diff options
| author | Michael Larson <mike@ft1.vyatta.com> | 2009-09-09 16:26:01 -0700 |
|---|---|---|
| committer | Michael Larson <mike@ft1.vyatta.com> | 2009-09-09 16:26:01 -0700 |
| commit | 5f1a33134d463fa565ee9dd43237252bd27d5fb3 (patch) | |
| tree | 70f1ac5b1e76a0ae875c71ca15089ecdbc45c122 | |
| parent | 028e8e12c5e15efc0a316641f2b02e46d5c77210 (diff) | |
| parent | 42abfac6f11077dbfc3b0eaf845597e38f7cd685 (diff) | |
| download | vyatta-cfg-5f1a33134d463fa565ee9dd43237252bd27d5fb3.tar.gz vyatta-cfg-5f1a33134d463fa565ee9dd43237252bd27d5fb3.zip | |
Merge branch 'kenwood' of http://git.vyatta.com/vyatta-cfg into kenwood
| -rw-r--r-- | Makefile.am | 1 | ||||
| -rw-r--r-- | debian/changelog | 159 | ||||
| -rwxr-xr-x | etc/init.d/vyatta-ofr | 16 | ||||
| -rw-r--r-- | etc/modprobe.d/vyatta_nocopybreak | 3 | ||||
| -rwxr-xr-x | lib/Vyatta/Config.pm | 38 | ||||
| -rwxr-xr-x | lib/Vyatta/ConfigLoad.pm | 95 | ||||
| -rwxr-xr-x | lib/Vyatta/Interface.pm | 12 | ||||
| -rwxr-xr-x | lib/Vyatta/Misc.pm | 26 | ||||
| -rwxr-xr-x | lib/Vyatta/TypeChecker.pm | 6 | ||||
| -rwxr-xr-x | scripts/vyatta-cfg-cmd-wrapper | 26 | ||||
| -rwxr-xr-x | scripts/vyatta-cli-expand-var.pl | 2 | ||||
| -rwxr-xr-x | scripts/vyatta-config-gen-sets.pl | 9 | ||||
| -rwxr-xr-x | scripts/vyatta-config-loader.pl | 15 | ||||
| -rwxr-xr-x | scripts/vyatta-exists | 14 | ||||
| -rwxr-xr-x | scripts/vyatta-interfaces.pl | 9 | ||||
| -rwxr-xr-x | scripts/vyatta-load-config.pl | 2 | ||||
| -rw-r--r-- | src/commit2.c | 9 | ||||
| -rw-r--r-- | src/common/defs.h | 2 | ||||
| -rw-r--r-- | templates/interfaces/ethernet/node.tag/description/node.def | 2 | ||||
| -rw-r--r-- | templates/interfaces/ethernet/node.tag/disable-flow-control/node.def | 4 | ||||
| -rw-r--r-- | templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def | 2 | ||||
| -rw-r--r-- | templates/interfaces/loopback/node.tag/description/node.def | 2 | ||||
| -rw-r--r-- | templates/priority | 29 |
23 files changed, 343 insertions, 140 deletions
diff --git a/Makefile.am b/Makefile.am index f7096af..217de7e 100644 --- a/Makefile.am +++ b/Makefile.am @@ -56,6 +56,7 @@ sbin_SCRIPTS += scripts/vyatta-cfg-notify sbin_SCRIPTS += scripts/vyatta-interfaces.pl sbin_SCRIPTS += scripts/vyatta-irqaffin sbin_SCRIPTS += scripts/vyatta-check-typeless-node.pl +sbin_SCRIPTS += scripts/vyatta-exists share_perl5_DATA = lib/Vyatta/Config.pm share_perl5_DATA += lib/Vyatta/Misc.pm diff --git a/debian/changelog b/debian/changelog index 9c60c4e..c13f455 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,162 @@ +vyatta-cfg (0.15.16) unstable; urgency=low + + * Allow empty description + + -- Stephen Hemminger <stephen.hemminger@vyatta.com> Wed, 09 Sep 2009 14:39:25 -0700 + +vyatta-cfg (0.15.15) unstable; urgency=low + + * added data path to environment during commit. value key is + "NODE_DATA_PATH". nodes are delimited by "/" rather than spaces. + * fix for bug 4697. Added range value check that start must be less + than or equal to stop address + + -- slioch <slioch@eng-140.vyatta.com> Wed, 09 Sep 2009 09:29:14 -0700 + +vyatta-cfg (0.15.14) unstable; urgency=low + + * Bugfix 4793: Narrow the set of platforms on which module is loaded. + + -- Bob Gilligan <gilligan@vyatta.com> Fri, 28 Aug 2009 17:51:04 -0700 + +vyatta-cfg (0.15.13) unstable; urgency=low + + * Bugfix 4793: Load the acpi_cpufreq module on certain processors. + + -- Bob Gilligan <gilligan@vyatta.com> Fri, 28 Aug 2009 15:43:00 -0700 + +vyatta-cfg (0.15.12) unstable; urgency=low + + * add no copybreak for more drivers + * Failure to set address should fail the commit + + -- Stephen Hemminger <stephen.hemminger@vyatta.com> Thu, 27 Aug 2009 10:07:06 -0700 + +vyatta-cfg (0.15.11) unstable; urgency=low + + * Skip more wireless interfaces + * Add a small script to test for node existance + + -- Stephen Hemminger <stephen.hemminger@vyatta.com> Mon, 24 Aug 2009 12:16:12 -0700 + +vyatta-cfg (0.15.10) unstable; urgency=low + + * Add priority for wireless + * Skip wmaster interface in operational commands + * Add ability to disable flow-control + + -- Stephen Hemminger <stephen.hemminger@vyatta.com> Thu, 20 Aug 2009 11:51:01 -0700 + +vyatta-cfg (0.15.9) unstable; urgency=low + + * check if port name is valid for both tcp and udp when protocol + tcp_udp + + -- Mohit Mehta <mohit.mehta@vyatta.com> Fri, 07 Aug 2009 18:56:01 -0700 + +vyatta-cfg (0.15.8) unstable; urgency=low + + [ slioch ] + * cleaned out more of the islavista rank code. closing bug 4473 as a + result + + [ Stig Thormodsrud ] + * Revert "Fix [Bug 4760] New: members were removed after an in-use + firewall group" + * Another attempt to fix 4760. + + [ Stephen Hemminger ] + + -- Stephen Hemminger <stephen.hemminger@vyatta.com> Thu, 06 Aug 2009 12:18:18 -0700 + +vyatta-cfg (0.15.7) unstable; urgency=low + + [ Stephen Hemminger ] + * Add hw_address method for use in bonding + + [ Stig Thormodsrud ] + * Fix [Bug 4760] New: members were removed after an in-use firewall + group + + -- Stig Thormodsrud <stig@vyatta.com> Thu, 30 Jul 2009 11:43:34 -0700 + +vyatta-cfg (0.15.6) unstable; urgency=low + + * update cli-expand-var script to match current variable reference + syntax. + + -- An-Cheng Huang <ancheng@vyatta.com> Wed, 29 Jul 2009 12:02:31 -0700 + +vyatta-cfg (0.15.5) unstable; urgency=low + + * alter rename rule option to work for firewall and nat rules + + -- Mohit Mehta <mohit.mehta@vyatta.com> Tue, 28 Jul 2009 17:08:03 -0700 + +vyatta-cfg (0.15.4) unstable; urgency=low + + [ slioch ] + * fix for bug 4255. commit check was not being called on active node + that had deleted children. This change only affects + + [ Stig Thormodsrud ] + * Fix 4722: Output inconsistent from 'save' and 'load' commands + + [ Mohit Mehta ] + + -- Mohit Mehta <mohit.mehta@vyatta.com> Fri, 24 Jul 2009 14:27:06 -0700 + +vyatta-cfg (0.15.3) unstable; urgency=low + + * Bugfix 4717: Remove duplicate entries in priority file. + + -- Bob Gilligan <gilligan@vyatta.com> Mon, 13 Jul 2009 16:42:48 -0700 + +vyatta-cfg (0.15.2) unstable; urgency=low + + [ Stig Thormodsrud ] + * Add more system priorities so that 1 system failure doesn't affect + + [ Stephen Hemminger ] + * Fix duplicate bonding vif entry + + [ Stig Thormodsrud ] + * Fix 4623: Removing IPSEC VPN config without removing cluster ipsec + config drops all interfaces. + + -- Stig Thormodsrud <stig@vyatta.com> Fri, 10 Jul 2009 14:11:49 -0700 + +vyatta-cfg (0.15.1) unstable; urgency=low + + * load requires additional environment variables + + -- An-Cheng Huang <ancheng@vyatta.com> Wed, 08 Jul 2009 18:29:31 -0700 + +vyatta-cfg (0.14.104) unstable; urgency=low + + [ Mark O'Brien ] + * Updated bridging/bonding priorites. + + [ slioch ] + * added isActive function in perl code to allow a comparison of active + * fixed isActive() api to now support mixed level and passed in + relative path values. + + [ Stephen Hemminger ] + * Start bonding vif after bond-group is created + * Use ip command rather than sysfs to set ifalias + + [ An-Cheng Huang ] + + -- An-Cheng Huang <ancheng@vyatta.com> Wed, 08 Jul 2009 16:55:51 -0700 + +vyatta-cfg (0.14.103) unstable; urgency=low + + * fix for ptr magic on 64 bit system. looks like double ptr was + getting the missing the last 4 bytes on 64 bit copy. + + -- slioch <slioch@eng-140.vyatta.com> Mon, 06 Jul 2009 17:51:15 -0700 + vyatta-cfg (0.14.102) unstable; urgency=low * updated perl api for new cli to support working node representation. diff --git a/etc/init.d/vyatta-ofr b/etc/init.d/vyatta-ofr index 4fb4c1e..45333ac 100755 --- a/etc/init.d/vyatta-ofr +++ b/etc/init.d/vyatta-ofr @@ -125,7 +125,20 @@ cleanup_raid() rmmod $MD_MODULES > /tmp/vyatta_raid_cleanup_log 2>&1 } - +# +# Load the acpi_cpufreq kernel module, but only for certain processors. +# Some Intel CPUs need to have it loaded in order to initialize +# properly. +# +load_acpi_cpufreq() +{ + manuf=`dmidecode -s system-manufacturer` + prod=`dmidecode -s system-product-name` + if [ "$manuf" = "Vyatta" -a "$prod" = "Series 2500" ]; then + logger -t "$progname" -p user.notice "loading acpi_cpufreq module" + modprobe acpi_cpufreq + fi +} start () { @@ -141,6 +154,7 @@ start () ${vyatta_sbindir}/${s}.init start || (log_end_msg $? && return) done load_bootfile + load_acpi_cpufreq cleanup_raid chmod g-w,o-w / diff --git a/etc/modprobe.d/vyatta_nocopybreak b/etc/modprobe.d/vyatta_nocopybreak index deb962f..0ac3052 100644 --- a/etc/modprobe.d/vyatta_nocopybreak +++ b/etc/modprobe.d/vyatta_nocopybreak @@ -40,6 +40,9 @@ options e1000 copybreak=0 options e1000e copybreak=0 +options sky2 copybreak=0 +options via-rhine rx_copybreak=0 +options via-velocity rx_copybreak=0 diff --git a/lib/Vyatta/Config.pm b/lib/Vyatta/Config.pm index fd0222f..c97152c 100755 --- a/lib/Vyatta/Config.pm +++ b/lib/Vyatta/Config.pm @@ -98,6 +98,31 @@ sub listNodes { return @nodes_modified; } +## isActive("path") +# return true|false based on whether node path has +# been processed or is active +sub isActive { + my ($self, $path) = @_; + my @nodes = (); + + my @comp_node = split " ", $path; + + my $comp_node = pop(@comp_node); + if (!defined $comp_node) { + return 1; + } + + my $rel_path = join(" ",@comp_node); + + my @nodes_modified = $self->listOrigPlusComNodes($rel_path); + foreach my $node (@nodes_modified) { + if ($node eq $comp_node) { + return 0; + } + } + return 1; +} + ## listNodes("level") # return array of all nodes (active plus currently committed) at "level" # level is relative @@ -105,7 +130,7 @@ sub listOrigPlusComNodes { my ($self, $path) = @_; my @nodes = (); - my @nodes_modified = $self->listNodes(); + my @nodes_modified = $self->listNodes($path); #convert array to hash my %coll; @@ -113,6 +138,9 @@ sub listOrigPlusComNodes { @coll{@nodes_modified} = @nodes_modified; my $level = $self->{_level}; + if (! defined $level) { + $level = ""; + } #now test against the inprocess file in the system # my $com_file = "/tmp/.changes_$$"; @@ -125,6 +153,9 @@ sub listOrigPlusComNodes { #$coll is of the form: blah my $dir_path = $level; + if (defined $path) { + $dir_path .= " " . $path; + } $dir_path =~ s/ /\//g; $dir_path = "/".$dir_path; @@ -143,8 +174,13 @@ sub listOrigPlusComNodes { $tmp = $node[1]; } + if (!defined $tmp || $tmp eq '') { + next; + } + my @child = split "/",$tmp; my $child; + # print("tmp: $tmp, $child[0], $child[1]\n"); if ($child[0] =~ /^\s*$/ || !defined $child[0] || $child[0] eq '') { shift(@child); diff --git a/lib/Vyatta/ConfigLoad.pm b/lib/Vyatta/ConfigLoad.pm index 09bd627..8ffc9c0 100755 --- a/lib/Vyatta/ConfigLoad.pm +++ b/lib/Vyatta/ConfigLoad.pm @@ -27,55 +27,6 @@ use lib "/opt/vyatta/share/perl5"; use XorpConfigParser; use Vyatta::Config; -# configuration ordering. higher rank configured before lower rank. -my $default_rank = 0; -my %config_rank = ( - 'qos-policy' => 1110, - 'firewall group' => 1100, - 'firewall' => 1090, - 'service nat' => 1080, - 'system host-name' => 1070, - 'protocols ospf parameters' => 1060, - 'protocols ospf' => 1055, - 'protocols rip interface' => 905, - 'protocols rip' => 