]>
Commit | Line | Data |
---|---|---|
5b20e43a MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
1848564d | 5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # |
5b20e43a MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
97cb552e MT |
22 | PPP_SUPPORTED_AUTH_METHODS="chap pap" |
23 | ||
24 | function pppd_start() { | |
25 | local interface=${1} | |
26 | assert isset interface | |
27 | ||
81d0c0b9 MT |
28 | # This will block until the connection has been established or |
29 | # pppd exited. | |
1d08b9b3 | 30 | service_start "pppd@${interface}.service" |
81d0c0b9 MT |
31 | |
32 | # Get the exit code of the ppp daemon and figure out | |
33 | # how to handle this. | |
1d08b9b3 | 34 | local ret=$(service_get_exitcode "pppd@${interface}.service") |
81d0c0b9 MT |
35 | case "${ret}" in |
36 | 0) | |
37 | return ${EXIT_OK} | |
38 | ;; | |
39 | 1) | |
40 | error "pppd crashed for an unknown reason" | |
41 | ;; | |
42 | 2) | |
43 | error "pppd: Configuration error" | |
44 | ;; | |
45d5539c | 45 | 5) |
81d0c0b9 MT |
46 | error "pppd terminated" |
47 | ;; | |
6c74a64c MT |
48 | 16) |
49 | error "pppd: Link terminated by modem" | |
50 | ;; | |
81d0c0b9 MT |
51 | 19) |
52 | error "pppd: Authentication failed" | |
53 | ;; | |
54 | *) | |
55 | error "pppd: Unhandled exit code: ${ret}" | |
56 | ;; | |
57 | esac | |
58 | ||
59 | return ${ret} | |
97cb552e MT |
60 | } |
61 | ||
62 | function pppd_stop() { | |
63 | local interface=${1} | |
64 | assert isset interface | |
65 | ||
1d08b9b3 | 66 | service_stop "pppd@${interface}.service" |
97cb552e MT |
67 | } |
68 | ||
69 | function pppd_status() { | |
70 | local interface=${1} | |
71 | assert isset interface | |
72 | ||
1d08b9b3 | 73 | service_status "pppd@${interface}.service" |
97cb552e MT |
74 | } |
75 | ||
c7ad7801 MT |
76 | function ppp_common_ip_pre_up() { |
77 | local zone=${1} | |
78 | shift | |
79 | ||
80 | if ! zone_exists ${zone}; then | |
81 | error "Zone '${zone}' does not exist." | |
82 | return ${EXIT_ERROR} | |
83 | fi | |
84 | ||
2c973348 | 85 | routing_db_from_ppp ${zone} ipv4 |
ff8ec5ef | 86 | |
c7ad7801 MT |
87 | return ${EXIT_OK} |
88 | } | |
89 | ||
2181765d | 90 | function ppp_common_ipv4_up() { |
c7ad7801 MT |
91 | local zone=${1} |
92 | shift | |
93 | ||
94 | if ! zone_exists ${zone}; then | |
95 | error "Zone '${zone}' does not exist." | |
96 | return ${EXIT_ERROR} | |
97 | fi | |
98 | ||
2c973348 MT |
99 | routing_db_set ${zone} ipv4 active 1 |
100 | routing_update ${zone} ipv4 | |
f5a771cf | 101 | routing_default_update |
ff8ec5ef | 102 | |
c7ad7801 MT |
103 | return ${EXIT_OK} |
104 | } | |
105 | ||
2181765d | 106 | function ppp_common_ipv4_down() { |
c7ad7801 MT |
107 | local zone=${1} |
108 | shift | |
109 | ||
110 | if ! zone_exists ${zone}; then | |
111 | error "Zone '${zone}' does not exist." | |
112 | return ${EXIT_ERROR} | |
113 | fi | |
114 | ||
201b7dff MT |
115 | # Remove the information about this zone from the routing database |
116 | # and update the routing table. | |
117 | routing_db_remove ${zone} ipv4 | |
