-
Notifications
You must be signed in to change notification settings - Fork 345
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
T6928: Support for custom interface type or custom config node #4224
Closed
Closed
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
<!-- include start from constraint/interface-name.xml.i --> | ||
<regex>(bond|br|dum|en|ersp|eth|gnv|ifb|ipoe|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|sstpc|tun|veth|vti|vtun|vxlan|wg|wlan|wwan)[0-9]+(.\d+)?|lo</regex> | ||
<regex>(bond|br|dum|en|ersp|eth|gnv|ifb|ipoe|lan|l2tp|l2tpeth|macsec|peth|ppp|pppoe|pptp|sstp|sstpc|tun|utun|veth|vti|vtun|vxlan|wg|wlan|wwan)[0-9]+(.\d+)?|lo</regex> | ||
<validator name="file-path --lookup-path /sys/class/net --directory"/> | ||
<!-- include end --> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
<?xml version="1.0"?> | ||
<interfaceDefinition> | ||
<node name="interfaces"> | ||
<children> | ||
<tagNode name="utunnel" owner="${vyos_conf_scripts_dir}/interfaces_custom_tunnel.py"> | ||
<properties> | ||
<help>Tunnel interface</help> | ||
<priority>400</priority> | ||
<constraint> | ||
<regex>utun[0-9]+</regex> | ||
</constraint> | ||
<constraintErrorMessage>tunnel interface must be named utunN</constraintErrorMessage> | ||
<valueHelp> | ||
<format>utunN</format> | ||
<description>Tunnel interface name</description> | ||
</valueHelp> | ||
</properties> | ||
<children> | ||
#include <include/generic-description.xml.i> | ||
#include <include/interface/address-ipv4-ipv6.xml.i> | ||
#include <include/interface/disable.xml.i> | ||
|
||
<leafNode name="manage-type"> | ||
<properties> | ||
<help>Manage type</help> | ||
<completionHelp> | ||
<list>external</list> | ||
</completionHelp> | ||
<valueHelp> | ||
<format>external</format> | ||
<description>Controlled by external program</description> | ||
</valueHelp> | ||
<constraint> | ||
<regex>(external)</regex> | ||
</constraint> | ||
</properties> | ||
</leafNode> | ||
|
||
<leafNode name="tunnel-type"> | ||
<properties> | ||
<help>Tunnel type</help> | ||
<completionHelp> | ||
<script>${vyos_completion_dir}/list_utunnel_types.py</script> | ||
</completionHelp> | ||
<constraint> | ||
<regex>.{0,255}</regex> | ||
</constraint> | ||
<constraintErrorMessage>Tunnel type too long (limit 255 characters)</constraintErrorMessage> | ||
</properties> | ||
</leafNode> | ||
|
||
</children> | ||
</tagNode> | ||
</children> | ||
</node> | ||
</interfaceDefinition> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
<?xml version="1.0"?> | ||
<interfaceDefinition> | ||
<node name="restart"> | ||
<children> | ||
<tagNode name="utunnel"> | ||
<properties> | ||
<help>Restart a custom tunnel backend service</help> | ||
<completionHelp> | ||
<path>interfaces utunnel</path> | ||
</completionHelp> | ||
</properties> | ||
<command>sudo ${vyos_op_scripts_dir}/utunnel.py restart --interface="$3"</command> | ||
</tagNode> | ||
</children> | ||
</node> | ||
</interfaceDefinition> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<?xml version="1.0"?> | ||
<interfaceDefinition> | ||
<node name="show"> | ||
<children> | ||
<node name="interfaces"> | ||
<children> | ||
<tagNode name="utunnel"> | ||
<properties> | ||
<help>Show specified custom tunnel interface information</help> | ||
<completionHelp> | ||
<path>interfaces utunnel</path> | ||
</completionHelp> | ||
</properties> | ||
<command>${vyos_op_scripts_dir}/utunnel.py show_status --interface="$4" </command> | ||
</tagNode> | ||
</children> | ||
</node> | ||
</children> | ||
</node> | ||
</interfaceDefinition> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,122 @@ | ||
