diff --git a/sysconf/netdevice b/sysconf/netdevice index 9e20b93..aab8b49 100644 --- a/sysconf/netdevice +++ b/sysconf/netdevice @@ -11,3 +11,4 @@ vti vti wlm wirelessmodem wlan wireless pppoe pppoe +map map diff --git a/templates/interfaces/map/node.def b/templates/interfaces/map/node.def index e69de29..a4761c5 100644 --- a/templates/interfaces/map/node.def +++ b/templates/interfaces/map/node.def @@ -0,0 +1,44 @@ +tag: +priority: 380 +type: txt +help: MAP interface +val_help: ; MAP interface name +syntax:expression: pattern $VAR(@) "^map[0-9]+$" \ + ; "MAP interface must be (map0-map999)" + +commit:expression: $VAR(./role/) != "" ; \ + "Must configure the tunnel role for $VAR(@)" +commit:expression: $VAR(./tunnel-source/) != "" || $VAR(./role/@) == "br"; \ + "Must configure the tunnel tunnel-source for $VAR(@)" +commit:expression: $VAR(./br-address/) != "" ; \ + "Must configure the tunnel br-address for $VAR(@)" + +create: + if [ -n "$VAR(./tunnel-source/@)" ] ; then + TS="tunnel-source $VAR(./tunnel-source/@)" + fi + if [ -n "$VAR(./default-forwarding-mode/@)" ] ; then + DFM="default-forwarding-mode $VAR(./default-forwarding-mode/@)" + fi + if [ -n "$VAR(./default-forwarding-rule/@)" ] ; then + DFR="default-forwarding-rule $VAR(./default-forwarding-rule/@)" + fi + if [ -n "$VAR(./ipv6-fragment-size/@)" ] ; then + V6F="ipv6-fragment-size $VAR(./ipv6-fragment-size/@)" + fi + if [ -n "$VAR(./ipv4-fragment-inner/@)" ] ; then + V4F="ipv4-fragment-inner $VAR(./ipv4-fragment-inner/@)" + fi + if [ -n "$VAR(./napt-always/@)" ] ; then + NA="napt-always $VAR(./napt-always/@)" + fi + if [ -n "$VAR(./napt-force-recycle/@)" ] ; then + NFR="napt-force-recycle $VAR(./napt-force-recycle/@)" + fi + ip map add $VAR(@) role $VAR(./role/@) $TS br-address $VAR(./br-address/@) $DFM $DFR $V6F $V4F $NA $NFR + ip link set $VAR(@) up || + echo "interfaces MAP $VAR(@): error setting MAP interface active" + +delete: + ip link set $VAR(@) down + ip map del $VAR(@) diff --git a/templates/interfaces/map/node.tag/address/node.def b/templates/interfaces/map/node.tag/address/node.def index e69de29..e2275f8 100644 --- a/templates/interfaces/map/node.tag/address/node.def +++ b/templates/interfaces/map/node.tag/address/node.def @@ -0,0 +1,16 @@ +multi: +type: txt +help: IP address + +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" + +commit:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr-commit $VAR(@@) --dev $VAR(../@)" + +create: sudo /opt/vyatta/sbin/vyatta-address add $VAR(../@) $VAR(@) + +delete: sudo /opt/vyatta/sbin/vyatta-address delete $VAR(../@) $VAR(@) + +allowed: echo "<>" + +val_help: ipv4net; IP address and prefix length +val_help: ipv6net; IPv6 address and prefix length diff --git a/templates/interfaces/map/node.tag/br-address/node.def b/templates/interfaces/map/node.tag/br-address/node.def index e69de29..91ab807 100644 --- a/templates/interfaces/map/node.tag/br-address/node.def +++ b/templates/interfaces/map/node.tag/br-address/node.def @@ -0,0 +1,6 @@ +type: ipv6net +val_help: ipv6net; IPv6 address and prefix length +help: BR IP address/prefix [REQUIRED] +syntax:expression: exec "/opt/vyatta/sbin/valid_address $VAR(@)" +create:expression: "true" +update:expression: "false" ; "BR IP address/prefix can only be set at MAP creation for $VAR(../@)" diff --git a/templates/interfaces/map/node.tag/default-forwarding-mode/node.def b/templates/interfaces/map/node.tag/default-forwarding-mode/node.def index e69de29..5bbc3b5 100644 --- a/templates/interfaces/map/node.tag/default-forwarding-mode/node.def +++ b/templates/interfaces/map/node.tag/default-forwarding-mode/node.def @@ -0,0 +1,8 @@ +type: txt +help: Default forwarding mode of this MAP interface [REQUIRED] +syntax:expression: $VAR(@) in "translation", "encapsulation"; "Must be (translation, encapsulation)" +allowed: echo translation encapsulation +create:expression: "true" +update:expression: "false" ; "Default forwarding mode can only be set at MAP creation for $VAR(../@)" +val_help: translation; Translation mode +val_help: encapsulation; Encapsulation mode diff --git a/templates/interfaces/map/node.tag/default-forwarding-rule/node.def b/templates/interfaces/map/node.tag/default-forwarding-rule/node.def index e69de29..2532afc 100644 --- a/templates/interfaces/map/node.tag/default-forwarding-rule/node.def +++ b/templates/interfaces/map/node.tag/default-forwarding-rule/node.def @@ -0,0 +1,6 @@ +type: bool +help: Default value for forwarding rule +create:expression: "true" +update:expression: "false" ; "Default forwarding rule can only be set at MAP creation for $VAR(../@)" +val_help: true; Default as forwarding rule +val_help: false; Default as not forwarding rule diff --git a/templates/interfaces/map/node.tag/ipv4-fragment-inner/node.def b/templates/interfaces/map/node.tag/ipv4-fragment-inner/node.def index e69de29..0cb50e4 100644 --- a/templates/interfaces/map/node.tag/ipv4-fragment-inner/node.def +++ b/templates/interfaces/map/node.tag/ipv4-fragment-inner/node.def @@ -0,0 +1,6 @@ +type: bool +help: IPv4 stack fragment for MAP-E +create:expression: "true" +update:expression: "false" ; "IPv4 stack fragment option can only be set at MAP rule creation for $VAR(../@)" +val_help: true; Use IPv4 stack fragment [DEFAULT] +val_help: false; Not use IPv4 stack fragment diff --git a/templates/interfaces/map/node.tag/ipv6-fragment-size/node.def b/templates/interfaces/map/node.tag/ipv6-fragment-size/node.def index e69de29..9af0a36 100644 --- a/templates/interfaces/map/node.tag/ipv6-fragment-size/node.def +++ b/templates/interfaces/map/node.tag/ipv6-fragment-size/node.def @@ -0,0 +1,6 @@ +type: u32 +help: IPv6 maximum packet size +syntax:expression: $VAR(@) >= 1280; "IPv6 fragment size must be bigger than 1280" +create:expression: "true" +update:expression: "false" ; "IPv6 fragment size can only be set at MAP rule creation for $VAR(../@)" +val_help: u32:1280-; IPv6 fragment size diff --git a/templates/interfaces/map/node.tag/napt-always/node.def b/templates/interfaces/map/node.tag/napt-always/node.def index e69de29..4337d4c 100644 --- a/templates/interfaces/map/node.tag/napt-always/node.def +++ b/templates/interfaces/map/node.tag/napt-always/node.def @@ -0,0 +1,6 @@ +type: bool +help: Always use NAPT function +create:expression: "true" +update:expression: "false" ; "Always use NAPT function can only be set at MAP creation for $VAR(../@)" +val_help: true; Always