Merge branch 'glendale'

21 files changed, 752 insertions, 101 deletions

diff --git a/scripts/VyattaConfig.pm b/scripts/VyattaConfig.pm
index 9020af0..3c4b51f 100644..100755
--- a/scripts/VyattaConfig.pm
+++ b/scripts/VyattaConfig.pm
@@ -1,3 +1,24 @@
+#!/usr/bin/perl
+
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: vyatta configuration parser
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 package VyattaConfig;
 
 use strict;
@@ -540,5 +561,3 @@ sub compareValueLists {
   }
   return %comp_hash;
 }
-
-
diff --git a/scripts/VyattaConfigDOMTree.pm b/scripts/VyattaConfigDOMTree.pm
index 86aabf8..4e7ce31 100644..100755
--- a/scripts/VyattaConfigDOMTree.pm
+++ b/scripts/VyattaConfigDOMTree.pm
@@ -1,18 +1,24 @@
+#!/usr/bin/perl
+
 #
-# Module: serial
+# Module: vyatta-cfg
 #
 # **** License ****
-# Version: VPL 1.0
-#
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 #
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# A copy of the GNU General Public License is available as
+# `/usr/share/common-licenses/GPL' in the Debian GNU/Linux distribution
+# or on the World Wide Web at `http://www.gnu.org/copyleft/gpl.html'.
+# You can also obtain it by writing to the Free Software Foundation,
+# Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
 #
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2005, 2006, 2007 Vyatta, Inc.
diff --git a/scripts/VyattaConfigLoad.pm b/scripts/VyattaConfigLoad.pm
index c09616d..2efa81e 100755
--- a/scripts/VyattaConfigLoad.pm
+++ b/scripts/VyattaConfigLoad.pm
@@ -1,4 +1,23 @@
-# Perl module for loading configuration.
+#!/usr/bin/perl
+
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: Perl module for loading configuration.
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+
 package VyattaConfigLoad;
 
 use strict;
@@ -9,16 +28,21 @@ use VyattaConfig;
 
 # configuration ordering. higher rank configured before lower rank.
 my $default_rank = 0;
-my %config_rank = (
-                    'interfaces' => 100,
-                    'interfaces bridge' => 99,
-                    'interfaces ethernet' => 98,
-                    'interfaces tunnel' => 91,
-                    'system' => 90,
-                    'protocols static' => 85,
-                    'service ssh' => 84,
-                    'service telnet' => 83,
-                  );
+my %config_rank  = (
+    'qos-policy'            => 110,
+    'firewall'              => 102,
+    'service nat'           => 101,
+    'interfaces'            => 100,
+    'interfaces bridge'     => 99,
+    'interfaces ethernet'   => 98,
+    'interfaces tunnel'     => 91,
+    'system'                => 90,
+    'protocols static'      => 85,
+    'service ssh'           => 84,
+    'service telnet'        => 83,
+    'policy'                => 82,
+    'vpn'                   => 80,
+);
 
 my @all_nodes = ();
 my @all_naked_nodes = ();
diff --git a/scripts/VyattaConfigOutput.pm b/scripts/VyattaConfigOutput.pm
index 2a152ee..2766b64 100755
--- a/scripts/VyattaConfigOutput.pm
+++ b/scripts/VyattaConfigOutput.pm
@@ -1,5 +1,25 @@
-# Perl module for generating output of the configuration.
+#!/usr/bin/perl
+
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: Perl module for generating output of the configuration.
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
 # 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
+
 # outputNewConfig()
 #   prints the "new" config, i.e., the active config with any un-committed
 #   changes. 'diff' notation is also generated to indicate the changes.
@@ -12,6 +32,7 @@ package VyattaConfigOutput;
 use strict;
 use lib '/opt/vyatta/share/perl5/';
 use VyattaConfig;
+use Sort::Versions;
 
