summaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
Diffstat (limited to 'templates')
-rw-r--r--templates/interfaces/bonding/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/bonding/node.tag/vif/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/bridge/node.def4
-rw-r--r--templates/interfaces/bridge/node.tag/aging/node.def4
-rw-r--r--templates/interfaces/bridge/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/bridge/node.tag/forwarding-delay/node.def2
-rw-r--r--templates/interfaces/bridge/node.tag/hello-time/node.def4
-rw-r--r--templates/interfaces/bridge/node.tag/max-age/node.def4
-rw-r--r--templates/interfaces/bridge/node.tag/priority/node.def4
-rw-r--r--templates/interfaces/bridge/node.tag/stp/node.def12
-rw-r--r--templates/interfaces/ethernet/node.def16
-rw-r--r--templates/interfaces/ethernet/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def3
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def3
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def3
-rw-r--r--templates/interfaces/l2tpv3/node.def8
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def2
-rw-r--r--templates/interfaces/tunnel/node.def5
-rw-r--r--templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def10
-rw-r--r--templates/interfaces/tunnel/node.tag/dhcp-interface/node.def2
-rw-r--r--templates/interfaces/tunnel/node.tag/local-ip/node.def3
-rw-r--r--templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def6
-rw-r--r--templates/service/dns/forwarding/cache-size/node.def5
-rw-r--r--templates/service/dns/forwarding/dhcp/node.def8
-rw-r--r--templates/service/dns/forwarding/domain/node.def4
-rw-r--r--templates/service/dns/forwarding/domain/node.tag/server/node.def3
-rw-r--r--templates/service/dns/forwarding/ignore-hosts-file/node.def1
-rw-r--r--templates/service/dns/forwarding/listen-on/node.def5
-rw-r--r--templates/service/dns/forwarding/name-server/node.def3
-rw-r--r--templates/service/dns/forwarding/node.def10
-rw-r--r--templates/service/dns/forwarding/system/node.def2
-rw-r--r--templates/service/snmp/community/node.def5
-rw-r--r--templates/service/snmp/community/node.tag/authorization/node.def8
-rw-r--r--templates/service/snmp/community/node.tag/client/node.def3
-rw-r--r--templates/service/snmp/community/node.tag/network/node.def4
-rw-r--r--templates/service/snmp/contact/node.def6
-rw-r--r--templates/service/snmp/description/node.def6
-rw-r--r--templates/service/snmp/listen-address/node.def3
-rw-r--r--templates/service/snmp/listen-address/node.tag/port/node.def7
-rw-r--r--templates/service/snmp/location/node.def6
-rw-r--r--templates/service/snmp/node.def27
-rw-r--r--templates/service/snmp/smux-peer/node.def4
-rw-r--r--templates/service/snmp/trap-source/node.def2
-rw-r--r--templates/service/snmp/trap-target/node.def3
-rw-r--r--templates/service/snmp/trap-target/node.tag/community/node.def2
-rw-r--r--templates/service/snmp/trap-target/node.tag/port/node.def6
-rw-r--r--templates/service/snmp/v3/engineid/node.def3
-rw-r--r--templates/service/snmp/v3/group/node.def8
-rw-r--r--templates/service/snmp/v3/group/node.tag/mode/node.def8
-rw-r--r--templates/service/snmp/v3/group/node.tag/seclevel/node.def7
-rw-r--r--templates/service/snmp/v3/group/node.tag/view/node.def11
-rw-r--r--templates/service/snmp/v3/node.def30
-rw-r--r--templates/service/snmp/v3/trap-target/node.def14
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def3
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/auth/node.def4
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def3
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def8
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/engineid/node.def3
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/port/node.def7
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def3
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/privacy/node.def4
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def3
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def8
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/protocol/node.def8
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/type/node.def8
-rw-r--r--templates/service/snmp/v3/trap-target/node.tag/user/node.def4
-rw-r--r--templates/service/snmp/v3/tsm/local-key/node.def14
-rw-r--r--templates/service/snmp/v3/tsm/node.def3
-rw-r--r--templates/service/snmp/v3/tsm/port/node.def7
-rw-r--r--templates/service/snmp/v3/user/node.def7
-rw-r--r--templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def2
-rw-r--r--templates/service/snmp/v3/user/node.tag/auth/node.def3
-rw-r--r--templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def6
-rw-r--r--templates/service/snmp/v3/user/node.tag/auth/type/node.def8
-rw-r--r--templates/service/snmp/v3/user/node.tag/engineid/node.def3
-rw-r--r--templates/service/snmp/v3/user/node.tag/group/node.def11
-rw-r--r--templates/service/snmp/v3/user/node.tag/mode/node.def8
-rw-r--r--templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def2
-rw-r--r--templates/service/snmp/v3/user/node.tag/privacy/node.def3
-rw-r--r--templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def6
-rw-r--r--templates/service/snmp/v3/user/node.tag/privacy/type/node.def8
-rw-r--r--templates/service/snmp/v3/user/node.tag/tsm-key/node.def14
-rw-r--r--templates/service/snmp/v3/view/node.def6
-rw-r--r--templates/service/snmp/v3/view/node.tag/oid/node.def4
-rw-r--r--templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def1
-rw-r--r--templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def4
-rw-r--r--templates/service/ssh/allow-root/node.def5
-rw-r--r--templates/service/ssh/ciphers/node.def29
-rw-r--r--templates/service/ssh/disable-host-validation/node.def6
-rw-r--r--templates/service/ssh/disable-password-authentication/node.def5
-rw-r--r--templates/service/ssh/listen-address/node.def10
-rw-r--r--templates/service/ssh/macs/node.def10
-rw-r--r--templates/service/ssh/node.def8
-rw-r--r--templates/service/ssh/port/node.def7
-rw-r--r--templates/service/telnet/allow-root/node.def3
-rw-r--r--templates/service/telnet/listen-address/node.def7
-rw-r--r--templates/service/telnet/node.def8
-rw-r--r--templates/service/telnet/port/node.def9
-rw-r--r--templates/system/console/device/node.tag/speed/node.def2
-rw-r--r--templates/system/domain-name/node.def12
-rw-r--r--templates/system/host-name/node.def12
-rw-r--r--templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def4
-rw-r--r--templates/system/ntp/client/address/node.def6
-rw-r--r--templates/system/ntp/client/node.def1
-rw-r--r--templates/system/ntp/node.def16
-rw-r--r--templates/system/ntp/server/node.def3
-rw-r--r--templates/system/ntp/server/node.tag/dynamic/node.def2
-rw-r--r--templates/system/ntp/server/node.tag/noselect/node.def1
-rw-r--r--templates/system/ntp/server/node.tag/preempt/node.def1
-rw-r--r--templates/system/ntp/server/node.tag/prefer/node.def1
-rw-r--r--templates/system/options/ctrl-alt-del-action/node.def16
-rw-r--r--templates/system/options/enable-popularity-contest/node.def9
-rw-r--r--templates/system/static-host-mapping/host-name/node.def4
-rw-r--r--templates/system/sysctl/custom/node.def2
122 files changed, 90 insertions, 628 deletions
diff --git a/templates/interfaces/bonding/node.tag/dhcpv6-options/node.def b/templates/interfaces/bonding/node.tag/dhcpv6-options/node.def
index 225bd926..d25533f9 100644
--- a/templates/interfaces/bonding/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/bonding/node.tag/dhcpv6-options/node.def
@@ -27,7 +27,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/dhcpv6-options/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/dhcpv6-options/node.def
index 86b5560f..d6fea411 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
index ef4c13ad..0be14824 100644
--- a/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/bonding/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/bonding/node.tag/vif/node.tag/dhcpv6-options/node.def b/templates/interfaces/bonding/node.tag/vif/node.tag/dhcpv6-options/node.def
index 81e7055d..41975dea 100644
--- a/templates/interfaces/bonding/node.tag/vif/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/bonding/node.tag/vif/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/bridge/node.def b/templates/interfaces/bridge/node.def
index c20b361c..8525cb9e 100644
--- a/templates/interfaces/bridge/node.def
+++ b/templates/interfaces/bridge/node.def
@@ -5,7 +5,7 @@ help: Bridge interface name
val_help: <brN>; Bridge interface name
syntax:expression: pattern $VAR(@) "^br[0-9]+$" ; "Must be (br0 - br999)"
-create: /usr/sbin/brctl addbr $VAR(@)
+create: /sbin/brctl addbr $VAR(@)
if [ -n "$VAR(mac/@)" ] ; then
ip li set dev $VAR(@) address $VAR(mac/@)
fi
@@ -17,4 +17,4 @@ delete: if ! /opt/vyatta/sbin/vyatta-bridgegroup-depedency.pl \
exit 1
fi
ip link set $VAR(@) down;
- /usr/sbin/brctl delbr $VAR(@);
+ /sbin/brctl delbr $VAR(@);
diff --git a/templates/interfaces/bridge/node.tag/aging/node.def b/templates/interfaces/bridge/node.tag/aging/node.def
