[people/ms/network.git] / functions.ppp

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

PPP_SUPPORTED_AUTH_METHODS="chap pap"

function pppd_start() {
	local interface=${1}
	assert isset interface

	service_start "pppd@${interface}"
}

function pppd_stop() {
	local interface=${1}
	assert isset interface

	service_stop "pppd@${interface}"
}

function pppd_status() {
	local interface=${1}
	assert isset interface

	service_status "pppd@${interface}"
}

function ppp_common_ip_pre_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	routing_db_from_ppp ${zone} ipv4

	# Request firewall reload
	event_emit firewall-reload

	return ${EXIT_OK}
}

function ppp_common_ip_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	routing_db_set ${zone} ipv4 active 1
	routing_update ${zone} ipv4

	# Emit interface-up event
	event_interface_up ${zone}

	return ${EXIT_OK}
}

function ppp_common_ip_down() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Remove the information about this zone from the routing database
	# and update the routing table.
	routing_db_remove ${zone} ipv4
	routing_update ${zone} ipv4

	# Save accounting information
	ppp_accounting ${zone}

	# Emit interface-up event
	event_interface_down ${zone}

	return ${EXIT_OK}
}

function ppp_common_ipv6_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Add information about this zone to the routing database.
	routing_db_from_ppp ${zone} ipv6

	routing_db_set ${zone} ipv6 active 1
	routing_update ${zone} ipv6

	# Emit interface-up event
	event_interface_up ${zone}

	return ${EXIT_OK}
}

function ppp_common_ipv6_down() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Remove the information about this zone from the routing database
	# and update the routing table.
	routing_db_remove ${zone} ipv6
	routing_update ${zone} ipv6

	# Save accounting information
	ppp_accounting ${zone}

	# Emit interface-up event
	event_interface_down ${zone}

	return ${EXIT_OK}
}

function ppp_secret() {
	local USER=${1}
	local SECRET=${2}
	local a
	local secret
	local user

	# Updateing secret file
	> ${PPP_SECRETS}.tmp
	while read user a secret; do
		if [ "'${USER}'" != "${user}" ]; then
			echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
		fi
	done < ${PPP_SECRETS}
	echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
	cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
	rm -f ${PPP_SECRETS}.tmp
}

function ppp_accounting() {
	local zone=${1}
	shift

	db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
		--rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
}

function pppd_exec() {
	log DEBUG "Running pppd with parameters '$@'."

	pppd $@ > /dev/null
}

function pppd_write_config() {
	local file=${1}; shift
	assert isset file

	local auth
	local interface
	local linkname
	local mtu mru
	local plugin plugin_options
	local user

	while [ $# -gt 0 ]; do
		case "${1}" in
			--auth=*)
				auth=$(cli_get_val ${1})
				;;
			# The name of the created ppp interface.
			--interface=*)
				interface=$(cli_get_val ${1})
				;;
			# Maximum Transmission Unit
			--mtu=*)
				mtu=$(cli_get_val ${1})
				;;
			# Maximum Receive Unit
			--mru=*)
				mru=$(cli_get_val ${1})
				;;
			--plugin=*)
				plugin=$(cli_get_val ${1})
				;;
			--plugin-options=*)
				plugin_options=$(cli_get_val ${1})
				;;
			--user=*)
				user=$(cli_get_val ${1})
				;;
			*)
				log WARNING "Unhandled argument: ${1}"
				;;
		esac
		shift
	done

	if [ -z "${interface}" ]; then
		log ERROR "You need to set the interface name: ${interface}"
		return ${EXIT_ERROR}
	fi
	linkname=${interface}

	if isset auth; then
		if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
			log ERROR "Unsupported auth method: ${auth}"
			return ${EXIT_ERROR}
		fi
	fi

	# Write the configuration header.
	mkdir -p $(dirname ${file}) 2>/dev/null
	config_header "PPP daemon configuration file" > ${file}

	# At first, set the name of the link.
	print "name ${linkname}\nlinkname ${linkname}\n" >> ${file}

	# Configure the interface name.
	print "# Interface name\nifname ${interface}\n" >> ${file}

	# Plugin settings
	if isset plugin; then
		(
			print "# Plugin settings"
			print "plugin ${plugin} ${plugin_options}"
			print
		) >> ${file}
	fi

