summaryrefslogtreecommitdiff
path: root/templates-cfg/system
diff options
context:
space:
mode:
authorGaurav Sinha <gaurav.sinha@vyatta.com>2012-04-17 11:03:10 -0700
committerGaurav Sinha <gaurav.sinha@vyatta.com>2012-04-17 11:03:10 -0700
commitcc7d0c96369980eeda4c01fca1035dca4636243a (patch)
treef1927f8d0f8a2631ff6b1190e3f1af13f1a50cb6 /templates-cfg/system
parent6c46c3a8616e5e59120b5b8bf8332dc543c2267f (diff)
downloadvyatta-conntrack-cc7d0c96369980eeda4c01fca1035dca4636243a.tar.gz
vyatta-conntrack-cc7d0c96369980eeda4c01fca1035dca4636243a.zip
ensure single reload of conntrackd daemon
Diffstat (limited to 'templates-cfg/system')
-rw-r--r--templates-cfg/system/conntrack/modules/SQLnet/enable/node.def8
-rw-r--r--templates-cfg/system/conntrack/modules/nfs/enable/node.def6
-rw-r--r--templates-cfg/system/conntrack/modules/node.def6
-rw-r--r--templates-cfg/system/conntrack/node.def7
-rw-r--r--templates-cfg/system/conntrack/table-size/node.def2
5 files changed, 21 insertions, 8 deletions
diff --git a/templates-cfg/system/conntrack/modules/SQLnet/enable/node.def b/templates-cfg/system/conntrack/modules/SQLnet/enable/node.def
index 1cbd130..630d728 100644
--- a/templates-cfg/system/conntrack/modules/SQLnet/enable/node.def
+++ b/templates-cfg/system/conntrack/modules/SQLnet/enable/node.def
@@ -1,3 +1,11 @@
help: enable SQLnet protocol helper
create:expression: "touch /tmp/vyatta-conntrack-sync"
+
+end: if [ ${COMMIT_ACTION} = 'DELETE' ]; then
+ echo "sudo iptables -D VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper sqlnet"
+ echo "sudo iptables -D VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper sqlnet"
+ else
+ echo "sudo iptables -I VYATTA_CT_HELPER -t raw -p tcp --dport 1521 -j CT --helper sqlnet"
+ echo "sudo iptables -I VYATTA_CT_HELPER -t raw -p tcp --dport 1525 -j CT --helper sqlnet"
+ fi;
diff --git a/templates-cfg/system/conntrack/modules/nfs/enable/node.def b/templates-cfg/system/conntrack/modules/nfs/enable/node.def
index b2a2694..130dd7f 100644
--- a/templates-cfg/system/conntrack/modules/nfs/enable/node.def
+++ b/templates-cfg/system/conntrack/modules/nfs/enable/node.def
@@ -1,3 +1,9 @@
help: enable nfs
create:expression: "touch /tmp/vyatta-conntrack-sync"
+
+end: if [ ${COMMIT_ACTION} = 'DELETE' ]; then
+ echo "sudo iptables -D VYATTA_CT_HELPER -t raw -p tcp --dport 2049 -j CT --helper nfs"
+ else
+ echo "sudo iptables -I VYATTA_CT_HELPER -t raw -p tcp --dport 2049 -j CT --helper nfs"
+ fi;
diff --git a/templates-cfg/system/conntrack/modules/node.def b/templates-cfg/system/conntrack/modules/node.def
index c391511..25cba5d 100644
--- a/templates-cfg/system/conntrack/modules/node.def
+++ b/templates-cfg/system/conntrack/modules/node.def
@@ -1,7 +1 @@
help: Connection tracking modules settings
-
-end:expression: "if [ -f \"/tmp/vyatta-conntrack-sync\" ]; then \
- sudo /opt/vyatta/sbin/vyatta-conntrack-sync.pl --action=enable; \
- sudo rm \"/tmp/vyatta-conntrack-sync\"; \
- fi"
-
diff --git a/templates-cfg/system/conntrack/node.def b/templates-cfg/system/conntrack/node.def
index 53488ae..2ac9101 100644
--- a/templates-cfg/system/conntrack/node.def
+++ b/templates-cfg/system/conntrack/node.def
@@ -2,6 +2,11 @@ help: Connection tracking engine options
priority: 218 # before NAT and conntrack-sync are configured
+end:expression: "if [ -f \"/tmp/vyatta-conntrack-sync\" ]; then \
+ sudo /opt/vyatta/sbin/vyatta-conntrack-sync.pl --action=enable; \
+ sudo rm \"/tmp/vyatta-conntrack-sync\"; \
+ fi"
+
delete: # set conntrack table size to standard 16384 entries if conntrack settings are removed
sudo sysctl -q -w net/nf_conntrack_max=16384
@@ -20,5 +25,5 @@ delete: # set conntrack table size to standard 16384 entries if conntrack settin
# need to restart conntrackd with updated conntrack table size
if cli-shell-api existsActive service conntrack-sync; then
- sudo /opt/vyatta/sbin/vyatta-conntrack-sync.pl --action=enable
+ touch /tmp/vyatta-conntrack-sync
fi
diff --git a/templates-cfg/system/conntrack/table-size/node.def b/templates-cfg/system/conntrack/table-size/node.def
index b44b563..74cf58a 100644
--- a/templates-cfg/system/conntrack/table-size/node.def
+++ b/templates-cfg/system/conntrack/table-size/node.def
@@ -28,7 +28,7 @@ update:
sudo sysctl -q -w net/nf_conntrack_max=$VAR(@)
# need to restart conntrackd with updated conntrack table size
if cli-shell-api existsActive service conntrack-sync; then
- sudo /opt/vyatta/sbin/vyatta-conntrack-sync.pl --action=enable
+ touch /tmp/vyatta-conntrack-sync
fi