index a67a7ca3..ab83140f 100644
--- a/templates/interfaces/bridge/node.tag/aging/node.def
+++ b/templates/interfaces/bridge/node.tag/aging/node.def
@@ -6,5 +6,5 @@ syntax:expression: $VAR(@) == 0 || ( $VAR(@) >= 10 && $VAR(@) < 1000000 ) ;
val_help: 0; Disable retaining address in bridge (always flood)
val_help: u32:10-1000000; Address aging time for bridge seconds (default 300)
-update: /usr/sbin/brctl setageing $VAR(../@) $VAR(@)
-delete: /usr/sbin/brctl setageing $VAR(../@) 300
+update: /sbin/brctl setageing $VAR(../@) $VAR(@)
+delete: /sbin/brctl setageing $VAR(../@) 300
diff --git a/templates/interfaces/bridge/node.tag/dhcpv6-options/node.def b/templates/interfaces/bridge/node.tag/dhcpv6-options/node.def
index 225bd926..d25533f9 100644
--- a/templates/interfaces/bridge/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/bridge/node.tag/dhcpv6-options/node.def
@@ -27,7 +27,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/bridge/node.tag/forwarding-delay/node.def b/templates/interfaces/bridge/node.tag/forwarding-delay/node.def
index 21de2454..7783339b 100644
--- a/templates/interfaces/bridge/node.tag/forwarding-delay/node.def
+++ b/templates/interfaces/bridge/node.tag/forwarding-delay/node.def
@@ -2,4 +2,4 @@ type: u32
help: Forwarding delay
syntax:expression:$VAR(@) <= 200; "Forwarding delay must be between 0 and 200"
val_help: u32:0-200; Spanning Tree Protocol forwarding delay in seconds (default 15)
-update: /usr/sbin/brctl setfd $VAR(../@) $VAR(@)
+update: /sbin/brctl setfd $VAR(../@) $VAR(@)
diff --git a/templates/interfaces/bridge/node.tag/hello-time/node.def b/templates/interfaces/bridge/node.tag/hello-time/node.def
index 8f48b8be..f6d54d73 100644
--- a/templates/interfaces/bridge/node.tag/hello-time/node.def
+++ b/templates/interfaces/bridge/node.tag/hello-time/node.def
@@ -3,5 +3,5 @@ default: 2
help: Hello packet advertisment interval
syntax:expression: $VAR(@) <= 30; "Bridge Hello interval must be between 0 and 30 seconds"
val_help: u32:0-30; Spanning Tree Protocol hello advertisement interval (default 2)
-update: /usr/sbin/brctl sethello $VAR(../@) $VAR(@)
-delete: /usr/sbin/brctl sethello $VAR(../@) 2
+update: /sbin/brctl sethello $VAR(../@) $VAR(@)
+delete: /sbin/brctl sethello $VAR(../@) 2
diff --git a/templates/interfaces/bridge/node.tag/max-age/node.def b/templates/interfaces/bridge/node.tag/max-age/node.def
index b30e5e9e..452313ad 100644
--- a/templates/interfaces/bridge/node.tag/max-age/node.def
+++ b/templates/interfaces/bridge/node.tag/max-age/node.def
@@ -5,6 +5,6 @@ syntax:expression: $VAR(@) >= 6 && $VAR(@) <= 200 ;
"Bridge max aging value must be between 6 and 200"
val_help: u32:6-200; Bridge maximum aging time value (default 20)
-update: /usr/sbin/brctl setmaxage $VAR(../@) $VAR(@)
-delete: /usr/sbin/brctl setmaxage $VAR(../@) 20
+update: /sbin/brctl setmaxage $VAR(../@) $VAR(@)
+delete: /sbin/brctl setmaxage $VAR(../@) 20
diff --git a/templates/interfaces/bridge/node.tag/priority/node.def b/templates/interfaces/bridge/node.tag/priority/node.def
index ba17f841..3e35dc67 100644
--- a/templates/interfaces/bridge/node.tag/priority/node.def
+++ b/templates/interfaces/bridge/node.tag/priority/node.def
@@ -4,5 +4,5 @@ default: 32768
syntax:expression:$VAR(@) < 65536 ; "Bridge priority must be between 0 and 65535 (multiples of 4096)"
val_help: u32:0-65535; Bridge priority (default 32768)
-update: /usr/sbin/brctl setbridgeprio $VAR(../@) $VAR(@)
-delete: /usr/sbin/brctl setbridgeprio $VAR(../@) 32768
+update: /sbin/brctl setbridgeprio $VAR(../@) $VAR(@)
+delete: /sbin/brctl setbridgeprio $VAR(../@) 32768
diff --git a/templates/interfaces/bridge/node.tag/stp/node.def b/templates/interfaces/bridge/node.tag/stp/node.def
index d24a3261..63000648 100644
--- a/templates/interfaces/bridge/node.tag/stp/node.def
+++ b/templates/interfaces/bridge/node.tag/stp/node.def
@@ -6,13 +6,13 @@ val_help: false; Disable Spanning Tree Protocol (default)
update: if [ "$VAR(@)" == "true" ]; then
if [ -z "$VAR(../../forwarding-delay)" ]; then
- /usr/sbin/brctl setfd $VAR(../@) 15
+ /sbin/brctl setfd $VAR(../@) 15
else
- /usr/sbin/brctl setfd $VAR(../@) $VAR(../../forwarding-delay)
+ /sbin/brctl setfd $VAR(../@) $VAR(../../forwarding-delay)
fi
- /usr/sbin/brctl stp $VAR(../@) on
+ /sbin/brctl stp $VAR(../@) on
else
- /usr/sbin/brctl stp $VAR(../@) off
- /usr/sbin/brctl setfd $VAR(../@) 0
+ /sbin/brctl stp $VAR(../@) off
+ /sbin/brctl setfd $VAR(../@) 0
fi
-delete:/usr/sbin/brctl stp $VAR(../@) off
+delete:/sbin/brctl stp $VAR(../@) off
diff --git a/templates/interfaces/ethernet/node.def b/templates/interfaces/ethernet/node.def
index bdbdb0d5..2af57e0a 100644
--- a/templates/interfaces/ethernet/node.def
+++ b/templates/interfaces/ethernet/node.def
@@ -4,13 +4,18 @@ type: txt
help: Ethernet interface name
allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=ethernet
val_help: <ethN>; Ethernet interface name
-syntax:expression: pattern $VAR(@) "^eth[0-9]+$" \
+syntax:expression: pattern $VAR(@) "^(eth|lan)[0-9]+$" \
; "interface ethernet $VAR(@): not a valid name"
syntax:expression: exec \
"if [ ! -d /sys/class/net/$VAR(@) ]; then \
echo \"interface ethernet $VAR(@): does not exist\";
exit 1; \
+ fi
+
+ if ip link show | awk '{print $2 }' | grep -ao \"lan[0-9]@$VAR(@)\" > /dev/null 2>&1 ; then \
+ echo \"interface ethernet $VAR(@): is a switch master interface and not configurable, please use 'lan' interfaces\";
+ exit 1; \
fi"
begin: rm -f /tmp/speed-duplex.$VAR(@)
@@ -26,7 +31,14 @@ begin: rm -f /tmp/speed-duplex.$VAR(@)
create: if ! cli-shell-api exists interfaces ethernet $VAR(@) disable;
- then ip link set $VAR(@) up
+ then
+ case "$VAR(@)" in
+ *lan*)
+ masterint=$(ip link show $VAR(@) | awk 'NR==1{print $2 }' | grep -ao "eth[0-9]")
+ ip link set $masterint up
+ ;;
+ esac
+ ip link set $VAR(@) up
fi
/opt/vyatta/sbin/vyatta-link-detect $VAR(@) on
diff --git a/templates/interfaces/ethernet/node.tag/dhcpv6-options/node.def b/templates/interfaces/ethernet/node.tag/dhcpv6-options/node.def
index 225bd926..d25533f9 100644
--- a/templates/interfaces/ethernet/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/ethernet/node.tag/dhcpv6-options/node.def
@@ -27,7 +27,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def
index 31237d3b..9116b354 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$ifname.conf
+ conffile=/var/lib/dhcp/dhclient_v6_$ifname.conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def
new file mode 100644
index 00000000..e1ab1f00
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/ip/proxy-arp-pvlan/node.def
@@ -0,0 +1,3 @@
+help: Enable private VLAN proxy ARP on this interface
+create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" "
+delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" "
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
index c5ecf92a..ddebe05b 100644
--- a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$ifname.conf
+ conffile=/var/lib/dhcp/dhclient_v6_$ifname.conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def
new file mode 100644
index 00000000..ce1dcc41
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/ip/proxy-arp-pvlan/node.def
@@ -0,0 +1,3 @@
+help: Enable private VLAN proxy ARP on this interface
+create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../../../@).$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" "
+delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../../../@).$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" "
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def
index 31237d3b..9116b354 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$ifname.conf
+ conffile=/var/lib/dhcp/dhclient_v6_$ifname.conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def
new file mode 100644
index 00000000..49bec357
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/ip/proxy-arp-pvlan/node.def
@@ -0,0 +1,3 @@
+help: Enable private VLAN proxy ARP on this interface
+create:expression: "sudo sh -c \"echo 1 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" "
+delete:expression: "sudo sh -c \"echo 0 > /proc/sys/net/ipv4/conf/$VAR(../../../@).$VAR(../../@)/proxy_arp_pvlan\" "
diff --git a/templates/interfaces/l2tpv3/node.def b/templates/interfaces/l2tpv3/node.def
index fb3d1475..973256bf 100644
--- a/templates/interfaces/l2tpv3/node.def
+++ b/templates/interfaces/l2tpv3/node.def
@@ -1,5 +1,5 @@
tag:
-priority: 460
+priority: 800
type: txt
help: L2TPv3 interface
val_help: <l2tpethN>; L2TPv3 interface name
@@ -48,9 +48,9 @@ create:
delete:
ip link set $VAR(@) down
- if [ -n "$VAR(./tunnel-id@/)" ] && [ -n "$VAR(./session-id@/)" ] ; then
- ip l2tp del session $VAR(./tunnel-id/@) session_id $VAR(./session-id/@)
+ if [ -n "$VAR(./tunnel-id/@)" ] && [ -n "$VAR(./session-id/@)" ] ; then
+ ip l2tp del session tunnel_id $VAR(./tunnel-id/@) session_id $VAR(./session-id/@)
fi
- if [ -n "$VAR(./tunnel-id@/)" ] ; then