1050, - 'interfaces' => 1000, - 'interfaces bonding' => 995, - 'interfaces bridge' => 990, - 'interfaces ethernet' => 980, - 'interfaces tunnel' => 910, - 'zone-policy zone' => 900, - 'system gateway-address' => 890, - 'system name-server' => 880, - 'system login user' => 870, - 'system' => 860, - 'protocols static' => 850, - 'service ssh' => 840, - 'service telnet' => 830, - 'service webproxy' => 828, - 'service http' => 827, - 'service dhcp-relay' => 826, - 'service dhcp-server' => 825, - 'service dns' => 824, - 'service nat' => 823, - 'policy' => 820, - 'protocols bgp' => 790, - 'vpn' => 600, -); - -my %regex_rank = ( - 'interfaces ethernet \S* vrrp' => 500, - 'interfaces ethernet \S* vif \S* vrrp' => 500, - 'interfaces ethernet \S* pppo[ea]' => 400, - 'protocols bgp \d+ parameters' => 810, - 'protocols bgp \d+ neighbor \d+\.\d+\.\d+\.\d+' => 800, - 'protocols bgp \d+ neighbor \w+' => 801, - 'interfaces bridge \S* address' => 920, - 'zone-policy zone \S* interface' => 899, - 'zone-policy zone \S* local-zone' => 899, - 'zone-policy zone \S* from' => 898, -); - my @all_nodes = (); my @all_naked_nodes = (); @@ -85,30 +36,6 @@ sub match_regex { return ($str =~ m/$pattern/) ? 1 : 0; } -sub get_regex_rank { - my ($str) = @_; - foreach (keys %regex_rank) { - if (match_regex($_, $str)) { - return $regex_rank{$_}; - } - } - return; # undef if no match -} - -sub get_config_rank { - # longest prefix match - my @path = @_; - while ((scalar @path) > 0) { - my $path_str = join ' ', @path; - if (defined($config_rank{$path_str})) { - return ($config_rank{$path_str}); - } - my $wrank = get_regex_rank($path_str); - return $wrank if (defined($wrank)); - pop @path; - } - return $default_rank; -} sub applySingleQuote { my @return = (); @@ -161,12 +88,12 @@ sub enumerate_branch { } push @all_naked_nodes, [ @cur_path ]; my @qpath = applySingleQuote(@cur_path); - push @all_nodes, [\@qpath, get_config_rank(@cur_path)]; + push @all_nodes, [\@qpath, 0]; } } # $0: config file to load -# return: list of all config statement sorted by rank +# return: list of all config statement sub getStartupConfigStatements { # clean up the lists first @all_nodes = (); @@ -185,7 +112,6 @@ sub getStartupConfigStatements { } enumerate_branch($root, ( )); - @all_nodes = sort { ${$b}[1] <=> ${$a}[1] } @all_nodes; return @all_nodes; } @@ -280,8 +206,7 @@ sub getSortedMultiValues { my $key = "$path_str $_"; push @list, [ $_, $node_order{$key} ]; } - my @slist = sort { ${$a}[1] <=> ${$b}[1] } @list; - @slist = map { ${$_}[0] } @slist; + my @slist = map { ${$_}[0] } @list; return @slist; } @@ -309,7 +234,7 @@ sub findDeletedValues { my %comp_hash = $active_cfg->compareValueLists(\@ovals, \@nvals); foreach (@{$comp_hash{'deleted'}}) { my @plist = applySingleQuote(@active_path, $_); - push @delete_list, [\@plist, get_config_rank(@active_path, $_)]; + push @delete_list, [\@plist, 0]; } } else { # do nothing. if a single-value leaf node is deleted, it should have @@ -336,7 +261,7 @@ sub findDeletedNodes { } if (!defined($new_ref->{$_})) { my @plist = applySingleQuote(@active_path, $_); - push @delete_list, [\@plist, get_config_rank(@active_path, $_)]; + push @delete_list, [\@plist, 0]; } else { findDeletedNodes($new_ref->{$_}, [ @active_path, $_ ]); } @@ -364,7 +289,7 @@ sub findSetValues { my %comp_hash = $active_cfg->compareValueLists(\@ovals, \@nvals); foreach (@{$comp_hash{'added'}}) { my @plist = applySingleQuote(@active_path, $_); - push @set_list, [\@plist, get_config_rank(@active_path, $_)]; + push @set_list, [\@plist, 0]; } } else { my @nvals = keys %{$new_ref}; @@ -375,7 +300,7 @@ sub findSetValues { my $oval = $active_cfg->returnOrigValue(''); if (!defined($oval) || ($nval ne $oval)) { my @plist = applySingleQuote(@active_path, $nval); - push @set_list, [\@plist, get_config_rank(@active_path, $nval)]; + push @set_list, [\@plist, 0]; } } } @@ -400,7 +325,7 @@ sub findSetNodes { # check if we need to add this node. if (!defined($active_hash{$_})) { my @plist = applySingleQuote(@active_path, $_); - push @set_list, [\@plist, get_config_rank(@active_path, $_)]; + push @set_list, [\@plist, 0]; } else { # node already present. do nothing. } @@ -423,10 +348,6 @@ sub getConfigDiff { @delete_list = (); findDeletedNodes($new_cfg_ref, [ ]); findSetNodes($new_cfg_ref, [ ]); - # don't really need to sort the lists by rank since we have to commit - # everything together anyway. - @delete_list = sort { ${$a}[1] <=> ${$b}[1] } @delete_list; - @set_list = sort { ${$b}[1] <=> ${$a}[1] } @set_list; # need to filter out deletions of nodes with default values my @new_delete_list = (); diff --git a/lib/Vyatta/Interface.pm b/lib/Vyatta/Interface.pm index 96429c0..97ef7f7 100755 --- a/lib/Vyatta/Interface.pm +++ b/lib/Vyatta/Interface.pm @@ -222,6 +222,18 @@ sub flags { return hex($val); } +sub hw_address { + my $self = shift; + + open my $addrf, '<', "/sys/class/net/$self->{name}/address" + or return; + my $address = <$addrf>; + close $addrf; + + chomp $address if $address; + return $address; +} + sub is_broadcast { my $self = shift; return $self->flags() & IFF_BROADCAST; diff --git a/lib/Vyatta/Misc.pm b/lib/Vyatta/Misc.pm index 01f1537..6089361 100755 --- a/lib/Vyatta/Misc.pm +++ b/lib/Vyatta/Misc.pm @@ -93,11 +93,18 @@ sub generate_dhclient_intf_files { } +# get list of interfaces on the system via sysfs +# skip dot files (and any interfaces name .xxx) +# and bond_masters file used by bonding +# and wireless control interfaces sub getInterfaces { opendir( my $sys_class, '/sys/class/net' ) or die "can't open /sys/class/net: $!"; - my @interfaces = - grep { ( !/^\./ ) && ( $_ ne 'bonding_masters' ) } readdir $sys_class; + my @interfaces = grep { ( !/^\./ ) && + ( $_ ne 'bonding_masters' ) && + ! ( $_ =~ '^mon.wlan\d$') && + ! ( $_ =~ '^wmaster\d+$') + } readdir $sys_class; closedir $sys_class; return @interfaces; } @@ -225,7 +232,10 @@ sub isClusterIP { my @services = $vc->returnValues("cluster group $cluster_group service"); foreach my $service (@services) { - if ( $ip eq substr( $service, 0, index( $service, '/' ) ) ) { + if ($service =~ /\//) { + $service = substr( $service, 0, index( $service, '/' )); + } + if ( $ip eq $service ) { return 1; } } @@ -355,7 +365,15 @@ sub getPortRuleString { return ( undef, $err ); } } - ( $success, $err ) = isValidPortName( $port_spec, $proto ); + if ($proto eq 'tcp_udp') { + ( $success, $err ) = isValidPortName( $port_spec, 'tcp' ); + if (defined $success) { + # only do udp test if the tcp test was a success + ( $success, $err ) = isValidPortName( $port_spec, 'udp' ) + } + } else { + ( $success, $err ) = isValidPortName( $port_spec, $proto ); + } if ( defined($success) ) { $num_ports += 1; next; diff --git a/lib/Vyatta/TypeChecker.pm b/lib/Vyatta/TypeChecker.pm index 27d9e03..c13ef4b 100755 --- a/lib/Vyatta/TypeChecker.pm +++ b/lib/Vyatta/TypeChecker.pm @@ -91,6 +91,12 @@ sub validate_ipv4range { return 0 if (!