diff options
Diffstat (limited to 'data')
-rw-r--r-- | data/templates/firewall/nftables.j2 | 8 | ||||
-rw-r--r-- | data/templates/frr/daemons.frr.tmpl | 2 | ||||
-rw-r--r-- | data/templates/frr/eigrpd.frr.j2 | 21 | ||||
-rw-r--r-- | data/templates/frr/policy.frr.j2 | 28 | ||||
-rw-r--r-- | data/templates/frr/ripd.frr.j2 | 9 | ||||
-rw-r--r-- | data/templates/sla/owamp-override.conf.j2 | 16 | ||||
-rw-r--r-- | data/templates/sla/owamp-server.conf.j2 | 20 | ||||
-rw-r--r-- | data/templates/sla/twamp-override.conf.j2 | 16 | ||||
-rw-r--r-- | data/templates/sla/twamp-server.conf.j2 | 18 |
9 files changed, 135 insertions, 3 deletions
diff --git a/data/templates/firewall/nftables.j2 b/data/templates/firewall/nftables.j2 index fac3fad03..1f88ae40c 100644 --- a/data/templates/firewall/nftables.j2 +++ b/data/templates/firewall/nftables.j2 @@ -45,6 +45,14 @@ table ip filter { {{ conf | nft_default_rule(name_text) }} } {% endfor %} +{% if group is vyos_defined and group.domain_group is vyos_defined %} +{% for name, name_config in group.domain_group.items() %} + set {{ name }} { + type ipv4_addr + flags interval + } +{% endfor %} +{% endif %} {% for set_name in ns.sets %} set RECENT_{{ set_name }} { type ipv4_addr diff --git a/data/templates/frr/daemons.frr.tmpl b/data/templates/frr/daemons.frr.tmpl index ab7b14d6b..df98e74d6 100644 --- a/data/templates/frr/daemons.frr.tmpl +++ b/data/templates/frr/daemons.frr.tmpl @@ -8,7 +8,7 @@ isisd=yes pimd=no ldpd=yes nhrpd=no -eigrpd=no +eigrpd=yes babeld=no sharpd=no pbrd=no diff --git a/data/templates/frr/eigrpd.frr.j2 b/data/templates/frr/eigrpd.frr.j2 new file mode 100644 index 000000000..67f8a3ad1 --- /dev/null +++ b/data/templates/frr/eigrpd.frr.j2 @@ -0,0 +1,21 @@ +!
+router eigrp {{ local_as }} {{ 'vrf ' ~ vrf if vrf is vyos_defined }}
+{% if maximum_paths is vyos_defined %}
+maximum-paths {{ maximum_paths }}
+{% endif %}
+{% if metric.weights is vyos_defined %}
+metric weights {{ metric.weights }}
+{% endif %}
+{% if network is vyos_defined %}
+{% for net in network %}
+network {{ net }}
+{% endfor %}
+{% endif %}
+{% if redistribute is vyos_defined %}
+{% for protocol in redistribute %}
+redistribute {{ protocol }}
+{% endfor %}
+{% endif %}
+{% if variance is vyos_defined %}
+variance {{ variance }}
+{% endif %}
\ No newline at end of file diff --git a/data/templates/frr/policy.frr.j2 b/data/templates/frr/policy.frr.j2 index a42b73e98..33df17770 100644 --- a/data/templates/frr/policy.frr.j2 +++ b/data/templates/frr/policy.frr.j2 @@ -185,12 +185,24 @@ route-map {{ route_map }} {{ rule_config.action }} {{ rule }} {% if rule_config.match.ip.address.prefix_list is vyos_defined %} match ip address prefix-list {{ rule_config.match.ip.address.prefix_list }} {% endif %} +{% if rule_config.match.ip.address.prefix_len is vyos_defined %} + match ip address prefix-len {{ rule_config.match.ip.address.prefix_len }} +{% endif %} {% if rule_config.match.ip.nexthop.access_list is vyos_defined %} match ip next-hop {{ rule_config.match.ip.nexthop.access_list }} {% endif %} +{% if rule_config.match.ip.nexthop.address is vyos_defined %} + match ip next-hop address {{ rule_config.match.ip.nexthop.address }} +{% endif %} +{% if rule_config.match.ip.nexthop.prefix_len is vyos_defined %} + match ip next-hop prefix-len {{ rule_config.match.ip.nexthop.prefix_len }} +{% endif %} {% if rule_config.match.ip.nexthop.prefix_list is vyos_defined %} match ip next-hop prefix-list {{ rule_config.match.ip.nexthop.prefix_list }} {% endif %} +{% if rule_config.match.ip.nexthop.type is vyos_defined %} + match ip next-hop type {{ rule_config.match.ip.nexthop.type }} +{% endif %} {% if rule_config.match.ip.route_source.access_list is vyos_defined %} match ip route-source {{ rule_config.match.ip.route_source.access_list }} {% endif %} @@ -203,8 +215,20 @@ route-map {{ route_map }} {{ rule_config.action }} {{ rule }} {% if rule_config.match.ipv6.address.prefix_list is vyos_defined %} match ipv6 address prefix-list {{ rule_config.match.ipv6.address.prefix_list }} {% endif %} -{% if rule_config.match.ipv6.nexthop is vyos_defined %} - match ipv6 next-hop address {{ rule_config.match.ipv6.nexthop }} +{% if rule_config.match.ipv6.address.prefix_len is vyos_defined %} + match ipv6 address prefix-len {{ rule_config.match.ipv6.address.prefix_len }} +{% endif %} +{% if rule_config.match.ipv6.nexthop.address is vyos_defined %} + match ipv6 next-hop address {{ rule_config.match.ipv6.nexthop.address }} +{% endif %} +{% if rule_config.match.ipv6.nexthop.access_list is vyos_defined %} + match ipv6 next-hop {{ rule_config.match.ipv6.nexthop.access_list }} +{% endif %} +{% if rule_config.match.ipv6.nexthop.prefix_list is vyos_defined %} + match ipv6 next-hop prefix-list {{ rule_config.match.ipv6.nexthop.prefix_list }} +{% endif %} +{% if rule_config.match.ipv6.nexthop.type is vyos_defined %} + match ipv6 next-hop type {{ rule_config.match.ipv6.nexthop.type }} {% endif %} {% if rule_config.match.large_community.large_community_list is vyos_defined %} match large-community {{ rule_config.match.large_community.large_community_list }} diff --git a/data/templates/frr/ripd.frr.j2 b/data/templates/frr/ripd.frr.j2 index df35150ca..e9e484cc2 100644 --- a/data/templates/frr/ripd.frr.j2 +++ b/data/templates/frr/ripd.frr.j2 @@ -32,6 +32,12 @@ interface {{ iface }} {% if iface_config.split_horizon.poison_reverse is vyos_defined %} ip rip split-horizon poisoned-reverse {% endif %} +{% if iface_config.receive.version is vyos_defined %} + ip rip receive version {{ iface_config.receive.version }} +{% endif %} +{% if iface_config.send.version is vyos_defined %} + ip rip send version {{ iface_config.send.version }} +{% endif %} exit ! {% endfor %} @@ -84,6 +90,9 @@ router rip {% endif %} {% endif %} {% include 'frr/rip_ripng.frr.j2' %} +{% if version is vyos_defined %} + version {{ version }} +{% endif %} exit ! {% if route_map is vyos_defined %} diff --git a/data/templates/sla/owamp-override.conf.j2 b/data/templates/sla/owamp-override.conf.j2 new file mode 100644 index 000000000..b5ec161d4 --- /dev/null +++ b/data/templates/sla/owamp-override.conf.j2 @@ -0,0 +1,16 @@ +[Unit] +Description==OWAMP server +After=vyos-router.service +# Only start if there is a configuration file +ConditionFileNotEmpty=/etc/owamp-server/owamp-server.conf + +[Service] +KillMode=process +Type=simple +ExecStart=/usr/sbin/owampd -c /etc/owamp-server -R /var/run +ExecReload=/bin/kill -HUP $MAINPID +PIDFile=/run/owamp-server.pid +LimitNOFILE=4096 + +[Install] +WantedBy=multi-user.target diff --git a/data/templates/sla/owamp-server.conf.j2 b/data/templates/sla/owamp-server.conf.j2 new file mode 100644 index 000000000..6af963e57 --- /dev/null +++ b/data/templates/sla/owamp-server.conf.j2 @@ -0,0 +1,20 @@ +### Autogenerated by service_twamp-server.py ### + +user owamp +group owamp + +verbose +vardir /var/run + +# location for "recv" session files. +# The "catalog" subdirectory is completely cleaned and recreated each time +datadir /var/lib/owamp + +srcnode :{{ port }} + +# This is used to limit testing to a specific port range. The valid values are: +# 0 (twampd will let the system to pick the port number (ephemeral) +# low-high (A range. high must be larger than low.) +testports 8760-9960 + +diskfudge 3.0 diff --git a/data/templates/sla/twamp-override.conf.j2 b/data/templates/sla/twamp-override.conf.j2 new file mode 100644 index 000000000..34bbd228b --- /dev/null +++ b/data/templates/sla/twamp-override.conf.j2 @@ -0,0 +1,16 @@ +[Unit] +Description==TWAMP server +After=vyos-router.service +# Only start if there is a configuration file +ConditionFileNotEmpty=/etc/twamp-server/twamp-server.conf + +[Service] +KillMode=process +Type=simple +ExecStart=/usr/sbin/twampd -c /etc/twamp-server -R /var/run +ExecReload=/bin/kill -HUP $MAINPID +PIDFile=/run/twamp-server.pid +LimitNOFILE=4096 + +[Install] +WantedBy=multi-user.target diff --git a/data/templates/sla/twamp-server.conf.j2 b/data/templates/sla/twamp-server.conf.j2 new file mode 100644 index 000000000..ea5bbb54a --- /dev/null +++ b/data/templates/sla/twamp-server.conf.j2 @@ -0,0 +1,18 @@ +### Autogenerated by service_twamp-server.py ### + +user twamp +group twamp + +verbose +vardir /var/run + +# location for "recv" session files. +# The "catalog" subdirectory is completely cleaned and recreated each time +datadir /var/lib/twamp + +srcnode :{{ port }} + +# This is used to limit testing to a specific port range. The valid values are: +# 0 (twampd will let the system to pick the port number (ephemeral) +# low-high (A range. high must be larger than low.) +testports 18760-19960 |