-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
kumvijaya
committed
Sep 26, 2024
1 parent
f0815f3
commit a950059
Showing
2,020 changed files
with
306,800 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,23 @@ | ||
| // Copyright (C) 2020-2021 VyOS maintainers and contributors | ||
| // | ||
| // This program is free software; you can redistribute it and/or modify | ||
| // in order to easy exprort images built to "external" world | ||
| // it under the terms of the GNU General Public License version 2 or later as | ||
| // published by the Free Software Foundation. | ||
| // | ||
| // This program is distributed in the hope that it will be useful, | ||
| // but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
| // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
| // GNU General Public License for more details. | ||
| // | ||
| // You should have received a copy of the GNU General Public License | ||
| // along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
| @NonCPS | ||
|
|
||
| // Using a version specifier library, use 'current' branch. The underscore (_) | ||
| // is not a typo! You need this underscore if the line immediately after the | ||
| // @Library annotation is not an import statement! | ||
| @Library('vyos-build@current')_ | ||
|
|
||
| // Start package build using library function from https://github.com/vyos/vyos-build | ||
| buildPackage(null, null, null, true) |
Large diffs are not rendered by default.
Oops, something went wrong.
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,123 @@ | ||
| TMPL_DIR := templates-cfg | ||
| OP_TMPL_DIR := templates-op | ||
| BUILD_DIR := build | ||
| DATA_DIR := data | ||
| SHIM_DIR := src/shim | ||
| LIBS := -lzmq | ||
| CFLAGS := | ||
| BUILD_ARCH := $(shell dpkg-architecture -q DEB_BUILD_ARCH) | ||
| J2LINT := $(shell command -v j2lint 2> /dev/null) | ||
| PYLINT_FILES := $(shell git ls-files *.py src/migration-scripts) | ||
|
|
||
| config_xml_src = $(wildcard interface-definitions/*.xml.in) | ||
| config_xml_obj = $(config_xml_src:.xml.in=.xml) | ||
| op_xml_src = $(wildcard op-mode-definitions/*.xml.in) | ||
| op_xml_obj = $(op_xml_src:.xml.in=.xml) | ||
|
|
||
| %.xml: %.xml.in | ||
| @echo Generating $(BUILD_DIR)/$@ from $< | ||
| mkdir -p $(BUILD_DIR)/$(dir $@) | ||
| $(CURDIR)/scripts/transclude-template $< > $(BUILD_DIR)/$@ | ||
|
|
||
| .PHONY: interface_definitions | ||
| .ONESHELL: | ||
| interface_definitions: $(config_xml_obj) | ||
| mkdir -p $(TMPL_DIR) | ||
|
|
||
| $(CURDIR)/scripts/override-default $(BUILD_DIR)/interface-definitions | ||
|
|
||
| find $(BUILD_DIR)/interface-definitions -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-templates {} $(CURDIR)/schema/interface_definition.rng $(TMPL_DIR) || exit 1 | ||
|
|
||
| $(CURDIR)/python/vyos/xml_ref/generate_cache.py --xml-dir $(BUILD_DIR)/interface-definitions || exit 1 | ||
|
|
||
| # XXX: delete top level node.def's that now live in other packages | ||
| # IPSec VPN EAP-RADIUS does not support source-address | ||
| rm -rf $(TMPL_DIR)/vpn/ipsec/remote-access/radius/source-address | ||
|
|
||
| # T2472 - EIGRP support | ||
| rm -rf $(TMPL_DIR)/protocols/eigrp | ||
| # T2773 - EIGRP support for VRF | ||
| rm -rf $(TMPL_DIR)/vrf/name/node.tag/protocols/eigrp | ||
|
|
||
| # XXX: test if there are empty node.def files - this is not allowed as these | ||
| # could mask help strings or mandatory priority statements | ||
| find $(TMPL_DIR) -name node.def -type f -empty -exec false {} + || sh -c 'echo "There are empty node.def files! Check your interface definitions." && exit 1' | ||
