From 586866d72d4fee05f174f1976191cde6f9db347f Mon Sep 17 00:00:00 2001 From: higebu Date: Tue, 18 Mar 2014 03:06:18 +0900 Subject: Add support for l2tpv3 --- templates/interfaces/l2tpv3/node.def | 49 ++++++++++++++++++++++ .../l2tpv3/node.tag/bridge-group/bridge/node.def | 12 ++++++ .../l2tpv3/node.tag/bridge-group/cost/node.def | 4 ++ .../l2tpv3/node.tag/bridge-group/node.def | 3 ++ .../l2tpv3/node.tag/bridge-group/priority/node.def | 4 ++ .../interfaces/l2tpv3/node.tag/dport/node.def | 6 +++ .../interfaces/l2tpv3/node.tag/encap/node.def | 7 ++++ .../l2tpv3/node.tag/endpoint/local-ip/node.def | 6 +++ .../interfaces/l2tpv3/node.tag/endpoint/node.def | 1 + .../l2tpv3/node.tag/endpoint/remote-ip/node.def | 6 +++ .../interfaces/l2tpv3/node.tag/local-ip/node.def | 8 ++++ .../l2tpv3/node.tag/peer-session-id/node.def | 5 +++ .../l2tpv3/node.tag/peer-tunnel-id/node.def | 5 +++ .../interfaces/l2tpv3/node.tag/remote-ip/node.def | 4 ++ .../interfaces/l2tpv3/node.tag/session-id/node.def | 5 +++ .../interfaces/l2tpv3/node.tag/sport/node.def | 6 +++ .../interfaces/l2tpv3/node.tag/tunnel-id/node.def | 5 +++ templates/interfaces/l2tpv3/node.tag/wait/node.def | 6 +++ 18 files changed, 142 insertions(+) create mode 100644 templates/interfaces/l2tpv3/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/bridge-group/bridge/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/bridge-group/cost/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/bridge-group/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/bridge-group/priority/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/dport/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/encap/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/endpoint/local-ip/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/endpoint/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/endpoint/remote-ip/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/local-ip/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/peer-session-id/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/peer-tunnel-id/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/remote-ip/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/session-id/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/sport/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/tunnel-id/node.def create mode 100644 templates/interfaces/l2tpv3/node.tag/wait/node.def (limited to 'templates/interfaces/l2tpv3') diff --git a/templates/interfaces/l2tpv3/node.def b/templates/interfaces/l2tpv3/node.def new file mode 100644 index 00000000..924d27b7 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.def @@ -0,0 +1,49 @@ +tag: +priority: 380 +type: txt +help: l2tpv3 interface +val_help: ; l2tpv3 interface name +syntax:expression: pattern $VAR(@) "^l2tpeth[0-9]+$" \ + ; "tunnel must be (l2tpeth0-l2tpeth999)" + +commit:expression: $VAR(./local-ip/) != "" ; \ + "Must configure the l2tpv3 local-ip for $VAR(@)" +commit:expression: $VAR(./remote-ip/) != "" ; \ + "Must configure the l2tpv3 remote-ip for $VAR(@)" +commit:expression: $VAR(./endpoint/local-ip/) != "" ; \ + "Must configure the l2tpv3 endpoint local-ip for $VAR(@)" +commit:expression: $VAR(./endpoint/remote-ip/) != "" ; \ + "Must configure the l2tpv3 endpoint remote-ip for $VAR(@)" +commit:expression: $VAR(./tunnel-id/) != "" ; \ + "Must configure the l2tpv3 tunnel-id for $VAR(@)" +commit:expression: $VAR(./peer-tunnel-id/) != "" ; \ + "Must configure the l2tpv3 peer-tunnel-id for $VAR(@)" +commit:expression: $VAR(./session-id/) != "" ; \ + "Must configure the l2tpv3 session-id for $VAR(@)" +commit:expression: $VAR(./peer-session-id/) != "" ; \ + "Must configure the l2tpv3 peer-session-id for $VAR(@)" + +begin: + [ -d /sys/module/l2tp_eth ] || sudo modprobe l2tp_eth + [ -d /sys/module/l2tp_netlink ] || sudo modprobe l2tp_netlink + +create: + for i in `seq 1 $VAR(./wait/@)` + do + ping -c 1 $VAR(./remote-ip/@) > /dev/null 2>&1 && break + sleep 1 + done + ip l2tp add tunnel tunnel_id $VAR(./tunnel-id/@) peer_tunnel_id $VAR(./peer-tunnel-id/@) udp_sport $VAR(./sport/@) udp_dport $VAR(./dport/@) encap $VAR(./encap/@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) || + echo "ip l2tp add tunnel tunnel_id $VAR(./tunnel-id/@) peer_tunnel_id $VAR(./peer-tunnel-id/@) udp_sport $VAR(./sport/@) udp_dport $VAR(./dport/@) encap $VAR(./encap/@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@)" + ip