From 84fb2f920765c6d02f35ef1654dc0f8c2bef648c Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Wed, 9 Sep 2009 17:08:21 -0700 Subject: Bugfix 4700, 4269: Fix set and commit-time checks of ethernet address values Changed the the set-time and commit-time check of ethernet interface address values. These checks need to prevent configuring both DHCP and static IPv4 addresses on the same interfac. The previous checks were comparing against the running configuration tree, not the proposed config tree. Now the set-time check is purely a syntax check, and the commit-time check only checks for both DHCP and static IPv4 addresses in the proposed config. The system now allows DHCP and static IPv6 addresses to be configured on the same interface. --- templates/interfaces/ethernet/node.tag/address/node.def | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'templates') diff --git a/templates/interfaces/ethernet/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/address/node.def index dd4d5fa..db87ff0 100644 --- a/templates/interfaces/ethernet/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/address/node.def @@ -1,11 +1,26 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"\ + +# Syntax check at "set" time. Give curent address value to script +# so that it can perform syntax check. +# +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"\ ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" + +# Syntax check at "commit" time. Pass all address values to script so that +# it can perform consistency check. +# +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)" + create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) + delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) + allowed: echo "dhcp <>" + comp_help:Possible completions: Set the IP address and prefix length Set the IPv6 address and prefix length -- cgit v1.2.3 From d32ceb43ab64530c6eca81ec83fe4b374dd510d0 Mon Sep 17 00:00:00 2001 From: Bob Gilligan Date: Wed, 9 Sep 2009 17:38:00 -0700 Subject: Bugfix 4700, 4269: Fix set and commit-time checks for ethernet vif addresses too Also restore "--valid-addr" flag to vyatta-interfaces.pl since it is used outside this package. --- scripts/vyatta-interfaces.pl | 1 + .../ethernet/node.tag/vif/node.tag/address/node.def | 17 ++++++++++++++++- templates/interfaces/loopback/node.tag/address/node.def | 5 ++++- 3 files changed, 21 insertions(+), 2 deletions(-) (limited to 'templates') diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index ac690c5..0ae5330 100755 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -71,6 +71,7 @@ EOF GetOptions("eth-addr-update=s" => \$eth_update, "eth-addr-delete=s" => \$eth_delete, + "valid-addr=s" => \$addr_set, "valid-addr-set=s" => \$addr_set, "valid-addr-commit=s{,}" => \@addr_commit, "dev=s" => \$dev, diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def index 4c93905..a5edef6 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def @@ -1,11 +1,26 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ + +# Syntax check at "set" time. Give curent address value to script +# so that it can perform syntax check. +# +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../../@).$VAR(../@) "\ ; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)" + +# Syntax check at "commit" time. Pass all address values to script so that +# it can perform consistency check. +# +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../../@).$VAR(../@)" + create:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) + delete:sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) + allowed: echo "dhcp <>" + comp_help:Possible completions: Set the IP address and prefix length Set the IPv6 address and prefix length diff --git a/templates/interfaces/loopback/node.tag/address/node.def b/templates/interfaces/loopback/node.tag/address/node.def index 29e8973..76c2e76 100644 --- a/templates/interfaces/loopback/node.tag/address/node.def +++ b/templates/interfaces/loopback/node.tag/address/node.def @@ -1,7 +1,10 @@ multi: + type: txt + help: Set an IP address for this interface -syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; \ + +syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-set $VAR(@) --dev $VAR(../@)"; \ "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; \ -- cgit v1.2.3