diff options
| author | Christian Breunig <christian@breunig.cc> | 2023-05-04 15:33:05 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-04 15:33:05 +0200 |
| commit | 70eff8e0ab776aabfc2058353d8a5d51b60d1deb (patch) | |
| tree | 33ee66ba476670ab4309e2bf050400de89ca090b | |
| parent | 973421035568810e2583187c48d14054970b9806 (diff) | |
| parent | 339fcd4108870c32d5ce236d0cb2b55a507f47fa (diff) | |
| download | vyatta-wanloadbalance-70eff8e0ab776aabfc2058353d8a5d51b60d1deb.tar.gz vyatta-wanloadbalance-70eff8e0ab776aabfc2058353d8a5d51b60d1deb.zip | |
Merge pull request #17 from sever-sever/T5171
T5171: Use XML for loadbalancing wan instead of old templates
42 files changed, 4 insertions, 516 deletions
diff --git a/Makefile.am b/Makefile.am index 61bb736..f979140 100644 --- a/Makefile.am +++ b/Makefile.am @@ -10,8 +10,7 @@ AM_CPPFLAGS = -I src -Wall -DDEBUG CLEANFILES = src/main.o src/lbdata.o src/lbdatafactory.o src/loadbalance.o src/rl_str_proc.o src/lbpathtest.o src/lbtest_icmp.o src/lbtest_ttl.o src/lboutput.o src/lbtest.o -sbin_SCRIPTS = scripts/vyatta-wanloadbalance.pl -sbin_SCRIPTS += scripts/vyatta-wanloadbalance.init +sbin_SCRIPTS = scripts/vyatta-wanloadbalance.init bin_sudo_users_SCRIPTS = scripts/vyatta-wlb-status bin_sudo_users_SCRIPTS += scripts/vyatta-wlb-connection.pl @@ -43,7 +42,5 @@ install-exec-hook: mkdir -p $(DESTDIR)$(dhcphookdir) mkdir -p $(DESTDIR)$(pppwanlbdir) mkdir -p $(DESTDIR)$(ppphookdir) - mkdir -p $(DESTDIR)$(cfgdir) - cd templates; $(cpiop) $(DESTDIR)$(cfgdir) mkdir -p $(DESTDIR)$(opdir) cd templates-op; $(cpiop) $(DESTDIR)$(opdir) diff --git a/scripts/vyatta-wanloadbalance.init b/scripts/vyatta-wanloadbalance.init index 2f61284..986f6f8 100755 --- a/scripts/vyatta-wanloadbalance.init +++ b/scripts/vyatta-wanloadbalance.init @@ -10,7 +10,7 @@ test -x $bb || exit 0 start () { - start-stop-daemon --background --start --quiet --oknodo --exec /opt/vyatta/sbin/wan_lb -- -f /var/run/load-balance/wlb.conf -d -i $pid + start-stop-daemon --background --start --quiet --oknodo --exec /opt/vyatta/sbin/wan_lb -- -f /run/load-balance/wlb.conf -d -i $pid } stop () diff --git a/scripts/vyatta-wanloadbalance.pl b/scripts/vyatta-wanloadbalance.pl deleted file mode 100644 index f476ac2..0000000 --- a/scripts/vyatta-wanloadbalance.pl +++ /dev/null @@ -1,358 +0,0 @@ -#!/usr/bin/perl -w -# -# Module: vyatta-wanloadbalance.pl -# -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License version 2 as published -# by the Free Software Foundation. -# -# **** End License **** -# -use lib "/opt/vyatta/share/perl5/"; -use Vyatta::Config; -use Vyatta::Misc; -use Vyatta::TypeChecker; -use Getopt::Long; - -use warnings; -use strict; -use POSIX; -use File::Copy; - -sub write_health { - - #open conf - my $config = new Vyatta::Config; - - my $valid = "false"; - - if ($config->exists("load-balancing wan disable-source-nat")) { - print FILE_LCK "disable-source-nat\n"; - } - - if ($config->exists("load-balancing wan enable-local-traffic")) { - print FILE_LCK "enable-local-traffic\n"; - } - - if ($config->exists("load-balancing wan sticky-connections inbound")) { - print FILE_LCK "sticky-connections inbound\n"; - } - - if ($config->exists("load-balancing wan flush-connections")) { - print FILE_LCK "flush-conntrack\n"; - } - - my $hook = $config->returnValue("load-balancing wan hook"); - if (defined $hook) { - print FILE_LCK "hook \"" . $hook . "\"\n"; - } - - print FILE_LCK "health {\n"; - - $config->setLevel("load-balancing wan interface-health"); - my @eths = $config->listNodes(); - foreach my $ethNode (@eths) { - $config->setLevel("load-balancing wan interface-health"); - - print FILE_LCK "\tinterface " . $ethNode . " {\n"; - - my $option = $config->returnValue("$ethNode failure-count"); - if (defined $option) { - print FILE_LCK "\t\tfailure-ct " . $option . "\n"; - } - - $option = $config->returnValue("$ethNode success-count"); - if (defined $option) { - print FILE_LCK "\t\tsuccess-ct " . $option . "\n"; - } - - $option = $config->returnValue("$ethNode nexthop"); - if (defined $option) { - print FILE_LCK "\t\tnexthop " . $option . "\n"; - $valid = "true"; - }else { - print "ERROR: nexthop must be specified\n"; - exit 1; - } - - $config->setLevel("load-balancing wan interface-health $ethNode test"); - my @rules = $config->listNodes(); - foreach my $rule (@rules) { - print FILE_LCK "\t\trule " . $rule . " {\n"; - - my $test_type = $config->returnValue("$rule type"); - if ((defined $test_type) && ($test_type eq "ttl")) { - print FILE_LCK "\t\t\ttype udp {\n"; - my $ttl_limit = $config->returnValue("$rule ttl-limit"); - if (defined $ttl_limit) { - print FILE_LCK "\t\t\t\tttl $ttl_limit\n"; - } - }elsif (defined($test_type) && ($test_type eq "user-defined")) { - print FILE_LCK "\t\t\ttype user-defined {\n"; - my $test_script = $config->returnValue("$rule test-script"); - if (defined $test_script) { - print FILE_LCK "\t\t\t\ttest-script $test_script\n"; - }else { - print "ERROR: script must be defined for test-script\n"; - exit 1; - } - }else { - print FILE_LCK "\t\t\ttype ping {\n"; - } - - my $option = $config->returnValue("$rule target"); - if (defined $option) { - print FILE_LCK "\t\t\t\ttarget " . $option . "\n"; - } - - $option = $config->returnValue("$rule resp-time"); - if (defined $option) { - print FILE_LCK "\t\t\t\tresp-time " . $option*1000 . "\n"; - } - print FILE_LCK "\t\t\t}\n"; - - print FILE_LCK "\t\t}\n"; - } - print FILE_LCK "\t}\n"; - } - print FILE_LCK "}\n\n"; - - if ($valid eq "false") { - print "WARNING: A valid WAN load-balance configuration requires an interface with a nexthop\n"; - } - return $valid; -} - -sub write_rules { - my $config = new Vyatta::Config; - - my $outbound_defined = "false"; - - $config->setLevel('load-balancing wan rule'); - my @rules = $config->listNodes(); - - #destination - foreach my $rule (@rules) { - print FILE_LCK "rule " . $rule . " {\n"; - - my $exclude = "false"; - - $config->setLevel('load-balancing wan rule'); - - if ($config->exists("$rule exclude")) { - $exclude = "true"; - print FILE_LCK "\texclude\n"; - } - - if ($config->exists("$rule failover")) { - print FILE_LCK "\tfailover\n"; - } - - if ($config->exists("$rule per-packet-balancing")) { - print FILE_LCK "\tper-packet-balancing\n"; - } - - if ($config->exists("$rule failover") && $config->exists("$rule exclude")) { - print "ERROR: failover cannot be configured with exclude\n"; - exit 1; - } - - if ($config->exists("$rule limit") && $config->exists("$rule exclude")) { - print "ERROR: limit cannot be used with exclude\n"; - exit 1; - } - - if ($config->exists("$rule limit")) { - print FILE_LCK "\tlimit {\n"; - my $limit_burst = $config->returnValue("$rule limit burst"); - if (defined $limit_burst) { - print FILE_LCK "\t\tburst " . $limit_burst . "\n"; - } - - my $limit_rate = $config->returnValue("$rule limit rate"); - if (defined $limit_rate) { - print FILE_LCK "\t\trate " . $limit_rate . "\n"; - } - - my $limit_period = $config->returnValue("$rule limit period"); - if (defined $limit_period) { - print FILE_LCK "\t\tperiod " . $limit_period . "\n"; - } - - my $limit_thresh = $config->returnValue("$rule limit threshold"); - if (defined $limit_thresh) { - print FILE_LCK "\t\tthresh " . $limit_thresh . "\n"; - } - print FILE_LCK "\t}\n"; - } - - my $protocol = $config->returnValue("$rule protocol"); - if (defined $protocol) { - print FILE_LCK "\tprotocol " . $protocol . "\n"; - }else { - $protocol = ""; - } - - #destination - print FILE_LCK "\tdestination {\n"; - my $daddr = $config->returnValue("$rule destination address"); - if (defined $daddr) { - if (Vyatta::TypeChecker::validate_iptables4_addr($daddr) eq "1") { - print FILE_LCK "\t\taddress \"" . $daddr . "\"\n"; - }else { - print "Error in destination address configuration\n"; - exit 1; - } - } - - my $option = $config->returnValue("$rule destination port"); - if (defined $option) { - my $can_use_port; - my $port_str; - my $port_err; - - if ($protocol eq "tcp" || $protocol eq "udp") { - $can_use_port = "yes"; - } - ($port_str, $port_err) = Vyatta::Misc::getPortRuleString($option, $can_use_port, "d", $protocol); - if (defined $port_str) { - print FILE_LCK "\t\tport-ipt \"" . $port_str . "\"\n"; - }else { - print $port_err; - exit 1; - } - } - - print