From d61a01d4359d373e9df8232da8243f3a8372584f Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sun, 20 Jun 2010 12:27:21 +0200 Subject: [PATCH] network: Make two groups of hooks, again. --- functions.bonding | 62 ++++++++++ functions.cli | 4 +- functions.device | 46 +------- functions.hook | 112 +++++++++++-------- functions.zone | 38 +++---- header-port | 2 +- header-zone | 14 +-- hooks/{ => zones}/bridge | 2 +- hooks/{ => zones}/bridge.configs/ipv4-static | 0 hooks/{ => zones}/bridge.configs/ipv6-static | 0 hooks/zones/bridge.ports/bonding | 92 +++++++++++++++ hooks/{ => zones}/bridge.ports/ethernet | 0 hooks/{ => zones}/bridge.ports/virtual | 0 hooks/{ => zones}/pppoe | 0 14 files changed, 252 insertions(+), 120 deletions(-) create mode 100644 functions.bonding rename hooks/{ => zones}/bridge (99%) rename hooks/{ => zones}/bridge.configs/ipv4-static (100%) rename hooks/{ => zones}/bridge.configs/ipv6-static (100%) create mode 100755 hooks/zones/bridge.ports/bonding rename hooks/{ => zones}/bridge.ports/ethernet (100%) rename hooks/{ => zones}/bridge.ports/virtual (100%) rename hooks/{ => zones}/pppoe (100%) diff --git a/functions.bonding b/functions.bonding new file mode 100644 index 00000000..8a04a91a --- /dev/null +++ b/functions.bonding @@ -0,0 +1,62 @@ +#!/bin/bash +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +function bonding_create() { + local device=${1} + local mac=${2} + + [ -z "${mac}" ] && mac=$(mac_generate) + + log INFO "Creating bonding device '${device}' (${mac})." + + echo "+${device}" > /sys/class/net/bonding_masters + device_set_address ${mac} + device_set_up ${device} +} + +function bonding_remove() { + local device=$(devicify ${1}) + + log INFO "Remove bonding device '${device}'." + + device_set_down ${device} + echo "-${device}" > /sys/class/net/bonding_masters +} + +function bonding_set_mode() { + local device=${1} + local mode=${2} + + log INFO "Setting bonding mode on '${device}' '${mode}'." + + echo "${mode}" > /sys/class/net/${device}/bonding/mode +} + +function bonding_enslave_device() { + local device=$(devicify ${1}) + local slave=$(devicify ${2}) + shift 2 + + log INFO "Enslaving slave '${slave}' to '${device}'." + + device_set_down ${slave} + echo "+${slave}" > /sys/class/net/${device}/bonding/slaves +} diff --git a/functions.cli b/functions.cli index 5a22a544..b6435bcd 100644 --- a/functions.cli +++ b/functions.cli @@ -105,8 +105,8 @@ function cli_device_discover() { local hook local out local ret - for hook in $(hooks_get_all); do - out=$(hook_exec ${hook} discover ${device}) + for hook in $(hook_zone_get_all); do + out=$(hook_zone_exec ${hook} discover ${device}) ret=$? [ ${ret} -eq ${DISCOVER_NOT_SUPPORTED} ] && continue diff --git a/functions.device b/functions.device index 44a3d79d..67453c74 100644 --- a/functions.device +++ b/functions.device @@ -454,8 +454,8 @@ function device_discover() { log INFO "Running discovery process on device '${device}'." local hook - for hook in $(hooks_get_all); do - hook_exec ${hook} discover ${device} + for hook in $(hook_zone_get_all); do + hook_zone_exec ${hook} discover ${device} done } @@ -600,48 +600,6 @@ function device_virtual_get_by_parent_and_vid() { return ${EXIT_ERROR} } -function device_bonding_create() { - local