]>
Commit | Line | Data |
---|---|---|
63ef8328 MT |
1 | #!/bin/sh |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2009 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
e68e56b5 | 22 | HOME_DIR=${HOME_DIR-/lib/network} |
ae69ea7e | 23 | CONFIG_DIR=/etc/sysconfig/networking |
6ad03435 | 24 | HOOKS_DIR=${HOME_DIR}/hooks |
ae69ea7e MT |
25 | |
26 | CONFIG_ZONES=${CONFIG_DIR}/zones | |
27 | CONFIG_PORTS=${CONFIG_DIR}/ports | |
b5238f57 | 28 | |
cd1bc684 MT |
29 | COMMON_DEVICE=black+ |
30 | ||
6ad03435 MT |
31 | EXIT_OK=0 |
32 | EXIT_ERROR=1 | |
33 | EXIT_CONF_ERROR=2 | |
34 | ||
35 | [ -n "${DEBUG}" ] || DEBUG= | |
36 | [ -n "${VERBOSE}" ] || VERBOSE= | |
37 | ||
b5238f57 | 38 | function is_mac() { |
ae69ea7e | 39 | egrep -q "^[0-9a-f][0-9a-f]\:[0-9a-f][0-9a-f]\:[0-9a-f][0-9a-f]\:[0-9a-f][0-9a-f]\:[0-9a-f][0-9a-f]\:[0-9a-f][0-9a-f]$" <<<$1 |
b5238f57 | 40 | } |
63ef8328 MT |
41 | |
42 | function get_device_by_mac() { | |
ae69ea7e | 43 | local mac |
4bded844 | 44 | local device |
ae69ea7e MT |
45 | |
46 | mac=$1 | |
47 | ||
4bded844 MT |
48 | for device in /sys/class/net/*; do |
49 | if [ "$(cat $device/address)" = "$mac" ]; then | |
50 | device=${device##*/} | |
51 | # Skip virtual devices | |
52 | if [ -e "/proc/net/vlan/$device" ]; then | |
53 | continue | |
54 | fi | |
55 | # Skip zones | |
56 | if zone_exists ${device}; then | |
57 | continue | |
58 | fi | |
59 | echo ${device} | |
60 | return 0 | |
63ef8328 MT |
61 | fi |
62 | done | |
4bded844 | 63 | return 1 |
63ef8328 MT |
64 | } |
65 | ||
ae69ea7e | 66 | function get_device_by_mac_and_vid() { |
6ad03435 MT |
67 | local mac=$1 |
68 | local vid=$2 | |
ae69ea7e MT |
69 | |
70 | local i | |
71 | local VID | |
72 | local DEVICE | |
4bded844 MT |
73 | if [ -e "/proc/net/vlan/config" ]; then |
74 | grep '|' /proc/net/vlan/config | sed "s/|//g" | \ | |
75 | while read DEVICE VID PARENT; do | |
76 | if [ "${vid}" = "${VID}" ] && [ "$(macify ${PARENT})" = "${mac}" ]; then | |
77 | echo "${DEVICE}" | |
78 | return 0 | |
79 | fi | |
80 | done | |
81 | fi | |
ae69ea7e MT |
82 | return 1 |
83 | } | |
84 | ||
90af6f24 MT |
85 | function get_device() { |
86 | if [ ${#@} -gt 1 ]; then | |
87 | get_device_by_mac_and_vid $@ | |
88 | else | |
89 | get_device_by_mac $@ | |
90 | fi | |
91 | } | |
92 | ||
63ef8328 | 93 | function get_mac_by_device() { |
ae69ea7e MT |
94 | local device |
95 | device=$1 | |
63ef8328 MT |
96 | if [ -d "/sys/class/net/$device" ]; then |
97 | cat /sys/class/net/$device/address | |
98 | return 0 | |
99 | fi | |
100 | return 1 | |
101 | } | |
b5238f57 | 102 | |
90af6f24 MT |
103 | function get_mac() { |
104 | get_mac_by_device $@ | |
105 | } | |
106 | ||
ae69ea7e | 107 | function devicify() { |
6ad03435 | 108 | local device=${1} |
ae69ea7e MT |
109 | local mac |
110 | ||
ae69ea7e MT |
111 | if is_mac ${device}; then |
112 | mac=${device} | |
113 | device=$(get_device_by_mac ${device}) | |
114 | fi | |
4bded844 MT |
115 | if [ -n "${device}" ]; then |
116 | echo ${device} | |
117 | return 0 | |
118 | else | |
119 | echo "devicify: Could not find device of $@" >&2 | |