118 | routing_update ${zone} ipv4 | |
f5a771cf | 119 | routing_default_update |
201b7dff MT |
120 | |
121 | # Save accounting information | |
122 | ppp_accounting ${zone} | |
123 | ||
201b7dff MT |
124 | return ${EXIT_OK} |
125 | } | |
126 | ||
127 | function ppp_common_ipv6_up() { | |
128 | local zone=${1} | |
129 | shift | |
130 | ||
131 | if ! zone_exists ${zone}; then | |
132 | error "Zone '${zone}' does not exist." | |
133 | return ${EXIT_ERROR} | |
134 | fi | |
135 | ||
136 | # Add information about this zone to the routing database. | |
137 | routing_db_from_ppp ${zone} ipv6 | |
138 | ||
139 | routing_db_set ${zone} ipv6 active 1 | |
140 | routing_update ${zone} ipv6 | |
f5a771cf | 141 | routing_default_update |
201b7dff | 142 | |
201b7dff MT |
143 | return ${EXIT_OK} |
144 | } | |
145 | ||
146 | function ppp_common_ipv6_down() { | |
147 | local zone=${1} | |
148 | shift | |
149 | ||
150 | if ! zone_exists ${zone}; then | |
151 | error "Zone '${zone}' does not exist." | |
152 | return ${EXIT_ERROR} | |
153 | fi | |
154 | ||
155 | # Remove the information about this zone from the routing database | |
156 | # and update the routing table. | |
157 | routing_db_remove ${zone} ipv6 | |
158 | routing_update ${zone} ipv6 | |
f5a771cf | 159 | routing_default_update |
201b7dff | 160 | |
059469a8 MT |
161 | # Save accounting information |
162 | ppp_accounting ${zone} | |
163 | ||
c7ad7801 MT |
164 | return ${EXIT_OK} |
165 | } | |
166 | ||
5b20e43a MT |
167 | function ppp_secret() { |
168 | local USER=${1} | |
169 | local SECRET=${2} | |
170 | local a | |
171 | local secret | |
172 | local user | |
173 | ||
174 | # Updateing secret file | |
175 | > ${PPP_SECRETS}.tmp | |
176 | while read user a secret; do | |
177 | if [ "'${USER}'" != "${user}" ]; then | |
178 | echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp | |
179 | fi | |
180 | done < ${PPP_SECRETS} | |
181 | echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp | |
182 | cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS} | |
183 | rm -f ${PPP_SECRETS}.tmp | |
184 | } | |
185 | ||
059469a8 MT |
186 | function ppp_accounting() { |
187 | local zone=${1} | |
188 | shift | |
5b20e43a | 189 | |
059469a8 MT |
190 | db_ppp_update ${zone} --duration="${CONNECT_TIME}" \ |
191 | --rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}" | |
5b20e43a | 192 | } |
711ffac1 MT |
193 | |
194 | function pppd_exec() { | |
711ffac1 MT |
195 | log DEBUG "Running pppd with parameters '$@'." |
196 | ||
197 | pppd $@ > /dev/null | |
198 | } | |
97cb552e MT |
199 | |
200 | function pppd_write_config() { | |
201 | local file=${1}; shift | |
202 | assert isset file | |
203 | ||
204 | local auth | |
6c74a64c MT |
205 | local baudrate |
206 | local connect_cmd | |
45d5539c | 207 | local default_asyncmap="true" |
97cb552e | 208 | local interface |
aadb3cd0 | 209 | local ipv6="true" |
45d5539c MT |
210 | local lcp_echo_failure=3 |
211 | local lcp_echo_interval=20 | |
97cb552e MT |
212 | local linkname |
213 | local mtu mru | |