l2tp add session tunnel_id $VAR(./tunnel-id/@) session_id $VAR(./session-id/@) peer_session_id $VAR(./peer-session-id/@) || echo "ip l2tp add session tunnel_id $VAR(./tunnel-id/@) session_id $VAR(./session-id/@) peer_session_id $VAR(./peer-session-id/@)" + ip addr add $VAR(./endpoint/local-ip/@) peer $VAR(./endpoint/remote-ip/@) dev $VAR(@) || echo "ip addr add $VAR(./endpoint/local-ip/@) peer $VAR(./endpoint/remote-ip/@) dev $VAR(@)" + ip link set $VAR(@) up mtu 1500 + +delete: + ip link set $VAR(@) down + if [ -n "$VAR(./tunnel-id@/)" ] && [ -n "$VAR(./session-id@/)" ] ; then + ip l2tp del session $VAR(./tunnel-id/@) session_id $VAR(./session-id/@) + fi + if [ -n "$VAR(./tunnel-id@/)" ] ; then + ip l2tp del tunnel tunnel_id $VAR(./tunnel-id/@) + fi diff --git a/templates/interfaces/l2tpv3/node.tag/bridge-group/bridge/node.def b/templates/interfaces/l2tpv3/node.tag/bridge-group/bridge/node.def new file mode 100644 index 00000000..d58e8f07 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/bridge-group/bridge/node.def @@ -0,0 +1,12 @@ +type: txt + +help: Bridge group name + +syntax:expression: pattern $VAR(@) "^br[0-9]+$" \ + ; "$VAR(@): not a valid name for a bridge" + +commit:expression: exec \ + "/opt/vyatta/sbin/vyatta-interfaces.pl --dev=$VAR(@) --check=bridge" + +allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=bridge + diff --git a/templates/interfaces/l2tpv3/node.tag/bridge-group/cost/node.def b/templates/interfaces/l2tpv3/node.tag/bridge-group/cost/node.def new file mode 100644 index 00000000..22bac5a2 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/bridge-group/cost/node.def @@ -0,0 +1,4 @@ +type: u32 +help: Bridge port cost +syntax:expression: $VAR(@) >= 1 && $VAR(@) < 65536 ; "Bridge cost value must be between 1 and 65535" +val_help: u32:1-65535; Path cost value for Spanning Tree Protocol diff --git a/templates/interfaces/l2tpv3/node.tag/bridge-group/node.def b/templates/interfaces/l2tpv3/node.tag/bridge-group/node.def new file mode 100644 index 00000000..74ecab4d --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/bridge-group/node.def @@ -0,0 +1,3 @@ +help: Add this interface to a bridge group + +end: /opt/vyatta/sbin/vyatta-bridge.pl ${COMMIT_ACTION} $VAR(../@) diff --git a/templates/interfaces/l2tpv3/node.tag/bridge-group/priority/node.def b/templates/interfaces/l2tpv3/node.tag/bridge-group/priority/node.def new file mode 100644 index 00000000..be0ff479 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/bridge-group/priority/node.def @@ -0,0 +1,4 @@ +type: u32 +help: Bridge port priority +syntax:expression: $VAR(@) >= 0 &&$VAR(@) < 64; "Port priority must be between 0-63" +val_help: u32:0-63; Bridge port priority diff --git a/templates/interfaces/l2tpv3/node.tag/dport/node.def b/templates/interfaces/l2tpv3/node.tag/dport/node.def new file mode 100644 index 00000000..1dac1418 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/dport/node.def @@ -0,0 +1,6 @@ +help: Source port +type: u32 +default: 5000 +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 65535) ; "must between 1-65535" + +val_help: u32:1-65535; Numbered port diff --git a/templates/interfaces/l2tpv3/node.tag/encap/node.def b/templates/interfaces/l2tpv3/node.tag/encap/node.def new file mode 100644 index 00000000..c3726314 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/encap/node.def @@ -0,0 +1,7 @@ +help: Encryption algorithm +type: txt +default: "udp" +syntax:expression: $VAR(@) in "ip", "udp"; "must be ip, or udp" + +val_help: udp; udp encryption (default) +val_help: ip; ip encryption diff --git a/templates/interfaces/l2tpv3/node.tag/endpoint/local-ip/node.def b/templates/interfaces/l2tpv3/node.tag/endpoint/local-ip/node.def new file mode 100644 index 00000000..f443d9ec --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/endpoint/local-ip/node.def @@ -0,0 +1,6 @@ +type: ipv4net, ipv6net +help: Endpoint IP address for this l2tpv3 [REQUIRED] +val_help: ipv4net; Endpoint IPv4 address for this l2tpv3 [REQUIRED] +val_help: ipv6net; Endpoint IPv6 address for this l2tpv3 [REQUIRED] + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" diff --git a/templates/interfaces/l2tpv3/node.tag/endpoint/node.def b/templates/interfaces/l2tpv3/node.tag/endpoint/node.def new file mode 100644 index 00000000..d199b6f6 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/endpoint/node.def @@ -0,0 +1 @@ +help: l2tpv3 