[network.git] / functions.routing

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

function routing_has_default() {
	ip route | grep -q "^default"
}

function routing_default_update() {
	local routes

	local zones=$(zones_get_nonlocal)
	if [ -z "${zones}" ]; then
		zones=$(zones_get_local)
	fi

	local gateway
	local weight
	local zone

	local proto="ipv4"

	for zone in ${zones}; do
		# Skip if zone is not up
		routing_db_exists ${zone} ${proto} || continue

		if [ "$(routing_db_get ${zone} ${proto} active)" = "1" ]; then
			gateway=$(routing_db_get ${zone} ${proto} remote-ip-address)
			weight=$(routing_db_get ${zone} ${proto} weight)

			routes="${routes} nexthop via ${gateway}"

			if [ -n "${weight}" ]; then
				routes="${routes} weight ${weight}"
			fi
		else
			log DEBUG "Ignoring zone '${zone}' which is not active."
		fi
	done

	if [ -z "${routes}" ]; then
		log INFO "Removing default route."

		if routing_has_default; then
			ip route del default
		fi
		return ${EXIT_OK}
	fi

	# Remove too much spaces.
	routes=$(echo ${routes})

	log INFO "Setting default route: ${routes}"

	ip route replace default ${routes}
}

function routing_table_exists() {
	local zone=${1}

	grep -q "${zone}$" < /etc/iproute2/rt_tables
}

function routing_table_create() {
	local zone=${1}

	if routing_table_exists ${zone}; then
		return ${EXIT_OK}
	fi

	log INFO "Creating routing table for zone '${zone}'"

	local id=$(( ${zone#red} + 1 ))

	echo "${id}	${zone}" >> /etc/iproute2/rt_tables
}

function routing_table_remove() {
	: # XXX do we need this?
}

function routing_db_path() {
	local zone=${1}
	local proto=${2}

	assert isset zone
	assert isset proto
	assert isoneof proto ${IP_SUPPORTED_PROTOCOLS}

	echo "${ROUTING_DB_DIR}/${zone}/${proto}"
}

function routing_db_exists() {
	[ -d "$(routing_db_path $@)" ]
}

function routing_db_create() {
	routing_db_exists $@ && return ${EXIT_OK}

	mkdir -p $(routing_db_path $@)
}

function routing_db_remove() {
	rm -rf $(routing_db_path $@)
}

function routing_db_set() {
	local zone=${1}
	local proto=${2}
	local parameter=${3}
	shift 3

	local value="$@"

	log INFO "Updating database (${zone} - ${proto}): ${parameter} = ${value}"

	routing_db_create ${zone} ${proto}

	echo "${value}" > $(routing_db_path ${zone} ${proto})/${parameter}
}

function routing_db_get() {
	local zone=${1}
	local proto=${2}
	local parameter=${3}
	shift 3

	cat $(routing_db_path ${zone} ${proto})/${parameter} 2>/dev/null
}

function routing_db_from_ppp() {
	local zone=${1}
	local proto=${2}

	assert isset zone
	assert isset proto

	# Save ppp configuration
	routing_db_set ${zone} ${proto} type "ppp"
	routing_db_set ${zone} ${proto} local-ip-address ${PPP_IPLOCAL}
	routing_db_set ${zone} ${proto} remote-ip-address ${PPP_IPREMOTE}

	routing_db_set ${zone} ${proto} dns ${PPP_DNS1} ${PPP_DNS2}

	routing_db_set ${zone} ${proto} remote-address ${PPP_MACREMOTE,,}
}

function routing_update() {
	local zone=${1}
	assert isset zone

	# Nothing to do for local zones.
	if zone_is_local ${zone}; then
		return ${EXIT_OK}
	fi

	local proto=${2}
	local table=${zone}
	assert isset proto

	# Create routing table if not exists
	routing_table_create ${table}

	log DEBUG "Flushing routing table ${table}"
	cmd ip route flush table ${table}

	local local_ip_address=$(routing_db_get ${zone} ${proto} local-ip-address)

	# XXX does not work.
	#log DEBUG "Adding route for subnet ${local_ip_address} to table ${table}"
	#cmd ip route add table ${table} ${local_ip_address} dev ${zone}

	local remote_ip_address=$(routing_db_get ${zone} ${proto} remote-ip-address)

	if isset remote_ip_address; then
		log DEBUG "Adding default route for table ${table}"

