diff options
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rwxr-xr-x | scripts/vyatta-update-arp-params | 122 | ||||
| -rw-r--r-- | templates/system/ip/arp/node.def | 1 | ||||
| -rw-r--r-- | templates/system/ip/arp/table-size/node.def | 14 | ||||
| -rw-r--r-- | templates/system/ip/disable-forwarding/node.def | 3 | ||||
| -rw-r--r-- | templates/system/ip/multipath/ignore-unreachable-nexthops/node.def | 5 | ||||
| -rw-r--r-- | templates/system/ip/multipath/layer4-hashing/node.def | 4 | ||||
| -rw-r--r-- | templates/system/ip/multipath/node.def | 1 | ||||
| -rw-r--r-- | templates/system/ip/node.def | 2 | ||||
| -rw-r--r-- | templates/system/ipv6/blacklist/node.def | 11 | ||||
| -rw-r--r-- | templates/system/ipv6/disable-forwarding/node.def | 46 | ||||
| -rw-r--r-- | templates/system/ipv6/disable/node.def | 11 | ||||
| -rw-r--r-- | templates/system/ipv6/multipath/layer4-hashing/node.def | 5 | ||||
| -rw-r--r-- | templates/system/ipv6/multipath/node.def | 1 | ||||
| -rw-r--r-- | templates/system/ipv6/neighbor/node.def | 2 | ||||
| -rw-r--r-- | templates/system/ipv6/neighbor/table-size/node.def | 14 | ||||
| -rw-r--r-- | templates/system/ipv6/node.def | 1 | ||||
| -rw-r--r-- | templates/system/ipv6/strict-dad/node.def | 29 |
18 files changed, 0 insertions, 273 deletions
diff --git a/Makefile.am b/Makefile.am index 5294cffc..43992499 100644 --- a/Makefile.am +++ b/Makefile.am @@ -51,7 +51,6 @@ sbin_SCRIPTS += scripts/vyatta-interfaces.pl sbin_SCRIPTS += scripts/vyatta-address sbin_SCRIPTS += scripts/vyatta-tunnel-cleanup sbin_SCRIPTS += scripts/vyatta-raid-event -sbin_SCRIPTS += scripts/vyatta-update-arp-params sbin_SCRIPTS += scripts/vyatta-banner.pl sbin_SCRIPTS += scripts/vyatta-load-user-key.pl sbin_SCRIPTS += scripts/install/install-get-partition diff --git a/scripts/vyatta-update-arp-params b/scripts/vyatta-update-arp-params deleted file mode 100755 index 36275731..00000000 --- a/scripts/vyatta-update-arp-params +++ /dev/null @@ -1,122 +0,0 @@ -#!/bin/bash -# -# Module: vyatta-update-arp-params -# -# **** License **** -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# This code was originally developed by Vyatta, Inc. -# Portions created by Vyatta are Copyright (C) 2009 Vyatta, Inc. -# All Rights Reserved. -# -# Author: Mohit Mehta -# Date: February 2009 -# Description: Update [ARP (IPv4)|Neighbor (IPV6)] Parameters -# -# **** End License **** -# - -# -# subroutines -# - -print_usage() -{ - echo "Usage:" - echo -e "\t$0 syntax-check <type of arp paramter> <value of arp paramter> <ipv4/ipv6>" - echo -e "\t$0 update <type of arp paramter> <value of arp paramter> <ipv4/ipv6>" - echo -e "\t$0 delete <type of arp paramter> <ipv4/ipv6>" -} - -set_table_thresholds() { - local ip_type=$1 - local arp_value=$2 - local softmax=$((arp_value / 2)); - local min=$((arp_value / 8)); - sudo sysctl -q net.$ip_type.neigh.default.gc_thresh3=$arp_value - sudo sysctl -q net.$ip_type.neigh.default.gc_thresh2=$softmax - sudo sysctl -q net.$ip_type.neigh.default.gc_thresh1=$min -} - -syntax_arp_param () -{ - local arp_type=$1 - local arp_value=$2 - local ip_type=$3 - - case "$arp_type" in - - table-size) - local allowed_values=(1024 2048 4096 8192 16384 32768) - local i - for i in ${allowed_values[@]}; do - if [[ "$i" == "$arp_value" ]]; then - exit 0 - fi - done - echo "Allowed values for ARP table-size - ${allowed_values[*]}" - exit 1 - ;; - - *) - echo Invalid arp parameter $arp_type to set - exit 1 - ;; - esac -} - -update_arp_param () -{ - local arp_type=$1 - local arp_value=$2 - local ip_type=$3 - case "$arp_type" in - - table-size) - set_table_thresholds $ip_type $arp_value - ;; - - *) - echo Invalid arp parameter $arp_type to update - ;; - esac -} - -# -# main -# - -case "$1" in - syntax-check) - if [ $# -ne 4 ]; then - print_usage - exit 1 - fi - syntax_arp_param $2 $3 $4 - ;; - - update) - if [ $# -ne 4 ]; then - print_usage - exit 1 - fi - update_arp_param $2 $3 $4 - ;; - - *) - print_usage - exit 1 - ;; - -esac - -exit 0 - -# end of file diff --git a/templates/system/ip/arp/node.def b/templates/system/ip/arp/node.def deleted file mode 100644 index 2d3aa69a..00000000 --- a/templates/system/ip/arp/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Parameters for ARP cache diff --git a/templates/system/ip/arp/table-size/node.def