 10.8.0.0 not 10.0.0.8 + */ +static int valid_ipv4(const char *str) +{ + int i; + unsigned int a[4], plen; + uint32_t addr; /* host order */ + + if (sscanf(str, "%u.%u.%u.%u/%u", &a[0], &a[1], &a[2], &a[3], &plen) + != 5) + goto bad_addr; + + addr = 0; + for (i = 0; i < 4; i++) { + if (a[i] > 255) + goto bad_addr; + addr <<= 8; + addr |= a[i]; + } + + if (plen == 0 || plen > 32) { + fprintf(stderr, + "Invalid prefix len %d for IP\n", plen); + return 0; + } + + if (~addr == 0) { + fprintf(stderr, + "Can not assign broadcast address as IP address\n"); + return 0; + } + + if (plen < 31) { + uint32_t net_mask = ~0 << (32 - plen); + if ((addr & net_mask) == addr) { + fprintf(stderr, + "Can not assign network address as IP address\n"); + return 0; + } + } + return 1; + + bad_addr: + fprintf(stderr, "Invalid IPv4 address/prefix\n"); + return 0; +} + +static int valid_ipv6(char *str) +{ + unsigned int prefix_len; + struct in6_addr addr; /* net order */ + char *slash, *endp; + + slash = strchr(str, '/'); + if (!slash) + goto bad_addr; /* Missing slash */ + + *slash++ = 0; + prefix_len = strtoul(slash, &endp, 10); + if (*slash == '\0' || *endp != '\0') + goto bad_addr; /* Non-digit in prefix length */ + + if (inet_pton(AF_INET6, str, &addr) <= 0) + goto bad_addr; /* Not a valid IPv6 address */ + + if (IN6_IS_ADDR_LINKLOCAL(&addr)) { + fprintf(stderr, + "Can not assign an address reserved for IPv6 link local\n"); + return 0; + } + + if (IN6_IS_ADDR_MULTICAST(&addr)) { + fprintf(stderr, + "Can not assign an address reserved for IPv6 multicast\n"); + return 0; + } + + if (prefix_len <= 1 || prefix_len > 128) { + fprintf(stderr, + "Invalid prefix len %d for IPv6\n", prefix_len); + return 0; + } + + if (prefix_len == 128) { + fprintf(stderr, + "Can not assign IPv6 Unspecified address\n"); + return 0; + } + return 1; + + bad_addr: + fprintf(stderr, "Invalid IPv6 address/prefix\n"); + return 0; +} + + +static int valid_prefix(char *str) +{ + if (strcmp(str, "dhcp") == 0 || strcmp(str, "dhcpv6") == 0) + return 1; + + if (strchr(str, ':') == NULL) + return valid_ipv4(str); + else + return valid_ipv6(str); +} + +int main(int argc, char **argv) +{ + while (--argc) { + if (!valid_prefix(*++argv)) + return 1; + } + return 0; +} diff --git a/templates/interfaces/bonding/node.tag/address/node.def b/templates/interfaces/bonding/node.tag/address/node.def index f577320b..93a177b0 100644 --- a/templates/interfaces/bonding/node.tag/address/node.def +++ b/templates/interfaces/bonding/node.tag/address/node.def @@ -2,14 +2,13 @@ multi: type: txt help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"\ - ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)" -create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@) -delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@) allowed: echo "dhcp <>" val_help: ipv4net; IP address and prefix length diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def index ed95f20d..c413194b 100644 --- a/templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def +++ b/templates/interfaces/bonding/node.tag/vif/node.tag/address/node.def @@ -2,14 +2,13 @@ multi: type: txt help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ - ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)" +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../../@).$VAR(../@)" -create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../../@).$VAR(../@) $VAR(@) -delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../../@).$VAR(../@) $VAR(@) allowed: echo "dhcp <>" val_help: ipv4; IP address and prefix length diff --git a/templates/interfaces/bridge/node.tag/address/node.def b/templates/interfaces/bridge/node.tag/address/node.def index 4644ad8d..45aa03e2 100644 --- a/templates/interfaces/bridge/node.tag/address/node.def +++ b/templates/interfaces/bridge/node.tag/address/node.def @@ -2,20 +2,14 @@ multi: priority: 320 type: txt help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)";\ - "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" -create: sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) -delete: - if /opt/vyatta/sbin/vyatta-bridgegroup-depedency.pl \ - --bridge-notin-proposedcfg \ - --bridge-interface="$VAR(../@)"; then \ - # bridge has higher priority than bridge-address so bridge gets deleted - # before bridge-address in case the whole of bridge config was deleted. - # In that case we do not need to delete address here now - exit 0 - else - sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) - fi + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" + +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@) + +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@) + + allowed: echo "dhcp <>" val_help: ipv4net; IP address and prefix length val_help: ipv6net; IPv6 address and prefix length diff --git a/templates/interfaces/ethernet/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/address/node.def index dfacdb2d..3cf32ef7 100644 --- a/templates/interfaces/ethernet/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/address/node.def @@ -1,44 +1,14 @@ multi: - type: txt - help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"\ - ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)" -create: - ifname=$VAR(../@) - param=$VAR(@) - if [ "$param" = "dhcpv6" ]; then - if [ -n "$VAR(../dhcpv6-options/parameters-only)" ]; then - echo "parameters-only is set" - arg1="--parameters-only" - fi - if [ -n "$VAR(../dhcpv6-options/temporary)" ]; then - echo "temporary is set" - arg2="--temporary" - fi - - echo "Starting DHCPv6 client on ${ifname}..." - sudo /opt/vyatta/sbin/vyatta-dhcpv6-client.pl --start \ - --ifname $ifname $arg1 $arg2 - else - sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) - fi +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@) -delete: - ifname=$VAR(../@) - param=$VAR(@) - if [ "$param" = "dhcpv6" ]; then - echo "Stopping DHCPv6 client on ${ifname}..." - sudo /opt/vyatta/sbin/vyatta-dhcpv6-client.pl --stop --ifname \ - $ifname - else - sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) - fi +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@) allowed: echo "dhcp dhcpv6 <>" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def index 5b2f38dd..5c37e92d 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def @@ -2,14 +2,13 @@ multi: type: txt help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ - ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)" +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../../@).$VAR(../@)" -create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../../@).$VAR(../@) $VAR(@) -delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../../@).$VAR(../@) $VAR(@) allowed: echo "dhcp <>" diff --git a/templates/interfaces/loopback/node.tag/address/node.def b/templates/interfaces/loopback/node.tag/address/node.def index 969ecf26..98788814 100644 --- a/templates/interfaces/loopback/node.tag/address/node.def +++ b/templates/interfaces/loopback/node.tag/address/node.def @@ -4,11 +4,8 @@ val_help: ipv4net; IPv4 address and prefix length val_help: ipv6net; IPv6 address and prefix length help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"; \ - "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" -create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; \ - "Error setting address $VAR(@) on interface $VAR(../@)" +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@) -delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; \ - "Error deleting address $VAR(@) on interface $VAR(../@)" +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@) diff --git a/templates/interfaces/pseudo-ethernet/node.tag/address/node.def b/templates/interfaces/pseudo-ethernet/node.tag/address/node.def index 42e79606..b237e108 100644 --- a/templates/interfaces/pseudo-ethernet/node.tag/address/node.def +++ b/templates/interfaces/pseudo-ethernet/node.tag/address/node.def @@ -1,10 +1,13 @@ multi: type: txt help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)" \ - ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" -create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) -delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" + +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@) + +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@) + allowed: echo "dhcp <>" val_help: ipv4net; IP address and prefix length diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def index 912e4c13..f4d53c1a 100644 --- a/templates/interfaces/tunnel/node.def +++ b/templates/interfaces/tunnel/node.def @@ -38,11 +38,9 @@ delete: ip link set $VAR(@) down ip link delete $VAR(@) else ip tunnel del $VAR(@) mode $VAR(./encapsulation/@) - case "$VAR(./encapsulation/@)" in - ipip) ip link del tunl0 ;; - gre) ip link del gre0 ;; - sit) ip link del sit0 ;; - esac fi +end: if [ ${COMMIT_ACTION} = "DELETE" ]; then + /opt/vyatta/sbin/vyatta-tunnel-cleanup + fi diff --git a/templates/interfaces/tunnel/node.tag/address/node.def b/templates/interfaces/tunnel/node.tag/address/node.def index 6cd40ece..04612379 100644 --- a/templates/interfaces/tunnel/node.tag/address/node.def +++ b/templates/interfaces/tunnel/node.tag/address/node.def @@ -4,9 +4,9 @@ val_help: ipv4net; IPv4 address and prefix length val_help: ipv6net; IPv6 address and prefix length help: IP address -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" -create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; "Error setting address $VAR(@) on interface $VAR(../@)" +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@) -delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; "Error deleting address $VAR(@) on interface $VAR(../@)" +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@) diff --git a/templates/interfaces/tunnel/node.tag/local-ip/node.def b/templates/interfaces/tunnel/node.tag/local-ip/node.def index ea11f6e1..809c4c6f 100644 --- a/templates/interfaces/tunnel/node.tag/local-ip/node.def +++ b/templates/interfaces/tunnel/node.tag/local-ip/node.def @@ -2,9 +2,8 @@ type: ipv4 help: Local IP address for this tunnel [REQUIRED] syntax:expression: exec \ - "if [ -z \"`ip addr list | grep $VAR(@) `\" ]; then \ - echo Warning! IP address $VAR(@) doesn\\'t exist on this system ; \ - fi ; " + "/opt/vyatta/sbin/local_ip $VAR(@) || \ + echo Warning! IP address $VAR(@) doesn\\'t exist on this system" create:expression: "true" update:expression: "false" ; \ |