[people/ms/network.git] / functions.ppp

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

PPP_SUPPORTED_AUTH_METHODS="chap pap"

function pppd_start() {
	local interface=${1}
	assert isset interface

	# This will block until the connection has been established or
	# pppd exited.
	service_start "pppd@${interface}"

	# Get the exit code of the ppp daemon and figure out
	# how to handle this.
	local ret=$(service_get_exitcode "pppd@${interface}")
	case "${ret}" in
		0)
			return ${EXIT_OK}
			;;
		1)
			error "pppd crashed for an unknown reason"
			;;
		2)
			error "pppd: Configuration error"
			;;
		3)
			error "pppd terminated"
			;;
		19)
			error "pppd: Authentication failed"
			;;
		*)
			error "pppd: Unhandled exit code: ${ret}"
			;;
	esac

	return ${ret}
}

function pppd_stop() {
	local interface=${1}
	assert isset interface

	service_stop "pppd@${interface}"
}

function pppd_status() {
	local interface=${1}
	assert isset interface

	service_status "pppd@${interface}"
}

function ppp_common_ip_pre_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	routing_db_from_ppp ${zone} ipv4

	# Request firewall reload
	event_emit firewall-reload

	return ${EXIT_OK}
}

function ppp_common_ip_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	routing_db_set ${zone} ipv4 active 1
	routing_update ${zone} ipv4
	routing_default_update

	# Emit interface-up event
	event_interface_up ${zone}

	return ${EXIT_OK}
}

function ppp_common_ip_down() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Remove the information about this zone from the routing database
	# and update the routing table.
	routing_db_remove ${zone} ipv4
	routing_update ${zone} ipv4
	routing_default_update

	# Save accounting information
	ppp_accounting ${zone}

	# Emit interface-up event
	event_interface_down ${zone}

	return ${EXIT_OK}
}

function ppp_common_ipv6_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Add information about this zone to the routing database.
	routing_db_from_ppp ${zone} ipv6

	routing_db_set ${zone} ipv6 active 1
	routing_update ${zone} ipv6
	routing_default_update

	# Emit interface-up event
	event_interface_up ${zone}

	return ${EXIT_OK}
}

function ppp_common_ipv6_down() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Remove the information about this zone from the routing database
	# and update the routing table.
	routing_db_remove ${zone} ipv6
	routing_update ${zone} ipv6
	routing_default_update

	# Save accounting information
	ppp_accounting ${zone}

	# Emit interface-up event
	event_interface_down ${zone}

	return ${EXIT_OK}
}

function ppp_secret() {
	local USER=${1}
	local SECRET=${2}
	local a
	local secret
	local user

	# Updateing secret file
	> ${PPP_SECRETS}.tmp
	while read user a secret; do
		if [ "'${USER}'" != "${user}" ]; then
			echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
		fi
	done < ${PPP_SECRETS}
	echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
	cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
	rm -f ${PPP_SECRETS}.tmp
}

function ppp_accounting() {
	local zone=${1}
	shift

	db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
		--rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
}

function pppd_exec() {
	log DEBUG "Running pppd with parameters '$@'."

	pppd $@ > /dev/null
}

function pppd_write_config() {
	local file=${1}; shift
	assert isset file

	local auth
	local interface
	local linkname
	local mtu mru
	local plugin plugin_options
	local user

	while [ $# -gt 0 ]; do
		case "${1}" in
			--auth=*)
				auth=$(cli_get_val ${1})
				;;
			# The name of the created ppp interface.
			--interface=*)
				interface=$(cli_get_val ${1})
				;;
			# Maximum Transmission Unit
			--mtu=*)
				mtu=$(cli_get_val ${1})
				;;
			# Maximum Receive Unit
			--mru=*)
				mru=$(cli_get_val ${1})
				;;
			--plugin=*)
				plugin=$(cli_get_val ${1})
				;;
			--plugin-options=*)
				plugin_options=$(cli_get_val ${1})
				;;
			--user=*)
				user=$(cli_get_val ${1})
				;;
			*)
				log WARNING "Unhandled argument: ${1}"
				;;
		esac
		shift
	done

	if [ -z "${interface}" ]; then
		log ERROR "You need to set the interface name: ${interface}"
		return ${EXIT_ERROR}
	fi
	linkname=${interface}

	if isset auth; then
		if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
			log ERROR "Unsupported auth method: ${auth}"
			return ${EXIT_ERROR}
		fi
	fi

	# Write the configuration header.
	mkdir -p $(dirname ${file}) 2>/dev/null
	config_header "PPP daemon configuration file" > ${file}

	# At first, set the name of the link.
	print "name ${linkname}\nlinkname ${linkname}\n" >> ${file}

	# Configure the interface name.
	print "# Interface name\nifname ${interface}\n" >> ${file}

	# Plugin settings
	if isset plugin; then
		(
			print "# Plugin settings"
			print "plugin ${plugin} ${plugin_options}"
			print
		) >> ${file}
	fi

