Bug fix 7397 - Conntrack log creation and deletion.

author: Deepti Kulkarni <deepti@vyatta.com> 2011-12-13 02:49:29 -0800
committer: Deepti Kulkarni <deepti@vyatta.com> 2011-12-13 02:49:29 -0800
commit: b90f8af4fb0b2a8ce60014144e47fdbb0922e34d (patch)
tree: 3a676976b8d9bb6a04d8d320a997fcfd70d28aac /templates-cfg
parent: 44f59da7eb534c3a572a6b738813ee099cb83fe8 (diff)
download: vyatta-conntrack-b90f8af4fb0b2a8ce60014144e47fdbb0922e34d.tar.gz
vyatta-conntrack-b90f8af4fb0b2a8ce60014144e47fdbb0922e34d.zip
23 files changed, 57 insertions, 0 deletions
diff --git a/templates-cfg/system/conntrack/log/icmp/destroy/node.def b/templates-cfg/system/conntrack/log/icmp/destroy/node.def
new file mode 100644
index 0000000..286764c
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/icmp/destroy/node.def
@@ -0,0 +1 @@
+help: Log deletion of ICMP connections
diff --git a/templates-cfg/system/conntrack/log/icmp/new/node.def b/templates-cfg/system/conntrack/log/icmp/new/node.def
new file mode 100644
index 0000000..dfc19ff
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/icmp/new/node.def
@@ -0,0 +1 @@
+help: Log newly created ICMP connections
diff --git a/templates-cfg/system/conntrack/log/icmp/node.def b/templates-cfg/system/conntrack/log/icmp/node.def
new file mode 100644
index 0000000..52b219b
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/icmp/node.def
@@ -0,0 +1 @@
+help: Log connection tracking events for ICMP 
diff --git a/templates-cfg/system/conntrack/log/icmp/update/node.def b/templates-cfg/system/conntrack/log/icmp/update/node.def
new file mode 100644
index 0000000..1282f29
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/icmp/update/node.def
@@ -0,0 +1 @@
+help: Log updates to ICMP connections
diff --git a/templates-cfg/system/conntrack/log/node.def b/templates-cfg/system/conntrack/log/node.def
new file mode 100644
index 0000000..cb7521a
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/node.def
@@ -0,0 +1,35 @@
+help: Log connection tracking events per protocol
+priority: 219 # failure at log shouldnt fail conntrack 
+end:
+if [[ ${COMMIT_ACTION} != 'DELETE' ]]
+then
+  declare -a ARR;
+  declare -a EVENTS;
+  declare -a STATES;
+  eval "ARR=($(cli-shell-api listNodes system conntrack log))";
+  if [ "${#ARR[@]}" == "0" ]; then
+    echo Protocol must be specified for log;
+    exit 1;
+  fi
+  for var in "${ARR[@]}"
+  do
+    eval "EVENTS=($(cli-shell-api listNodes system conntrack log $var))";
+    if [ "${#EVENTS[@]}" == "0" ]; then
+      echo Event must be specified for specified protocol $var;
+      exit 1;
+    fi
+    if [ "$var" == "tcp" ]; then
+      for i in "${EVENTS[@]}"
+      do
+        if [ "$i" == "update" ]; then
+          eval "STATES=($(cli-shell-api listNodes system conntrack log $var $i))";
+          if [ "${#STATES[@]}" == "0" ]; then
+            echo State must be specified for specified protocol-event $var $i;
+            exit 1;
+          fi
+        fi
+      done
+    fi
+  done
+fi
+sudo /opt/vyatta/sbin/vyatta-update-conntrack-log.pl
diff --git a/templates-cfg/system/conntrack/log/other/destroy/node.def b/templates-cfg/system/conntrack/log/other/destroy/node.def
new file mode 100644
index 0000000..fadd0b2
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/other/destroy/node.def
@@ -0,0 +1 @@
+help: Log deletion of connections for all protocols
diff --git a/templates-cfg/system/conntrack/log/other/new/node.def b/templates-cfg/system/conntrack/log/other/new/node.def
new file mode 100644
index 0000000..1ad7b76
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/other/new/node.def
@@ -0,0 +1 @@
+help: Log newly created connections for all protocols
diff --git a/templates-cfg/system/conntrack/log/other/node.def b/templates-cfg/system/conntrack/log/other/node.def
new file mode 100644
index 0000000..f41584a
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/other/node.def
@@ -0,0 +1 @@
+help: Log connection tracking events for all protocols other than TCP, UDP and ICMP
diff --git a/templates-cfg/system/conntrack/log/other/update/node.def b/templates-cfg/system/conntrack/log/other/update/node.def
new file mode 100644
index 0000000..a448989
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/other/update/node.def
@@ -0,0 +1 @@
+help: Log updates to connections for all protocols
diff --git a/templates-cfg/system/conntrack/log/tcp/destroy/node.def b/templates-cfg/system/conntrack/log/tcp/destroy/node.def
new file mode 100644
index 0000000..5389848
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/destroy/node.def
@@ -0,0 +1 @@