use ANPT function. +val_help: false; Not use NAPT function when complete IPv4 address or IPv4 prefix assigned. diff --git a/templates/interfaces/map/node.tag/napt-force-recycle/node.def b/templates/interfaces/map/node.tag/napt-force-recycle/node.def index e69de29..b8355ef 100644 --- a/templates/interfaces/map/node.tag/napt-force-recycle/node.def +++ b/templates/interfaces/map/node.tag/napt-force-recycle/node.def @@ -0,0 +1,6 @@ +type: bool +help: Use NAPT port force recycle function for TCP +create:expression: "true" +update:expression: "false" ; "NAPT port force recycle function for TCP can only be set at MAP creation for $VAR(../@)" +val_help: true; Always use NAPT port force recycle function +val_help: false; Not use NAPT port force recycle function for TCP diff --git a/templates/interfaces/map/node.tag/pool/node.def b/templates/interfaces/map/node.tag/pool/node.def index e69de29..abf2613 100644 --- a/templates/interfaces/map/node.tag/pool/node.def +++ b/templates/interfaces/map/node.tag/pool/node.def @@ -0,0 +1,20 @@ +tag: + +type: u32 + +help: IPv4 pool prefix number (1-9999) + +syntax:expression: $VAR(@) > 0 && $VAR(@) <= 9999; "IPv4 pool prefix number must be between 1 and 9999" + +val_help: u32:1-9999; IPv4 pool prefix number + +commit:expression: $VAR(./pool-prefix/) != "" ; \ + "Must configure the IPv4 pool prefix for pool $VAR(@)" +commit:expression: $VAR(../role/@) == "br" ; \ + "Must role == BR" + +create: + ip map add-pool pool-prefix $VAR(./pool-prefix/@) dev $VAR(../@) + +delete: + ip map del-pool pool-prefix $VAR(./pool-prefix/@) dev $VAR(../@) diff --git a/templates/interfaces/map/node.tag/pool/node.tag/pool-prefix/node.def b/templates/interfaces/map/node.tag/pool/node.tag/pool-prefix/node.def index e69de29..3fa2bd1 100644 --- a/templates/interfaces/map/node.tag/pool/node.tag/pool-prefix/node.def +++ b/templates/interfaces/map/node.tag/pool/node.tag/pool-prefix/node.def @@ -0,0 +1,5 @@ +type: ipv4net +help: IPv4 pool prefix [REQUIRED] +syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +create:expression: "true" +update:expression: "false" ; "IPv4 pool prefix can only be set at MAP pool creation for $VAR(../@)" diff --git a/templates/interfaces/map/node.tag/role/node.def b/templates/interfaces/map/node.tag/role/node.def index e69de29..df9cda8 100644 --- a/templates/interfaces/map/node.tag/role/node.def +++ b/templates/interfaces/map/node.tag/role/node.def @@ -0,0 +1,8 @@ +type: txt +help: Role of this MAP interface [REQUIRED] +syntax:expression: $VAR(@) in "br", "ce"; "Must be (br, ce)" +allowed: echo br ce +create:expression: "true" +update:expression: "false" ; "Role can only be set at MAP creation for $VAR(../@)" +val_help: br; Role as BR +val_help: ce; Role as CE diff --git a/templates/interfaces/map/node.tag/rule/node.def b/templates/interfaces/map/node.tag/rule/node.def index e69de29..e583c09 100644 --- a/templates/interfaces/map/node.tag/rule/node.def +++ b/templates/interfaces/map/node.tag/rule/node.def @@ -0,0 +1,37 @@ +tag: + +type: u32 + +help: Rule number (1-9999) + +syntax:expression: $VAR(@) > 0 && $VAR(@) <= 9999; "MAP rule number must be between 1 and 9999" + +val_help: u32:1-9999; Rule number + +commit:expression: $VAR(./ipv6-prefix/) != "" ; \ + "Must configure the IPv6 rule prefix for rule $VAR(@)" +commit:expression: $VAR(./ipv4-prefix/) != "" ; \ + "Must configure the IPv4 rule prefix for rule $VAR(@)" +commit:expression: $VAR(./ea-length/) != "" ; \ + "Must configure the EA-bits length for rule $VAR(@)" + +create: + if [ -n "$VAR(./psid-prefix/@)" ] ; then + PP="psid-prefix $VAR(./psid-prefix/@)" + fi + if [ -n "$VAR(./forwarding-mode/@)" ] ; then + FM="forwarding-mode $VAR(./forwarding-mode/@)" + fi + if [ -n "$VAR(./forwarding-rule/@)" ] ; then + FR="forwarding-rule $VAR(./forwarding-rule/@)" + fi + if [ -n "$VAR(./psid-offset/@)" ] ; then + PO="psid-offset $VAR(./psid-offset/@)" + fi + ip map add-rule ipv6-prefix $VAR(./ipv6-prefix/@) ipv4-prefix $VAR(./ipv4-prefix/@) $PP ea-length $VAR(./ea-length/@) $FM $FR $PO dev $VAR(../@) + +delete: + if [ -n "$VAR(./psid-prefix/@)" ] ; then + PP="psid-prefix $VAR(./psid-prefix/@)" + fi + ip map del-rule ipv6-prefix $VAR(./ipv6-prefix/@) ipv4-prefix $VAR(./ipv4-prefix/@) $PP ea-length $VAR(./ea-length/@) dev $VAR(../@) diff --git a/templates/interfaces/map/node.tag/rule/node.tag/ea-length/node.def b/templates/interfaces/map/node.tag/rule/node.tag/ea-length/node.def index e69de29..d10b8a0 100644 --- a/templates/interfaces/map/node.tag/rule/node.tag/ea-length/node.def +++ b/templates/interfaces/map/node.tag/rule/node.tag/ea-length/node.def @@ -0,0 +1,6 @@ +type: u32 +help: EA-bits length [REQUIRED] +syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 48; "EA-bits length must be between 0 and 48" +create:expression: "true" +update:expression: "false" ; "EA-bits length can only be set at MAP rule creation for $VAR(../@)" +val_help: u32:0-48; EA-bits length diff --git a/templates/interfaces/map/node.tag/rule/node.tag/forwarding-mode/node.def b/templates/interfaces/map/node.tag/rule/node.tag/forwarding-mode/node.def index e69de29..d6ca01b 100644 --- a/templates/interfaces/map/node.tag/rule/node.tag/forwarding-mode/node.def +++ b/templates/interfaces/map/node.tag/rule/node.tag/forwarding-mode/node.def @@ -0,0 +1,8 @@ +type: txt +help: Forwarding mode of this rule +syntax:expression: $VAR(@) in "translation", "encapsulation"; "Must be (translation, encapsulation)" +allowed: echo translation encapsulation +create:expression: "true" +update:expression: "false" ; "Forwarding mode can only be set at MAP rule creation for $VAR(../@)" +val_help: translation; Translation mode +val_help: encapsulation; Encapsulation mode diff --git a/templates/interfaces/map/node.tag/rule/node.tag/forwarding-rule/node.def b/templates/interfaces/map/node.tag/rule/node.tag/forwarding-rule/node.def index e69de29..1b03977 100644 --- a/templates/interfaces/map/node.tag/rule/node.tag/forwarding-rule/node.def +++ b/templates/interfaces/map/node.tag/rule/node.tag/forwarding-rule/node.def @@ -0,0 +1,6 @@ +type: bool +help: Use or not this rule as forwarding rule +create:expression: "true" +update:expression: "false" ; "Forwarding rule can only be set at MAP rule creation for $VAR(../@)" +val_help: true; Use this rule as forwarding rule +val_help: false; Don't use this rule as forwarding rule diff --git