]>
Commit | Line | Data |
---|---|---|
d76f5107 MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
8ee92277 | 22 | . /usr/lib/network/header-port |
d76f5107 | 23 | |
54bae947 MT |
24 | HOOK_PORT_PATTERN="${PORT_PATTERN_ACCESSPOINT}" |
25 | ||
40c95a6b | 26 | HOOK_SETTINGS="ADDRESS BROADCAST_SSID CHANNEL CHANNEL_BANDWIDTH DFS MODE PHY" |
7842c2ce | 27 | HOOK_SETTINGS="${HOOK_SETTINGS} ENCRYPTION ENVIRONMENT KEY SSID" |
34ca3936 | 28 | HOOK_SETTINGS="${HOOK_SETTINGS} MFP" |
d76f5107 MT |
29 | |
30 | ADDRESS=$(mac_generate) | |
31 | BROADCAST_SSID=on | |
1b4aa2ca | 32 | CHANNEL= |
54094fc7 | 33 | CHANNEL_BANDWIDTH= |
25e32463 MT |
34 | ENCRYPTION="" |
35 | KEY="" | |
d76f5107 MT |
36 | SSID= |
37 | ||
7b297fb2 MT |
38 | # Perform radar detection by default when possible |
39 | DFS="on" | |
40 | ||
34ca3936 MT |
41 | # 802.11w - Management Frame Protection |
42 | # Disable by default because many clients cannot connect when enabled | |
43 | MFP="off" | |
44 | ||
7842c2ce MT |
45 | ENVIRONMENT="${WIRELESS_DEFAULT_ENVIRONMENT}" |
46 | ||
1c6a4e30 | 47 | hook_check_settings() { |
d76f5107 MT |
48 | assert isset ADDRESS |
49 | assert ismac ADDRESS | |
50 | assert isset BROADCAST_SSID | |
51 | assert isbool BROADCAST_SSID | |
52 | assert isset CHANNEL | |
7b297fb2 | 53 | assert isbool DFS |
34ca3936 | 54 | assert isbool MFP |
d76f5107 | 55 | assert isset MODE |
6c262922 | 56 | assert isoneof MODE ${HOSTAPD_SUPPORTED_MODES} |
d76f5107 MT |
57 | assert isset PHY |
58 | assert ismac PHY | |
59 | assert isset SSID | |
25e32463 MT |
60 | |
61 | if isset ENCRYPTION; then | |
62 | assert isoneof ENCRYPTION WPA WPA2 WPA/WPA2 | |
63 | ||
64 | assert isset KEY | |
65 | assert [ ${#KEY} -ge 8 ] | |
66 | assert [ ${#KEY} -le 63 ] | |
67 | fi | |
7842c2ce MT |
68 | |
69 | assert wireless_environment_is_valid "${ENVIRONMENT}" | |
d76f5107 MT |
70 | } |
71 | ||
270aab39 | 72 | hook_parse_cmdline() { |
d76f5107 MT |
73 | while [ $# -gt 0 ]; do |
74 | case "${1}" in | |
75 | --broadcast-ssid=*) | |
2212045f | 76 | BROADCAST_SSID=$(cli_get_val "${1}") |
d76f5107 MT |
77 | ;; |
78 | --channel=*) | |
2212045f | 79 | CHANNEL=$(cli_get_val "${1}") |
d76f5107 | 80 | ;; |
54094fc7 MT |
81 | --channel-bandwidth=*) |
82 | CHANNEL_BANDWIDTH="$(cli_get_val "${1}")" | |
83 | ;; | |
7b297fb2 MT |
84 | --dfs=*) |
85 | DFS="$(cli_get_val "${1}")" | |
86 | ||
87 | if enabled DFS; then | |
88 | DFS="on" | |
89 | elif disabled DFS; then | |
90 | DFS="off" | |
91 | else | |
92 | error "Invalid value for DFS: ${DFS}" | |
93 | return ${EXIT_ERROR} | |
94 | fi | |
95 | ;; | |
25e32463 | 96 | --encryption=*) |
2212045f | 97 | ENCRYPTION=$(cli_get_val "${1}") |
25e32463 | 98 | ;; |
7842c2ce MT |
99 | --environment=*) |
100 | ENVIRONMENT="$(cli_get_val "${1}")" | |
101 | ||
102 | if ! wireless_environment_is_valid "${ENVIRONMENT}"; then | |
103 | error "Invalid wireless environment: ${ENVIRONMENT}" | |
104 | return ${EXIT_ERROR} | |
105 | fi | |
106 | ;; | |
25e32463 | 107 | --key=*) |
2212045f | 108 | KEY=$(cli_get_val "${1}") |
25e32463 | 109 | ;; |
d76f5107 | 110 | --mac=*) |
2212045f | 111 | ADDRESS=$(cli_get_val "${1}") |
d76f5107 | 112 | ;; |
34ca3936 MT |
113 | --mfp=*) |
114 | MFP="$(cli_get_val "${1}")" | |
115 | ||
116 | if enabled MFP; then | |
117 | MFP="on" | |
118 | elif disabled MFP; then | |
119 | MFP="off" | |
120 | else | |
121 | error "Invalid value for --mfp: ${MFP}" | |
122 | return ${EXIT_ERROR} | |
123 | fi | |
124 | ;; | |
d76f5107 | 125 | --mode=*) |
2212045f | 126 | MODE=$(cli_get_val "${1}") |
6c262922 MT |
127 | |
128 | if ! isoneof MODE ${HOSTAPD_SUPPORTED_MODES}; then | |
129 | error "Unsupported mode: ${MODE}" | |
130 | error "Mode must be one of ${HOSTAPD_SUPPORTED_MODES}" | |
131 | return ${EXIT_ERROR} | |
132 | fi | |
d76f5107 MT |
133 | ;; |
134 | --phy=*) | |
2212045f | 135 | PHY=$(cli_get_val "${1}") |
d76f5107 MT |
136 | ;; |
137 | --ssid=*) | |
2212045f | 138 | SSID=$(cli_get_val "${1}") |
d76f5107 MT |