 # whether to show default values
 my $show_all = 0;
@@ -170,6 +191,7 @@ sub displayDeletedOrigChildren {
                     $dont_show_as_deleted);
     } elsif (scalar($#cnames) >= 0) {
       if ($is_tag) {
+        @cnames = sort versioncmp @cnames;
         foreach my $cname (@cnames) {
           if ($cname eq 'node.val') {
             # should not happen
@@ -224,6 +246,7 @@ sub displayChildren {
       displayValues([ @cur_path, $child ], $prefix, $child);
     } elsif (scalar($#cnames) >= 0) {
       if ($is_tag) {
+        @cnames = sort versioncmp @cnames;
         foreach my $cname (@cnames) {
           if ($cname eq 'node.val') {
             # should not happen
diff --git a/scripts/VyattaIpTablesAddressFilter.pm b/scripts/VyattaIpTablesAddressFilter.pm
index aa6f662..9789fef 100644..100755
--- a/scripts/VyattaIpTablesAddressFilter.pm
+++ b/scripts/VyattaIpTablesAddressFilter.pm
@@ -1,3 +1,24 @@
+#!/usr/bin/perl
+
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: IP tables address filter
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 package VyattaIpTablesAddressFilter;
 
 use VyattaConfig;
diff --git a/scripts/VyattaMisc.pm b/scripts/VyattaMisc.pm
index 3a083ec..e6bd9ff 100755
--- a/scripts/VyattaMisc.pm
+++ b/scripts/VyattaMisc.pm
@@ -1,29 +1,25 @@
-#
+#!/usr/bin/perl
+
 # Module: VyattaMisc.pm
 #
+# Author: Marat <marat@vyatta.com>
+# Date: 2007
+# Description: Implements miscellaneous commands
+
 # **** License ****
-# Version: VPL 1.0
-#
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
 # This code was originally developed by Vyatta, Inc.
-# Portions created by Vyatta are Copyright (C) 2005, 2006, 2007 Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
 # All Rights Reserved.
-#
-# Author: Marat
-# Date: 2007
-# Description:
-#
 # **** End License ****
-#
 
 package VyattaMisc;
 require Exporter;
diff --git a/scripts/VyattaTypeChecker.pm b/scripts/VyattaTypeChecker.pm
index 902c278..f77664f 100644..100755
--- a/scripts/VyattaTypeChecker.pm
+++ b/scripts/VyattaTypeChecker.pm
@@ -1,3 +1,24 @@
+#!/usr/bin/perl
+
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: Type checking script
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 # Perl module for type validation.
 # Usage 1: validate a value of a specific type.
 #   use VyattaTypeChecker;
@@ -31,8 +52,11 @@ use strict;
 my %type_handler = (
                     'ipv4' => \&validate_ipv4,
                     'ipv4net' => \&validate_ipv4net,
+                    'ipv4range' => \&validate_ipv4range,
                     'ipv4_negate' => \&validate_ipv4_negate,
                     'ipv4net_negate' => \&validate_ipv4net_negate,
+                    'ipv4range_negate' => \&validate_ipv4range_negate,
+                    'iptables4_addr' => \&validate_iptables4_addr,
                     'protocol' => \&validate_protocol,
                     'protocol_negate' => \&validate_protocol_negate,
                     'macaddr' => \&validate_macaddr,
@@ -54,6 +78,14 @@ sub validate_ipv4net {
   return 1;
 }
 
+sub validate_ipv4range {
+  $_ = shift;
+  return 0 if (!/^([^-]+)-([^-]+)$/);
+  my ($a1, $a2) = ($1, $2);
+  return 0 if (!validate_ipv4($a1) || !validate_ipv4($a2));
+  return 1;
+}
+
 sub validate_ipv4_negate {
   my $value = shift;
   if ($value =~ m/^\!(.*)$/) {
@@ -70,6 +102,22 @@ sub validate_ipv4net_negate {
   return validate_ipv4net($value);
 }
 
+sub validate_ipv4range_negate {
+  my $value = shift;
+  if ($value =~ m/^\!(.*)$/) {
+    $value = $1;
+  }
+  return validate_ipv4range($value);
+}
+
+sub validate_iptables4_addr {
+  my $value = shift;
+  return 0 if (!validate_ipv4_negate($value)
+               && !validate_ipv4net_negate($value)
+               && !validate_ipv4range_negate($value));
+  return 1;
+}
+
 sub validate_protocol {
   my $value = shift;
   $value = lc $value;
diff --git a/scripts/vyatta-cfg-cmd-wrapper b/scripts/vyatta-cfg-cmd-wrapper
index 4a42105..518147d 100755
--- a/scripts/vyatta-cfg-cmd-wrapper
+++ b/scripts/vyatta-cfg-cmd-wrapper
@@ -1,5 +1,24 @@
 #!/bin/bash
 