	# User authentication
	if isset user; then
		(
			print "# User authentication"
			print "user ${user}"

			print "noauth"
			if isset auth; then
				print "require-${auth}"
			fi
			print
		) >> ${file}
	fi

	# MTU/MRU settings
	if isset mtu; then
		isset mru || mru=${mtu}

		(
			print "# MTU/MRU settings"
			print "mtu ${mtu}"
			print "mru ${mru}"
			print
		) >> ${file}
	fi

	# Add the default settings.
	(
		print "# Disable the compression"
		print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"

		print "noipdefault nodetach debug"
	) >> ${file}

	return ${EXIT_OK}
}
Commit	Line	Data
5b20e43a MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
1848564d	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
5b20e43a MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
97cb552e MT	22	PPP_SUPPORTED_AUTH_METHODS="chap pap"
	23
	24	function pppd_start() {
	25	local interface=${1}
	26	assert isset interface
	27
	28	service_start "pppd@${interface}"
	29	}
	30
	31	function pppd_stop() {
	32	local interface=${1}
	33	assert isset interface
	34
	35	service_stop "pppd@${interface}"
	36	}
	37
	38	function pppd_status() {
	39	local interface=${1}
	40	assert isset interface
	41
	42	service_status "pppd@${interface}"
	43	}
	44
c7ad7801 MT	45	function ppp_common_ip_pre_up() {
	46	local zone=${1}
	47	shift
	48
	49	if ! zone_exists ${zone}; then
	50	error "Zone '${zone}' does not exist."
	51	return ${EXIT_ERROR}
	52	fi
	53
2c973348	54	routing_db_from_ppp ${zone} ipv4
ff8ec5ef	55
c7ad7801	56	# Request firewall reload
98146c00	57	event_emit firewall-reload
c7ad7801 MT	58
	59	return ${EXIT_OK}
	60	}
	61
	62	function ppp_common_ip_up() {
	63	local zone=${1}
	64	shift
	65
	66	if ! zone_exists ${zone}; then
	67	error "Zone '${zone}' does not exist."
	68	return ${EXIT_ERROR}
	69	fi
	70
2c973348 MT	71	routing_db_set ${zone} ipv4 active 1
2c973348 MT	72	routing_update ${zone} ipv4
ff8ec5ef	73
c7ad7801 MT	74	# Emit interface-up event
	75	event_interface_up ${zone}
	76
	77	return ${EXIT_OK}
	78	}
	79
	80	function ppp_common_ip_down() {
	81	local zone=${1}
	82	shift
	83
	84	if ! zone_exists ${zone}; then
	85	error "Zone '${zone}' does not exist."
	86	return ${EXIT_ERROR}
	87	fi
	88
201b7dff MT	89	# Remove the information about this zone from the routing database
	90	# and update the routing table.
	91	routing_db_remove ${zone} ipv4
	92	routing_update ${zone} ipv4
	93
	94	# Save accounting information
	95	ppp_accounting ${zone}
	96
	97	# Emit interface-up event
	98	event_interface_down ${zone}
	99
	100	return ${EXIT_OK}
	101	}
	102
	103	function ppp_common_ipv6_up() {
	104	local zone=${1}
	105	shift
	106
	107	if ! zone_exists ${zone}; then
	108	error "Zone '${zone}' does not exist."
	109	return ${EXIT_ERROR}
	110	fi
	111
	112	# Add information about this zone to the routing database.
	113	routing_db_from_ppp ${zone} ipv6
	114
	115	routing_db_set ${zone} ipv6 active 1
	116	routing_update ${zone} ipv6
	117
	118	# Emit interface-up event
	119	event_interface_up ${zone}
	120
	121	return ${EXIT_OK}
	122	}
	123
	124	function ppp_common_ipv6_down() {
	125	local zone=${1}
	126	shift
	127
	128	if ! zone_exists ${zone}; then
	129	error "Zone '${zone}' does not exist."
	130	return ${EXIT_ERROR}
	131	fi
	132
	133	# Remove the information about this zone from the routing database
	134	# and update the routing table.
	135	routing_db_remove ${zone} ipv6
	136	routing_update ${zone} ipv6
	137
059469a8 MT	138	# Save accounting information
	139	ppp_accounting ${zone}
