From 5db06eea839ef18cc090570af0227059c3bd51b7 Mon Sep 17 00:00:00 2001
From: John Southworth <john.southworth@vyatta.com>
Date: Thu, 3 Feb 2011 19:21:44 -0600
Subject: Initial additions to support local and remote protoport in general
 instead of just for GRE

---
 .../peer/node.tag/tunnel/node.tag/local-subnet/node.def       |  2 --
 .../site-to-site/peer/node.tag/tunnel/node.tag/local/node.def |  1 +
 .../peer/node.tag/tunnel/node.tag/local/port/node.def         |  6 ++++++
 .../peer/node.tag/tunnel/node.tag/local/protocol/node.def     | 11 +++++++++++
 .../peer/node.tag/tunnel/node.tag/local/subnet/node.def       |  2 ++
 .../peer/node.tag/tunnel/node.tag/protocol/node.def           |  3 ---
 .../peer/node.tag/tunnel/node.tag/remote-subnet/node.def      |  2 --
 .../peer/node.tag/tunnel/node.tag/remote/node.def             |  1 +
 .../peer/node.tag/tunnel/node.tag/remote/port/node.def        |  6 ++++++
 .../peer/node.tag/tunnel/node.tag/remote/protocol/node.def    | 11 +++++++++++
 .../peer/node.tag/tunnel/node.tag/remote/subnet/node.def      |  2 ++
 11 files changed, 40 insertions(+), 7 deletions(-)
 delete mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local-subnet/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/port/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/protocol/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/subnet/node.def
 delete mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/protocol/node.def
 delete mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote-subnet/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/port/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/protocol/node.def
 create mode 100644 templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/subnet/node.def

(limited to 'templates/vpn/ipsec/site-to-site')

diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local-subnet/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local-subnet/node.def
deleted file mode 100644
index fbae2e8..0000000
--- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local-subnet/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Local subnet
-type:  ipv4net
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/node.def
new file mode 100644
index 0000000..4f761cf
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/node.def
@@ -0,0 +1 @@
+help: Local parameters for interesting traffic
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/port/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/port/node.def
new file mode 100644
index 0000000..721e59f
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/port/node.def
@@ -0,0 +1,6 @@
+type: txt
+
+help: Destination port
+
+val_help: <port name> ; Named port (any name in /etc/services, e.g., http)
+val_help: u32:1-65535 ; Numbered port
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/protocol/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/protocol/node.def
new file mode 100644
index 0000000..040a391
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/protocol/node.def
@@ -0,0 +1,11 @@
+type:  txt
+
+help: Protocol to Encrypt
+
+val_help: txt ; IP protocol name from /etc/protocols (e.g. "gre" or "tcp")
+val_help: u32:0-255 ; IP protocol number
+
+syntax:expression: exec "if [ -n \"`/opt/vyatta/sbin/vyatta-validate-type.pl protocol '$VAR(@)'`\" ]; then \
+                            echo invalid protocol \"$VAR(@)\" ; \
+                            exit 1 ; \
+                        fi ; "
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/subnet/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/subnet/node.def
new file mode 100644
index 0000000..fbae2e8
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/local/subnet/node.def
@@ -0,0 +1,2 @@
+help: Local subnet
+type:  ipv4net
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/protocol/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/protocol/node.def
deleted file mode 100644
index 033f7fa..0000000
--- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/protocol/node.def
+++ /dev/null
@@ -1,3 +0,0 @@
-help: Protocol that will be sent over tunnel.
-type: txt
-syntax:expression: $VAR(@) in "GRE"; "Only GRE is allowed"
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote-subnet/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote-subnet/node.def
deleted file mode 100644
index e5383bf..0000000
--- a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote-subnet/node.def
+++ /dev/null
@@ -1,2 +0,0 @@
-help: Remote subnet
-type:  ipv4net
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/node.def
new file mode 100644
index 0000000..28e0592
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/node.def
@@ -0,0 +1 @@
+help: Remote parameters for interesting traffic
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/port/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/port/node.def
new file mode 100644
index 0000000..721e59f
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/port/node.def
@@ -0,0 +1,6 @@
+type: txt
+
+help: Destination port
+
+val_help: <port name> ; Named port (any name in /etc/services, e.g., http)
+val_help: u32:1-65535 ; Numbered port
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/protocol/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/protocol/node.def
new file mode 100644
index 0000000..040a391
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/protocol/node.def
@@ -0,0 +1,11 @@
+type:  txt
+
+help: Protocol to Encrypt
+
+val_help: txt ; IP protocol name from /etc/protocols (e.g. "gre" or "tcp")
+val_help: u32:0-255 ; IP protocol number
+
+syntax:expression: exec "if [ -n \"`/opt/vyatta/sbin/vyatta-validate-type.pl protocol '$VAR(@)'`\" ]; then \
+                            echo invalid protocol \"$VAR(@)\" ; \
+                            exit 1 ; \
+                        fi ; "
diff --git a/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/subnet/node.def b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/subnet/node.def
new file mode 100644
index 0000000..e5383bf
--- /dev/null
+++ b/templates/vpn/ipsec/site-to-site/peer/node.tag/tunnel/node.tag/remote/subnet/node.def
@@ -0,0 +1,2 @@
+help: Remote subnet
+type:  ipv4net
-- 
cgit v1.2.3