diff options
| author | Saurabh Mohan <saurabh.mohan@vyatta.com> | 2013-02-19 16:16:24 -0800 |
|---|---|---|
| committer | Saurabh Mohan <saurabh.mohan@vyatta.com> | 2013-02-19 16:16:24 -0800 |
| commit | 1bc6fce29f6634e82734f8eb8f99d58de92d4d89 (patch) | |
| tree | d54bf8729876d9c806f4921a60659ac52ccb22a1 /scripts | |
| parent | b0cea3ad779f7a69d949b9142f288735ac5d72d4 (diff) | |
| download | vyatta-op-vpn-1bc6fce29f6634e82734f8eb8f99d58de92d4d89.tar.gz vyatta-op-vpn-1bc6fce29f6634e82734f8eb8f99d58de92d4d89.zip | |
perltidy run for vyatta-op-vpn
Diffstat (limited to 'scripts')
| -rw-r--r-- | scripts/vyatta-dmvpn-op.pl | 178 | ||||
| -rw-r--r-- | scripts/vyatta-op-vpnprof.pl | 81 |
2 files changed, 141 insertions, 118 deletions
diff --git a/scripts/vyatta-dmvpn-op.pl b/scripts/vyatta-dmvpn-op.pl index 8f27596..04867f1 100644 --- a/scripts/vyatta-dmvpn-op.pl +++ b/scripts/vyatta-dmvpn-op.pl @@ -5,100 +5,114 @@ use warnings; use lib "/opt/vyatta/share/perl5/"; use Vyatta::Config; use Getopt::Long; -my $op=''; -my $profile=undef; -my $tunnel=undef; -my $profile_path='vpn ipsec profile'; +my $op = ''; +my $profile = undef; +my $tunnel = undef; +my $profile_path = 'vpn ipsec profile'; -GetOptions( "op=s" => \$op, - "profile=s" => \$profile, - "tunnel=s" => \$tunnel); +GetOptions( + "op=s" => \$op, + "profile=s" => \$profile, + "tunnel=s" => \$tunnel +); sub get_tunnels { - my $profile = undef; - $profile = shift; - my @profile_tunnels = (); - if (defined $profile) { - my $config = new Vyatta::Config; - @profile_tunnels = $config->listOrigNodes("$profile_path $profile bind tunnel"); - } - return @profile_tunnels; + my $profile = undef; + $profile = shift; + my @profile_tunnels = (); + if ( defined $profile ) { + my $config = new Vyatta::Config; + @profile_tunnels = + $config->listOrigNodes("$profile_path $profile bind tunnel"); + } + return @profile_tunnels; } sub clear_tunnel { - my ($profile, $tunnel) = @_; - my $error = undef; - my $cmd = undef; - - print "Resetting tunnel $tunnel with profile $profile...\n"; - - # turn down the connection - `sudo ipsec down vpnprof-tunnel-$tunnel`; - - # sleep for 1/4th of a second for connection to go down - `sudo sleep 0.25`; - - # turn connection up. For conns with 'right=%any' it's useless to up, so commented it - #`sudo ipsec up vpnprof-tunnel-$tunnel`; - - # sleep for 3/4th of a second for connection to come up - #`sudo sleep 0.75`; - - my @addresses = split(' ', `cli-shell-api returnActiveValues interfaces tunnel $tunnel address`); - for my $addr (@addresses) { - $addr =~ /'(.*)\.(.*)\.(.*)\.(.*)\//; - my $pattern = "$1.$2.$3.$4-to-"; - my $line = `sudo ipsec statusall | grep $pattern | head -n 1`; - if ($line =~ /\"(.*-to-.*)\"/) { - my $conn = $1; - `sudo ipsec down $conn`; - #Actually, we don't need timeouts here cause this script will wait child process to be finished. - `sudo ipsec up $conn`; + my ( $profile, $tunnel ) = @_; + my $error = undef; + my $cmd = undef; + + print "Resetting tunnel $tunnel with profile $profile...\n"; + + # turn down the connection + `sudo ipsec down vpnprof-tunnel-$tunnel`; + + # sleep for 1/4th of a second for connection to go down + `sudo sleep 0.25`; + +# turn connection up. For conns with 'right=%any' it's useless to up, so commented it +#`sudo ipsec up vpnprof-tunnel-$tunnel`; + + # sleep for 3/4th of a second for connection to come up + #`sudo sleep 0.75`; + + my @addresses = split( ' ', + `cli-shell-api returnActiveValues interfaces tunnel $tunnel address` ); + for my $addr (@addresses) { + $addr =~ /'(.*)\.(.*)\.(.*)\.(.*)\//; + my $pattern = "$1.$2.$3.$4-to-"; + my $line = `sudo ipsec statusall | grep $pattern | head -n 1`; + if ( $line =~ /\"(.