	140
c7ad7801 MT	141	# Emit interface-up event
	142	event_interface_down ${zone}
	143
	144	return ${EXIT_OK}
	145	}
	146
5b20e43a MT	147	function ppp_secret() {
	148	local USER=${1}
	149	local SECRET=${2}
	150	local a
	151	local secret
	152	local user
	153
	154	# Updateing secret file
	155	> ${PPP_SECRETS}.tmp
	156	while read user a secret; do
	157	if [ "'${USER}'" != "${user}" ]; then
	158	echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
	159	fi
	160	done < ${PPP_SECRETS}
	161	echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
	162	cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
	163	rm -f ${PPP_SECRETS}.tmp
	164	}
	165
059469a8 MT	166	function ppp_accounting() {
	167	local zone=${1}
	168	shift
5b20e43a	169
059469a8 MT	170	db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
059469a8 MT	171	--rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
5b20e43a	172	}
711ffac1 MT	173
711ffac1 MT	174	function pppd_exec() {
711ffac1 MT	175	log DEBUG "Running pppd with parameters '$@'."
	176
	177	pppd $@ > /dev/null
	178	}
97cb552e MT	179
	180	function pppd_write_config() {
	181	local file=${1}; shift
	182	assert isset file
	183
	184	local auth
	185	local interface
	186	local linkname
	187	local mtu mru
	188	local plugin plugin_options
	189	local user
	190
	191	while [ $# -gt 0 ]; do
	192	case "${1}" in
	193	--auth=*)
	194	auth=$(cli_get_val ${1})
	195	;;
	196	# The name of the created ppp interface.
	197	--interface=*)
	198	interface=$(cli_get_val ${1})
	199	;;
	200	# Maximum Transmission Unit
	201	--mtu=*)
	202	mtu=$(cli_get_val ${1})
	203	;;
	204	# Maximum Receive Unit
	205	--mru=*)
	206	mru=$(cli_get_val ${1})
	207	;;
	208	--plugin=*)
	209	plugin=$(cli_get_val ${1})
	210	;;
	211	--plugin-options=*)
	212	plugin_options=$(cli_get_val ${1})
	213	;;
	214	--user=*)
	215	user=$(cli_get_val ${1})
	216	;;
	217	*)
	218	log WARNING "Unhandled argument: ${1}"
	219	;;
	220	esac
	221	shift
	222	done
	223
	224	if [ -z "${interface}" ]; then
	225	log ERROR "You need to set the interface name: ${interface}"
	226	return ${EXIT_ERROR}
	227	fi
	228	linkname=${interface}
	229
	230	if isset auth; then
	231	if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
	232	log ERROR "Unsupported auth method: ${auth}"
	233	return ${EXIT_ERROR}
	234	fi
	235	fi
	236
	237	# Write the configuration header.
	238	mkdir -p $(dirname ${file}) 2>/dev/null
	239	config_header "PPP daemon configuration file" > ${file}
	240
	241	# At first, set the name of the link.
	242	print "name ${linkname}\nlinkname ${linkname}\n" >> ${file}
243
244	# Configure the interface name.
245	print "# Interface name\nifname ${interface}\n" >> ${file}
246
247	# Plugin settings
248	if isset plugin; then
249	(
250	print "# Plugin settings"
251	print "plugin ${plugin} ${plugin_options}"
252	print
253	) >> ${file}
254	fi
255
256	# User authentication
257	if isset user; then
258	(
259	print "# User authentication"
260	print "user ${user}"
261
262	print "noauth"
263	if isset auth; then
264	print "require-${auth}"
265	fi
266	print
267	) >> ${file}
268	fi
269
270	# MTU/MRU settings
271	if isset mtu; then
272	isset mru \|\| mru=${mtu}
273
274	(
275	print "# MTU/MRU settings"
276	print "mtu ${mtu}"
277	print "mru ${mru}"
278	print
279	) >> ${file}
280	fi
281
282	# Add the default settings.
283	(
284	print "# Disable the compression"
285	print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"
286
287	print "noipdefault nodetach debug"
288	) >> ${file}
289
290	return ${EXIT_OK}
291	}