+help: Log deletion of TCP connections 
diff --git a/templates-cfg/system/conntrack/log/tcp/new/node.def b/templates-cfg/system/conntrack/log/tcp/new/node.def
new file mode 100644
index 0000000..454c3ae
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/new/node.def
@@ -0,0 +1 @@
+help: Log newly created TCP connections
diff --git a/templates-cfg/system/conntrack/log/tcp/node.def b/templates-cfg/system/conntrack/log/tcp/node.def
new file mode 100644
index 0000000..eb9241d
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/node.def
@@ -0,0 +1 @@
+help: Log connection tracking events for TCP 
diff --git a/templates-cfg/system/conntrack/log/tcp/update/close-wait/node.def b/templates-cfg/system/conntrack/log/tcp/update/close-wait/node.def
new file mode 100644
index 0000000..65cb02f
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/update/close-wait/node.def
@@ -0,0 +1 @@
+help: Log updates to TCP connections in CLOSE_WAIT state
diff --git a/templates-cfg/system/conntrack/log/tcp/update/established/node.def b/templates-cfg/system/conntrack/log/tcp/update/established/node.def
new file mode 100644
index 0000000..129cc6c
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/update/established/node.def
@@ -0,0 +1 @@
+help: Log updates to TCP connections in ESTABLISHED state
diff --git a/templates-cfg/system/conntrack/log/tcp/update/fin-wait/node.def b/templates-cfg/system/conntrack/log/tcp/update/fin-wait/node.def
new file mode 100644
index 0000000..7e50c9b
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/update/fin-wait/node.def
@@ -0,0 +1 @@
+help: Log updates to TCP connections in FIN_WAIT state
diff --git a/templates-cfg/system/conntrack/log/tcp/update/last-ack/node.def b/templates-cfg/system/conntrack/log/tcp/update/last-ack/node.def
new file mode 100644
index 0000000..3ea7566
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/update/last-ack/node.def
@@ -0,0 +1 @@
+help: Log updates to TCP connections in LAST_ACK state
diff --git a/templates-cfg/system/conntrack/log/tcp/update/node.def b/templates-cfg/system/conntrack/log/tcp/update/node.def
new file mode 100644
index 0000000..dabd832
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/update/node.def
@@ -0,0 +1 @@
+help: Log updates to TCP connections
diff --git a/templates-cfg/system/conntrack/log/tcp/update/sync-received/node.def b/templates-cfg/system/conntrack/log/tcp/update/sync-received/node.def
new file mode 100644
index 0000000..421a675
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/update/sync-received/node.def
@@ -0,0 +1 @@
+help: Log updates to TCP connections in SYN_RECV state 
diff --git a/templates-cfg/system/conntrack/log/tcp/update/time-wait/node.def b/templates-cfg/system/conntrack/log/tcp/update/time-wait/node.def
new file mode 100644
index 0000000..0597a97
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/tcp/update/time-wait/node.def
@@ -0,0 +1 @@
+help: Log updates to TCP connections in TIME_WAIT state
diff --git a/templates-cfg/system/conntrack/log/udp/destroy/node.def b/templates-cfg/system/conntrack/log/udp/destroy/node.def
new file mode 100644
index 0000000..8441bdb
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/udp/destroy/node.def
@@ -0,0 +1 @@
+help: Log deletion of UDP connections
diff --git a/templates-cfg/system/conntrack/log/udp/new/node.def b/templates-cfg/system/conntrack/log/udp/new/node.def
new file mode 100644
index 0000000..95de0f9
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/udp/new/node.def
@@ -0,0 +1 @@
+help: Log newly created UDP connections
diff --git a/templates-cfg/system/conntrack/log/udp/node.def b/templates-cfg/system/conntrack/log/udp/node.def
new file mode 100644
index 0000000..b8eea26
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/udp/node.def
@@ -0,0 +1 @@
+help: Log connection tracking events for UDP 
diff --git a/templates-cfg/system/conntrack/log/udp/update/node.def b/templates-cfg/system/conntrack/log/udp/update/node.def
new file mode 100644
index 0000000..2a9e6a0
--- /dev/null
+++ b/templates-cfg/system/conntrack/log/udp/update/node.def
@@ -0,0 +1 @@
+help: Log updates to UDP connections
author	Deepti Kulkarni <deepti@vyatta.com>	2011-12-13 02:49:29 -0800
committer	Deepti Kulkarni <deepti@vyatta.com>	2011-12-13 02:49:29 -0800
commit	b90f8af4fb0b2a8ce60014144e47fdbb0922e34d (patch)
tree	3a676976b8d9bb6a04d8d320a997fcfd70d28aac /templates-cfg
parent	44f59da7eb534c3a572a6b738813ee099cb83fe8 (diff)
download	vyatta-conntrack-b90f8af4fb0b2a8ce60014144e47fdbb0922e34d.tar.gz vyatta-conntrack-b90f8af4fb0b2a8ce60014144e47fdbb0922e34d.zip