diff options
17 files changed, 154 insertions, 28 deletions
diff --git a/debian/changelog b/debian/changelog index d59538c1..3792bd88 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +vyatta-cfg-system (0.19.125) unstable; urgency=low + + * pseudo-ethernet remove incorrect template + * pseudo-ethernet: add support for proxy arp + * pseudo-ethernet: add VIF support + * Add support for macvlan mode + * Fix priority of vif for pseudo-ethernet + * Remove unnecessary sudo on bonding vif link detect script + + -- Stephen Hemminger <shemminger@vyatta.com> Thu, 03 Nov 2011 14:28:36 -0700 + vyatta-cfg-system (0.19.124) unstable; urgency=low * Bugfix 7575 allow tshark to run as unprivileged user, tshark uses diff --git a/scripts/dynamic-dns/vyatta-dynamic-dns.pl b/scripts/dynamic-dns/vyatta-dynamic-dns.pl index 232d260e..290b0543 100755 --- a/scripts/dynamic-dns/vyatta-dynamic-dns.pl +++ b/scripts/dynamic-dns/vyatta-dynamic-dns.pl @@ -30,7 +30,6 @@ use Getopt::Long; use strict; use warnings; -use Switch; my $ddclient_run_dir = '/var/run/ddclient'; my $ddclient_cache_dir = '/var/cache/ddclient'; @@ -55,13 +54,8 @@ if (defined $update_dynamicdns) { dynamicdns_restart(); } -if (defined $op_mode_update_dynamicdns) { - dynamicdns_restart(); -} - -if (defined $stop_dynamicdns) { - dynamicdns_stop(); -} +dynamicdns_restart() if (defined $op_mode_update_dynamicdns); +dynamicdns_stop() if (defined $stop_dynamicdns); exit 0; @@ -75,13 +69,10 @@ sub dynamicdns_restart { } sub dynamicdns_start { - - if(! -d $ddclient_run_dir ){ - system ("mkdir $ddclient_run_dir\;"); - } - if(! -d $ddclient_cache_dir ){ - system ("mkdir $ddclient_cache_dir\;"); - } + mkdir $ddclient_run_dir + unless ( -d $ddclient_run_dir ); + mkdir $ddclient_cache_dir + unless ( -d $ddclient_cache_dir ); system("/usr/sbin/ddclient -file $ddclient_config_dir/ddclient_$interface.conf >&/dev/null"); @@ -141,13 +132,12 @@ sub dynamicdns_get_values { sub dynamicdns_write_file { my ($config) = @_; - if(! -d $ddclient_config_dir ){ - system ("mkdir $ddclient_config_dir\;"); - } - open(my $fh, '>', "$ddclient_config_dir/ddclient_$interface.conf") || die "Couldn't open \"$ddclient_config_dir/ddclient_$interface.conf\" - $!"; + mkdir $ddclient_config_dir + unless (-d $ddclient_config_dir ); + + open(my $fh, '>', "$ddclient_config_dir/ddclient_$interface.conf") + || die "Couldn't open \"$ddclient_config_dir/ddclient_$interface.conf\" - $!"; print $fh $config; close $fh; } - -# end of file diff --git a/templates/interfaces/bonding/node.tag/vif/node.def b/templates/interfaces/bonding/node.tag/vif/node.def index 35a00835..63394e44 100644 --- a/templates/interfaces/bonding/node.tag/vif/node.def +++ b/templates/interfaces/bonding/node.tag/vif/node.def @@ -12,7 +12,7 @@ create: read -a SLAVES </sys/class/net/$VAR(../@)/bonding/slaves fi ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) || exit 1 ip link set "$VAR(../@).$VAR(@)" up - sudo sh -c "/opt/vyatta/sbin/vyatta-link-detect $VAR(../@).$VAR(@) on" + /opt/vyatta/sbin/vyatta-link-detect "$VAR(../@).$VAR(@)" on delete: [ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0 ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@) diff --git a/templates/interfaces/pseudo-ethernet/link/node.def b/templates/interfaces/pseudo-ethernet/link/node.def deleted file mode 100644 index 40818d54..00000000 --- a/templates/interfaces/pseudo-ethernet/link/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: txt -syntax:expression: exec \ - "/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --check=ethernet" -allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=ethernet -help: Lower link device diff --git a/templates/interfaces/pseudo-ethernet/node.def b/templates/interfaces/pseudo-ethernet/node.def index 4f8510f3..00e54055 100644 --- a/templates/interfaces/pseudo-ethernet/node.def +++ b/templates/interfaces/pseudo-ethernet/node.def @@ -10,7 +10,7 @@ syntax:expression: pattern $VAR(@) "^peth[0-9]+$" \ commit:expression: $VAR(link) != "" ; "link device must be set for virtual ethernet $VAR(@)" -create: ip link add $VAR(@) link $VAR(link/@) type macvlan || exit 1 +create: ip link add $VAR(@) link $VAR(link/@) type macvlan mode $VAR(mode/@) || exit 1 if ! cli-shell-api exists interfaces ethernet $VAR(@) disable; then ip link set $VAR(@) up fi diff --git a/templates/interfaces/pseudo-ethernet/node.tag/ip/enable-proxy-arp/node.def b/templates/interfaces/pseudo-ethernet/node.tag/ip/enable-proxy-arp/node.def new file mode 100644 index 00000000..ae7ba09a --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/ip/enable-proxy-arp/node.def @@ -0,0 +1,3 @@ +help: Enable proxy-arp on this interface +create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp\" " +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../@)/proxy_arp\" " diff --git a/templates/interfaces/pseudo-ethernet/node.tag/mode/node.def b/templates/interfaces/pseudo-ethernet/node.tag/mode/node.def new file mode 100644 index 00000000..1ab595b0 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/mode/node.def @@ -0,0 +1,13 @@ +type: txt +help: receive mode +default: "private" +allowed: echo "private vepa bridge passthru" +syntax:expression: $VAR(@) in "private", "vepa", "bridge", "passthru" ; \ + "mode must be private, vepa, bridge or passthru" + +val_help:private: No communication with other pseudo-devices +val_help:vepa: Virtual Ethernet Port Aggregator reflective relay +val_help:bridge: Simple bridge between pseudo-devices +val_help:passthru: Promicious mode passthrough of underlying device + +update: ip link set dev $VAR(../@) type macvlan mode $VAR(@) diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.def new file mode 100644 index 00000000..2c73ca16 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.def @@ -0,0 +1,13 @@ +tag: +priority: 320 +type: u32 +help: Virtual Local Area Network (VLAN) ID +syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4094; "VLAN ID must be between 0 and 4094" +val_help: u32:0-4094; VLAN ID + +create: ip link add link $VAR(../@) name "$VAR(../@).$VAR(@)" type vlan id $VAR(@) || exit 1 + ip link set "$VAR(../@).$VAR(@)" up + /opt/vyatta/sbin/vyatta-link-detect "$VAR(../@).$VAR(@)" on + +delete: [ -d /sys/class/net/$VAR(../@).$VAR(@) ] || exit 0 + ip link delete dev "$VAR(../@).$VAR(@)" type vlan id $VAR(@) diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/address/node.def new file mode 100644 index 00000000..db361f38 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/address/node.def @@ -0,0 +1,18 @@ +multi: +type: txt +help: IP address + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" + +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../../@).$VAR(../@)" + +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../../@).$VAR(../@) $VAR(@) + +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../../@).$VAR(../@) $VAR(@) + +allowed: echo "dhcp <>" + +val_help: ipv4net; IP address and prefix length +val_help: ipv6net; IPv6 address and prefix length +val_help: dhcp; Dynamic Host Configuration Protocol +val_help: dhcpv6; Dynamic Host Configuration Protocol for IPv6 diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/description/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/description/node.def new file mode 100644 index 00000000..ce6c5fd0 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/description/node.def @@ -0,0 +1,4 @@ +type: txt +help: Description +update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" +delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def new file mode 100644 index 00000000..9cf861b4 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def @@ -0,0 +1,47 @@ +# This node is run before the rest of the interface is configured. +# We first check to see if DHCPv6 is still configured on the interface by +# looking over at the interface address parameters. Then we check to see +# if the DHCPv6 client program is still running on this interface. If both +# of those are true, then any change to this tree means that the user +# has changed this tree ONLY, and that we are going to have to re-start +# the DHCPv6 client using the new parameters. + + +priority: 317 # Run before interface has been configured + +help: DHCPv6 options + +end: + ifname="$VAR(../../@).