FILE_LCK "\t}\n"; - - #source - $config->setLevel('load-balancing wan rule'); - - print FILE_LCK "\tsource {\n"; - my $saddr = $config->returnValue("$rule source address"); - if (defined $saddr) { - if (Vyatta::TypeChecker::validate_iptables4_addr($saddr) eq "1") { - print FILE_LCK "\t\taddress \"" . $saddr . "\"\n"; - }else { - print "Error in source address configuration\n"; - exit 1; - } - } - - $option = $config->returnValue("$rule source port"); - if (defined $option) { - my $can_use_port; - my $port_str; - my $port_err; - - if ($protocol eq "tcp" || $protocol eq "udp") { - $can_use_port = "yes"; - } - ($port_str, $port_err) = Vyatta::Misc::getPortRuleString($option, $can_use_port, "s", $protocol); - if (defined $port_str) { - print FILE_LCK "\t\tport-ipt \"" . $port_str . "\"\n"; - }else { - print $port_err; - exit 1; - } - } - print FILE_LCK "\t}\n"; - - #inbound-interface - my $inbound = $config->returnValue("$rule inbound-interface"); - if (defined $inbound) { - print FILE_LCK "\tinbound-interface " . $inbound . "\n"; - }else { - print "ERROR: inbound-interface must be specified\n"; - exit 1; - } - - #interface - $config->setLevel("load-balancing wan rule $rule interface"); - my @eths = $config->listNodes(); - - if ($#eths < 0 && $exclude eq "false") { - print "WARNING: rule $rule will be inactive because no (outbound) interfaces have been defined for this rule\n"; - }elsif ($#eths >= 0 && $exclude eq "true") { - print "WARNING: interfaces (outbound) are not used when exclude has been defined for rule $rule\n"; - } - - foreach my $ethNode (@eths) { - if ($inbound eq $ethNode) { - print "WARNING: inbound interface is the same as the outbound interface\n"; - } - - if ($exclude ne "true") { - $outbound_defined = "true"; - } - - print FILE_LCK "\tinterface " . $ethNode . " {\n"; - - $option = $config->returnValue("$ethNode weight"); - if (defined $option) { - print FILE_LCK "\t\tweight " . $option . "\n"; - } - print FILE_LCK "\t}\n"; - } - print FILE_LCK "}\n"; - } - - if ($outbound_defined eq "false") { - print "WARNING: At least one rule with an (outbound) interface must be defined for WAN load balancing to be active\n"; - - #allow this configuration, just generate the warning - return "true"; - } - return $outbound_defined; -} - -my $nexthop; - -sub usage { - exit 1; -} - -GetOptions("valid-nexthop=s" => \$nexthop,) or usage(); - -####main -my $conf_file = '/var/run/load-balance/wlb.conf'; -my $conf_lck_file = '/var/run/load-balance/wlb.conf.lck'; -`sudo mkdir -p /var/run/load-balance`; - -# Enable conntrack counters -`sudo sysctl -w net.netfilter.nf_conntrack_acct=1`; - -####are we just validating? -if (defined $nexthop) { - my $rc = Vyatta::TypeChecker::validateType('ipv4', $nexthop, 1); - if (!$rc && $nexthop ne "dhcp") { - exit 1; - } - exit 0; -} - -#open file -`touch $conf_file`; #creates file on first access -open(FILE, "<$conf_file") or die "Can't open wlb config file"; -open(FILE_LCK, "+>$conf_lck_file") or die "Can't open wlb lock file"; - -my $success = write_health(); -if ($success eq "false") { - exit 1; -} - -$success = write_rules(); -if ($success eq "false") { - exit 1; -} - -close FILE; -close FILE_LCK; - -copy($conf_lck_file,$conf_file); -unlink($conf_lck_file); - -#finally kick the process -system("/opt/vyatta/sbin/vyatta-wanloadbalance.init restart $conf_file 2>/dev/null"); - -exit 0; diff --git a/scripts/vyatta-wlb-connection.pl b/scripts/vyatta-wlb-connection.pl index b034821..afd8289 100644 --- a/scripts/vyatta-wlb-connection.pl +++ b/scripts/vyatta-wlb-connection.pl @@ -25,8 +25,8 @@ use lib "/opt/vyatta/share/perl5/"; -#examine /var/run/load-balance/wlb.conf for disable-source-nat -if (!open($CONFFILE, "<", "/var/run/load-balance/wlb.conf")) { +#examine //run/load-balance/wlb.conf for disable-source-nat +if (!open($CONFFILE, "<", "/run/load-balance/wlb.conf")) { return; } $nat_source_disabled = 0; diff --git a/templates/load-balancing/node.def b/templates/load-balancing/node.def deleted file mode 100644 index e2a44b6..0000000 --- a/templates/load-balancing/node.def +++ /dev/null @@ -1,3 +0,0 @@ -priority: 900 -help: Configure load-balancing - diff --git a/templates/load-balancing/wan/disable-source-nat/node.def b/templates/load-balancing/wan/disable-source-nat/node.def deleted file mode 100644 index 5df025d..0000000 --- a/templates/load-balancing/wan/disable-source-nat/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Disable source nat rules from being configured for wan load balancing diff --git a/templates/load-balancing/wan/enable-local-traffic/node.def b/templates/load-balancing/wan/enable-local-traffic/node.def deleted file mode 100644 index c9441b9..0000000 --- a/templates/load-balancing/wan/enable-local-traffic/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Enable wan load balancing for locally sourced traffic diff --git a/templates/load-balancing/wan/flush-connections/node.def b/templates/load-balancing/wan/flush-connections/node.def deleted file mode 100644 index d55229b..0000000 --- a/templates/load-balancing/wan/flush-connections/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Flush connection tracking tables on connection state change diff --git a/templates/load-balancing/wan/hook/node.def b/templates/load-balancing/wan/hook/node.def deleted file mode 100644 index efaa775..0000000 --- a/templates/load-balancing/wan/hook/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: Script to be executed on interface status change -syntax:expression: exec "/opt/vyatta/sbin/check_file_in_config_dir $VAR(@) '/config/scripts'" -val_help: Script in /config/scripts diff --git a/templates/load-balancing/wan/interface-health/node.def b/templates/load-balancing/wan/interface-health/node.def deleted file mode 100644 index 2c5a8a1..0000000 --- a/templates/load-balancing/wan/interface-health/node.def +++ /dev/null @@ -1,3 +0,0 @@ -tag: -type: txt -help: Interface name diff --git a/templates/load-balancing/wan/interface-health/node.tag/failure-count/node.def b/templates/load-balancing/wan/interface-health/node.tag/failure-count/node.def deleted file mode 100644 index 89ca474..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/failure-count/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: u32 -default: 1 -syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 10; "failure count must be between 1-10" -help: Failure count -val_help: u32:1-10; Failure count diff --git a/templates/load-balancing/wan/interface-health/node.tag/nexthop/node.def b/templates/load-balancing/wan/interface-health/node.tag/nexthop/node.def deleted file mode 100644 index c434f40..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/nexthop/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: txt -help: Outbound interface nexthop address. Can be 'dhcp or ip address' [REQUIRED] -syntax:expression: exec "/opt/vyatta/sbin/vyatta-wanloadbalance.pl --valid-nexthop $VAR(@)"\ - ; "Invalid nexthop [$VAR(@)]" -allowed: echo "dhcp <>" -val_help: ipv4; Nexthop IP address -val_help: dhcp; Set the nexthop via DHCP diff --git a/templates/load-balancing/wan/interface-health/node.tag/success-count/node.def b/templates/load-balancing/wan/interface-health/node.tag/success-count/node.def deleted file mode 100644 index 8d8a6b7..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/success-count/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: u32 -default: 1 -syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 10; "success count must be between 1 and 10" -help: Success count -val_help: u32:1-10; Success count - diff --git a/templates/load-balancing/wan/interface-health/node.tag/test/node.def b/templates/load-balancing/wan/interface-health/node.tag/test/node.def deleted file mode 100644 index 855d0ae..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/test/node.def +++ /dev/null @@ -1,3 +0,0 @@ -tag: -type: u32 -help: Rule number diff --git a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/resp-time/node.def b/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/resp-time/node.def deleted file mode 100644 index 972060a..