projects / people / pmueller / ipfire-2.x.git / blame
| Commit | Line | Data |
|---|---|---|
| 7b616db4 JS |
1 | #!/bin/bash |
| 2 | ############################################################################ | |
| 3 | # # | |
| 4 | # This file is part of the IPFire Firewall. # | |
| 5 | # # | |
| 6 | # IPFire is free software; you can redistribute it and/or modify # | |
| 7 | # it under the terms of the GNU General Public License as published by # | |
| 8 | # the Free Software Foundation; either version 2 of the License, or # | |
| 9 | # (at your option) any later version. # | |
| 10 | # # | |
| 11 | # IPFire is distributed in the hope that it will be useful, # | |
| 12 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
| 13 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
| 14 | # GNU General Public License for more details. # | |
| 15 | # # | |
| 16 | # You should have received a copy of the GNU General Public License # | |
| 17 | # along with IPFire; if not, write to the Free Software # | |
| 18 | # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # | |
| 19 | # # | |
| 20 | # Copyright (C) 2016 IPFire Team <info@ipfire.org> # | |
| 21 | # # | |
| 22 | ############################################################################ | |
| 23 | ||
| 24 | [ -n "${INTERFACE}" ] || exit 2 | |
| 25 | ||
| 4aef53d5 | 26 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) |
| 7b616db4 | 27 | |
| 4aef53d5 | 28 | detect_zone() { |
| 593de24f JS |
29 | local intf="${INTERFACE%?}" |
| 30 | intf="${intf%phys}" | |
| 4aef53d5 JS |
31 | intf="${intf^^}" |
| 32 | ||
| 33 | local zone | |
| 34 | for zone in GREEN BLUE ORANGE RED; do | |
| 35 | # Try to find if INTERFACE is the *phys version of a zone | |
| 36 | if [ "${intf}" = "${zone}" ]; then | |
| 37 | echo "${zone}" | |
| 38 | return 0 | |
| 39 | fi | |
| 40 | ||
| 41 | # Try to find out if this INTERFACE is a slave of a zone | |
| 42 | local slave | |
| 43 | for slave in $(get_value "${zone}_SLAVES"); do | |
| c2336f6b JS |
44 | |
| 45 | #Compare if the mac address matches or if the name matches | |
| 46 | if ([ "$(</sys/class/net/${INTERFACE}/address)" = "${slave}" ] || [ "${INTERFACE}" = "${slave}" ]); then | |
| 4aef53d5 JS |
47 | echo "${zone}" |
| 48 | return 0 | |
| 49 | fi | |
| 50 | done | |
| 51 | done | |
| 52 | ||
| 53 | return 1 | |
| 54 | } | |
| 55 | ||
| 56 | get_value() { | |
| 57 | echo "${!1}" | |
| 58 | } | |
| 59 | ||
| 60 | random_mac_address() { | |
| 61 | local address="02" | |
| 62 | ||
| 63 | for i in $(seq 5); do | |
| 64 | printf -v address "${address}:%02x" "$(( RANDOM % 256 ))" | |
| 65 | done | |
| 66 | ||
| 67 | echo "${address}" | |
| 68 | } | |
| 69 | ||
| 70 | # Try to detect which zone we are operating on | |
| 71 | ZONE=$(detect_zone) | |
| 72 | ||
| 73 | # Cannot proceed if we could not find a zone | |
| 74 | if [ -z "${ZONE}" ]; then | |
| 943eab66 | 75 | logger "Could not find a bridged zone for ${INTERFACE}" |
| 4aef53d5 JS |
76 | exit 0 |
| 77 | fi | |
| 78 | ||
| 79 | # Determine the mode of this zone | |
| 80 | MODE="$(get_value "${ZONE}_MODE")" | |
| 81 | ||
| 82 | # The name of the virtual bridge | |
| 83 | BRIDGE="$(get_value "${ZONE}_DEV")" | |
| f8bf19c9 | 84 | STP="$(get_value "${ZONE}_STP")" |
| 82973fae | 85 | STP_PRIORITY="$(get_value "${ZONE}_STP_PRIORITY")" |
| 4aef53d5 JS |
86 | |
| 87 | case "${MODE}" in | |
| 88 | bridge) | |
| 82973fae | 89 | # We need to check if $STP_PRIORITY has a valid value if not set it |
| 502f6c63 MT |
90 | if [ -z "${STP_PRIORITY}" ]; then |
| 91 | STP_PRIORITY=16384 | |
| 82973fae DW |
92 | fi |
| 93 | ||
| 4aef53d5 JS |
94 | ADDRESS="$(get_value "${ZONE}_MACADDR")" |
| 95 | [ -n "${ADDRESS}" ] || ADDRESS="$(random_mac_address)" | |
| 96 | ||
| 97 | # We need to create the bridge if it doesn't exist, yet | |
| 98 | if [ ! -d "/sys/class/net/${BRIDGE}" ]; then | |
| f8bf19c9 | 99 | ip link add "${BRIDGE}" address "${ADDRESS}" type bridge \ |
| 82973fae | 100 | $([ "${STP}" = "on" ] && echo "stp_state 1 priority ${STP_PRIORITY}" ) |
| 4aef53d5 JS |
101 | #ip link set "${BRIDGE}" up |
| 102 | fi | |
| 103 | ||
| fa4905ad DW |
104 | # Try setting wireless interfaces into master mode |
| 105 | if [ -d "/sys/class/net/${INTERFACE}/phy80211" ]; then | |
| b53d8ae9 MT |
106 | iw dev "${INTERFACE}" set type __ap |
| 107 | fi | |
| 108 | ||
| 4aef53d5 | 109 | # Attach the physical device |
| 943eab66 | 110 | logger "Attach ${INTERFACE} to ${BRIDGE}" |
| 4aef53d5 JS |
111 | ip link set dev "${INTERFACE}" master "${BRIDGE}" |
| 112 | ip link set dev "${INTERFACE}" up | |
| 7b616db4 | 113 | ;; |
| 4aef53d5 JS |
114 | |
| 115 | macvtap) | |
| 116 | ADDRESS="$(</sys/class/net/${INTERFACE}/address)" | |
| 117 | GENERATED_ADDRESS=$(random_mac_address) | |
| 118 | ||
| 119 | ip link add link "${INTERFACE}" "${BRIDGE}" address "${ADDRESS}" type macvlan mode bridge | |
| 120 | ip link set "${INTERFACE}" address "${GENERATED_ADDRESS}" | |
| 121 | ip link set "${INTERFACE}" up | |
| 7b616db4 | 122 | ;; |
| 7b616db4 | 123 | |
| 4aef53d5 JS |
124 | "") |
| 125 | exit 0 | |
| 126 | ;; | |
| 7b616db4 | 127 | |
| 4aef53d5 JS |
128 | *) |
| 129 | logger -t "network" "Unhandled mode '${MODE}' for '${ZONE}' (${INTERFACE})" | |
| 130 | exit 1 | |
| 131 | ;; | |
| 132 | esac |