From 989e18d1c463dae8f7777532f57fcbd5bc386b62 Mon Sep 17 00:00:00 2001 From: slioch Date: Mon, 6 Jul 2009 17:31:50 -0700 Subject: fix for ptr magic on 64 bit system. looks like double ptr was getting the missing the last 4 bytes on 64 bit copy. --- src/commit2.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/src/commit2.c b/src/commit2.c index 5f70aa4..a324bab 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -943,7 +943,7 @@ validate_configuration(GNode *root_node, boolean mode, GSList **nodes_visited_co struct Result result; result._err_code = 0; result._mode = (int)mode; - result._data = (void*)nodes_visited_coll; + result._data = (void*)*nodes_visited_coll; //handles both syntax and commit result._action = syntax_act; @@ -963,7 +963,7 @@ validate_configuration(GNode *root_node, boolean mode, GSList **nodes_visited_co } GList **c_tmp = (GList**)result._data; - *nodes_visited_coll = (GSList*)*c_tmp; + *nodes_visited_coll = (GSList*)c_tmp; return TRUE; } @@ -985,8 +985,7 @@ validate_func(GNode *node, gpointer data) struct Result *result = (struct Result*)data; //since this visits all working nodes, let's maintain a set of nodes to commit - GList **c_tmp = (GList**)result->_data; - GList *coll = *c_tmp; + GList *coll = (GList*)result->_data; if (d->_path != NULL) { char *buf = malloc(MAX_LENGTH_DIR_PATH*sizeof(char)); if (IS_DELETE(d->_operation)) { @@ -996,7 +995,7 @@ validate_func(GNode *node, gpointer data) strcat(buf,val); } coll = g_slist_append(coll,buf); - result->_data = (void*)&coll; + result->_data = (void*)coll; } else if (IS_SET_OR_CREATE(d->_operation)) { sprintf(buf,"+ %s",d->_path); @@ -1005,7 +1004,7 @@ validate_func(GNode *node, gpointer data) strcat(buf,val); } coll = g_slist_append(coll,buf); - result->_data = (void*)&coll; + result->_data = (void*)coll; } } -- cgit v1.2.3 From 6d9e3e7b7505cb8bde305883415156833450544a Mon Sep 17 00:00:00 2001 From: slioch Date: Mon, 6 Jul 2009 17:51:15 -0700 Subject: 0.14.103 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 9c60c4e..34ca812 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg (0.14.103) unstable; urgency=low + + * fix for ptr magic on 64 bit system. looks like double ptr was + getting the missing the last 4 bytes on 64 bit copy. + + -- slioch Mon, 06 Jul 2009 17:51:15 -0700 + vyatta-cfg (0.14.102) unstable; urgency=low * updated perl api for new cli to support working node representation. -- cgit v1.2.3 From 2696aa8513b77f06152d3e54be86c3dea61d159b Mon Sep 17 00:00:00 2001 From: Mark O'Brien Date: Tue, 30 Jun 2009 18:07:12 -0700 Subject: Updated bridging/bonding priorites. Fix bug 4673. (cherry picked from commit 35590240b908c8fbd4913990e5a1a75909ab9df2) --- templates/priority | 2 ++ 1 file changed, 2 insertions(+) diff --git a/templates/priority b/templates/priority index 1236b9d..e6d851a 100644 --- a/templates/priority +++ b/templates/priority @@ -95,7 +95,9 @@ 315 interfaces/bonding 318 interfaces/ethernet 319 interfaces/ethernet/node.tag/vif +319 interfaces/ethernet/node.tag/bond-group 320 interfaces/ethernet/node.tag/vif/node.tag/bridge-group +320 interfaces/bonding/node.tag/bridge-group 320 interfaces/bridge/node.tag/address 320 interfaces/loopback 330 interfaces/adsl -- cgit v1.2.3 From 7e5aa03f4b83a32f02fec6d55f6be71b3a608757 Mon Sep 17 00:00:00 2001 From: slioch Date: Wed, 1 Jul 2009 10:31:07 -0700 Subject: added isActive function in perl code to allow a comparison of active (active plus working commited) nodes for comparison. (cherry picked from commit a09624069795b49d12fd5d4be40dd2eb702b97a4) --- lib/Vyatta/Config.pm | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/lib/Vyatta/Config.pm b/lib/Vyatta/Config.pm index fd0222f..95c5636 100755 --- a/lib/Vyatta/Config.pm +++ b/lib/Vyatta/Config.pm @@ -98,6 +98,29 @@ sub listNodes { return @nodes_modified; } +## isActive("path") +# return true|false based on whether node path has +# been processed or is active +sub isActive { + my ($self, $path) = @_; + my @nodes = (); + + my @comp_node = split " ", $path; + + my $comp_node = $comp_node[-1]; + if (!defined $comp_node) { + return 1; + } + + my @nodes_modified = $self->listOrigPlusComNodes(); + foreach my $node (@nodes_modified) { + if ($node eq $comp_node) { + return 0; + } + } + return 1; +} + ## listNodes("level") # return array of all nodes (active plus currently committed) at "level" # level is relative @@ -113,6 +136,9 @@ sub listOrigPlusComNodes { @coll{@nodes_modified} = @nodes_modified; my $level = $self->{_level}; + if (! defined $level) { + $level = ""; + } #now test against the inprocess file in the system # my $com_file = "/tmp/.changes_$$"; -- cgit v1.2.3 From a29d676952c8150c97bfbc9e3fb1e7072c186e79 Mon Sep 17 00:00:00 2001 From: slioch Date: Thu, 2 Jul 2009 09:48:10 -0700 Subject: fixed isActive() api to now support mixed level and passed in relative path values. (cherry picked from commit f6d95484a2f04633767409a565debe149ef5f56c) --- lib/Vyatta/Config.pm | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/lib/Vyatta/Config.pm b/lib/Vyatta/Config.pm index 95c5636..c97152c 100755 --- a/lib/Vyatta/Config.pm +++ b/lib/Vyatta/Config.pm @@ -107,12 +107,14 @@ sub isActive { my @comp_node = split " ", $path; - my $comp_node = $comp_node[-1]; + my $comp_node = pop(@comp_node); if (!defined $comp_node) { return 1; } + + my $rel_path = join(" ",@comp_node); - my @nodes_modified = $self->listOrigPlusComNodes(); + my @nodes_modified = $self->listOrigPlusComNodes($rel_path); foreach my $node (@nodes_modified) { if ($node eq $comp_node) { return 0; @@ -128,7 +130,7 @@ sub listOrigPlusComNodes { my ($self, $path) = @_; my @nodes = (); - my @nodes_modified = $self->listNodes(); + my @nodes_modified = $self->listNodes($path); #convert array to hash my %coll; @@ -151,6 +153,9 @@ sub listOrigPlusComNodes { #$coll is of the form: blah my $dir_path = $level; + if (defined $path) { + $dir_path .= " " . $path; + } $dir_path =~ s/ /\//g; $dir_path = "/".