From b6697d98a5e0bd41907fb0049323845ea3780b8a Mon Sep 17 00:00:00 2001 From: Thomas Jepp Date: Wed, 16 Dec 2015 22:16:25 +0000 Subject: Fix build depends. --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/control b/debian/control index 57dcaeb..a53855f 100644 --- a/debian/control +++ b/debian/control @@ -2,7 +2,7 @@ Source: vyatta-op-vpn Section: contrib/net Priority: extra Maintainer: VyOS Package Maintainers -Build-Depends: debhelper (>= 5), autotools-dev +Build-Depends: debhelper (>= 5), autotools-dev, automake, autoconf, cpio, libtool Standards-Version: 3.7.2 Package: vyatta-op-vpn -- cgit v1.2.3 From 02c5540c29a347348a5a4d89ce432417f561d326 Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Sun, 24 Jan 2016 15:23:02 -0500 Subject: 0.15.0+vyos2+current1 --- debian/changelog | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index d8a41b8..ae77d01 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +vyatta-op-vpn (0.15.0+vyos2+current1) unstable; urgency=medium + + [ Thomas Jepp ] + * Fix build depends. + + [ Kim Hagen ] + + -- Kim Hagen Sun, 24 Jan 2016 15:22:51 -0500 + vyatta-op-vpn (0.15.0+vyos2+lithium8) unstable; urgency=low * vyatta-op-vpn: update dh_gencontrol with new development build flag -- cgit v1.2.3 From beed3a41969a522571708cde21631db22d5c54a2 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Mon, 25 Jan 2016 14:22:52 +0100 Subject: Remove vyatta-ipsec dependency for migration to upstream strongswan. Update descriptions and standard version. --- debian/control | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'debian') diff --git a/debian/control b/debian/control index a53855f..aeb9c65 100644 --- a/debian/control +++ b/debian/control @@ -3,19 +3,19 @@ Section: contrib/net Priority: extra Maintainer: VyOS Package Maintainers Build-Depends: debhelper (>= 5), autotools-dev, automake, autoconf, cpio, libtool -Standards-Version: 3.7.2 +Standards-Version: 3.9.1 Package: vyatta-op-vpn Architecture: all Depends: vyatta-op, vyatta-bash | bash (>= 3.1), vyatta-cfg-vpn, - vyatta-ipsec, + strongswan (>= 5.2), ${shlibs:Depends} Suggests: util-linux (>= 2.13-5), net-tools, ethtool, ncurses-bin (>= 5.5-5), ntpdate -Description: VyOS operational commands for VPN - VyOS commands to operate openswan VPN. +Description: VyOS operational commands for IPsec VPN + VyOS commands fpr IPsec VPN operations. -- cgit v1.2.3 From 100b1a52ebbc37ee69d9ed9f8d730c2cbaf99e81 Mon Sep 17 00:00:00 2001 From: Daniil Baturin Date: Mon, 25 Jan 2016 14:23:46 +0100 Subject: 0.15.0+vyos2+current2 --- debian/changelog | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index ae77d01..fb88360 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +vyatta-op-vpn (0.15.0+vyos2+current2) unstable; urgency=low + + * Remove vyatta-ipsec dependency for migration to upstream strongswan. + + -- Daniil Baturin Mon, 25 Jan 2016 14:23:46 +0100 + vyatta-op-vpn (0.15.0+vyos2+current1) unstable; urgency=medium [ Thomas Jepp ] -- cgit v1.2.3 From d1beba186b096550075bbc5d1c8b5d745ac90641 Mon Sep 17 00:00:00 2001 From: "C.J. Collier" Date: Tue, 10 May 2016 16:39:06 -0700 Subject: Address autoreconf warnings * add /m4 to .gitignore * set ACLOCAL_AMFLAGS in Makefile.am * set AC_CONFIG_MACRO_DIR in configure.ac * remove and re-create m4 directory before running autoreconf Signed-off-by: C.J. Collier --- .gitignore | 1 + Makefile.am | 2 ++ configure.ac | 1 + debian/autogen.sh | 3 ++- 4 files changed, 6 insertions(+), 1 deletion(-) (limited to 'debian') diff --git a/.gitignore b/.gitignore index 9ebd510..4fb5a01 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ *~ +/m4 .*.swp *.[oa] *.l[oa] diff --git a/Makefile.am b/Makefile.am index 1422d22..c4a71ec 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,3 +1,5 @@ +ACLOCAL_AMFLAGS = -I m4 + opdir = $(datadir)/vyatta-op/templates bin_sudo_usersdir = $(bindir)/sudo-users diff --git a/configure.ac b/configure.ac index 7901d66..2d5ef35 100644 --- a/configure.ac +++ b/configure.ac @@ -11,6 +11,7 @@ AC_INIT([vyatta-op-vpn], VERSION_ID, [maintainers@vyos.net]) test -n "$VYATTA_VERSION" || VYATTA_VERSION=$PACKAGE_VERSION +AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_AUX_DIR([config]) AM_INIT_AUTOMAKE([gnu no-dist-gzip dist-bzip2 subdir-objects]) AC_PREFIX_DEFAULT([/opt/vyatta]) diff --git a/debian/autogen.sh b/debian/autogen.sh index e8c94af..92719c8 100755 --- a/debian/autogen.sh +++ b/debian/autogen.sh @@ -1,9 +1,10 @@ #!/bin/sh -rm -rf config +rm -rf config m4 rm -f aclocal.m4 config.guess config.statusconfig.sub configure INSTALL +mkdir -p m4 autoreconf --force --install rm -f config.sub config.guess -- cgit v1.2.3 From 286e4186e7185a49bd1be6bc0f7afe77dfcfcdad Mon Sep 17 00:00:00 2001 From: "C.J. Collier" Date: Wed, 11 May 2016 05:28:30 +0000 Subject: vyatta-op-vpn (0.15.0+vyos2+current2+nmu1) UNRELEASED; urgency=low * Non-maintainer upload. * address lintian issues - script-not-executable: removed #!/usr/bin/perl from .pm files - debhelper-but-no-misc-depends: added ${misc:Depends} to Depends: field - debian-rules-missing-recommended-target: added build-arch build-indep - out-of-date-standards-version: updated standards version to 3.9.4 - package-contains-linda-override: removed linda override - file-in-unusual-dir: not triggering, removed from override - script-with-language-extension: renamed vyatta-gen-x509-keypair.sh vyatta-gen-x509-keypair * address dpkg-gencontrol issue: - unknown substitution variable ${shlibs:Depends} - removed * address dpkg-source issue: - debian/source/format set to "3.0 (native)" Signed-off-by: C.J. Collier --- .gitignore | 1 + Makefile.am | 8 ++-- configure.ac | 25 ++++++++---- debian/changelog | 20 ++++++++++ debian/conffiles | 1 + debian/control | 6 +-- debian/linda | 1 - debian/lintian | 4 +- debian/rules | 13 +++--- debian/source/format | 1 + lib/OPMode.pm | 1 - lib/vpnprof/OPMode.pm | 1 - scripts/key-pair.template | 46 ++++++++++++++++++++-- scripts/vyatta-gen-x509-keypair.sh | 11 ------ scripts/vyatta-gen-x509-keypair.sh.in | 11 ++++++ .../generate/vpn/x509/key-pair/node.tag/node.def | 2 +- 16 files changed, 111 insertions(+), 41 deletions(-) create mode 100644 debian/conffiles delete mode 100644 debian/linda create mode 100644 debian/source/format delete mode 100755 scripts/vyatta-gen-x509-keypair.sh create mode 100755 scripts/vyatta-gen-x509-keypair.sh.in (limited to 'debian') diff --git a/.gitignore b/.gitignore index 4fb5a01..67bea90 100644 --- a/.gitignore +++ b/.gitignore @@ -27,3 +27,4 @@ libtool /Makefile /command_proc_show_vpn +/scripts/vyatta-gen-x509-keypair.sh \ No newline at end of file diff --git a/Makefile.am b/Makefile.am index c4a71ec..f15d7c0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -21,10 +21,10 @@ cpiop = find . ! -regex '\(.*~\|.*\.bak\|.*\.swp\|.*\#.*\#\)' -print0 | \ cpio -0pd install-exec-hook: - mkdir -p $(DESTDIR)/opt/vyatta/etc/ - mkdir -p $(DESTDIR)/opt/vyatta/sbin/ - cp scripts/vyatta-gen-x509-keypair.sh $(DESTDIR)/opt/vyatta/sbin - cp scripts/key-pair.template $(DESTDIR)/opt/vyatta/etc + mkdir -p $(DESTDIR)${sysconfdir} + mkdir -p $(DESTDIR)${sbindir} + cp scripts/vyatta-gen-x509-keypair.sh $(DESTDIR)${sbindir}/vyatta-gen-x509-keypair + cp scripts/key-pair.template $(DESTDIR)${sysconfdir} mkdir -p $(DESTDIR)$(opdir) cd templates; $(cpiop) $(DESTDIR)$(opdir) diff --git a/configure.ac b/configure.ac index 2d5ef35..3d9a504 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,8 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) +m4_define([DEFAULT_PREFIX], "/opt/vyatta") + m4_define([VERSION_ID], [m4_esyscmd([ if test -f .version ; then head -n 1 .version | tr -d \\n @@ -14,10 +16,13 @@ test -n "$VYATTA_VERSION" || VYATTA_VERSION=$PACKAGE_VERSION AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_AUX_DIR([config]) AM_INIT_AUTOMAKE([gnu no-dist-gzip dist-bzip2 subdir-objects]) -AC_PREFIX_DEFAULT([/opt/vyatta]) - -XSLDIR=/opt/vyatta/share/xsl/ +AC_PREFIX_DEFAULT(DEFAULT_PREFIX) +if test "$prefix" = "NONE" ; then + XSLDIR="DEFAULT_PREFIX/share/xsl/" +else + XSLDIR="$prefix/share/xsl/" +fi AC_PROG_CC AC_PROG_CXX @@ -27,17 +32,21 @@ AC_PROG_LIBTOOL AC_PROG_LEX AC_PROG_YACC - AC_ARG_ENABLE([nostrip], AC_HELP_STRING([--enable-nostrip], [include -nostrip option during packaging]), [NOSTRIP=-nostrip], [NOSTRIP=]) -AC_CONFIG_FILES( - [Makefile]) - AC_SUBST(NOSTRIP) AC_SUBST(XSLDIR) -AC_OUTPUT +AC_OUTPUT([ + Makefile + scripts/vyatta-gen-x509-keypair.sh +]) + +echo "prefix: ${prefix}" +echo "sysconfdir: ${sysconfdir}" +echo "datarootdir: ${datarootdir}" +echo "XSLDIR: ${XSLDIR}" diff --git a/debian/changelog b/debian/changelog index fb88360..c7cd4d1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,23 @@ +vyatta-op-vpn (0.15.0+vyos2+current2+nmu1) UNRELEASED; urgency=low + + * Non-maintainer upload. + * address lintian issues + - script-not-executable: removed #!