PSARC 2017/034 Quaggaadm access disable
15760321 quaggaadm needs a way to disable the vty port.
15429631 quaggaadm -e closes the connection the first time it is executed
#!/bin/ksh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright (c) 2008, 2017, Oracle and/or its affiliates. All rights reserved.
#
# ident "@(#)quaggaadm 1.3 08/10/02 SMI"
daemons="zebra ripd ripngd ospfd ospf6d bgpd isisd"
function quaggaadm_usage
{
print - "Usage:\n" >&2
for H in ${daemons} ; do
print - "\t${1} [-e|-d] ${H}\t\tConnect to ${H} daemon" >&2
done
print - "\nThe -e flag enables the named daemon to accept ${1} connections and" >&2
print - "must be used on the first use of ${1} to connect to a particular daemon." >&2
print - "\nThe -d flag disables access to the named daemon." >&2
}
if [ ${#} -gt 2 ]
then
quaggaadm_usage ${0}
exit 1
fi
function vty_enable
{
restart=0;
/usr/bin/svcprop -p routing/vty_address ${1} \
| grep -- '[0-9a-zA-Z]' > /dev/null || \
/usr/sbin/routeadm -m ${1} vty_address="127.0.0.1" && \
restart=1
/usr/bin/svcprop -p routing/vty_port ${1}| grep 0 > /dev/null && \
/usr/sbin/routeadm -m ${1} vty_port=${2}
if [ $restart = "1" ]; then
/usr/sbin/svcadm restart -T 5 -s ${1}
fi
}
function vty_disable
{
restart=0;
/usr/bin/svcprop -p routing/vty_address ${1} \
| grep -- '[0-9a-zA-Z]' > /dev/null && \
/usr/sbin/routeadm -m ${1} vty_address="" && \
restart=1
/usr/bin/svcprop -p routing/vty_port ${1}| grep '^0$' > /dev/null || \
/usr/sbin/routeadm -m ${1} vty_port=0
if [ $restart = "1" ]; then
/usr/sbin/svcadm restart ${1}
fi
print Service access is now disabled.
}
ENABLE="no"
DISABLE="no"
if [ ${#} -gt 2 ] ; then
quaggaadm_usage ${0}
exit 1;
fi
if [ ${#} -eq 2 ] ; then
DAEMON=${2}
case ${1} in
-e) #enable
ENABLE="yes"
;;
-d) #disable
DISABLE="yes"
;;
*)
quaggaadm_usage ${0}
exit 1
;;
esac
elif [ ${#} -eq 1 ] ; then
DAEMON=${1}
fi
case ${DAEMON} in
zebra) # telnet to zebra daemon
PORT=2601
SVC="zebra:quagga"
;;
rip|ripd) # telnet to ripd daemon
PORT=2602
SVC="rip:quagga"
;;
ripng|ripngd) # telnet to ripngd daemon
PORT=2603
SVC="ripng:quagga"
;;
ospfd|ospf) # telnet to ospfd daemon
PORT=2604
SVC="ospf:quagga"
;;
bgp|bgpd) # telnet to bgpd daemon
PORT=2605
SVC="bgp:quagga"
;;
ospf6|ospf6d) # telnet to ospf6d daemon
PORT=2606
SVC="ospf6:quagga"
;;
isis|isisd) # telnet to isisd daemon
PORT=2608
SVC="isis:quagga"
;;
*)
# unknown daemon
print - "Unrecognized command: ${1}..." >&2
quaggaadm_usage ${0}
exit 1
;;
esac
if [ ${DISABLE} = "yes" ] ; then
vty_disable ${SVC} || exit 1
exit 0
fi
if [ ${ENABLE} = "yes" ] ; then
vty_enable ${SVC} ${PORT} || exit 1
fi
# Need to give the daemon time to initialize.
sleep 3
exec telnet 127.0.0.1 ${PORT}
exit 0