/^([^-]+)-([^-]+)$/); my ($a1, $a2) = ($1, $2); return 0 if (!validate_ipv4($a1) || !validate_ipv4($a2)); + #need to check that range is in ascending order + $a1 =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)/; + my $v1 = $1*256*256*256+$2*256*256+$3*256+$4; + $a2 =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)/; + my $v2 = $1*256*256*256+$2*256*256+$3*256+$4; + return 0 if ($v1 > $v2); return 1; } diff --git a/scripts/vyatta-cfg-cmd-wrapper b/scripts/vyatta-cfg-cmd-wrapper index 7496f96..53a3fcc 100755 --- a/scripts/vyatta-cfg-cmd-wrapper +++ b/scripts/vyatta-cfg-cmd-wrapper @@ -152,21 +152,33 @@ case "$1" in RET_STATUS=$? ;; load) + export vyatta_sysconfdir=/opt/vyatta/etc + export vyatta_sbindir=/opt/vyatta/sbin /opt/vyatta/sbin/vyatta-load-config.pl "${@:2}" RET_STATUS=$? ;; - firewall-rule-rename) - # this option is to be used for renaming firewall rules only - # usage for this option specified on the next line - - # firewall-rule-rename $firewall_ruleset rule $rule_num to rule $rename_rulenum + rule-rename) + # this option is to be used for renaming firewall and nat rules only + # usage for this option specified on the next two lines - + # rule-rename firewall $firewall_ruleset rule $rule_num to rule $rename_rulenum + # rule-rename nat rule $rule_num to rule $rename_rulenum - VYATTA_TEMPLATE_LEVEL=/firewall/name/node.tag; - VYATTA_EDIT_LEVEL="/firewall/name/$2"; + if [ "$2" == "firewall" ]; then + VYATTA_TEMPLATE_LEVEL=/firewall/name/node.tag; + VYATTA_EDIT_LEVEL="/firewall/name/$3"; + elif [ "$2" == "nat" ]; then + VYATTA_TEMPLATE_LEVEL=/service/nat; + VYATTA_EDIT_LEVEL=/service/nat; + fi _mpath=${VYATTA_TEMP_CONFIG_DIR}/${VYATTA_EDIT_LEVEL} _tpath=${VYATTA_CONFIG_TEMPLATE}/${VYATTA_TEMPLATE_LEVEL} VYATTA_EDIT_LEVEL="${_mpath#$VYATTA_TEMP_CONFIG_DIR}/" VYATTA_TEMPLATE_LEVEL="${_tpath#$VYATTA_CONFIG_TEMPLATE}/" - mvcp rename Rename mv "${@:3}" + if [ $2 == "firewall" ]; then + mvcp rename Rename mv "${@:4}" + elif [ $2 == "nat" ]; then + mvcp rename Rename mv "${@:3}" + fi RET_STATUS=$? ;; *) diff --git a/scripts/vyatta-cli-expand-var.pl b/scripts/vyatta-cli-expand-var.pl index f690f0b..f3bda2d 100755 --- a/scripts/vyatta-cli-expand-var.pl +++ b/scripts/vyatta-cli-expand-var.pl @@ -34,7 +34,7 @@ $_ = $ARGV[0]; # basic format check: # '(' ')' not allowed in reference. # only allow absolute path for now. -if (!/^\$\(\/([^()]+)\)$/) { +if (!/^\$VAR\(\/([^()]+)\)$/) { print STDERR "invalid variable reference (invalid format)\n"; exit 1; } diff --git a/scripts/vyatta-config-gen-sets.pl b/scripts/vyatta-config-gen-sets.pl index 2fe4ac6..566570e 100755 --- a/scripts/vyatta-config-gen-sets.pl +++ b/scripts/vyatta-config-gen-sets.pl @@ -32,23 +32,14 @@ my $conf_file = '/opt/vyatta/etc/config/config.boot'; $conf_file = $ARGV[0] if defined $ARGV[0]; # get a list of all config statement in the startup config file -# (sorted by rank). my @all_nodes = Vyatta::ConfigLoad::getStartupConfigStatements($conf_file); if (scalar(@all_nodes) == 0) { # no config statements exit 1; } -my $cur_rank = ${$all_nodes[0]}[1]; my $ret = 0; -# higher-ranked statements committed before lower-ranked. foreach (@all_nodes) { - my ($path_ref, $rank) = @$_; - if ($rank != $cur_rank) { - # commit all nodes with the same rank together. - print "commit\n"; - $cur_rank = $rank; - } my $cmd = "set " . (join ' ', @$path_ref); print "$cmd\n"; } diff --git a/scripts/vyatta-config-loader.pl b/scripts/vyatta-config-loader.pl index a32d1fc..61eafa5 100755 --- a/scripts/vyatta-config-loader.pl +++ b/scripts/vyatta-config-loader.pl @@ -46,14 +46,12 @@ sub restore_fds { } # get a list of all config statement in the startup config file -# (sorted by rank). my @all_nodes = Vyatta::ConfigLoad::getStartupConfigStatements($ARGV[0]); if (scalar(@all_nodes) == 0) { # no config statements restore_fds(); exit 1; } -my $cur_rank = ${$all_nodes[0]}[1]; # set up the config environment my $CWRAPPER = '/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper'; @@ -69,20 +67,9 @@ if ($? >> 8) { my $commit_cmd = "$CWRAPPER commit"; my $cleanup_cmd = "$CWRAPPER cleanup"; my $ret = 