diff options
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/VyattaConfigLoad.pm | 3 | ||||
-rwxr-xr-x | scripts/VyattaTypeChecker.pm | 27 | ||||
-rwxr-xr-x | scripts/vyatta-load-config.pl | 18 | ||||
-rwxr-xr-x | scripts/vyatta-watchlink-exclude.pl | 144 |
4 files changed, 192 insertions, 0 deletions
diff --git a/scripts/VyattaConfigLoad.pm b/scripts/VyattaConfigLoad.pm index 9605017..c4ce8bd 100755 --- a/scripts/VyattaConfigLoad.pm +++ b/scripts/VyattaConfigLoad.pm @@ -30,6 +30,8 @@ use VyattaConfig; my $default_rank = 0; my %config_rank = ( 'qos-policy' => 110, + 'firewall' => 102, + 'service nat' => 101, 'interfaces' => 100, 'interfaces bridge' => 99, 'interfaces ethernet' => 98, @@ -38,6 +40,7 @@ my %config_rank = ( 'protocols static' => 85, 'service ssh' => 84, 'service telnet' => 83, + 'vpn' => 80, ); my @all_nodes = (); diff --git a/scripts/VyattaTypeChecker.pm b/scripts/VyattaTypeChecker.pm index 2a7d0c9..f77664f 100755 --- a/scripts/VyattaTypeChecker.pm +++ b/scripts/VyattaTypeChecker.pm @@ -52,8 +52,11 @@ use strict; my %type_handler = ( 'ipv4' => \&validate_ipv4, 'ipv4net' => \&validate_ipv4net, + 'ipv4range' => \&validate_ipv4range, 'ipv4_negate' => \&validate_ipv4_negate, 'ipv4net_negate' => \&validate_ipv4net_negate, + 'ipv4range_negate' => \&validate_ipv4range_negate, + 'iptables4_addr' => \&validate_iptables4_addr, 'protocol' => \&validate_protocol, 'protocol_negate' => \&validate_protocol_negate, 'macaddr' => \&validate_macaddr, @@ -75,6 +78,14 @@ sub validate_ipv4net { return 1; } +sub validate_ipv4range { + $_ = shift; + return 0 if (!/^([^-]+)-([^-]+)$/); + my ($a1, $a2) = ($1, $2); + return 0 if (!validate_ipv4($a1) || !validate_ipv4($a2)); + return 1; +} + sub validate_ipv4_negate { my $value = shift; if ($value =~ m/^\!(.*)$/) { @@ -91,6 +102,22 @@ sub validate_ipv4net_negate { return validate_ipv4net($value); } +sub validate_ipv4range_negate { + my $value = shift; + if ($value =~ m/^\!(.*)$/) { + $value = $1; + } + return validate_ipv4range($value); +} + +sub validate_iptables4_addr { + my $value = shift; + return 0 if (!validate_ipv4_negate($value) + && !validate_ipv4net_negate($value) + && !validate_ipv4range_negate($value)); + return 1; +} + sub validate_protocol { my $value = shift; $value = lc $value; diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl index a432d8c..05323e3 100755 --- a/scripts/vyatta-load-config.pl +++ b/scripts/vyatta-load-config.pl @@ -40,6 +40,24 @@ if (!($load_file =~ /^\//)) { $load_file = "$bootpath/$load_file"; } +if (!open(CFG, "<$load_file")) { + print "Cannot open configuration file $load_file\n"; + exit 1; +} +while (<CFG>) { + if (/\/\*XORP Configuration File, v1.0\*\//) { + print "Warning: Loading a pre-Glendale configuration.\n"; + print "Do you want to continue? [no] "; + my $resp = <STDIN>; + if (!($resp =~ /^yes$/i)) { + print "Configuration not loaded\n"; + exit 1; + } + last; + } +} +close CFG; + # do config migration system("$sbindir/vyatta_config_migrate.pl $load_file"); diff --git a/scripts/vyatta-watchlink-exclude.pl b/scripts/vyatta-watchlink-exclude.pl new file mode 100755 index 0000000..9805463 --- /dev/null +++ b/scripts/vyatta-watchlink-exclude.pl @@ -0,0 +1,144 @@ +#!/usr/bin/perl +# +# Module: vyatta-watchlink-exclude.pl +# +# **** License **** +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# A copy of the GNU General Public License is available as +# `/usr/share/common-licenses/GPL' in the Debian GNU/Linux distribution +# or on the World Wide Web at `http://www.gnu.org/copyleft/gpl.html'. +# You can also obtain it by writing to the Free Software Foundation, +# Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, +# MA 02110-1301, USA. +# +# This code was originally developed by Vyatta, Inc. +# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc. +# All Rights Reserved. +# +# Author: Stig Thormodsrud +# Date: March 2008 +# Description: Script to update watchlink exclude file +# +# **** End License **** +# + +# +# parameters: +# --id="" : owner of exclude line (e.g. vrrp, ha) [required] +# --action="" : add or remove [required] +# --intf="" : interface [required] +# --ipaddr="" : ip address or network to execlude [optional] +# --signal : should watchlink get signaled [optional] +# +# Expected format of exclude file: +# +# [interface] ([ipv4addr]|ipv4net]) # id +# + +use Getopt::Long; +use POSIX; + +use strict; +use warnings; + +my $exclude_file = '/var/linkstatus/exclude'; +my $watchlink_pid = '/var/run/vyatta/quagga/watchlink.pid'; + +sub read_exclude_file { + my $FILE; + my @lines = (); + if (! -e $exclude_file) { + return @lines; + } + open($FILE, "<", $exclude_file) or die "Error: read() $!"; + @lines = <$FILE>; + close($FILE); + chomp @lines; + return @lines; +} + +sub write_exclude_file { + my @lines = @_; + + my $FILE; + open($FILE, ">", $exclude_file) or die "Error: write() $!"; + if (scalar(@lines) > 0) { + print $FILE join("\n", @lines), "\n"; + } + close($FILE); +} + +sub remove_exclude_line { + my ($remove_line, @lines) = @_; + + my @new_lines; + my $match = 0; + foreach my $line (@lines) { + if ($line eq $remove_line) { + $match++; + } else { + push @new_lines, $line; + } + } + if ($match < 1) { + die "Error: no match found for $remove_line"; + } + return @new_lines; +} + + +# +# main +# + +my ($opt_id, $opt_action, $opt_intf, $opt_ipaddr, $opt_ipnet, $opt_signal); + +GetOptions("id=s" => \$opt_id, + "action=s" => \$opt_action, + "intf=s" => \$opt_intf, + "ipaddr=s" => \$opt_ipaddr, + "signal!" => \$opt_signal, + ); + +if (!(defined $opt_id and defined $opt_action and defined $opt_intf) ) { + die "Error: parameters --id --intf --action must be set"; +} + +if ($opt_action ne "add" and $opt_action ne "remove") { + die "Error: --action must be \"add\" or \"remove\" "; +} + +my @lines = read_exclude_file(); +my $new_line = "$opt_intf "; +if (defined $opt_ipaddr) { + $new_line .= "$opt_ipaddr "; +} +if (defined $opt_id) { + $new_line .= "# $opt_id"; +} + +if ($opt_action eq "add") { + push @lines, $new_line; +} else { + @lines = remove_exclude_line($new_line, @lines); +} +write_exclude_file(@lines); + +if (defined $opt_signal) { + if (! -e $watchlink_pid) { + die "Error: missing pid file [$watchlink_pid]\n"; + } + my $pid = `cat $watchlink_pid`; + chomp $pid; + system("kill -10 $pid"); +} + +# end of file |