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: command wrapper
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 if grep -q union=aufs /proc/cmdline || grep -q aufs /proc/filesystems ; then
   export UNIONFS=aufs
 else
@@ -13,7 +32,7 @@ export VYATTA_EDIT_LEVEL=/;
 export VYATTA_TEMPLATE_LEVEL=/;
 export VYATTA_ACTIVE_CONFIGURATION_DIR=/opt/vyatta/config/active;
 
-export VYATTA_CHANGES_ONLY_DIR=/opt/vyatta/config/tmp/changes_only_$PPID;
+export VYATTA_CHANGES_ONLY_DIR=/tmp/changes_only_$PPID;
 export VYATTA_TEMP_CONFIG_DIR=/opt/vyatta/config/tmp/new_config_$PPID;
 export VYATTA_CONFIG_TMP=/opt/vyatta/config/tmp/tmp_$PPID;
 
diff --git a/scripts/vyatta-cfg-notify b/scripts/vyatta-cfg-notify
index e0c56df..0a2f895 100755
--- a/scripts/vyatta-cfg-notify
+++ b/scripts/vyatta-cfg-notify
@@ -1,5 +1,24 @@
 #!/bin/bash
 
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: config notify script
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 [ -r /etc/default/vyatta ] && source /etc/default/vyatta
 
 declare cur_tty=$(ps -o tty= |head -n1)
@@ -19,4 +38,3 @@ Please make sure you do not have conflicting changes. You can also discard
 the current changes by issuing 'exit discard'.
 EOF
 done
-
diff --git a/scripts/vyatta-check-typeless-node.pl b/scripts/vyatta-check-typeless-node.pl
new file mode 100644
index 0000000..65a7408
--- /dev/null
+++ b/scripts/vyatta-check-typeless-node.pl
@@ -0,0 +1,21 @@
+#!/usr/bin/perl
+use lib "/opt/vyatta/share/perl5/";
+use VyattaConfig;
+use VyattaMisc;
+use Getopt::Long;
+
+## Check if a typeless node exists
+# this is a lame little script to get around bug 2525 not being fixed.
+# i.e. $VAR(./node/) always expands to true.  Once bug 2525 is properly
+# fixed, this can go away
+my $node = shift;
+my $config = new VyattaConfig;
+
+if ($config->exists("$node")) {
+  exit 0;
+}
+else {
+  exit 1;
+}
+
+exit 0;
diff --git a/scripts/vyatta-cli-expand-var.pl b/scripts/vyatta-cli-expand-var.pl
index fcc2b43..2691615 100755
--- a/scripts/vyatta-cli-expand-var.pl
+++ b/scripts/vyatta-cli-expand-var.pl
@@ -1,5 +1,24 @@
 #!/usr/bin/perl
 
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: bash expand script
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 use strict;
 use lib "/opt/vyatta/share/perl5/";
 use VyattaConfig;
diff --git a/scripts/vyatta-config-loader.pl b/scripts/vyatta-config-loader.pl
index 370a669..29b6bcd 100755
--- a/scripts/vyatta-config-loader.pl
+++ b/scripts/vyatta-config-loader.pl
@@ -1,4 +1,24 @@
 #!/usr/bin/perl
+
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: configuration loader
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 # Perl script for loading the startup config file.
 # $0: startup config file.
 