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/resp-time/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: u32 -default: 5 -syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 30; "response must be between 1 and 30 seconds" -help: Ping response time (seconds) -val_help: u32:1-30; Response time (seconds) diff --git a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/target/node.def b/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/target/node.def deleted file mode 100644 index c0861b8..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/target/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: Health target address diff --git a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/test-script/node.def b/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/test-script/node.def deleted file mode 100644 index e472c21..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/test-script/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: Path to user defined script -syntax:expression: exec "/opt/vyatta/sbin/check_file_in_config_dir $VAR(@) '/config/scripts'" -val_help: Script in /config/scripts diff --git a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/ttl-limit/node.def b/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/ttl-limit/node.def deleted file mode 100644 index 559b94a..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/ttl-limit/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: u32 -default: 1 -help: Ttl limit (hop count) -val_help: u32:1-254; Number of hops - -syntax:expression: $VAR(@) >=1 && $VAR(@) <= 254; "ttl limit hops must be between 1 and 254" diff --git a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/type/node.def b/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/type/node.def deleted file mode 100644 index 5775b6b..0000000 --- a/templates/load-balancing/wan/interface-health/node.tag/test/node.tag/type/node.def +++ /dev/null @@ -1,10 +0,0 @@ -type: txt - -help: WLB test type - -syntax:expression: $VAR(@) in "ping", "ttl", "user-defined"; - "action must be either ping, ttl expired or user defined test" - -val_help: ping; Test with icmp echo response -val_help: ttl; Test with udp TTL expired response -val_help: user-defined; User defined test script diff --git a/templates/load-balancing/wan/node.def b/templates/load-balancing/wan/node.def deleted file mode 100644 index 07cfff0..0000000 --- a/templates/load-balancing/wan/node.def +++ /dev/null @@ -1,5 +0,0 @@ -help: Configure Wide Area Network (WAN) load-balancing -end: if [ ${COMMIT_ACTION} != 'DELETE' ]; then - sudo ${vyatta_sbindir}/vyatta-wanloadbalance.pl; - fi; -delete:expression: exec "sudo /opt/vyatta/sbin/vyatta-wanloadbalance.init stop;sudo rm -f /var/run/load-balance/wlb.out" diff --git a/templates/load-balancing/wan/rule/node.def b/templates/load-balancing/wan/rule/node.def deleted file mode 100644 index 2624723..0000000 --- a/templates/load-balancing/wan/rule/node.def +++ /dev/null @@ -1,5 +0,0 @@ -tag: -type: u32 -help: Rule number (1-9999) -syntax:expression: $VAR(@) > 0 && $VAR(@) <= 9999; "firewall rule number must be between 1 and 9999" -val_help: u32:1-9999; Rule number diff --git a/templates/load-balancing/wan/rule/node.tag/description/node.def b/templates/load-balancing/wan/rule/node.tag/description/node.def deleted file mode 100644 index f95f929..0000000 --- a/templates/load-balancing/wan/rule/node.tag/description/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: txt -help: Description for this rule - diff --git a/templates/load-balancing/wan/rule/node.tag/destination/address/node.def b/templates/load-balancing/wan/rule/node.tag/destination/address/node.def deleted file mode 100644 index 83d7514..0000000 --- a/templates/load-balancing/wan/rule/node.tag/destination/address/node.def +++ /dev/null @@ -1,10 +0,0 @@ -type: txt - -help: Destination IP address, subnet, or range - -val_help: ipv4; IP address to match -val_help: ipv4net; Subnet to match -val_help: ipv4range; IP range to match -val_help: !ipv4; Match everything except the specified address -val_help: !ipv4net; Match everything except the specified subnet -val_help: !ipv4range; Match everything except the specified range diff --git a/templates/load-balancing/wan/rule/node.tag/destination/node.def