	# User authentication
	if isset user; then
		(
			print "# User authentication"
			print "user ${user}"

			print "noauth"
			if isset auth; then
				print "require-${auth}"
			fi
			print
		) >> ${file}
	fi

	# MTU/MRU settings
	if isset mtu; then
		isset mru || mru=${mtu}

		(
			print "# MTU/MRU settings"
			print "mtu ${mtu}"
			print "mru ${mru}"
			print
		) >> ${file}
	fi

	# Add the default settings.
	(
		print "# Disable the compression"
		print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"

		print "noipdefault updetach debug"
	) >> ${file}

	return ${EXIT_OK}
}
Commit	Line	Data
5b20e43a MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
1848564d	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
5b20e43a MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
97cb552e MT	22	PPP_SUPPORTED_AUTH_METHODS="chap pap"
	23
	24	function pppd_start() {
	25	local interface=${1}
	26	assert isset interface
	27
81d0c0b9 MT	28	# This will block until the connection has been established or
81d0c0b9 MT	29	# pppd exited.
97cb552e	30	service_start "pppd@${interface}"
81d0c0b9 MT	31
	32	# Get the exit code of the ppp daemon and figure out
	33	# how to handle this.
	34	local ret=$(service_get_exitcode "pppd@${interface}")
	35	case "${ret}" in
	36	0)
	37	return ${EXIT_OK}
	38	;;
	39	1)
	40	error "pppd crashed for an unknown reason"
	41	;;
	42	2)
	43	error "pppd: Configuration error"
	44	;;
	45	3)
	46	error "pppd terminated"
	47	;;
	48	19)
	49	error "pppd: Authentication failed"
	50	;;
	51	*)
	52	error "pppd: Unhandled exit code: ${ret}"
	53	;;
	54	esac
	55
	56	return ${ret}
97cb552e MT	57	}
	58
	59	function pppd_stop() {
	60	local interface=${1}
	61	assert isset interface
	62
	63	service_stop "pppd@${interface}"
	64	}
	65
	66	function pppd_status() {
	67	local interface=${1}
	68	assert isset interface
	69
	70	service_status "pppd@${interface}"
	71	}
	72
c7ad7801 MT	73	function ppp_common_ip_pre_up() {
	74	local zone=${1}
	75	shift
	76
	77	if ! zone_exists ${zone}; then
	78	error "Zone '${zone}' does not exist."
	79	return ${EXIT_ERROR}
	80	fi
	81
2c973348	82	routing_db_from_ppp ${zone} ipv4
ff8ec5ef	83
c7ad7801	84	# Request firewall reload
98146c00	85	event_emit firewall-reload
c7ad7801 MT	86
	87	return ${EXIT_OK}
	88	}
	89
	90	function ppp_common_ip_up() {
	91	local zone=${1}
	92	shift
	93
	94	if ! zone_exists ${zone}; then
	95	error "Zone '${zone}' does not exist."
	96	return ${EXIT_ERROR}
	97	fi
	98
2c973348 MT	99	routing_db_set ${zone} ipv4 active 1
2c973348 MT	100	routing_update ${zone} ipv4
f5a771cf	101	routing_default_update
ff8ec5ef	102
c7ad7801 MT	103	# Emit interface-up event
	104	event_interface_up ${zone}
	105
	106	return ${EXIT_OK}
	107	}
	108
	109	function ppp_common_ip_down() {
	110	local zone=${1}
	111	shift
	112
	113	if ! zone_exists ${zone}; then
	114	error "Zone '${zone}' does not exist."
	115	return ${EXIT_ERROR}
	116	fi
	117
201b7dff MT	118	# Remove the information about this zone from the routing database
	119	# and update the routing table.
	120	routing_db_remove ${zone} ipv4
	121	routing_update ${zone} ipv4
f5a771cf	122	routing_default_update
201b7dff MT	123
	124	# Save accounting information
	125	ppp_accounting ${zone}
	126
	127	# Emit interface-up event
	128	event_interface_down ${zone}
	129
	130	return ${EXIT_OK}
	131	}
	132
	133	function ppp_common_ipv6_up() {
	134	local zone=${1}
	135	shift
	136
	137	if ! zone_exists ${zone}; then
	138	error "Zone '${zone}' does not exist."
	139	return ${EXIT_ERROR}
	140	fi
	141
	142	# Add information about this zone to the routing database.
	143	routing_db_from_ppp ${zone} ipv6
	144
	145	routing_db_set ${zone} ipv6 active 1
	146	routing_update ${zone} ipv6
f5a771cf	147	routing_default_update
201b7dff MT	148
	149	# Emit interface-up event
	150	event_interface_up ${zone}
	151
	152	return ${EXIT_OK}
	153	}
	154
	155	function ppp_common_ipv6_down() {
	156	local zone=${1}
	157	shift
	158