@@ -14,6 +34,11 @@ if (!open(OLDOUT, ">&STDOUT") || !open(OLDERR, ">&STDERR")
   print STDERR "Cannot dup STDOUT/STDERR: $!\n";
   exit 1;
 }
+    
+if (!open(WARN, "|/usr/bin/logger -t config-loader -p local0.warning")) {
+  print OLDERR "Cannot open syslog: $!\n";
+  exit 1;
+}
 
 sub restore_fds {
   open(STDOUT, ">&OLDOUT");
@@ -35,7 +60,7 @@ my $CWRAPPER = '/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper';
 system("$CWRAPPER begin");
 if ($? >> 8) {
   print OLDOUT "Cannot set up configuration environment\n";
-  print STDOUT "Cannot set up configuration environment\n";
+  print WARN "Cannot set up configuration environment\n";
   restore_fds();
   exit 1;
 }
@@ -51,7 +76,7 @@ foreach (@all_nodes) {
     $ret = system("$commit_cmd");
     if ($ret >> 8) {
       print OLDOUT "Commit failed at rank $cur_rank\n";
-      print STDOUT "Commit failed at rank $cur_rank\n";
+      print WARN "Commit failed at rank $cur_rank\n";
       system("$cleanup_cmd");
       # continue after cleanup (or should we abort?)
     }
@@ -62,14 +87,14 @@ foreach (@all_nodes) {
   if ($ret >> 8) {
     $cmd =~ s/^.*?set /set /;
     print OLDOUT "[[$cmd]] failed\n";
-    print STDOUT "[[$cmd]] failed\n";
+    print WARN "[[$cmd]] failed\n";
     # continue after set failure (or should we abort?)
   }
 }
 $ret = system("$commit_cmd");
 if ($ret >> 8) {
   print OLDOUT "Commit failed at rank $cur_rank\n";
-  print STDOUT "Commit failed at rank $cur_rank\n";
+  print WARN "Commit failed at rank $cur_rank\n";
   system("$cleanup_cmd");
   # exit normally after cleanup (or should we exit with error?)
 }
diff --git a/scripts/vyatta-dhclient-hook b/scripts/vyatta-dhclient-hook
index cc3cb08..5784d93 100644..100755
--- a/scripts/vyatta-dhclient-hook
+++ b/scripts/vyatta-dhclient-hook
@@ -1,3 +1,23 @@
+#!/bin/sh
+
+# Author: Stig Thormodsrud <stig@vyatta.com>
+# Date: 2007
+# Description: dhcp client hook
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
 
 # To enable this script set the following variable to "yes"
 RUN="yes"
diff --git a/scripts/vyatta-find-type.pl b/scripts/vyatta-find-type.pl
index b6514f0..3c9ccc6 100755
--- a/scripts/vyatta-find-type.pl
+++ b/scripts/vyatta-find-type.pl
@@ -1,5 +1,24 @@
 #!/usr/bin/perl
 
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: bash tyep checking for Vyatta configuration commands
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 use strict;
 use lib "/opt/vyatta/share/perl5/";
 use VyattaTypeChecker;
@@ -18,4 +37,3 @@ if (my $type = VyattaTypeChecker::findType(@ARGV)) {
 
 # value not valid for any of the candidates
 exit 1;
-
diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl
index fc10c4d..abbf6a8 100644..100755
--- a/scripts/vyatta-interfaces.pl
+++ b/scripts/vyatta-interfaces.pl
@@ -3,17 +3,21 @@
 # Module: vyatta-interfaces.pl
 # 
 # **** License ****
-# Version: VPL 1.0
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
 # 
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-# 
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# A copy of the GNU General Public License is available as
+# `/usr/share/common-licenses/GPL' in the Debian GNU/Linux distribution
+# or on the World Wide Web at `http://www.gnu.org/copyleft/gpl.html'.
+# You can also obtain it by writing to the Free Software Foundation,
+# Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
 # 
 # This code was originally developed by Vyatta, Inc.
 # Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
@@ -29,9 +33,12 @@
 use lib "/opt/vyatta/share/perl5/";
 use VyattaConfig;
 use VyattaMisc;
-use Getopt::Long;
 
+use Getopt::Long;
+use POSIX;
 use NetAddr::IP;
+use Tie::File;
+use Fcntl qw (:flock);
 
 use strict;
 use warnings;
@@ -41,18 +48,22 @@ my $dhcp_conf   = '/etc/dhcp3/dhclient.conf';
 my $dhcp_pid    = '/var/run/dhclient.pid';
 my $dhcp_leases = '/var/lib/dhcp3/dhclient.leases';
 
