summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
Diffstat (limited to 'scripts')
-rwxr-xr-xscripts/VyattaConfigLoad.pm3
-rwxr-xr-xscripts/VyattaTypeChecker.pm27
-rwxr-xr-xscripts/vyatta-load-config.pl18
-rwxr-xr-xscripts/vyatta-watchlink-exclude.pl144
4 files changed, 192 insertions, 0 deletions
diff --git a/scripts/VyattaConfigLoad.pm b/scripts/VyattaConfigLoad.pm
index 9605017..c4ce8bd 100755
--- a/scripts/VyattaConfigLoad.pm
+++ b/scripts/VyattaConfigLoad.pm
@@ -30,6 +30,8 @@ use VyattaConfig;
my $default_rank = 0;
my %config_rank = (
'qos-policy' => 110,
+ 'firewall' => 102,
+ 'service nat' => 101,
'interfaces' => 100,
'interfaces bridge' => 99,
'interfaces ethernet' => 98,
@@ -38,6 +40,7 @@ my %config_rank = (
'protocols static' => 85,
'service ssh' => 84,
'service telnet' => 83,
+ 'vpn' => 80,
);
my @all_nodes = ();
diff --git a/scripts/VyattaTypeChecker.pm b/scripts/VyattaTypeChecker.pm
index 2a7d0c9..f77664f 100755
--- a/scripts/VyattaTypeChecker.pm
+++ b/scripts/VyattaTypeChecker.pm
@@ -52,8 +52,11 @@ use strict;
my %type_handler = (
'ipv4' => \&validate_ipv4,
'ipv4net' => \&validate_ipv4net,
+ 'ipv4range' => \&validate_ipv4range,
'ipv4_negate' => \&validate_ipv4_negate,
'ipv4net_negate' => \&validate_ipv4net_negate,
+ 'ipv4range_negate' => \&validate_ipv4range_negate,
+ 'iptables4_addr' => \&validate_iptables4_addr,
'protocol' => \&validate_protocol,
'protocol_negate' => \&validate_protocol_negate,
'macaddr' => \&validate_macaddr,
@@ -75,6 +78,14 @@ sub validate_ipv4net {
return 1;
}
+sub validate_ipv4range {
+ $_ = shift;
+ return 0 if (!/^([^-]+)-([^-]+)$/);
+ my ($a1, $a2) = ($1, $2);
+ return 0 if (!validate_ipv4($a1) || !validate_ipv4($a2));
+ return 1;
+}
+
sub validate_ipv4_negate {
my $value = shift;
if ($value =~ m/^\!(.*)$/) {
@@ -91,6 +102,22 @@ sub validate_ipv4net_negate {
return validate_ipv4net($value);
}
+sub validate_ipv4range_negate {
+ my $value = shift;
+ if ($value =~ m/^\!(.*)$/) {
+ $value = $1;
+ }
+ return validate_ipv4range($value);
+}
+
+sub validate_iptables4_addr {
+ my $value = shift;
+ return 0 if (!validate_ipv4_negate($value)
+ && !validate_ipv4net_negate($value)
+ && !validate_ipv4range_negate($value));
+ return 1;
+}
+
sub validate_protocol {
my $value = shift;
$value = lc $value;
diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl
index a432d8c..05323e3 100755
--- a/scripts/vyatta-load-config.pl
+++ b/scripts/vyatta-load-config.pl
@@ -40,6 +40,24 @@ if (!($load_file =~ /^\//)) {
$load_file = "$bootpath/$load_file";
}
+if (!open(CFG, "<$load_file")) {
+ print "Cannot open configuration file $load_file\n";
+ exit 1;
+}
+while (<CFG>) {
+ if (/\/\*XORP Configuration File, v1.0\*\//) {
+ print "Warning: Loading a pre-Glendale configuration.\n";
+ print "Do you want to continue? [no] ";
+ my $resp = <STDIN>;
+ if (!($resp =~ /^yes$/i)) {
+ print "Configuration not loaded\n";
+ exit 1;
+ }
+ last;
+ }
+}
+close CFG;
+
# do config migration
system("$sbindir/vyatta_config_migrate.pl $load_file");
diff --git a/scripts/vyatta-watchlink-exclude.pl b/scripts/vyatta-watchlink-exclude.pl
new file mode 100755
index 0000000..9805463
--- /dev/null
+++ b/scripts/vyatta-watchlink-exclude.pl
@@ -0,0 +1,144 @@
+#!/usr/bin/perl
+#
+# Module: vyatta-watchlink-exclude.pl
+#
+# **** License ****
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# A copy of the GNU General Public License is available as
+# `/usr/share/common-licenses/GPL' in the Debian GNU/Linux distribution
+# or on the World Wide Web at `http://www.gnu.org/copyleft/gpl.html'.