b/templates/system/ip/arp/table-size/node.def deleted file mode 100644 index b4d0a9e3..00000000 --- a/templates/system/ip/arp/table-size/node.def +++ /dev/null @@ -1,14 +0,0 @@ -help: Maximum number of entries to keep in the ARP cache - -type: u32 - -default: 8192 - -allowed: echo "1024 2048 4096 8192 16384 32768" - -syntax:expression: exec " \ - /opt/vyatta/sbin/vyatta-update-arp-params \ - 'syntax-check' 'table-size' '$VAR(@)' 'ipv4' " - -update: - /opt/vyatta/sbin/vyatta-update-arp-params 'update' 'table-size' '$VAR(@)' 'ipv4' diff --git a/templates/system/ip/disable-forwarding/node.def b/templates/system/ip/disable-forwarding/node.def deleted file mode 100644 index 3bac48b3..00000000 --- a/templates/system/ip/disable-forwarding/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Disable IPv4 forwarding -create: sudo sh -c "echo 0 > /proc/sys/net/ipv4/conf/all/forwarding" -delete: sudo sh -c "echo 1 > /proc/sys/net/ipv4/conf/all/forwarding" diff --git a/templates/system/ip/multipath/ignore-unreachable-nexthops/node.def b/templates/system/ip/multipath/ignore-unreachable-nexthops/node.def deleted file mode 100644 index a37d455a..00000000 --- a/templates/system/ip/multipath/ignore-unreachable-nexthops/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Ignore next hops that are not in the ARP table - -create: sudo sysctl -w net.ipv4.fib_multipath_use_neigh=1 >/dev/null -delete: sudo sysctl -w net.ipv4.fib_multipath_use_neigh=0 >/dev/null - diff --git a/templates/system/ip/multipath/layer4-hashing/node.def b/templates/system/ip/multipath/layer4-hashing/node.def deleted file mode 100644 index 6cc7e3e2..00000000 --- a/templates/system/ip/multipath/layer4-hashing/node.def +++ /dev/null @@ -1,4 +0,0 @@ -help: Use layer 4 information for ECMP hashing - -create: sudo sysctl -w net.ipv4.fib_multipath_hash_policy=1 >/dev/null -delete: sudo sysctl -w net.ipv4.fib_multipath_hash_policy=0 >/dev/null diff --git a/templates/system/ip/multipath/node.def b/templates/system/ip/multipath/node.def deleted file mode 100644 index 3625e902..00000000 --- a/templates/system/ip/multipath/node.def +++ /dev/null @@ -1 +0,0 @@ -help: IPv4 multipath settings diff --git a/templates/system/ip/node.def b/templates/system/ip/node.def deleted file mode 100644 index c1359b50..00000000 --- a/templates/system/ip/node.def +++ /dev/null @@ -1,2 +0,0 @@ -priority: 400 -help: IPv4 settings diff --git a/templates/system/ipv6/blacklist/node.def b/templates/system/ipv6/blacklist/node.def deleted file mode 100644 index 081425bd..00000000 --- a/templates/system/ipv6/blacklist/node.def +++ /dev/null @@ -1,11 +0,0 @@ -priority: 400 -help: Prevent the IPv6 kernel module from being loaded - -create: - sudo sh -c "echo blacklist ipv6 > \ - /etc/modprobe.d/vyatta_blacklist_ipv6.conf" - echo "This change will take affect when the system is rebooted." - -delete: - sudo sh -c "rm -f /etc/modprobe.d/vyatta_blacklist_ipv6.conf" - echo "This change will take affect when the system is rebooted." diff --git a/templates/system/ipv6/disable-forwarding/node.def b/templates/system/ipv6/disable-forwarding/node.def deleted file mode 100644 index 323b99d6..00000000 --- a/templates/system/ipv6/disable-forwarding/node.def +++ /dev/null @@ -1,46 +0,0 @@ -priority: 400 -help: Disable IPv6 forwarding on all interfaces - -# Disable IPv6 forwarding for all interfaces we currently have, -# and set default such that it will be disabled on any new interfaces -# that come up after this. -# -create: - sudo sh -c "echo 0 > /proc/sys/net/ipv6/conf/all/forwarding" - sudo sh -c "echo 0 > /proc/sys/net/ipv6/conf/default/forwarding" - -# Re-enable IPv6 forwarding globally. But setting the global -# forwarding parameter under "all" has the side effect of setting the -# per-interface forwarding parameter for all interfaces. Users may -# disable forwarding per-interface, so we have to restore the state of -# the per-interface parameter here. A per-interface flag file under -# /var/run/vyatta/ tells us if forwarding is disabled on specific -# interfaces. Restore default value of the forwarding parameter under -# "default" so that any new interfaces that come up after this will -# have forwarding enabled. -# -delete: - sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/all/forwarding" - cd /proc/sys/net/ipv6/conf - for i in * ; do - if [[ "$i" == "default" ]] || - [[ "$i" == "all" ]] || - [[ ! -d "$i" ]]; then - continue - fi - if [[ -e /var/run/vyatta/ipv6_no_fwd.