/usr/bin/perl from .pm files + - debhelper-but-no-misc-depends: added ${misc:Depends} to Depends: field + - debian-rules-missing-recommended-target: added build-arch build-indep + - out-of-date-standards-version: updated standards version to 3.9.4 + - package-contains-linda-override: removed linda override + - file-in-unusual-dir: not triggering, removed from override + - script-with-language-extension: renamed vyatta-gen-x509-keypair.sh + vyatta-gen-x509-keypair + * address dpkg-gencontrol issue: + - unknown substitution variable ${shlibs:Depends} - removed + * address dpkg-source issue: + - debian/source/format set to "3.0 (native)" + + + -- C.J. Collier Wed, 11 May 2016 02:33:38 +0000 + vyatta-op-vpn (0.15.0+vyos2+current2) unstable; urgency=low * Remove vyatta-ipsec dependency for migration to upstream strongswan. diff --git a/debian/conffiles b/debian/conffiles new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/debian/conffiles @@ -0,0 +1 @@ + diff --git a/debian/control b/debian/control index aeb9c65..c3f2ec0 100644 --- a/debian/control +++ b/debian/control @@ -3,7 +3,7 @@ Section: contrib/net Priority: extra Maintainer: VyOS Package Maintainers Build-Depends: debhelper (>= 5), autotools-dev, automake, autoconf, cpio, libtool -Standards-Version: 3.9.1 +Standards-Version: 3.9.4 Package: vyatta-op-vpn Architecture: all @@ -11,11 +11,11 @@ Depends: vyatta-op, vyatta-bash | bash (>= 3.1), vyatta-cfg-vpn, strongswan (>= 5.2), - ${shlibs:Depends} + ${misc:Depends} Suggests: util-linux (>= 2.13-5), net-tools, ethtool, ncurses-bin (>= 5.5-5), ntpdate Description: VyOS operational commands for IPsec VPN - VyOS commands fpr IPsec VPN operations. + VyOS commands for IPsec VPN operations. diff --git a/debian/linda b/debian/linda deleted file mode 100644 index 0381d9d..0000000 --- a/debian/linda +++ /dev/null @@ -1 +0,0 @@ -Tag: file-in-opt diff --git a/debian/lintian b/debian/lintian index a5d78e0..7a94f59 100644 --- a/debian/lintian +++ b/debian/lintian @@ -1,2 +1,2 @@ -vyatta-op-vpn: file-in-unusual-dir -vyatta-op-vpn: dir-or-file-in-opt +# It's a hassle to move it out of /opt. I'll get to it later +#vyatta-op-vpn binary: dir-or-file-in-opt diff --git a/debian/rules b/debian/rules index 4b68fde..67f4ee5 100755 --- a/debian/rules +++ b/debian/rules @@ -22,7 +22,8 @@ CFLAGS = -Wall -g configure = ./configure configure += --host=$(DEB_HOST_GNU_TYPE) configure += --build=$(DEB_BUILD_GNU_TYPE) -configure += --prefix=/opt/vyatta +configure += --prefix=/usr +configure += --sysconfdir=/etc configure += --mandir=\$${prefix}/share/man configure += --infodir=\$${prefix}/share/info configure += CFLAGS="$(CFLAGS)" @@ -43,9 +44,10 @@ config.status: configure rm -f config.cache $(configure) -build: build-stamp - -build-stamp: config.status +build: build-arch build-indep +build-arch: build-stamp +build-indep: build-stamp +build-stamp: config.status dh_testdir $(MAKE) touch $@ @@ -68,13 +70,12 @@ clean-patched: install: build dh_testdir dh_testroot - dh_clean -k + dh_prep dh_installdirs $(MAKE) DESTDIR=$(PKGDIR) install install -D --mode=0644 debian/lintian $(PKGDIR)/usr/share/lintian/overrides/$(PACKAGE) - install -D --mode=0644 debian/linda $(PKGDIR)/usr/share/linda/overrides/$(PACKAGE) # Build architecture-independent files here. binary-indep: build install diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..9f67427 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (native) \ No newline at end of file diff --git a/lib/OPMode.pm b/lib/OPMode.pm index 49bc966..fa51c66 100644 --- a/lib/OPMode.pm +++ b/lib/OPMode.pm @@ -1,4 +1,3 @@ -#!/usr/bin/perl # # Module Vyatta::VPN::OpMode.pm # diff --git a/lib/vpnprof/OPMode.pm b/lib/vpnprof/OPMode.pm index 99c6268..05e1f00 100644 --- a/lib/vpnprof/OPMode.pm +++ b/lib/vpnprof/OPMode.pm @@ -1,4 +1,3 @@ -#!/usr/bin/perl # # Module Vyatta::vpnprof::OpMode.pm # diff --git a/scripts/key-pair.template b/scripts/key-pair.template index 5b5b2a6..bbf5eb9 100644 --- a/scripts/key-pair.template +++ b/scripts/key-pair.template @@ -1,10 +1,15 @@ [ req ] - default_bits = 1024 + default_bits = 2048 default_keyfile = privkey.pem distinguished_name = req_distinguished_name + string_mask = utf8only attributes = req_attributes + dirstring_type = nobmp +# SHA-1 is deprecated, so use SHA-2 instead. + default_md = sha256 +# Extension to add when the -x509 option is used. x509_extensions = v3_ca - dirstring_type = nobmp + [ req_distinguished_name ] countryName = Country Name (2 letter code) countryName_min = 2 @@ -24,4 +29,39 @@ [ v3_ca ] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always - basicConstraints = CA:true + basicConstraints = critical, CA:true + keyUsage = critical, digitalSignature, cRLSign, keyCertSign +[ v3_intermediate_ca ] +# Extensions for a typical intermediate CA (`man x509v3_config`). + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid:always,issuer + basicConstraints = critical, CA:true, pathlen:0 + keyUsage = critical, digitalSignature, cRLSign, keyCertSign +[ usr_cert ] +# Extensions for client certificates (`man x509v3_config`). + basicConstraints = CA:FALSE + nsCertType = client, email + nsComment = "OpenSSL Generated Client Certificate" + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid,issuer + keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment + extendedKeyUsage = clientAuth, emailProtection +[ server_cert ] +# Extensions for server certificates (`man x509v3_config`). + basicConstraints = CA:FALSE + nsCertType = server + nsComment = "OpenSSL Generated Server Certificate" + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid,issuer:always + keyUsage = critical, digitalSignature, keyEncipherment + extendedKeyUsage = serverAuth +[ crl_ext ] +# Extension for CRLs (`man x509v3_config`). + authorityKeyIdentifier=keyid:always +[ ocsp ] +# Extension for OCSP signing certificates (`man ocsp`). + basicConstraints = CA:FALSE + subjectKeyIdentifier = hash + authorityKeyIdentifier = keyid,issuer + keyUsage = critical, digitalSignature + extendedKeyUsage = critical, OCSPSigning \ No newline at end of file diff --git a/scripts/vyatta-gen-x509-keypair.sh b/scripts/vyatta-gen-x509-keypair.sh deleted file mode 100755 index 5a66d0a..0000000 --- a/scripts/vyatta-gen-x509-keypair.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -CN=$1 -genkeypair (){ - openssl req -new -nodes -keyout /config/auth/$CN.key -out /config/auth/$CN.csr -config /opt/vyatta/etc/key-pair.template -} -if [ -f /config/auth/$CN.csr ]; then - read -p "A certificate request named $CN.csr already exists. Overwrite (y/n)?" - [[ $REPLY != y && $REPLY != Y ]] || genkeypair -else - genkeypair -fi diff --git a/scripts/vyatta-gen-x509-keypair.sh.in b/scripts/vyatta-gen-x509-keypair.sh.in new file mode 100755 index 0000000..194ac4f --- /dev/null +++ b/scripts/vyatta-gen-x509-keypair.sh.in @@ -0,0 +1,11 @@ +#!/bin/bash +CN=$1 +genkeypair (){ + openssl req -new -nodes -keyout /config/auth/$CN.key -out /config/auth/$CN.csr -config @sysconfdir@/key-pair.template +} +if [ -f /config/auth/$CN.csr ]; then + read -p "A certificate request named $CN.csr already exists. Overwrite (y/n)?" + [[ $REPLY != y && $REPLY != Y ]] || genkeypair +else + genkeypair +fi diff --git a/templates/generate/vpn/x509/key-pair/node.tag/node.def b/templates/generate/vpn/x509/key-pair/node.tag/node.def index 9882df8..dc21935 100644 --- a/templates/generate/vpn/x509/key-pair/node.tag/node.def +++ b/templates/generate/vpn/x509/key-pair/node.tag/node.def @@ -1,4 +1,4 @@ help: Generate x509 key-pair run: - sudo /opt/vyatta/sbin/vyatta-gen-x509-keypair.sh $5 + sudo /opt/vyatta/sbin/vyatta-gen-x509-keypair $5 allowed: echo -n '' -- cgit v1.2.3 From 020165ce5b9643ff3b9c96bd4a30c981a5d5d78d Mon Sep 17 00:00:00 2001 From: "C.J. Collier" Date: Wed, 11 May 2016 06:42:43 +0000 Subject: vyatta-op-vpn (0.15.0+vyos2+current2+nmu1) UNRELEASED; urgency=low * Non-maintainer upload. * address lintian issues - script-not-executable: removed #!