]> git.ipfire.org Git - people/ms/network.git/blob - functions.ppp
projects / people / ms / network.git / blob
? search:


27247815b13fa0507b237c938c941e5e0c00135f
[people/ms/network.git] / functions.ppp
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 PPP_SUPPORTED_AUTH_METHODS="chap pap"
23
24 function pppd_start() {
25 local interface=${1}
26 assert isset interface
27
28 # This will block until the connection has been established or
29 # pppd exited.
30 service_start "pppd@${interface}.service"
31
32 # Get the exit code of the ppp daemon and figure out
33 # how to handle this.
34 local ret=$(service_get_exitcode "pppd@${interface}.service")
35 case "${ret}" in
36 0)
37 return ${EXIT_OK}
38 ;;
39 1)
40 error "pppd crashed for an unknown reason"
41 ;;
42 2)
43 error "pppd: Configuration error"
44 ;;
45 5)
46 error "pppd terminated"
47 ;;
48 16)
49 error "pppd: Link terminated by modem"
50 ;;
51 19)
52 error "pppd: Authentication failed"
53 ;;
54 *)
55 error "pppd: Unhandled exit code: ${ret}"
56 ;;
57 esac
58
59 return ${ret}
60 }
61
62 function pppd_stop() {
63 local interface=${1}
64 assert isset interface
65
66 service_stop "pppd@${interface}.service"
67 }
68
69 function pppd_status() {
70 local interface=${1}
71 assert isset interface
72
73 service_status "pppd@${interface}.service"
74 }
75
76 function ppp_common_ip_pre_up() {
77 local zone=${1}
78 shift
79
80 if ! zone_exists ${zone}; then
81 error "Zone '${zone}' does not exist."
82 return ${EXIT_ERROR}
83 fi
84
85 routing_db_from_ppp ${zone} ipv4
86
87 return ${EXIT_OK}
88 }
89
90 function ppp_common_ipv4_up() {
91 local zone=${1}
92 shift
93
94 if ! zone_exists ${zone}; then
95 error "Zone '${zone}' does not exist."
96 return ${EXIT_ERROR}
97 fi
98
99 routing_db_set ${zone} ipv4 active 1
100 routing_update ${zone} ipv4
101 routing_default_update
102
103 return ${EXIT_OK}
104 }
105
106 function ppp_common_ipv4_down() {
107 local zone=${1}
108 shift
109
110 if ! zone_exists ${zone}; then
111 error "Zone '${zone}' does not exist."
112 return ${EXIT_ERROR}
113 fi
114
115 # Remove the information about this zone from the routing database
116 # and update the routing table.
117 routing_db_remove ${zone} ipv4
118 routing_update ${zone} ipv4
119 routing_default_update
120
121 # Save accounting information
122 ppp_accounting ${zone}
123
124 return ${EXIT_OK}
125 }
126
127 function ppp_common_ipv6_up() {
128 local zone=${1}
129 shift
130
131 if ! zone_exists ${zone}; then
132 error "Zone '${zone}' does not exist."
133 return ${EXIT_ERROR}
134 fi
135
136 # Add information about this zone to the routing database.
137 routing_db_from_ppp ${zone} ipv6
138
139 routing_db_set ${zone} ipv6 active 1
140 routing_update ${zone} ipv6
141 routing_default_update
142
143 return ${EXIT_OK}
144 }
145
146 function ppp_common_ipv6_down() {
147 local zone=${1}
148 shift
149
150 if ! zone_exists ${zone}; then
151 error "Zone '${zone}' does not exist."
152 return ${EXIT_ERROR}
153 fi
154
155 # Remove the information about this zone from the routing database
156 # and update the routing table.
157 routing_db_remove ${zone} ipv6
158 routing_update ${zone} ipv6
159 routing_default_update
160
161 # Save accounting information
162 ppp_accounting ${zone}
163
164 return ${EXIT_OK}
165 }
166
167 function ppp_secret() {
168 local USER=${1}
169 local SECRET=${2}
170 local a
171 local secret
172 local user
173
174 # Updateing secret file
175 > ${PPP_SECRETS}.tmp
176 while read user a secret; do
177 if [ "'${USER}'" != "${user}" ]; then
178 echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
179 fi
180 done < ${PPP_SECRETS}
181 echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
182 cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
183 rm -f ${PPP_SECRETS}.tmp
184 }
185
186 function ppp_accounting() {
187 local zone=${1}
188 shift
189
190 db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
191 --rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
192 }
193
194 function pppd_exec() {
195 log DEBUG "Running pppd with parameters '$@'."
196
197 pppd $@ > /dev/null
198 }
199
200 function pppd_write_config() {
201 local file=${1}; shift
202 assert isset file
203
204 local auth
205 local baudrate
206 local connect_cmd
207 local default_asyncmap="true"
208 local interface
209 local ipv6="true"
210 local lcp_echo_failure=3
211 local lcp_echo_interval=20
212 local linkname
213 local mtu mru
214 local password
215 local plugin plugin_options
216 local pty
217 local refuses
218 local serial="false"
219 local username
220 local value
221
222 while [ $# -gt 0 ]; do
223 case "${1}" in
224 --auth=*)
225 auth=$(cli_get_val ${1})
226 ;;
227 --baudrate=*)
228 baudrate=$(cli_get_val ${1})
229 assert isoneof baudrate ${SERIAL_BAUDRATES}
230 ;;
231 --connect-command=*)
232 connect_cmd=$(cli_get_val ${1})
233 ;;
234 # Enable or disable the use of the default asyncmap.
