From 9e223d59f58be5be60f2443c44d5386c88c89930 Mon Sep 17 00:00:00 2001
From: Gaurav Sinha <gaurav.sinha@vyatta.com>
Date: Mon, 14 Nov 2011 16:30:41 -0800
Subject: Bug 7411: Initial commit for conntrack entry deletion / show op mode
 commands

---
 templates-op/delete/conntrack/node.def                                 | 1 +
 templates-op/delete/conntrack/table/ipv4/conn-id/node.def              | 1 +
 templates-op/delete/conntrack/table/ipv4/conn-id/node.tag/node.def     | 3 +++
 templates-op/delete/conntrack/table/ipv4/node.def                      | 1 +
 templates-op/delete/conntrack/table/ipv4/source/node.def               | 1 +
 .../delete/conntrack/table/ipv4/source/node.tag/destination/node.def   | 1 +
 .../conntrack/table/ipv4/source/node.tag/destination/node.tag/node.def | 3 +++
 templates-op/delete/conntrack/table/ipv4/source/node.tag/node.def      | 3 +++
 templates-op/delete/conntrack/table/node.def                           | 1 +
 9 files changed, 15 insertions(+)
 create mode 100644 templates-op/delete/conntrack/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv4/conn-id/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv4/conn-id/node.tag/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv4/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv4/source/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.tag/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv4/source/node.tag/node.def
 create mode 100644 templates-op/delete/conntrack/table/node.def

(limited to 'templates-op/delete/conntrack')

diff --git a/templates-op/delete/conntrack/node.def b/templates-op/delete/conntrack/node.def
new file mode 100644
index 0000000..842bdda
--- /dev/null
+++ b/templates-op/delete/conntrack/node.def
@@ -0,0 +1 @@
+help: Delete Conntrack entries 
diff --git a/templates-op/delete/conntrack/table/ipv4/conn-id/node.def b/templates-op/delete/conntrack/table/ipv4/conn-id/node.def
new file mode 100644
index 0000000..679cae2
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv4/conn-id/node.def
@@ -0,0 +1 @@
+help: Delete Conntrack entry with connection ID
diff --git a/templates-op/delete/conntrack/table/ipv4/conn-id/node.tag/node.def b/templates-op/delete/conntrack/table/ipv4/conn-id/node.tag/node.def
new file mode 100644
index 0000000..d3f179e
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv4/conn-id/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Delete Conntrack entry with the connection ID
+allowed: echo -n 'Connection ID'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-delete-conntrack.pl -family $4 -id $6
diff --git a/templates-op/delete/conntrack/table/ipv4/node.def b/templates-op/delete/conntrack/table/ipv4/node.def
new file mode 100644
index 0000000..80ccc5d
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv4/node.def
@@ -0,0 +1 @@
+help: Delete Conntrack IPv4 entries
diff --git a/templates-op/delete/conntrack/table/ipv4/source/node.def b/templates-op/delete/conntrack/table/ipv4/source/node.def
new file mode 100644
index 0000000..10081cd
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv4/source/node.def
@@ -0,0 +1 @@
+help: Delete all Conntrack entries with specified source IP address
diff --git a/templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.def b/templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.def
new file mode 100644
index 0000000..aee21aa
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.def
@@ -0,0 +1 @@
+help: Delete all Conntrack entries with the specified destination IP address
diff --git a/templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.tag/node.def b/templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.tag/node.def
new file mode 100644
index 0000000..25c67e9
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv4/source/node.tag/destination/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Delete Conntrack entries with the specified destination IP 
+allowed: echo -n '<IP-address>' '<IP-address:port>'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-delete-conntrack.pl -family $4 -source_IP $6 -dest_IP $8 
diff --git a/templates-op/delete/conntrack/table/ipv4/source/node.tag/node.def b/templates-op/delete/conntrack/table/ipv4/source/node.tag/node.def
new file mode 100644
index 0000000..e0004a9
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv4/source/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Delete Conntrack entries with the specified source IP address
+allowed: echo -n '<IP-address>' '<IP-address:port>'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-delete-conntrack.pl -family $4 -source_IP $6
diff --git a/templates-op/delete/conntrack/table/node.def b/templates-op/delete/conntrack/table/node.def
new file mode 100644
index 0000000..340bb72
--- /dev/null
+++ b/templates-op/delete/conntrack/table/node.def
@@ -0,0 +1 @@
+help: Delete entries from Conntrack table
-- 
cgit v1.2.3


From 7e81c147324fc173e01edfbe1f09f28af6fc71dc Mon Sep 17 00:00:00 2001
From: Gaurav Sinha <gaurav.sinha@vyatta.com>
Date: Wed, 16 Nov 2011 11:49:20 -0800
Subject: bug 7411:Added initial code for IPv6, templates and script