b/templates/load-balancing/wan/rule/node.tag/destination/node.def deleted file mode 100644 index 5ca1451..0000000 --- a/templates/load-balancing/wan/rule/node.tag/destination/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Destination diff --git a/templates/load-balancing/wan/rule/node.tag/destination/port/node.def b/templates/load-balancing/wan/rule/node.tag/destination/port/node.def deleted file mode 100644 index 5f53756..0000000 --- a/templates/load-balancing/wan/rule/node.tag/destination/port/node.def +++ /dev/null @@ -1,11 +0,0 @@ -type: txt - -help: Destination port - -val_help: <port name>; Named port (any name in /etc/services, e.g., http) -val_help: u32:1-65535; Numbered port -val_help: range; Numbered port range (e.g., 1001-1005) -comp_help: Multiple destination ports can be specified as a comma-separated list. -The whole list can also be "negated" using '!'. For example: - '!22,telnet,http,123,1001-1005' - diff --git a/templates/load-balancing/wan/rule/node.tag/exclude/node.def b/templates/load-balancing/wan/rule/node.tag/exclude/node.def deleted file mode 100644 index ed730a3..0000000 --- a/templates/load-balancing/wan/rule/node.tag/exclude/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Exclude packets matching this rule from wan load balance diff --git a/templates/load-balancing/wan/rule/node.tag/failover/node.def b/templates/load-balancing/wan/rule/node.tag/failover/node.def deleted file mode 100644 index 7e4e4f1..0000000 --- a/templates/load-balancing/wan/rule/node.tag/failover/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Enable failover for packets matching this rule from wan load balance diff --git a/templates/load-balancing/wan/rule/node.tag/inbound-interface/node.def b/templates/load-balancing/wan/rule/node.tag/inbound-interface/node.def deleted file mode 100644 index b405032..0000000 --- a/templates/load-balancing/wan/rule/node.tag/inbound-interface/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: Inbound interface name (e.g., "eth0") [REQUIRED] diff --git a/templates/load-balancing/wan/rule/node.tag/interface/node.def b/templates/load-balancing/wan/rule/node.tag/interface/node.def deleted file mode 100644 index 1f8ca20..0000000 --- a/templates/load-balancing/wan/rule/node.tag/interface/node.def +++ /dev/null @@ -1,3 +0,0 @@ -tag: -type: txt -help: Interface name [REQUIRED] diff --git a/templates/load-balancing/wan/rule/node.tag/interface/node.tag/weight/node.def b/templates/load-balancing/wan/rule/node.tag/interface/node.tag/weight/node.def deleted file mode 100644 index fd66e3d..0000000 --- a/templates/load-balancing/wan/rule/node.tag/interface/node.tag/weight/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: u32 -default: 1 -syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 255; "Interface weight must be between 1 and 255" -help: Load-balance weight -val_help: u32:1-255; Interface weight diff --git a/templates/load-balancing/wan/rule/node.tag/limit/burst/node.def b/templates/load-balancing/wan/rule/node.tag/limit/burst/node.def deleted file mode 100644 index 3924145..0000000 --- a/templates/load-balancing/wan/rule/node.tag/limit/burst/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: u32 -help: Burst limit for matching packets -default: 5 diff --git a/templates/load-balancing/wan/rule/node.tag/limit/node.def b/templates/load-balancing/wan/rule/node.tag/limit/node.def deleted file mode 100644 index 62caf8f..0000000 --- a/templates/load-balancing/wan/rule/node.tag/limit/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Enable packet limit for this rule diff --git a/templates/load-balancing/wan/rule/node.tag/limit/period/node.def b/templates/load-balancing/wan/rule/node.tag/limit/period/node.def deleted file mode 100644 index 2645887..0000000 --- a/templates/load-balancing/wan/rule/node.tag/limit/period/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: Time window for rate calculation -default: "second" -syntax:expression: $VAR(@) in "second", "minute", "hour"; "period must be second or minute or hour" diff --git a/templates/load-balancing/wan/rule/node.tag/limit/rate/node.def