235 --default-asyncmap=*)
236 value=$(cli_get_val ${1})
237 if enabled value; then
238 default_asyncmap="true"
239 else
240 default_asyncmap="false"
241 fi
242 ;;
243 # The name of the created ppp interface.
244 --interface=*)
245 interface=$(cli_get_val ${1})
246 ;;
247 # IPv6
248 --ipv6=*)
249 ipv6="$(cli_get_val ${1})"
250 ;;
251 # LCP echo failure.
252 --lcr-echo-failure=*)
253 lcr_echo_failure=$(cli_get_val ${1})
254
255 if ! isinteger ${lcr_echo_failure}; then
256 error "--lcr-echo-failure= requires a number"
257 return ${EXIT_ERROR}
258 fi
259 ;;
260 # LCP echo interval.
261 --lcr-echo-interval=*)
262 lcr_echo_interval=$(cli_get_val ${1})
263
264 if ! isinteger ${lcr_echo_failure}; then
265 error "--lcr-echo-interval= requires a number"
266 return ${EXIT_ERROR}
267 fi
268 ;;
269 # Maximum Transmission Unit
270 --mtu=*)
271 mtu=$(cli_get_val ${1})
272 ;;
273 # Maximum Receive Unit
274 --mru=*)
275 mru=$(cli_get_val ${1})
276 ;;
277 --password=*)
278 password=$(cli_get_val ${1})
279 ;;
280 --plugin=*)
281 plugin=$(cli_get_val ${1})
282 ;;
283 --plugin-options=*)
284 plugin_options=$(cli_get_val ${1})
285 ;;
286 --pty=*)
287 pty=$(cli_get_val ${1})
288 ;;
289 # Refused authentication methods
290 --refuse=*)
291 list_append refuses "$(cli_get_val "${1}")"
292 error_log "REFUSES $refuses $1"
293 ;;
294 # Sets if the modem is a serial device.
295 --serial=*)
296 serial=$(cli_get_val ${1})
297 ;;
298 --serial-device=*)
299 serial_device=$(cli_get_val ${1})
300 ;;
301 --username=*)
302 username=$(cli_get_val ${1})
303 ;;
304 *)
305 log WARNING "Unhandled argument: ${1}"
306 ;;
307 esac
308 shift
309 done
310
311 if [ -z "${interface}" ]; then
312 log ERROR "You need to set the interface name: ${interface}"
313 return ${EXIT_ERROR}
314 fi
315 linkname="${interface}"
316
317 if isset auth; then
318 if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
319 log ERROR "Unsupported auth method: ${auth}"
320 return ${EXIT_ERROR}
321 fi
322 fi
323
324 if enabled serial; then
325 assert isset serial_device
326 assert [ -c "${serial_device}" ]
327 fi
328
329 # Set the user credentials.
330 ppp_secret "${username}" "${password}"
331
332 # Write the configuration header.
333 mkdir -p $(dirname ${file}) 2>/dev/null
334 config_header "PPP daemon configuration file" > ${file}
335
336 # At first, set the name of the link.
337 print "linkname ${linkname}\n" >> ${file}
338
339 # Configure the interface/zone name.
340 (
341 print "# Interface name"
342 print "ifname ${interface}"
343 print
344 ) >> ${file}
345
346 # Plugin settings
347 if isset plugin; then
348 (
349 print "# Plugin settings"
350 print "plugin ${plugin} ${plugin_options}"
351 print
352 ) >> ${file}
353 fi
354
355 # pty settings
356 if isset pty; then
357 (
358 print "# pty settings"
359 print "pty \"${pty}\""
360 print
361 ) >> ${file}
362 fi
363
364 # User authentication
365 if isset username; then
366 (
367 print "# User authentication"
368 print "user ${username}"
369
370 print "noauth"
371 if isset auth; then
372 print "require-${auth}"
373 fi
374
375 # Refused authentication methods
376 for refuse in ${refuses}; do
377 print "refuse-${refuse}"
378 done
379 print
380 ) >> ${file}
381 fi
382
383 # IPv6
384 if enabled ipv6; then
385 (
386 print "# IPv6 support"
387 print "+ipv6"
388 print
389 ) >> ${file}
390 fi
391
392 # MTU/MRU settings
393 if isset mtu; then
394 isset mru || mru=${mtu}
395
396 (
397 print "# MTU/MRU settings"
398 print "mtu ${mtu}"
399 print "mru ${mru}"
400 print
401 ) >> ${file}
402 fi
403
404 if enabled serial; then
405 (
406 print "# Serial modem settings"
407 print "${serial_device} ${baudrate}"
408 print "crtscts"
409 print "lock"
410 print "modem"
411 print
412 ) >> ${file}
413
414 # Connect command
415 if isset connect_cmd; then
416 (
417 print "# Connect command"
418 print "connect \"${connect_cmd}\""
419 print
420 ) >> ${file}
421 fi
422 fi
423
424 # Default asyncmap.
425 if enabled default_asyncmap; then
426 (
427 print "# Use the default asyncmap."
428 print "default-asyncmap"
429 print
430 ) >> ${file}
431 fi
432
433 # LCP settings.
434 (
435 print "# LCP settings"
436 print "lcp-echo-failure ${lcp_echo_failure}"
437 print "lcp-echo-interval ${lcp_echo_interval}"
438 print
439 ) >> ${file}
440
441 # Add the default settings.
442 (
443 print "# Disable the compression"
444 print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"
445
446 print "noipdefault updetach debug"
447 ) >> ${file}
448
449 return ${EXIT_OK}
450 }
Networking code of IPFire 3.x.