/usr/bin/perl from .pm files - debhelper-but-no-misc-depends: added ${misc:Depends} to Depends: field - debian-rules-missing-recommended-target: added build-arch build-indep - out-of-date-standards-version: updated standards version to 3.9.4 - package-contains-linda-override: removed linda override - file-in-unusual-dir: not triggering, removed from override - script-with-language-extension: renamed vyatta-gen-x509-keypair.sh vyatta-gen-x509-keypair * address dpkg-gencontrol issue: - unknown substitution variable ${shlibs:Depends} - removed * address dpkg-source issue: - debian/source/format set to "3.0 (native)" * removed all references to /opt/vyatta but one from source Signed-off-by: C.J. Collier --- .gitignore | 42 +++++- Makefile.am | 6 +- configure.ac | 55 +++++++- debian/autogen.sh | 4 +- m4/relpaths.m4 | 155 +++++++++++++++++++++ scripts/vyatta-gen-x509-keypair.in | 11 ++ scripts/vyatta-gen-x509-keypair.sh.in | 11 -- .../generate/vpn/rsa-key/bits/node.tag/node.def | 3 - .../generate/vpn/rsa-key/bits/node.tag/node.def.in | 3 + .../rsa-key/bits/node.tag/random/node.tag/node.def | 3 - .../bits/node.tag/random/node.tag/node.def.in | 3 + templates/generate/vpn/rsa-key/node.def | 2 - templates/generate/vpn/rsa-key/node.def.in | 2 + .../generate/vpn/x509/key-pair/node.tag/node.def | 4 - .../vpn/x509/key-pair/node.tag/node.def.in | 4 + templates/reset/vpn/ipsec-peer/node.tag/node.def | 6 - .../reset/vpn/ipsec-peer/node.tag/node.def.in | 6 + .../ipsec-peer/node.tag/tunnel/node.tag/node.def | 10 -- .../node.tag/tunnel/node.tag/node.def.in | 10 ++ .../reset/vpn/ipsec-peer/node.tag/vti/node.def | 5 - .../reset/vpn/ipsec-peer/node.tag/vti/node.def.in | 5 + .../reset/vpn/ipsec-profile/node.tag/node.def | 6 - .../reset/vpn/ipsec-profile/node.tag/node.def.in | 6 + .../node.tag/tunnel/node.tag/node.def | 10 -- .../node.tag/tunnel/node.tag/node.def.in | 10 ++ templates/restart/vpn/node.def | 12 -- templates/restart/vpn/node.def.in | 12 ++ templates/show/vpn/debug/detail/node.def | 12 -- templates/show/vpn/debug/detail/node.def.in | 12 ++ templates/show/vpn/debug/node.def | 12 -- templates/show/vpn/debug/node.def.in | 12 ++ templates/show/vpn/debug/peer/node.tag/node.def | 14 -- templates/show/vpn/debug/peer/node.tag/node.def.in | 14 ++ .../debug/peer/node.tag/tunnel/node.tag/node.def | 14 -- .../peer/node.tag/tunnel/node.tag/node.def.in | 14 ++ templates/show/vpn/ike/rsa-keys/node.def | 2 - templates/show/vpn/ike/rsa-keys/node.def.in | 2 + templates/show/vpn/ike/sa/nat-traversal/node.def | 2 - .../show/vpn/ike/sa/nat-traversal/node.def.in | 2 + templates/show/vpn/ike/sa/node.def | 2 - templates/show/vpn/ike/sa/node.def.in | 2 + templates/show/vpn/ike/sa/peer/node.tag/node.def | 3 - .../show/vpn/ike/sa/peer/node.tag/node.def.in | 3 + templates/show/vpn/ike/secrets/node.def | 2 - templates/show/vpn/ike/secrets/node.def.in | 2 + templates/show/vpn/ike/status/node.def | 2 - templates/show/vpn/ike/status/node.def.in | 2 + templates/show/vpn/ipsec/sa/detail/node.def | 3 - templates/show/vpn/ipsec/sa/detail/node.def.in | 3 + .../vpn/ipsec/sa/detail/peer/node.tag/node.def | 3 - .../vpn/ipsec/sa/detail/peer/node.tag/node.def.in | 3 + .../detail/peer/node.tag/tunnel/node.tag/node.def | 3 - .../peer/node.tag/tunnel/node.tag/node.def.in | 3 + .../vpn/ipsec/sa/detail/profile/node.tag/node.def | 3 - .../ipsec/sa/detail/profile/node.tag/node.def.in | 3 + .../profile/node.tag/tunnel/node.tag/node.def | 3 - .../profile/node.tag/tunnel/node.tag/node.def.in | 3 + templates/show/vpn/ipsec/sa/nat-traversal/node.def | 2 - .../show/vpn/ipsec/sa/nat-traversal/node.def.in | 2 + templates/show/vpn/ipsec/sa/node.def | 3 - templates/show/vpn/ipsec/sa/node.def.in | 3 + templates/show/vpn/ipsec/sa/peer/node.tag/node.def | 3 - .../show/vpn/ipsec/sa/peer/node.tag/node.def.in | 3 + .../sa/peer/node.tag/tunnel/node.tag/node.def | 3 - .../sa/peer/node.tag/tunnel/node.tag/node.def.in | 3 + .../show/vpn/ipsec/sa/profile/node.tag/node.def | 3 - .../show/vpn/ipsec/sa/profile/node.tag/node.def.in | 3 + .../sa/profile/node.tag/tunnel/node.tag/node.def | 3 - .../profile/node.tag/tunnel/node.tag/node.def.in | 3 + templates/show/vpn/ipsec/sa/statistics/node.def | 3 - templates/show/vpn/ipsec/sa/statistics/node.def.in | 3 + .../vpn/ipsec/sa/statistics/peer/node.tag/node.def | 3 - .../ipsec/sa/statistics/peer/node.tag/node.def.in | 3 + .../peer/node.tag/tunnel/node.tag/node.def | 3 - .../peer/node.tag/tunnel/node.tag/node.def.in | 3 + .../ipsec/sa/statistics/profile/node.tag/node.def | 3 - .../sa/statistics/profile/node.tag/node.def.in | 3 + .../profile/node.tag/tunnel/node.tag/node.def | 3 - .../profile/node.tag/tunnel/node.tag/node.def.in | 3 + templates/show/vpn/ipsec/status/node.def | 6 - templates/show/vpn/ipsec/status/node.def.in | 6 + 81 files changed, 439 insertions(+), 203 deletions(-) create mode 100644 m4/relpaths.m4 create mode 100755 scripts/vyatta-gen-x509-keypair.in delete mode 100755 scripts/vyatta-gen-x509-keypair.sh.in delete mode 100644 templates/generate/vpn/rsa-key/bits/node.tag/node.def create mode 100644 templates/generate/vpn/rsa-key/bits/node.tag/node.def.in delete mode 100644 templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def create mode 100644 templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in delete mode 100644 templates/generate/vpn/rsa-key/node.def create mode 100644 templates/generate/vpn/rsa-key/node.def.in delete mode 100644 templates/generate/vpn/x509/key-pair/node.tag/node.def create mode 100644 templates/generate/vpn/x509/key-pair/node.tag/node.def.in delete mode 100644 templates/reset/vpn/ipsec-peer/node.tag/node.def create mode 100644 templates/reset/vpn/ipsec-peer/node.tag/node.def.in delete mode 100644 templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def create mode 100644 templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/reset/vpn/ipsec-peer/node.tag/vti/node.def create mode 100644 templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in delete mode 100644 templates/reset/vpn/ipsec-profile/node.tag/node.def create mode 100644 templates/reset/vpn/ipsec-profile/node.tag/node.def.in delete mode 100644 templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def create mode 100644 templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/restart/vpn/node.def create mode 100644 templates/restart/vpn/node.def.in delete mode 100644 templates/show/vpn/debug/detail/node.def create mode 100644 templates/show/vpn/debug/detail/node.def.in delete mode 100644 templates/show/vpn/debug/node.def create mode 100644 templates/show/vpn/debug/node.def.in delete mode 100644 templates/show/vpn/debug/peer/node.tag/node.def create mode 100644 templates/show/vpn/debug/peer/node.tag/node.def.in delete mode 100644 templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def create mode 100644 templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/show/vpn/ike/rsa-keys/node.def create mode 100644 templates/show/vpn/ike/rsa-keys/node.def.in delete mode 100644 templates/show/vpn/ike/sa/nat-traversal/node.def create mode 100644 templates/show/vpn/ike/sa/nat-traversal/node.def.in delete mode 100644 templates/show/vpn/ike/sa/node.def create mode 100644 templates/show/vpn/ike/sa/node.def.in delete mode 100644 templates/show/vpn/ike/sa/peer/node.tag/node.def create mode 100644 templates/show/vpn/ike/sa/peer/node.tag/node.def.in delete mode 100644 templates/show/vpn/ike/secrets/node.def create mode 100644 templates/show/vpn/ike/secrets/node.def.in delete mode 100644 templates/show/vpn/ike/status/node.def create mode 100644 templates/show/vpn/ike/status/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/detail/node.def create mode 100644 templates/show/vpn/ipsec/sa/detail/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/nat-traversal/node.def create mode 100644 templates/show/vpn/ipsec/sa/nat-traversal/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/node.def create mode 100644 templates/show/vpn/ipsec/sa/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/peer/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/profile/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/statistics/node.def create mode 100644 templates/show/vpn/ipsec/sa/statistics/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def create mode 100644 templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in delete mode 100644 templates/show/vpn/ipsec/status/node.def create mode 100644 templates/show/vpn/ipsec/status/node.def.in (limited to 'debian') diff --git a/.gitignore b/.gitignore index 67bea90..470b73c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ *~ -/m4 +m4/lt*.m4 +m4/libtool.m4 .*.swp *.