device=${1} - local mac=${2} - - [ -z "${mac}" ] && mac=$(mac_generate) - - log INFO "Creating bonding device '${device}' (${mac})." - - echo "+${device}" > /sys/class/net/bonding_masters - device_set_address ${mac} - device_set_up ${device} -} - -function device_bonding_remove() { - local device=$(devicify ${1}) - - log INFO "Remove bonding device '${device}'." - - device_set_down ${device} - echo "-${device}" > /sys/class/net/bonding_masters -} - -function bonding_set_mode() { - local device=${1} - local mode=${2} - - log INFO "Setting bonding mode on '${device}' '${mode}'." - - echo "${mode}" > /sys/class/net/${device}/bonding/mode -} - -function bonding_enslave_device() { - local device=$(devicify ${1}) - local slave=$(devicify ${2}) - shift 2 - - log INFO "Enslaving slave '${slave}' to '${device}'." - - device_set_down ${slave} - echo "+${slave}" > /sys/class/net/${device}/bonding/slaves -} - function bridge_attach_device() { local bridge=${1} local device=${2} diff --git a/functions.hook b/functions.hook index 970e43b1..481d3cc5 100644 --- a/functions.hook +++ b/functions.hook @@ -19,123 +19,143 @@ # # ############################################################################### +function hook_dir() { + local type=${1} + + echo "${HOOKS_DIR}/${type}s" +} + function hook_exists() { - local hook=${1} + local type=${1} + local hook=${2} - [ -d "${HOOKS_DIR}/${hook}" ] && return ${EXIT_ERROR} + local hook_dir=$(hook_dir ${type}) - [ -x "${HOOKS_DIR}/${hook}" ] + [ -d "${hook_dir}/${hook}" ] && return ${EXIT_ERROR} + + [ -x "${hook_dir}/${hook}" ] } -function hook_port_exists() { +function hook_exec() { + local type=${1} + local hook=${2} + shift 2 + + if ! hook_exists ${type} ${hook}; then + error "Hook '${hook}' does not exist." + return ${EXIT_ERROR} + fi + + ${SHELL} $(hook_dir ${type})/${hook} $@ +} + +function config_get_hook() { + local config=${1} + + ( + . ${config} + echo "${HOOK}" + ) +} + +## Wrappers around the hook functions for zones + +function hook_zone_exists() { + hook_exists zone $@ +} + +function hook_zone_port_exists() { local hook_zone=${1} local hook_port=${2} - hook_exists ${hook_zone} || return ${EXIT_ERROR} + hook_zone_exists ${hook_zone} || return ${EXIT_ERROR} - [ -x "${HOOKS_DIR}/${hook_zone}.ports/${hook_port}" ] + [ -x "$(hook_dir zone)/${hook_zone}.ports/${hook_port}" ] } -function hook_config_exists() { +function hook_zone_config_exists() { local hook_zone=${1} local hook_config=${2} - hook_exists ${hook_zone} || return ${EXIT_ERROR} + hook_zone_exists ${hook_zone} || return ${EXIT_ERROR} - [ -x "${HOOKS_DIR}/${hook_zone}.configs/${hook_config}" ] + [ -x "$(hook_dir zone)/${hook_zone}.configs/${hook_config}" ] } -function hook_has_ports() { +function hook_zone_has_ports() { local hook=${1} - [ -d "${HOOKS_DIR}/${hook}.ports" ] + [ -d "$(hook_dir zone)/${hook}.ports" ] } -function hook_has_configs() { +function hook_zone_has_configs() { local hook=${1} - [ -d "${HOOKS_DIR}/${hook}.configs" ] + [ -d "$(hook_dir zone)/${hook}.configs" ] } -function hook_exec() { - local hook=${1} - shift - - if ! hook_exists ${hook}; then - error "Hook '${hook}' does not exist." - return ${EXIT_ERROR} - fi - - ${SHELL} ${HOOKS_DIR}/${hook} $@ +function hook_zone_exec() { + hook_exec