+ if [ -n "$VAR(./tunnel-id/@)" ] ; then
ip l2tp del tunnel tunnel_id $VAR(./tunnel-id/@)
fi
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/dhcpv6-options/node.def b/templates/interfaces/pseudo-ethernet/node.tag/dhcpv6-options/node.def
index 225bd926..d25533f9 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/dhcpv6-options/node.def
@@ -27,7 +27,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def
index 86b5560f..d6fea411 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
index ef4c13ad..0be14824 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif-s/node.tag/vif-c/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def
index 86b5560f..d6fea411 100644
--- a/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def
+++ b/templates/interfaces/pseudo-ethernet/node.tag/vif/node.tag/dhcpv6-options/node.def
@@ -26,7 +26,7 @@ end:
exit 0
fi
- conffile=/var/lib/dhcp3/dhclient_v6_$VAR(../@).conf
+ conffile=/var/lib/dhcp/dhclient_v6_$VAR(../@).conf
if [ ! -e $conffile ]; then
echo "Conf file $conffile doesn't exist"
exit 0
diff --git a/templates/interfaces/tunnel/node.def b/templates/interfaces/tunnel/node.def
index 720bf64f..1e50a1dd 100644
--- a/templates/interfaces/tunnel/node.def
+++ b/templates/interfaces/tunnel/node.def
@@ -63,8 +63,11 @@ create:
if [ "$VAR(./encapsulation/@)" == "gre" ] && [ -z $VAR(./remote-ip/) ]; then
ip tunnel add $VAR(@) local $LIP mode gre $KEY $TTL $TOS
elif [ "$VAR(./encapsulation/@)" == "sit" ] && [ -n "$VAR(./6rd-prefix/@)" ]; then
+ if [ -n "$VAR(./6rd-relay-prefix/@)" ]; then
+ RP="6rd-relay_prefix $VAR(./6rd-relay-prefix/@)"
+ fi
ip tunnel add $VAR(@) remote $VAR(./remote-ip/@) mode sit
- ip tunnel 6rd dev $VAR(@) 6rd-prefix $VAR(./6rd-prefix/@)
+ ip tunnel 6rd dev $VAR(@) 6rd-prefix $VAR(./6rd-prefix/@) $RP
else
ip tunnel add $VAR(@) local $LIP remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) $KEY $TTL $TOS
fi
diff --git a/templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def b/templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def
new file mode 100644
index 00000000..0f877e2d
--- /dev/null
+++ b/templates/interfaces/tunnel/node.tag/6rd-relay-prefix/node.def
@@ -0,0 +1,10 @@
+multi:
+type: ipv4net
+val_help: ipv4net; IPv4 prefix of interface for 6rd
+help: 6rd relay prefix
+
+syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)"
+
+create:expression: "true"
+update:expression: "false" ; \
+ "6rd-relay-prefix can only be modified at tunnel creation for $VAR(../@)"
diff --git a/templates/interfaces/tunnel/node.tag/dhcp-interface/node.def b/templates/interfaces/tunnel/node.tag/dhcp-interface/node.def
index 60fbae34..de0450d7 100644
--- a/templates/interfaces/tunnel/node.tag/dhcp-interface/node.def
+++ b/templates/interfaces/tunnel/node.tag/dhcp-interface/node.def
@@ -2,7 +2,7 @@ type: txt
help: DHCP interface that supplies the local IP address for this tunnel
allowed:
local -a array ;
- array=( /var/lib/dhcp3/eth* /var/lib/dhcp3/br* /var/lib/dhcp3/bond* ) ;
+ array=( /var/lib/dhcp/eth* /var/lib/dhcp/br* /var/lib/dhcp/bond* ) ;
echo -n ${array[@]##*/}
create:
sudo /opt/vyatta/sbin/vyatta-update-tunnel.pl --interface=$VAR(@) --tunnel=$VAR(../@) --option=create
diff --git a/templates/interfaces/tunnel/node.tag/local-ip/node.def b/templates/interfaces/tunnel/node.tag/local-ip/node.def
index 03d134e9..4a1cbc15 100644
--- a/templates/interfaces/tunnel/node.tag/local-ip/node.def
+++ b/templates/interfaces/tunnel/node.tag/local-ip/node.def
@@ -17,8 +17,7 @@ update:if ! /opt/vyatta/sbin/local_ip $VAR(@)
sudo ip tunnel cha $VAR(../@) local $VAR(@)
if [ -e "/opt/vyatta/sbin/dmvpn-config.pl" ]; then
sudo /opt/vyatta/sbin/dmvpn-config.pl \
- --config_file='/etc/dmvpn.conf' \
- --secrets_file='/etc/dmvpn.secrets' \
+ --config_file='/etc/swanctl/swanctl.conf' \
--init_script='/etc/init.d/ipsec' \
--tunnel_context --tun_id=$VAR(../@) || exit 1
fi
diff --git a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def
index b9ed181e..1142d2de 100644
--- a/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def
+++ b/templates/interfaces/tunnel/node.tag/parameters/ip/key/node.def
@@ -1,8 +1,8 @@
type: u32
help: Tunnel key
-syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 999999; \
- "Must be between 0-999999 for $VAR(../../../@)"
-val_help: u32:0-999999; Tunnel key
+syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 4294967295; \
+ "Must be between 0-4294967295 for $VAR(../../../@)"
+val_help: u32:0-4294967295; Tunnel key
syntax:expression: exec " \
if [ -n \"`ip tunnel show $VAR(../../../@) | grep $VAR(../../../@) `\" ]; then \
diff --git a/templates/service/dns/forwarding/cache-size/node.def b/templates/service/dns/forwarding/cache-size/node.def
deleted file mode 100644
index 9285dbbd..00000000
--- a/templates/service/dns/forwarding/cache-size/node.def
+++ /dev/null
@@ -1,5 +0,0 @@
-type: u32
-default:150
-help: DNS forwarding cache size
-syntax:expression: ($VAR(@) >=0 && $VAR(@) < 10001) ; "Cache size must be between 0 and 10000"
-val_help: u32:0-10000; DNS forwarding cache size
diff --git a/templates/service/dns/forwarding/dhcp/node.def b/templates/service/dns/forwarding/dhcp/node.def
deleted file mode 100644
index 700f703e..00000000
--- a/templates/service/dns/forwarding/dhcp/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-multi:
-type: txt
-help: Use nameservers received from DHCP server for specified interface
-commit:expression: exec "/opt/vyatta/sbin/vyatta-dns-forwarding.pl --dhcp-interface $VAR(@)"
-allowed:
- local -a array ;
- array=( /var/lib/dhcp3/eth* /var/lib/dhcp3/br* ) ;
- echo -n ${array[@]##*/}
diff --git a/templates/service/dns/forwarding/domain/node.def b/templates/service/dns/forwarding/domain/node.def
deleted file mode 100644
index bdd82752..00000000
--- a/templates/service/dns/forwarding/domain/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-tag:
-type: txt
-help: DNS domain to forward to a local server
-commit:expression: $VAR(./server/) != ""; "Error: No server configured for the domain $VAR(@)"
diff --git a/templates/service/dns/forwarding/domain/node.tag/server/node.def b/templates/service/dns/forwarding/domain/node.tag/server/node.def
deleted file mode 100644
index 8f40a299..00000000
--- a/templates/service/dns/forwarding/domain/node.tag/server/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-multi:
-type: ipv4
-help: DNS server to forward queries
diff --git a/templates/service/dns/forwarding/ignore-hosts-file/node.def b/templates/service/dns/forwarding/ignore-hosts-file/node.def
deleted file mode 100644
index 08a89ca8..00000000
--- a/templates/service/dns/forwarding/ignore-hosts-file/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Do not use local /etc/hosts file in name resolution
diff --git a/templates/service/dns/forwarding/listen-on/node.def b/templates/service/dns/forwarding/listen-on/node.def
deleted file mode 100644
index 3d1c748f..00000000
--- a/templates/service/dns/forwarding/listen-on/node.def
+++ /dev/null
@@ -1,5 +0,0 @@
-multi:
-type: txt
-help: Interface to listen for DNS queries [REQUIRED]
-allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=all
-commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --warn"
diff --git a/templates/service/dns/forwarding/name-server/node.def b/templates/service/dns/forwarding/name-server/node.def
deleted file mode 100644
index 3ed4c459..00000000
--- a/templates/service/dns/forwarding/name-server/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-multi:
-type: ipv4
-help: DNS server to forward queries
diff --git a/templates/service/dns/forwarding/node.def b/templates/service/dns/forwarding/node.def
deleted file mode 100644
index ae7a9d3c..00000000
--- a/templates/service/dns/forwarding/node.def
+++ /dev/null
@@ -1,10 +0,0 @@
-priority: 918
-help: DNS forwarding
-commit:expression: $VAR(./listen-on) != ""; "At least one interface must be configured for DNS forwarding parameter 'listen-on'"
-delete:expression: "touch /tmp/dnsmasq.$PPID"
-end:expression: "if [ -f \"/tmp/dnsmasq.$PPID\" ]; then \
- sudo /opt/vyatta/sbin/vyatta-dns-forwarding.pl --stop-dnsforwarding \
- rm /tmp/dnsmasq.$PPID; \
- else \
- sudo /opt/vyatta/sbin/vyatta-dns-forwarding.pl --update-dnsforwarding; \
- fi; "
diff --git a/templates/service/dns/forwarding/system/node.def b/templates/service/dns/forwarding/system/node.def
deleted file mode 100644
index a37676de..00000000
--- a/templates/service/dns/forwarding/system/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: DNS forwarding to system nameservers
-commit:expression: exec "/opt/vyatta/sbin/vyatta-dns-forwarding.pl --system-nameserver"
diff --git a/templates/service/snmp/community/node.def b/templates/service/snmp/community/node.def
deleted file mode 100644
index d7e3ade7..00000000
--- a/templates/service/snmp/community/node.def
+++ /dev/null
@@ -1,5 +0,0 @@
-tag:
-type: txt
-help: Community name [REQUIRED]
-syntax:expression: pattern $VAR(@) "^[^%]+$" ; \