# Copyright 2019-2021 VyOS maintainers and contributors <[email protected]> | ||
# | ||
# This library is free software; you can redistribute it and/or | ||
# modify it under the terms of the GNU Lesser General Public | ||
# License as published by the Free Software Foundation; either | ||
# version 2.1 of the License, or (at your option) any later version. | ||
# | ||
# This library is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
# Lesser General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU Lesser General Public | ||
# License along with this library. If not, see <http://www.gnu.org/licenses/>. | ||
import glob | ||
import os | ||
from pathlib import Path | ||
import yaml | ||
|
||
from vyos.ifconfig import Interface | ||
from vyos.ifconfig import Operational | ||
|
||
utunnel_config_directory = '/config/utunnels/' | ||
|
||
|
||
def get_utunnel_config(tunnel_type): | ||
config_file = os.path.join(utunnel_config_directory, '{}.yaml'.format(tunnel_type)) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Instead of hardcoding some |
||
|
||
config = {} | ||
if os.path.exists(config_file): | ||
config = yaml.safe_load(open(config_file)) | ||
|
||
defaults = { | ||
'scripts': { | ||
'start': '', | ||
'stop': '', | ||
'update': '', | ||
'status': '', | ||
}, | ||
} | ||
defaults.update(config) | ||
|
||
return defaults | ||
|
||
|
||
def get_custom_tunnel_types() -> list[str]: | ||
pattern = os.path.join(utunnel_config_directory, '*.yaml') | ||
|
||
types = [] | ||
for file_path in glob.glob(pattern): | ||
basename = Path(file_path).stem | ||
types.append(basename) | ||
|
||
return sorted(types) | ||
|
||
|
||
class CustomTunnelOperational(Operational): | ||
|
||
def get_tunnel_type(self): | ||
from vyos.config import Config | ||
|
||
c = Config() | ||
return c.return_effective_value(['interfaces', 'utunnel', self.config['ifname'], 'tunnel-type']) | ||
|
||
def start(self): | ||
config = get_utunnel_config(self.get_tunnel_type()) | ||
if config['scripts']['start']: | ||
self._cmd(config['scripts']['start'].replace('{device}', self.ifname)) | ||
|
||
def stop(self): | ||
config = get_utunnel_config(self.get_tunnel_type()) | ||
if config['scripts']['stop']: | ||
self._cmd(config['scripts']['stop'].replace('{device}', self.ifname)) | ||
|
||
def restart(self): | ||
self.stop() | ||
self.start() | ||
|
||
def update(self): | ||
config = get_utunnel_config(self.get_tunnel_type()) | ||
if config['scripts']['update']: | ||
self._cmd(config['scripts']['update'].replace('{device}', self.ifname)) | ||
|
||
def show_status(self): | ||
config = get_utunnel_config(self.get_tunnel_type()) | ||
if config['scripts']['status']: | ||
print(self._cmd(config['scripts']['status'].replace('{device}', self.ifname))) | ||
|
||
|
||
@Interface.register | ||
class CustomTunnelIf(Interface): | ||
""" | ||
A dummy interface for custom tunnels | ||
""" | ||
|
||
OperationalClass = CustomTunnelOperational | ||
|
||
iftype = 'utunnel' | ||
definition = { | ||
**Interface.definition, | ||
**{ | ||
'section': 'utunnel', | ||
'prefixes': ['utun', ], | ||
'eternal': 'utun[0-9]+$', | ||
}, | ||
} | ||
|
||
def _create(self): | ||
# don't create this interface as it is managed outside | ||
pass | ||
|
||
def _delete(self): | ||
# don't create this interface as it is managed outside | ||
pass | ||
|
||
def get_mac(self): | ||
""" Get a synthetic MAC address. """ | ||
return self.get_mac_synthetic() | ||
|
||
def update(self, config): | ||
# don't perform any update | ||
pass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
#!/usr/bin/env python3 | ||
# | ||
# Copyright (C) 2023 VyOS maintainers and contributors | ||
# | ||
# This program is free software; you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License version 2 or later as | ||
# published by the Free Software Foundation. | ||
# | ||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
|
