]>
Commit | Line | Data |
---|---|---|
671fa0bd MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
20ecb48c | 5 | # Copyright (C) 2013 IPFire Network Development Team # |
671fa0bd MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
f5c92542 SS |
22 | # Define protocols which are supported by aiccu. |
23 | AICCU_SUPPORTED_PROTOCOLS="tic tsp l2tp" | |
24 | ||
671fa0bd MT |
25 | function aiccu_start() { |
26 | local device=${1} | |
671fa0bd MT |
27 | assert isset device |
28 | ||
bfebc08f SS |
29 | # Tell systemd to start aiccu on this device. |
30 | service_start "aiccu@${device}.service" | |
671fa0bd MT |
31 | local ret=$? |
32 | ||
bfebc08f SS |
33 | if [ ${ret} -eq ${EXIT_OK} ]; then |
34 | log DEBUG "aiccu was successfully started on '${device}'." | |
35 | else | |
36 | log ERROR "Could not start aiccu properly on '${device}': ${ret}" | |
37 | return ${EXIT_ERROR} | |
38 | fi | |
39 | ||
40 | return ${EXIT_OK} | |
671fa0bd MT |
41 | } |
42 | ||
43 | function aiccu_stop() { | |
44 | local device=${1} | |
671fa0bd MT |
45 | assert isset device |
46 | ||
bfebc08f SS |
47 | # Tell sysemd to stop aiccu on this device. |
48 | service_stop "aiccu@${device}.service" | |
671fa0bd MT |
49 | } |
50 | ||
bfebc08f | 51 | function aiccu_write_config() { |
671fa0bd | 52 | local device=${1} |
bfebc08f SS |
53 | local file=${2} |
54 | shift 2 | |
671fa0bd MT |
55 | |
56 | assert isset device | |
bfebc08f | 57 | assert isset file |
671fa0bd | 58 | |
5bb66bbe SS |
59 | local username |
60 | local password | |
671fa0bd MT |
61 | local server |
62 | local protocol="tic" | |
63 | local tunnel_id | |
20ecb48c | 64 | local require_tls |
671fa0bd MT |
65 | |
66 | while [ $# -gt 0 ]; do | |
67 | case "${1}" in | |
5bb66bbe SS |
68 | --username=*) |
69 | username="$(cli_get_val ${1})" | |
671fa0bd | 70 | ;; |
5bb66bbe SS |
71 | --password=*) |
72 | password="$(cli_get_val ${1})" | |
671fa0bd MT |
73 | ;; |
74 | --server=*) | |
20ecb48c | 75 | server="$(cli_get_val ${1})" |
671fa0bd MT |
76 | ;; |
77 | --protocol=*) | |
20ecb48c | 78 | protocol="$(cli_get_val ${1})" |
671fa0bd MT |
79 | ;; |
80 | --tunnel-id=*) | |
20ecb48c SS |
81 | tunnel_id="$(cli_get_val ${1})" |
82 | ;; | |
83 | --require-tls=*) | |
84 | require_tls="$(cli_get_val ${1})" | |
85 | ||
86 | if enabled val; then | |
87 | require_tls="true" | |
88 | else | |
89 | require_tls="false" | |
90 | fi | |
671fa0bd MT |
91 | ;; |
92 | esac | |
93 | shift | |
94 | done | |
95 | ||
5bb66bbe SS |
96 | assert isset username |
97 | assert isset password | |
671fa0bd MT |
98 | assert isset server |
99 | assert isset protocol | |
20ecb48c | 100 | assert isset require_tls |
dae3b9ea | 101 | assert isoneof protocol ${AICCU_SUPPORTED_PROTOCOLS} |
671fa0bd | 102 | |
bfebc08f SS |
103 | # Write configuration file header. |
104 | config_header "aiccu configuration file for ${zone}" > ${file} | |
105 | ||
106 | ( | |
107 | print "# Server info" | |
108 | print "server ${server}" | |
109 | print "protocol ${protocol}" | |
110 | ||
111 | ||
112 | if isset tunnel_id; then | |
113 | print "# Tunnel ID" | |
114 | print "tunnel_id ${tunnel_id}" | |
115 | ||
116 | fi | |
117 | ||
118 | print "# Credentials" | |
5bb66bbe SS |
119 | print "username ${username}" |
120 | print "password ${password}" | |
bfebc08f SS |
121 | |
122 | ||
123 | print "ipv6_interface ${device}" | |
124 | ||
125 | ||
126 | print "# Security" | |
127 | print "requiretls ${require_tls}" | |
128 | ||
129 | ||
130 | # Misc. | |
131 | print "verbose true" | |
132 | print "daemonize false" | |
133 | print "automatic true" | |
134 | ) >> ${file} | |
671fa0bd MT |
135 | |
136 | return ${EXIT_OK} | |
137 | } |