- "Community string may not contain %"
diff --git a/templates/service/snmp/community/node.tag/authorization/node.def b/templates/service/snmp/community/node.tag/authorization/node.def
deleted file mode 100644
index 3d306d59..00000000
--- a/templates/service/snmp/community/node.tag/authorization/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "ro"
-allowed: echo ro rw
-help: Authorization type (rw or ro) (default: ro)
-syntax:expression: $VAR(@) in "ro", "rw"; "Authorization type must be either rw or ro"
-
-
-
diff --git a/templates/service/snmp/community/node.tag/client/node.def b/templates/service/snmp/community/node.tag/client/node.def
deleted file mode 100644
index 37493268..00000000
--- a/templates/service/snmp/community/node.tag/client/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-multi:
-type: ipv4,ipv6
-help: IP address of SNMP client allowed to contact system
diff --git a/templates/service/snmp/community/node.tag/network/node.def b/templates/service/snmp/community/node.tag/network/node.def
deleted file mode 100644
index d9afa4e5..00000000
--- a/templates/service/snmp/community/node.tag/network/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-multi:
-type: ipv4net,ipv6net
-help: Subnet of SNMP client(s) allowed to contact system
-syntax:expression: exec "/opt/vyatta/sbin/vyatta_quagga_utils.pl --check-prefix-boundry $VAR(@)"
diff --git a/templates/service/snmp/contact/node.def b/templates/service/snmp/contact/node.def
deleted file mode 100644
index 63a368cc..00000000
--- a/templates/service/snmp/contact/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-type: txt
-help: Contact information
-
-syntax:expression: pattern $VAR(@) "^[[:print:]]{1,255}$" ; \
- "Contact information is limited to 255 characters or less"
-
diff --git a/templates/service/snmp/description/node.def b/templates/service/snmp/description/node.def
deleted file mode 100644
index cd88099a..00000000
--- a/templates/service/snmp/description/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-type: txt
-help: Description information
-
-syntax:expression: pattern $VAR(@) "^[[:print:]]{1,255}$" ; \
- "Description is limited to 255 characters or less"
-
diff --git a/templates/service/snmp/listen-address/node.def b/templates/service/snmp/listen-address/node.def
deleted file mode 100644
index 9a9c591f..00000000
--- a/templates/service/snmp/listen-address/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-tag:
-type: ipv4,ipv6
-help: IP address to listen for incoming SNMP requests
diff --git a/templates/service/snmp/listen-address/node.tag/port/node.def b/templates/service/snmp/listen-address/node.tag/port/node.def
deleted file mode 100644
index b37939bd..00000000
--- a/templates/service/snmp/listen-address/node.tag/port/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: u32
-default: 161
-help: Port for SNMP service
-
-val_help: u32:1-65535; Numeric IP port
-syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \
- "Port number must be in range 1 to 65535"
diff --git a/templates/service/snmp/location/node.def b/templates/service/snmp/location/node.def
deleted file mode 100644
index 903b405f..00000000
--- a/templates/service/snmp/location/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-type: txt
-help: Location information
-
-syntax:expression: pattern $VAR(@) "^[[:print:]]{1,255}$" ; \
- "Location is limited to 255 characters or less"
-
diff --git a/templates/service/snmp/node.def b/templates/service/snmp/node.def
deleted file mode 100644
index 9fb161dc..00000000
--- a/templates/service/snmp/node.def
+++ /dev/null
@@ -1,27 +0,0 @@
-priority: 980
-help: Simple Network Management Protocol (SNMP)
-commit:expression: $VAR(community/) != "" || $VAR(community6/) != "" || $VAR(v3/) != "" \
- ; "must configure a community or community6 or v3"
-
-create: if [ ! -d "/config/snmp" ]; then sudo mkdir /config/snmp ; fi
-delete: touch /tmp/snmp.$PPID
-end:if [ -f "/tmp/snmp.$PPID" ]
- then
- sudo /opt/vyatta/sbin/vyatta-snmp.pl --stop-snmp;
- rm /tmp/snmp.$PPID;
- sudo rm -f /etc/snmp/snmpd.conf;
- else
- if [ -n "$VAR(v3/)" ]; then
- sudo /opt/vyatta/sbin/vyatta-snmp-v3.pl --check-config;
- if [ $? != 0 ]; then
- exit 1;
- fi
- fi
- sudo /opt/vyatta/sbin/vyatta-snmp.pl --update-snmp;
- if [ -n "$VAR(v3/)" ]
- then
- sudo /opt/vyatta/sbin/vyatta-snmp-v3.pl --update-snmp;
- else
- sudo invoke-rc.d snmpd start > /dev/null 2>&1;
- fi
- fi
diff --git a/templates/service/snmp/smux-peer/node.def b/templates/service/snmp/smux-peer/node.def
deleted file mode 100644
index 638e9367..00000000
--- a/templates/service/snmp/smux-peer/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-multi:
-type: txt
-help: Register a subtree for SMUX-based processing
-val_help: oid; Object Identifier
diff --git a/templates/service/snmp/trap-source/node.def b/templates/service/snmp/trap-source/node.def
deleted file mode 100644
index a4b2617f..00000000
--- a/templates/service/snmp/trap-source/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: ipv4,ipv6
-help: SNMP trap source address
diff --git a/templates/service/snmp/trap-target/node.def b/templates/service/snmp/trap-target/node.def
deleted file mode 100644
index cf0c963c..00000000
--- a/templates/service/snmp/trap-target/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-tag:
-type: ipv4,ipv6
-help: Address of trap target
diff --git a/templates/service/snmp/trap-target/node.tag/community/node.def b/templates/service/snmp/trap-target/node.tag/community/node.def
deleted file mode 100644
index 3b4068a8..00000000
--- a/templates/service/snmp/trap-target/node.tag/community/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: txt
-help: Community used when sending trap information
diff --git a/templates/service/snmp/trap-target/node.tag/port/node.def b/templates/service/snmp/trap-target/node.tag/port/node.def
deleted file mode 100644
index d5ee579a..00000000
--- a/templates/service/snmp/trap-target/node.tag/port/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-type: u32
-help: Destination port used for trap notification
-
-val_help: u32:1-65535; Numeric IP port
-syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \
- "Port number must be in range 1 to 65535"
diff --git a/templates/service/snmp/v3/engineid/node.def b/templates/service/snmp/v3/engineid/node.def
deleted file mode 100644
index f8de80cc..00000000
--- a/templates/service/snmp/v3/engineid/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: txt
-help: Specifies the EngineID as a hex value (e.g., 0xff42)
-syntax:expression: pattern $VAR(@) "^(0x){0,1}([0-9a-f][0-9a-f]){1,18}$" ; "id must contain an even number (from 2 to 36) of hex digits"
diff --git a/templates/service/snmp/v3/group/node.def b/templates/service/snmp/v3/group/node.def
deleted file mode 100644
index 95d0413c..00000000
--- a/templates/service/snmp/v3/group/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-tag:
-type: txt
-help: Specifies the group with name groupname
-syntax:expression: pattern $VAR(@) "^[^\(\)\|\&-]+$" ; "illegal characters in name"
-syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_snmp_name.pl $VAR(@)"
-commit:expression: $VAR(view/) != "" ; "must specify view"
-commit:expression: $VAR(mode/) != "" ; "must specify mode"
-commit:expression: $VAR(seclevel/) != "" ; "must specify security level"
diff --git a/templates/service/snmp/v3/group/node.tag/mode/node.def b/templates/service/snmp/v3/group/node.tag/mode/node.def
deleted file mode 100644
index a6d36de5..00000000
--- a/templates/service/snmp/v3/group/node.tag/mode/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "ro"
-help: Defines the read/write access
-syntax:expression: $VAR(@) in "ro", "rw"
-allowed: echo ro rw
-
-val_help: ro;
-val_help: rw;
diff --git a/templates/service/snmp/v3/group/node.tag/seclevel/node.def b/templates/service/snmp/v3/group/node.tag/seclevel/node.def
deleted file mode 100644
index 2b0aa67b..00000000
--- a/templates/service/snmp/v3/group/node.tag/seclevel/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: txt
-help: Defines security level
-syntax:expression: $VAR(@) in "auth", "priv"
-allowed: echo auth priv
-
-val_help: priv;
-val_help: auth;
diff --git a/templates/service/snmp/v3/group/node.tag/view/node.def b/templates/service/snmp/v3/group/node.tag/view/node.def
deleted file mode 100644
index af7d33c9..00000000
--- a/templates/service/snmp/v3/group/node.tag/view/node.def
+++ /dev/null
@@ -1,11 +0,0 @@
-type: txt
-help: Defines the name of view
-allowed: list=`cli-shell-api listNodes service snmp v3 view`
- echo $list
-syntax:expression:exec "regex=\"(^| )$VAR(@)( |$)\"; \
- if [[ \"$VAR(/service/snmp/v3/view/@@)\" =~ $regex ]] ; \
- then \
- exit 0; \
- else \
- exit 1; \
- fi" ; "You must create \"$VAR(@)\" view first"
diff --git a/templates/service/snmp/v3/node.def b/templates/service/snmp/v3/node.def
deleted file mode 100644
index f89d2328..00000000
--- a/templates/service/snmp/v3/node.def