+my ($eth_update, $eth_delete, $addr, $restart_dhclient, $dev, $mac, $mac_update);
 
-my ($eth_update, $eth_delete, $addr, $restart_dhclient, $dev);
 GetOptions("eth-addr-update=s" => \$eth_update,
 	   "eth-addr-delete=s" => \$eth_delete,
 	   "valid-addr=s"      => \$addr,
 	   "restart-dhclient!" => \$restart_dhclient,
            "dev=s"             => \$dev,
+	   "valid-mac=s"       => \$mac,
+	   "set-mac=s"	       => \$mac_update,
 );
 
 if (defined $eth_update)       { update_eth_addrs($eth_update, $dev); }
 if (defined $eth_delete)       { delete_eth_addrs($eth_delete, $dev);  }
 if (defined $addr)             { is_valid_addr($addr, $dev); }
+if (defined $mac)	       { is_valid_mac($mac, $dev); }
+if (defined $mac_update)       { update_mac($mac_update, $dev); }
 if (defined $restart_dhclient) { dhcp_restart_daemon(); }
 
 sub is_ip_configured {
@@ -308,7 +319,10 @@ sub update_eth_addrs {
     }
 
     if ($version == 4) {
-	return system("ip addr add $addr broadcast + dev $intf");
+        # revert this gruesome hack when quagga static route initialization
+        # is fixed.
+        #return system("ip addr add $addr broadcast + dev $intf");
+        return system("ip link set $intf down; ip link set $intf up; ip addr add $addr broadcast + dev $intf");
     }
     if ($version == 6) {
 	return system("ip -6 addr add $addr dev $intf");
@@ -317,6 +331,22 @@ sub update_eth_addrs {
     exit 1;
 }
 
+sub if_nametoindex {
+    my ($intf) = @_;
+
+    open my $sysfs, "<", "/sys/class/net/$intf/ifindex" 
+	|| die "Unknown interface $intf";
+    my $ifindex = <$sysfs>;
+    close($sysfs) or die "read sysfs error\n";
+    chomp $ifindex;
+
+    return $ifindex;
+}
+
+sub htonl {
+    return unpack('L',pack('N',shift));
+}
+
 sub delete_eth_addrs {
     my ($addr, $intf) = @_;
 
@@ -324,18 +354,91 @@ sub delete_eth_addrs {
 	dhcp_release_addr($intf);
 	update_dhcp_client();
 	system("rm -f /var/lib/dhcp3/dhclient_$intf\_lease");
-	return;
+	exit 0;
     } 
     my $version = is_ip_v4_or_v6($addr);
-    if (!defined $version) {
-	exit 1;
+    if ($version == 6) {
+	    exec 'ip', '-6', 'addr', 'del', $addr, 'dev', $intf
+		or die "Could not exec ip?";
     }
-    if ($version == 4) {
-	return system("ip addr del $addr dev $intf");
+
+    ($version == 4) or die "Bad ip version";
+
+    if (is_ip_configured($intf, $addr)) {
+	# Link is up, so just delete address
+	# Zebra is watching for netlink events and will handle it
+	exec 'ip', 'addr', 'del', $addr, 'dev', $intf
+	    or die "Could not exec ip?";
     }
-    if ($version == 6) {
-	return system("ip -6 addr del $addr dev $intf");
+	
+
+    # Destroy watchlink's internal status so it doesn't erronously
+    # restore the address when link is restored
+    my $statusfile = '/var/linkstatus/' . if_nametoindex($intf);
+
+    # Use tie to treat file as array
+    my $tie = tie my @status, 'Tie::File', $statusfile
+	or die "can't open $statusfile";
+
+    $tie->flock(LOCK_EX);	# Block out watchlink
+    $tie = undef;    		# Drop reference so untie will work
+
+    my $ip = NetAddr::IP->new($addr);
+    my $recno = 0;
+    foreach my $line (@status) {
+	chomp $line;
+
+	# The format of watchlink file is host byte order (IPV6??)
+	my ($ifindex, $raddr, $bcast, $prefix) = split (/,/, $line);
+	my $laddr = htonl($raddr);
+	my $this = NetAddr::IP->new("$laddr/$prefix");
+	if ($ip eq $this) {
+	    splice @status, $recno, 1;	    # delete the line
+	} else {
+	    $recno++;
+	}
     }
+    untie @status;
+    exit 0;
+}
+
+sub update_mac {
+    my ($mac, $intf) = @_;
+
+    open my $fh, "<", "/sys/class/net/$intf/flags"
+	or die "Error: $intf is not a network device\n";
+
+    my $flags = <$fh>;
+    chomp $flags;
+    close $fh or die "Error: can't read state\n";
+
+    if (POSIX::strtoul($flags) & 1) {
+	# NB: Perl 5 system return value is bass-ackwards
+	system "sudo ip link set $intf down"
+	    and die "Could not set $intf down ($!)\n";
+	system "sudo ip link set $intf address $mac"
+	    and die "Could not set $intf address ($!)\n";
+	system "sudo ip link set $intf up"
+	    and die "Could not set $intf up ($!)\n";
+    } else {
+	exec "sudo ip link set $intf address $mac";
+    }
+    exit 0;
+}
+ 
+sub is_valid_mac {
+    my ($mac, $intf) = @_;
+    my @octets = split /:/, $mac;
+    
+    ($#octets == 5) or die "Error: wrong number of octets: $#octets\n";
+
+    (($octets[0] & 1) == 0) or die "Error: $mac is a multicast address\n";
+
+    my $sum = 0;
+    $sum += strtoul('0x' . $_) foreach @octets;
+    ( $sum != 0 ) or die "Error: zero is not a valid address\n";
+
+    exit 0;
 }
 