---
 scripts/vyatta-delete-conntrack.pl                 |  1 +
 scripts/vyatta-show-conntrack.pl                   | 48 +++++++++++++++++++++-
 .../delete/conntrack/table/ipv6/conn-id/node.def   |  1 +
 .../conntrack/table/ipv6/conn-id/node.tag/node.def |  3 ++
 templates-op/delete/conntrack/table/ipv6/node.def  |  1 +
 .../delete/conntrack/table/ipv6/source/node.def    |  1 +
 .../ipv6/source/node.tag/destination/node.def      |  1 +
 .../source/node.tag/destination/node.tag/node.def  |  3 ++
 .../conntrack/table/ipv6/source/node.tag/node.def  |  3 ++
 .../ipv4/source/node.tag/destination/node.def      |  2 +-
 templates-op/show/conntrack/table/ipv6/node.def    |  2 +
 .../show/conntrack/table/ipv6/source/node.def      |  1 +
 .../ipv6/source/node.tag/destination/node.def      |  3 ++
 .../source/node.tag/destination/node.tag/node.def  |  3 ++
 .../conntrack/table/ipv6/source/node.tag/node.def  |  3 ++
 15 files changed, 74 insertions(+), 2 deletions(-)
 create mode 100644 templates-op/delete/conntrack/table/ipv6/conn-id/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv6/conn-id/node.tag/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv6/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv6/source/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def
 create mode 100644 templates-op/delete/conntrack/table/ipv6/source/node.tag/node.def
 create mode 100644 templates-op/show/conntrack/table/ipv6/node.def
 create mode 100644 templates-op/show/conntrack/table/ipv6/source/node.def
 create mode 100644 templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.def
 create mode 100644 templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def
 create mode 100644 templates-op/show/conntrack/table/ipv6/source/node.tag/node.def

(limited to 'templates-op/delete/conntrack')

diff --git a/scripts/vyatta-delete-conntrack.pl b/scripts/vyatta-delete-conntrack.pl
index a465c11..8ca4738 100755
--- a/scripts/vyatta-delete-conntrack.pl
+++ b/scripts/vyatta-delete-conntrack.pl
@@ -207,6 +207,7 @@ if ($family eq "ipv4") {
     }
 } else {
     #family IPv6 not supported, placeholder for v6 code.
+    die "IPv6 Conntrack commands are not supported yet\n";
 }
 
 $command .= " -o xml";
diff --git a/scripts/vyatta-show-conntrack.pl b/scripts/vyatta-show-conntrack.pl
index 7dfa196..cad954b 100755
--- a/scripts/vyatta-show-conntrack.pl
+++ b/scripts/vyatta-show-conntrack.pl
@@ -32,6 +32,7 @@ use Vyatta::Misc;
 use warnings;
 use strict;
 use Switch;
+use Vyatta::TypeChecker;
 
 my $format = "%-10s %-22s %-22s %-12s %-20s\n";
 
@@ -214,7 +215,52 @@ if ($family eq "ipv4") {
        $command .= " -d $destIP";   
     }
 } else {
-    #family IPv6 not supported, placeholder for v6 code.
+    #placeholder for v6 code.
+    die "IPv6 Conntrack commands are not supported yet\n";
+    if (defined $sourceIP) {
+        if (($sourceIP =~ m/]/)) {
+            my @address = split(/]/, $sourceIP);
+            if (@address) {
+                $sourceIP = substr($address[0], 1);
+                $sourcePort = substr($address[1], 1);
+                my( $success, $err ) = isValidPortNumber($sourcePort);
+                if (validateType('ipv6', $sourceIP)) {
+                    #Valid ipv6 address.
+                } else {
+                    if(!defined($success)) {
+                        die "Please enter a valid source IPv6 address and port \n";
+                    } 
+                }
+                if(!defined($success)) {
+                    die "Please enter a valid source port \n";
+                }    
+                $command .= " -s $sourceIP --orig-port-src $sourcePort";
+                print "IP $sourceIP port $sourcePort\n";
+            }
+        }
+    }
+    if (defined $destIP) {
+        if (($destIP =~ m/]/)) {
+            my @address = split(/]/, $destIP);
+            if (@address) {
+                $destIP = substr($address[0], 1);
+                $destPort = substr($address[1], 1);
+                my( $success, $err ) = isValidPortNumber($destPort);
+                if (validateType('ipv6', $destIP)) {
+                    #Valid ipv6 address.
+                } else {
+                    if(!defined($success)) {
+                        die "Please enter a valid destination IPv6 address and port \n";
+                    } 
+                }
+                if(!defined($success)) {
+                    die "Please enter a valid destination port \n";
+                }    
+                $command .= " -d $destIP --orig-port-dst $destPort";
+                print "IP $sourceIP port $sourcePort\n";
+            }
+        }
+    }
 }
 