+++ /dev/null
@@ -1,30 +0,0 @@
-help: Simple Network Management Protocol (SNMP) v3
-
-create: if [ ! -d "/config/snmp/tls" ]; then
- sudo mkdir /config/snmp/tls ;
- if [ -d "/etc/snmp/tls" ] ; then
- sudo mv /etc/snmp/tls/* /config/snmp/tls > /dev/null 2>&1;
- sudo chmod -R 600 /config/snmp/tls;
- sudo rmdir /etc/snmp/tls > /dev/null 2>&1;
- sudo rm /etc/snmp/tls > /dev/null 2>&1;
- fi
- sudo ln -s /config/snmp/tls /etc/snmp/tls;
- fi
- lnk=`readlink /etc/snmp/tls`
- if [ "$lnk" != "/config/snmp/tls" ]; then
- sudo rm -f /etc/snmp/tls;
- sudo ln -s /config/snmp/tls /etc/snmp/tls;
- fi
-
-begin: if [ -d "/config/snmp/tls" ]; then
- sudo chown -R snmp /config/snmp/tls;
- sudo chmod -R 600 /config/snmp/tls;
- fi
-
-delete: touch /tmp/snmp-v3.$PPID
-
-end:if [ -f "/tmp/snmp-v3.$PPID" ]
- then
- sudo /opt/vyatta/sbin/vyatta-snmp-v3.pl --delete-snmp
- rm /tmp/snmp-v3.$PPID
- fi \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.def b/templates/service/snmp/v3/trap-target/node.def
deleted file mode 100644
index 6c2717a8..00000000
--- a/templates/service/snmp/v3/trap-target/node.def
+++ /dev/null
@@ -1,14 +0,0 @@
-tag:
-type: txt
-help: Defines SNMP target for inform or traps for IP
-syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)/20"
-commit:expression: $VAR(type/) != ""; "must specify type"
-commit:expression: $VAR(auth/) != ""; "must specify auth"
-commit:expression: $VAR(protocol/) != ""; "must specify protocol"
-commit:expression: $VAR(user/) != ""; "must specify user"
-commit:expression: $VAR(port/) != ""; "must specify port"
-commit:expression: $VAR(type/@) == "inform" || ( $VAR(type/@) == "trap" && $VAR(engineid/) != "" ); \
- "must specify engineid if type is 'trap'"
-
-val_help: <x.x.x.x>; IP address of trap target
-val_help: <h:h:h:h:h:h:h:h>; IPv6 address of trap target \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def
deleted file mode 100644
index 2365b055..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/auth/encrypted-key/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: txt
-help: Defines the encrypted password for authentication
-syntax:expression: pattern $VAR(@) "^0x[0-9a-f]*$" ; "key must start from '0x' and contain hex digits" \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/node.def
deleted file mode 100644
index 5c7df0ef..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/auth/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-help: Defines the authentication
-commit:expression: $VAR(type/) != "" ; "must specify type"
-commit:expression: $VAR(encrypted-key/) != "" || $VAR(plaintext-key/) != "" ; "must specify encrypted-key or plaintext-key"
-commit:expression: !($VAR(encrypted-key/) != "" && $VAR(plaintext-key/) != "") ; "must specify only one of encrypted-key and plaintext-key" \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def
deleted file mode 100644
index 34563e73..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/auth/plaintext-key/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: txt
-help: Defines the clear text password for authentication
-syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters"
diff --git a/templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def b/templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def
deleted file mode 100644
index 5a2ffc52..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/auth/type/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "md5"
-help: Defines the protocol using for authentication
-syntax:expression: $VAR(@) in "md5", "sha"
-allowed: echo md5 sha
-
-val_help: md5; Message Digest 5
-val_help: sha; Secure Hash Algorithm \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/engineid/node.def b/templates/service/snmp/v3/trap-target/node.tag/engineid/node.def
deleted file mode 100644
index 45d522ea..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/engineid/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: txt
-help: Defines the engineID. (needs for trap)
-syntax:expression: pattern $VAR(@) "^(0x){0,1}([0-9a-f][0-9a-f]){1,18}$" ; "id must contain from 2 to 36 hex digits" \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/port/node.def b/templates/service/snmp/v3/trap-target/node.tag/port/node.def
deleted file mode 100644
index b38cd1e5..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/port/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: u32
-default: 162
-help: Specifies the TCP/UDP port of a destination for SNMP traps/informs.
-
-val_help: u32:1-65535; Numeric IP port
-syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \
- "Port number must be in range 1 to 65535"
diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def
deleted file mode 100644
index 4e762b9f..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/privacy/encrypted-key/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: txt
-help: Defines the encrypted key for privacy protocol
-syntax:expression: pattern $VAR(@) "^0x[0-9a-f]*$" ; "key must start from '0x' and contain hex digits" \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/node.def
deleted file mode 100644
index 900cfc9d..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/privacy/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-help: Defines the privacy
-commit:expression: $VAR(type/) != "" ; "must specify type"
-commit:expression: $VAR(encrypted-key/) != "" || $VAR(plaintext-key/) != "" ; "must specify encrypted-key or plaintext-key"
-commit:expression: !($VAR(encrypted-key/) != "" && $VAR(plaintext-key/) != "") ; "must specify only one of encrypted-key and plaintext-key"
diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def
deleted file mode 100644
index a2442637..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/privacy/plaintext-key/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: txt
-help: Defines the clear text key for privacy protocol
-syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters"
diff --git a/templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def b/templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def
deleted file mode 100644
index bbfd5331..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/privacy/type/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "des"
-help: Defines the protocol for privacy
-syntax:expression: $VAR(@) in "des", "aes"
-allowed: echo des aes
-
-val_help: des; Data Encryption Standard
-val_help: aes; Advanced Encryption Standard \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/protocol/node.def b/templates/service/snmp/v3/trap-target/node.tag/protocol/node.def
deleted file mode 100644
index ce96ca38..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/protocol/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "udp"
-help: Defines protocol for notification between TCP and UDP
-syntax:expression: $VAR(@) in "tcp", "udp"
-allowed: echo tcp udp
-
-val_help: tcp;
-val_help: udp; \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/type/node.def b/templates/service/snmp/v3/trap-target/node.tag/type/node.def
deleted file mode 100644
index f678ae69..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/type/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "inform"
-help: Specifies the type of notification between inform and trap
-syntax:expression: $VAR(@) in "inform", "trap"
-allowed: echo inform trap
-
-val_help: inform;
-val_help: trap; \ No newline at end of file
diff --git a/templates/service/snmp/v3/trap-target/node.tag/user/node.def b/templates/service/snmp/v3/trap-target/node.tag/user/node.def
deleted file mode 100644
index a0ed8cbf..00000000
--- a/templates/service/snmp/v3/trap-target/node.tag/user/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-type: txt
-help: Defines username for authentication
-allowed: list=`cli-shell-api listNodes service snmp v3 user`
- echo $list
diff --git a/templates/service/snmp/v3/tsm/local-key/node.def b/templates/service/snmp/v3/tsm/local-key/node.def
deleted file mode 100644
index a630dff8..00000000
--- a/templates/service/snmp/v3/tsm/local-key/node.def
+++ /dev/null
@@ -1,14 +0,0 @@
-type: txt
-help: Defines the server certificate fingerprint or key-file name.
-allowed: if sudo [ -d /etc/snmp/tls/certs ]; then
- sudo ls /etc/snmp/tls/certs 2> /dev/null
- else
- sudo ls /config/snmp/tls/certs 2> /dev/null
- fi
-syntax:expression: pattern $VAR(@) "^[0-9A-F]{2}(:[0-9A-F]{2}){19}$" ||
- exec "if sudo [ -f /etc/snmp/tls/certs/$VAR(@) -o -f /config/snmp/tls/certs/$VAR(@) ]; \
- then \
- exit 0; \
- else \
- exit 1; \
- fi" ; "value can be finger print key or filename in /config/snmp/tls/certs/ folder" \ No newline at end of file
diff --git a/templates/service/snmp/v3/tsm/node.def b/templates/service/snmp/v3/tsm/node.def
deleted file mode 100644
index 3d12f21d..00000000
--- a/templates/service/snmp/v3/tsm/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Specifies that the snmpd uses encryption.