a/templates/interfaces/map/node.tag/rule/node.tag/ipv4-prefix/node.def b/templates/interfaces/map/node.tag/rule/node.tag/ipv4-prefix/node.def index e69de29..7bc9d68 100644 --- a/templates/interfaces/map/node.tag/rule/node.tag/ipv4-prefix/node.def +++ b/templates/interfaces/map/node.tag/rule/node.tag/ipv4-prefix/node.def @@ -0,0 +1,5 @@ +type: ipv4net +help: IPv4 rule prefix [REQUIRED] +syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +create:expression: "true" +update:expression: "false" ; "IPv4 rule prefix can only be set at MAP rule creation for $VAR(../@)" diff --git a/templates/interfaces/map/node.tag/rule/node.tag/ipv6-prefix/node.def b/templates/interfaces/map/node.tag/rule/node.tag/ipv6-prefix/node.def index e69de29..f8a0115 100644 --- a/templates/interfaces/map/node.tag/rule/node.tag/ipv6-prefix/node.def +++ b/templates/interfaces/map/node.tag/rule/node.tag/ipv6-prefix/node.def @@ -0,0 +1,5 @@ +type: ipv6net +help: IPv6 rule prefix [REQUIRED] +syntax:expression: exec "${vyatta_sbindir}/check_prefix_boundary $VAR(@)" +create:expression: "true" +update:expression: "false" ; "IPv6 rule prefix can only be set at MAP rule creation for $VAR(../@)" diff --git a/templates/interfaces/map/node.tag/rule/node.tag/psid-offset/node.def b/templates/interfaces/map/node.tag/rule/node.tag/psid-offset/node.def index e69de29..a1d66a6 100644 --- a/templates/interfaces/map/node.tag/rule/node.tag/psid-offset/node.def +++ b/templates/interfaces/map/node.tag/rule/node.tag/psid-offset/node.def @@ -0,0 +1,6 @@ +type: u32 +help: PSID offset +syntax:expression: $VAR(@) >= 0 && $VAR(@) <= 16; "PSID offset must be between 0 and 16" +create:expression: "true" +update:expression: "false" ; "PSID offset can only be set at MAP rule creation for $VAR(../@)" +val_help: u32:0-16; PSID offset diff --git a/templates/interfaces/map/node.tag/rule/node.tag/psid-prefix/node.def b/templates/interfaces/map/node.tag/rule/node.tag/psid-prefix/node.def index e69de29..c0c603c 100644 --- a/templates/interfaces/map/node.tag/rule/node.tag/psid-prefix/node.def +++ b/templates/interfaces/map/node.tag/rule/node.tag/psid-prefix/node.def @@ -0,0 +1,5 @@ +type: txt +help: PSID prefix of this rule +syntax:expression: pattern $VAR(@) "^(0x)?[0-9a-fA-F]{1,4}/[0-9]+$"; "PSID prefix" +create:expression: "true" +update:expression: "false" ; "PSID prefix can only be set at MAP rule creation for $VAR(../@)" diff --git a/templates/interfaces/map/node.tag/tunnel-source/node.def b/templates/interfaces/map/node.tag/tunnel-source/node.def index e69de29..11e4aba 100644 --- a/templates/interfaces/map/node.tag/tunnel-source/node.def +++ b/templates/interfaces/map/node.tag/tunnel-source/node.def @@ -0,0 +1,13 @@ +type: txt +help: Ethernet interface name [REQUIRED if role == ce] +allowed: /opt/vyatta/sbin/vyatta-interfaces.pl --show=all +syntax:expression: pattern $VAR(@) "^(eth[0-9]+(\.[0-9]+)?|lo)$" \ + ; "interface $VAR(@): not a valid name" +syntax:expression: exec \ + "if [ ! -d /sys/class/net/$VAR(@) ]; then \ + echo \"interface $VAR(@): does not exist\"; + exit 1; \ + fi" +create:expression: "true" +update:expression: "false" ; "Tunnel source can only be set at MAP creation for $VAR(../@)" +val_help: [|]; Tunnel source interface name