]>
Commit | Line | Data |
---|---|---|
5b20e43a MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
1848564d | 5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # |
5b20e43a MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
97cb552e MT |
22 | PPP_SUPPORTED_AUTH_METHODS="chap pap" |
23 | ||
24 | function pppd_start() { | |
25 | local interface=${1} | |
26 | assert isset interface | |
27 | ||
81d0c0b9 MT |
28 | # This will block until the connection has been established or |
29 | # pppd exited. | |
97cb552e | 30 | service_start "pppd@${interface}" |
81d0c0b9 MT |
31 | |
32 | # Get the exit code of the ppp daemon and figure out | |
33 | # how to handle this. | |
34 | local ret=$(service_get_exitcode "pppd@${interface}") | |
35 | case "${ret}" in | |
36 | 0) | |
37 | return ${EXIT_OK} | |
38 | ;; | |
39 | 1) | |
40 | error "pppd crashed for an unknown reason" | |
41 | ;; | |
42 | 2) | |
43 | error "pppd: Configuration error" | |
44 | ;; | |
45 | 3) | |
46 | error "pppd terminated" | |
47 | ;; | |
48 | 19) | |
49 | error "pppd: Authentication failed" | |
50 | ;; | |
51 | *) | |
52 | error "pppd: Unhandled exit code: ${ret}" | |
53 | ;; | |
54 | esac | |
55 | ||
56 | return ${ret} | |
97cb552e MT |
57 | } |
58 | ||
59 | function pppd_stop() { | |
60 | local interface=${1} | |
61 | assert isset interface | |
62 | ||
63 | service_stop "pppd@${interface}" | |
64 | } | |
65 | ||
66 | function pppd_status() { | |
67 | local interface=${1} | |
68 | assert isset interface | |
69 | ||
70 | service_status "pppd@${interface}" | |
71 | } | |
72 | ||
c7ad7801 MT |
73 | function ppp_common_ip_pre_up() { |
74 | local zone=${1} | |
75 | shift | |
76 | ||
77 | if ! zone_exists ${zone}; then | |
78 | error "Zone '${zone}' does not exist." | |
79 | return ${EXIT_ERROR} | |
80 | fi | |
81 | ||
2c973348 | 82 | routing_db_from_ppp ${zone} ipv4 |
ff8ec5ef | 83 | |
c7ad7801 | 84 | # Request firewall reload |
98146c00 | 85 | event_emit firewall-reload |
c7ad7801 MT |
86 | |
87 | return ${EXIT_OK} | |
88 | } | |
89 | ||
90 | function ppp_common_ip_up() { | |
91 | local zone=${1} | |
92 | shift | |
93 | ||
94 | if ! zone_exists ${zone}; then | |
95 | error "Zone '${zone}' does not exist." | |
96 | return ${EXIT_ERROR} | |
97 | fi | |
98 | ||
2c973348 MT |
99 | routing_db_set ${zone} ipv4 active 1 |
100 | routing_update ${zone} ipv4 | |
f5a771cf | 101 | routing_default_update |
ff8ec5ef | 102 | |
c7ad7801 MT |
103 | # Emit interface-up event |
104 | event_interface_up ${zone} | |
105 | ||
106 | return ${EXIT_OK} | |
107 | } | |
108 | ||
109 | function ppp_common_ip_down() { | |
110 | local zone=${1} | |
111 | shift | |
112 | ||
113 | if ! zone_exists ${zone}; then | |
114 | error "Zone '${zone}' does not exist." | |
115 | return ${EXIT_ERROR} | |
116 | fi | |
117 | ||
201b7dff MT |
118 | # Remove the information about this zone from the routing database |
119 | # and update the routing table. | |
120 | routing_db_remove ${zone} ipv4 | |
121 | routing_update ${zone} ipv4 | |
f5a771cf | 122 | routing_default_update |
201b7dff MT |
123 | |
124 | # Save accounting information | |
125 | ppp_accounting ${zone} | |
126 | ||
127 | # Emit interface-up event | |
128 | event_interface_down ${zone} | |
129 | ||
130 | return ${EXIT_OK} | |
131 | } | |
132 | ||
133 | function ppp_common_ipv6_up() { | |
134 | local zone=${1} | |
135 | shift | |
136 | ||
137 | if ! zone_exists ${zone}; then | |
138 | error "Zone '${zone}' does not exist." | |
139 | return ${EXIT_ERROR} | |
140 | fi | |
141 | ||
142 | # Add information about this zone to the routing database. | |
143 | routing_db_from_ppp ${zone} ipv6 | |
144 | ||
145 | routing_db_set ${zone} ipv6 active 1 | |
146 | routing_update ${zone} ipv6 | |
f5a771cf | 147 | routing_default_update |
201b7dff MT |
148 | |
149 | # Emit interface-up event | |
150 | event_interface_up ${zone} | |
151 | ||
152 | return ${EXIT_OK} | |
153 | } | |
154 | ||
155 | function ppp_common_ipv6_down() { | |
156 | local zone=${1} | |
157 | shift | |
158 | ||
159 | if ! zone_exists ${zone}; then | |
160 | error "Zone '${zone}' does not exist." | |
161 | return ${EXIT_ERROR} | |
162 | fi | |
163 | ||
164 | # Remove the information about this zone from the routing database | |
165 | # and update the routing table. | |
166 | routing_db_remove ${zone} ipv6 | |
167 | routing_update ${zone} ipv6 | |
f5a771cf | 168 | routing_default_update |
