hooks/zones/bridge

   1 #!/bin/bash
   2 ###############################################################################
   3 #                                                                             #
   4 # IPFire.org - A linux based firewall                                         #
   5 # Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
   6 #                                                                             #
   7 # This program is free software: you can redistribute it and/or modify        #
   8 # it under the terms of the GNU General Public License as published by        #
   9 # the Free Software Foundation, either version 3 of the License, or           #
  10 # (at your option) any later version.                                         #
  11 #                                                                             #
  12 # This program is distributed in the hope that it will be useful,             #
  13 # but WITHOUT ANY WARRANTY; without even the implied warranty of              #
  14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
  15 # GNU General Public License for more details.                                #
  16 #                                                                             #
  17 # You should have received a copy of the GNU General Public License           #
  18 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
  19 #                                                                             #
  20 ###############################################################################
  21
  22 . /lib/network/header-zone
  23
  24 HOOK_SETTINGS="HOOK STP STP_FORWARD_DELAY STP_HELLO STP_MAXAGE STP_MODE"
  25 HOOK_SETTINGS="${HOOK_SETTINGS} STP_PRIORITY MAC MTU"
  26
  27 # Default values
  28 MAC=$(mac_generate)
  29 MTU=1500
  30 STP="on"
  31 STP_MODE="rstp"
  32 STP_FORWARD_DELAY=0
  33 STP_HELLO=2
  34 STP_MAXAGE=20
  35 STP_PRIORITY=512 # XXX check out better value
  36
  37 function _check() {
  38         assert ismac MAC
  39         assert isbool STP
  40         assert isoneof STP_MODE stp rstp
  41         assert isinteger STP_HELLO
  42         assert isinteger STP_FORWARD_DELAY
  43         assert isinteger STP_PRIORITY
  44         assert isinteger MTU
  45 }
  46
  47 function _parse_cmdline() {
  48         while [ $# -gt 0 ]; do
  49                 case "${1}" in
  50                         --stp=*)
  51                                 STP=${1#--stp=}
  52                                 ;;
  53                         --stp-mode=*)
  54                                 STP_MODE=${1#--stp-mode=}
  55                                 ;;
  56                         --stp-hello=*)
  57                                 STP_HELLO=${1#--stp-hello=}
  58                                 ;;
  59                         --stp-forward-delay=*)
  60                                 STP_FORWARD_DELAY=${1#--stp-forward-delay=}
  61                                 ;;
  62                         --stp-priority=*)
  63                                 STP_PRIORITY=${1#--stp-priority=}
  64                                 ;;
  65                         --mtu=*)
  66                                 MTU=${1#--mtu=}
  67                                 ;;
  68                         --mac=*)
  69                                 MAC=${1#--mac=}
  70                                 ;;
  71                         *)
  72                                 warning "Ignoring unknown option '${1}'"
  73                                 ;;
  74                 esac
  75                 shift
  76         done
  77 }
  78
  79 function _up() {
  80         local zone=${1}
  81         shift
  82
  83         config_read ${ZONE_DIR}/${zone}/settings
  84
  85         if ! device_exists ${zone}; then
  86                 brctl addbr ${zone}
  87         fi
  88
  89         [ -n "${MAC}" ] && device_set_address ${zone} ${MAC}
  90         [ -n "${MTU}" ] && device_set_mtu ${zone} ${MTU}
  91
  92         # Enable STP
  93         if enabled STP; then
  94                 stp_enable ${zone}
  95
  96                 if [ -n "${STP_FORWARD_DELAY}" ]; then
  97                         brctl setfd ${zone} ${STP_FORWARD_DELAY}
  98                 fi
  99
 100                 if [ -n "${STP_HELLO}" ]; then
 101                         brctl sethello ${zone} ${STP_HELLO}
 102                 fi
 103
 104                 if [ -n "${STP_MAXAGE}" ]; then
 105                         brctl setmaxage ${zone} ${STP_MAXAGE}
 106                 fi
 107
 108                 if [ -n "${STP_PRIORITY}" ]; then
 109                         brctl setbridgeprio ${zone} ${STP_PRIORITY}
 110                 fi
 111         else
 112                 stp_disable ${zone}
 113         fi
 114
 115         device_set_up ${zone}
 116
 117         # XXX Currently, there is a bug (in the linux kernel?) that we need to
 118         # set our bridges to promisc mode.
 119         device_set_promisc ${zone} on
 120
 121         # Bring all ports up
 122         zone_ports_up ${zone}
 123         zone_configs_up ${zone}
 124
 125         event_interface_up ${zone}
 126
 127         exit ${EXIT_OK}
 128 }
 129
 130 function _down() {
 131         local zone=${1}
 132         shift
 133
 134         if ! device_is_up ${zone}; then
 135                 warning "Zone '${zone}' is not up"
 136                 exit ${EXIT_OK}
 137         fi
 138
 139         event_interface_down ${zone}
 140
 141         zone_configs_down ${zone}
 142         zone_ports_down ${zone}
 143
 144         # XXX See remark in _up().
 145         device_set_promisc ${zone} off
 146
 147         device_set_down ${zone}
 148         brctl delbr ${zone}
 149
 150         exit ${EXIT_OK}
 151 }
 152
 153 function _status() {
 154         local zone=${1}
 155
 156         cli_status_headline ${zone}
 157
 158         # Exit if zone is down
 159         if ! zone_is_up ${zone}; then
 160                 echo # Empty line
 161                 exit ${EXIT_ERROR}
 162         fi
 163
 164         # XXX Add bridge stp priority here
 165         # brctl does not give any information about that
 166
 167         cli_headline "  Spanning Tree Protocol information:"
 168         printf "${DEVICE_PRINT_LINE1}" "ID:" $(stp_bridge_get_id ${zone})
 169         printf "${DEVICE_PRINT_LINE1}" "Priority:" $(stp_bridge_get_priority ${zone})
 170
 171         if stp_bridge_is_root ${zone}; then
 172                 echo -e "    ${COLOUR_BOLD}This bridge is root.${COLOUR_NORMAL}"
 173         else
 174                 printf "${DEVICE_PRINT_LINE1}" "Designated root:" $(stp_bridge_get_designated_root ${zone})
 175                 printf "${DEVICE_PRINT_LINE1}" "Root path cost:" $(stp_bridge_get_root_path_cost ${zone})
 176         fi
 177         echo # Empty line
 178
 179         # Topology information
 180         printf "${DEVICE_PRINT_LINE1}" "Topology changing:" $(stp_bridge_get_topology_change_detected ${zone})
 181         printf "${DEVICE_PRINT_LINE1}" "Topology change time:" $(beautify_time $(stp_bridge_get_topology_change_timer ${zone}))
 182         printf "${DEVICE_PRINT_LINE1}" "Topology change count:" $(stp_bridge_get_topology_change_count ${zone})
 183
 184         cli_headline "  Ports:"
 185         zone_ports_status ${zone}
 186
 187         cli_headline "  Configurations:"
 188         zone_configs_cmd status ${zone}
 189
 190         echo # Empty line
 191         exit ${EXIT_OK}
 192 }
 193
 194 run $@