 sub is_valid_addr {
@@ -358,7 +461,7 @@ sub is_valid_addr {
     }
 
     my ($addr, $net);
-    if ($addr_net =~ m/^([0-9\.\:]+)\/(\d+)$/) {
+    if ($addr_net =~ m/^([0-9a-fA-F\.\:]+)\/(\d+)$/) {
 	$addr = $1;
 	$net  = $2;
     } else {
diff --git a/scripts/vyatta-irqaffin b/scripts/vyatta-irqaffin
index 8be98b2..1959a30 100644..100755
--- a/scripts/vyatta-irqaffin
+++ b/scripts/vyatta-irqaffin
@@ -1,31 +1,24 @@
-
 #!/bin/bash
-#
+
+# Author: Robert E. Gilligan <gilligan@vyatta.com>
+# Date: 2008
+# Description: CLI back-end script to manipulate NIC interrupt CPU affinity.
+
 # **** License ****
-# Version: VPL 1.0
-#
-# The contents of this file are subject to the Vyatta Public License
-# Version 1.0 ("License"); you may not use this file except in
-# compliance with the License. You may obtain a copy of the License at
-# http://www.vyatta.com/vpl
-#
-# Software distributed under the License is distributed on an "AS IS"
-# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
-# the License for the specific language governing rights and limitations
-# under the License.
-#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
 # This code was originally developed by Vyatta, Inc.
-# Portions created by Vyatta are Copyright (C) 2008 Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
 # All Rights Reserved.
-#
-# Author: Robert E. Gilligan
-# Date: 2008
-# Description:
-#
 # **** End License ****
-#
-# CLI back-end script to manipulate NIC interrupt CPU affinity.
-#
+
 # Provides sub-commands to:
 #   - Check the validity of an interface name and affinity mask value
 #   - Set the affinity mask to the IRQ being used by an interface
diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl
index be3c751..05323e3 100755
--- a/scripts/vyatta-load-config.pl
+++ b/scripts/vyatta-load-config.pl
@@ -1,5 +1,24 @@
 #!/usr/bin/perl
-# Perl script for loading config file at run time.
+
+# Author: An-Cheng Huang <ancheng@vyatta.com.
+# Date: 2007
+# Description: Perl script for loading config file at run time.
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 # $0: config file.
 
 use strict;
@@ -21,6 +40,24 @@ if (!($load_file =~ /^\//)) {
   $load_file = "$bootpath/$load_file";
 }
 