139 | ;; |
140 | *) | |
141 | warning "Ignoring unknown argument '${1}'" | |
142 | ;; | |
143 | esac | |
144 | shift | |
145 | done | |
146 | ||
8578e61d MT |
147 | # Generate a random MAC address if none is set |
148 | if ! isset ADDRESS; then | |
149 | ADDRESS="$(mac_generate)" | |
150 | fi | |
151 | ||
6c262922 MT |
152 | # MODE must be set |
153 | if ! isset MODE; then | |
154 | error "--mode is not set" | |
155 | return ${EXIT_ERROR} | |
156 | fi | |
157 | ||
1b4aa2ca MT |
158 | # Automatically enable ACS if no channel is set and ACS is available |
159 | if ! isset CHANNEL && phy_supports_acs "${PHY}"; then | |
160 | CHANNEL="0" | |
161 | ||
162 | log INFO "Automatic Channel Selection (ACS) enabled" | |
163 | fi | |
164 | ||
54094fc7 MT |
165 | # Channel bandwidth must match the mode |
166 | if isset CHANNEL_BANDWIDTH && ! wireless_channel_bandwidth_is_valid "${MODE}" "${CHANNEL_BANDWIDTH}"; then | |
f9e980d9 | 167 | error "Channel Bandwidth '${CHANNEL_BANDWIDTH}' is not supported for ${MODE}" |
54094fc7 MT |
168 | return ${EXIT_ERROR} |
169 | fi | |
170 | ||
d76f5107 MT |
171 | # Save address of phy do identify it again |
172 | PHY=$(phy_get ${PHY}) | |
173 | PHY=$(phy_get_address ${PHY}) | |
270aab39 MT |
174 | } |
175 | ||
1c6a4e30 | 176 | hook_edit() { |
d76f5107 | 177 | local port=${1} |
d76f5107 MT |
178 | assert isset port |
179 | ||
2212045f | 180 | if ! hook_default_edit "$@"; then |
270aab39 MT |
181 | return ${EXIT_ERROR} |
182 | fi | |
d76f5107 | 183 | |
270aab39 MT |
184 | # To apply all changes, we need to restart the port |
185 | port_restart "${port}" | |
d76f5107 MT |
186 | } |
187 | ||
1c6a4e30 | 188 | hook_create() { |
1ba6a2bb | 189 | local port="${1}" |
d76f5107 MT |
190 | assert isset port |
191 | ||
1ba6a2bb MT |
192 | device_exists "${port}" && exit ${EXIT_OK} |
193 | ||
e9df08ad | 194 | port_settings_read "${port}" ${HOOK_SETTINGS} |
d76f5107 | 195 | |
49ec20d8 MT |
196 | # Check if the PHY is present. |
197 | local phy=$(phy_get ${PHY}) | |
198 | if ! isset phy; then | |
199 | log DEBUG "phy '${PHY}' is not present" | |
200 | exit ${EXIT_ERROR} | |
201 | fi | |
202 | ||
1ba6a2bb MT |
203 | # Create the wireless device |
204 | wireless_create "${port}" \ | |
205 | --phy="${phy}" \ | |
206 | --type="ap" \ | |
207 | --address="${ADDRESS}" | |
d76f5107 MT |
208 | |
209 | exit ${EXIT_OK} | |
210 | } | |
211 | ||
1c6a4e30 | 212 | hook_remove() { |
1ba6a2bb | 213 | local port="${1}" |
d76f5107 MT |
214 | assert isset port |
215 | ||
b8026986 MT |
216 | # Remove the device if present |
217 | if device_exists "${port}"; then | |
218 | wireless_remove "${port}" | |
47859d95 | 219 | fi |
d76f5107 MT |
220 | |
221 | exit ${EXIT_OK} | |
222 | } | |
223 | ||
1c6a4e30 | 224 | hook_up() { |
1ba6a2bb MT |
225 | local port="${1}" |
226 | assert isset port | |
227 | ||
228 | # The port must already exist before | |
229 | # hostapd is started. Otherwise it will | |
230 | # fail horribly over and over again. | |
231 | assert device_exists "${port}" | |
232 | ||
233 | hostapd_start "${port}" | |
234 | } | |
235 | ||
1c6a4e30 | 236 | hook_down() { |
1ba6a2bb MT |
237 | local port="${1}" |
238 | assert isset port | |
239 | ||
240 | hostapd_stop "${port}" | |
241 | } | |
242 | ||
1c6a4e30 | 243 | hook_hotplug() { |
b8026986 | 244 | local port="${1}" |
47859d95 | 245 | assert isset port |
49ec20d8 | 246 | |
b8026986 MT |
247 | case "$(hotplug_action)" in |
248 | add) | |
1ba6a2bb MT |
249 | # Create the port when the phy is plugged in |
250 | if hotplug_event_port_uses_phy "${port}"; then | |
251 | hook_create "${port}" | |
b8026986 MT |
252 | fi |
253 | ;; | |
254 | ||
255 | remove) | |
256 | # Stop hostapd | |
257 | if hotplug_event_port_is_interface "${port}"; then | |
258 | hostapd_stop "${port}" | |
b8026986 | 259 | |
1ba6a2bb MT |
260 | exit ${EXIT_OK} |
261 | fi | |
b8026986 MT |
262 | ;; |
263 | esac | |
47859d95 | 264 | |
1ba6a2bb | 265 | exit ${EXIT_NOT_HANDLED} |
47859d95 | 266 | } |