120 | return 1 | |
121 | fi | |
ae69ea7e MT |
122 | } |
123 | ||
124 | function macify() { | |
6ad03435 | 125 | local input=${1} |
ae69ea7e MT |
126 | local mac |
127 | ||
ae69ea7e MT |
128 | if is_mac ${input}; then |
129 | mac=${input} | |
130 | else | |
131 | mac=$(get_mac_by_device ${input}) | |
132 | fi | |
133 | echo ${mac} | |
134 | } | |
135 | ||
b5238f57 | 136 | function device_exists() { |
ae69ea7e MT |
137 | ip link show $(devicify ${1}) &>/dev/null |
138 | } | |
139 | ||
cd1bc684 MT |
140 | function device_is_up() { |
141 | ip link show $(devicify ${1}) 2>/dev/null | grep -qE "<.*UP.*>" | |
142 | } | |
143 | ||
6ad03435 MT |
144 | function device_rename() { |
145 | local source=$1 | |
146 | local destination=$2 | |
ae69ea7e | 147 | |
4bded844 MT |
148 | # Replace + by a valid number |
149 | if grep -q "+$" <<<${destination}; then | |
150 | local number | |
151 | destination=$(sed -e "s/+//" <<<$destination) | |
152 | number=0 | |
6ad03435 | 153 | while [ "${number}" -le "100" ]; do |
4bded844 MT |
154 | if ! device_exists "${destination}${number}"; then |
155 | destination="${destination}${number}" | |
156 | break | |
157 | fi | |
158 | number=$(($number + 1)) | |
159 | done | |
160 | fi | |
161 | ||
ae69ea7e MT |
162 | # Check if devices exist |
163 | if ! device_exists ${source} || device_exists ${destination}; then | |
164 | return 4 | |
165 | fi | |
166 | ||
4bded844 | 167 | ip link set ${source} down |
ae69ea7e | 168 | ip link set ${source} name ${destination} |
4bded844 | 169 | ip link set ${destination} up |
ae69ea7e | 170 | return $? |
b5238f57 MT |
171 | } |
172 | ||
6ad03435 MT |
173 | function hook_exists() { |
174 | [ -x "${HOOKS_DIR}/${1}" ] | |
175 | } | |
176 | ||
177 | function port_exists() { | |
178 | device_exists $@ | |
b5238f57 MT |
179 | } |
180 | ||
cd1bc684 | 181 | function port_is_up() { |
6ad03435 MT |
182 | port_exists $@ && device_is_up $@ |
183 | } | |
184 | ||
185 | function zone_exists() { | |
186 | [ -e "$CONFIG_ZONES/${1}" ] | |
cd1bc684 MT |
187 | } |
188 | ||
189 | function zone_is_up() { | |
190 | zone_exists $@ && device_is_up $@ | |
191 | } | |
192 | ||
b5238f57 | 193 | function bridge_devices() { |
6ad03435 | 194 | local bridge=$1 |
ae69ea7e MT |
195 | [ -z "${bridge}" ] && return 2 |
196 | brctl show | grep "^${bridge}" | awk '{ print $NF }' | grep -v "^interfaces$" | |
197 | } | |
198 | ||
199 | function zone_add_port() { | |
6ad03435 MT |
200 | local zone=${1} |
201 | local port=${2} | |
90af6f24 MT |
202 | |
203 | brctl addif ${zone} ${port} | |
204 | } | |
205 | ||
206 | function zone_del_port() { | |
6ad03435 MT |
207 | local zone=${1} |
208 | local port=${2} | |
90af6f24 MT |
209 | |
210 | brctl delif ${zone} ${port} | |
ae69ea7e MT |
211 | } |
212 | ||
6ad03435 | 213 | function zone_list() { |
ae69ea7e | 214 | local zone |
6ad03435 | 215 | for zone in $(find ${CONFIG_ZONES}/* 2>/dev/null); do |
ae69ea7e MT |
216 | [ -d "${zone}" ] && echo ${zone} |
217 | done | |
b5238f57 | 218 | } |
1135a884 MT |
219 | |
220 | function run_hooks() { | |