6c74a64c | 214 | local password |
97cb552e | 215 | local plugin plugin_options |
6c74a64c MT |
216 | local serial="false" |
217 | local username | |
45d5539c | 218 | local value |
97cb552e MT |
219 | |
220 | while [ $# -gt 0 ]; do | |
221 | case "${1}" in | |
222 | --auth=*) | |
223 | auth=$(cli_get_val ${1}) | |
224 | ;; | |
6c74a64c MT |
225 | --baudrate=*) |
226 | baudrate=$(cli_get_val ${1}) | |
227 | assert isoneof baudrate ${SERIAL_BAUDRATES} | |
228 | ;; | |
229 | --connect-command=*) | |
230 | connect_cmd=$(cli_get_val ${1}) | |
231 | ;; | |
45d5539c MT |
232 | # Enable or disable the use of the default asyncmap. |
233 | --default-asyncmap=*) | |
234 | value=$(cli_get_val ${1}) | |
235 | if enabled value; then | |
236 | default_asyncmap="true" | |
237 | else | |
238 | default_asyncmap="false" | |
239 | fi | |
240 | ;; | |
97cb552e MT |
241 | # The name of the created ppp interface. |
242 | --interface=*) | |
243 | interface=$(cli_get_val ${1}) | |
244 | ;; | |
aadb3cd0 MT |
245 | # IPv6 |
246 | --ipv6=*) | |
247 | ipv6="$(cli_get_val ${1})" | |
248 | ;; | |
45d5539c MT |
249 | # LCP echo failure. |
250 | --lcr-echo-failure=*) | |
251 | lcr_echo_failure=$(cli_get_val ${1}) | |
252 | ||
253 | if ! isinteger ${lcr_echo_failure}; then | |
254 | error "--lcr-echo-failure= requires a number" | |
255 | return ${EXIT_ERROR} | |
256 | fi | |
257 | ;; | |
258 | # LCP echo interval. | |
259 | --lcr-echo-interval=*) | |
260 | lcr_echo_interval=$(cli_get_val ${1}) | |
261 | ||
262 | if ! isinteger ${lcr_echo_failure}; then | |
263 | error "--lcr-echo-interval= requires a number" | |
264 | return ${EXIT_ERROR} | |
265 | fi | |
266 | ;; | |
97cb552e MT |
267 | # Maximum Transmission Unit |
268 | --mtu=*) | |
269 | mtu=$(cli_get_val ${1}) | |
270 | ;; | |
271 | # Maximum Receive Unit | |
272 | --mru=*) | |
273 | mru=$(cli_get_val ${1}) | |
274 | ;; | |
6c74a64c MT |
275 | --password=*) |
276 | password=$(cli_get_val ${1}) | |
277 | ;; | |
97cb552e MT |
278 | --plugin=*) |
279 | plugin=$(cli_get_val ${1}) | |
280 | ;; | |
281 | --plugin-options=*) | |
282 | plugin_options=$(cli_get_val ${1}) | |
283 | ;; | |
6c74a64c MT |
284 | # Sets if the modem is a serial device. |
285 | --serial=*) | |
286 | serial=$(cli_get_val ${1}) | |
287 | ;; | |
288 | --serial-device=*) | |
289 | serial_device=$(cli_get_val ${1}) | |
290 | ;; | |
291 | --username=*) | |
292 | username=$(cli_get_val ${1}) | |
97cb552e MT |
293 | ;; |
294 | *) | |
295 | log WARNING "Unhandled argument: ${1}" | |
296 | ;; | |
297 | esac | |
298 | shift | |
299 | done | |
300 | ||
301 | if [ -z "${interface}" ]; then | |
302 | log ERROR "You need to set the interface name: ${interface}" | |
303 | return ${EXIT_ERROR} | |
304 | fi | |
45d5539c | 305 | linkname="${interface}" |
97cb552e MT |
306 | |
307 | if isset auth; then | |
308 | if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then | |
309 | log ERROR "Unsupported auth method: ${auth}" | |
310 | return ${EXIT_ERROR} | |
311 | fi | |
312 | fi | |
313 | ||
6c74a64c MT |
