[people/ms/network.git] / functions.ip

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

# A list of supported versions of the IP protocol
IP_SUPPORTED_PROTOCOLS=""

function ip_split_prefix() {
	local address=${1}
	assert isset address

	echo "${address%%/*}"
}

function ip_get_prefix() {
	local address=${1}
	assert isset address

	# Break if no prefix is provided
	[[ ${address} =~ \/ ]] || return ${EXIT_OK}

	echo "${address##*/}"
}

function ip_detect_protocol() {
	local address=${1}

	assert isset address

	local protocol
	for protocol in ${IP_SUPPORTED_PROTOCOLS}; do
		if ${protocol}_is_valid ${address}; then
			echo "${protocol}"
			return ${EXIT_OK}
		fi
	done

	log DEBUG "Protocol version of address '${address}' could not be detected."

	return ${EXIT_ERROR}
}

function ip_protocol_is_supported() {
	local proto=${1}

	assert isset proto

	listmatch ${proto} ${IP_SUPPORTED_PROTOCOLS}
}

function ip_address_add() {
	local device=${1}
	local address=${2}

	assert isset address
	assert device_exists ${device}

	local prefix=$(ip_get_prefix ${address})
	address=$(ip_split_prefix ${address})

	assert isset prefix

	# Detect the protocol version
	local protocol=$(ip_detect_protocol ${address}/${prefix})
	assert ip_protocol_is_supported ${protocol}

	case "${protocol}" in
		ipv4)
			if ipv4_detect_duplicate ${device} ${address}; then
				error_log "Duplicate address detected on zone '${device}' (${address})."
				error_log "Cannot continue."
				return ${EXIT_ERROR}
			fi
			;;
	esac

	if ! device_has_ip ${device} ${address}/${prefix}; then
		assert ip addr add ${address}/${prefix} dev ${device}

		log DEBUG "IP address '${address}' (${protocol}) was successfully configured on device '${device}'."

		case "${protocol}" in
			ipv4)
				# Announce our new address to the neighbours
				ipv4_update_neighbours ${device} ${address}
				;;
		esac
	else
		log DEBUG "IP address '${address}' (${protocol}) was already configured on device '${device}'."
	fi

	return ${EXIT_OK}
}

function ip_address_del() {
	local device=${1}
	local address=${2}

	assert isset address
	assert device_exists ${device}

	local prefix=$(ip_get_prefix ${address})
	address=$(ip_split_prefix ${address})

	assert isset prefix

	# Detect the protocol version
	local protocol=$(ip_detect_protocol ${address}/${prefix})
	assert ip_protocol_is_supported ${protocol}

	if device_has_ip ${device} ${address}/${prefix}; then
		assert ip addr del ${address}/${prefix} dev ${device}

		log DEBUG "IP address '${address}' (${protocol}) was successfully removed from device '${device}'."
	else
		log DEBUG "IP address '${address}' (${protocol}) was not configured on device '${device}'."
	fi

	return ${EXIT_OK}
}
Commit	Line	Data
2b5c311d MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
e617226b MT	22	# A list of supported versions of the IP protocol
	23	IP_SUPPORTED_PROTOCOLS=""
	24
2b5c311d MT	25	function ip_split_prefix() {
2b5c311d MT	26	local address=${1}
2b5c311d MT	27	assert isset address
	28
	29	echo "${address%%/*}"
	30	}
	31
	32	function ip_get_prefix() {
	33	local address=${1}
2b5c311d MT	34	assert isset address
2b5c311d MT	35
38f61548 MT	36	# Break if no prefix is provided
	37	[[ ${address} =~ \/ ]] \|\| return ${EXIT_OK}
	38
2b5c311d MT	39	echo "${address##*/}"
	40	}
	41
	42	function ip_detect_protocol() {
	43	local address=${1}
	44
	45	assert isset address
	46
	47	local protocol
e617226b	48	for protocol in ${IP_SUPPORTED_PROTOCOLS}; do
2b5c311d MT	49	if ${protocol}_is_valid ${address}; then
	50	echo "${protocol}"
	51	return ${EXIT_OK}
	52	fi
	53	done
	54
38f61548 MT	55	log DEBUG "Protocol version of address '${address}' could not be detected."
38f61548 MT	56
2b5c311d MT	57	return ${EXIT_ERROR}
2b5c311d MT	58	}
e617226b MT	59
	60	function ip_protocol_is_supported() {
	61	local proto=${1}
	62
	63	assert isset proto
	64
	65	listmatch ${proto} ${IP_SUPPORTED_PROTOCOLS}
	66	}
38f61548 MT	67
	68	function ip_address_add() {
	69	local device=${1}
	70	local address=${2}
	71
	72	assert isset address
	73	assert device_exists ${device}
	74
	75	local prefix=$(ip_get_prefix ${address})
	76	address=$(ip_split_prefix ${address})
	77
	78	assert isset prefix
	79
	80	# Detect the protocol version
	81	local protocol=$(ip_detect_protocol ${address}/${prefix})
	82	assert ip_protocol_is_supported ${protocol}
	83
	84	case "${protocol}" in
	85	ipv4)
	86	if ipv4_detect_duplicate ${device} ${address}; then
	87	error_log "Duplicate address detected on zone '${device}' (${address})."
	88	error_log "Cannot continue."
	89	return ${EXIT_ERROR}
	90	fi
	91	;;
	92	esac
	93
	94	if ! device_has_ip ${device} ${address}/${prefix}; then
	95	assert ip addr add ${address}/${prefix} dev ${device}
	96
	97	log DEBUG "IP address '${address}' (${protocol}) was successfully configured on device '${device}'."
	98
	99	case "${protocol}" in
	100	ipv4)
	101	# Announce our new address to the neighbours
	102	ipv4_update_neighbours ${device} ${address}
	103	;;
	104	esac
	105	else
	106	log DEBUG "IP address '${address}' (${protocol}) was already configured on device '${device}'."
	107	fi
	108
	109	return ${EXIT_OK}
	110	}
	111
	112	function ip_address_del() {
	113	local device=${1}
	114	local address=${2}
	115
	116	assert isset address
	117	assert device_exists ${device}
	118
	119	local prefix=$(ip_get_prefix ${address})
	120	address=$(ip_split_prefix ${address})
	121
	122	assert isset prefix
	123
	124	# Detect the protocol version
	125	local protocol=$(ip_detect_protocol ${address}/${prefix})
	126	assert ip_protocol_is_supported ${protocol}
	127
	128	if device_has_ip ${device} ${address}/${prefix}; then
	129	assert ip addr del ${address}/${prefix} dev ${device}
	130
131	log DEBUG "IP address '${address}' (${protocol}) was successfully removed from device '${device}'."
132	else
133	log DEBUG "IP address '${address}' (${protocol}) was not configured on device '${device}'."
134	fi
135
136	return ${EXIT_OK}
137	}