summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Larson <mike@ft1.vyatta.com>2009-09-09 16:26:01 -0700
committerMichael Larson <mike@ft1.vyatta.com>2009-09-09 16:26:01 -0700
commit5f1a33134d463fa565ee9dd43237252bd27d5fb3 (patch)
tree70f1ac5b1e76a0ae875c71ca15089ecdbc45c122
parent028e8e12c5e15efc0a316641f2b02e46d5c77210 (diff)
parent42abfac6f11077dbfc3b0eaf845597e38f7cd685 (diff)
downloadvyatta-cfg-5f1a33134d463fa565ee9dd43237252bd27d5fb3.tar.gz
vyatta-cfg-5f1a33134d463fa565ee9dd43237252bd27d5fb3.zip
Merge branch 'kenwood' of http://git.vyatta.com/vyatta-cfg into kenwood
-rw-r--r--Makefile.am1
-rw-r--r--debian/changelog159
-rwxr-xr-xetc/init.d/vyatta-ofr16
-rw-r--r--etc/modprobe.d/vyatta_nocopybreak3
-rwxr-xr-xlib/Vyatta/Config.pm38
-rwxr-xr-xlib/Vyatta/ConfigLoad.pm95
-rwxr-xr-xlib/Vyatta/Interface.pm12
-rwxr-xr-xlib/Vyatta/Misc.pm26
-rwxr-xr-xlib/Vyatta/TypeChecker.pm6
-rwxr-xr-xscripts/vyatta-cfg-cmd-wrapper26
-rwxr-xr-xscripts/vyatta-cli-expand-var.pl2
-rwxr-xr-xscripts/vyatta-config-gen-sets.pl9
-rwxr-xr-xscripts/vyatta-config-loader.pl15
-rwxr-xr-xscripts/vyatta-exists14
-rwxr-xr-xscripts/vyatta-interfaces.pl9
-rwxr-xr-xscripts/vyatta-load-config.pl2
-rw-r--r--src/commit2.c9
-rw-r--r--src/common/defs.h2
-rw-r--r--templates/interfaces/ethernet/node.tag/description/node.def2
-rw-r--r--templates/interfaces/ethernet/node.tag/disable-flow-control/node.def4
-rw-r--r--templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def2
-rw-r--r--templates/interfaces/loopback/node.tag/description/node.def2
-rw-r--r--templates/priority29
23 files changed, 343 insertions, 140 deletions
diff --git a/Makefile.am b/Makefile.am
index f7096af..217de7e 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -56,6 +56,7 @@ sbin_SCRIPTS += scripts/vyatta-cfg-notify
sbin_SCRIPTS += scripts/vyatta-interfaces.pl
sbin_SCRIPTS += scripts/vyatta-irqaffin
sbin_SCRIPTS += scripts/vyatta-check-typeless-node.pl
+sbin_SCRIPTS += scripts/vyatta-exists
share_perl5_DATA = lib/Vyatta/Config.pm
share_perl5_DATA += lib/Vyatta/Misc.pm
diff --git a/debian/changelog b/debian/changelog
index 9c60c4e..c13f455 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,162 @@
+vyatta-cfg (0.15.16) unstable; urgency=low
+
+ * Allow empty description
+
+ -- Stephen Hemminger <stephen.hemminger@vyatta.com> Wed, 09 Sep 2009 14:39:25 -0700
+
+vyatta-cfg (0.15.15) unstable; urgency=low
+
+ * added data path to environment during commit. value key is
+ "NODE_DATA_PATH". nodes are delimited by "/" rather than spaces.
+ * fix for bug 4697. Added range value check that start must be less
+ than or equal to stop address
+
+ -- slioch <slioch@eng-140.vyatta.com> Wed, 09 Sep 2009 09:29:14 -0700
+
+vyatta-cfg (0.15.14) unstable; urgency=low
+
+ * Bugfix 4793: Narrow the set of platforms on which module is loaded.
+
+ -- Bob Gilligan <gilligan@vyatta.com> Fri, 28 Aug 2009 17:51:04 -0700
+
+vyatta-cfg (0.15.13) unstable; urgency=low
+
+ * Bugfix 4793: Load the acpi_cpufreq module on certain processors.
