]>
Commit | Line | Data |
---|---|---|
7649cf73 SS |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2013 IPFire Network Development Team # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | . /usr/lib/network/header-zone | |
23 | ||
24 | HOOK_SETTINGS="HOOK AUTH INTERFACE_ADDRESS IPV6 MTU PASSWORD PEER_ADDRESS PORT" | |
25 | HOOK_SETTINGS="${HOOK_SETTINGS} PREFIX PREFIX_DELEGATION REFUSED_AUTH_METHODS" | |
26 | HOOK_SETTINGS="${HOOK_SETTINGS} USERNAME USE_DHCP" | |
27 | ||
28 | # User credentials for the dialin. | |
29 | USERNAME="" | |
30 | PASSWORD="" | |
31 | ||
32 | # The physical ethernet port the modem is connected to. | |
33 | PORT="" | |
34 | ||
35 | # The IPv4 address of the PPTP server to connect to. | |
36 | PEER_ADDRESS="" | |
37 | ||
38 | # Set the authentication mechanism. | |
39 | AUTH="" | |
40 | ||
41 | # Maximum Transmission Unit. | |
42 | # 1492 is a very common value for that. | |
43 | MTU="1492" | |
44 | ||
45 | # This hook can work with all authentication methods supported by pppd. | |
46 | PPP_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}" | |
47 | ||
48 | # Use DHCP to get a IPv4 Address for the interface. | |
49 | USE_DHCP="false" | |
50 | ||
51 | # Request an IPv6 address. | |
52 | IPV6="true" | |
53 | ||
54 | # Use IPv6 prefix delegation. | |
55 | PREFIX_DELEGATION="false" | |
56 | ||
57 | # A list of refused authentification methods. | |
58 | REFUSED_AUTH_METHODS="" | |
59 | ||
1e6f187e | 60 | function hook_check_settings() { |
7649cf73 SS |
61 | assert isset USERNAME |
62 | assert isset PASSWORD | |
63 | assert isset PEER_ADDRESS | |
64 | assert isset IPV6 | |
65 | assert isset PREFIX_DELEGATION | |
66 | ||
67 | # Check for valid port and IP settings. | |
68 | if isset PORT; then | |
69 | assert isset DHCP | |
70 | ||
71 | # Check if port exists. | |
72 | assert port_exists ${PORT} | |
73 | ||
74 | # Check for valid interface address. | |
75 | assert isset INTERFACE_ADDRESS | |
76 | ||
77 | if ! ipv4_is_valid "${INTERFACE_ADDRESS}"; then | |
78 | log ERROR "Invalid interface address. Please use a valid IPv4 address." | |
79 | return ${EXIT_ERROR} | |
80 | fi | |
81 | ||
82 | # Check for a valid network prefix. | |
83 | assert isinteger PREFIX | |
84 | ||
85 | if [ ${PREFIX} -gt 30 ]; then | |
86 | error "PREFIX is greater than 30." | |
87 | exit ${EXIT_ERROR} | |
88 | fi | |
e9df08ad | 89 | fi |
7649cf73 SS |
90 | |
91 | # Check if the peer-address is valid. | |
92 | if ! ipv4_is_valid "${PEER_ADDRESS}"; then | |
93 | log ERROR "Invalid peer-address. Please use a valid IPv4 address." | |
94 | return ${EXIT_ERROR} | |
95 | fi | |
96 | ||
97 | # Check if a supported AUTH Mechanism has been given. | |
98 | isset AUTH && assert isoneof AUTH ${PPP_SUPPORTED_AUTH_METHODS} | |
99 | } | |
100 | ||
101 | function hook_parse_cmdline() { | |
102 | while [ $# -gt 0 ]; do | |
103 | case "${1}" in | |
104 | --auth=*) | |
