]> git.ipfire.org Git - people/stevee/network.git/blob - src/functions/functions.bird
projects / people / stevee / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Do not try to start Bird during boot process
[people/stevee/network.git] / src / functions / functions.bird
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2018 IPFire Network Development Team #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 BIRD_CONF="/etc/bird.conf"
23
24 bird_start() {
25 service_start "bird.service"
26 }
27
28 bird_stop() {
29 service_stop "bird.service"
30 }
31
32 bird_reload() {
33 service_reload "bird.service"
34 }
35
36 # Update configuration any apply it in one go
37 bird_update() {
38 if ! bird_generate_config; then
39 log ERROR "Could not write Bird configuration"
40 return ${EXIT_ERROR}
41 fi
42
43 # Reload bird
44 bird_reload
45 }
46
47 bird_generate_config() {
48 log DEBUG "Write BIRD configuration file"
49
50 # Write header
51 config_header "bird" > ${BIRD_CONF}
52
53 # Write some basic settings
54 local proto
55 (
56 print "# Log everything to syslog"
57 print "log syslog all;"
58 print
59
60 print "# Turn on internal watchdog"
61 print "watchdog warning 5s;"
62 print "watchdog timeout 30s;"
63 print
64
65 print "# Define default route tables"
66 print "ipv6 table master6;"
67 print "ipv4 table master4;"
68
69 print "# Enable device configuration"
70 print "protocol device {}"
71 print
72
73 print "# Export all routes to kernel"
74 for proto in ${IP_SUPPORTED_PROTOCOLS}; do
75 print "protocol kernel {"
76 print " ${proto} {"
77 print " table ${proto/ipv/master};"
78 print " export all;"
79 print " };"
80 print " learn;"
81 print "}"
82 print
83 done
84 ) >> ${BIRD_CONF}
85
86 # Static routes
87 for proto in ${IP_SUPPORTED_PROTOCOLS}; do
88 print "protocol static {"
89 print " ${proto};"
90 print
91
92 # Read routes for this protocol from configuration
93 __bird_static_routes "${proto}"
94
95 print "}"
96 print
97 done >> ${BIRD_CONF}
98
99 # Write IPv6 Router Advertisement configuration
100 __bird_ipv6_radv >> ${BIRD_CONF}
101 }
102
103 __bird_static_routes() {
104 local proto="${1}"
105 assert isset proto
106
107 local ${NETWORK_CONFIG_ROUTES_PARAMS}
108 local line
109 while read line; do
110 route_parse_line "${line}"
111 [ $? -eq ${EXIT_OK} ] || continue
112
113 local type
114 local arg
115 for arg in unreachable prohibit blackhole; do
116 if enabled "${arg}"; then
117 type="${arg}"
118 break
119 fi
120 done
121
122 # Skip all routes of another protocol
123 local _proto="$(ip_detect_protocol "${network}")"
124 if [ "${proto}" != "${_proto}" ]; then
125 continue
126 fi
127
128 case "${type}" in
129 unreachable|prohibit|blackhole)
130 print " route ${network} ${type};"
131 ;;
132
133 *)
134 print " route ${network} via ${gateway};"
135 ;;
136 esac
137 done < ${NETWORK_CONFIG_ROUTES}
138 }
139
140 __bird_ipv6_radv() {
141 print "protocol radv {"
142
143 local zone
144 for zone in $(zones_get_local); do
145 log DEBUG "Writing bird radv configuration for ${zone}"
146
147 # Skip if there is no prefix or prefix is link-local.
148 local addr="$(db_get "${zone}/ipv6/local-ip-address")"
149 if [ -z "${addr}" ] || [ "${addr:0:5}" = "fe80:" ]; then
150 continue
151 fi
152
153 # Check if the subnet is configured by the DHCP server.
154 local dhcp="false"
155 local prefix="$(ipv6_get_network "${addr}")"
156 if isset prefix && dhcpd_subnet_match ipv6 "${prefix}"; then
157 dhcp="true"
158 fi
159
160 print " interface \"${zone}\" {"
161 # Failover to other routers within 10s
162 print " max ra interval 10;"
163
164 # Tell clients we are running DHCP
165 if enabled dhcp; then
166 print " managed yes;"
167 print " other config yes;"
168 fi
169
170 if device_exists "${zone}"; then
171 # Announce link MTU
172 local mtu="$(device_get_mtu "${zone}")"
173 print " link mtu ${mtu};"
174 fi
175
176 print # empty line
177
178 # Announce all prefixes
179 print " prefix ::/0 {"
180
181 if enabled dhcp; then
182 print " autonomous off;"
183 fi
184
185 print " };"
186 print " };\n"
187 done
188
189 # Advertise any DNS servers
190 if enabled DNS_ADVERTISE_SERVERS; then
191 # Get a list of all IPv6 name servers
192 local servers=()
193 local server
194 for server in $(dns_server_list_sorted); do
195 # Skip any non-IPv6 servers
196 ipv6_is_valid "${server}" || continue
197
198 servers+=( "${server}" )
199 done
200
201 if isset servers; then
202 print " rdnss {"
203
204 local server
205 for server in ${servers}; do
206 print " ns ${server};"
207 done
208
209 print " };"
210 fi
211 fi
212
213 # DNS Search Domain
214 print " dnssl {"
215
216 local domain
217 for domain in $(dns_get_search_domains); do
218 print " domain \"${domain}\";"
219 done
220
221 print " };"
222
223 print "}\n"
224 }
Stevee's network tree.