$dir_path; @@ -169,8 +174,13 @@ sub listOrigPlusComNodes { $tmp = $node[1]; } + if (!defined $tmp || $tmp eq '') { + next; + } + my @child = split "/",$tmp; my $child; + # print("tmp: $tmp, $child[0], $child[1]\n"); if ($child[0] =~ /^\s*$/ || !defined $child[0] || $child[0] eq '') { shift(@child); -- cgit v1.2.3 From 0d9103716d32773bdb3cccaceeaeb50743d0cf11 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 7 Jul 2009 10:30:42 -0700 Subject: Start bonding vif after bond-group is created Need bonded device to have slave devices to inherit VLAN_CHALLENGED property correctly (cherry picked from commit 9b3608eb80a26061004db394d7535706fd2bae0b) --- templates/priority | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/priority b/templates/priority index e6d851a..38ad89b 100644 --- a/templates/priority +++ b/templates/priority @@ -98,6 +98,7 @@ 319 interfaces/ethernet/node.tag/bond-group 320 interfaces/ethernet/node.tag/vif/node.tag/bridge-group 320 interfaces/bonding/node.tag/bridge-group +320 interfaces/bonding/node.tag/vif 320 interfaces/bridge/node.tag/address 320 interfaces/loopback 330 interfaces/adsl -- cgit v1.2.3 From 93719883d649d7c21fcb9d193caeea2cb214c221 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 7 Jul 2009 14:44:58 -0700 Subject: Use ip command rather than sysfs to set ifalias Bug 4672 By using ip command instead of sysfs, avoid subshell quoting issues. (cherry picked from commit 1755bfab4b22cc822f96fb78a1e05392d5f07398) --- templates/interfaces/ethernet/node.tag/description/node.def | 2 +- .../interfaces/ethernet/node.tag/vif/node.tag/description/node.def | 2 +- templates/interfaces/loopback/node.tag/description/node.def | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/interfaces/ethernet/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/description/node.def index d7becd1..ccec5e1 100644 --- a/templates/interfaces/ethernet/node.tag/description/node.def +++ b/templates/interfaces/ethernet/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/ifalias" +update: sudo ip link set $VAR(../@) alias "$VAR(@)" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def index 40f04bc..fda2e3c 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" +update: sudo ip link set dev "$VAR(../../@).$VAR(../@)" alias "$VAR(@)" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" diff --git a/templates/interfaces/loopback/node.tag/description/node.def b/templates/interfaces/loopback/node.tag/description/node.def index d7becd1..ccec5e1 100644 --- a/templates/interfaces/loopback/node.tag/description/node.def +++ b/templates/interfaces/loopback/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo sh -c "echo $VAR(@) >/sys/class/net/$VAR(../@)/ifalias" +update: sudo ip link set $VAR(../@) alias "$VAR(@)" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias" -- cgit v1.2.3 From 3a2e076d79ee4760b28911f897d5ff98305fcb5d Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Wed, 8 Jul 2009 16:55:52 -0700 Subject: 0.14.104 --- debian/changelog | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/debian/changelog b/debian/changelog index 34ca812..b16f3a0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +vyatta-cfg (0.14.104) unstable; urgency=low + + [ Mark O'Brien ] + * Updated bridging/bonding priorites. + + [ slioch ] + * added isActive function in perl code to allow a comparison of active + * fixed isActive() api to now support mixed level and passed in + relative path values. + + [ Stephen Hemminger ] + * Start bonding vif after bond-group is created + * Use ip command rather than sysfs to set ifalias + + [ An-Cheng Huang ] + + -- An-Cheng Huang Wed, 08 Jul 2009 16:55:51 -0700 + vyatta-cfg (0.14.103) unstable; urgency=low * fix for ptr magic on 64 bit system. looks like double ptr was -- cgit v1.2.3 From fe238c4d57c81297e610326d3e94a3cd6f6a9c32 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Wed, 8 Jul 2009 17:27:57 -0700 Subject: load requires additional environment variables --- scripts/vyatta-cfg-cmd-wrapper | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/vyatta-cfg-cmd-wrapper b/scripts/vyatta-cfg-cmd-wrapper index 7496f96..8a73d17 100755 --- a/scripts/vyatta-cfg-cmd-wrapper +++ b/scripts/vyatta-cfg-cmd-wrapper @@ -152,6 +152,8 @@ case "$1" in RET_STATUS=$? ;; load) + export vyatta_sysconfdir=/opt/vyatta/etc + export vyatta_sbindir=/opt/vyatta/sbin /opt/vyatta/sbin/vyatta-load-config.pl "${@:2}" RET_STATUS=$? ;; -- cgit v1.2.3 From 171e12fb65bc31e6eb658520e5a6c669051bc3ba Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Wed, 8 Jul 2009 18:29:31 -0700 Subject: 0.15.1 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index b16f3a0..0069a26 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg (0.15.1) unstable; urgency=low + + * load requires additional environment variables + + -- An-Cheng Huang Wed, 08 Jul 2009 18:29:31 -0700 + vyatta-cfg (0.14.104) unstable; urgency=low [ Mark O'Brien ] -- cgit v1.2.3 From d74ccee3c26f4cd3c3c76c8ae3d753961fc8924a Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Thu, 9 Jul 2009 13:59:58 -0700 Subject: Add more system priorities so that 1 system failure doesn't affect others. (cherry picked from commit 9f94864f8b2920c66c436c3452f7283c0773521a) --- templates/priority | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/templates/priority b/templates/priority index 38ad89b..147b870 100644 --- a/templates/priority +++ b/templates/priority @@ -109,7 +109,21 @@ 390 interfaces/pseudo-ethernet 391 interfaces/pseudo-ethernet/node.tag/vif 395 interfaces/bonding/node.tag/vif -400 system +400 system/domain-name +400 system/domain-search +400 system/gateway-address +400 system/host-name +400 system/ip +400 system/ipv6 +400 system/login +400 system/name-server +400 system/ntp-server +400 system/options +400 system/package +400 system/static-host-mapping +400 system/syslog +400 system/time-zone +405 system 450 protocols/static 470 policy 500 protocols/bgp/node.tag/parameters -- cgit v1.2.3 From 17918289b5d31af6ffef14d2f6bec1a5e2be0e3e Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Fri, 10 Jul 2009 12:54:16 -0700 Subject: Fix duplicate bonding vif entry Part of Bug 4717 (cherry picked from commit 56860b506e35da9e0f7ba25314e3b94ad03b5bf0) --- templates/priority | 1 - 1 file changed, 1 deletion(-) diff --git a/templates/priority b/templates/priority index 147b870..94666f6 100644 --- a/templates/priority +++ b/templates/priority @@ -108,7 +108,6 @@ 380 interfaces/openvpn 390 interfaces/pseudo-ethernet 391 interfaces/pseudo-ethernet/node.tag/vif -395 interfaces/bonding/node.tag/vif 400 system/domain-name 400 system/domain-search 400 system/gateway-address -- cgit v1.2.3 From 17a18feb3c5c36b78d14b7552848ad2b5364e98e Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Fri, 10 Jul 2009 13:45:49 -0700 Subject: Fix 4623: Removing IPSEC VPN config without removing cluster ipsec config drops all interfaces. Only use substring if necessary. (cherry picked from commit abfbae9c05c6c7b4bccb2255d91a32ef1bccd1c1) --- lib/Vyatta/Misc.pm | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/Vyatta/Misc.pm b/lib/Vyatta/Misc.pm index 01f1537..7f5e506 100755 --- a/lib/Vyatta/Misc.pm +++ b/lib/Vyatta/Misc.pm @@ -225,7 +225,10 @@ sub isClusterIP { my @services = $vc->returnValues("cluster group $cluster_group service"); foreach my $service (@services) { - if ( $ip eq substr( $service, 0, index( $service, '/' ) ) ) { + if ($service =~ /\//) { + $service = substr( $service, 0, index( $service, '/' )); + } + if ( $ip eq $service ) { return 1; } } -- cgit v1.2.3 From d644062ac89c45eeeaeac07090ad41c28fd70040 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Fri, 10 Jul 2009 14:11:49 -0700 Subject: 0.15.2 --- debian/changelog | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/debian/changelog b/debian/changelog index 0069a26..60a95ba 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,17 @@ +vyatta-cfg (0.15.2) unstable; urgency=low + + [ Stig Thormodsrud ] + * Add more system priorities so that 1 system failure doesn't affect + + [ Stephen Hemminger ] + * Fix duplicate bonding vif entry + + [ Stig Thormodsrud ] + * Fix 4623: Removing IPSEC VPN config without removing cluster ipsec + config drops all interfaces. + + -- Stig Thormodsrud Fri, 10 Jul 2009 14:11:49 -0700 + vyatta-cfg (0.15.1) unstable; urgency=low * load requires additional environment variables -- cgit v1.2.3 From 61a9c34a227a8d2a1dc789271625f88483b372a0 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Mon, 13 Jul 2009 16:40:02 -0700 Subject: Bugfix 4717: Remove duplicate entries in priority file. --- templates/priority | 4 ---- 1 file changed, 4 deletions(-) diff --git a/templates/priority b/templates/priority index 94666f6..c1507b3 100644 --- a/templates/priority +++ b/templates/priority @@ -140,10 +140,6 @@ 810 interfaces/serial/node.tag/ppp 810 interfaces/serial/node.tag/ppp/vif 810 interfaces/serial/node.tag/cisco-hdlc/vif -820 interfaces/serial/node.tag/frame-relay/vif -820 interfaces/serial/node.tag/ppp -820 interfaces/serial/node.tag/ppp/vif -820 interfaces/serial/node.tag/cisco-hdlc/vif 850 interfaces 900 protocols/snmp 900 vpn -- cgit v1.2.3 From 19a9c88300b64cfdc341626a502253d27c3981fb Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Mon, 13 Jul 2009 16:42:48 -0700 Subject: 0.15.3 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 60a95ba..d98bd04 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg (0.15.3) unstable; urgency=low + + * Bugfix 4717: Remove duplicate entries in priority file. + + -- Bob Gilligan Mon, 13 Jul 2009 16:42:48 -0700 + vyatta-cfg (0.15.2) unstable; urgency=low [ Stig Thormodsrud ] -- cgit v1.2.3 From 82751643f22509c145d7dae31798913ffc4c7f41 Mon Sep 17 00:00:00 2001 From: slioch Date: Tue, 14 Jul 2009 10:56:02 -0700 Subject: fix for bug 4255. commit check was not being called on active node that had deleted children. This change only affects the commit check for nodes that are transactions and are not directly deleted, but have deleted children. commit check is now being called. --- src/commit2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/commit2.c b/src/commit2.c index a324bab..d489923 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -1008,7 +1008,7 @@ validate_func(GNode *node, gpointer data) } } - if (IS_DELETE(d->_operation)) { + if (IS_DELETE(d->_operation) && !IS_ACTIVE(d->_operation)) { return FALSE; //will not perform validation checks on deleted nodes } -- cgit v1.2.3 From ac272fe8d44860c3f25f262d365ff2ce946f2286 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Tue, 14 Jul 2009 14:55:59 -0700 Subject: Fix 4722: Output inconsistent from 'save' and 'load' commands (cherry picked from commit abc33133b79759a629b14b81e6a65eed0fa23e8a) --- scripts/vyatta-load-config.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/vyatta-load-config.pl b/scripts/vyatta-load-config.pl index a3cf6ef..f0dbaf1 100755 --- a/scripts/vyatta-load-config.pl +++ b/scripts/vyatta-load-config.pl @@ -175,7 +175,7 @@ syslog( "warning", "Load config [$orig_load_file] by $login" ); # do config migration system("$sbindir/vyatta_config_migrate.pl $load_file"); -print "Loading config file $load_file...\n"; +print "Loading configuration from '$load_file'...\n"; my %cfg_hier = Vyatta::ConfigLoad::loadConfigHierarchy($load_file,$merge); if ( scalar( keys %cfg_hier ) == 0 ) { print "The specified file does not contain any configuration.\n"; -- cgit v1.2.3 From 035977a91f1a2077e119629b5121f0cbeb4fa3c2 Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Fri, 24 Jul 2009 14:27:07 -0700 Subject: 0.15.4 --- debian/changelog | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/debian/changelog b/debian/changelog index d98bd04..23a97c8 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,16 @@ +vyatta-cfg (0.15.4) unstable; urgency=low + + [ slioch ] + * fix for bug 4255. commit check was not being called on active node + that had deleted children. This change only affects + + [ Stig Thormodsrud ] + * Fix 4722: Output inconsistent from 'save' and 'load' commands + + [ Mohit Mehta ] + + -- Mohit Mehta Fri, 24 Jul 2009 14:27:06 -0700 + vyatta-cfg (0.15.3) unstable; urgency=low * Bugfix 4717: Remove duplicate entries in priority file. -- cgit v1.2.3 From 138cfe3b7213fa19c91d16114f3b377b8587d095 Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Tue, 28 Jul 2009 17:07:00 -0700 Subject: alter rename rule option to work for firewall and nat rules --- scripts/vyatta-cfg-cmd-wrapper | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/scripts/vyatta-cfg-cmd-wrapper b/scripts/vyatta-cfg-cmd-wrapper index 8a73d17..53a3fcc 100755 --- a/scripts/vyatta-cfg-cmd-wrapper +++ b/scripts/vyatta-cfg-cmd-wrapper @@ -157,18 +157,28 @@ case "$1" in /opt/vyatta/sbin/vyatta-load-config.pl "${@:2}" RET_STATUS=$? ;; - firewall-rule-rename) - # this option is to be used for renaming firewall rules only - # usage for this option specified on the next line - - # firewall-rule-rename $firewall_ruleset rule $rule_num to rule $rename_rulenum + rule-rename) + # this option is to be used for renaming firewall and nat rules only + # usage for this option specified on the next two lines - + # rule-rename firewall $firewall_ruleset rule $rule_num to rule $rename_rulenum + # rule-rename nat rule $rule_num to rule $rename_rulenum - VYATTA_TEMPLATE_LEVEL=/firewall/name/node.tag; - VYATTA_EDIT_LEVEL="/firewall/name/$2"; + if [ "$2" == "firewall" ]; then + VYATTA_TEMPLATE_LEVEL=/firewall/name/node.tag; + VYATTA_EDIT_LEVEL="/firewall/name/$3"; + elif [ "$2" == "nat" ]; then + VYATTA_TEMPLATE_LEVEL=/service/nat; + VYATTA_EDIT_LEVEL=/service/nat; + fi _mpath=${VYATTA_TEMP_CONFIG_DIR}/${VYATTA_EDIT_LEVEL} _tpath=${VYATTA_CONFIG_TEMPLATE}/${VYATTA_TEMPLATE_LEVEL} VYATTA_EDIT_LEVEL="${_mpath#$VYATTA_TEMP_CONFIG_DIR}/" VYATTA_TEMPLATE_LEVEL="${_tpath#$VYATTA_CONFIG_TEMPLATE}/" - mvcp rename Rename mv "${@:3}" + if [ $2 == "firewall" ]; then + mvcp rename Rename mv "${@:4}" + elif [ $2 == "nat" ]; then + mvcp rename Rename mv "${@:3}" + fi RET_STATUS=$? ;; *) -- cgit v1.2.3 From 840472340a7566b6850badf1e70ed0729e498a7e Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Tue, 28 Jul 2009 17:08:03 -0700 Subject: 0.15.5 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 23a97c8..eb14c63 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg (0.15.5) unstable; urgency=low + + * alter rename rule option to work for firewall and nat rules + + -- Mohit Mehta Tue, 28 Jul 2009 17:08:03 -0700 + vyatta-cfg (0.15.4) unstable; urgency=low [ slioch ] -- cgit v1.2.3 From f3744da98332e55d0487d8619ceb8ae7a0db3ac3 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Wed, 29 Jul 2009 12:00:32 -0700 Subject: update cli-expand-var script to match current variable reference syntax. --- scripts/vyatta-cli-expand-var.