 $command .= " -o xml";
diff --git a/templates-op/delete/conntrack/table/ipv6/conn-id/node.def b/templates-op/delete/conntrack/table/ipv6/conn-id/node.def
new file mode 100644
index 0000000..679cae2
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv6/conn-id/node.def
@@ -0,0 +1 @@
+help: Delete Conntrack entry with connection ID
diff --git a/templates-op/delete/conntrack/table/ipv6/conn-id/node.tag/node.def b/templates-op/delete/conntrack/table/ipv6/conn-id/node.tag/node.def
new file mode 100644
index 0000000..d3f179e
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv6/conn-id/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Delete Conntrack entry with the connection ID
+allowed: echo -n 'Connection ID'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-delete-conntrack.pl -family $4 -id $6
diff --git a/templates-op/delete/conntrack/table/ipv6/node.def b/templates-op/delete/conntrack/table/ipv6/node.def
new file mode 100644
index 0000000..58b08f5
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv6/node.def
@@ -0,0 +1 @@
+help: Delete Conntrack IPv6 entries
diff --git a/templates-op/delete/conntrack/table/ipv6/source/node.def b/templates-op/delete/conntrack/table/ipv6/source/node.def
new file mode 100644
index 0000000..10081cd
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv6/source/node.def
@@ -0,0 +1 @@
+help: Delete all Conntrack entries with specified source IP address
diff --git a/templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.def b/templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.def
new file mode 100644
index 0000000..aee21aa
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.def
@@ -0,0 +1 @@
+help: Delete all Conntrack entries with the specified destination IP address
diff --git a/templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def b/templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def
new file mode 100644
index 0000000..45fb74c
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Delete Conntrack entries with the specified destination IP 
+allowed: echo -n '<IPv6-address>' '<[IPv6-address]:port>'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-delete-conntrack.pl -family $4 -source_IP $6 -dest_IP $8 
diff --git a/templates-op/delete/conntrack/table/ipv6/source/node.tag/node.def b/templates-op/delete/conntrack/table/ipv6/source/node.tag/node.def
new file mode 100644
index 0000000..06b9af3
--- /dev/null
+++ b/templates-op/delete/conntrack/table/ipv6/source/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Delete Conntrack entries with the specified source IP address
+allowed: echo -n '<IPv6-address>' '<[IPv6-address]:port>'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-delete-conntrack.pl -family $4 -source_IP $6
diff --git a/templates-op/show/conntrack/table/ipv4/source/node.tag/destination/node.def b/templates-op/show/conntrack/table/ipv4/source/node.tag/destination/node.def
index 88b6eb1..85b1b36 100644
--- a/templates-op/show/conntrack/table/ipv4/source/node.tag/destination/node.def
+++ b/templates-op/show/conntrack/table/ipv4/source/node.tag/destination/node.def
@@ -1,3 +1,3 @@
 help: Show Conntrack entries for the destination IP
-allowed: echo "<x.x.x.x:pp>
+allowed: echo -n '<IPv4-address>' '<IPv4-address:port>'
 
diff --git a/templates-op/show/conntrack/table/ipv6/node.def b/templates-op/show/conntrack/table/ipv6/node.def
new file mode 100644
index 0000000..ef40625
--- /dev/null
+++ b/templates-op/show/conntrack/table/ipv6/node.def
@@ -0,0 +1,2 @@
+help: Show Conntrack entries for IPv6 protocol 
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-conntrack.pl -family $4
diff --git a/templates-op/show/conntrack/table/ipv6/source/node.def b/templates-op/show/conntrack/table/ipv6/source/node.def
new file mode 100644
index 0000000..f3f6c84
--- /dev/null
+++ b/templates-op/show/conntrack/table/ipv6/source/node.def
@@ -0,0 +1 @@
+help: Show Conntrack entries for the source IP 
diff --git a/templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.def b/templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.def
new file mode 100644
index 0000000..4813e87
--- /dev/null
+++ b/templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.def
@@ -0,0 +1,3 @@
+help: Show Conntrack entries for the destination IP
+allowed: echo -n '<IPv6-address>' '<[IPv6-address]:port>'
+
diff --git a/templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def b/templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def
new file mode 100644
index 0000000..49bb02b
--- /dev/null
+++ b/templates-op/show/conntrack/table/ipv6/source/node.tag/destination/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Show Conntrack entries for the destination IP 
+allowed: echo -n '<IPv6-address>' '<[IPv6-address]:port>'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-conntrack.pl -family $4 -source_IP $6 -dest_IP $8  
diff --git a/templates-op/show/conntrack/table/ipv6/source/node.tag/node.def b/templates-op/show/conntrack/table/ipv6/source/node.tag/node.def
new file mode 100644
index 0000000..cf84af6
--- /dev/null
+++ b/templates-op/show/conntrack/table/ipv6/source/node.tag/node.def
@@ -0,0 +1,3 @@
+help: Show Conntrack entries for the source IP 
+allowed: echo -n '<IPv6-address>' '<[IPv6-address]:port>'
+run: sudo ${vyatta_bindir}/sudo-users/vyatta-show-conntrack.pl -family $4 -source_IP $6  
-- 
cgit v1.2.3