0; -# higher-ranked statements committed before lower-ranked. +my $rank; #not used foreach (@all_nodes) { my ($path_ref, $rank) = @$_; - if ($rank != $cur_rank) { - # commit all nodes with the same rank together. - $ret = 0; #system("$commit_cmd"); - if ($ret >> 8) { - print OLDOUT "Commit failed at rank $cur_rank\n"; - print WARN "Commit failed at rank $cur_rank\n"; - system("$cleanup_cmd"); - # continue after cleanup (or should we abort?) - } - $cur_rank = $rank; - } my $cmd = "$CWRAPPER set " . (join ' ', @$path_ref); # this debug file should be deleted before release system("echo [$cmd] >> /tmp/foo"); diff --git a/scripts/vyatta-exists b/scripts/vyatta-exists new file mode 100755 index 0000000..ef2dea3 --- /dev/null +++ b/scripts/vyatta-exists @@ -0,0 +1,14 @@ +#! /bin/bash + +# Test if given node exists in Vyatta config hierarchy +# +# if vyatta-exists interfaces wireless + +if [ -z "$VYATTA_TEMP_CONFIG_DIR" ]; then + echo "$0: not in configuration mode" 1>&2; + exit 1; +fi +IFS=/ +node=$* +IFS= +exec test -d $VYATTA_TEMP_CONFIG_DIR/$node diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index 86410c1..567e3b7 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -260,10 +260,12 @@ sub update_eth_addrs { } if ($version == 4) { - return system("ip addr add $addr broadcast + dev $intf"); + exec (qw(ip addr add),$addr,qw(broadcast + dev), $intf) + or die "ip addr command failed: $!"; } if ($version == 6) { - return system("ip -6 addr add $addr dev $intf"); + exec (qw(ip -6 addr add), $addr, 'dev', $intf) + or die "ip addr command failed: $!"; } die "Error: Invalid address/prefix [$addr] for interface $intf\n"; } @@ -316,7 +318,8 @@ sub update_mac { system "sudo ip link set $intf up" and die "Could not set $intf up ($!)\n"; } else { - exec "sudo ip link set $intf address $mac"; + system "sudo ip link set $intf address $mac" + and die "Could not set $intf address ($!)\n"; } exit 0; } diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl index a3cf6ef..f0dbaf1 100755 --- a/scripts/vyatta-load-config.pl +++ b/scripts/vyatta-load-config.pl @@ -175,7 +175,7 @@ syslog( "warning", "Load config [$orig_load_file] by $login" ); # do config migration system("$sbindir/vyatta_config_migrate.pl $load_file"); -print "Loading config file $load_file...\n"; +print "Loading configuration from '$load_file'...\n"; my %cfg_hier = Vyatta::ConfigLoad::loadConfigHierarchy($load_file,$merge); if ( scalar( keys %cfg_hier ) == 0 ) { print "The specified file does not contain any configuration.\n"; diff --git a/src/commit2.c b/src/commit2.c index a324bab..6274ec6 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -409,6 +409,9 @@ process_func(GNode *node, gpointer data) set_in_delete_action(TRUE); } + //set location env + setenv(ENV_DATA_PATH,d->_path,1); + //do last sibling check GNode *n = g_node_last_sibling(node); if (n == node) { @@ -451,6 +454,7 @@ process_func(GNode *node, gpointer data) unsetenv(ENV_ACTION_NAME); unsetenv(ENV_SIBLING_POSITION); + unsetenv(ENV_DATA_PATH); if (g_coverage) { struct timeval t; @@ -1008,7 +1012,7 @@ validate_func(GNode *node, gpointer data) } } - if (IS_DELETE(d->_operation)) { + if (IS_DELETE(d->_operation) && !IS_ACTIVE(d->_operation)) { return FALSE; //will not perform validation checks on deleted nodes } @@ -1062,7 +1066,10 @@ validate_func(GNode *node, gpointer data) boolean status = 1; if (g_dump_actions == FALSE) { + //set location env + setenv(ENV_DATA_PATH,d->_path,1); status = execute_list(c->_def.actions[result->_action].vtw_list_head,&c->_def); + unsetenv(ENV_DATA_PATH); } else { char buf[MAX_LENGTH_DIR_PATH*sizeof(char)]; diff --git a/src/common/defs.h b/src/common/defs.h index