|
|
||
| ifeq ($(BUILD_ARCH),arm64) | ||
| # There is currently no telegraf support in VyOS for ARM64, remove CLI definitions | ||
| rm -rf $(TMPL_DIR)/service/monitoring/telegraf | ||
| endif | ||
|
|
||
| .PHONY: op_mode_definitions | ||
| .ONESHELL: | ||
| op_mode_definitions: $(op_xml_obj) | ||
| mkdir -p $(OP_TMPL_DIR) | ||
|
|
||
| find $(BUILD_DIR)/op-mode-definitions/ -type f -name "*.xml" | xargs -I {} $(CURDIR)/scripts/build-command-op-templates {} $(CURDIR)/schema/op-mode-definition.rng $(OP_TMPL_DIR) || exit 1 | ||
|
|
||
| $(CURDIR)/python/vyos/xml_ref/generate_op_cache.py --xml-dir $(BUILD_DIR)/op-mode-definitions || exit 1 | ||
|
|
||
| # XXX: tcpdump, ping, traceroute and mtr must be able to recursivly call themselves as the | ||
| # options are provided from the scripts themselves | ||
| ln -s ../node.tag $(OP_TMPL_DIR)/ping/node.tag/node.tag/ | ||
| ln -s ../node.tag $(OP_TMPL_DIR)/traceroute/node.tag/node.tag/ | ||
| ln -s ../node.tag $(OP_TMPL_DIR)/mtr/node.tag/node.tag/ | ||
| ln -s ../node.tag $(OP_TMPL_DIR)/monitor/traceroute/node.tag/node.tag/ | ||
| ln -s ../node.tag $(OP_TMPL_DIR)/monitor/traffic/interface/node.tag/node.tag/ | ||
| ln -s ../node.tag $(OP_TMPL_DIR)/execute/port-scan/host/node.tag/node.tag/ | ||
|
|
||
| # XXX: test if there are empty node.def files - this is not allowed as these | ||
| # could mask help strings or mandatory priority statements | ||
| find $(OP_TMPL_DIR) -name node.def -type f -empty -exec false {} + || sh -c 'echo "There are empty node.def files! Check your interface definitions." && exit 1' | ||
|
|
||
| .PHONY: vyshim | ||
| vyshim: | ||
| $(MAKE) -C $(SHIM_DIR) | ||
|
|
||
| .PHONY: all | ||
| all: clean interface_definitions op_mode_definitions test j2lint vyshim generate-configd-include-json | ||
|
|
||
| .PHONY: clean | ||
| clean: | ||
| rm -rf $(BUILD_DIR) | ||
| rm -rf $(TMPL_DIR) | ||
| rm -rf $(OP_TMPL_DIR) | ||
| $(MAKE) -C $(SHIM_DIR) clean | ||
|
|
||
| .PHONY: test | ||
| test: generate-configd-include-json | ||
| set -e; python3 -m compileall -q -x '/vmware-tools/scripts/, /ppp/' . | ||
| PYTHONPATH=python/ python3 -m "nose" --with-xunit src --with-coverage --cover-erase --cover-xml --cover-package src/conf_mode,src/op_mode,src/completion,src/helpers,src/validators,src/tests --verbose | ||
|
|
||
| .PHONY: check_migration_scripts_executable | ||
| .ONESHELL: | ||
| check_migration_scripts_executable: | ||
| @echo "Checking if migration scripts have executable bit set..." | ||
| find src/migration-scripts -type f -not -executable -print -exec false {} + || sh -c 'echo "Found files that are not executable! Add permissions." && exit 1' | ||
|
|
||
| .PHONY: j2lint | ||
| j2lint: | ||
| ifndef J2LINT | ||
| $(error "j2lint binary not found, consider installing: pip install git+https://github.com/aristanetworks/j2lint.git@341b5d5db86") | ||
| endif | ||
| $(J2LINT) data/ | ||
|
|
||
| .PHONY: sonar | ||
| sonar: | ||
| sonar-scanner -X -Dsonar.login=${SONAR_TOKEN} | ||
|
|
||
| .PHONY: unused-imports | ||
| unused-imports: | ||
| @pylint --disable=all --enable=W0611 $(PYLINT_FILES) | ||
|
|
||
| deb: | ||
| dpkg-buildpackage -uc -us -tc -b | ||
|
|
||
| .PHONY: generate-configd-include-json | ||
| generate-configd-include-json: | ||
| @scripts/generate-configd-include-json.py | ||
|
|
||
| .PHONY: schema | ||
| schema: | ||
| trang -I rnc -O rng schema/interface_definition.rnc schema/interface_definition.rng | ||
| trang -I rnc -O rng schema/op-mode-definition.rnc schema/op-mode-definition.rng |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| interfaces { | ||