+
+ -- Bob Gilligan <gilligan@vyatta.com> Fri, 28 Aug 2009 15:43:00 -0700
+
+vyatta-cfg (0.15.12) unstable; urgency=low
+
+ * add no copybreak for more drivers
+ * Failure to set address should fail the commit
+
+ -- Stephen Hemminger <stephen.hemminger@vyatta.com> Thu, 27 Aug 2009 10:07:06 -0700
+
+vyatta-cfg (0.15.11) unstable; urgency=low
+
+ * Skip more wireless interfaces
+ * Add a small script to test for node existance
+
+ -- Stephen Hemminger <stephen.hemminger@vyatta.com> Mon, 24 Aug 2009 12:16:12 -0700
+
+vyatta-cfg (0.15.10) unstable; urgency=low
+
+ * Add priority for wireless
+ * Skip wmaster interface in operational commands
+ * Add ability to disable flow-control
+
+ -- Stephen Hemminger <stephen.hemminger@vyatta.com> Thu, 20 Aug 2009 11:51:01 -0700
+
+vyatta-cfg (0.15.9) unstable; urgency=low
+
+ * check if port name is valid for both tcp and udp when protocol
+ tcp_udp
+
+ -- Mohit Mehta <mohit.mehta@vyatta.com> Fri, 07 Aug 2009 18:56:01 -0700
+
+vyatta-cfg (0.15.8) unstable; urgency=low
+
+ [ slioch ]
+ * cleaned out more of the islavista rank code. closing bug 4473 as a
+ result
+
+ [ Stig Thormodsrud ]
+ * Revert "Fix [Bug 4760] New: members were removed after an in-use
+ firewall group"
+ * Another attempt to fix 4760.
+
+ [ Stephen Hemminger ]
+
+ -- Stephen Hemminger <stephen.hemminger@vyatta.com> Thu, 06 Aug 2009 12:18:18 -0700
+
+vyatta-cfg (0.15.7) unstable; urgency=low
+
+ [ Stephen Hemminger ]
+ * Add hw_address method for use in bonding
+
+ [ Stig Thormodsrud ]
+ * Fix [Bug 4760] New: members were removed after an in-use firewall
+ group
+
+ -- Stig Thormodsrud <stig@vyatta.com> Thu, 30 Jul 2009 11:43:34 -0700
+
+vyatta-cfg (0.15.6) unstable; urgency=low
+
+ * update cli-expand-var script to match current variable reference
+ syntax.
+
+ -- An-Cheng Huang <ancheng@vyatta.com> Wed, 29 Jul 2009 12:02:31 -0700
+
+vyatta-cfg (0.15.5) unstable; urgency=low
+
+ * alter rename rule option to work for firewall and nat rules
+
+ -- Mohit Mehta <mohit.mehta@vyatta.com> Tue, 28 Jul 2009 17:08:03 -0700
+
+vyatta-cfg (0.15.4) unstable; urgency=low
+
+ [ slioch ]
+ * fix for bug 4255. commit check was not being called on active node
+ that had deleted children. This change only affects
+
+ [ Stig Thormodsrud ]
+ * Fix 4722: Output inconsistent from 'save' and 'load' commands
+
+ [ Mohit Mehta ]
+
+ -- Mohit Mehta <mohit.mehta@vyatta.com> Fri, 24 Jul 2009 14:27:06 -0700
+
+vyatta-cfg (0.15.3) unstable; urgency=low
+
+ * Bugfix 4717: Remove duplicate entries in priority file.
+
+ -- Bob Gilligan <gilligan@vyatta.com> Mon, 13 Jul 2009 16:42:48 -0700
+
+vyatta-cfg (0.15.2) unstable; urgency=low
+
+ [ Stig Thormodsrud ]
+ * Add more system priorities so that 1 system failure doesn't affect
+
+ [ Stephen Hemminger ]
+ * Fix duplicate bonding vif entry
+
+ [ Stig Thormodsrud ]
+ * Fix 4623: Removing IPSEC VPN config without removing cluster ipsec
+ config drops all interfaces.
+
+ -- Stig Thormodsrud <stig@vyatta.com> Fri, 10 Jul 2009 14:11:49 -0700
+
+vyatta-cfg (0.15.1) unstable; urgency=low
+
+ * load requires additional environment variables
+
+ -- An-Cheng Huang <ancheng@vyatta.com> Wed, 08 Jul 2009 18:29:31 -0700
+
+vyatta-cfg (0.14.104) unstable; urgency=low
+
+ [ Mark O'Brien ]
+ * Updated bridging/bonding priorites.
+
+ [ slioch ]
+ * added isActive function in perl code to allow a comparison of active
+ * fixed isActive() api to now support mixed level and passed in
+ relative path values.
+
+ [ Stephen Hemminger ]
+ * Start bonding vif after bond-group is created
+ * Use ip command rather than sysfs to set ifalias
+
+ [ An-Cheng Huang ]
+
+ -- An-Cheng Huang <ancheng@vyatta.com> Wed, 08 Jul 2009 16:55:51 -0700
+
+vyatta-cfg (0.14.103) unstable; urgency=low
+
+ * fix for ptr magic on 64 bit system. looks like double ptr was
+ getting the missing the last 4 bytes on 64 bit copy.