201b7dff | 169 | |
059469a8 MT |
170 | # Save accounting information |
171 | ppp_accounting ${zone} | |
172 | ||
c7ad7801 MT |
173 | # Emit interface-up event |
174 | event_interface_down ${zone} | |
175 | ||
176 | return ${EXIT_OK} | |
177 | } | |
178 | ||
5b20e43a MT |
179 | function ppp_secret() { |
180 | local USER=${1} | |
181 | local SECRET=${2} | |
182 | local a | |
183 | local secret | |
184 | local user | |
185 | ||
186 | # Updateing secret file | |
187 | > ${PPP_SECRETS}.tmp | |
188 | while read user a secret; do | |
189 | if [ "'${USER}'" != "${user}" ]; then | |
190 | echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp | |
191 | fi | |
192 | done < ${PPP_SECRETS} | |
193 | echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp | |
194 | cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS} | |
195 | rm -f ${PPP_SECRETS}.tmp | |
196 | } | |
197 | ||
059469a8 MT |
198 | function ppp_accounting() { |
199 | local zone=${1} | |
200 | shift | |
5b20e43a | 201 | |
059469a8 MT |
202 | db_ppp_update ${zone} --duration="${CONNECT_TIME}" \ |
203 | --rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}" | |
5b20e43a | 204 | } |
711ffac1 MT |
205 | |
206 | function pppd_exec() { | |
711ffac1 MT |
207 | log DEBUG "Running pppd with parameters '$@'." |
208 | ||
209 | pppd $@ > /dev/null | |
210 | } | |
97cb552e MT |
211 | |
212 | function pppd_write_config() { | |
213 | local file=${1}; shift | |
214 | assert isset file | |
215 | ||
216 | local auth | |
217 | local interface | |
218 | local linkname | |
219 | local mtu mru | |
220 | local plugin plugin_options | |
221 | local user | |
222 | ||
223 | while [ $# -gt 0 ]; do | |
224 | case "${1}" in | |
225 | --auth=*) | |
226 | auth=$(cli_get_val ${1}) | |
227 | ;; | |
228 | # The name of the created ppp interface. | |
229 | --interface=*) | |
230 | interface=$(cli_get_val ${1}) | |
231 | ;; | |
232 | # Maximum Transmission Unit | |
233 | --mtu=*) | |
234 | mtu=$(cli_get_val ${1}) | |
235 | ;; | |
236 | # Maximum Receive Unit | |
237 | --mru=*) | |
238 | mru=$(cli_get_val ${1}) | |
239 | ;; | |
240 | --plugin=*) | |
241 | plugin=$(cli_get_val ${1}) | |
242 | ;; | |
243 | --plugin-options=*) | |
244 | plugin_options=$(cli_get_val ${1}) | |
245 | ;; | |
246 | --user=*) | |
247 | user=$(cli_get_val ${1}) | |
248 | ;; | |
249 | *) | |
250 | log WARNING "Unhandled argument: ${1}" | |
251 | ;; | |
252 | esac | |
253 | shift | |
254 | done | |
255 | ||
256 | if [ -z "${interface}" ]; then | |
257 | log ERROR "You need to set the interface name: ${interface}" | |
258 | return ${EXIT_ERROR} | |
259 | fi | |
260 | linkname=${interface} | |
261 | ||
262 | if isset auth; then | |
263 | if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then | |
264 | log ERROR "Unsupported auth method: ${auth}" | |
265 | return ${EXIT_ERROR} | |
266 | fi | |
267 | fi | |
268 | ||
269 | # Write the configuration header. | |
270 | mkdir -p $(dirname ${file}) 2>/dev/null | |
271 | config_header "PPP daemon configuration file" > ${file} | |
272 | ||
273 | # At first, set the name of the link. | |
274 | print "name ${linkname}\nlinkname ${linkname}\n" >> ${file} | |
275 | ||
276 | # Configure the interface name. | |
277 | print "# Interface name\nifname ${interface}\n" >> ${file} | |
278 | ||
279 | # Plugin settings | |
280 | if isset plugin; then | |
281 | ( | |
282 | print "# Plugin settings" | |
283 | print "plugin ${plugin} ${plugin_options}" | |
284 | ||
285 | ) >> ${file} | |
286 | fi | |
287 | ||
288 | # User authentication | |
289 | if isset user; then | |
290 | ( | |
291 | print "# User authentication" | |
292 | print "user ${user}" | |
293 | ||
294 | print "noauth" | |
295 | if isset auth; then | |
296 | print "require-${auth}" | |
297 | fi | |
298 | ||
299 | ) >> ${file} | |
300 | fi | |
301 | ||
302 | # MTU/MRU settings | |
303 | if isset mtu; then | |
304 | isset mru || mru=${mtu} | |
305 | ||
306 | ( | |
307 | print "# MTU/MRU settings" | |
308 | print "mtu ${mtu}" | |
309 | print "mru ${mru}" | |
310 | ||
311 | ) >> ${file} | |
312 | fi | |
313 | ||
314 | # Add the default settings. | |
315 | ( | |
316 | print "# Disable the compression" | |
317 | print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe" | |
318 | ||
81d0c0b9 | 319 | print "noipdefault updetach debug" |
97cb552e MT |
320 | ) >> ${file} |
321 | ||
322 | return ${EXIT_OK} | |
323 | } |