[oa] *.l[oa] @@ -27,4 +28,41 @@ libtool /Makefile /command_proc_show_vpn -/scripts/vyatta-gen-x509-keypair.sh \ No newline at end of file +templates/generate/vpn/rsa-key/bits/node.tag/node.def +templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def +templates/generate/vpn/rsa-key/node.def +templates/generate/vpn/x509/key-pair/node.tag/node.def +templates/reset/vpn/ipsec-peer/node.tag/node.def +templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def +templates/reset/vpn/ipsec-peer/node.tag/vti/node.def +templates/reset/vpn/ipsec-profile/node.tag/node.def +templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def +templates/restart/vpn/node.def +templates/show/vpn/debug/detail/node.def +templates/show/vpn/debug/node.def +templates/show/vpn/debug/peer/node.tag/node.def +templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def +templates/show/vpn/ike/rsa-keys/node.def +templates/show/vpn/ike/sa/nat-traversal/node.def +templates/show/vpn/ike/sa/node.def +templates/show/vpn/ike/sa/peer/node.tag/node.def +templates/show/vpn/ike/secrets/node.def +templates/show/vpn/ike/status/node.def +templates/show/vpn/ipsec/sa/detail/node.def +templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def +templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def +templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def +templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def +templates/show/vpn/ipsec/sa/nat-traversal/node.def +templates/show/vpn/ipsec/sa/node.def +templates/show/vpn/ipsec/sa/peer/node.tag/node.def +templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def +templates/show/vpn/ipsec/sa/profile/node.tag/node.def +templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def +templates/show/vpn/ipsec/sa/statistics/node.def +templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def +templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def +templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def +templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def +templates/show/vpn/ipsec/status/node.def +/scripts/vyatta-gen-x509-keypair \ No newline at end of file diff --git a/Makefile.am b/Makefile.am index f15d7c0..490b1f1 100644 --- a/Makefile.am +++ b/Makefile.am @@ -21,11 +21,9 @@ cpiop = find . ! -regex '\(.*~\|.*\.bak\|.*\.swp\|.*\#.*\#\)' -print0 | \ cpio -0pd install-exec-hook: - mkdir -p $(DESTDIR)${sysconfdir} - mkdir -p $(DESTDIR)${sbindir} - cp scripts/vyatta-gen-x509-keypair.sh $(DESTDIR)${sbindir}/vyatta-gen-x509-keypair + mkdir -p $(DESTDIR)${sysconfdir} $(DESTDIR)${sbindir} $(DESTDIR)$(opdir) + cp scripts/vyatta-gen-x509-keypair $(DESTDIR)${sbindir}/ cp scripts/key-pair.template $(DESTDIR)${sysconfdir} - mkdir -p $(DESTDIR)$(opdir) cd templates; $(cpiop) $(DESTDIR)$(opdir) diff --git a/configure.ac b/configure.ac index 3d9a504..6002c2d 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) -m4_define([DEFAULT_PREFIX], "/opt/vyatta") +m4_define([DEFAULT_PREFIX], [/opt/vyatta]) m4_define([VERSION_ID], [m4_esyscmd([ if test -f .version ; then @@ -24,6 +24,9 @@ else XSLDIR="$prefix/share/xsl/" fi +adl_RECURSIVE_EVAL([$bindir/sudo-users/],[SUDOUSRDIR]) +adl_RECURSIVE_EVAL([$sbindir/],[SBINDIR]) + AC_PROG_CC AC_PROG_CXX AM_PROG_AS @@ -39,14 +42,56 @@ AC_ARG_ENABLE([nostrip], AC_SUBST(NOSTRIP) AC_SUBST(XSLDIR) +AC_SUBST(SUDOUSRDIR) +AC_SUBST(SBINDIR) AC_OUTPUT([ Makefile - scripts/vyatta-gen-x509-keypair.sh + scripts/vyatta-gen-x509-keypair + templates/restart/vpn/node.def + templates/generate/vpn/x509/key-pair/node.tag/node.def + templates/generate/vpn/rsa-key/node.def + templates/generate/vpn/rsa-key/bits/node.tag/node.def + templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def + templates/show/vpn/ipsec/status/node.def + templates/show/vpn/ipsec/sa/node.def + templates/show/vpn/ipsec/sa/nat-traversal/node.def + templates/show/vpn/ipsec/sa/statistics/node.def + templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def + templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def + templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def + templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def + templates/show/vpn/ipsec/sa/detail/node.def + templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def + templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def + templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def + templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def + templates/show/vpn/ipsec/sa/profile/node.tag/node.def + templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def + templates/show/vpn/ipsec/sa/peer/node.tag/node.def + templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def + templates/show/vpn/debug/node.def + templates/show/vpn/debug/detail/node.def + templates/show/vpn/debug/peer/node.tag/node.def + templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def + templates/show/vpn/ike/secrets/node.def + templates/show/vpn/ike/status/node.def + templates/show/vpn/ike/sa/node.def + templates/show/vpn/ike/sa/nat-traversal/node.def + templates/show/vpn/ike/sa/peer/node.tag/node.def + templates/show/vpn/ike/rsa-keys/node.def + templates/reset/vpn/ipsec-profile/node.tag/node.def + templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def + templates/reset/vpn/ipsec-peer/node.tag/node.def + templates/reset/vpn/ipsec-peer/node.tag/vti/node.def + templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def ]) -echo "prefix: ${prefix}" -echo "sysconfdir: ${sysconfdir}" +echo "prefix: ${prefix}" +echo "sbindir: ${sbindir}" +echo "sysconfdir: ${sysconfdir}" echo "datarootdir: ${datarootdir}" -echo "XSLDIR: ${XSLDIR}" +echo "XSLDIR: ${XSLDIR}" +echo "SBINDIR: ${SBINDIR}" +echo "SUDOUSRDIR: ${SUDOUSRDIR}" diff --git a/debian/autogen.sh b/debian/autogen.sh index 92719c8..70ecdeb 100755 --- a/debian/autogen.sh +++ b/debian/autogen.sh @@ -1,10 +1,10 @@ #!/bin/sh -rm -rf config m4 +rm -rf config rm -f aclocal.m4 config.guess config.statusconfig.sub configure INSTALL -mkdir -p m4 +mkdir -p autoreconf --force --install rm -f config.sub config.guess diff --git a/m4/relpaths.m4 b/m4/relpaths.m4 new file mode 100644 index 0000000..15f24b3 --- /dev/null +++ b/m4/relpaths.m4 @@ -0,0 +1,155 @@ +dnl @synopsis adl_COMPUTE_RELATIVE_PATHS(PATH_LIST) +dnl +dnl PATH_LIST is a space-separated list of colon-separated triplets of +dnl the form 'FROM:TO:RESULT'. This function iterates over these +dnl triplets and set $RESULT to the relative path from $FROM to $TO. +dnl Note that $FROM and $TO needs to be absolute filenames for this +dnl macro to success. +dnl +dnl For instance, +dnl +dnl first=/usr/local/bin +dnl second=/usr/local/share +dnl adl_COMPUTE_RELATIVE_PATHS([first:second:fs second:first:sf]) +dnl # $fs is set to ../share +dnl # $sf is set to ../bin +dnl +dnl $FROM and $TO are both eval'ed recursively and normalized, this +dnl means that you can call this macro with autoconf's dirnames like +dnl `prefix' or `datadir'. For example: +dnl +dnl adl_COMPUTE_RELATIVE_PATHS([bindir:datadir:bin_to_data]) +dnl +dnl adl_COMPUTE_RELATIVE_PATHS should also works with DOS filenames. +dnl +dnl You may want to use this macro in order to make your package +dnl relocatable. Instead of hardcoding $datadir into your programs just +dnl encode $bin_to_data and try to determine $bindir at run-time. +dnl +dnl This macro requires adl_NORMALIZE_PATH. +dnl +dnl @category Misc +dnl @author Alexandre Duret-Lutz +dnl @version 2001-05-25 +dnl @license GPLWithACException + +AC_DEFUN([adl_COMPUTE_RELATIVE_PATHS], +[for _lcl_i in $1; do + _lcl_from=\[$]`echo "[$]_lcl_i" | sed 's,:.*$,,'` + _lcl_to=\[$]`echo "[$]_lcl_i" | sed 's,^[[^:]]*:,,' | sed 's,:[[^:]]*$,,'` + _lcl_result_var=`echo "[$]_lcl_i" | sed 's,^.*:,,'` + adl_RECURSIVE_EVAL([[$]_lcl_from], [_lcl_from]) + adl_RECURSIVE_EVAL([[$]_lcl_to], [_lcl_to]) + _lcl_notation="$_lcl_from$_lcl_to" + adl_NORMALIZE_PATH([_lcl_from],['/']) + adl_NORMALIZE_PATH([_lcl_to],['/']) + adl_COMPUTE_RELATIVE_PATH([_lcl_from], [_lcl_to], [_lcl_result_tmp]) + adl_NORMALIZE_PATH([_lcl_result_tmp],["[$]_lcl_notation"]) + eval $_lcl_result_var='[$]_lcl_result_tmp' +done]) + +## Note: +## ***** +## The following helper macros are too fragile to be used out +## of adl_COMPUTE_RELATIVE_PATHS (mainly because they assume that +## paths are normalized), that's why I'm keeping them in the same file. +## Still, some of them maybe worth to reuse. + +dnl adl_COMPUTE_RELATIVE_PATH(FROM, TO, RESULT) +dnl =========================================== +dnl Compute the relative path to go from $FROM to $TO and set the value +dnl of $RESULT to that value. This function work on raw filenames +dnl (for instead it will considerate /usr//local and /usr/local as +dnl two distinct paths), you should really use adl_COMPUTE_REALTIVE_PATHS +dnl instead to have the paths sanitized automatically. +dnl +dnl For instance: +dnl first_dir=/somewhere/on/my/disk/bin +dnl second_dir=/somewhere/on/another/disk/share +dnl adl_COMPUTE_RELATIVE_PATH(first_dir, second_dir, first_to_second) +dnl will set $first_to_second to '../../../another/disk/share'. +AC_DEFUN([adl_COMPUTE_RELATIVE_PATH], +[adl_COMPUTE_COMMON_PATH([$1], [$2], [_lcl_common_prefix]) +adl_COMPUTE_BACK_PATH([$1], [_lcl_common_prefix], [_lcl_first_rel]) +adl_COMPUTE_SUFFIX_PATH([$2], [_lcl_common_prefix], [_lcl_second_suffix]) +$3="[$]_lcl_first_rel[$]_lcl_second_suffix"]) + +dnl adl_COMPUTE_COMMON_PATH(LEFT, RIGHT, RESULT) +dnl ============================================ +dnl Compute the common path to $LEFT and $RIGHT and set the result to $RESULT. +dnl +dnl For instance: +dnl first_path=/somewhere/on/my/disk/bin +dnl second_path=/somewhere/on/another/disk/share +dnl adl_COMPUTE_COMMON_PATH(first_path, second_path, common_path) +dnl will set $common_path to '/somewhere/on'. +AC_DEFUN([adl_COMPUTE_COMMON_PATH], +[$3='' +_lcl_second_prefix_match='' +while test "[$]_lcl_second_prefix_match" != 0; do + _lcl_first_prefix=`expr "x[$]$1" : "x\([$]$3/*[[^/]]*\)"` + _lcl_second_prefix_match=`expr "x[$]$2" : "x[$]_lcl_first_prefix"` + if test "[$]_lcl_second_prefix_match" != 0; then + if test "[$]_lcl_first_prefix" != "[$]$3"; then + $3="[$]_lcl_first_prefix" + else + _lcl_second_prefix_match=0 + fi + fi +done]) + +dnl adl_COMPUTE_SUFFIX_PATH(PATH, SUBPATH, RESULT) +dnl ============================================== +dnl Substrack $SUBPATH from $PATH, and set the resulting suffix +dnl (or the empty string if $SUBPATH is not a subpath of $PATH) +dnl to $RESULT. +dnl +dnl For instace: +dnl first_path=/somewhere/on/my/disk/bin +dnl second_path=/somewhere/on +dnl adl_COMPUTE_SUFFIX_PATH(first_path, second_path, common_path) +dnl will set $common_path to '/my/disk/bin'. +AC_DEFUN([adl_COMPUTE_SUFFIX_PATH], +[$3=`expr "x[$]$1" : "x[$]$2/*\(.