||
import argparse | ||
import glob | ||
import os | ||
import sys | ||
from pathlib import Path | ||
|
||
directory = '/config/utunnels/' | ||
pattern = os.path.join(directory, '*.yaml') | ||
|
||
parser = argparse.ArgumentParser(description='list available custom tunnel types') | ||
|
||
|
||
def get_custom_tunnel_types() -> list[str]: | ||
types = [] | ||
for file_path in glob.glob(pattern): | ||
basename = Path(file_path).stem | ||
types.append(basename) | ||
|
||
return sorted(types) | ||
|
||
|
||
if __name__ == '__main__': | ||
args = parser.parse_args() | ||
print("\n".join(get_custom_tunnel_types())) | ||
sys.exit(0) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,96 @@ | ||
#!/usr/bin/env python3 | ||
# | ||
# Copyright (C) 2018-2024 yOS maintainers and contributors | ||
# | ||
# This program is free software; you can redistribute it and/or modify | ||
# it under the terms of the GNU General Public License version 2 or later as | ||
# published by the Free Software Foundation. | ||
# | ||
# This program is distributed in the hope that it will be useful, | ||
# but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
# GNU General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU General Public License | ||
# along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
|
||
from sys import exit | ||
|
||
from vyos.config import Config | ||
from vyos.configdict import get_interface_dict | ||
from vyos.configdict import is_node_changed | ||
from vyos.configverify import verify_address | ||
from vyos.ifconfig import Interface | ||
from vyos.ifconfig import CustomTunnelIf | ||
from vyos.utils.dict import dict_search | ||
from vyos.utils.network import get_interface_config | ||
from vyos.utils.network import interface_exists | ||
from vyos import ConfigError | ||
from vyos import airbag | ||
airbag.enable() | ||
|
||
|
||
def get_config(config=None): | ||
""" | ||
Retrive CLI config as dictionary. Dictionary can never be empty, as at least | ||
the interface name will be added or a deleted flag | ||
""" | ||
if config: | ||
conf = config | ||
else: | ||
conf = Config() | ||
base = ['interfaces', 'utunnel'] | ||
ifname, utunnel = get_interface_dict(conf, base) | ||
|
||
return utunnel | ||
|
||
|
||
def verify(utunnel): | ||
if 'deleted' in utunnel: | ||
return None | ||
|
||
verify_address(utunnel) | ||
|
||
# todo: if tunnel_type has no related yaml definitions, throws a warning | ||
|
||
return None | ||
|
||
|
||
def generate(utunnel): | ||
return None | ||
|
||
|
||
def apply(utunnel): | ||
interface = utunnel['ifname'] | ||
|
||
intf = CustomTunnelIf(**utunnel) | ||
|
||
if 'disable' in utunnel or 'deleted' in utunnel: | ||
# WireGuard only supports peer removal based on the configured public-key, | ||
# by deleting the entire interface this is the shortcut instead of parsing | ||
# out all peers and removing them one by one. | ||
# | ||
# Peer reconfiguration will always come with a short downtime while the | ||
# WireGuard interface is recreated (see below) | ||
|
||
# call stop script | ||
intf.operational.stop() | ||
return None | ||
|
||
# for custom tunnels, if manage-type is external, nothing need to be done. | ||
# tun.update(utunnel) | ||
# Users should manage external programs by systemd | ||
# intf.operational.start() | ||
|
||
return None | ||
|
||
|
||
if __name__ == '__main__': | ||
try: | ||
c = get_config() | ||
generate(c) | ||
verify(c) | ||
apply(c) | ||
except ConfigError as e: | ||
print(e) | ||
exit(1) |
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you share an example of CLI ?
I didn't get how does It looks like. Part of config you do from CLI, another part from some hardcoded path from .yml