+if (!open(CFG, "<$load_file")) {
+  print "Cannot open configuration file $load_file\n";
+  exit 1;
+}
+while (<CFG>) {
+  if (/\/\*XORP Configuration File, v1.0\*\//) {
+    print "Warning: Loading a pre-Glendale configuration.\n";
+    print "Do you want to continue? [no] ";
+    my $resp = <STDIN>;
+    if (!($resp =~ /^yes$/i)) {
+      print "Configuration not loaded\n";
+      exit 1;
+    }
+    last;
+  }
+}
+close CFG;
+
 # do config migration
 system("$sbindir/vyatta_config_migrate.pl $load_file");
 
@@ -71,4 +108,3 @@ if ($? >> 8) {
 
 print "Done\n";
 exit 0;
-
diff --git a/scripts/vyatta-output-config.pl b/scripts/vyatta-output-config.pl
index 65169f6..05bdc4c 100755
--- a/scripts/vyatta-output-config.pl
+++ b/scripts/vyatta-output-config.pl
@@ -1,5 +1,24 @@
 #!/usr/bin/perl
 
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: Script to output the configuration
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 use strict;
 use lib "/opt/vyatta/share/perl5/";
 use VyattaConfigOutput;
@@ -8,6 +27,7 @@ if ($ARGV[0] eq '-all') {
   shift;
   VyattaConfigOutput::set_show_all(1);
 }
+
 if ($ARGV[0] eq '-active') {
   shift;
   VyattaConfigOutput::set_hide_password(1);
@@ -15,5 +35,5 @@ if ($ARGV[0] eq '-active') {
 } else {
   VyattaConfigOutput::outputNewConfig(@ARGV);
 }
-exit 0;
 
+exit 0;
diff --git a/scripts/vyatta-save-config.pl b/scripts/vyatta-save-config.pl
index bad7c45..c759503 100755
--- a/scripts/vyatta-save-config.pl
+++ b/scripts/vyatta-save-config.pl
@@ -1,5 +1,24 @@
 #!/usr/bin/perl
 
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: script to save the configuration
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 use strict;
 use lib "/opt/vyatta/share/perl5/";
 use VyattaConfigOutput;
@@ -37,4 +56,3 @@ select STDOUT;
 print "\nDone\n";
 close SAVE;
 exit 0;
-
diff --git a/scripts/vyatta-validate-type.pl b/scripts/vyatta-validate-type.pl
index 64b7e8a..eecc024 100755
--- a/scripts/vyatta-validate-type.pl
+++ b/scripts/vyatta-validate-type.pl
@@ -1,5 +1,24 @@
 #!/usr/bin/perl
 
+# Author: An-Cheng Huang <ancheng@vyatta.com>
+# Date: 2007
+# Description: script to validate types
+
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2006, 2007, 2008 Vyatta, Inc.
+# All Rights Reserved.
+# **** End License ****
+
 use strict;
 use lib "/opt/vyatta/share/perl5/";
 use VyattaTypeChecker;
@@ -18,4 +37,3 @@ if ($ARGV[0] eq '-q') {
 