-commit:expression: $VAR(port/) != "" ; "must specify port"
-commit:expression: $VAR(local-key/) != "" ; "must specify local-key" \ No newline at end of file
diff --git a/templates/service/snmp/v3/tsm/port/node.def b/templates/service/snmp/v3/tsm/port/node.def
deleted file mode 100644
index 86fd6cca..00000000
--- a/templates/service/snmp/v3/tsm/port/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: u32
-default: 10161
-help: Defines the port for tsm.
-
-val_help: u32:1-65535; Numeric IP port
-syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \
- "Port number must be in range 1 to 65535"
diff --git a/templates/service/snmp/v3/user/node.def b/templates/service/snmp/v3/user/node.def
deleted file mode 100644
index 32e0f61f..00000000
--- a/templates/service/snmp/v3/user/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-tag:
-type: txt
-help: Specifies the user with name username
-syntax:expression: pattern $VAR(@) "^[^\(\)\|\&-]+$" ; "illegal characters in name"
-syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_snmp_name.pl $VAR(@)"
-commit:expression: $VAR(auth/) != "" || $VAR(tsm-key/) != ""; "must specify auth or tsm-key"
-commit:expression: $VAR(mode/) != ""; "must specify mode"
diff --git a/templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def b/templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def
deleted file mode 100644
index 3cf6bd31..00000000
--- a/templates/service/snmp/v3/user/node.tag/auth/encrypted-key/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: txt
-help: Defines the encrypted key for authentication protocol
diff --git a/templates/service/snmp/v3/user/node.tag/auth/node.def b/templates/service/snmp/v3/user/node.tag/auth/node.def
deleted file mode 100644
index 68959a8e..00000000
--- a/templates/service/snmp/v3/user/node.tag/auth/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Specifies the auth
-commit:expression: $VAR(type/) != "" ; "must specify type"
-commit:expression: $VAR(plaintext-key/) != "" || $VAR(encrypted-key/) != "" ; "must specify plaintext-key or encrypted-key" \ No newline at end of file
diff --git a/templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def b/templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def
deleted file mode 100644
index 7be1bc65..00000000
--- a/templates/service/snmp/v3/user/node.tag/auth/plaintext-key/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-type: txt
-help: Defines the key in the clear text for authentication protocol
-syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters"
-
-update:expression: $VAR(../encrypted-key/@) = "" && $VAR(../../engineid/@) = ""
-update:expression: $VAR(../../../engineid/@) != "" || $VAR(../../../engineid/@) = ""
diff --git a/templates/service/snmp/v3/user/node.tag/auth/type/node.def b/templates/service/snmp/v3/user/node.tag/auth/type/node.def
deleted file mode 100644
index 5a2ffc52..00000000
--- a/templates/service/snmp/v3/user/node.tag/auth/type/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "md5"
-help: Defines the protocol using for authentication
-syntax:expression: $VAR(@) in "md5", "sha"
-allowed: echo md5 sha
-
-val_help: md5; Message Digest 5
-val_help: sha; Secure Hash Algorithm \ No newline at end of file
diff --git a/templates/service/snmp/v3/user/node.tag/engineid/node.def b/templates/service/snmp/v3/user/node.tag/engineid/node.def
deleted file mode 100644
index 84cf1443..00000000
--- a/templates/service/snmp/v3/user/node.tag/engineid/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-type: txt
-help: Specifies the EngineID
-syntax:expression: pattern $VAR(@) "^(0x){0,1}([0-9a-f][0-9a-f]){1,18}$" ; "id must contain from 2 to 36 hex digits"
diff --git a/templates/service/snmp/v3/user/node.tag/group/node.def b/templates/service/snmp/v3/user/node.tag/group/node.def
deleted file mode 100644
index 66543579..00000000
--- a/templates/service/snmp/v3/user/node.tag/group/node.def
+++ /dev/null
@@ -1,11 +0,0 @@
-type: txt
-help: Specifies group for user name
-allowed: list=`cli-shell-api listNodes service snmp v3 group`
- echo $list
-syntax:expression:exec "regex=\"(^| )$VAR(@)( |$)\"; \
- if [[ \"$VAR(/service/snmp/v3/group/@@)\" =~ $regex ]] ; \
- then \
- exit 0; \
- else \
- exit 1; \
- fi" ; "You must create \"$VAR(@)\" group first"
diff --git a/templates/service/snmp/v3/user/node.tag/mode/node.def b/templates/service/snmp/v3/user/node.tag/mode/node.def
deleted file mode 100644
index 9855f5fb..00000000
--- a/templates/service/snmp/v3/user/node.tag/mode/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "ro"
-help: Specifies the mode for access rights of user, read only or write
-syntax:expression: $VAR(@) in "ro", "rw"
-allowed: echo ro rw
-
-val_help: ro;
-val_help: rw;
diff --git a/templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def b/templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def
deleted file mode 100644
index 8feef111..00000000
--- a/templates/service/snmp/v3/user/node.tag/privacy/encrypted-key/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-type: txt
-help: Defines the encrypted key for privacy protocol
diff --git a/templates/service/snmp/v3/user/node.tag/privacy/node.def b/templates/service/snmp/v3/user/node.tag/privacy/node.def
deleted file mode 100644
index 94bf850c..00000000
--- a/templates/service/snmp/v3/user/node.tag/privacy/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Specifies the privacy
-commit:expression: $VAR(type/) != "" ; "must specify type"
-commit:expression: $VAR(plaintext-key/) != "" || $VAR(encrypted-key/) != "" ; "must specify plaintext-key or encrypted-key" \ No newline at end of file
diff --git a/templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def b/templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def
deleted file mode 100644
index a9543530..00000000
--- a/templates/service/snmp/v3/user/node.tag/privacy/plaintext-key/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-type: txt
-help: Defines the key in the clear text for protocol for privacy
-syntax:expression: pattern $VAR(@) "^.{8,}$" ; "key must contain 8 or more characters"
-
-update:expression: $VAR(../encrypted-key/@) = "" && $VAR(../../engineid/@) = ""
-update:expression: $VAR(../../../engineid/@) != "" || $VAR(../../../engineid/@) = "" \ No newline at end of file
diff --git a/templates/service/snmp/v3/user/node.tag/privacy/type/node.def b/templates/service/snmp/v3/user/node.tag/privacy/type/node.def
deleted file mode 100644
index bbfd5331..00000000
--- a/templates/service/snmp/v3/user/node.tag/privacy/type/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-type: txt
-default: "des"
-help: Defines the protocol for privacy
-syntax:expression: $VAR(@) in "des", "aes"
-allowed: echo des aes
-
-val_help: des; Data Encryption Standard
-val_help: aes; Advanced Encryption Standard \ No newline at end of file
diff --git a/templates/service/snmp/v3/user/node.tag/tsm-key/node.def b/templates/service/snmp/v3/user/node.tag/tsm-key/node.def
deleted file mode 100644
index b41be079..00000000
--- a/templates/service/snmp/v3/user/node.tag/tsm-key/node.def
+++ /dev/null
@@ -1,14 +0,0 @@
-type: txt
-help: Specifies finger print or file name of TSM certificate.
-allowed: if sudo [ -d /etc/snmp/tls/certs ]; then
- sudo ls /etc/snmp/tls/certs 2> /dev/null
- else
- sudo ls /config/snmp/tls/certs 2> /dev/null
- fi
-syntax:expression: pattern $VAR(@) "^[0-9A-F]{2}(:[0-9A-F]{2}){19}$" ||
- exec "if sudo [ -f /etc/snmp/tls/certs/$VAR(@) -o -f /config/snmp/tls/certs/$VAR(@) ]; \
- then \
- exit 0; \
- else \
- exit 1; \
- fi" ; "value can be finger print key or filename in /etc/snmp/tls/certs folder" \ No newline at end of file
diff --git a/templates/service/snmp/v3/view/node.def b/templates/service/snmp/v3/view/node.def
deleted file mode 100644
index 1fa589ae..00000000
--- a/templates/service/snmp/v3/view/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-tag:
-type: txt
-help: Specifies the view with name viewname
-syntax:expression: pattern $VAR(@) "^[^\(\)\|\&-]+$" ; "illegal characters in name"
-syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_snmp_name.pl $VAR(@)"
-commit:expression: $VAR(oid/) != ""; "must configure an oid"
diff --git a/templates/service/snmp/v3/view/node.tag/oid/node.def b/templates/service/snmp/v3/view/node.tag/oid/node.def
deleted file mode 100644
index ca2a5c5d..00000000
--- a/templates/service/snmp/v3/view/node.tag/oid/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-tag:
-type: txt
-help: Specifies the oid
-syntax:expression: pattern $VAR(@) "^[0-9]+(\\.[0-9]+)*$" ; "oid must start from a number"
diff --git a/templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def b/templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def
deleted file mode 100644
index df3611cb..00000000
--- a/templates/service/snmp/v3/view/node.tag/oid/node.tag/exclude/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Exclude is optional argument.
diff --git a/templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def b/templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def
deleted file mode 100644
index bc500afe..00000000
--- a/templates/service/snmp/v3/view/node.tag/oid/node.tag/mask/node.def
+++ /dev/null
@@ -1,4 +0,0 @@
-type: txt
-help: Defines a bit-mask that is indicating which subidentifiers of the associated subtree OID should be regarded as significant.