| loopback lo { | ||
| } | ||
| } | ||
| service { | ||
| ntp { | ||
| allow-client { | ||
| address "127.0.0.0/8" | ||
| address "169.254.0.0/16" | ||
| address "10.0.0.0/8" | ||
| address "172.16.0.0/12" | ||
| address "192.168.0.0/16" | ||
| address "::1/128" | ||
| address "fe80::/10" | ||
| address "fc00::/7" | ||
| } | ||
| server time1.vyos.net { | ||
| } | ||
| server time2.vyos.net { | ||
| } | ||
| server time3.vyos.net { | ||
| } | ||
| } | ||
| } | ||
| system { | ||
| config-management { | ||
| commit-revisions "100" | ||
| } | ||
| console { | ||
| device ttyS0 { | ||
| speed "115200" | ||
| } | ||
| } | ||
| host-name "vyos" | ||
| login { | ||
| user vyos { | ||
| authentication { | ||
| encrypted-password "$6$QxPS.uk6mfo$9QBSo8u1FkH16gMyAVhus6fU3LOzvLR9Z9.82m3tiHFAxTtIkhaZSWssSgzt4v4dGAL8rhVQxTg0oAG9/q11h/" | ||
| plaintext-password "" | ||
| } | ||
| } | ||
| } | ||
| syslog { | ||
| global { | ||
| facility all { | ||
| level "info" | ||
| } | ||
| facility local7 { | ||
| level "debug" | ||
| } | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| # Autogenerated by firewall.py | ||
|
|
||
| # gloabl options | ||
| net.ipv4.icmp_echo_ignore_all = {{ 0 if global_options.all_ping == 'enable' else 1 }} | ||
| net.ipv4.icmp_echo_ignore_broadcasts = {{ 0 if global_options.broadcast_ping == 'enable' else 1 }} | ||
| net.ipv4.conf.all.bc_forwarding = {{ 1 if global_options.directed_broadcast == 'enable' else 0 }} | ||
| net.ipv4.conf.*.accept_source_route = {{ 1 if global_options.ip_src_route == 'enable' else 0 }} | ||
| net.ipv6.conf.*.accept_redirects = {{ 1 if global_options.ipv6_receive_redirects == 'enable' else 0 }} | ||
| net.ipv6.conf.*.accept_source_route = {{ 0 if global_options.ipv6_src_route == 'enable' else -1 }} | ||
| net.ipv4.conf.all.log_martians = {{ 1 if global_options.log_martians == 'enable' else 0 }} | ||
| net.ipv4.conf.*.accept_redirects = {{ 1 if global_options.receive_redirects == 'enable' else 0 }} | ||
| net.ipv4.conf.*.send_redirects = {{ 1 if global_options.send_redirects == 'enable' else 0 }} | ||
| net.ipv4.tcp_syncookies = {{ 1 if global_options.syn_cookies == 'enable' else 0 }} | ||
| net.ipv4.tcp_rfc1337 = {{ 1 if global_options.twa_hazards_protection == 'enable' else 0 }} | ||
|
|
||
| {% if global_options.apply_to_bridged_traffic is vyos_defined %} | ||
| net.bridge.bridge-nf-call-iptables = {{ 1 if global_options.apply_to_bridged_traffic.ipv4 is vyos_defined else 0 }} | ||
| net.bridge.bridge-nf-call-ip6tables = {{ 1 if global_options.apply_to_bridged_traffic.ipv6 is vyos_defined else 0 }} | ||
| {% else %} | ||
| net.bridge.bridge-nf-call-iptables = 0 | ||
| net.bridge.bridge-nf-call-ip6tables = 0 | ||
| {% endif %} | ||
|
|
||
| ## Timeout values: | ||
| net.netfilter.nf_conntrack_icmp_timeout = {{ global_options.timeout.icmp }} | ||
| net.netfilter.nf_conntrack_generic_timeout = {{ global_options.timeout.other }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_close_wait = {{ global_options.timeout.tcp.close_wait }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_close = {{ global_options.timeout.tcp.close }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_established = {{ global_options.timeout.tcp.established }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_fin_wait = {{ global_options.timeout.tcp.fin_wait }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_last_ack = {{ global_options.timeout.tcp.last_ack }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_syn_recv = {{ global_options.timeout.tcp.syn_recv }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_syn_sent = {{ global_options.timeout.tcp.syn_sent }} | ||