314 | if enabled serial; then |
315 | assert isset serial_device | |
316 | assert [ -c "${serial_device}" ] | |
317 | fi | |
318 | ||
319 | # Set the user credentials. | |
320 | ppp_secret "${username}" "${password}" | |
321 | ||
97cb552e MT |
322 | # Write the configuration header. |
323 | mkdir -p $(dirname ${file}) 2>/dev/null | |
324 | config_header "PPP daemon configuration file" > ${file} | |
325 | ||
326 | # At first, set the name of the link. | |
45d5539c | 327 | print "linkname ${linkname}\n" >> ${file} |
97cb552e | 328 | |
6c74a64c MT |
329 | # Configure the interface/zone name. |
330 | ( | |
331 | print "# Interface name" | |
332 | print "ifname ${interface}" | |
333 | ||
334 | ) >> ${file} | |
97cb552e MT |
335 | |
336 | # Plugin settings | |
337 | if isset plugin; then | |
338 | ( | |
339 | print "# Plugin settings" | |
340 | print "plugin ${plugin} ${plugin_options}" | |
341 | ||
342 | ) >> ${file} | |
343 | fi | |
344 | ||
345 | # User authentication | |
6c74a64c | 346 | if isset username; then |
97cb552e MT |
347 | ( |
348 | print "# User authentication" | |
6c74a64c | 349 | print "user ${username}" |
97cb552e MT |
350 | |
351 | print "noauth" | |
352 | if isset auth; then | |
353 | print "require-${auth}" | |
354 | fi | |
355 | ||
356 | ) >> ${file} | |
357 | fi | |
358 | ||
aadb3cd0 MT |
359 | # IPv6 |
360 | if enabled ipv6; then | |
361 | ( | |
362 | print "# IPv6 support" | |
363 | print "+ipv6" | |
364 | ||
365 | ) >> ${file} | |
366 | fi | |
367 | ||
97cb552e MT |
368 | # MTU/MRU settings |
369 | if isset mtu; then | |
370 | isset mru || mru=${mtu} | |
371 | ||
372 | ( | |
373 | print "# MTU/MRU settings" | |
374 | print "mtu ${mtu}" | |
375 | print "mru ${mru}" | |
376 | ||
377 | ) >> ${file} | |
378 | fi | |
379 | ||
6c74a64c MT |
380 | if enabled serial; then |
381 | ( | |
382 | print "# Serial modem settings" | |
383 | print "${serial_device} ${baudrate}" | |
384 | print "crtscts" | |
385 | print "lock" | |
386 | print "modem" | |
387 | ||
388 | ) >> ${file} | |
389 | ||
390 | # Connect command | |
391 | if isset connect_cmd; then | |
392 | ( | |
393 | print "# Connect command" | |
394 | print "connect \"${connect_cmd}\"" | |
395 | ||
396 | ) >> ${file} | |
397 | fi | |
398 | fi | |
399 | ||
45d5539c MT |
400 | # Default asyncmap. |
401 | if enabled default_asyncmap; then | |
402 | ( | |
403 | print "# Use the default asyncmap." | |
404 | print "default-asyncmap" | |
405 | ||
406 | ) >> ${file} | |
407 | fi | |
408 | ||
409 | # LCP settings. | |
410 | ( | |
411 | print "# LCP settings" | |
412 | print "lcp-echo-failure ${lcp_echo_failure}" | |
413 | print "lcp-echo-interval ${lcp_echo_interval}" | |
414 | ||
415 | ) >> ${file} | |
416 | ||
97cb552e MT |
417 | # Add the default settings. |
418 | ( | |
419 | print "# Disable the compression" | |
420 | print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe" | |
421 | ||
81d0c0b9 | 422 | print "noipdefault updetach debug" |
97cb552e MT |
423 | ) >> ${file} |
424 | ||
425 | return ${EXIT_OK} | |
426 | } |