daca88a..50d2337 100644 --- a/src/common/defs.h +++ b/src/common/defs.h @@ -16,7 +16,7 @@ #define ENV_ACTION_SET "SET" #define ENV_ACTION_ACTIVE "ACTIVE" #define ENV_SIBLING_POSITION "COMMIT_SIBLING_POSITION" - +#define ENV_DATA_PATH "NODE_DATA_PATH" struct Result { diff --git a/templates/interfaces/ethernet/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/description/node.def index d7becd1..7f64c78 100644 --- a/templates/interfaces/ethernet/node.tag/description/node.def +++ b/templates/interfaces/ethernet/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/ifalias" +update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../@)/ifalias" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias" diff --git a/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def b/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def new file mode 100644 index 0000000..10c6c06 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def @@ -0,0 +1,4 @@ +help: Set to disable Ethernet flow control (pause frames) +create: sudo ethtool --pause $VAR(../@) autoneg off tx off rx off +delete: [ -d /sys/class/net/$VAR(../@) ] || exit 0 + sudo ethtool --pause $VAR(../@) autoneg on tx on rx on diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def index 40f04bc..d85db27 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" +update: sudo sh -c "echo \"VAR(@)\" >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" diff --git a/templates/interfaces/loopback/node.tag/description/node.def b/templates/interfaces/loopback/node.tag/description/node.def index d7becd1..7f64c78 100644 --- a/templates/interfaces/loopback/node.tag/description/node.def +++ b/templates/interfaces/loopback/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/ifalias" +update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../@)/ifalias" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias" diff --git a/templates/priority b/templates/priority index 1236b9d..815b884 100644 --- a/templates/priority +++ b/templates/priority @@ -85,7 +85,9 @@ # "active config" tree at the time the lower-level node is committed. # -200 firewall/group +200 firewall/group/address-group +200 firewall/group/network-group +200 firewall/group/port-group 210 firewall/name/node.tag 210 firewall/modify/node.tag 210 firewall/ipv6-name/node.tag @@ -95,18 +97,35 @@ 315 interfaces/bonding 318 interfaces/ethernet 319 interfaces/ethernet/node.tag/vif +319 interfaces/ethernet/node.tag/bond-group 320 interfaces/ethernet/node.tag/vif/node.tag/bridge-group +320 interfaces/bonding/node.tag/bridge-group +320 interfaces/bonding/node.tag/vif 320 interfaces/bridge/node.tag/address 320 interfaces/loopback 330 interfaces/adsl 340 interfaces/serial 350 interfaces/wirelessmodem +350 interfaces/wireless 380 interfaces/tunnel 380 interfaces/openvpn 390 interfaces/pseudo-ethernet 391 interfaces/pseudo-ethernet/node.tag/vif -395 interfaces/bonding/node.tag/vif -400 system +400 system/domain-name +400 system/domain-search +400 system/gateway-address +400 system/host-name +400 system/ip +400 system/ipv6 +400 system/login +400 system/name-server +400 system/ntp-server +400 system/options +400 system/package +400 system/static-host-mapping +400 system/syslog +400 system/time-zone +405 system 450 protocols/static 470 policy 500 protocols/bgp/node.tag/parameters @@ -124,10 +143,6 @@ 810 interfaces/serial/node.tag/ppp 810 interfaces/serial/node.tag/ppp/vif 810 interfaces/serial/node.tag/cisco-hdlc/vif -820 interfaces/serial/node.tag/frame-relay/vif -820 interfaces/serial/node.tag/ppp -820 interfaces/serial/node.tag/ppp/vif -820 interfaces/serial/node.tag/cisco-hdlc/vif 850 interfaces 900 protocols/snmp 900 vpn |