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/vyatta-cli-expand-var.pl b/scripts/vyatta-cli-expand-var.pl index f690f0b..f3bda2d 100755 --- a/scripts/vyatta-cli-expand-var.pl +++ b/scripts/vyatta-cli-expand-var.pl @@ -34,7 +34,7 @@ $_ = $ARGV[0]; # basic format check: # '(' ')' not allowed in reference. # only allow absolute path for now. -if (!/^\$\(\/([^()]+)\)$/) { +if (!/^\$VAR\(\/([^()]+)\)$/) { print STDERR "invalid variable reference (invalid format)\n"; exit 1; } -- cgit v1.2.3 From 0fe88f4f5f81d8b02caf7cf73301ea21f8a15874 Mon Sep 17 00:00:00 2001 From: An-Cheng Huang Date: Wed, 29 Jul 2009 12:02:31 -0700 Subject: 0.15.6 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index eb14c63..73d3494 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg (0.15.6) unstable; urgency=low + + * update cli-expand-var script to match current variable reference + syntax. + + -- An-Cheng Huang Wed, 29 Jul 2009 12:02:31 -0700 + vyatta-cfg (0.15.5) unstable; urgency=low * alter rename rule option to work for firewall and nat rules -- cgit v1.2.3 From e33736282961ba3e277fa03d6cf843556b7c8b33 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Wed, 29 Jul 2009 15:17:10 -0700 Subject: Add hw_address method for use in bonding Bonding management needs easy way to find hardware address. Related to Bug 4758 (cherry picked from commit a4404bfb3c4243967a4434707213430d5c4df58e) --- lib/Vyatta/Interface.pm | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/lib/Vyatta/Interface.pm b/lib/Vyatta/Interface.pm index 96429c0..97ef7f7 100755 --- a/lib/Vyatta/Interface.pm +++ b/lib/Vyatta/Interface.pm @@ -222,6 +222,18 @@ sub flags { return hex($val); } +sub hw_address { + my $self = shift; + + open my $addrf, '<', "/sys/class/net/$self->{name}/address" + or return; + my $address = <$addrf>; + close $addrf; + + chomp $address if $address; + return $address; +} + sub is_broadcast { my $self = shift; return $self->flags() & IFF_BROADCAST; -- cgit v1.2.3 From 276746f1ca75bf4e95357ece6233b0621a4c897d Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Wed, 29 Jul 2009 19:01:25 -0700 Subject: Fix [Bug 4760] New: members were removed after an in-use firewall group failed to be deleted (cherry picked from commit 0d0761a6081ec04f6f27f5785f1ff5b7d8b38ffa) --- templates/priority | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/templates/priority b/templates/priority index c1507b3..9ee1fe9 100644 --- a/templates/priority +++ b/templates/priority @@ -85,7 +85,12 @@ # "active config" tree at the time the lower-level node is committed. # -200 firewall/group +200 firewall/group/port-group +200 firewall/group/port-group/node.tag/port +200 firewall/group/address-group +200 firewall/group/address-group/node.tag/address +200 firewall/group/network-group +200 firewall/group/network-group/node.tag/network 210 firewall/name/node.tag 210 firewall/modify/node.tag 210 firewall/ipv6-name/node.tag -- cgit v1.2.3 From 362e4280979ad499fc9662023761250ac24e02aa Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Thu, 30 Jul 2009 11:43:34 -0700 Subject: 0.15.7 --- debian/changelog | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/debian/changelog b/debian/changelog index 73d3494..cd8f503 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,14 @@ +vyatta-cfg (0.15.7) unstable; urgency=low + + [ Stephen Hemminger ] + * Add hw_address method for use in bonding + + [ Stig Thormodsrud ] + * Fix [Bug 4760] New: members were removed after an in-use firewall + group + + -- Stig Thormodsrud Thu, 30 Jul 2009 11:43:34 -0700 + vyatta-cfg (0.15.6) unstable; urgency=low * update cli-expand-var script to match current variable reference -- cgit v1.2.3 From 9c2f8965e28bd4af5f8773b85dbee0511f447ec3 Mon Sep 17 00:00:00 2001 From: slioch Date: Fri, 31 Jul 2009 15:07:36 -0700 Subject: cleaned out more of the islavista rank code. closing bug 4473 as a result --- lib/Vyatta/ConfigLoad.pm | 95 ++++----------------------------------- scripts/vyatta-config-gen-sets.pl | 9 ---- scripts/vyatta-config-loader.pl | 15 +------ 3 files changed, 9 insertions(+), 110 deletions(-) diff --git a/lib/Vyatta/ConfigLoad.pm b/lib/Vyatta/ConfigLoad.pm index 09bd627..8ffc9c0 100755 --- a/lib/Vyatta/ConfigLoad.pm +++ b/lib/Vyatta/ConfigLoad.pm @@ -27,55 +27,6 @@ use lib "/opt/vyatta/share/perl5"; use XorpConfigParser; use Vyatta::Config; -# configuration ordering. higher rank configured before lower rank. -my $default_rank = 0; -my %config_rank = ( - 'qos-policy' => 1110, - 'firewall group' => 1100, - 'firewall' => 1090, - 'service nat' => 1080, - 'system host-name' => 1070, - 'protocols ospf parameters' => 1060, - 'protocols ospf' => 1055, - 'protocols rip interface' => 905, - 'protocols rip' => 1050, - 'interfaces' => 1000, - 'interfaces bonding' => 995, - 'interfaces bridge' => 990, - 'interfaces ethernet' => 980, - 'interfaces tunnel' => 910, - 'zone-policy zone' => 900, - 'system gateway-address' => 890, - 'system name-server' => 880, - 'system login user' => 870, - 'system' => 860, - 'protocols static' => 850, - 'service ssh' => 840, - 'service telnet' => 830, - 'service webproxy' => 828, - 'service http' => 827, - 'service dhcp-relay' => 826, - 'service dhcp-server' => 825, - 'service dns' => 824, - 'service nat' => 823, - 'policy' => 820, - 'protocols bgp' => 790, - 'vpn' => 600, -); - -my %regex_rank = ( - 'interfaces ethernet \S* vrrp' => 500, - 'interfaces ethernet \S* vif \S* vrrp' => 500, - 'interfaces ethernet \S* pppo[ea]' => 400, - 'protocols bgp \d+ parameters' => 810, - 'protocols bgp \d+ neighbor \d+\.\d+\.\d+\.\d+' => 800, - 'protocols bgp \d+ neighbor \w+' => 801, - 'interfaces bridge \S* address' => 920, - 'zone-policy zone \S* interface' => 899, - 'zone-policy zone \S* local-zone' => 899, - 'zone-policy zone \S* from' => 898, -); - my @all_nodes = (); my @all_naked_nodes = (); @@ -85,30 +36,6 @@ sub match_regex { return ($str =~ m/$pattern/) ? 