diff options
| author | John Southworth <john.southworth@vyatta.com> | 2011-02-03 19:21:44 -0600 |
|---|---|---|
| committer | John Southworth <john.southworth@vyatta.com> | 2011-02-03 19:21:44 -0600 |
| commit | 5db06eea839ef18cc090570af0227059c3bd51b7 (patch) | |
| tree | 6151a6f5a5a53965ba66364a752a5918c19c6f0f /templates | |
| parent | 8886c248e9bbbd4fb102870a628ab187a9f45d79 (diff) | |
| download | vyatta-cfg-vpn-5db06eea839ef18cc090570af0227059c3bd51b7.tar.gz vyatta-cfg-vpn-5db06eea839ef18cc090570af0227059c3bd51b7.zip | |
Initial additions to support local and remote protoport in general instead of just for GRE
Diffstat (limited to 'templates')
9 files changed, 36 insertions, 3 deletions
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/node.def new file mode 100644 index 0000000..4f761cf --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/node.def @@ -0,0 +1 @@ +help: Local parameters for interesting traffic diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/port/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/port/node.def new file mode 100644 index 0000000..721e59f --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/port/node.def @@ -0,0 +1,6 @@ +type: txt + +help: Destination port + +val_help: <port name> ; Named port (any name in /etc/services, e.g., http) +val_help: u32:1-65535 ; Numbered port diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/protocol/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/protocol/node.def new file mode 100644 index 0000000..040a391 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/protocol/node.def @@ -0,0 +1,11 @@ +type: txt + +help: Protocol to Encrypt + +val_help: txt ; IP protocol name from /etc/protocols (e.g. "gre" or "tcp") +val_help: u32:0-255 ; IP protocol number + +syntax:expression: exec "if [ -n \"`/opt/vyatta/sbin/vyatta-validate-type.pl protocol '$VAR(@)'`\" ]; then \ + echo invalid protocol \"$VAR(@)\" ; \ + exit 1 ; \ + fi ; " diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local-subnet/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/subnet/node.def index fbae2e8..fbae2e8 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local-subnet/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/subnet/node.def diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/protocol/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/protocol/node.def deleted file mode 100644 index 033f7fa..0000000 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/protocol/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Protocol that will be sent over tunnel. -type: txt -syntax:expression: $VAR(@) in "GRE"; "Only GRE is allowed" diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/node.def new file mode 100644 index 0000000..28e0592 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/node.def @@ -0,0 +1 @@ +help: Remote parameters for interesting traffic diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/port/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/port/node.def new file mode 100644 index 0000000..721e59f --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/port/node.def @@ -0,0 +1,6 @@ +type: txt + +help: Destination port + +val_help: <port name> ; Named port (any name in /etc/services, e.g., http) +val_help: u32:1-65535 ; Numbered port diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/protocol/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/protocol/node.def new file mode 100644 index 0000000..040a391 --- /dev/null +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/protocol/node.def @@ -0,0 +1,11 @@ +type: txt + +help: Protocol to Encrypt + +val_help: txt ; IP protocol name from /etc/protocols (e.g. "gre" or "tcp") +val_help: u32:0-255 ; IP protocol number + +syntax:expression: exec "if [ -n \"`/opt/vyatta/sbin/vyatta-validate-type.pl protocol '$VAR(@)'`\" ]; then \ + echo invalid protocol \"$VAR(@)\" ; \ + exit 1 ; \ + fi ; " diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote-subnet/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/subnet/node.def index e5383bf..e5383bf 100644 --- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote-subnet/node.def +++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/subnet/node.def |