	159	if ! zone_exists ${zone}; then
	160	error "Zone '${zone}' does not exist."
	161	return ${EXIT_ERROR}
	162	fi
	163
	164	# Remove the information about this zone from the routing database
	165	# and update the routing table.
	166	routing_db_remove ${zone} ipv6
	167	routing_update ${zone} ipv6
f5a771cf	168	routing_default_update
201b7dff	169
059469a8 MT	170	# Save accounting information
	171	ppp_accounting ${zone}
	172
c7ad7801 MT	173	# Emit interface-up event
	174	event_interface_down ${zone}
	175
	176	return ${EXIT_OK}
	177	}
	178
5b20e43a MT	179	function ppp_secret() {
	180	local USER=${1}
	181	local SECRET=${2}
	182	local a
	183	local secret
	184	local user
	185
	186	# Updateing secret file
	187	> ${PPP_SECRETS}.tmp
	188	while read user a secret; do
	189	if [ "'${USER}'" != "${user}" ]; then
	190	echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
	191	fi
	192	done < ${PPP_SECRETS}
	193	echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
	194	cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
	195	rm -f ${PPP_SECRETS}.tmp
	196	}
	197
059469a8 MT	198	function ppp_accounting() {
	199	local zone=${1}
	200	shift
5b20e43a	201
059469a8 MT	202	db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
059469a8 MT	203	--rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
5b20e43a	204	}
711ffac1 MT	205
711ffac1 MT	206	function pppd_exec() {
711ffac1 MT	207	log DEBUG "Running pppd with parameters '$@'."
	208
	209	pppd $@ > /dev/null
	210	}
97cb552e MT	211
	212	function pppd_write_config() {
	213	local file=${1}; shift
	214	assert isset file
	215
	216	local auth
	217	local interface
	218	local linkname
	219	local mtu mru
	220	local plugin plugin_options
	221	local user
	222
	223	while [ $# -gt 0 ]; do
	224	case "${1}" in
	225	--auth=*)
	226	auth=$(cli_get_val ${1})
	227	;;
	228	# The name of the created ppp interface.
	229	--interface=*)
	230	interface=$(cli_get_val ${1})
	231	;;
	232	# Maximum Transmission Unit
	233	--mtu=*)
	234	mtu=$(cli_get_val ${1})
	235	;;
	236	# Maximum Receive Unit
	237	--mru=*)
	238	mru=$(cli_get_val ${1})
	239	;;
	240	--plugin=*)
	241	plugin=$(cli_get_val ${1})
	242	;;
	243	--plugin-options=*)
	244	plugin_options=$(cli_get_val ${1})
	245	;;
	246	--user=*)
	247	user=$(cli_get_val ${1})
	248	;;
	249	*)
	250	log WARNING "Unhandled argument: ${1}"
	251	;;
	252	esac
	253	shift
	254	done
	255
	256	if [ -z "${interface}" ]; then
	257	log ERROR "You need to set the interface name: ${interface}"
	258	return ${EXIT_ERROR}
	259	fi
	260	linkname=${interface}
	261
	262	if isset auth; then
	263	if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
	264	log ERROR "Unsupported auth method: ${auth}"
	265	return ${EXIT_ERROR}
	266	fi
	267	fi
	268
	269	# Write the configuration header.
	270	mkdir -p $(dirname ${file}) 2>/dev/null
	271	config_header "PPP daemon configuration file" > ${file}
	272
	273	# At first, set the name of the link.
	274	print "name ${linkname}\nlinkname ${linkname}\n" >> ${file}
275
276	# Configure the interface name.
277	print "# Interface name\nifname ${interface}\n" >> ${file}
278
279	# Plugin settings
280	if isset plugin; then
281	(
282	print "# Plugin settings"
283	print "plugin ${plugin} ${plugin_options}"
284	print
285	) >> ${file}
286	fi
287
288	# User authentication
289	if isset user; then
290	(
291	print "# User authentication"
292	print "user ${user}"
293
294	print "noauth"
295	if isset auth; then
296	print "require-${auth}"
297	fi
298	print
299	) >> ${file}
300	fi
301
302	# MTU/MRU settings
303	if isset mtu; then
304	isset mru \|\| mru=${mtu}
305
306	(
307	print "# MTU/MRU settings"
308	print "mtu ${mtu}"
309	print "mru ${mru}"
310	print
311	) >> ${file}
312	fi
313
314	# Add the default settings.
315	(
316	print "# Disable the compression"
317	print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"
318
81d0c0b9	319	print "noipdefault updetach debug"
97cb552e MT	320	) >> ${file}
	321
	322	return ${EXIT_OK}
	323	}