105 | AUTH="$(cli_get_val ${1})" | |
106 | ;; | |
107 | --interface-address=*) | |
108 | INTERFACE_ADDRESS="$(cli_get_val ${1})" | |
109 | ;; | |
110 | --ipv6=*) | |
111 | local value="$(cli_get_val "${1}")" | |
112 | ||
113 | if enabled value; then | |
114 | IPV6="true" | |
115 | else | |
116 | IPV6="false" | |
117 | fi | |
118 | ;; | |
119 | --mtu=*) | |
120 | MTU="$(cli_get_val ${1})" | |
121 | ;; | |
122 | --password=*) | |
123 | PASSWORD="$(cli_get_val ${1})" | |
124 | ;; | |
125 | --peer-address=*) | |
126 | PEER_ADDRESS="$(cli_get_val ${1})" | |
127 | ;; | |
128 | --port=*) | |
129 | PORT="$(cli_get_val ${1})" | |
130 | ;; | |
131 | --prefix=*) | |
132 | PREFIX="$(cli_get_val ${1})" | |
133 | ;; | |
134 | --prefix-delegation=*) | |
135 | local value="$(cli_get_val "${1}")" | |
136 | ||
137 | if enabled value; then | |
138 | PREFIX_DELEGATION="true" | |
139 | else | |
140 | PREFIX_DELEGATION="false" | |
141 | fi | |
142 | ;; | |
143 | --refuse-auth-methods=*) | |
144 | REFUSED_AUTH_METHODS="$(cli_get_val ${1})" | |
145 | ;; | |
146 | --username=*) | |
147 | USERNAME="$(cli_get_val ${1})" | |
148 | ;; | |
149 | --use-dhcp=*) | |
150 | local value="$(cli_get_val "${1}")" | |
151 | ||
152 | if enabled value; then | |
153 | USE_DHCP="true" | |
154 | else | |
155 | USE_DHCP="false" | |
156 | fi | |
157 | ;; | |
158 | *) | |
159 | warning "Unknown argument: ${1}" >&2 | |
160 | ;; | |
161 | esac | |
162 | shift | |
163 | done | |
164 | } | |
165 | ||
166 | function hook_up() { | |
167 | local zone="${1}" | |
168 | assert isset zone | |
169 | ||
1e6f187e | 170 | zone_settings_read "${zone}" |
7649cf73 SS |
171 | |
172 | # Check if a port will be used. | |
173 | if isset PORT; then | |
7649cf73 SS |
174 | # Bring up the port. |
175 | log DEBUG "Bringing up port '${PORT}'." | |
176 | port_up "${PORT}" | |
177 | ||
178 | # Check if DHCP will be used, or a static IP has been configured. | |
179 | if enabled USE_DHCP; then | |
180 | # Start dhclient for IPv4 on this zone. | |
181 | dhclient_start "${PORT}" "ipv4" | |
182 | else | |
183 | # Add ip address and network prefix. | |
184 | ip_address_add "${PORT}" "${INTERFACE_ADDRESS}"/"${PREFIX}" | |
185 | fi | |
186 | fi | |
187 | ||
188 | # Start the ppp daemon. | |
189 | pppd_start "${zone}" | |
190 | ||
191 | exit ${EXIT_OK} | |
192 | } | |
193 | ||
194 | function hook_down() { | |
195 | local zone="${1}" | |
196 | assert isset zone | |
197 | ||
1e6f187e | 198 | zone_settings_read "${zone}" |
7649cf73 SS |
199 | |
200 | # Stop the ppp daemon. | |
201 | pppd_stop "${zone}" | |
202 | ||
7649cf73 SS |
203 | # Check if a port has been used. |
204 | if isset PORT; then | |
7649cf73 SS |
205 | # Stop DHCP-Client or remove static IP address. |
206 | if enabled USE_DHCP; then | |
207 | # Stop dhclient for IPv4 on this zone. | |
208 | dhclient_stop "${PORT}" "ipv4" | |
209 | else | |
210 | # Remove address from interface. | |