-syntax:expression: pattern $VAR(@) "^[0-9a-f]{2}([\\.:][0-9a-f]{2})*$" ; \
- "MASK is a list of hex octets, separated by '.' or ':'" \ No newline at end of file
diff --git a/templates/service/ssh/allow-root/node.def b/templates/service/ssh/allow-root/node.def
deleted file mode 100644
index c1e6abf2..00000000
--- a/templates/service/ssh/allow-root/node.def
+++ /dev/null
@@ -1,5 +0,0 @@
-help: Enable root login over ssh
-
-create: sudo sed -i -e '/^PermitRootLogin/s/no/yes/' /etc/ssh/sshd_config
-
-delete: sudo sed -i -e '/^PermitRootLogin/s/yes/no/' /etc/ssh/sshd_config
diff --git a/templates/service/ssh/ciphers/node.def b/templates/service/ssh/ciphers/node.def
deleted file mode 100644
index 7eab846e..00000000
--- a/templates/service/ssh/ciphers/node.def
+++ /dev/null
@@ -1,29 +0,0 @@
-type: txt
-help: Allowed ciphers
-val_help: txt; Cipher string
-val_help: 3des-cbc; 3DES CBC
-val_help: aes128-cbc; AES 128 CBC
-val_help: aes192-cbc; AES 192 CBC
-val_help: aes256-cbc; AES 256 CBC
-val_help: aes128-ctr; AES 128 CTR
-val_help: aes192-ctr; AES 192 CTR
-val_help: aes256-ctr; AES 256 CTR
-val_help: arcfour128; AC4 128
-val_help: arcfour256; AC4 256
-val_help: arcfour; AC4
-val_help: blowfish-cbc; Blowfish CBC
-val_help: cast128-cbc; CAST 128 CBC
-comp_help: Multiple ciphers can be specified as a comma-separated list.
-
-syntax:expression: pattern $VAR(@) "^((3des-cbc|aes128-cbc|aes192-cbc|aes256-cbc|aes128-ctr|aes192-ctr|\
-aes256-ctr|arcfour128|arcfour256|arcfour|\
-blowfish-cbc|cast128-cbc)(,|$))+$"; \
-"$VAR(@) is not a valid cipher list"
-
-create: sudo sed -i -e '$ a \
-Ciphers $VAR(@)' /etc/ssh/sshd_config
-
-delete: sudo sed -i -e '/^Ciphers $VAR(@)$/d' /etc/ssh/sshd_config
-
-update: sudo sed -i -e '/^Ciphers/c \
-Ciphers $VAR(@)' /etc/ssh/sshd_config
diff --git a/templates/service/ssh/disable-host-validation/node.def b/templates/service/ssh/disable-host-validation/node.def
deleted file mode 100644
index fff28dbd..00000000
--- a/templates/service/ssh/disable-host-validation/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-help: Don't validate the remote host name with DNS
-
-update: sudo sed -i -e '/^UseDNS/s/yes/no/' /etc/ssh/sshd_config
-
-delete: sudo sed -i -e '/^UseDNS/s/no/yes/' /etc/ssh/sshd_config
-
diff --git a/templates/service/ssh/disable-password-authentication/node.def b/templates/service/ssh/disable-password-authentication/node.def
deleted file mode 100644
index 59abacfc..00000000
--- a/templates/service/ssh/disable-password-authentication/node.def
+++ /dev/null
@@ -1,5 +0,0 @@
-help: Don't allow unknown user to login with password
-
-update: sudo sed -i -e '/^PasswordAuthentication/s/yes/no/' /etc/ssh/sshd_config
-
-delete: sudo sed -i -e '/^PasswordAuthentication/s/no/yes/' /etc/ssh/sshd_config
diff --git a/templates/service/ssh/listen-address/node.def b/templates/service/ssh/listen-address/node.def
deleted file mode 100644
index aeff03f2..00000000
--- a/templates/service/ssh/listen-address/node.def
+++ /dev/null
@@ -1,10 +0,0 @@
-multi:
-type: ipv4,ipv6
-help: Local addresses SSH service should listen on
-val_help: ipv4: IP address to listen for incoming connections
-val_help: ipv6: IPv6 address to listen for incoming connections
-
-create: sudo sed -i -e '/^Port/a \
-ListenAddress $VAR(@)' /etc/ssh/sshd_config
-
-delete: sudo sed -i -e '/^ListenAddress $VAR(@)$/d' /etc/ssh/sshd_config
diff --git a/templates/service/ssh/macs/node.def b/templates/service/ssh/macs/node.def
deleted file mode 100644
index ee6c60e1..00000000
--- a/templates/service/ssh/macs/node.def
+++ /dev/null
@@ -1,10 +0,0 @@
-type: txt
-help: Specifies the available MAC (message authentication code) algorithms. The MAC algorithm is used in protocol version 2 for data integrity protection. Multiple algorithms must be comma-separated. See 'man sshd_config' for supported MACs.
-
-create: sudo sed -i -e '$ a \
-MACs $VAR(@)' /etc/ssh/sshd_config
-
-delete: sudo sed -i -e '/^MACs $VAR(@)$/d' /etc/ssh/sshd_config
-
-update: sudo sed -i -e '/^MACs/c \
-MACs $VAR(@)' /etc/ssh/sshd_config \ No newline at end of file
diff --git a/templates/service/ssh/node.def b/templates/service/ssh/node.def
deleted file mode 100644
index 7117a2fd..00000000
--- a/templates/service/ssh/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-priority: 500 # After syslog and logins
-help: Secure SHell (SSH) protocol
-delete:sudo /usr/sbin/invoke-rc.d ssh stop
- sudo sh -c "echo 'SSHD_OPTS=' > /etc/default/ssh"
-end: if [ -z "$VAR(port/@)" ]; then exit 0; fi
- STR="SSHD_OPTS=\"-p $VAR(port/@)\""
- sudo sh -c "echo '$STR' > /etc/default/ssh"
- sudo /usr/sbin/invoke-rc.d ssh restart
diff --git a/templates/service/ssh/port/node.def b/templates/service/ssh/port/node.def
deleted file mode 100644
index d4f53378..00000000
--- a/templates/service/ssh/port/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: u32
-default: 22
-help: Port for SSH service
-val_help: u32:1-65535; Numeric IP port
-
-syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \
- "Port number must be in range 1 to 65535"
diff --git a/templates/service/telnet/allow-root/node.def b/templates/service/telnet/allow-root/node.def
deleted file mode 100644
index 39c78062..00000000
--- a/templates/service/telnet/allow-root/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Enable root login over telnet
-create: /opt/vyatta/sbin/vyatta_update_telnet allow-root true
-delete:/opt/vyatta/sbin/vyatta_update_telnet allow-root false
diff --git a/templates/service/telnet/listen-address/node.def b/templates/service/telnet/listen-address/node.def
deleted file mode 100644
index cd016628..00000000
--- a/templates/service/telnet/listen-address/node.def
+++ /dev/null
@@ -1,7 +0,0 @@
-type: ipv4,ipv6
-help: Local addresses telnet should listen on
-val_help: ipv4: IP address to listen for incoming connections
-val_help: ipv6: IPv6 address to listen for incoming connections
-
-commit:expression: exec "/opt/vyatta/sbin/local_ip $VAR(@)"; \
- "IP address $VAR(@) doesn\'t exist on this system"
diff --git a/templates/service/telnet/node.def b/templates/service/telnet/node.def
deleted file mode 100644
index e173d243..00000000
--- a/templates/service/telnet/node.def
+++ /dev/null
@@ -1,8 +0,0 @@
-priority: 500 # After syslog and logins
-help: Enable/disable Network Virtual Terminal Protocol (TELNET) protocol
-update: touch /tmp/vyatta-telnet.$PPID
-delete: /opt/vyatta/sbin/vyatta_update_telnet disable
-end: if [ -f /tmp/vyatta-telnet.$PPID ]; then
- rm -f /tmp/vyatta-telnet.$PPID
- /opt/vyatta/sbin/vyatta_update_telnet enable $VAR(port/@) $VAR(listen-address/@)
- fi
diff --git a/templates/service/telnet/port/node.def b/templates/service/telnet/port/node.def
deleted file mode 100644
index c4db688a..00000000
--- a/templates/service/telnet/port/node.def
+++ /dev/null
@@ -1,9 +0,0 @@
-type: u32
-default: 23
-help: Port for TELNET service
-
-val_help: u32:1-65535; Numeric IP port
-syntax:expression: $VAR(@) > 0 && $VAR(@) <= 65535 ; \
- "Port number must be in range 1 to 65535"
-commit:expression: exec "sudo /opt/vyatta/sbin/is_port_available.pl $VAR(@)"; \
- "Port $VAR(@) is already in use!"
diff --git a/templates/system/console/device/node.tag/speed/node.def b/templates/system/console/device/node.tag/speed/node.def
index e7515dca..3a117301 100644
--- a/templates/system/console/device/node.tag/speed/node.def
+++ b/templates/system/console/device/node.tag/speed/node.def
@@ -1,5 +1,5 @@
type: u32
-help: Console baud rate
+help: Console baud rate. New rate will take effect on reboot.