+
+ -- slioch <slioch@eng-140.vyatta.com> Mon, 06 Jul 2009 17:51:15 -0700
+
vyatta-cfg (0.14.102) unstable; urgency=low
* updated perl api for new cli to support working node representation.
diff --git a/etc/init.d/vyatta-ofr b/etc/init.d/vyatta-ofr
index 4fb4c1e..45333ac 100755
--- a/etc/init.d/vyatta-ofr
+++ b/etc/init.d/vyatta-ofr
@@ -125,7 +125,20 @@ cleanup_raid()
rmmod $MD_MODULES > /tmp/vyatta_raid_cleanup_log 2>&1
}
-
+#
+# Load the acpi_cpufreq kernel module, but only for certain processors.
+# Some Intel CPUs need to have it loaded in order to initialize
+# properly.
+#
+load_acpi_cpufreq()
+{
+ manuf=`dmidecode -s system-manufacturer`
+ prod=`dmidecode -s system-product-name`
+ if [ "$manuf" = "Vyatta" -a "$prod" = "Series 2500" ]; then
+ logger -t "$progname" -p user.notice "loading acpi_cpufreq module"
+ modprobe acpi_cpufreq
+ fi
+}
start ()
{
@@ -141,6 +154,7 @@ start ()
${vyatta_sbindir}/${s}.init start || (log_end_msg $? && return)
done
load_bootfile
+ load_acpi_cpufreq
cleanup_raid
chmod g-w,o-w /
diff --git a/etc/modprobe.d/vyatta_nocopybreak b/etc/modprobe.d/vyatta_nocopybreak
index deb962f..0ac3052 100644
--- a/etc/modprobe.d/vyatta_nocopybreak
+++ b/etc/modprobe.d/vyatta_nocopybreak
@@ -40,6 +40,9 @@
options e1000 copybreak=0
options e1000e copybreak=0
+options sky2 copybreak=0
+options via-rhine rx_copybreak=0
+options via-velocity rx_copybreak=0
diff --git a/lib/Vyatta/Config.pm b/lib/Vyatta/Config.pm
index fd0222f..c97152c 100755
--- a/lib/Vyatta/Config.pm
+++ b/lib/Vyatta/Config.pm
@@ -98,6 +98,31 @@ sub listNodes {
return @nodes_modified;
}
+## isActive("path")
+# return true|false based on whether node path has
+# been processed or is active
+sub isActive {
+ my ($self, $path) = @_;
+ my @nodes = ();
+
+ my @comp_node = split " ", $path;
+
+ my $comp_node = pop(@comp_node);
+ if (!defined $comp_node) {
+ return 1;
+ }
+
+ my $rel_path = join(" ",@comp_node);
+
+ my @nodes_modified = $self->listOrigPlusComNodes($rel_path);
+ foreach my $node (@nodes_modified) {
+ if ($node eq $comp_node) {
+ return 0;
+ }
+ }
+ return 1;
+}
+
## listNodes("level")
# return array of all nodes (active plus currently committed) at "level"
# level is relative
@@ -105,7 +130,7 @@ sub listOrigPlusComNodes {
my ($self, $path) = @_;
my @nodes = ();
- my @nodes_modified = $self->listNodes();
+ my @nodes_modified = $self->listNodes($path);
#convert array to hash
my %coll;
@@ -113,6 +138,9 @@ sub listOrigPlusComNodes {
@coll{@nodes_modified} = @nodes_modified;
my $level = $self->{_level};
+ if (! defined $level) {
+ $level = "";
+ }
#now test against the inprocess file in the system
# my $com_file = "/tmp/.changes_$$";
@@ -125,6 +153,9 @@ sub listOrigPlusComNodes {
#$coll is of the form: blah
my $dir_path = $level;
+ if (defined $path) {
+ $dir_path .= " " . $path;
+ }
$dir_path =~ s/ /\//g;
$dir_path = "/".$dir_path;
@@ -143,8 +174,13 @@ sub listOrigPlusComNodes {
$tmp = $node[1];
}
+ if (!defined $tmp || $tmp eq '') {
+ next;
+ }
+
my @child = split "/",$tmp;
my $child;
+
# print("tmp: $tmp, $child[0], $child[1]\n");
if ($child[0] =~ /^\s*$/ || !defined $child[0] || $child[0] eq '') {
shift(@child);
diff --git a/lib/Vyatta/ConfigLoad.pm b/lib/Vyatta/ConfigLoad.pm
index 09bd627..8ffc9c0 100755
--- a/lib/Vyatta/ConfigLoad.pm
+++ b/lib/Vyatta/ConfigLoad.pm
@@ -27,55 +27,6 @@ use lib "/opt/vyatta/share/perl5";
use XorpConfigParser;
use Vyatta::Config;
-# configuration ordering. higher rank configured before lower rank.