		cmd ip route add table ${table} default nexthop via ${remote_ip_address}
	fi

	cmd ip rule add from ${local_ip_address} lookup ${table}
}
Commit	Line	Data
ff8ec5ef MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	function routing_has_default() {
	23	ip route \| grep -q "^default"
	24	}
	25
	26	function routing_default_update() {
ff8ec5ef MT	27	local routes
ff8ec5ef MT	28
b816e04b MT	29	local zones=$(zones_get_nonlocal)
	30	if [ -z "${zones}" ]; then
	31	zones=$(zones_get_local)
	32	fi
	33
ff8ec5ef MT	34	local gateway
ff8ec5ef MT	35	local weight
b816e04b	36	local zone
ff8ec5ef	37
b816e04b	38	local proto="ipv4"
ff8ec5ef	39
b816e04b	40	for zone in ${zones}; do
ff8ec5ef	41	# Skip if zone is not up
b816e04b	42	routing_db_exists ${zone} ${proto} \|\| continue
ff8ec5ef	43
b816e04b MT	44	if [ "$(routing_db_get ${zone} ${proto} active)" = "1" ]; then
	45	gateway=$(routing_db_get ${zone} ${proto} remote-ip-address)
	46	weight=$(routing_db_get ${zone} ${proto} weight)
ff8ec5ef MT	47
ff8ec5ef MT	48	routes="${routes} nexthop via ${gateway}"
b816e04b	49
ff8ec5ef MT	50	if [ -n "${weight}" ]; then
	51	routes="${routes} weight ${weight}"
	52	fi
	53	else
	54	log DEBUG "Ignoring zone '${zone}' which is not active."
	55	fi
	56	done
	57
	58	if [ -z "${routes}" ]; then
b816e04b MT	59	log INFO "Removing default route."
b816e04b MT	60
ff8ec5ef MT	61	if routing_has_default; then
	62	ip route del default
	63	fi
	64	return ${EXIT_OK}
	65	fi
	66
b816e04b MT	67	# Remove too much spaces.
	68	routes=$(echo ${routes})
	69
	70	log INFO "Setting default route: ${routes}"
	71
ff8ec5ef MT	72	ip route replace default ${routes}
	73	}
	74
	75	function routing_table_exists() {
	76	local zone=${1}
	77
	78	grep -q "${zone}$" < /etc/iproute2/rt_tables
	79	}
	80
	81	function routing_table_create() {
	82	local zone=${1}
	83
ff8ec5ef MT	84	if routing_table_exists ${zone}; then
	85	return ${EXIT_OK}
	86	fi
	87
	88	log INFO "Creating routing table for zone '${zone}'"
	89
	90	local id=$(( ${zone#red} + 1 ))
	91
	92	echo "${id} ${zone}" >> /etc/iproute2/rt_tables
	93	}
	94
	95	function routing_table_remove() {
	96	: # XXX do we need this?
	97	}
b816e04b MT	98
	99	function routing_db_path() {
	100	local zone=${1}
	101	local proto=${2}
	102
	103	assert isset zone
	104	assert isset proto
	105	assert isoneof proto ${IP_SUPPORTED_PROTOCOLS}
	106
	107	echo "${ROUTING_DB_DIR}/${zone}/${proto}"
	108	}
	109
	110	function routing_db_exists() {
	111	[ -d "$(routing_db_path $@)" ]
	112	}
	113
	114	function routing_db_create() {
	115	routing_db_exists $@ && return ${EXIT_OK}
	116
	117	mkdir -p $(routing_db_path $@)
	118	}
	119
	120	function routing_db_remove() {
	121	rm -rf $(routing_db_path $@)
	122	}
	123
	124	function routing_db_set() {
	125	local zone=${1}
	126	local proto=${2}
	127	local parameter=${3}
	128	shift 3
	129
	130	local value="$@"
	131
	132	log INFO "Updating database (${zone} - ${proto}): ${parameter} = ${value}"
	133
	134	routing_db_create ${zone} ${proto}
	135
	136	echo "${value}" > $(routing_db_path ${zone} ${proto})/${parameter}
	137	}
	138
	139	function routing_db_get() {
	140	local zone=${1}
	141	local proto=${2}
	142	local parameter=${3}
	143	shift 3
	144
	145	cat $(routing_db_path ${zone} ${proto})/${parameter} 2>/dev/null
	146	}
	147
	148	function routing_db_from_ppp() {
	149	local zone=${1}
	150	local proto=${2}
	151
2c973348 MT	152	assert isset zone
	153	assert isset proto
	154
b816e04b MT	155	# Save ppp configuration
	156	routing_db_set ${zone} ${proto} type "ppp"
	157	routing_db_set ${zone} ${proto} local-ip-address ${PPP_IPLOCAL}
	158	routing_db_set ${zone} ${proto} remote-ip-address ${PPP_IPREMOTE}
	159
	160	routing_db_set ${zone} ${proto} dns ${PPP_DNS1} ${PPP_DNS2}
	161
	162	routing_db_set ${zone} ${proto} remote-address ${PPP_MACREMOTE,,}
	163	}
	164
	165	function routing_update() {
	166	local zone=${1}
2c973348	167	assert isset zone
b816e04b MT	168
	169	# Nothing to do for local zones.
	170	if zone_is_local ${zone}; then
	171	return ${EXIT_OK}
	172	fi
	173
	174	local proto=${2}
	175	local table=${zone}
2c973348	176	assert isset proto
b816e04b MT	177
	178	# Create routing table if not exists
	179	routing_table_create ${table}
	180
	181	log DEBUG "Flushing routing table ${table}"
	182	cmd ip route flush table ${table}
	183
	184	local local_ip_address=$(routing_db_get ${zone} ${proto} local-ip-address)
	185
	186	# XXX does not work.
	187	#log DEBUG "Adding route for subnet ${local_ip_address} to table ${table}"
	188	#cmd ip route add table ${table} ${local_ip_address} dev ${zone}
	189
	190	local remote_ip_address=$(routing_db_get ${zone} ${proto} remote-ip-address)
	191
	192	if isset remote_ip_address; then
	193	log DEBUG "Adding default route for table ${table}"
	194
	195	cmd ip route add table ${table} default nexthop via ${remote_ip_address}
	196	fi
	197
	198	cmd ip rule add from ${local_ip_address} lookup ${table}
	199	}