$i ]]; then - sudo sh -c "echo 0 > $i/forwarding" - fi - done - sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/default/forwarding" - # - # If router advertisements were configured while global IPv6 - # forwarding was disabled, we will need to start the radvd daemon - # now. - running=$(pgrep -n radvd) - if [[ -z "$running" ]] && - [[ -e /etc/radvd.conf ]] && - [[ -x /etc/init.d/radvd ]]; then - /etc/init.d/radvd start - fi - diff --git a/templates/system/ipv6/disable/node.def b/templates/system/ipv6/disable/node.def deleted file mode 100644 index eb61557f..00000000 --- a/templates/system/ipv6/disable/node.def +++ /dev/null @@ -1,11 +0,0 @@ -priority: 400 -help: Disable assignment of IPv6 addresses on all interfaces - -create: - sudo sh -c "echo options ipv6 disable_ipv6=1 > \ - /etc/modprobe.d/vyatta_disable_ipv6.conf" - echo "This change will take affect when the system is rebooted." - -delete: - sudo sh -c "rm -f /etc/modprobe.d/vyatta_disable_ipv6.conf" - echo "This change will take affect when the system is rebooted." diff --git a/templates/system/ipv6/multipath/layer4-hashing/node.def b/templates/system/ipv6/multipath/layer4-hashing/node.def deleted file mode 100644 index 97ffdc61..00000000 --- a/templates/system/ipv6/multipath/layer4-hashing/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Use layer 4 information for ECMP hashing - -create: sudo sysctl -w net.ipv4.fib_multipath_hash_policy=1 >/dev/null -delete: sudo sysctl -w net.ipv4.fib_multipath_hash_policy=0 >/dev/null - diff --git a/templates/system/ipv6/multipath/node.def b/templates/system/ipv6/multipath/node.def deleted file mode 100644 index 76bf4372..00000000 --- a/templates/system/ipv6/multipath/node.def +++ /dev/null @@ -1 +0,0 @@ -help: IPv6 multipath settings diff --git a/templates/system/ipv6/neighbor/node.def b/templates/system/ipv6/neighbor/node.def deleted file mode 100644 index ca609636..00000000 --- a/templates/system/ipv6/neighbor/node.def +++ /dev/null @@ -1,2 +0,0 @@ -priority: 400 -help: Parameters for Neighbor cache diff --git a/templates/system/ipv6/neighbor/table-size/node.def b/templates/system/ipv6/neighbor/table-size/node.def deleted file mode 100644 index 0ea4816e..00000000 --- a/templates/system/ipv6/neighbor/table-size/node.def +++ /dev/null @@ -1,14 +0,0 @@ -help: Maximum number of entries to keep in the Neighbor cache - -type: u32 - -default: 8192 - -allowed: echo "1024 2048 4096 8192 16384 32768" - -syntax:expression: exec " \ - /opt/vyatta/sbin/vyatta-update-arp-params \ - 'syntax-check' 'table-size' '$VAR(@)' 'ipv6' " - -update: - /opt/vyatta/sbin/vyatta-update-arp-params 'update' 'table-size' '$VAR(@)' 'ipv6' diff --git a/templates/system/ipv6/node.def b/templates/system/ipv6/node.def deleted file mode 100644 index d67a124a..00000000 --- a/templates/system/ipv6/node.def +++ /dev/null @@ -1 +0,0 @@ -help: IPv6 settings diff --git a/templates/system/ipv6/strict-dad/node.def b/templates/system/ipv6/strict-dad/node.def deleted file mode 100644 index c52de988..00000000 --- a/templates/system/ipv6/strict-dad/node.def +++ /dev/null @@ -1,29 +0,0 @@ - -priority: 290 # Must be run before any interfaces are configured - -help: Disable IPv6 operation on interface when DAD fails on LL addr - -# Enable strict DAD behavior. Disable IPv6 operation on an interface -# if DAD fails on the EUI-64 based link-local address. -# -create: - sudo sh -c "echo 2 > /proc/sys/net/ipv6/conf/all/accept_dad" - sudo sh -c "echo 2 > /proc/sys/net/ipv6/conf/default/accept_dad" - for ifname in /sys/class/net/eth* ; do - if [ -d $ifname ]; then - ifname=${ifname#/sys/class/net/} - sudo sh -c "echo 2 > /proc/sys/net/ipv6/conf/$ifname/accept_dad" - fi - done - - -# Revert back to liberal DAD behavior -delete: - sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/all/accept_dad" - sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/default/accept_dad" - for ifname in /sys/class/net/eth* /sys/class/net/en* ; do - if [ -d $ifname ]; then - ifname=${ifname#/sys/class/net/} - sudo sh -c "echo 1 > /proc/sys/net/ipv6/conf/$ifname/accept_dad" - fi - done |