-my $default_rank = 0;
-my %config_rank = (
- 'qos-policy' => 1110,
- 'firewall group' => 1100,
- 'firewall' => 1090,
- 'service nat' => 1080,
- 'system host-name' => 1070,
- 'protocols ospf parameters' => 1060,
- 'protocols ospf' => 1055,
- 'protocols rip interface' => 905,
- 'protocols rip' => 1050,
- 'interfaces' => 1000,
- 'interfaces bonding' => 995,
- 'interfaces bridge' => 990,
- 'interfaces ethernet' => 980,
- 'interfaces tunnel' => 910,
- 'zone-policy zone' => 900,
- 'system gateway-address' => 890,
- 'system name-server' => 880,
- 'system login user' => 870,
- 'system' => 860,
- 'protocols static' => 850,
- 'service ssh' => 840,
- 'service telnet' => 830,
- 'service webproxy' => 828,
- 'service http' => 827,
- 'service dhcp-relay' => 826,
- 'service dhcp-server' => 825,
- 'service dns' => 824,
- 'service nat' => 823,
- 'policy' => 820,
- 'protocols bgp' => 790,
- 'vpn' => 600,
-);
-
-my %regex_rank = (
- 'interfaces ethernet \S* vrrp' => 500,
- 'interfaces ethernet \S* vif \S* vrrp' => 500,
- 'interfaces ethernet \S* pppo[ea]' => 400,
- 'protocols bgp \d+ parameters' => 810,
- 'protocols bgp \d+ neighbor \d+\.\d+\.\d+\.\d+' => 800,
- 'protocols bgp \d+ neighbor \w+' => 801,
- 'interfaces bridge \S* address' => 920,
- 'zone-policy zone \S* interface' => 899,
- 'zone-policy zone \S* local-zone' => 899,
- 'zone-policy zone \S* from' => 898,
-);
-
my @all_nodes = ();
my @all_naked_nodes = ();
@@ -85,30 +36,6 @@ sub match_regex {
return ($str =~ m/$pattern/) ? 1 : 0;
}
-sub get_regex_rank {
- my ($str) = @_;
- foreach (keys %regex_rank) {
- if (match_regex($_, $str)) {
- return $regex_rank{$_};
- }
- }
- return; # undef if no match
-}
-
-sub get_config_rank {
- # longest prefix match
- my @path = @_;
- while ((scalar @path) > 0) {
- my $path_str = join ' ', @path;
- if (defined($config_rank{$path_str})) {
- return ($config_rank{$path_str});
- }
- my $wrank = get_regex_rank($path_str);
- return $wrank if (defined($wrank));
- pop @path;
- }
- return $default_rank;
-}
sub applySingleQuote {
my @return = ();
@@ -161,12 +88,12 @@ sub enumerate_branch {
}
push @all_naked_nodes, [ @cur_path ];
my @qpath = applySingleQuote(@cur_path);
- push @all_nodes, [\@qpath, get_config_rank(@cur_path)];
+ push @all_nodes, [\@qpath, 0];
}
}
# $0: config file to load
-# return: list of all config statement sorted by rank
+# return: list of all config statement
sub getStartupConfigStatements {
# clean up the lists first
@all_nodes = ();
@@ -185,7 +112,6 @@ sub getStartupConfigStatements {
}
enumerate_branch($root, ( ));
- @all_nodes = sort { ${$b}[1] <=> ${$a}[1] } @all_nodes;
return @all_nodes;
}
@@ -280,8 +206,7 @@ sub getSortedMultiValues {
my $key = "$path_str $_";
push @list, [ $_, $node_order{$key} ];
}
- my @slist = sort { ${$a}[1] <=> ${$b}[1] } @list;
- @slist = map { ${$_}[0] } @slist;
+ my @slist = map { ${$_}[0] } @list;
return @slist;
}
@@ -309,7 +234,7 @@ sub findDeletedValues {
my %comp_hash = $active_cfg->compareValueLists(\@ovals, \@nvals);
foreach (@{$comp_hash{'deleted'}}) {
my @plist = applySingleQuote(@active_path, $_);
- push @delete_list, [\@plist, get_config_rank(@active_path, $_)];
+ push @delete_list, [\@plist, 0];
}
} else {
# do nothing. if a single-value leaf node is deleted, it should have
@@ -336,7 +261,7 @@ sub findDeletedNodes {
}
if (!defined($new_ref->{$_})) {
my @plist = applySingleQuote(@active_path, $_);
- push @delete_list, [\@plist, get_config_rank(@active_path, $_)];
+ push @delete_list, [\@plist, 0];
} else {
findDeletedNodes($new_ref->{$_}, [ @active_path, $_ ]);
}
@@ -364,7 +289,7 @@ sub findSetValues {
my %comp_hash = $active_cfg->compareValueLists(\@ovals, \@nvals);
foreach (@{$comp_hash{'added'}}) {
my @plist = applySingleQuote(@active_path, $_);
- push @set_list, [\@plist, get_config_rank(@active_path, $_)];
+ push @set_list, [\@plist, 0];
}
} else {
my @nvals = keys %{$new_ref};
@@ -375,7 +300,7 @@ sub findSetValues {
my $oval = $active_cfg->returnOrigValue('');
if (!defined($oval) || ($nval ne $oval)) {
my @plist = applySingleQuote(@active_path, $nval);
- push @set_list, [\@plist, get_config_rank(@active_path, $nval)];
+ push @set_list, [\@plist, 0];