b/templates/load-balancing/wan/rule/node.tag/limit/rate/node.def deleted file mode 100644 index 9f0aef3..0000000 --- a/templates/load-balancing/wan/rule/node.tag/limit/rate/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: u32 -help: Number of packets used for rate limit -default: 5 diff --git a/templates/load-balancing/wan/rule/node.tag/limit/threshold/node.def b/templates/load-balancing/wan/rule/node.tag/limit/threshold/node.def deleted file mode 100644 index 2fcc2d0..0000000 --- a/templates/load-balancing/wan/rule/node.tag/limit/threshold/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: Threshold behavior for limit -default: "below" -syntax:expression: $VAR(@) in "below", "above"; "limit can apply above or below rate" diff --git a/templates/load-balancing/wan/rule/node.tag/per-packet-balancing/node.def b/templates/load-balancing/wan/rule/node.tag/per-packet-balancing/node.def deleted file mode 100644 index aaacdcb..0000000 --- a/templates/load-balancing/wan/rule/node.tag/per-packet-balancing/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Option to match traffic per-packet instead of the default, per-flow diff --git a/templates/load-balancing/wan/rule/node.tag/protocol/node.def b/templates/load-balancing/wan/rule/node.tag/protocol/node.def deleted file mode 100644 index b7a1f01..0000000 --- a/templates/load-balancing/wan/rule/node.tag/protocol/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -help: Protocol to match -default: "all" -syntax:expression: exec "/opt/vyatta/sbin/vyatta-validate-type.pl protocol_negate '$VAR(@)'" ; "invalid protocol \"$VAR(@)\"" -val_help: txt; IP protocol name from /etc/protocols (e.g. "tcp" or "udp") -val_help: u32:0-255; IP protocol number -val_help: all; All IP protocols -val_help: !<protocol>; All IP protocols except for the specified name or number diff --git a/templates/load-balancing/wan/rule/node.tag/source/address/node.def b/templates/load-balancing/wan/rule/node.tag/source/address/node.def deleted file mode 100644 index 72d6a17..0000000 --- a/templates/load-balancing/wan/rule/node.tag/source/address/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -help: Source IP address, subnet, or range -val_help: ipv4; IP address to match -val_help: ipv4net; Subnet to match -val_help: ipv4range; IP range to match -val_help: !ipv4; Match everything except the specified address -val_help: !ipv4net; Match everything except the specified subnet -val_help: !ipv4range; Match everything except the specified range diff --git a/templates/load-balancing/wan/rule/node.tag/source/node.def b/templates/load-balancing/wan/rule/node.tag/source/node.def deleted file mode 100644 index 0c108ba..0000000 --- a/templates/load-balancing/wan/rule/node.tag/source/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Source information diff --git a/templates/load-balancing/wan/rule/node.tag/source/port/node.def b/templates/load-balancing/wan/rule/node.tag/source/port/node.def deleted file mode 100644 index adfae7a..0000000 --- a/templates/load-balancing/wan/rule/node.tag/source/port/node.def +++ /dev/null @@ -1,8 +0,0 @@ -type: txt -help: Source port -val_help: <port name>; Named port (any name in /etc/services, e.g., http) -val_help: u32:1-65535; Numbered port -val_help: range; Numbered port range (e.g., 1001-1005) -comp_help: Multiple source ports can be specified as a comma-separated list. -The whole list can also be "negated" using '!'. For example: - '!22,telnet,http,123,1001-1005' diff --git a/templates/load-balancing/wan/sticky-connections/inbound/node.def b/templates/load-balancing/wan/sticky-connections/inbound/node.def deleted file mode 100644 index cede40e..0000000 --- a/templates/load-balancing/wan/sticky-connections/inbound/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Enable sticky incoming WAN connections diff --git a/templates/load-balancing/wan/sticky-connections/node.def b/templates/load-balancing/wan/sticky-connections/node.def deleted file mode 100644 index d6a12df..0000000 --- a/templates/load-balancing/wan/sticky-connections/node.def +++ /dev/null @@ -1 +0,0 @@ -help: Configure sticky connections
\ No newline at end of file |