$VAR(../@)" + + dhcpv6_set=0 + for param in $VAR(../address/@@); do + if [ "$param" = "dhcpv6" ]; then + dhcpv6_set=1 + fi + done + + if [ $dhcpv6_set -eq 0 ]; then + echo "DHCPv6 is not configured on this interface" + exit 0 + fi + + conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf + if [ ! -e $conffile ]; then + echo "Conf file $conffile doesn't exist" + exit 0 + fi + + if [ -n "$VAR(./parameters-only)" ]; then + arg1="--parameters-only" + fi + + if [ -n "$VAR(./temporary)" ]; then + arg2="--temporary" + fi + + echo "Re-starting DHCPv6 client on ${ifname}..." + sudo /opt/vyatta/sbin/vyatta-dhcpv6-client.pl --stop --start \ + --ifname $ifname $arg1 $arg2 + + exit 0 diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/parameters-only/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/parameters-only/node.def new file mode 100644 index 00000000..0e407f81 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/parameters-only/node.def @@ -0,0 +1,3 @@ + +help: Acquire only config parameters, not address + diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/temporary/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/temporary/node.def new file mode 100644 index 00000000..a850ef4b --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/temporary/node.def @@ -0,0 +1,3 @@ + +help: IPv6 "temporary" address + diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable-link-detect/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable-link-detect/node.def new file mode 100644 index 00000000..5f60e6ab --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable-link-detect/node.def @@ -0,0 +1,3 @@ +help: Ignore link state changes +update:/opt/vyatta/sbin/vyatta-link-detect $VAR(../../@).$VAR(../@) on +delete:/opt/vyatta/sbin/vyatta-link-detect $VAR(../../@).$VAR(../@) off diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def new file mode 100644 index 00000000..e9943645 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/disable/node.def @@ -0,0 +1,11 @@ +help: Disable interface +update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@) + if ! ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then + echo "Error disabling dev $VAR(../../@).$VAR(../@)" + /etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@) + exit 1 + fi +delete: if ! ip link set $VAR(../../@).$VAR(../@) up; then + echo "Error enabling dev $VAR(../../@).$VAR(../@)" + exit 1 + fi diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/ip/enable-proxy-arp/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/ip/enable-proxy-arp/node.def new file mode 100644 index 00000000..cd6d56d9 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/ip/enable-proxy-arp/node.def @@ -0,0 +1,3 @@ +help: Enable proxy-arp on this interface +create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp\" " +delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp\" " diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def new file mode 100644 index 00000000..e0d3c3f9 --- /dev/null +++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/mtu/node.def @@ -0,0 +1,9 @@ +type: u32 +priority: 381 +help: Maximum Transmission Unit (MTU) +val_help: u32:68-9000; Maximum Transmission Unit (MTU) +syntax:expression: $VAR(@) >= 68 && $VAR(@) <= 9000; "MTU must be between 68 and 9000" + +update: ip link set $VAR(../../@).$VAR(../@) mtu $VAR(@) +delete: [ -d /sys/class/net/$VAR(../../@).$VAR(../@) ] || exit 0 + ip link set $VAR(../../@).$VAR(../@) mtu 1500 |