}
}
}
@@ -400,7 +325,7 @@ sub findSetNodes {
# check if we need to add this node.
if (!defined($active_hash{$_})) {
my @plist = applySingleQuote(@active_path, $_);
- push @set_list, [\@plist, get_config_rank(@active_path, $_)];
+ push @set_list, [\@plist, 0];
} else {
# node already present. do nothing.
}
@@ -423,10 +348,6 @@ sub getConfigDiff {
@delete_list = ();
findDeletedNodes($new_cfg_ref, [ ]);
findSetNodes($new_cfg_ref, [ ]);
- # don't really need to sort the lists by rank since we have to commit
- # everything together anyway.
- @delete_list = sort { ${$a}[1] <=> ${$b}[1] } @delete_list;
- @set_list = sort { ${$b}[1] <=> ${$a}[1] } @set_list;
# need to filter out deletions of nodes with default values
my @new_delete_list = ();
diff --git a/lib/Vyatta/Interface.pm b/lib/Vyatta/Interface.pm
index 96429c0..97ef7f7 100755
--- a/lib/Vyatta/Interface.pm
+++ b/lib/Vyatta/Interface.pm
@@ -222,6 +222,18 @@ sub flags {
return hex($val);
}
+sub hw_address {
+ my $self = shift;
+
+ open my $addrf, '<', "/sys/class/net/$self->{name}/address"
+ or return;
+ my $address = <$addrf>;
+ close $addrf;
+
+ chomp $address if $address;
+ return $address;
+}
+
sub is_broadcast {
my $self = shift;
return $self->flags() & IFF_BROADCAST;
diff --git a/lib/Vyatta/Misc.pm b/lib/Vyatta/Misc.pm
index 01f1537..6089361 100755
--- a/lib/Vyatta/Misc.pm
+++ b/lib/Vyatta/Misc.pm
@@ -93,11 +93,18 @@ sub generate_dhclient_intf_files {
}
+# get list of interfaces on the system via sysfs
+# skip dot files (and any interfaces name .xxx)
+# and bond_masters file used by bonding
+# and wireless control interfaces
sub getInterfaces {
opendir( my $sys_class, '/sys/class/net' )
or die "can't open /sys/class/net: $!";
- my @interfaces =
- grep { ( !/^\./ ) && ( $_ ne 'bonding_masters' ) } readdir $sys_class;
+ my @interfaces = grep { ( !/^\./ ) &&
+ ( $_ ne 'bonding_masters' ) &&
+ ! ( $_ =~ '^mon.wlan\d$') &&
+ ! ( $_ =~ '^wmaster\d+$')
+ } readdir $sys_class;
closedir $sys_class;
return @interfaces;
}
@@ -225,7 +232,10 @@ sub isClusterIP {
my @services =
$vc->returnValues("cluster group $cluster_group service");
foreach my $service (@services) {
- if ( $ip eq substr( $service, 0, index( $service, '/' ) ) ) {
+ if ($service =~ /\//) {
+ $service = substr( $service, 0, index( $service, '/' ));
+ }
+ if ( $ip eq $service ) {
return 1;
}
}
@@ -355,7 +365,15 @@ sub getPortRuleString {
return ( undef, $err );
}
}
- ( $success, $err ) = isValidPortName( $port_spec, $proto );
+ if ($proto eq 'tcp_udp') {
+ ( $success, $err ) = isValidPortName( $port_spec, 'tcp' );
+ if (defined $success) {
+ # only do udp test if the tcp test was a success
+ ( $success, $err ) = isValidPortName( $port_spec, 'udp' )
+ }
+ } else {
+ ( $success, $err ) = isValidPortName( $port_spec, $proto );
+ }
if ( defined($success) ) {
$num_ports += 1;
next;
diff --git a/lib/Vyatta/TypeChecker.pm b/lib/Vyatta/TypeChecker.pm
index 27d9e03..c13ef4b 100755
--- a/lib/Vyatta/TypeChecker.pm
+++ b/lib/Vyatta/TypeChecker.pm
@@ -91,6 +91,12 @@ sub validate_ipv4range {
return 0 if (!/^([^-]+)-([^-]+)$/);
my ($a1, $a2) = ($1, $2);
return 0 if (!validate_ipv4($a1) || !validate_ipv4($a2));
+ #need to check that range is in ascending order
+ $a1 =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)/;
+ my $v1 = $1*256*256*256+$2*256*256+$3*256+$4;
+ $a2 =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)/;
+ my $v2 = $1*256*256*256+$2*256*256+$3*256+$4;
+ return 0 if ($v1 > $v2);
return 1;
}
diff --git a/scripts/vyatta-cfg-cmd-wrapper b/scripts/vyatta-cfg-cmd-wrapper
index 7496f96..53a3fcc 100755
--- a/scripts/vyatta-cfg-cmd-wrapper
+++ b/scripts/vyatta-cfg-cmd-wrapper
@@ -152,21 +152,33 @@ case "$1" in
RET_STATUS=$?