 exit 0 if (VyattaTypeChecker::validateType($ARGV[0], $ARGV[1], $quiet));
 exit 1;
-
diff --git a/scripts/vyatta-watchlink-exclude.pl b/scripts/vyatta-watchlink-exclude.pl
new file mode 100755
index 0000000..b7a8916
--- /dev/null
+++ b/scripts/vyatta-watchlink-exclude.pl
@@ -0,0 +1,186 @@
+#!/usr/bin/perl
+#
+# Module: vyatta-watchlink-exclude.pl
+# 
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+# 
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# A copy of the GNU General Public License is available as
+# `/usr/share/common-licenses/GPL' in the Debian GNU/Linux distribution
+# or on the World Wide Web at `http://www.gnu.org/copyleft/gpl.html'.
+# You can also obtain it by writing to the Free Software Foundation,
+# Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
+# 
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
+# All Rights Reserved.
+# 
+# Author: Stig Thormodsrud
+# Date: March 2008
+# Description: Script to update watchlink exclude file
+# 
+# **** End License ****
+#
+
+#
+# parameters:
+#   --id=""     : owner of exclude line (e.g. vrrp, ha) [required]
+#   --action="" : add or remove                         [required]
+#   --intf=""   : interface                             [required for add]
+#   --ipaddr="" : ip address or network to execlude     [optional]
+#   --signal    : should watchlink get signaled         [optional]
+#
+# Expected format of exclude file:
+#
+# <interface> [ <ipv4addr> | <ipv4net> ] # id
+# 
+
+use Getopt::Long;
+use POSIX;
+
+use strict;
+use warnings;
+
+my $exclude_file  = '/var/linkstatus/exclude';
+my $watchlink_pid = '/var/run/vyatta/quagga/watchlink.pid';
+
+sub read_exclude_file {
+    my $FILE;
+    my @lines = ();
+    if (! -e $exclude_file) {
+	return @lines;
+    }
+    open($FILE, "<", $exclude_file) or die "Error: read() $!";
+    @lines = <$FILE>;
+    close($FILE);
+    chomp @lines;
+    return @lines;
+}
+
+sub write_exclude_file {
+    my @lines = @_;
+
+    my $FILE;
+    open($FILE, ">", $exclude_file) or die "Error: write() $!";
+    if (scalar(@lines) > 0) {
+	print $FILE join("\n", @lines), "\n";
+    }
+    close($FILE);
+}
+
+sub remove_exclude_id {
+    my ($id, @lines) = @_;
+
+    my @new_lines;
+    my $match = 0;
+    foreach my $line (@lines) {
+	if ($line =~ /# $id$/) {
+	    $match++;
+	} else {
+	    push @new_lines, $line;
+	}
+    }
+    if ($match < 1) {
+	print "$0: no match found for $id";
+    }
+    return @new_lines;
+}
+
+sub remove_exclude_line {
+    my ($remove_line, @lines) = @_;
+
+    my @new_lines;
+    my $match = 0;
+    foreach my $line (@lines) {
+	if ($line eq $remove_line) {
+	    $match++;
+	} else {
+	    push @new_lines, $line;
+	}
+    }
+    if ($match < 1) {
+	print "$0: no match found for $remove_line";
+    }
+    return @new_lines;
+}
+
+sub is_exclude_dup {
+    my ($new_line, @lines) = @_;
+
+    my $frag = substr($new_line, 0, index($new_line, ' #'));
+    foreach my $line (@lines) {
+	if (substr($line, 0, index($line, ' #')) eq $frag) {
+	    return 1;
+	}
+    }
+    return 0;
+}
+
+
+#
+# main
+#
+
+my ($opt_id, $opt_action, $opt_intf, $opt_ipaddr, $opt_ipnet, $opt_signal);
+
+GetOptions("id=s"     => \$opt_id,
+	   "action=s" => \$opt_action,
+	   "intf=s"   => \$opt_intf,
+	   "ipaddr=s" => \$opt_ipaddr,
+	   "signal!"  => \$opt_signal,
+    );
+
+if (!(defined $opt_id and defined $opt_action)) {
+    die "Error: parameters --id --action must be set";
+}
+
+if ($opt_action ne "add" and $opt_action ne "remove") {
+    die "Error: --action must be \"add\" or \"remove\" ";
+}
+
+if ($opt_action eq "add" and !defined($opt_intf)) {
+    die "Error: --intf must be set for \"add\"";
+}
+
+my @lines = read_exclude_file();
+my $new_line = "$opt_intf ";
+if (defined $opt_ipaddr) {
+    $new_line .= "$opt_ipaddr ";
+}
+if (defined $opt_id) {
+    $new_line .= "# $opt_id";
+}
+
+if ($opt_action eq "add") {
+    if (! is_exclude_dup($new_line, @lines)) {
+	push @lines, $new_line;
+    }
+} elsif (defined $opt_intf) {
+    @lines = remove_exclude_line($new_line, @lines);
+} else {
+    @lines = remove_exclude_id($opt_id, @lines);
+}
+write_exclude_file(@lines);
+
+if (defined $opt_signal) {
+    if (! -e $watchlink_pid) {
+	#
+	# watchlink may have been disabled, so don't treat 
+	# this as an error
+	#
+	exit 0;
+    }
+    my $pid = `cat $watchlink_pid`;
+    chomp $pid;
+    system("kill -10 $pid");
+}
+
+# end of file