]>
Commit | Line | Data |
---|---|---|
5b20e43a MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
1848564d | 5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # |
5b20e43a MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
97cb552e MT |
22 | PPP_SUPPORTED_AUTH_METHODS="chap pap" |
23 | ||
24 | function pppd_start() { | |
25 | local interface=${1} | |
26 | assert isset interface | |
27 | ||
81d0c0b9 MT |
28 | # This will block until the connection has been established or |
29 | # pppd exited. | |
97cb552e | 30 | service_start "pppd@${interface}" |
81d0c0b9 MT |
31 | |
32 | # Get the exit code of the ppp daemon and figure out | |
33 | # how to handle this. | |
34 | local ret=$(service_get_exitcode "pppd@${interface}") | |
35 | case "${ret}" in | |
36 | 0) | |
37 | return ${EXIT_OK} | |
38 | ;; | |
39 | 1) | |
40 | error "pppd crashed for an unknown reason" | |
41 | ;; | |
42 | 2) | |
43 | error "pppd: Configuration error" | |
44 | ;; | |
45 | 3) | |
46 | error "pppd terminated" | |
47 | ;; | |
48 | 19) | |
49 | error "pppd: Authentication failed" | |
50 | ;; | |
51 | *) | |
52 | error "pppd: Unhandled exit code: ${ret}" | |
53 | ;; | |
54 | esac | |
55 | ||
56 | return ${ret} | |
97cb552e MT |
57 | } |
58 | ||
59 | function pppd_stop() { | |
60 | local interface=${1} | |
61 | assert isset interface | |
62 | ||
63 | service_stop "pppd@${interface}" | |
64 | } | |
65 | ||
66 | function pppd_status() { | |
67 | local interface=${1} | |
68 | assert isset interface | |
69 | ||
70 | service_status "pppd@${interface}" | |
71 | } | |
72 | ||
c7ad7801 MT |
73 | function ppp_common_ip_pre_up() { |
74 | local zone=${1} | |
75 | shift | |
76 | ||
77 | if ! zone_exists ${zone}; then | |
78 | error "Zone '${zone}' does not exist." | |
79 | return ${EXIT_ERROR} | |
80 | fi | |
81 | ||
2c973348 | 82 | routing_db_from_ppp ${zone} ipv4 |
ff8ec5ef | 83 | |
c7ad7801 | 84 | # Request firewall reload |
98146c00 | 85 | event_emit firewall-reload |
c7ad7801 MT |
86 | |
87 | return ${EXIT_OK} | |
88 | } | |
89 | ||
90 | function ppp_common_ip_up() { | |
91 | local zone=${1} | |
92 | shift | |
93 | ||
94 | if ! zone_exists ${zone}; then | |
95 | error "Zone '${zone}' does not exist." | |
96 | return ${EXIT_ERROR} | |
97 | fi | |
98 | ||
2c973348 MT |
99 | routing_db_set ${zone} ipv4 active 1 |
100 | routing_update ${zone} ipv4 | |
ff8ec5ef | 101 | |
c7ad7801 MT |
102 | # Emit interface-up event |
103 | event_interface_up ${zone} | |
104 | ||
105 | return ${EXIT_OK} | |
106 | } | |
107 | ||
108 | function ppp_common_ip_down() { | |
109 | local zone=${1} | |
110 | shift | |
111 | ||
112 | if ! zone_exists ${zone}; then | |
113 | error "Zone '${zone}' does not exist." | |
114 | return ${EXIT_ERROR} | |
115 | fi | |
116 | ||
201b7dff MT |
117 | # Remove the information about this zone from the routing database |
118 | # and update the routing table. | |
119 | routing_db_remove ${zone} ipv4 | |
120 | routing_update ${zone} ipv4 | |
121 | ||
122 | # Save accounting information | |
123 | ppp_accounting ${zone} | |
124 | ||
125 | # Emit interface-up event | |
126 | event_interface_down ${zone} | |
127 | ||
128 | return ${EXIT_OK} | |
129 | } | |
130 | ||
131 | function ppp_common_ipv6_up() { | |
132 | local zone=${1} | |
133 | shift | |
134 | ||
135 | if ! zone_exists ${zone}; then | |
136 | error "Zone '${zone}' does not exist." | |
137 | return ${EXIT_ERROR} | |
138 | fi | |
139 | ||
140 | # Add information about this zone to the routing database. | |
141 | routing_db_from_ppp ${zone} ipv6 | |
142 | ||
143 | routing_db_set ${zone} ipv6 active 1 | |
144 | routing_update ${zone} ipv6 | |
145 | ||
146 | # Emit interface-up event | |
147 | event_interface_up ${zone} | |
148 | ||
149 | return ${EXIT_OK} | |
150 | } | |
151 | ||
152 | function ppp_common_ipv6_down() { | |
153 | local zone=${1} | |
154 | shift | |
155 | ||
156 | if ! zone_exists ${zone}; then | |
157 | error "Zone '${zone}' does not exist." | |
158 | return ${EXIT_ERROR} | |
159 | fi | |
160 | ||
161 | # Remove the information about this zone from the routing database | |
162 | # and update the routing table. | |
163 | routing_db_remove ${zone} ipv6 | |
164 | routing_update ${zone} ipv6 | |
165 | ||
059469a8 MT |
166 | # Save accounting information |
167 | ppp_accounting ${zone} | |