211 | ip_address_del "${PORT}" "${INTERFACE_ADDRESS}"/"${PREFIX}" | |
212 | fi | |
213 | ||
214 | # Bring down the port. | |
215 | log DEBUG "Bringing down port '${PORT}'." | |
216 | port_down "${PORT}" | |
217 | fi | |
218 | ||
219 | exit ${EXIT_OK} | |
220 | } | |
221 | ||
222 | function hook_status() { | |
223 | local zone="${1}" | |
224 | assert isset zone | |
225 | ||
226 | cli_device_headline "${zone}" | |
227 | ||
1e6f187e | 228 | zone_settings_read "${zone}" |
7649cf73 SS |
229 | |
230 | # Display port configuration if a port is used. | |
231 | if isset PORT; then | |
232 | cli_headline 2 "Configuration" | |
233 | cli_print_fmt1 2 "IP Address" "${INTERFACE_ADDRESS}"/"${PREFIX}" | |
234 | cli_print_fmt1 2 "Peer Address" "${PEER_ADDRESS}" | |
235 | cli_print_fmt1 2 "Port" "${PORT}" | |
236 | cli_space | |
237 | fi | |
238 | ||
239 | cli_headline 2 "Dialin Information" | |
240 | cli_print_fmt1 2 "Username" "${USERNAME}" | |
241 | cli_print_fmt1 2 "Password" "<hidden>" | |
242 | cli_space | |
243 | ||
244 | # Exit if zone is down | |
245 | if ! zone_is_up ${zone}; then | |
246 | echo # Empty line | |
247 | exit ${EXIT_ERROR} | |
248 | fi | |
249 | ||
250 | cli_headline 2 "Point-to-Point-Tunneling protocol" | |
251 | local proto | |
252 | for proto in ${IP_SUPPORTED_PROTOCOLS}; do | |
253 | routing_db_exists ${zone} ${proto} || continue | |
254 | ||
255 | local headline | |
256 | case "${proto}" in | |
257 | ipv6) | |
258 | headline="Internet Protocol Version 6" | |
259 | ;; | |
260 | ipv4) | |
261 | headline="Internet Protocol Version 4" | |
262 | ;; | |
263 | *) | |
264 | headline="Unkown protocol" | |
265 | ;; | |
266 | esac | |
267 | cli_headline 3 "${headline}" | |
268 | ||
269 | cli_print_fmt1 3 "IP address" "$(routing_db_get "${zone}" "${proto}" "local-ip-address")" | |
270 | cli_print_fmt1 3 "Gateway" "$(routing_db_get "${zone}" "${proto}" "remote-ip-address")" | |
271 | cli_print_fmt1 3 "DNS servers" "$(routing_db_get "${zone}" "${proto}" "dns")" | |
272 | cli_space | |
273 | done | |
274 | ||
275 | exit ${EXIT_OK} | |
276 | } | |
277 | ||
278 | function hook_ppp_write_config() { | |
279 | local zone="${1}" | |
280 | assert isset zone | |
281 | ||
282 | local file="${2}" | |
283 | assert isset file | |
284 | ||
285 | # Read in the configuration files. | |
1e6f187e | 286 | zone_settings_read "${zone}" |
7649cf73 SS |
287 | |
288 | # Prepare the command line options for the pptp plugin. | |
289 | local pptp_commandline="pptp ${PEER_ADDRESS} --nolaunchpppd" | |
290 | ||
291 | pppd_write_config ${file} \ | |
292 | --interface="${zone}" \ | |
293 | --username="${USERNAME}" \ | |
294 | --password="${PASSWORD}" \ | |
295 | --mtu="${MTU}" \ | |
296 | --auth="${AUTH}" \ | |
297 | --pty="${pptp_commandline}" \ | |
298 | --ipv6="${IPV6}" \ | |
299 | --refuse="${REFUSED_AUTH_METHODS}" | |
300 | ||
301 | exit ${EXIT_OK} | |
302 | } |