allowed: echo 1200 2400 4800 9600 19200 38400 57600 115200
syntax:expression: $VAR(@) in 1200, 2400, 4800, 9600, 19200, 38400, \
57600, 115200 ; "unknown baud rate"
diff --git a/templates/system/domain-name/node.def b/templates/system/domain-name/node.def
deleted file mode 100644
index 4866ddf8..00000000
--- a/templates/system/domain-name/node.def
+++ /dev/null
@@ -1,12 +0,0 @@
-priority: 400
-type: txt
-help: System domain name
-
-# Allow letter-number-hyphen in label (but can not start or end with hyphen)
-syntax:expression: exec "/opt/vyatta/sbin/vyatta_check_domainname.pl $VAR(../host-name).$VAR(@)"
-
-update: sudo /opt/vyatta/sbin/vyatta_update_resolv.pl
- sudo /opt/vyatta/sbin/vyatta_update_hosts.pl --no-restart-services
-
-delete: sudo /opt/vyatta/sbin/vyatta_update_resolv.pl
- sudo /opt/vyatta/sbin/vyatta_update_hosts.pl --no-restart-services
diff --git a/templates/system/host-name/node.def b/templates/system/host-name/node.def
deleted file mode 100644
index 00798bef..00000000
--- a/templates/system/host-name/node.def
+++ /dev/null
@@ -1,12 +0,0 @@
-priority: 100
-type: txt
-help: System host name (default: vyos)
-default: "vyos"
-syntax:expression: pattern $VAR(@) "^[[:alnum:]][-.[:alnum:]]*[[:alnum:]]$"
- ; "invalid host name $VAR(@)"
-
-syntax:expression: pattern $VAR(@) "^.{1,63}$" ; "invalid host-name length"
-
-update: sudo /opt/vyatta/sbin/vyatta_update_hosts.pl
-
-delete: sudo /opt/vyatta/sbin/vyatta_update_hosts.pl
diff --git a/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def b/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def
index 5ad1c58b..bf789e06 100644
--- a/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def
+++ b/templates/system/login/user/node.tag/authentication/public-keys/node.tag/type/node.def
@@ -1,4 +1,4 @@
type: txt
help: Public key type
-allowed: echo "ssh-dss ssh-rsa"
-syntax:expression: $VAR(@) in "ssh-rsa", "ssh-dss" ; "Unknown key type"
+allowed: echo "ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519"
+syntax:expression: $VAR(@) in "ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", "ecdsa-sha2-nistp384", "ecdsa-sha2-nistp521", "ssh-ed25519"; "Unknown key type"
diff --git a/templates/system/ntp/client/address/node.def b/templates/system/ntp/client/address/node.def
deleted file mode 100644
index a48a2b5a..00000000
--- a/templates/system/ntp/client/address/node.def
+++ /dev/null
@@ -1,6 +0,0 @@
-multi:
-type: ipv4net,ipv6net
-help: IP address
-
-val_help: ipv4net; IP address and prefix length
-val_help: ipv6net; IPv6 address and prefix length
diff --git a/templates/system/ntp/client/node.def b/templates/system/ntp/client/node.def
deleted file mode 100644
index dd849f8f..00000000
--- a/templates/system/ntp/client/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Network Time Protocol (NTP) client
diff --git a/templates/system/ntp/node.def b/templates/system/ntp/node.def
deleted file mode 100644
index 38e67e05..00000000
--- a/templates/system/ntp/node.def
+++ /dev/null
@@ -1,16 +0,0 @@
-priority: 400
-help: Network Time Protocol (NTP) configuration
-
-end:
- sudo /opt/vyatta/sbin/vyatta_update_ntp.pl
- if grep -q '^server' /etc/ntp.conf
- then
- if pgrep -f -u ntp /usr/sbin/ntpd > /dev/null
- then
- sudo /usr/sbin/invoke-rc.d ntp force-reload
- else
- sudo /usr/sbin/invoke-rc.d ntp start
- fi
- else
- sudo /usr/sbin/invoke-rc.d ntp stop
- fi
diff --git a/templates/system/ntp/server/node.def b/templates/system/ntp/server/node.def
deleted file mode 100644
index 383bd992..00000000
--- a/templates/system/ntp/server/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-tag:
-type: txt
-help: Network Time Protocol (NTP) server
diff --git a/templates/system/ntp/server/node.tag/dynamic/node.def b/templates/system/ntp/server/node.tag/dynamic/node.def
deleted file mode 100644
index 2d68de16..00000000
--- a/templates/system/ntp/server/node.tag/dynamic/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Allow server to be configured even if not reachable
-
diff --git a/templates/system/ntp/server/node.tag/noselect/node.def b/templates/system/ntp/server/node.tag/noselect/node.def
deleted file mode 100644
index e2e061b5..00000000
--- a/templates/system/ntp/server/node.tag/noselect/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Marks the server as unused
diff --git a/templates/system/ntp/server/node.tag/preempt/node.def b/templates/system/ntp/server/node.tag/preempt/node.def
deleted file mode 100644
index ca89efa1..00000000
--- a/templates/system/ntp/server/node.tag/preempt/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Specifies the association as preemptable rather than the default persistent
diff --git a/templates/system/ntp/server/node.tag/prefer/node.def b/templates/system/ntp/server/node.tag/prefer/node.def
deleted file mode 100644
index 4855fd41..00000000
--- a/templates/system/ntp/server/node.tag/prefer/node.def
+++ /dev/null
@@ -1 +0,0 @@
-help: Marks the server as preferred
diff --git a/templates/system/options/ctrl-alt-del-action/node.def b/templates/system/options/ctrl-alt-del-action/node.def
index 3bbf2a81..a853b151 100644
--- a/templates/system/options/ctrl-alt-del-action/node.def
+++ b/templates/system/options/ctrl-alt-del-action/node.def
@@ -12,15 +12,15 @@ syntax:expression: $VAR(@) in "ignore", "reboot", "poweroff"; "Value must be ign
end:
if [ $VAR(@) == "ignore" ]; then
- sudo sh -c "sed -i -e 's/^ca.*/ca:12345:ctrlaltdel:/' \
- /etc/inittab"
+ sudo sh -c "ln -sf /dev/null \
+ /lib/systemd/system/ctrl-alt-del.target"
elif [ $VAR(@) == "reboot" ]; then
- sudo sh -c "sed -i -e 's/^ca.*/ca:12345:ctrlaltdel:\/sbin\/reboot/' \
- /etc/inittab"
+ sudo sh -c "ln -sf /lib/systemd/system/reboot.target \
+ /lib/systemd/system/ctrl-alt-del.target"
elif [ $VAR(@) == "poweroff" ]; then
- sudo sh -c "sed -i -e 's/^ca.*/ca:12345:ctrlaltdel:\/sbin\/shutdown -h now/' \
- /etc/inittab"
+ sudo sh -c "ln -sf /lib/systemd/system/poweroff.target \
+ /lib/systemd/system/ctrl-alt-del.target"
fi
- # Reload /etc/inittab for change to take effect
- sudo /sbin/init q
+ # Reload systemd daemon for change to take effect
+ sudo /bin/systemctl daemon-reload
diff --git a/templates/system/options/enable-popularity-contest/node.def b/templates/system/options/enable-popularity-contest/node.def
deleted file mode 100644
index 3f048352..00000000
--- a/templates/system/options/enable-popularity-contest/node.def
+++ /dev/null
@@ -1,9 +0,0 @@
-help: Send anonymous system statistic to VyOS maintainers
-
-create:
- sudo sh -c 'echo "#!/bin/sh" > /etc/cron.weekly/01vyos-popcon'
- sudo sh -c 'echo "/opt/vyatta/bin/vyos-popcon.pl 2>&1 >/var/log/popcon.log" >> /etc/cron.weekly/01vyos-popcon'
- sudo sh -c 'chmod +x /etc/cron.weekly/01vyos-popcon'
-
-delete:
- sudo rm -f /etc/cron.weekly/01vyos-popcon
diff --git a/templates/system/static-host-mapping/host-name/node.def b/templates/system/static-host-mapping/host-name/node.def
index 09bc9dbe..9d815965 100644
--- a/templates/system/static-host-mapping/host-name/node.def
+++ b/templates/system/static-host-mapping/host-name/node.def
@@ -12,10 +12,10 @@ end: sudo sh -c "
touch /etc/hosts
sed -i '/ $VAR(@) .*#vyatta entry/d' /etc/hosts
if [ -z \"$VAR(./inet/@)\" ]; then
- if cli-shell-api existsActive service dns forwarding; then /etc/init.d/dnsmasq restart >&/dev/null; fi
+ if cli-shell-api existsActive service dns forwarding; then /etc/init.d/pdns-recursor restart >&/dev/null; fi
exit 0
fi
declare -a aliases=( $VAR(alias/@@) )
echo -e \"$VAR(inet/@)\\t $VAR(@) \${aliases[*]} \\t #vyatta entry\" >> /etc/hosts
- if cli-shell-api existsActive service dns forwarding; then /etc/init.d/dnsmasq restart >&/dev/null; fi"
+ if cli-shell-api existsActive service dns forwarding; then /etc/init.d/pdns-recursor restart >&/dev/null; fi"
diff --git a/templates/system/sysctl/custom/node.def b/templates/system/sysctl/custom/node.def
index 4e6480ea..a072b2ba 100644
--- a/templates/system/sysctl/custom/node.def
+++ b/templates/system/sysctl/custom/node.def
@@ -1,5 +1,5 @@
tag:
priority: 318
type: txt
-help: Define specific sysctl option to modify
+help: Define specific sysctl options to modify
val_help: <sysctl_option> ; Name of sysctl option you want to modify