*\)"`]) + +dnl adl_COMPUTE_BACK_PATH(PATH, SUBPATH, RESULT) +dnl ============================================ +dnl Compute the relative path to go from $PATH to $SUBPATH, knowing that +dnl $SUBPATH is a subpath of $PATH (any other words, only repeated '../' +dnl should be needed to move from $PATH to $SUBPATH) and set the value +dnl of $RESULT to that value. If $SUBPATH is not a subpath of PATH, +dnl set $RESULT to the empty string. +dnl +dnl For instance: +dnl first_path=/somewhere/on/my/disk/bin +dnl second_path=/somewhere/on +dnl adl_COMPUTE_BACK_PATH(first_path, second_path, back_path) +dnl will set $back_path to '../../../'. +AC_DEFUN([adl_COMPUTE_BACK_PATH], +[adl_COMPUTE_SUFFIX_PATH([$1], [$2], [_lcl_first_suffix]) +$3='' +_lcl_tmp='xxx' +while test "[$]_lcl_tmp" != ''; do + _lcl_tmp=`expr "x[$]_lcl_first_suffix" : "x[[^/]]*/*\(.*\)"` + if test "[$]_lcl_first_suffix" != ''; then + _lcl_first_suffix="[$]_lcl_tmp" + $3="../[$]$3" + fi +done]) + + +dnl adl_RECURSIVE_EVAL(VALUE, RESULT) +dnl ================================= +dnl Interpolate the VALUE in loop until it doesn't change, +dnl and set the result to $RESULT. +dnl WARNING: It's easy to get an infinite loop with some unsane input. +AC_DEFUN([adl_RECURSIVE_EVAL], +[_lcl_receval="$1" +$2=`(test "x$prefix" = xNONE && prefix="$ac_default_prefix" + test "x$exec_prefix" = xNONE && exec_prefix="${prefix}" + _lcl_receval_old='' + while test "[$]_lcl_receval_old" != "[$]_lcl_receval"; do + _lcl_receval_old="[$]_lcl_receval" + eval _lcl_receval="\"[$]_lcl_receval\"" + done + echo "[$]_lcl_receval")`]) diff --git a/scripts/vyatta-gen-x509-keypair.in b/scripts/vyatta-gen-x509-keypair.in new file mode 100755 index 0000000..194ac4f --- /dev/null +++ b/scripts/vyatta-gen-x509-keypair.in @@ -0,0 +1,11 @@ +#!/bin/bash +CN=$1 +genkeypair (){ + openssl req -new -nodes -keyout /config/auth/$CN.key -out /config/auth/$CN.csr -config @sysconfdir@/key-pair.template +} +if [ -f /config/auth/$CN.csr ]; then + read -p "A certificate request named $CN.csr already exists. Overwrite (y/n)?" + [[ $REPLY != y && $REPLY != Y ]] || genkeypair +else + genkeypair +fi diff --git a/scripts/vyatta-gen-x509-keypair.sh.in b/scripts/vyatta-gen-x509-keypair.sh.in deleted file mode 100755 index 194ac4f..0000000 --- a/scripts/vyatta-gen-x509-keypair.sh.in +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -CN=$1 -genkeypair (){ - openssl req -new -nodes -keyout /config/auth/$CN.key -out /config/auth/$CN.csr -config @sysconfdir@/key-pair.template -} -if [ -f /config/auth/$CN.csr ]; then - read -p "A certificate request named $CN.csr already exists. Overwrite (y/n)?" - [[ $REPLY != y && $REPLY != Y ]] || genkeypair -else - genkeypair -fi diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/node.def b/templates/generate/vpn/rsa-key/bits/node.tag/node.def deleted file mode 100644 index fa2fed2..0000000 --- a/templates/generate/vpn/rsa-key/bits/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Generate local RSA key with specified number of bits -run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl "$5" /dev/random -allowed: echo -n '<16-4096>' diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/node.def.in b/templates/generate/vpn/rsa-key/bits/node.tag/node.def.in new file mode 100644 index 0000000..2eae9cc --- /dev/null +++ b/templates/generate/vpn/rsa-key/bits/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Generate local RSA key with specified number of bits +run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl "$5" /dev/random +allowed: echo -n '<16-4096>' diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def b/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def deleted file mode 100644 index eb11433..0000000 --- a/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Generate local RSA key with specified number of bits and random device -run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl "$5" "$7" -allowed: echo -n '/dev/random /dev/urandom' diff --git a/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in b/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in new file mode 100644 index 0000000..81a9633 --- /dev/null +++ b/templates/generate/vpn/rsa-key/bits/node.tag/random/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Generate local RSA key with specified number of bits and random device +run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl "$5" "$7" +allowed: echo -n '/dev/random /dev/urandom' diff --git a/templates/generate/vpn/rsa-key/node.def b/templates/generate/vpn/rsa-key/node.def deleted file mode 100644 index 60296f2..0000000 --- a/templates/generate/vpn/rsa-key/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Generate local RSA key (default: bits=2192 device=/dev/random) -run: sudo /opt/vyatta/bin/sudo-users/gen_local_rsa_key.pl 2192 /dev/random diff --git a/templates/generate/vpn/rsa-key/node.def.in b/templates/generate/vpn/rsa-key/node.def.in new file mode 100644 index 0000000..482f32c --- /dev/null +++ b/templates/generate/vpn/rsa-key/node.def.in @@ -0,0 +1,2 @@ +help: Generate local RSA key (default: bits=2192 device=/dev/random) +run: sudo @SUDOUSRDIR@/gen_local_rsa_key.pl 2192 /dev/random diff --git a/templates/generate/vpn/x509/key-pair/node.tag/node.def b/templates/generate/vpn/x509/key-pair/node.tag/node.def deleted file mode 100644 index dc21935..0000000 --- a/templates/generate/vpn/x509/key-pair/node.tag/node.def +++ /dev/null @@ -1,4 +0,0 @@ -help: Generate x509 key-pair -run: - sudo /opt/vyatta/sbin/vyatta-gen-x509-keypair $5 -allowed: echo -n '' diff --git a/templates/generate/vpn/x509/key-pair/node.tag/node.def.in b/templates/generate/vpn/x509/key-pair/node.tag/node.def.in new file mode 100644 index 0000000..2c87956 --- /dev/null +++ b/templates/generate/vpn/x509/key-pair/node.tag/node.def.in @@ -0,0 +1,4 @@ +help: Generate x509 key-pair +run: + sudo @SBINDIR@/vyatta-gen-x509-keypair $5 +allowed: echo -n '' diff --git a/templates/reset/vpn/ipsec-peer/node.tag/node.def b/templates/reset/vpn/ipsec-peer/node.tag/node.def deleted file mode 100644 index fa55d52..0000000 --- a/templates/reset/vpn/ipsec-peer/node.tag/node.def +++ /dev/null @@ -1,6 +0,0 @@ -help: Reset all tunnels for given peer - -allowed: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=get-all-peers - -run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ - --op=clear-tunnels-for-peer --peer="$4" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/node.def.in b/templates/reset/vpn/ipsec-peer/node.tag/node.def.in new file mode 100644 index 0000000..621c40a --- /dev/null +++ b/templates/reset/vpn/ipsec-peer/node.tag/node.def.in @@ -0,0 +1,6 @@ +help: Reset all tunnels for given peer + +allowed: @SUDOUSRDIR@/vyatta-vpn-op.pl --op=get-all-peers + +run: @SUDOUSRDIR@/vyatta-vpn-op.pl \ + --op=clear-tunnels-for-peer --peer="$4" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def b/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index eecb740..0000000 --- a/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,10 +0,0 @@ -help: Reset a specific tunnel for given peer - -allowed: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ - --op=get-tunnels-for-peer \ - --peer="${COMP_WORDS[COMP_CWORD-2]}" - -run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ - --op=clear-specific-tunnel-for-peer \ - --peer="$4" \ - --tunnel="$6" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in b/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..4407515 --- /dev/null +++ b/templates/reset/vpn/ipsec-peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,10 @@ +help: Reset a specific tunnel for given peer + +allowed: @SUDOUSRDIR@/vyatta-vpn-op.pl \ + --op=get-tunnels-for-peer \ + --peer="${COMP_WORDS[COMP_CWORD-2]}" + +run: @SUDOUSRDIR@/vyatta-vpn-op.pl \ + --op=clear-specific-tunnel-for-peer \ + --peer="$4" \ + --tunnel="$6" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def b/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def deleted file mode 100644 index f0f39a8..0000000 --- a/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Reset a vti tunnel for given peer - -run: /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl \ - --op=clear-vtis-for-peer \ - --peer="$4" diff --git a/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in b/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in new file mode 100644 index 0000000..2e8e9be --- /dev/null +++ b/templates/reset/vpn/ipsec-peer/node.tag/vti/node.def.in @@ -0,0 +1,5 @@ +help: Reset a vti tunnel for given peer + +run: @SUDOUSRDIR@/vyatta-vpn-op.pl \ + --op=clear-vtis-for-peer \ + --peer="$4" diff --git a/templates/reset/vpn/ipsec-profile/node.tag/node.def b/templates/reset/vpn/ipsec-profile/node.tag/node.def deleted file mode 100644 index 639fac3..0000000 --- a/templates/reset/vpn/ipsec-profile/node.tag/node.def +++ /dev/null @@ -1,6 +0,0 @@ -help: Reset all tunnels for given profile - -allowed: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl --op=get-all-profiles - -run: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \ - --op=clear-tunnels-for-profile --profile="$4" diff --git a/templates/reset/vpn/ipsec-profile/node.tag/node.def.in b/templates/reset/vpn/ipsec-profile/node.tag/node.def.in new file mode 100644 index 0000000..ea90853 --- /dev/null +++ b/templates/reset/vpn/ipsec-profile/node.tag/node.def.in @@ -0,0 +1,6 @@ +help: Reset all tunnels for given profile + +allowed: @SUDOUSRDIR@/vyatta-dmvpn-op.pl --op=get-all-profiles + +run: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \ + --op=clear-tunnels-for-profile --profile="$4" diff --git a/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def b/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index 08e299f..0000000 --- a/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,10 +0,0 @@ -help: Reset a specific tunnel for given profile - -allowed: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \ - --op=get-tunnels-for-profile \ - --profile="${COMP_WORDS[COMP_CWORD-2]}" - -run: /opt/vyatta/bin/sudo-users/vyatta-dmvpn-op.pl \ - --op=clear-specific-tunnel-for-profile \ - --profile="$4" \ - --tunnel="$6" diff --git a/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in b/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..f5eda6c --- /dev/null +++ b/templates/reset/vpn/ipsec-profile/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,10 @@ +help: Reset a specific tunnel for given profile + +allowed: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \ + --op=get-tunnels-for-profile \ + --profile="${COMP_WORDS[COMP_CWORD-2]}" + +run: @SUDOUSRDIR@/vyatta-dmvpn-op.pl \ + --op=clear-specific-tunnel-for-profile \ + --profile="$4" \ + --tunnel="$6" diff --git a/templates/restart/vpn/node.def b/templates/restart/vpn/node.def deleted file mode 100644 index 7cb9387..0000000 --- a/templates/restart/vpn/node.def +++ /dev/null @@ -1,12 +0,0 @@ -help: Restart IPsec VPN -run: if [ -n "$(cli-shell-api returnActiveValues \ - vpn ipsec ipsec-interfaces interface)" ]; then - if pgrep pluto > /dev/null - then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process - else - echo IPsec process not running - fi - else - echo IPsec VPN not configured - fi diff --git a/templates/restart/vpn/node.def.in b/templates/restart/vpn/node.def.in new file mode 100644 index 0000000..3e3566a --- /dev/null +++ b/templates/restart/vpn/node.def.in @@ -0,0 +1,12 @@ +help: Restart IPsec VPN +run: if [ -n "$(cli-shell-api returnActiveValues \ + vpn ipsec ipsec-interfaces interface)" ]; then + if pgrep pluto > /dev/null + then + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=clear-vpn-ipsec-process + else + echo IPsec process not running + fi + else + echo IPsec VPN not configured + fi diff --git a/templates/show/vpn/debug/detail/node.def b/templates/show/vpn/debug/detail/node.def deleted file mode 100644 index ee3604d..0000000 --- a/templates/show/vpn/debug/detail/node.def +++ /dev/null @@ -1,12 +0,0 @@ -help: Show detailed VPN debugging information -run: if [ -n "$(cli-shell-api returnActiveValues \ - vpn ipsec ipsec-interfaces interface)" ]; then - if pgrep pluto > /dev/null - then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug-detail - else - echo IPsec process not running - fi - else - echo VPN ipsec not configured - fi diff --git a/templates/show/vpn/debug/detail/node.def.in b/templates/show/vpn/debug/detail/node.def.in new file mode 100644 index 0000000..9271328 --- /dev/null +++ b/templates/show/vpn/debug/detail/node.def.in @@ -0,0 +1,12 @@ +help: Show detailed VPN debugging information +run: if [ -n "$(cli-shell-api returnActiveValues \ + vpn ipsec ipsec-interfaces interface)" ]; then + if pgrep pluto > /dev/null + then + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug-detail + else + echo IPsec process not running + fi + else + echo VPN ipsec not configured + fi diff --git a/templates/show/vpn/debug/node.def b/templates/show/vpn/debug/node.def deleted file mode 100644 index 7a33888..0000000 --- a/templates/show/vpn/debug/node.def +++ /dev/null @@ -1,12 +0,0 @@ -help: Show VPN debugging information -run: if [ -n "$(cli-shell-api returnActiveValues \ - vpn ipsec ipsec-interfaces interface)" ]; then - if pgrep pluto > /dev/null - then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug - else - echo IPsec process not running - fi - else - echo VPN ipsec not configured - fi diff --git a/templates/show/vpn/debug/node.def.in b/templates/show/vpn/debug/node.def.in new file mode 100644 index 0000000..1f6c829 --- /dev/null +++ b/templates/show/vpn/debug/node.def.in @@ -0,0 +1,12 @@ +help: Show VPN debugging information +run: if [ -n "$(cli-shell-api returnActiveValues \ + vpn ipsec ipsec-interfaces interface)" ]; then + if pgrep pluto > /dev/null + then + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug + else + echo IPsec process not running + fi + else + echo VPN ipsec not configured + fi diff --git a/templates/show/vpn/debug/peer/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/node.def deleted file mode 100644 index a27063a..0000000 --- a/templates/show/vpn/debug/peer/node.tag/node.def +++ /dev/null @@ -1,14 +0,0 @@ -help: Show debugging information for a peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli -run: if [ -n "$(cli-shell-api returnActiveValues \ - vpn ipsec ipsec-interfaces interface)" ]; then - if pgrep pluto > /dev/null - then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5 - else - echo IPsec process not running - fi - else - echo VPN ipsec not configured - fi - diff --git a/templates/show/vpn/debug/peer/node.tag/node.def.in b/templates/show/vpn/debug/peer/node.tag/node.def.in new file mode 100644 index 0000000..d201746 --- /dev/null +++ b/templates/show/vpn/debug/peer/node.tag/node.def.in @@ -0,0 +1,14 @@ +help: Show debugging information for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: if [ -n "$(cli-shell-api returnActiveValues \ + vpn ipsec ipsec-interfaces interface)" ]; then + if pgrep pluto > /dev/null + then + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug | grep peer-$5 + else + echo IPsec process not running + fi + else + echo VPN ipsec not configured + fi + diff --git a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index c141ac0..0000000 --- a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,14 +0,0 @@ -help: Show debugging information for a peer's tunnel -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]} -run: if [ -n "$(cli-shell-api returnActiveValues \ - vpn ipsec ipsec-interfaces interface)" ]; then - if pgrep pluto > /dev/null - then - /opt/vyatta/bin/sudo-users/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7" - else - echo IPsec process not running - fi - else - echo VPN ipsec not configured - fi - diff --git a/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..5906929 --- /dev/null +++ b/templates/show/vpn/debug/peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,14 @@ +help: Show debugging information for a peer's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[4]} +run: if [ -n "$(cli-shell-api returnActiveValues \ + vpn ipsec ipsec-interfaces interface)" ]; then + if pgrep pluto > /dev/null + then + @SUDOUSRDIR@/vyatta-vpn-op.pl --op=show-vpn-debug | grep "peer-$5-tunnel-$7" + else + echo IPsec process not running + fi + else + echo VPN ipsec not configured + fi + diff --git a/templates/show/vpn/ike/rsa-keys/node.def b/templates/show/vpn/ike/rsa-keys/node.def deleted file mode 100644 index 6d3baa5..0000000 --- a/templates/show/vpn/ike/rsa-keys/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show VPN RSA keys -run: sudo /opt/vyatta/bin/sudo-users/vyatta-show-vpn.pl rsa-keys diff --git a/templates/show/vpn/ike/rsa-keys/node.def.in b/templates/show/vpn/ike/rsa-keys/node.def.in new file mode 100644 index 0000000..255ca18 --- /dev/null +++ b/templates/show/vpn/ike/rsa-keys/node.def.in @@ -0,0 +1,2 @@ +help: Show VPN RSA keys +run: sudo @SUDOUSRDIR@/vyatta-show-vpn.pl rsa-keys diff --git a/templates/show/vpn/ike/sa/nat-traversal/node.def b/templates/show/vpn/ike/sa/nat-traversal/node.def deleted file mode 100644 index 3855c49..0000000 --- a/templates/show/vpn/ike/sa/nat-traversal/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show all currently active IKE Security Associations (SA) that are using NAT Traversal -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa-natt diff --git a/templates/show/vpn/ike/sa/nat-traversal/node.def.in b/templates/show/vpn/ike/sa/nat-traversal/node.def.in new file mode 100644 index 0000000..6c62b12 --- /dev/null +++ b/templates/show/vpn/ike/sa/nat-traversal/node.def.in @@ -0,0 +1,2 @@ +help: Show all currently active IKE Security Associations (SA) that are using NAT Traversal +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa-natt diff --git a/templates/show/vpn/ike/sa/node.def b/templates/show/vpn/ike/sa/node.def deleted file mode 100644 index 051d657..0000000 --- a/templates/show/vpn/ike/sa/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show all currently active IKE Security Associations (SA) -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa diff --git a/templates/show/vpn/ike/sa/node.def.in b/templates/show/vpn/ike/sa/node.def.in new file mode 100644 index 0000000..e372ff7 --- /dev/null +++ b/templates/show/vpn/ike/sa/node.def.in @@ -0,0 +1,2 @@ +help: Show all currently active IKE Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa diff --git a/templates/show/vpn/ike/sa/peer/node.tag/node.def b/templates/show/vpn/ike/sa/peer/node.tag/node.def deleted file mode 100644 index c76b71b..0000000 --- a/templates/show/vpn/ike/sa/peer/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show all currently active IKE Security Associations (SA) for a peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-sa-peer="$6" diff --git a/templates/show/vpn/ike/sa/peer/node.tag/node.def.in b/templates/show/vpn/ike/sa/peer/node.tag/node.def.in new file mode 100644 index 0000000..a9782ad --- /dev/null +++ b/templates/show/vpn/ike/sa/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show all currently active IKE Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-sa-peer="$6" diff --git a/templates/show/vpn/ike/secrets/node.def b/templates/show/vpn/ike/secrets/node.def deleted file mode 100644 index ec4073c..0000000 --- a/templates/show/vpn/ike/secrets/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show all the pre-shared key secrets -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-secrets diff --git a/templates/show/vpn/ike/secrets/node.def.in b/templates/show/vpn/ike/secrets/node.def.in new file mode 100644 index 0000000..3d1a32d --- /dev/null +++ b/templates/show/vpn/ike/secrets/node.def.in @@ -0,0 +1,2 @@ +help: Show all the pre-shared key secrets +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-secrets diff --git a/templates/show/vpn/ike/status/node.def b/templates/show/vpn/ike/status/node.def deleted file mode 100644 index e74a741..0000000 --- a/templates/show/vpn/ike/status/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show summary of IKE process information -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ike-status diff --git a/templates/show/vpn/ike/status/node.def.in b/templates/show/vpn/ike/status/node.def.in new file mode 100644 index 0000000..7cc9b10 --- /dev/null +++ b/templates/show/vpn/ike/status/node.def.in @@ -0,0 +1,2 @@ +help: Show summary of IKE process information +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ike-status diff --git a/templates/show/vpn/ipsec/sa/detail/node.def b/templates/show/vpn/ipsec/sa/detail/node.def deleted file mode 100644 index 1397817..0000000 --- a/templates/show/vpn/ipsec/sa/detail/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show details for all active IPsec Security Associations (SA) -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-detail - sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-detail diff --git a/templates/show/vpn/ipsec/sa/detail/node.def.in b/templates/show/vpn/ipsec/sa/detail/node.def.in new file mode 100644 index 0000000..781d61b --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/node.def.in @@ -0,0 +1,3 @@ +help: Show details for all active IPsec Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-detail + sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-detail diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def deleted file mode 100644 index cad43ba..0000000 --- a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show details for all active IPsec Security Associations (SA) for a peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-peer-detail="$7" diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in new file mode 100644 index 0000000..659acfa --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for all active IPsec Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer-detail="$7" diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index 470578e..0000000 --- a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show details for the active IPsec Security Associations (SA) for a peer's tunnel -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]} -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-conn-detail $7 $9 diff --git a/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..5c121c3 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for the active IPsec Security Associations (SA) for a peer's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-conn-detail $7 $9 diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def deleted file mode 100644 index fbb6218..0000000 --- a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show details for all active IPsec Security Associations (SA) for a profile -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-profiles-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-profile-detail="$7" diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in new file mode 100644 index 0000000..bcbc520 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for all active IPsec Security Associations (SA) for a profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-profile-detail="$7" diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index ac5fd14..0000000 --- a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show details for the active IPsec Security Associations (SA) for a tunnel bound to profile -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]} -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-conn-detail $7 $9 diff --git a/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..e31b008 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/detail/profile/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show details for the active IPsec Security Associations (SA) for a tunnel bound to profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-conn-detail $7 $9 diff --git a/templates/show/vpn/ipsec/sa/nat-traversal/node.def b/templates/show/vpn/ipsec/sa/nat-traversal/node.def deleted file mode 100644 index 7ea610b..0000000 --- a/templates/show/vpn/ipsec/sa/nat-traversal/node.def +++ /dev/null @@ -1,2 +0,0 @@ -help: Show all active IPsec Security Associations (SA) that are using NAT Traversal -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-natt diff --git a/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in b/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in new file mode 100644 index 0000000..f3bbe87 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/nat-traversal/node.def.in @@ -0,0 +1,2 @@ +help: Show all active IPsec Security Associations (SA) that are using NAT Traversal +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-natt diff --git a/templates/show/vpn/ipsec/sa/node.def b/templates/show/vpn/ipsec/sa/node.def deleted file mode 100644 index 287d489..0000000 --- a/templates/show/vpn/ipsec/sa/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show all active IPsec Security Associations (SA) -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa - sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa diff --git a/templates/show/vpn/ipsec/sa/node.def.in b/templates/show/vpn/ipsec/sa/node.def.in new file mode 100644 index 0000000..036a1d7 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/node.def.in @@ -0,0 +1,3 @@ +help: Show all active IPsec Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa + sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def deleted file