*-to-.*)\"/ ) { + my $conn = $1; + `sudo ipsec down $conn`; + +#Actually, we don't need timeouts here cause this script will wait child process to be finished. + `sudo ipsec up $conn`; + } } - } } -if ($op eq '') { - die 'No op specified'; +if ( $op eq '' ) { + die 'No op specified'; } -if ($op eq 'get-all-profiles') { - # get all ipsec profiles - my $config = new Vyatta::Config; - my @profiles = (); - @profiles = $config->listOrigNodes("$profile_path"); - print "@profiles\n"; - -} elsif ($op eq 'get-tunnels-for-profile') { - # get all tunnels for a specific profile - die 'Undefined profile to get list of tunnels for' if ! defined $profile; - my @profile_tunnels = get_tunnels("$profile"); - print "@profile_tunnels\n"; - -} elsif ($op eq 'clear-tunnels-for-profile') { - # clear all tunnels for a given profile - die 'Undefined profile to clear tunnels for' if ! defined $profile; - my @profile_tunnels = get_tunnels("$profile"); - if (scalar(@profile_tunnels)>0) { - foreach my $tun (sort @profile_tunnels) { - clear_tunnel($profile, $tun); +if ( $op eq 'get-all-profiles' ) { + + # get all ipsec profiles + my $config = new Vyatta::Config; + my @profiles = (); + @profiles = $config->listOrigNodes("$profile_path"); + print "@profiles\n"; + +} +elsif ( $op eq 'get-tunnels-for-profile' ) { + + # get all tunnels for a specific profile + die 'Undefined profile to get list of tunnels for' if !defined $profile; + my @profile_tunnels = get_tunnels("$profile"); + print "@profile_tunnels\n"; + +} +elsif ( $op eq 'clear-tunnels-for-profile' ) { + + # clear all tunnels for a given profile + die 'Undefined profile to clear tunnels for' if !defined $profile; + my @profile_tunnels = get_tunnels("$profile"); + if ( scalar(@profile_tunnels) > 0 ) { + foreach my $tun ( sort @profile_tunnels ) { + clear_tunnel( $profile, $tun ); + } + } + +} +elsif ( $op eq 'clear-specific-tunnel-for-profile' ) { + + # clear a specific tunnel for a given profile + die 'Undefined profile to clear tunnel for' if !defined $profile; + die 'Undefined tunnel for profile $profile' if !defined $tunnel; + my @profile_tunnels = get_tunnels("$profile"); + if ( scalar( grep( /^$tunnel$/, @profile_tunnels ) ) > 0 ) { + clear_tunnel( $profile, $tunnel ); + } + else { + die "Undefined tunnel $tunnel for profile $profile\n"; } - } - -} elsif ($op eq 'clear-specific-tunnel-for-profile') { - # clear a specific tunnel for a given profile - die 'Undefined profile to clear tunnel for' if ! defined $profile; - die 'Undefined tunnel for profile $profile' if ! defined $tunnel; - my @profile_tunnels = get_tunnels("$profile"); - if (scalar(grep(/^$tunnel$/,@profile_tunnels))>0) { - clear_tunnel($profile, $tunnel); - } else { - die "Undefined tunnel $tunnel for profile $profile\n"; - } - -} else { - die "Unknown op: $op"; + } - +else { + die "Unknown op: $op"; +} + exit 0; diff --git a/scripts/vyatta-op-vpnprof.pl b/scripts/vyatta-op-vpnprof.pl index 3988e04..72124fa 100644 --- a/scripts/vyatta-op-vpnprof.pl +++ b/scripts/vyatta-op-vpnprof.pl @@ -9,56 +9,65 @@ use Vyatta::vpnprof::OPMode; use strict; -my ($get_profiles_for_cli, $get_conn_for_cli, $show_ipsec_sa, $show_ipsec_sa_detail, - $show_ipsec_sa_profile, $show_ipsec_sa_profile_detail, - $show_ipsec_sa_stats, $show_ipsec_sa_stats_profile); +my ( + $get_profiles_for_cli, $get_conn_for_cli, + $show_ipsec_sa, $show_ipsec_sa_detail, + $show_ipsec_sa_profile, $show_ipsec_sa_profile_detail, + $show_ipsec_sa_stats, $show_ipsec_sa_stats_profile +); my @show_ipsec_sa_stats_conn; my @show_ipsec_sa_conn_detail; my @show_ipsec_sa_conn; -GetOptions("show-ipsec-sa!" => \$show_ipsec_sa, - "show-ipsec-sa-detail!" => \$show_ipsec_sa_detail, - "get-profiles-for-cli!" => \$get_profiles_for_cli, - "get-conn-for-cli=s" => \$get_conn_for_cli, - "show-ipsec-sa-profile=s" => \$show_ipsec_sa_profile, - "show-ipsec-sa-profile-detail=s" => \$show_ipsec_sa_profile_detail, - "show-ipsec-sa-stats!" => \$show_ipsec_sa_stats, - "show-ipsec-sa-stats-profile=s" => \$show_ipsec_sa_stats_profile, - "show-ipsec-sa-stats-conn=s{2}" => \@show_ipsec_sa_stats_conn, - "show-ipsec-sa-conn-detail=s{2}" => \@show_ipsec_sa_conn_detail, - "show-ipsec-sa-conn=s{2}" => \@show_ipsec_sa_conn); +GetOptions( + "show-ipsec-sa!" => \$show_ipsec_sa, + "show-ipsec-sa-detail!" => \$show_ipsec_sa_detail, + "get-profiles-for-cli!" => \$get_profiles_for_cli, + "get-conn-for-cli=s" => \$get_conn_for_cli, + "show-ipsec-sa-profile=s" => \$show_ipsec_sa_profile, + "show-ipsec-sa-profile-detail=s" => \$show_ipsec_sa_profile_detail, + "show-ipsec-sa-stats!" => \$show_ipsec_sa_stats, + "show-ipsec-sa-stats-profile=s" => \$show_ipsec_sa_stats_profile, + "show-ipsec-sa-stats-conn=s{2}" => \@show_ipsec_sa_stats_conn, + "show-ipsec-sa-conn-detail=s{2}" => \@show_ipsec_sa_conn_detail, + "show-ipsec-sa-conn=s{2}" => \@show_ipsec_sa_conn +); -if (defined $get_profiles_for_cli) { - Vyatta::vpnprof::OPMode::get_profiles_for_cli(); +if ( defined $get_profiles_for_cli ) { + Vyatta::vpnprof::OPMode::get_profiles_for_cli(); } -if (defined $get_conn_for_cli) { - Vyatta::vpnprof::OPMode::get_conn_for_cli($get_conn_for_cli); +if ( defined $get_conn_for_cli ) { + Vyatta::vpnprof::OPMode::get_conn_for_cli($get_conn_for_cli); } -if (defined $show_ipsec_sa) { - Vyatta::vpnprof::OPMode::show_ipsec_sa(); +if ( defined $show_ipsec_sa ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa(); } -if (defined $show_ipsec_sa_detail) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_detail(); +if ( defined $show_ipsec_sa_detail ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_detail(); } -if (defined $show_ipsec_sa_profile) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_profile($show_ipsec_sa_profile); +if ( defined $show_ipsec_sa_profile ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_profile($show_ipsec_sa_profile); } -if (defined $show_ipsec_sa_profile_detail) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_profile_detail($show_ipsec_sa_profile_detail); +if ( defined $show_ipsec_sa_profile_detail ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_profile_detail( + $show_ipsec_sa_profile_detail); } -if (defined @show_ipsec_sa_conn_detail) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_conn_detail(@show_ipsec_sa_conn_detail); +if ( defined @show_ipsec_sa_conn_detail ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_conn_detail( + @show_ipsec_sa_conn_detail); } -if (defined @show_ipsec_sa_conn) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_conn(@show_ipsec_sa_conn); +if ( defined @show_ipsec_sa_conn ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_conn(@show_ipsec_sa_conn); } -if (defined $show_ipsec_sa_stats) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_stats(); +if ( defined $show_ipsec_sa_stats ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_stats(); } -if (defined $show_ipsec_sa_stats_profile) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_stats_profile($show_ipsec_sa_stats_profile); +if ( defined $show_ipsec_sa_stats_profile ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_stats_profile( + $show_ipsec_sa_stats_profile); } -if (defined @show_ipsec_sa_stats_conn) { - Vyatta::vpnprof::OPMode::show_ipsec_sa_stats_conn(@show_ipsec_sa_stats_conn); +if ( defined @show_ipsec_sa_stats_conn ) { + Vyatta::vpnprof::OPMode::show_ipsec_sa_stats_conn( + @show_ipsec_sa_stats_conn); } |