+# You can also obtain it by writing to the Free Software Foundation,
+# Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+# MA 02110-1301, USA.
+#
+# This code was originally developed by Vyatta, Inc.
+# Portions created by Vyatta are Copyright (C) 2007 Vyatta, Inc.
+# All Rights Reserved.
+#
+# Author: Stig Thormodsrud
+# Date: March 2008
+# Description: Script to update watchlink exclude file
+#
+# **** End License ****
+#
+
+#
+# parameters:
+# --id="" : owner of exclude line (e.g. vrrp, ha) [required]
+# --action="" : add or remove [required]
+# --intf="" : interface [required]
+# --ipaddr="" : ip address or network to execlude [optional]
+# --signal : should watchlink get signaled [optional]
+#
+# Expected format of exclude file:
+#
+# [interface] ([ipv4addr]|ipv4net]) # id
+#
+
+use Getopt::Long;
+use POSIX;
+
+use strict;
+use warnings;
+
+my $exclude_file = '/var/linkstatus/exclude';
+my $watchlink_pid = '/var/run/vyatta/quagga/watchlink.pid';
+
+sub read_exclude_file {
+ my $FILE;
+ my @lines = ();
+ if (! -e $exclude_file) {
+ return @lines;
+ }
+ open($FILE, "<", $exclude_file) or die "Error: read() $!";
+ @lines = <$FILE>;
+ close($FILE);
+ chomp @lines;
+ return @lines;
+}
+
+sub write_exclude_file {
+ my @lines = @_;
+
+ my $FILE;
+ open($FILE, ">", $exclude_file) or die "Error: write() $!";
+ if (scalar(@lines) > 0) {
+ print $FILE join("\n", @lines), "\n";
+ }
+ close($FILE);
+}
+
+sub remove_exclude_line {
+ my ($remove_line, @lines) = @_;
+
+ my @new_lines;
+ my $match = 0;
+ foreach my $line (@lines) {
+ if ($line eq $remove_line) {
+ $match++;
+ } else {
+ push @new_lines, $line;
+ }
+ }
+ if ($match < 1) {
+ die "Error: no match found for $remove_line";
+ }
+ return @new_lines;
+}
+
+
+#
+# main
+#
+
+my ($opt_id, $opt_action, $opt_intf, $opt_ipaddr, $opt_ipnet, $opt_signal);
+
+GetOptions("id=s" => \$opt_id,
+ "action=s" => \$opt_action,
+ "intf=s" => \$opt_intf,
+ "ipaddr=s" => \$opt_ipaddr,
+ "signal!" => \$opt_signal,
+ );
+
+if (!(defined $opt_id and defined $opt_action and defined $opt_intf) ) {
+ die "Error: parameters --id --intf --action must be set";
+}
+
+if ($opt_action ne "add" and $opt_action ne "remove") {
+ die "Error: --action must be \"add\" or \"remove\" ";
+}
+
+my @lines = read_exclude_file();
+my $new_line = "$opt_intf ";
+if (defined $opt_ipaddr) {
+ $new_line .= "$opt_ipaddr ";
+}
+if (defined $opt_id) {
+ $new_line .= "# $opt_id";
+}
+
+if ($opt_action eq "add") {
+ push @lines, $new_line;
+} else {
+ @lines = remove_exclude_line($new_line, @lines);
+}
+write_exclude_file(@lines);
+
+if (defined $opt_signal) {
+ if (! -e $watchlink_pid) {
+ die "Error: missing pid file [$watchlink_pid]\n";
+ }
+ my $pid = `cat $watchlink_pid`;
+ chomp $pid;
+ system("kill -10 $pid");
+}
+
+# end of file