| net.netfilter.nf_conntrack_tcp_timeout_time_wait = {{ global_options.timeout.tcp.time_wait }} | ||
| net.netfilter.nf_conntrack_udp_timeout = {{ global_options.timeout.udp.other }} | ||
| net.netfilter.nf_conntrack_udp_timeout_stream = {{ global_options.timeout.udp.stream }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
| ! | ||
| {% for name, router_config in domain.items() %} | ||
| {% if router_config.interface is vyos_defined %} | ||
| {% for iface, iface_config in router_config.interface.items() %} | ||
| interface {{ iface }} | ||
| {% if iface_config.address_family.ipv4 is vyos_defined %} | ||
| ip router openfabric {{ name }} | ||
| {% endif %} | ||
| {% if iface_config.address_family.ipv6 is vyos_defined %} | ||
| ipv6 router openfabric {{ name }} | ||
| {% endif %} | ||
| {% if iface_config.csnp_interval is vyos_defined %} | ||
| openfabric csnp-interval {{ iface_config.csnp_interval }} | ||
| {% endif %} | ||
| {% if iface_config.hello_interval is vyos_defined %} | ||
| openfabric hello-interval {{ iface_config.hello_interval }} | ||
| {% endif %} | ||
| {% if iface_config.hello_multiplier is vyos_defined %} | ||
| openfabric hello-multiplier {{ iface_config.hello_multiplier }} | ||
| {% endif %} | ||
| {% if iface_config.metric is vyos_defined %} | ||
| openfabric metric {{ iface_config.metric }} | ||
| {% endif %} | ||
| {% if iface_config.passive is vyos_defined or iface == 'lo' %} | ||
| openfabric passive | ||
| {% endif %} | ||
| {% if iface_config.password.md5 is vyos_defined %} | ||
| openfabric password md5 {{ iface_config.password.md5 }} | ||
| {% elif iface_config.password.plaintext_password is vyos_defined %} | ||
| openfabric password clear {{ iface_config.password.plaintext_password }} | ||
| {% endif %} | ||
| {% if iface_config.psnp_interval is vyos_defined %} | ||
| openfabric psnp-interval {{ iface_config.psnp_interval }} | ||
| {% endif %} | ||
| exit | ||
| ! | ||
| {% endfor %} | ||
| {% endif %} | ||
| router openfabric {{ name }} | ||
| net {{ net }} | ||
| {% if router_config.domain_password.md5 is vyos_defined %} | ||
| domain-password md5 {{ router_config.domain_password.plaintext_password }} | ||
| {% elif router_config.domain_password.plaintext_password is vyos_defined %} | ||
| domain-password clear {{ router_config.domain_password.plaintext_password }} | ||
| {% endif %} | ||
| {% if router_config.log_adjacency_changes is vyos_defined %} | ||
| log-adjacency-changes | ||
| {% endif %} | ||
| {% if router_config.set_overload_bit is vyos_defined %} | ||
| set-overload-bit | ||
| {% endif %} | ||
| {% if router_config.purge_originator is vyos_defined %} | ||
| purge-originator | ||
| {% endif %} | ||
| {% if router_config.fabric_tier is vyos_defined %} | ||
| fabric-tier {{ router_config.fabric_tier }} | ||
| {% endif %} | ||
| {% if router_config.lsp_gen_interval is vyos_defined %} | ||
| lsp-gen-interval {{ router_config.lsp_gen_interval }} | ||
| {% endif %} | ||
| {% if router_config.lsp_refresh_interval is vyos_defined %} | ||
| lsp-refresh-interval {{ router_config.lsp_refresh_interval }} | ||
| {% endif %} | ||
| {% if router_config.max_lsp_lifetime is vyos_defined %} | ||
| max-lsp-lifetime {{ router_config.max_lsp_lifetime }} | ||
| {% endif %} | ||
| {% if router_config.spf_interval is vyos_defined %} | ||
| spf-interval {{ router_config.spf_interval }} | ||
| {% endif %} | ||
| exit | ||
| ! | ||
| {% endfor %} |
Oops, something went wrong.