of Endpoint IP address diff --git a/templates/interfaces/l2tpv3/node.tag/endpoint/remote-ip/node.def b/templates/interfaces/l2tpv3/node.tag/endpoint/remote-ip/node.def new file mode 100644 index 00000000..6e1bcf80 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/endpoint/remote-ip/node.def @@ -0,0 +1,6 @@ +type: ipv4net, ipv6net +help: Peer Endpoint IP address for this l2tpv3 [REQUIRED] +val_help: ipv4net; Peer Endpoint IPv4 address for this l2tpv3 [REQUIRED] +val_help: ipv6net; Peer Endpoint IPv6 address for this l2tpv3 [REQUIRED] + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" diff --git a/templates/interfaces/l2tpv3/node.tag/local-ip/node.def b/templates/interfaces/l2tpv3/node.tag/local-ip/node.def new file mode 100644 index 00000000..3dfc3816 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/local-ip/node.def @@ -0,0 +1,8 @@ +type: ipv4, ipv6 +help: Local IP address for this l2tpv3 [REQUIRED] +val_help: ipv4; Local IPv4 address for this l2tpv3 [REQUIRED] +val_help: ipv6; Local IPv6 address for this l2tpv3 [REQUIRED] + +syntax:expression: exec \ + "/opt/vyatta/sbin/local_ip $VAR(@) || \ + echo Warning! IP address $VAR(@) doesn\\'t exist on this system" diff --git a/templates/interfaces/l2tpv3/node.tag/peer-session-id/node.def b/templates/interfaces/l2tpv3/node.tag/peer-session-id/node.def new file mode 100644 index 00000000..decdf6ea --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/peer-session-id/node.def @@ -0,0 +1,5 @@ +help: l2tpv3 peer-session-id [REQUIRED] +type: u32 + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 429496729) ; "must between 1-429496729" +val_help: u32:1-429496729; l2tpv3 peer-session-id [REQUIRED] diff --git a/templates/interfaces/l2tpv3/node.tag/peer-tunnel-id/node.def b/templates/interfaces/l2tpv3/node.tag/peer-tunnel-id/node.def new file mode 100644 index 00000000..fa734902 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/peer-tunnel-id/node.def @@ -0,0 +1,5 @@ +help: l2tpv3 peer-tunnel-id [REQUIRED] +type: u32 + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 429496729) ; "must between 1-429496729" +val_help: u32:1-429496729; l2tpv3 peer-tunnel-id [REQUIRED] diff --git a/templates/interfaces/l2tpv3/node.tag/remote-ip/node.def b/templates/interfaces/l2tpv3/node.tag/remote-ip/node.def new file mode 100644 index 00000000..806f6a94 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/remote-ip/node.def @@ -0,0 +1,4 @@ +type: ipv4, ipv6 +help: Remote IP address for this l2tpv3 [REQUIRED] +val_help: ipv4; Remote IPv4 address for this l2tpv3 [REQUIRED] +val_help: ipv6; Remote IPv6 address for this l2tpv3 [REQUIRED] diff --git a/templates/interfaces/l2tpv3/node.tag/session-id/node.def b/templates/interfaces/l2tpv3/node.tag/session-id/node.def new file mode 100644 index 00000000..ad4a22f9 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/session-id/node.def @@ -0,0 +1,5 @@ +help: l2tpv3 session-id [REQUIRED] +type: u32 + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 429496729) ; "must between 1-429496729" +val_help: u32:1-429496729; l2tpv3 session-id [REQUIRED] diff --git a/templates/interfaces/l2tpv3/node.tag/sport/node.def b/templates/interfaces/l2tpv3/node.tag/sport/node.def new file mode 100644 index 00000000..a9ccfe49 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/sport/node.def @@ -0,0 +1,6 @@ +help: Destination port +type: u32 +default: 5000 +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 65535) ; "must between 1-65535" + +val_help: u32:1-65535; Numbered port diff --git a/templates/interfaces/l2tpv3/node.tag/tunnel-id/node.def b/templates/interfaces/l2tpv3/node.tag/tunnel-id/node.def new file mode 100644 index 00000000..b4cdc752 --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/tunnel-id/node.def @@ -0,0 +1,5 @@ +help: l2tpv3 tunnel-id [REQUIRED] +type: u32 + +syntax:expression: ($VAR(@) >= 1 && $VAR(@) <= 429496729) ; "must between 1-429496729" +val_help: u32:1-429496729; l2tpv3 tunnel-id diff --git a/templates/interfaces/l2tpv3/node.tag/wait/node.def b/templates/interfaces/l2tpv3/node.tag/wait/node.def new file mode 100644 index 00000000..53044eea --- /dev/null +++ b/templates/interfaces/l2tpv3/node.tag/wait/node.def @@ -0,0 +1,6 @@ +help: Wait count +type: u32 +default: 30 +syntax:expression: ($VAR(@) >= 5 && $VAR(@) <= 300) ; "must be in the range 5 to 300 seconds" + +val_help: u32:5-300 wait (default 30) -- cgit v1.2.3