6ad03435 MT |
221 | local action=${1} |
222 | local dir=${2} | |
1135a884 MT |
223 | local failed |
224 | local hook | |
225 | local hooks | |
1135a884 MT |
226 | shift 2 |
227 | ||
228 | if [ -z "${action}" ] || [ -z "${dir}" ]; then | |
229 | echo "Not enough parameters given." >&2 | |
230 | return 1 | |
231 | fi | |
232 | ||
233 | for hook in $(find ${dir} -type f); do | |
234 | ( | |
235 | . ${hook} | |
6ad03435 MT |
236 | if [ -n "${HOOK}" ] && hook_exists ${HOOK}; then |
237 | /lib/network/hooks/${HOOK} --config=${hook} $@ ${action} | |
1135a884 MT |
238 | RET=$? |
239 | else | |
240 | echo -e "${FAILURE}Unable to process ${hook}. Either" | |
241 | echo -e "${FAILURE}the HOOK variable was not set," | |
242 | echo -e "${FAILURE}or the specified hook cannot be executed." | |
243 | message="" | |
244 | log_failure_msg | |
245 | fi | |
246 | exit ${RET} | |
247 | ) || failed=1 | |
248 | done | |
249 | ||
250 | return ${failed} | |
251 | } | |
6ad03435 MT |
252 | |
253 | function hook_type() { | |
254 | local hook=${1} | |
255 | ( | |
256 | . $(hook_run ${hook} info) | |
257 | echo "${HOOK_TYPE}" | |
258 | ) | |
259 | } | |
260 | ||
261 | function config_get_hook() { | |
262 | local config=${1} | |
263 | if [ ! -e "${config}" ]; then | |
264 | log_failure_msg "Config file \"${config}\" does not exist." | |
265 | return ${EXIT_ERROR} | |
266 | fi | |
267 | ( . ${config}; echo ${HOOK} ) | |
268 | } | |
269 | ||
270 | function hook_run() { | |
271 | local hook=${1} | |
272 | shift | |
273 | ||
274 | if ! hook_exists ${hook}; then | |
275 | log_failure_msg "Hook ${hook} cannot be found or is not executeable." | |
276 | return ${EXIT_ERROR} | |
277 | fi | |
278 | decho "Running hook: ${hook} $@" | |
279 | DEBUG=${DEBUG} VERBOSE=${VERBOSE} ${HOOKS_DIR}/${hook} $@ | |
280 | return $? | |
281 | } | |
282 | ||
283 | function hook_run_multiple() { | |
284 | local zone | |
285 | local config | |
286 | local hook | |
287 | local hook_type2 | |
288 | local type | |
289 | ||
290 | while [ "$#" -gt "0" ]; do | |
291 | case "${1}" in | |
292 | --type=*) | |
293 | type=${1#--type=} | |
294 | ;; | |
295 | *) | |
296 | zone=${1} | |
297 | break | |
298 | ;; | |
299 | esac | |
300 | shift | |
301 | done | |
302 | ||
303 | if ! zone_exists ${zone}; then | |
304 | return ${EXIT_ERROR} | |
305 | fi | |
306 | ||
307 | for config in $(find ${CONFIG_ZONES}/${zone} 2>/dev/null); do | |
308 | hook=$(config_get_hook ${config}) | |
309 | if [ -n "${type}" ]; then | |
310 | hook_type2=$(hook_type ${hook}) | |
311 | if [ "${type}" != "${hook_type2}" ]; then | |
312 | continue | |
313 | fi | |
314 | fi | |
315 | hook_run ${hook} $@ | |
316 | done | |
317 | } | |
318 | ||
319 | function zone_run() { | |
320 | local zone=${1} | |
321 | shift | |
322 | ||
323 | if ! zone_exists ${zone}; then | |
324 | log_failure_msg "Zone ${zone} does not exist." | |
325 | exit ${EXIT_ERROR} | |
326 | fi | |
327 | decho "Running zone: ${zone} $@" | |
328 | DEBUG=${DEBUG} VERBOSE=${VERBOSE} ${HOME_DIR}/zone --zone=${zone} $@ | |
329 | return $? | |
330 | } |