to_address "$(( netmask ^ 0xffffffff ))"
}
+find_interface() {
+ local mac="${1}"
+
+ local path
+ for path in /sys/class/net/*; do
+ local address="$(<${path}/address)"
+
+ if [ "${mac}" = "${address}" ]; then
+ basename "${path}"
+ return 0
+ fi
+ done
+
+ return 1
+}
+
import_aws_configuration() {
local instance_id="$(get instance-id)"
echo "DOMAINNAME=${hostname#*.}" >> /var/ipfire/main/settings
fi
+ # Import SSH keys
+ local line
+ for line in $(get "public-keys/"); do
+ local key_no="${line%=*}"
+
+ local key="$(get public-keys/${key_no}/openssh-key)"
+ if [ -n "${key}" ] && ! grep -q "^${key}$" /root/.ssh/authorized_keys 2>/dev/null; then
+ mkdir -p /root/.ssh
+ chmod 700 /root/.ssh
+
+ echo "${key}" >> /root/.ssh/authorized_keys
+ chmod 600 /root/.ssh/authorized_keys
+ fi
+ done
+
# Import any DNS server settings
eval $(/usr/local/bin/readhash <(grep -E "^DNS([0-9])=" /var/ipfire/ethernet/settings 2>/dev/null))
# Import network configuration
+ # After this, no network connectivity will be available from this script due to the
+ # renaming of the network interfaces for which they have to be shut down
local config_type=1
: > /var/ipfire/ethernet/settings
case "${device_number}" in
# RED
0)
+ local interface_name="red0"
+
# The gateway is always the first IP address in the subnet
local gateway="$(to_address $(( netaddress_num + 1 )))"
(
echo "RED_TYPE=STATIC"
- echo "RED_DEV=red0"
+ echo "RED_DEV=${interface_name}"
echo "RED_MACADDR=${mac}"
echo "RED_DESCRIPTION='${interface_id}'"
echo "RED_ADDRESS=${ipv4_address}"
# GREEN
1)
+ local interface_name="green0"
+
(
- echo "GREEN_DEV=green0"
+ echo "GREEN_DEV=${interface_name}"
echo "GREEN_MACADDR=${mac}"
echo "GREEN_DESCRIPTION='${interface_id}'"
echo "GREEN_ADDRESS=${ipv4_address}"
# ORANGE
2)
+ local interface_name="orange0"
config_type=2
(
- echo "ORANGE_DEV=orange0"
+ echo "ORANGE_DEV=${interface_name}"
echo "ORANGE_MACADDR=${mac}"
echo "ORANGE_DESCRIPTION='${interface_id}'"
echo "ORANGE_ADDRESS=${ipv4_address}"
) >> /var/ipfire/ethernet/settings
;;
esac
- done
-
- # Save CONFIG_TYPE
- echo "CONFIG_TYPE=${config_type}" >> /var/ipfire/ethernet/settings
-
- # Import SSH keys
- local line
- for line in $(get "public-keys/"); do
- local key_no="${line%=*}"
- local key="$(get public-keys/${key_no}/openssh-key)"
- if [ -n "${key}" ] && ! grep -q "^${key}$" /root/.ssh/authorized_keys 2>/dev/null; then
- mkdir -p /root/.ssh
- chmod 700 /root/.ssh
+ # Rename interface
+ local interface="$(find_interface "${mac}")"
- echo "${key}" >> /root/.ssh/authorized_keys
- chmod 600 /root/.ssh/authorized_keys
+ if [ -n "${interface}" ] && [ -n "${interface_name}" ] && [ "${interface}" != "${interface_name}" ]; then
+ ip link set "${interface}" down
+ ip link set "${interface}" name "${interface_name}"
fi
done
+ # Save CONFIG_TYPE
+ echo "CONFIG_TYPE=${config_type}" >> /var/ipfire/ethernet/settings
+
# Actions performed only on the very first start
if [ ! -e "/var/ipfire/main/firstsetup_ok" ]; then
# Enable SSH
# Enable SSH key authentication
sed -e "s/^ENABLE_SSH_KEYS=.*/ENABLE_SSH_KEYS=on/" -i /var/ipfire/remote/settings
+ # Apply SSH settings
+ /usr/local/bin/sshctrl
+
# Firewall rules for SSH and WEBIF
(
echo "1,ACCEPT,INPUTFW,ON,std_net_src,ALL,ipfire,RED1,,TCP,,,ON,,,cust_srv,SSH,,,,,,,,,,,00:00,00:00,,AUTO,,dnat,,,,,second"
# All done
echo_ok
-
- # Restart udev to rename network interfaces
- /etc/init.d/udev restart
}
case "${reason}" in
projects / people / pmueller / ipfire-2.x.git / blobdiff