1 : 0; } -sub get_regex_rank { - my ($str) = @_; - foreach (keys %regex_rank) { - if (match_regex($_, $str)) { - return $regex_rank{$_}; - } - } - return; # undef if no match -} - -sub get_config_rank { - # longest prefix match - my @path = @_; - while ((scalar @path) > 0) { - my $path_str = join ' ', @path; - if (defined($config_rank{$path_str})) { - return ($config_rank{$path_str}); - } - my $wrank = get_regex_rank($path_str); - return $wrank if (defined($wrank)); - pop @path; - } - return $default_rank; -} sub applySingleQuote { my @return = (); @@ -161,12 +88,12 @@ sub enumerate_branch { } push @all_naked_nodes, [ @cur_path ]; my @qpath = applySingleQuote(@cur_path); - push @all_nodes, [\@qpath, get_config_rank(@cur_path)]; + push @all_nodes, [\@qpath, 0]; } } # $0: config file to load -# return: list of all config statement sorted by rank +# return: list of all config statement sub getStartupConfigStatements { # clean up the lists first @all_nodes = (); @@ -185,7 +112,6 @@ sub getStartupConfigStatements { } enumerate_branch($root, ( )); - @all_nodes = sort { ${$b}[1] <=> ${$a}[1] } @all_nodes; return @all_nodes; } @@ -280,8 +206,7 @@ sub getSortedMultiValues { my $key = "$path_str $_"; push @list, [ $_, $node_order{$key} ]; } - my @slist = sort { ${$a}[1] <=> ${$b}[1] } @list; - @slist = map { ${$_}[0] } @slist; + my @slist = map { ${$_}[0] } @list; return @slist; } @@ -309,7 +234,7 @@ sub findDeletedValues { my %comp_hash = $active_cfg->compareValueLists(\@ovals, \@nvals); foreach (@{$comp_hash{'deleted'}}) { my @plist = applySingleQuote(@active_path, $_); - push @delete_list, [\@plist, get_config_rank(@active_path, $_)]; + push @delete_list, [\@plist, 0]; } } else { # do nothing. if a single-value leaf node is deleted, it should have @@ -336,7 +261,7 @@ sub findDeletedNodes { } if (!defined($new_ref->{$_})) { my @plist = applySingleQuote(@active_path, $_); - push @delete_list, [\@plist, get_config_rank(@active_path, $_)]; + push @delete_list, [\@plist, 0]; } else { findDeletedNodes($new_ref->{$_}, [ @active_path, $_ ]); } @@ -364,7 +289,7 @@ sub findSetValues { my %comp_hash = $active_cfg->compareValueLists(\@ovals, \@nvals); foreach (@{$comp_hash{'added'}}) { my @plist = applySingleQuote(@active_path, $_); - push @set_list, [\@plist, get_config_rank(@active_path, $_)]; + push @set_list, [\@plist, 0]; } } else { my @nvals = keys %{$new_ref}; @@ -375,7 +300,7 @@ sub findSetValues { my $oval = $active_cfg->returnOrigValue(''); if (!defined($oval) || ($nval ne $oval)) { my @plist = applySingleQuote(@active_path, $nval); - push @set_list, [\@plist, get_config_rank(@active_path, $nval)]; + push @set_list, [\@plist, 0]; } } } @@ -400,7 +325,7 @@ sub findSetNodes { # check if we need to add this node. if (!defined($active_hash{$_})) { my @plist = applySingleQuote(@active_path, $_); - push @set_list, [\@plist, get_config_rank(@active_path, $_)]; + push @set_list, [\@plist, 0]; } else { # node already present. do nothing. } @@ -423,10 +348,6 @@ sub getConfigDiff { @delete_list = (); findDeletedNodes($new_cfg_ref, [ ]); findSetNodes($new_cfg_ref, [ ]); - # don't really need to sort the lists by rank since we have to commit - # everything together anyway. - @delete_list = sort { ${$a}[1] <=> ${$b}[1] } @delete_list; - @set_list = sort { ${$b}[1] <=> ${$a}[1] } @set_list; # need to filter out deletions of nodes with default values my @new_delete_list = (); diff --git a/scripts/vyatta-config-gen-sets.pl b/scripts/vyatta-config-gen-sets.pl index 2fe4ac6..566570e 100755 --- a/scripts/vyatta-config-gen-sets.pl +++ b/scripts/vyatta-config-gen-sets.pl @@ -32,23 +32,14 @@ my $conf_file = '/opt/vyatta/etc/config/config.boot'; $conf_file = $ARGV[0] if defined $ARGV[0]; # get a list of all config statement in the startup config file -# (sorted by rank). my @all_nodes = Vyatta::ConfigLoad::getStartupConfigStatements($conf_file); if (scalar(@all_nodes) == 0) { # no config statements exit 1; } -my $cur_rank = ${$all_nodes[0]}[1]; my $ret = 0; -# higher-ranked statements committed before lower-ranked. foreach (@all_nodes) { - my ($path_ref, $rank) = @$_; - if ($rank != $cur_rank) { - # commit all nodes with the same rank together. - print "commit\n"; - $cur_rank = $rank; - } my $cmd = "set " . (join ' ', @$path_ref); print "$cmd\n"; } diff --git a/scripts/vyatta-config-loader.pl b/scripts/vyatta-config-loader.pl index a32d1fc..61eafa5 100755 --- a/scripts/vyatta-config-loader.pl +++ b/scripts/vyatta-config-loader.pl @@ -46,14 +46,12 @@ sub restore_fds { } # get a list of all config statement in the startup config file -# (sorted by rank). my @all_nodes = Vyatta::ConfigLoad::getStartupConfigStatements($ARGV[0]); if (scalar(@all_nodes) == 0) { # no config statements restore_fds(); exit 1; } -my $cur_rank = ${$all_nodes[0]}[1]; # set up the config environment my $CWRAPPER = '/opt/vyatta/sbin/vyatta-cfg-cmd-wrapper'; @@ -69,20 +67,9 @@ if ($? >> 8) { my $commit_cmd = "$CWRAPPER commit"; my $cleanup_cmd = "$CWRAPPER cleanup"; my $ret = 0; -# higher-ranked statements committed before lower-ranked. +my $rank; #not used foreach (@all_nodes) { my ($path_ref, $rank) = @$_; - if ($rank != $cur_rank) { - # commit all nodes with the same rank together. - $ret = 0; #system("$commit_cmd"); - if ($ret >> 8) { - print OLDOUT "Commit failed at rank $cur_rank\n"; - print WARN "Commit failed at rank $cur_rank\n"; - system("$cleanup_cmd"); - # continue after cleanup (or should we abort?) - } - $cur_rank = $rank; - } my $cmd = "$CWRAPPER set " . (join ' ', @$path_ref); # this debug file should be deleted before release system("echo [$cmd] >> /tmp/foo"); -- cgit v1.2.3 From 96f7e670ada5775ade00d8c68b5198bfbde527ac Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Fri, 31 Jul 2009 14:58:59 -0700 Subject: Revert "Fix [Bug 4760] New: members were removed after an in-use firewall group" This reverts commit 0d0761a6081ec04f6f27f5785f1ff5b7d8b38ffa. The fix is worse than the problem. Since the cli doesn't do deletes in reverse, the addition priorities cause the parent to be deleted before the group members. --- templates/priority | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/templates/priority b/templates/priority index 9ee1fe9..c1507b3 100644 --- a/templates/priority +++ b/templates/priority @@ -85,12 +85,7 @@ # "active config" tree at the time the lower-level node is committed. # -200 firewall/group/port-group -200 firewall/group/port-group/node.tag/port -200 firewall/group/address-group -200 firewall/group/address-group/node.tag/address -200 firewall/group/network-group -200 firewall/group/network-group/node.tag/network +200 firewall/group 210 firewall/name/node.tag 210 firewall/modify/node.tag 210 firewall/ipv6-name/node.tag -- cgit v1.2.3 From dad0cbb2054951b88d4d27f06cea9e943ceef6c3 Mon Sep 17 00:00:00 2001 From: Stig Thormodsrud Date: Fri, 31 Jul 2009 16:02:57 -0700 Subject: Another attempt to fix 4760. (cherry picked from commit 8c5310f8ec7a6a0d63aa9b60a37ce4134513bdc3) --- templates/priority | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/templates/priority b/templates/priority index c1507b3..274d8b8 100644 --- a/templates/priority +++ b/templates/priority @@ -85,7 +85,9 @@ # "active config" tree at the time the lower-level node is committed. # -200 firewall/group +200 firewall/group/address-group +200 firewall/group/network-group +200 firewall/group/port-group 210 firewall/name/node.tag 210 firewall/modify/node.tag 210 firewall/ipv6-name/node.tag -- cgit v1.2.3 From 592cf5dd67d71e80b495b9e779b0713078fad5b4 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 6 Aug 2009 12:18:37 -0700 Subject: 0.15.8 --- debian/changelog | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/debian/changelog b/debian/changelog index cd8f503..29f459e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,18 @@ +vyatta-cfg (0.15.8) unstable; urgency=low + + [ slioch ] + * cleaned out more of the islavista rank code. closing bug 4473 as a + result + + [ Stig Thormodsrud ] + * Revert "Fix [Bug 4760] New: members were removed after an in-use + firewall group" + * Another attempt to fix 4760. + + [ Stephen Hemminger ] + + -- Stephen Hemminger Thu, 06 Aug 2009 12:18:18 -0700 + vyatta-cfg (0.15.7) unstable; urgency=low [ Stephen Hemminger ] -- cgit v1.2.3 From c91b9c6c32c8494c28f1e455a40445a6818b1c2e Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Fri, 7 Aug 2009 18:47:17 -0700 Subject: check if port name is valid for both tcp and udp when protocol tcp_udp --- lib/Vyatta/Misc.pm | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/Vyatta/Misc.pm b/lib/Vyatta/Misc.pm index 7f5e506..5852e84 100755 --- a/lib/Vyatta/Misc.pm +++ b/lib/Vyatta/Misc.pm @@ -358,7 +358,15 @@ sub getPortRuleString { return ( undef, $err ); } } - ( $success, $err ) = isValidPortName( $port_spec, $proto ); + if ($proto eq 'tcp_udp') { + ( $success, $err ) = isValidPortName( $port_spec, 'tcp' ); + if (defined $success) { + # only do udp test if the tcp test was a success + ( $success, $err ) = isValidPortName( $port_spec, 'udp' ) + } + } else { + ( $success, $err ) = isValidPortName( $port_spec, $proto ); + } if ( defined($success) ) { $num_ports += 1; next; -- cgit v1.2.3 From 38b742f41be3935b08bbd5cc466b72ba7c639b08 Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Fri, 7 Aug 2009 18:56:02 -0700 Subject: 0.15.9 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 29f459e..5004367 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg (0.15.9) unstable; urgency=low + + * check if port name is valid for both tcp and udp when protocol + tcp_udp + + -- Mohit Mehta Fri, 07 Aug 2009 18:56:01 -0700 + vyatta-cfg (0.15.8) unstable; urgency=low [ slioch ] -- cgit v1.2.3 From ecd1018636b82242d7827d301723d15a12d10949 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Wed, 12 Aug 2009 09:14:58 -0700 Subject: Add priority for wireless Placeholder for wireless access point --- templates/priority | 1 + 1 file changed, 1 insertion(+) diff --git a/templates/priority b/templates/priority index 274d8b8..815b884 100644 --- a/templates/priority +++ b/templates/priority @@ -106,6 +106,7 @@ 330 interfaces/adsl 340 interfaces/serial 350 interfaces/wirelessmodem +350 interfaces/wireless 380 interfaces/tunnel 380 interfaces/openvpn 390 interfaces/pseudo-ethernet -- cgit v1.2.3 From 10a869acbf23193c20c33a783a907fdc6a8a70f5 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Wed, 12 Aug 2009 21:17:10 -0700 Subject: Skip wmaster interface in operational commands Ignore the bogus wmaster interface --- lib/Vyatta/Misc.pm | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/Vyatta/Misc.pm b/lib/Vyatta/Misc.pm index 5852e84..091e49f 100755 --- a/lib/Vyatta/Misc.pm +++ b/lib/Vyatta/Misc.pm @@ -93,11 +93,17 @@ sub generate_dhclient_intf_files { } +# get list of interfaces on the system via sysfs +# skip dot files (and any interfaces name .xxx) +# and bond_masters file used by bonding +# and pseudo-interface wmaster used by wireless (will disappear in 2.6.32) sub getInterfaces { opendir( my $sys_class, '/sys/class/net' ) or die "can't open /sys/class/net: $!"; - my @interfaces = - grep { ( !/^\./ ) && ( $_ ne 'bonding_masters' ) } readdir $sys_class; + my @interfaces = grep { ( !/^\./ ) && + ( $_ ne 'bonding_masters' ) && + ! ( $_ =~ '^wmaster\d+$') + } readdir $sys_class; closedir $sys_class; return @interfaces; } -- cgit v1.2.3 From 4d8e5cc509ac3c74cdc25a7a22256c6624ffe3a9 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 13 Aug 2009 14:49:52 -0700 Subject: Skip more wireless interfaces Hostapd creates mon.wlanX interfaces which are not something we need to make visible. --- lib/Vyatta/Misc.pm | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/Vyatta/Misc.pm b/lib/Vyatta/Misc.pm index 091e49f..6089361 100755 --- a/lib/Vyatta/Misc.pm +++ b/lib/Vyatta/Misc.pm @@ -96,12 +96,13 @@ sub generate_dhclient_intf_files { # get list of interfaces on the system via sysfs # skip dot files (and any interfaces name .xxx) # and bond_masters file used by bonding -# and pseudo-interface wmaster used by wireless (will disappear in 2.6.32) +# and wireless control interfaces sub getInterfaces { opendir( my $sys_class, '/sys/class/net' ) or die "can't open /sys/class/net: $!"; my @interfaces = grep { ( !/^\./ ) && ( $_ ne 'bonding_masters' ) && + ! ( $_ =~ '^mon.wlan\d$') && ! ( $_ =~ '^wmaster\d+$') } readdir $sys_class; closedir $sys_class; -- cgit v1.2.3 From d9fb1e6fee1ab2114ba9cd4dbd10ec6521ec96a9 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Wed, 19 Aug 2009 17:13:06 -0700 Subject: Add ability to disable flow-control Bug 4419 --- templates/interfaces/ethernet/node.tag/disable-flow-control/node.def | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 templates/interfaces/ethernet/node.tag/disable-flow-control/node.def diff --git a/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def b/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def new file mode 100644 index 0000000..10c6c06 --- /dev/null +++ b/templates/interfaces/ethernet/node.tag/disable-flow-control/node.def @@ -0,0 +1,4 @@ +help: Set to disable Ethernet flow control (pause frames) +create: sudo ethtool --pause $VAR(../@) autoneg off tx off rx off +delete: [ -d /sys/class/net/$VAR(../@) ] || exit 0 + sudo ethtool --pause $VAR(../@) autoneg on tx on rx on -- cgit v1.2.3 From c0a47925dd8afe91a694fa20d2e65e986974ac79 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 20 Aug 2009 11:51:07 -0700 Subject: 0.15.10 --- debian/changelog | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debian/changelog b/debian/changelog index 5004367..05582a6 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +vyatta-cfg (0.15.10) unstable; urgency=low + + * Add priority for wireless + * Skip wmaster interface in operational commands + * Add ability to disable flow-control + + -- Stephen Hemminger Thu, 20 Aug 2009 11:51:01 -0700 + vyatta-cfg (0.15.9) unstable; urgency=low * check if port name is valid for both tcp and udp when protocol -- cgit v1.2.3 From 29662246b32dd27b2540ae766684f2c634e8d044 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Mon, 24 Aug 2009 12:15:06 -0700 Subject: Add a small script to test for node existance This does the same thing as vyatta-quagga-utils.pl --exists, but it is generally useful (outside quagga) and has less overhead than a perl compile. --- Makefile.am | 1 + scripts/vyatta-exists | 14 ++++++++++++++ 2 files changed, 15 insertions(+) create mode 100755 scripts/vyatta-exists diff --git a/Makefile.am b/Makefile.am index f7096af..217de7e 100644 --- a/Makefile.am +++ b/Makefile.am @@ -56,6 +56,7 @@ sbin_SCRIPTS += scripts/vyatta-cfg-notify sbin_SCRIPTS += scripts/vyatta-interfaces.pl sbin_SCRIPTS += scripts/vyatta-irqaffin sbin_SCRIPTS += scripts/vyatta-check-typeless-node.pl +sbin_SCRIPTS += scripts/vyatta-exists share_perl5_DATA = lib/Vyatta/Config.pm share_perl5_DATA += lib/Vyatta/Misc.pm diff --git a/scripts/vyatta-exists b/scripts/vyatta-exists new file mode 100755 index 0000000..ef2dea3 --- /dev/null +++ b/scripts/vyatta-exists @@ -0,0 +1,14 @@ +#! /bin/bash + +# Test if given node exists in Vyatta config hierarchy +# +# if vyatta-exists interfaces wireless + +if [ -z "$VYATTA_TEMP_CONFIG_DIR" ]; then + echo "$0: not in configuration mode" 1>&2; + exit 1; +fi +IFS=/ +node=$* +IFS= +exec test -d $VYATTA_TEMP_CONFIG_DIR/$node -- cgit v1.2.3 From 92f2314585e789288656da5830fed0b25ab843f2 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Mon, 24 Aug 2009 12:16:13 -0700 Subject: 0.15.11 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 05582a6..7adfe98 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg (0.15.11) unstable; urgency=low + + * Skip more wireless interfaces + * Add a small script to test for node existance + + -- Stephen Hemminger Mon, 24 Aug 2009 12:16:12 -0700 + vyatta-cfg (0.15.10) unstable; urgency=low * Add priority for wireless -- cgit v1.2.3 From 694826938f19a97640a7b87a73e5e06eb572e63c Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 27 Aug 2009 09:05:48 -0700 Subject: add no copybreak for more drivers --- etc/modprobe.d/vyatta_nocopybreak | 3 +++ 1 file changed, 3 insertions(+) diff --git a/etc/modprobe.d/vyatta_nocopybreak b/etc/modprobe.d/vyatta_nocopybreak index deb962f..0ac3052 100644 --- a/etc/modprobe.d/vyatta_nocopybreak +++ b/etc/modprobe.d/vyatta_nocopybreak @@ -40,6 +40,9 @@ options e1000 copybreak=0 options e1000e copybreak=0 +options sky2 copybreak=0 +options via-rhine rx_copybreak=0 +options via-velocity rx_copybreak=0 -- cgit v1.2.3 From a84810d27eb4bbc721c0ee326fe64589ffcf2f3c Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 27 Aug 2009 09:54:36 -0700 Subject: Failure to set address should fail the commit The script was hiding any error exit codes from 'ip' command. Switch to using exec so that error exits fail the commit. Discovered when testing with IPV6 disabled. --- scripts/vyatta-interfaces.pl | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index 86410c1..567e3b7 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -260,10 +260,12 @@ sub update_eth_addrs { } if ($version == 4) { - return system("ip addr add $addr broadcast + dev $intf"); + exec (qw(ip addr add),$addr,qw(broadcast + dev), $intf) + or die "ip addr command failed: $!"; } if ($version == 6) { - return system("ip -6 addr add $addr dev $intf"); + exec (qw(ip -6 addr add), $addr, 'dev', $intf) + or die "ip addr command failed: $!"; } die "Error: Invalid address/prefix [$addr] for interface $intf\n"; } @@ -316,7 +318,8 @@ sub update_mac { system "sudo ip link set $intf up" and die "Could not set $intf up ($!)\n"; } else { - exec "sudo ip link set $intf address $mac"; + system "sudo ip link set $intf address $mac" + and die "Could not set $intf address ($!)\n"; } exit 0; } -- cgit v1.2.3 From 6d5cd9bde64b0c09ef72c4534a97caa8ebf0e426 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Thu, 27 Aug 2009 10:07:06 -0700 Subject: 0.15.12 --- debian/changelog | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/debian/changelog b/debian/changelog index 7adfe98..7acf5f0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +vyatta-cfg (0.15.12) unstable; urgency=low + + * add no copybreak for more drivers + * Failure to set address should fail the commit + + -- Stephen Hemminger Thu, 27 Aug 2009 10:07:06 -0700 + vyatta-cfg (0.15.11) unstable; urgency=low * Skip more wireless interfaces -- cgit v1.2.3 From 90ae175f1e0f126d93db1f9c29a3f44d76087e8d Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Fri, 28 Aug 2009 15:38:56 -0700 Subject: Bugfix 4793: Load the acpi_cpufreq module on certain processors. (cherry picked from commit 6202e7c5f0e8e0657c49e9d8422b6ef45b9ff84b) --- etc/init.d/vyatta-ofr | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/etc/init.d/vyatta-ofr b/etc/init.d/vyatta-ofr index 4fb4c1e..39e9904 100755 --- a/etc/init.d/vyatta-ofr +++ b/etc/init.d/vyatta-ofr @@ -125,7 +125,20 @@ cleanup_raid() rmmod $MD_MODULES > /tmp/vyatta_raid_cleanup_log 2>&1 } - +# +# Load the acpi_cpufreq kernel module, but only for certain processors. +# Some Intel CPUs need to have it loaded in order to initialize +# properly. +# +load_acpi_cpufreq() +{ + manuf=`dmidecode -s processor-manufacturer` + family=`dmidecode -s processor-family` + if [ "$manuf" = "Intel" -a "$family" = "Xeon" ]; then + logger -t "$progname" -p user.notice "loading acpi_cpufreq module" + modprobe acpi_cpufreq + fi +} start () { @@ -141,6 +154,7 @@ start () ${vyatta_sbindir}/${s}.init start || (log_end_msg $? && return) done load_bootfile + load_acpi_cpufreq cleanup_raid chmod g-w,o-w / -- cgit v1.2.3 From 0999e219b83702d8ee02c282dd77f1ff98b10c6b Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Fri, 28 Aug 2009 15:43:01 -0700 Subject: 0.15.13 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index 7acf5f0..ef669d0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg (0.15.13) unstable; urgency=low + + * Bugfix 4793: Load the acpi_cpufreq module on certain processors. + + -- Bob Gilligan Fri, 28 Aug 2009 15:43:00 -0700 + vyatta-cfg (0.15.12) unstable; urgency=low * add no copybreak for more drivers -- cgit v1.2.3 From 1717a06d1dbc481b1894b90fd2734aeee9c1f963 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Fri, 28 Aug 2009 17:47:46 -0700 Subject: Bugfix 4793: Narrow the set of platforms on which module is loaded. (cherry picked from commit 97cd67eda018db24517ad644d2ad1547fdb52231) --- etc/init.d/vyatta-ofr | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/etc/init.d/vyatta-ofr b/etc/init.d/vyatta-ofr