Vyatta::Config

Vyatta::Config (/opt/vyatta/share/perl5/Vyatta/Config.pm) is a Perl API library for working with Vyatta configuration.

= Using the Library = use lib '/opt/vyatta/share/perl5'; use Vyatta::Config; $config = new Vyatta::Config;

= Definitions = Active config is config, currently used by system.

Working config is config we are making during configuration session.

Effective config
The definition of "effective" is different under these two scenarios.


 * 1) When used outside a config session, "effective" == "active". In other words, in such cases the effective config is the same as the running config.
 * 2) When used during a config session, a config path (leading to either a "node" or a "value") is "effective" if ANY of the following is true.
 * active && working Path is in both active and working configs, i.e., unchanged.
 * !active && working && committed Path is not in active, has been set in working, AND has already been committed, i.e., "commit" has successfully processed the addition/update of the path.
 * active && !working && !committed Path is in active, has been deleted from working, AND has not been committed yet, i.e., "commit" (per priority) has not processed the deletion of the path yet, or it has been processed but failed.

Note: during commit, deactivate has the same effect as delete. So in such cases, as far as these functions are concerned, deactivated nodes don't exist.

= Method reference =

Currently API has the following methods:

Usage example
Background: Your helpdesk guys ask you to make a spreadsheet with remote-access PPTP VPN user information and keep it up to date. Of course you do not want to copy and paste this information by hand.

All spreadsheet software supports import from CSV, so the only thing we need to do is to extract values from config and print then as comma separated lines, passwords enclosed into double quotes for the case they contain a comma and add some header. Like this: user,password,address,is_disabled johnsmith,"this,isapass",192.0.2.41,no

Here we go:
 * 1) !/usr/bin/perl

use strict; use lib "/opt/vyatta/share/perl5/"; use Vyatta::Config;
 * 1) using the Vyatta perl API

my $proto = "pptp"; my $delimiter = ","; my $header = "user,password,address,disabled\r\n";
 * 1) Settings
 * 1) CSV RFC4180 requires to use CRLF (\r\n) as line break

my $config = new Vyatta::Config;
 * 1) Create a config instance

$config->setLevel("vpn pptp remote-access authentication local-users username");
 * 1) Set default config level, this allows to use relative paths

my @users = $config->listNodes;
 * 1) Obtain array of user names

print $header;
 * 1) Print file header

foreach my $user (@users) { # Since we set config level to "vpn pptp remote-access authentication local-users username" # we now can specify only the remaining part as methods argument, # it will be appended to the path we used in setLevel my $password = $config->returnValue("$user password"); my $address = $config->returnValue("$user static-ip"); #"disable" is a leaf node with no value, so we should check # if it exists instead of obtaining its value my $disabled = $config->exists("$user disable") ? "yes" : "no";
 * 1) Now walk through the user names, obtain values and print them

# It's not prohibited to use "," in passwords, # so we should enclose them into quotes to prevent # the parser from treating them as delimiters $password = "\"$password\"";

my $line = join($delimiter, $user, $password, $address, $disabled); print "$line\r\n"; }

Check it works: vyatta@R1# show vpn pptp remote-access authentication local-users username joerandomuser { disable password qwerrty static-ip 10.91.17.105 } username johnsmith { password this,isapass }

vyatta@R1# perl ./pptpusers.pl user,password,address,disabled joerandomuser,"qwerrty",10.91.17.105,yes johnsmith,"this,isapass",,no