;;
load)
+ export vyatta_sysconfdir=/opt/vyatta/etc
+ export vyatta_sbindir=/opt/vyatta/sbin
/opt/vyatta/sbin/vyatta-load-config.pl "${@:2}"
RET_STATUS=$?
;;
- firewall-rule-rename)
- # this option is to be used for renaming firewall rules only
- # usage for this option specified on the next line -
- # firewall-rule-rename $firewall_ruleset rule $rule_num to rule $rename_rulenum
+ rule-rename)
+ # this option is to be used for renaming firewall and nat rules only
+ # usage for this option specified on the next two lines -
+ # rule-rename firewall $firewall_ruleset rule $rule_num to rule $rename_rulenum
+ # rule-rename nat rule $rule_num to rule $rename_rulenum
- VYATTA_TEMPLATE_LEVEL=/firewall/name/node.tag;
- VYATTA_EDIT_LEVEL="/firewall/name/$2";
+ if [ "$2" == "firewall" ]; then
+ VYATTA_TEMPLATE_LEVEL=/firewall/name/node.tag;
+ VYATTA_EDIT_LEVEL="/firewall/name/$3";
+ elif [ "$2" == "nat" ]; then
+ VYATTA_TEMPLATE_LEVEL=/service/nat;
+ VYATTA_EDIT_LEVEL=/service/nat;
+ fi
_mpath=${VYATTA_TEMP_CONFIG_DIR}/${VYATTA_EDIT_LEVEL}
_tpath=${VYATTA_CONFIG_TEMPLATE}/${VYATTA_TEMPLATE_LEVEL}
VYATTA_EDIT_LEVEL="${_mpath#$VYATTA_TEMP_CONFIG_DIR}/"
VYATTA_TEMPLATE_LEVEL="${_tpath#$VYATTA_CONFIG_TEMPLATE}/"
- mvcp rename Rename mv "${@:3}"
+ if [ $2 == "firewall" ]; then
+ mvcp rename Rename mv "${@:4}"
+ elif [ $2 == "nat" ]; then
+ mvcp rename Rename mv "${@:3}"
+ fi
RET_STATUS=$?
;;
*)
diff --git a/scripts/vyatta-cli-expand-var.pl b/scripts/vyatta-cli-expand-var.pl
index f690f0b..f3bda2d 100755
--- a/scripts/vyatta-cli-expand-var.pl
+++ b/scripts/vyatta-cli-expand-var.pl
@@ -34,7 +34,7 @@ $_ = $ARGV[0];
# basic format check:
# '(' ')' not allowed in reference.
# only allow absolute path for now.
-if (!/^\$\(\/([^()]+)\)$/) {
+if (!/^\$VAR\(\/([^()]+)\)$/) {
print STDERR "invalid variable reference (invalid format)\n";
exit 1;
}
diff --git a/scripts/vyatta-config-gen-sets.pl b/scripts/vyatta-config-gen-sets.pl
index 2fe4ac6..566570e 100755
--- a/scripts/vyatta-config-gen-sets.pl
+++ b/scripts/vyatta-config-gen-sets.pl
@@ -32,23 +32,14 @@ my $conf_file = '/opt/vyatta/etc/config/config.boot';
$conf_file = $ARGV[0] if defined $ARGV[0];
# get a list of all config statement in the startup config file
-# (sorted by rank).
my @all_nodes = Vyatta::ConfigLoad::getStartupConfigStatements($conf_file);
if (scalar(@all_nodes) == 0) {
# no config statements
exit 1;
}
-my $cur_rank = ${$all_nodes[0]}[1];
my $ret = 0;
-# higher-ranked statements committed before lower-ranked.
foreach (@all_nodes) {
- my ($path_ref, $rank) = @$_;
- if ($rank != $cur_rank) {
- # commit all nodes with the same rank together.
