blob: 7490f3367fff1c5be3811452b35aea276c1645c7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
tag:
priority: 380
type: txt
help: Tunnel interface
val_help: <tunN>; Tunnel interface name
syntax:expression: pattern $VAR(@) "^tun[0-9]+$" \
; "tunnel must be (tun0-tun999)"
commit:expression: $VAR(./local-ip/) != "" ; \
"Must configure the tunnel local-ip for $VAR(@)"
commit:expression: $VAR(./encapsulation/) != "" ; \
"Must configure the tunnel encapsulation for $VAR(@)"
create:
if [ "$VAR(./encapsulation/@)" == "gre-multipoint" ]; then
sudo invoke-rc.d opennhrp.init start;
fi
if [ x$VAR(./multicast/@) == xenable ]; then
MC="multicast on allmulticast on";
fi
case "$VAR(./encapsulation/@)" in
"gre" | "ipip" | "sit" | "gre-multipoint")
if [ -n "$VAR(./parameters/ip/bridge-group/)" ] ; then
echo "interfaces tunnel $VAR(@): Tunnel encapsulation type must be gre-bridge if a bridge group is defined";
exit 1;
fi
if [ -z "$VAR(./parameters/ip/ttl/@)" ]; then
TTL="ttl 255"
fi
if [ -n "$VAR(./parameters/ip/key/@)" ]; then
KEY="key $VAR(./parameters/ip/key/@)";
fi
if [ "$VAR(./encapsulation/@)" == "gre-multipoint" ]; then
ip tunnel add $VAR(@) local $VAR(./local-ip/@) mode gre $KEY $TTL
else
ip tunnel add $VAR(@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) $KEY $TTL
fi
if [ -z "`ip tun sh | grep $VAR(@)`" ]; then
echo interfaces tunnel $VAR(@): error creating tunnel interface
exit 1
fi
;;
"gre-bridge")
ip link add $VAR(@) type gretap local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) ||
echo "interfaces tunnel $VAR(@): error creating tunnel interface"
;;
"ipip6" | "ip6ip6")
ip -6 tunnel add $VAR(@) local $VAR(./local-ip/@) remote $VAR(./remote-ip/@) mode $VAR(./encapsulation/@) ||
echo "interfaces tunnel $VAR(@): error creating tunnel interface"
;;
esac
ip link set $VAR(@) $MC up ||
echo "interfaces tunnel $VAR(@): error setting tunnel interface active"
delete:
ip link set $VAR(@) down
case "$VAR(./encapsulation/@)" in
"gre" | "ipip" | "sit")
ip tunnel del $VAR(@) mode $VAR(./encapsulation/@);;
"gre-bridge")
ip link delete $VAR(@) ;;
"ipip6" | "ip6ip6")
ip -6 tunnel del $VAR(@) mode $VAR(./encapsulation/@);;
"gre-multipoint")
ip tunnel del $VAR(@) mode gre;;
esac
end:
if [ "${COMMIT_ACTION}" == DELETE ]; then
/opt/vyatta/sbin/vyatta-tunnel-cleanup $VAR(@)
fi
if [ -e /opt/vyatta/sbin/vyatta-update-nhrp.pl ]; then
sudo /opt/vyatta/sbin/vyatta-update-nhrp.pl --tun "$VAR(@)" --commit_tun;
fi
|
