[people/ms/network.git] / functions.ip

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

# A list of supported versions of the IP protocol
IP_SUPPORTED_PROTOCOLS=""

function ip_split_prefix() {
	local address=${1}

	assert isset address

	echo "${address%%/*}"
}

function ip_get_prefix() {
	local address=${1}

	assert isset address

	# Break if no prefix is provided
	[[ ${address} =~ \/ ]] || return ${EXIT_OK}

	echo "${address##*/}"
}

function ip_detect_protocol() {
	local address=${1}

	assert isset address

	local protocol
	for protocol in ${IP_SUPPORTED_PROTOCOLS}; do
		if ${protocol}_is_valid ${address}; then
			log DEBUG "Address '${address}' was detected to be protocol '${protocol}'."
			echo "${protocol}"
			return ${EXIT_OK}
		fi
	done

	log DEBUG "Protocol version of address '${address}' could not be detected."

	return ${EXIT_ERROR}
}

function ip_protocol_is_supported() {
	local proto=${1}

	assert isset proto

	listmatch ${proto} ${IP_SUPPORTED_PROTOCOLS}
}

function ip_address_add() {
	local device=${1}
	local address=${2}

	assert isset address
	assert device_exists ${device}

	local prefix=$(ip_get_prefix ${address})
	address=$(ip_split_prefix ${address})

	assert isset prefix

	# Detect the protocol version
	local protocol=$(ip_detect_protocol ${address}/${prefix})
	assert ip_protocol_is_supported ${protocol}

	case "${protocol}" in
		ipv4)
			if ipv4_detect_duplicate ${device} ${address}; then
				error_log "Duplicate address detected on zone '${device}' (${address})."
				error_log "Cannot continue."
				return ${EXIT_ERROR}
			fi
			;;
	esac

	if ! device_has_ip ${device} ${address}/${prefix}; then
		assert ip addr add ${address}/${prefix} dev ${device}

		log DEBUG "IP address '${address}' (${protocol}) was successfully configured on device '${device}'."

		case "${protocol}" in
			ipv4)
				# Announce our new address to the neighbours
				ipv4_update_neighbours ${device} ${address}
				;;
		esac
	else
		log DEBUG "IP address '${address}' (${protocol}) was already configured on device '${device}'."
	fi

	return ${EXIT_OK}
}

function ip_address_del() {
	local device=${1}
	local address=${2}

	assert isset address
	assert device_exists ${device}

	local prefix=$(ip_get_prefix ${address})
	address=$(ip_split_prefix ${address})

	assert isset prefix

	# Detect the protocol version
	local protocol=$(ip_detect_protocol ${address}/${prefix})
	assert ip_protocol_is_supported ${protocol}

	if device_has_ip ${device} ${address}/${prefix}; then
		assert ip addr del ${address}/${prefix} dev ${device}

		log DEBUG "IP address '${address}' (${protocol}) was successfully removed from device '${device}'."
	else
		log DEBUG "IP address '${address}' (${protocol}) was not configured on device '${device}'."
	fi

	return ${EXIT_OK}
}
Commit	Line	Data
2b5c311d MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
e617226b MT	22	# A list of supported versions of the IP protocol
	23	IP_SUPPORTED_PROTOCOLS=""
	24
2b5c311d MT	25	function ip_split_prefix() {
	26	local address=${1}
	27
	28	assert isset address
	29
	30	echo "${address%%/*}"
	31	}
	32
	33	function ip_get_prefix() {
	34	local address=${1}
	35
	36	assert isset address
	37
38f61548 MT	38	# Break if no prefix is provided
	39	[[ ${address} =~ \/ ]] \|\| return ${EXIT_OK}
	40
2b5c311d MT	41	echo "${address##*/}"
	42	}
	43
	44	function ip_detect_protocol() {
	45	local address=${1}
	46
	47	assert isset address
	48
	49	local protocol
e617226b	50	for protocol in ${IP_SUPPORTED_PROTOCOLS}; do
2b5c311d	51	if ${protocol}_is_valid ${address}; then
38f61548	52	log DEBUG "Address '${address}' was detected to be protocol '${protocol}'."
2b5c311d MT	53	echo "${protocol}"
	54	return ${EXIT_OK}
	55	fi
	56	done
	57
38f61548 MT	58	log DEBUG "Protocol version of address '${address}' could not be detected."
38f61548 MT	59
2b5c311d MT	60	return ${EXIT_ERROR}
2b5c311d MT	61	}
e617226b MT	62
	63	function ip_protocol_is_supported() {
	64	local proto=${1}
	65
	66	assert isset proto
	67
	68	listmatch ${proto} ${IP_SUPPORTED_PROTOCOLS}
	69	}
38f61548 MT	70
	71	function ip_address_add() {
	72	local device=${1}
	73	local address=${2}
	74
	75	assert isset address
	76	assert device_exists ${device}
	77
	78	local prefix=$(ip_get_prefix ${address})
	79	address=$(ip_split_prefix ${address})
	80
	81	assert isset prefix
	82
	83	# Detect the protocol version
	84	local protocol=$(ip_detect_protocol ${address}/${prefix})
	85	assert ip_protocol_is_supported ${protocol}
	86
	87	case "${protocol}" in
	88	ipv4)
	89	if ipv4_detect_duplicate ${device} ${address}; then
	90	error_log "Duplicate address detected on zone '${device}' (${address})."
	91	error_log "Cannot continue."
	92	return ${EXIT_ERROR}
	93	fi
	94	;;
	95	esac
	96
	97	if ! device_has_ip ${device} ${address}/${prefix}; then
	98	assert ip addr add ${address}/${prefix} dev ${device}
	99
	100	log DEBUG "IP address '${address}' (${protocol}) was successfully configured on device '${device}'."
	101
	102	case "${protocol}" in
	103	ipv4)
	104	# Announce our new address to the neighbours
	105	ipv4_update_neighbours ${device} ${address}
	106	;;
	107	esac
	108	else
	109	log DEBUG "IP address '${address}' (${protocol}) was already configured on device '${device}'."
	110	fi
	111
	112	return ${EXIT_OK}
	113	}
	114
	115	function ip_address_del() {
	116	local device=${1}
	117	local address=${2}
	118
	119	assert isset address
	120	assert device_exists ${device}
	121
	122	local prefix=$(ip_get_prefix ${address})
	123	address=$(ip_split_prefix ${address})
	124
	125	assert isset prefix
	126
	127	# Detect the protocol version
	128	local protocol=$(ip_detect_protocol ${address}/${prefix})
	129	assert ip_protocol_is_supported ${protocol}
	130
	131	if device_has_ip ${device} ${address}/${prefix}; then
	132	assert ip addr del ${address}/${prefix} dev ${device}
	133
134	log DEBUG "IP address '${address}' (${protocol}) was successfully removed from device '${device}'."
135	else
136	log DEBUG "IP address '${address}' (${protocol}) was not configured on device '${device}'."
137	fi
138
139	return ${EXIT_OK}
140	}