- print "commit\n";
- $cur_rank = $rank;
- }
my $cmd = "set " . (join ' ', @$path_ref);
print "$cmd\n";
}
diff --git a/scripts/vyatta-config-loader.pl b/scripts/vyatta-config-loader.pl
index a32d1fc..61eafa5 100755
--- a/scripts/vyatta-config-loader.pl
+++ b/scripts/vyatta-config-loader.pl
@@ -46,14 +46,12 @@ sub restore_fds {
}
# get a list of all config statement in the startup config file
-# (sorted by rank).
my @all_nodes = Vyatta::ConfigLoad::getStartupConfigStatements($ARGV[0]);
if (scalar(@all_nodes) == 0) {
# no config statements
restore_fds();
exit 1;
}
-my $cur_rank = ${$all_nodes[0]}[1];
# set up the config environment
my $CWRAPPER = '/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper';
@@ -69,20 +67,9 @@ if ($? >> 8) {
my $commit_cmd = "$CWRAPPER commit";
my $cleanup_cmd = "$CWRAPPER cleanup";
my $ret = 0;
-# higher-ranked statements committed before lower-ranked.
+my $rank; #not used
foreach (@all_nodes) {
my ($path_ref, $rank) = @$_;
- if ($rank != $cur_rank) {
- # commit all nodes with the same rank together.
- $ret = 0; #system("$commit_cmd");
- if ($ret >> 8) {
- print OLDOUT "Commit failed at rank $cur_rank\n";
- print WARN "Commit failed at rank $cur_rank\n";
- system("$cleanup_cmd");
- # continue after cleanup (or should we abort?)
- }
- $cur_rank = $rank;
- }
my $cmd = "$CWRAPPER set " . (join ' ', @$path_ref);
# this debug file should be deleted before release
system("echo [$cmd] >> /tmp/foo");
diff --git a/scripts/vyatta-exists b/scripts/vyatta-exists
new file mode 100755
index 0000000..ef2dea3
--- /dev/null
+++ b/scripts/vyatta-exists
@@ -0,0 +1,14 @@
+#! /bin/bash
+
+# Test if given node exists in Vyatta config hierarchy
+#
+# if vyatta-exists interfaces wireless
+
+if [ -z "$VYATTA_TEMP_CONFIG_DIR" ]; then
+ echo "$0: not in configuration mode" 1>&2;
+ exit 1;
+fi
+IFS=/
+node=$*
+IFS=
+exec test -d $VYATTA_TEMP_CONFIG_DIR/$node
diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl
index 86410c1..567e3b7 100755
--- a/scripts/vyatta-interfaces.pl
+++ b/scripts/vyatta-interfaces.pl
@@ -260,10 +260,12 @@ sub update_eth_addrs {
}
if ($version == 4) {
- return system("ip addr add $addr broadcast + dev $intf");
+ exec (qw(ip addr add),$addr,qw(broadcast + dev), $intf)
+ or die "ip addr command failed: $!";
}
if ($version == 6) {
- return system("ip -6 addr add $addr dev $intf");
+ exec (qw(ip -6 addr add), $addr, 'dev', $intf)
+ or die "ip addr command failed: $!";
}
die "Error: Invalid address/prefix [$addr] for interface $intf\n";
}
@@ -316,7 +318,8 @@ sub update_mac {
system "sudo ip link set $intf up"
and die "Could not set $intf up ($!)\n";
} else {
- exec "sudo ip link set $intf address $mac";
+ system "sudo ip link set $intf address $mac"
+ and die "Could not set $intf address ($!)\n";
}
exit 0;
}
diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl
index a3cf6ef..f0dbaf1 100755
--- a/scripts/vyatta-load-config.pl
+++ b/scripts/vyatta-load-config.pl
@@ -175,7 +175,7 @@ syslog( "warning", "Load config [$orig_load_file] by $login" );
# do config migration
system("$sbindir/vyatta_config_migrate.pl $load_file");
-print "Loading config file $load_file...\n";
+print "Loading configuration from '$load_file'...\n";
my %cfg_hier = Vyatta::ConfigLoad::loadConfigHierarchy($load_file,$merge);
if ( scalar( keys %cfg_hier ) == 0 ) {
print "The specified file does not contain any configuration.\n";
diff --git a/src/commit2.c b/src/commit2.c
index a324bab..6274ec6 100644
--- a/src/commit2.c
+++ b/src/commit2.c
@@ -409,6 +409,9 @@ process_func(GNode *node, gpointer data)
set_in_delete_action(TRUE);
}
+ //set location env
+ setenv(ENV_DATA_PATH,d->_path,1);
+
//do last sibling check
GNode *n = g_node_last_sibling(node);
if (n == node) {
@@ -451,6 +454,7 @@ process_func(GNode *node, gpointer data)
unsetenv(ENV_ACTION_NAME);
unsetenv(ENV_SIBLING_POSITION);
+ unsetenv(ENV_DATA_PATH);
if (g_coverage) {
struct timeval t;
@@ -1008,7 +1012,7 @@ validate_func(GNode *node, gpointer data)
}
}
- if (IS_DELETE(d->_operation)) {
+ if (IS_DELETE(d->_operation) && !IS_ACTIVE(d->_operation)) {
return FALSE; //will not perform validation checks on deleted nodes
}
@@ -1062,7 +1066,10 @@ validate_func(GNode *node, gpointer data)
boolean status = 1;
if (g_dump_actions == FALSE) {
+ //set location env
+ setenv(ENV_DATA_PATH,d->_path,1);
status = execute_list(c->_def.actions[result->_action].vtw_list_head,&c->_def);