index 39e9904..45333ac 100755 --- a/etc/init.d/vyatta-ofr +++ b/etc/init.d/vyatta-ofr @@ -132,9 +132,9 @@ cleanup_raid() # load_acpi_cpufreq() { - manuf=`dmidecode -s processor-manufacturer` - family=`dmidecode -s processor-family` - if [ "$manuf" = "Intel" -a "$family" = "Xeon" ]; then + manuf=`dmidecode -s system-manufacturer` + prod=`dmidecode -s system-product-name` + if [ "$manuf" = "Vyatta" -a "$prod" = "Series 2500" ]; then logger -t "$progname" -p user.notice "loading acpi_cpufreq module" modprobe acpi_cpufreq fi -- cgit v1.2.3 From 00737a5cb32e818a3741aa59ca16e61308367e27 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Fri, 28 Aug 2009 17:51:04 -0700 Subject: 0.15.14 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index ef669d0..f93b9ae 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg (0.15.14) unstable; urgency=low + + * Bugfix 4793: Narrow the set of platforms on which module is loaded. + + -- Bob Gilligan Fri, 28 Aug 2009 17:51:04 -0700 + vyatta-cfg (0.15.13) unstable; urgency=low * Bugfix 4793: Load the acpi_cpufreq module on certain processors. -- cgit v1.2.3 From f50e8a9c76156a003d07fbca48f35abd24a434d0 Mon Sep 17 00:00:00 2001 From: slioch Date: Fri, 4 Sep 2009 21:17:23 -0700 Subject: added data path to environment during commit. value key is "NODE_DATA_PATH". nodes are delimited by "/" rather than spaces. --- src/commit2.c | 7 +++++++ src/common/defs.h | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/commit2.c b/src/commit2.c index d489923..6274ec6 100644 --- a/src/commit2.c +++ b/src/commit2.c @@ -409,6 +409,9 @@ process_func(GNode *node, gpointer data) set_in_delete_action(TRUE); } + //set location env + setenv(ENV_DATA_PATH,d->_path,1); + //do last sibling check GNode *n = g_node_last_sibling(node); if (n == node) { @@ -451,6 +454,7 @@ process_func(GNode *node, gpointer data) unsetenv(ENV_ACTION_NAME); unsetenv(ENV_SIBLING_POSITION); + unsetenv(ENV_DATA_PATH); if (g_coverage) { struct timeval t; @@ -1062,7 +1066,10 @@ validate_func(GNode *node, gpointer data) boolean status = 1; if (g_dump_actions == FALSE) { + //set location env + setenv(ENV_DATA_PATH,d->_path,1); status = execute_list(c->_def.actions[result->_action].vtw_list_head,&c->_def); + unsetenv(ENV_DATA_PATH); } else { char buf[MAX_LENGTH_DIR_PATH*sizeof(char)]; diff --git a/src/common/defs.h b/src/common/defs.h index daca88a..50d2337 100644 --- a/src/common/defs.h +++ b/src/common/defs.h @@ -16,7 +16,7 @@ #define ENV_ACTION_SET "SET" #define ENV_ACTION_ACTIVE "ACTIVE" #define ENV_SIBLING_POSITION "COMMIT_SIBLING_POSITION" - +#define ENV_DATA_PATH "NODE_DATA_PATH" struct Result { -- cgit v1.2.3 From 27d542ae3c6ff507509c502fc96b8e1245040de1 Mon Sep 17 00:00:00 2001 From: slioch Date: Wed, 9 Sep 2009 09:27:45 -0700 Subject: fix for bug 4697. Added range value check that start must be less than or equal to stop address --- lib/Vyatta/TypeChecker.pm | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/Vyatta/TypeChecker.pm b/lib/Vyatta/TypeChecker.pm index 27d9e03..c13ef4b 100755 --- a/lib/Vyatta/TypeChecker.pm +++ b/lib/Vyatta/TypeChecker.pm @@ -91,6 +91,12 @@ sub validate_ipv4range { return 0 if (!/^([^-]+)-([^-]+)$/); my ($a1, $a2) = ($1, $2); return 0 if (!validate_ipv4($a1) || !validate_ipv4($a2)); + #need to check that range is in ascending order + $a1 =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)/; + my $v1 = $1*256*256*256+$2*256*256+$3*256+$4; + $a2 =~ m/^(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)\.(\d\d?\d?)/; + my $v2 = $1*256*256*256+$2*256*256+$3*256+$4; + return 0 if ($v1 > $v2); return 1; } -- cgit v1.2.3 From a6df3e3bc02a91711484d74d27cfa19bc868b379 Mon Sep 17 00:00:00 2001 From: slioch Date: Wed, 9 Sep 2009 09:29:14 -0700 Subject: 0.15.15 --- debian/changelog | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/debian/changelog b/debian/changelog index f93b9ae..e3063ba 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +vyatta-cfg (0.15.15) unstable; urgency=low + + * added data path to environment during commit. value key is + "NODE_DATA_PATH". nodes are delimited by "/" rather than spaces. + * fix for bug 4697. Added range value check that start must be less + than or equal to stop address + + -- slioch Wed, 09 Sep 2009 09:29:14 -0700 + vyatta-cfg (0.15.14) unstable; urgency=low * Bugfix 4793: Narrow the set of platforms on which module is loaded. -- cgit v1.2.3 From ea5439cd08cd0f79dce8a7a885f06b5ec211eebb Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Wed, 9 Sep 2009 14:19:43 -0700 Subject: Allow empty description Bug 4918 --- templates/interfaces/ethernet/node.tag/description/node.def | 2 +- .../interfaces/ethernet/node.tag/vif/node.tag/description/node.def | 2 +- templates/interfaces/loopback/node.tag/description/node.def | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/templates/interfaces/ethernet/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/description/node.def index ccec5e1..7f64c78 100644 --- a/templates/interfaces/ethernet/node.tag/description/node.def +++ b/templates/interfaces/ethernet/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo ip link set $VAR(../@) alias "$VAR(@)" +update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../@)/ifalias" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias" diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def index fda2e3c..d85db27 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo ip link set dev "$VAR(../../@).$VAR(../@)" alias "$VAR(@)" +update: sudo sh -c "echo \"VAR(@)\" >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../../@).$VAR(../@)/ifalias" diff --git a/templates/interfaces/loopback/node.tag/description/node.def b/templates/interfaces/loopback/node.tag/description/node.def index ccec5e1..7f64c78 100644 --- a/templates/interfaces/loopback/node.tag/description/node.def +++ b/templates/interfaces/loopback/node.tag/description/node.def @@ -1,4 +1,4 @@ type: txt help: Set description for this interface -update: sudo ip link set $VAR(../@) alias "$VAR(@)" +update: sudo sh -c "echo \"$VAR(@)\" >/sys/class/net/$VAR(../@)/ifalias" delete: sudo sh -c "echo '' >/sys/class/net/$VAR(../@)/ifalias" -- cgit v1.2.3 From 42abfac6f11077dbfc3b0eaf845597e38f7cd685 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Wed, 9 Sep 2009 14:39:26 -0700 Subject: 0.15.16 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/debian/changelog b/debian/changelog index e3063ba..c13f455 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-cfg (0.15.16) unstable; urgency=low + + * Allow empty description + + -- Stephen Hemminger Wed, 09 Sep 2009 14:39:25 -0700 + vyatta-cfg (0.15.15) unstable; urgency=low * added data path to environment during commit. value key is -- cgit v1.2.3