168 | ||
c7ad7801 MT |
169 | # Emit interface-up event |
170 | event_interface_down ${zone} | |
171 | ||
172 | return ${EXIT_OK} | |
173 | } | |
174 | ||
5b20e43a MT |
175 | function ppp_secret() { |
176 | local USER=${1} | |
177 | local SECRET=${2} | |
178 | local a | |
179 | local secret | |
180 | local user | |
181 | ||
182 | # Updateing secret file | |
183 | > ${PPP_SECRETS}.tmp | |
184 | while read user a secret; do | |
185 | if [ "'${USER}'" != "${user}" ]; then | |
186 | echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp | |
187 | fi | |
188 | done < ${PPP_SECRETS} | |
189 | echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp | |
190 | cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS} | |
191 | rm -f ${PPP_SECRETS}.tmp | |
192 | } | |
193 | ||
059469a8 MT |
194 | function ppp_accounting() { |
195 | local zone=${1} | |
196 | shift | |
5b20e43a | 197 | |
059469a8 MT |
198 | db_ppp_update ${zone} --duration="${CONNECT_TIME}" \ |
199 | --rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}" | |
5b20e43a | 200 | } |
711ffac1 MT |
201 | |
202 | function pppd_exec() { | |
711ffac1 MT |
203 | log DEBUG "Running pppd with parameters '$@'." |
204 | ||
205 | pppd $@ > /dev/null | |
206 | } | |
97cb552e MT |
207 | |
208 | function pppd_write_config() { | |
209 | local file=${1}; shift | |
210 | assert isset file | |
211 | ||
212 | local auth | |
213 | local interface | |
214 | local linkname | |
215 | local mtu mru | |
216 | local plugin plugin_options | |
217 | local user | |
218 | ||
219 | while [ $# -gt 0 ]; do | |
220 | case "${1}" in | |
221 | --auth=*) | |
222 | auth=$(cli_get_val ${1}) | |
223 | ;; | |
224 | # The name of the created ppp interface. | |
225 | --interface=*) | |
226 | interface=$(cli_get_val ${1}) | |
227 | ;; | |
228 | # Maximum Transmission Unit | |
229 | --mtu=*) | |
230 | mtu=$(cli_get_val ${1}) | |
231 | ;; | |
232 | # Maximum Receive Unit | |
233 | --mru=*) | |
234 | mru=$(cli_get_val ${1}) | |
235 | ;; | |
236 | --plugin=*) | |
237 | plugin=$(cli_get_val ${1}) | |
238 | ;; | |
239 | --plugin-options=*) | |
240 | plugin_options=$(cli_get_val ${1}) | |
241 | ;; | |
242 | --user=*) | |
243 | user=$(cli_get_val ${1}) | |
244 | ;; | |
245 | *) | |
246 | log WARNING "Unhandled argument: ${1}" | |
247 | ;; | |
248 | esac | |
249 | shift | |
250 | done | |
251 | ||
252 | if [ -z "${interface}" ]; then | |
253 | log ERROR "You need to set the interface name: ${interface}" | |
254 | return ${EXIT_ERROR} | |
255 | fi | |
256 | linkname=${interface} | |
257 | ||
258 | if isset auth; then | |
259 | if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then | |
260 | log ERROR "Unsupported auth method: ${auth}" | |
261 | return ${EXIT_ERROR} | |
262 | fi | |
263 | fi | |
264 | ||
265 | # Write the configuration header. | |
266 | mkdir -p $(dirname ${file}) 2>/dev/null | |
267 | config_header "PPP daemon configuration file" > ${file} | |
268 | ||
269 | # At first, set the name of the link. | |
270 | print "name ${linkname}\nlinkname ${linkname}\n" >> ${file} | |
271 | ||
272 | # Configure the interface name. | |
273 | print "# Interface name\nifname ${interface}\n" >> ${file} | |
274 | ||
275 | # Plugin settings | |
276 | if isset plugin; then | |
277 | ( | |
278 | print "# Plugin settings" | |
279 | print "plugin ${plugin} ${plugin_options}" | |
280 | ||
281 | ) >> ${file} | |
282 | fi | |
283 | ||
284 | # User authentication | |
285 | if isset user; then | |
286 | ( | |
287 | print "# User authentication" | |
288 | print "user ${user}" | |
289 | ||
290 | print "noauth" | |
291 | if isset auth; then | |
292 | print "require-${auth}" | |
293 | fi | |
294 | ||
295 | ) >> ${file} | |
296 | fi | |
297 | ||
298 | # MTU/MRU settings | |
299 | if isset mtu; then | |
300 | isset mru || mru=${mtu} | |
301 | ||
302 | ( | |
303 | print "# MTU/MRU settings" | |
304 | print "mtu ${mtu}" | |
305 | print "mru ${mru}" | |
306 | ||
307 | ) >> ${file} | |
308 | fi | |
309 | ||
310 | # Add the default settings. | |
311 | ( | |
312 | print "# Disable the compression" | |
313 | print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe" | |
314 | ||
81d0c0b9 | 315 | print "noipdefault updetach debug" |
97cb552e MT |
316 | ) >> ${file} |
317 | ||
318 | return ${EXIT_OK} | |
319 | } |