+ unsetenv(ENV_DATA_PATH);
}
else {
char buf[MAX_LENGTH_DIR_PATH*sizeof(char)];
diff --git a/src/common/defs.h b/src/common/defs.h
index daca88a..50d2337 100644
--- a/src/common/defs.h
+++ b/src/common/defs.h
@@ -16,7 +16,7 @@
#define ENV_ACTION_SET "SET"
#define ENV_ACTION_ACTIVE "ACTIVE"
#define ENV_SIBLING_POSITION "COMMIT_SIBLING_POSITION"
-
+#define ENV_DATA_PATH "NODE_DATA_PATH"
struct Result
{
diff --git a/templates/interfaces/ethernet/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/description/node.def
index d7becd1..7f64c78 100644
--- a/templates/interfaces/ethernet/node.tag/description/node.def
+++ b/templates/interfaces/ethernet/node.tag/description/node.def
@@ -1,4 +1,4 @@
type: txt
help: Set description for this interface
-update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/ifalias"
+update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../@)/ifalias"
delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias"
diff --git a/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def b/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def
new file mode 100644
index 0000000..10c6c06
--- /dev/null
+++ b/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def
@@ -0,0 +1,4 @@
+help: Set to disable Ethernet flow control (pause frames)
+create: sudo ethtool --pause $VAR(../@) autoneg off tx off rx off
+delete: [ -d /sys/class/net/$VAR(../@) ] || exit 0
+ sudo ethtool --pause $VAR(../@) autoneg on tx on rx on
diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def
index 40f04bc..d85db27 100644
--- a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def
+++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def
@@ -1,4 +1,4 @@
type: txt
help: Set description for this interface
-update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias"
+update: sudo sh -c "echo \"VAR(@)\" >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias"
delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias"
diff --git a/templates/interfaces/loopback/node.tag/description/node.def b/templates/interfaces/loopback/node.tag/description/node.def
index d7becd1..7f64c78 100644
--- a/templates/interfaces/loopback/node.tag/description/node.def
+++ b/templates/interfaces/loopback/node.tag/description/node.def
@@ -1,4 +1,4 @@
type: txt
help: Set description for this interface
-update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/ifalias"
+update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../@)/ifalias"
delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias"
diff --git a/templates/priority b/templates/priority
index 1236b9d..815b884 100644
--- a/templates/priority
+++ b/templates/priority
@@ -85,7 +85,9 @@
# "active config" tree at the time the lower-level node is committed.
#
-200 firewall/group
+200 firewall/group/address-group
+200 firewall/group/network-group
+200 firewall/group/port-group
210 firewall/name/node.tag
210 firewall/modify/node.tag
210 firewall/ipv6-name/node.tag
@@ -95,18 +97,35 @@
315 interfaces/bonding
318 interfaces/ethernet
319 interfaces/ethernet/node.tag/vif
+319 interfaces/ethernet/node.tag/bond-group
320 interfaces/ethernet/node.tag/vif/node.tag/bridge-group
+320 interfaces/bonding/node.tag/bridge-group
+320 interfaces/bonding/node.tag/vif
320 interfaces/bridge/node.tag/address
320 interfaces/loopback
330 interfaces/adsl
340 interfaces/serial
350 interfaces/wirelessmodem
+350 interfaces/wireless
380 interfaces/tunnel
380 interfaces/openvpn
390 interfaces/pseudo-ethernet
391 interfaces/pseudo-ethernet/node.tag/vif
-395 interfaces/bonding/node.tag/vif
-400 system
+400 system/domain-name
+400 system/domain-search
+400 system/gateway-address
+400 system/host-name
+400 system/ip
+400 system/ipv6
+400 system/login
+400 system/name-server
+400 system/ntp-server
+400 system/options
+400 system/package
+400 system/static-host-mapping
+400 system/syslog
+400 system/time-zone
+405 system
450 protocols/static
470 policy
500 protocols/bgp/node.tag/parameters
@@ -124,10 +143,6 @@
810 interfaces/serial/node.tag/ppp
810 interfaces/serial/node.tag/ppp/vif
810 interfaces/serial/node.tag/cisco-hdlc/vif
-820 interfaces/serial/node.tag/frame-relay/vif
-820 interfaces/serial/node.tag/ppp
-820 interfaces/serial/node.tag/ppp/vif
-820 interfaces/serial/node.tag/cisco-hdlc/vif
850 interfaces
900 protocols/snmp
900 vpn