mode 100644 index 559bed5..0000000 --- a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show all active IPsec Security Associations (SA) for a peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-peer="$6" diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in new file mode 100644 index 0000000..1cae596 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show all active IPsec Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-peer="$6" diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index 195f37a..0000000 --- a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show the active IPsec Security Association (SA) for a peer's tunnel -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[5]} -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-conn $6 $8 diff --git a/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..8cc8a9c --- /dev/null +++ b/templates/show/vpn/ipsec/sa/peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show the active IPsec Security Association (SA) for a peer's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[5]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-conn $6 $8 diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/node.def b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def deleted file mode 100644 index 76e66a5..0000000 --- a/templates/show/vpn/ipsec/sa/profile/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show all active IPsec Security Associations (SA) for a profile -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-profiles-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-profile="$6" diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in new file mode 100644 index 0000000..30ed853 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/profile/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show all active IPsec Security Associations (SA) for a profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-profile="$6" diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index 3f0af98..0000000 --- a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show the active IPsec Security Association (SA) for a profile's tunnel -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[5]} -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-conn $6 $8 diff --git a/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..3d643bc --- /dev/null +++ b/templates/show/vpn/ipsec/sa/profile/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show the active IPsec Security Association (SA) for a profile's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[5]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-conn $6 $8 diff --git a/templates/show/vpn/ipsec/sa/statistics/node.def b/templates/show/vpn/ipsec/sa/statistics/node.def deleted file mode 100644 index 84fa4b7..0000000 --- a/templates/show/vpn/ipsec/sa/statistics/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show statistics of all active tunnels that have IPsec Security Associations (SA) -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-stats - sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-stats diff --git a/templates/show/vpn/ipsec/sa/statistics/node.def.in b/templates/show/vpn/ipsec/sa/statistics/node.def.in new file mode 100644 index 0000000..5832f1a --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/node.def.in @@ -0,0 +1,3 @@ +help: Show statistics of all active tunnels that have IPsec Security Associations (SA) +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats + sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def deleted file mode 100644 index 758333e..0000000 --- a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show stats for all active IPsec Security Associations (SA) for a peer -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-peers-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-stats-peer="$7" diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in new file mode 100644 index 0000000..8b72451 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for all active IPsec Security Associations (SA) for a peer +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-peers-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats-peer="$7" diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index 1902c22..0000000 --- a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show stats for the active IPsec Security Association (SA) for a peer's tunnel -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]} -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpn.pl --show-ipsec-sa-stats-conn $7 $9 diff --git a/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..6566a44 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/peer/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for the active IPsec Security Association (SA) for a peer's tunnel +allowed: @SUDOUSRDIR@/vyatta-op-vpn.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpn.pl --show-ipsec-sa-stats-conn $7 $9 diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def deleted file mode 100644 index 9d49f44..0000000 --- a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show stats for all active IPsec Security Associations (SA) for a profile -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-profiles-for-cli -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-profile="$7" diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in new file mode 100644 index 0000000..1bc76d6 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for all active IPsec Security Associations (SA) for a profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-profiles-for-cli +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-profile="$7" diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def deleted file mode 100644 index b8aa7dc..0000000 --- a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: Show stats for the active IPsec Security Association (SA) for a tunnel bound to profile -allowed: /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]} -run: sudo /opt/vyatta/bin/sudo-users/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-conn $7 $9 diff --git a/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in new file mode 100644 index 0000000..9ae35c8 --- /dev/null +++ b/templates/show/vpn/ipsec/sa/statistics/profile/node.tag/tunnel/node.tag/node.def.in @@ -0,0 +1,3 @@ +help: Show stats for the active IPsec Security Association (SA) for a tunnel bound to profile +allowed: @SUDOUSRDIR@/vyatta-op-vpnprof.pl --get-conn-for-cli=${COMP_WORDS[6]} +run: sudo @SUDOUSRDIR@/vyatta-op-vpnprof.pl --show-ipsec-sa-stats-conn $7 $9 diff --git a/templates/show/vpn/ipsec/status/node.def b/templates/show/vpn/ipsec/status/node.def deleted file mode 100644 index bf4ebf7..0000000 --- a/templates/show/vpn/ipsec/status/node.def +++ /dev/null @@ -1,6 +0,0 @@ -help: Show status of IPsec process -run: if pgrep pluto >&/dev/null; then - /opt/vyatta/bin/sudo-users/vyatta-show-ipsec-status.pl - else - echo -e "IPSec Process NOT Running\n" - fi diff --git a/templates/show/vpn/ipsec/status/node.def.in b/templates/show/vpn/ipsec/status/node.def.in new file mode 100644 index 0000000..25f849b --- /dev/null +++ b/templates/show/vpn/ipsec/status/node.def.in @@ -0,0 +1,6 @@ +help: Show status of IPsec process +run: if pgrep pluto >&/dev/null; then + @SUDOUSRDIR@/vyatta-show-ipsec-status.pl + else + echo -e "IPSec Process NOT Running\n" + fi -- cgit v1.2.3 From 23548e6931a763be01c43463aada7b0ba4d818c9 Mon Sep 17 00:00:00 2001 From: "C.J. Collier" Date: Wed, 11 May 2016 06:44:37 +0000 Subject: oops missed a file --- debian/changelog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index c7cd4d1..13bbddd 100644 --- a/debian/changelog +++ b/debian/changelog @@ -14,7 +14,7 @@ vyatta-op-vpn (0.15.0+vyos2+current2+nmu1) UNRELEASED; urgency=low - unknown substitution variable ${shlibs:Depends} - removed * address dpkg-source issue: - debian/source/format set to "3.0 (native)" - + * removed all references to /opt/vyatta but one from source -- C.J. Collier Wed, 11 May 2016 02:33:38 +0000 -- cgit v1.2.3 From 8a80669f305983de512466e3e2bad0924d7f37a0 Mon Sep 17 00:00:00 2001 From: Kim Hagen Date: Thu, 15 Sep 2016 08:49:42 +0200 Subject: prefix is set in "configure.ac" file, so is removed from "debian/rules" --- debian/rules | 2 -- 1 file changed, 2 deletions(-) (limited to 'debian') diff --git a/debian/rules b/debian/rules index 67f4ee5..9231584 100755 --- a/debian/rules +++ b/debian/rules @@ -22,8 +22,6 @@ CFLAGS = -Wall -g configure = ./configure configure += --host=$(DEB_HOST_GNU_TYPE) configure += --build=$(DEB_BUILD_GNU_TYPE) -configure += --prefix=/usr -configure += --sysconfdir=/etc configure += --mandir=\$${prefix}/share/man configure += --infodir=\$${prefix}/share/info configure += CFLAGS="$(CFLAGS)" -- cgit v1.2.3