zone $@ } -function hook_port_exec() { +function hook_zone_port_exec() { local hook_zone=${1} local hook_port=${2} shift 2 - if ! hook_exists ${hook_zone}; then + if ! hook_exists zone ${hook_zone}; then error "Hook '${hook_zone}' does not exist." return ${EXIT_ERROR} fi - if ! hook_port_exists ${hook_zone} ${hook_port}; then + if ! hook_zone_port_exists ${hook_zone} ${hook_port}; then error "Port hook '${hook_port}' does not exist." return ${EXIT_ERROR} fi - ${SHELL} ${HOOKS_DIR}/${hook_zone}.ports/${hook_port} $@ + ${SHELL} $(hook_dir zone)/${hook_zone}.ports/${hook_port} $@ } -function hook_config_exec() { +function hook_zone_config_exec() { local hook_zone=${1} local hook_config=${2} shift 2 - if ! hook_exists ${hook_zone}; then + if ! hook_zone_exists ${hook_zone}; then error "Hook '${hook_zone}' does not exist." return ${EXIT_ERROR} fi - if ! hook_config_exists ${hook_zone} ${hook_config}; then + if ! hook_zone_config_exists ${hook_zone} ${hook_config}; then error "Config hook '${hook_config}' does not exist." return ${EXIT_ERROR} fi - ${SHELL} ${HOOKS_DIR}/${hook_zone}.configs/${hook_config} $@ + ${SHELL} $(hook_dir zone)/${hook_zone}.configs/${hook_config} $@ } -function hooks_get_all() { +function hook_zone_get_all() { local type=${1} local hook - for hook in ${HOOKS_DIR}/*; do + for hook in $(hook_dir zone)/*; do hook=$(basename ${hook}) - hook_exists ${hook} && echo "${hook}" + hook_zone_exists ${hook} && echo "${hook}" done | sort } -function hook_ports_get_all() { +function hook_zone_ports_get_all() { local hook=${1} - if ! hook_exists ${hook}; then + if ! hook_exists zone ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi local hook - for hook in ${HOOKS_DIR}/${zone}.ports/*; do + for hook in $(hook_dir zone)/${zone}.ports/*; do hook=$(basename ${hook}) ## XXX executeable? echo "${hook}" done | sort } - -function config_get_hook() { - local config=${1} - - ( - . ${config} - echo "${HOOK}" - ) -} diff --git a/functions.zone b/functions.zone index 9fc343b0..1fc631c0 100644 --- a/functions.zone +++ b/functions.zone @@ -22,7 +22,7 @@ function zone_dir() { local zone=${1} - echo "${ZONE_DIR}/${zone}" + echo "${ZONE_DIR}/zones/${zone}" } function zone_exists() { @@ -81,14 +81,14 @@ function zone_create() { return ${EXIT_ERROR} fi - if ! hook_exists ${hook}; then + if ! hook_zone_exists ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi mkdir -p $(zone_dir ${zone}) - hook_exec ${hook} create ${zone} $@ + hook_zone_exec ${hook} create ${zone} $@ local ret=$? # Maybe the zone create hook did not exit correctly. @@ -114,12 +114,12 @@ function zone_edit() { return ${EXIT_ERROR} fi - if ! hook_exists ${hook}; then + if ! hook_zone_exists ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi - hook_exec ${hook} edit ${zone} $@ + hook_zone_exec ${hook} edit ${zone} $@ } function zone_remove() { @@ -152,15 +152,15 @@ function zone_up() { return ${EXIT_ERROR} fi - if ! hook_exists ${hook}; then + if ! hook_zone_exists ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi zone_db ${zone} starting - hook_exec ${hook} up ${zone} $@ - + hook_zone_exec ${hook} up ${zone} $@ + zone_db ${zone} started } @@ -180,14 +180,14 @@ function zone_down() { return ${EXIT_ERROR} fi - if ! hook_exists ${hook}; then + if ! hook_zone_exists ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi zone_db ${zone} stopping - hook_exec ${hook} down ${zone} $@ + hook_zone_exec ${hook} down ${zone} $@ zone_db ${zone} stopped } @@ -208,12 +208,12 @@ function zone_status() { return ${EXIT_ERROR} fi - if ! hook_exists ${hook}; then + if ! hook_zone_exists ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi - hook_exec ${hook} status ${zone} $@ + hook_zone_exec ${hook} status ${zone} $@ } function zone_port() { @@ -232,12 +232,12 @@ function zone_port() { return ${EXIT_ERROR} fi - if ! hook_exists ${hook}; then + if ! hook_zone_exists ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi - hook_exec ${hook} port ${zone} $@ + hook_zone_exec ${hook} port ${zone} $@ } function zone_config() { @@ -256,12 +256,12 @@ function zone_config() { return ${EXIT_ERROR} fi - if ! hook_exists ${hook}; then + if ! hook_zone_exists ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} fi - hook_exec ${hook} config ${zone} $@ + hook_zone_exec ${hook} config ${zone} $@ } function zone_show() { @@ -282,7 +282,7 @@ function zones_show() { function zones_get_all() { local zone - for zone in ${ZONE_DIR}/*; do + for zone in $(zone_dir)/*; do zone=$(basename ${zone}) zone_exists ${zone} || continue @@ -375,7 +375,7 @@ function zone_ports_cmd() { for port in $(zone_ports_list ${zone}); do hook_port=$(config_get_hook $(zone_dir ${zone})/${port}) - hook_port_exec ${hook_zone} ${hook_port} ${cmd} ${zone} ${port} $@ + hook_zone_port_exec ${hook_zone} ${hook_port} ${cmd} ${zone} ${port} $@ done } @@ -410,7 +410,7 @@ function zone_configs_cmd() { for config in $(zone_configs_list ${zone}); do hook_config=$(config_get_hook $(zone_dir ${zone})/${config}) - hook_config_exec ${hook_zone} ${hook_config} ${cmd} ${zone} ${config} $@ + hook_zone_config_exec ${hook_zone} ${hook_config} ${cmd} ${zone} ${config} $@ done } diff --git a/header-port b/header-port index 4f22adc4..ab2fb18b 100644 --- a/header-port +++ b/header-port @@ -39,7 +39,7 @@ done function run() { case "${action}" in - create|rem|up|down) + create|rem|up|down|status) _${action} $@ ;; esac diff --git a/header-zone b/header-zone index 88ed0216..34464ff4 100644 --- a/header-zone +++ b/header-zone @@ -135,17 +135,17 @@ function __portcmd() { local hook_zone=$(zone_get_hook ${zone}) - if ! hook_exists ${hook_zone}; then + if ! hook_zone_exists ${hook_zone}; then error "Hook '${hook}' does not exist." exit ${EXIT_ERROR} fi - if ! hook_port_exists ${hook_zone} ${hook_port}; then + if ! hook_zone_port_exists ${hook_zone} ${hook_port}; then error "Hook '${hook_port}' is not supported for zone '${zone}'." exit ${EXIT_ERROR} fi - hook_port_exec ${hook_zone} ${hook_port} ${cmd} ${zone} $@ + hook_zone_port_exec ${hook_zone} ${hook_port} ${cmd} ${zone} $@ } function _port_create() { @@ -194,7 +194,7 @@ function __configcmd() { local hook_zone=$(zone_get_hook ${zone}) - if ! hook_exists ${hook_zone}; then + if ! hook_zone_exists ${hook_zone}; then error "Hook '${hook}' does not exist." exit ${EXIT_ERROR} fi @@ -204,7 +204,7 @@ function __configcmd() { exit ${EXIT_ERROR} fi - hook_config_exec ${hook_zone} ${hook_config} ${cmd} ${zone} $@ + hook_zone_config_exec ${hook_zone} ${hook_config} ${cmd} ${zone} $@ } function _config_create() { @@ -272,7 +272,7 @@ function run() { ;; port) - if ! hook_has_ports ${HOOK}; then + if ! hook_zone_has_ports ${HOOK}; then error "Hook '${HOOK}' does not support ports." exit ${EXIT_ERROR} fi @@ -281,7 +281,7 @@ function run() { ;; config) - if ! hook_has_configs ${HOOK}; then + if ! hook_zone_has_configs ${HOOK}; then error "Hook '${HOOK}' does not support configurations." exit ${EXIT_ERROR} fi diff --git a/hooks/bridge b/hooks/zones/bridge similarity index 99% rename from hooks/bridge rename to hooks/zones/bridge index 3b6abe0c..e4bc1f7b 100755 --- a/hooks/bridge +++ b/hooks/zones/bridge @@ -178,7 +178,7 @@ function _addport() { local hook=${2} shift 2 - if ! hook_exists port ${hook}; then + if ! port_hook_exists ${hook}; then error "Hook does not exist '${hook}'" exit ${EXIT_ERROR} fi diff --git a/hooks/bridge.configs/ipv4-static b/hooks/zones/bridge.configs/ipv4-static similarity index 100% rename from hooks/bridge.configs/ipv4-static rename to hooks/zones/bridge.configs/ipv4-static diff --git a/hooks/bridge.configs/ipv6-static b/hooks/zones/bridge.configs/ipv6-static similarity index 100% rename from hooks/bridge.configs/ipv6-static rename to hooks/zones/bridge.configs/ipv6-static diff --git a/hooks/zones/bridge.ports/bonding b/hooks/zones/bridge.ports/bonding new file mode 100755 index 00000000..2680d562 --- /dev/null +++ b/hooks/zones/bridge.ports/bonding @@ -0,0 +1,92 @@ +#!/bin/bash +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +. /lib/network/header-port + +HOOK_SETTINGS="HOOK DEVICE_MAC DEVICE_NAME MODE SLAVES" + +DEVICE_NAME="bond0" # XXX DEVICE_NAME must be unique +DEVICE_MAC=$(mac_generate) + +function _check() { + assert isset DEVICE_MAC + assert ismac DEVICE_MAC + assert isset DEVICE_NAME + + assert isset SLAVES +} + +function _create() { + local zone=${1} + shift + + local + + while [ $# -gt 0 ]; do + case "${1}" in + --mac=*) + DEVICE_MAC=${1#--mac=} + ;; + --mode=*) + MODE=${1#--mode=} + ;; + --slave=*) + slave=${1#--slave=} + SLAVES="${SLAVES} $(macify ${slave})" + ;; + *) + warning "Unknown argument '${1}'" + ;; + esac + shift + done + + # Remove any whitespace + SLAVES=$(echo ${SLAVES}) + + _check + + config_write $(zone_dir ${zone})/port.${HOOK}.$(device_hash ${DEVICE_MAC}) ${HOOK_SETTINGS} + + exit ${EXIT_OK} +} + +function _up() { + local zone=${1} + local port=${2} + + config_read $(zone_dir ${zone})/${port} + + if ! device_exists $(devicify ${DEVICE_MAC}); then + device_virtual_create ${DEVICE} ${DEVICE_VID} ${DEVICE_MAC} + fi + + local device=$(devicify ${DEVICE_MAC}) + + # Set same MTU to device that the bridge has got + device_set_mtu ${device} $(device_get_mtu ${zone}) + + bridge_attach_device ${zone} ${device} + + exit ${EXIT_OK} +} + +run $@ diff --git a/hooks/bridge.ports/ethernet b/hooks/zones/bridge.ports/ethernet similarity index 100% rename from hooks/bridge.ports/ethernet rename to hooks/zones/bridge.ports/ethernet diff --git a/hooks/bridge.ports/virtual b/hooks/zones/bridge.ports/virtual similarity index 100% rename from hooks/bridge.ports/virtual rename to hooks/zones/bridge.ports/virtual diff --git a/hooks/pppoe b/hooks/zones/pppoe similarity index 100% rename from hooks/pppoe rename to hooks/zones/pppoe -- 2.39.2