]>
Commit | Line | Data |
---|---|---|
ff8ec5ef MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
1c6a4e30 | 22 | routing_has_default() { |
ff8ec5ef MT |
23 | ip route | grep -q "^default" |
24 | } | |
25 | ||
1c6a4e30 | 26 | routing_default_update() { |
ff8ec5ef MT |
27 | local routes |
28 | ||
b816e04b MT |
29 | local zones=$(zones_get_nonlocal) |
30 | if [ -z "${zones}" ]; then | |
31 | zones=$(zones_get_local) | |
32 | fi | |
33 | ||
ff8ec5ef | 34 | local gateway |
201b7dff | 35 | local proto |
ff8ec5ef | 36 | local weight |
b816e04b | 37 | local zone |
e817357d | 38 | local cmd |
ff8ec5ef | 39 | |
201b7dff MT |
40 | for proto in ${IP_SUPPORTED_PROTOCOLS}; do |
41 | # Clear routes | |
42 | routes="" | |
ff8ec5ef | 43 | |
e817357d MT |
44 | cmd="ip $([ "${proto}" = "ipv6" ] && echo "-6") route" |
45 | ||
201b7dff MT |
46 | for zone in ${zones}; do |
47 | # Skip if zone is not up | |
c041b631 | 48 | db_exists "${zone}/${proto}" || continue |
ff8ec5ef | 49 | |
c041b631 MT |
50 | if [ "$(db_get "${zone}/${proto}/active")" = "1" ]; then |
51 | gateway="$(db_get "${zone}/${proto}/remote-ip-address")" | |
ff8ec5ef | 52 | |
6c74a64c MT |
53 | # Go on if the device is not there anymore. |
54 | device_exists ${zone} || continue | |
28f0b4ab | 55 | |
8fdc3a35 SS |
56 | # On other devices, we will use the gateway if we got one. |
57 | if isset gateway; then | |
58 | routes="${routes} nexthop via ${gateway}" | |
59 | ||
00b2c5c9 | 60 | # If we have got a Point-to-Point device, we will directly send all |
28f0b4ab | 61 | # packets into the pipe. |
8fdc3a35 | 62 | elif device_is_ptp ${zone}; then |
59187e11 | 63 | routes="${routes} dev ${zone}" |
28f0b4ab | 64 | |
28f0b4ab MT |
65 | # If none of the cases above apply, we cannot go on. |
66 | else | |
67 | continue | |
e817357d | 68 | fi |
b816e04b | 69 | |
28f0b4ab | 70 | # Apply weight. |
c041b631 | 71 | weight="$(db_get "${zone}/${proto}/weight")" |
28f0b4ab | 72 | if isinteger ${weight}; then |
201b7dff MT |
73 | routes="${routes} weight ${weight}" |
74 | fi | |
75 | else | |
76 | log DEBUG "Ignoring zone '${zone}' which is not active." | |
ff8ec5ef | 77 | fi |
201b7dff | 78 | done |
ff8ec5ef | 79 | |
e817357d MT |
80 | # Remove too much spaces. |
81 | routes=$(echo ${routes}) | |
b816e04b | 82 | |
1cb20d39 MT |
83 | # Reload bird configuration |
84 | [[ "${proto}" = "ipv6" ]] && bird_update | |
05ab2f8a | 85 | |
e817357d | 86 | # Remove all default routes. |
e817357d | 87 | if [ -z "${routes}" ]; then |
de3cecef | 88 | cmd ${cmd} del default |
e817357d | 89 | log INFO "Removed default route for ${proto}." |
201b7dff | 90 | return ${EXIT_OK} |
ff8ec5ef | 91 | fi |
ff8ec5ef | 92 | |
201b7dff | 93 | log INFO "Setting default route for ${proto}: ${routes}" |
b816e04b | 94 | |
de3cecef | 95 | cmd ${cmd} replace default ${routes} |
201b7dff | 96 | assert [ $? -eq 0 ] |
e817357d | 97 | |
de3cecef | 98 | triggers_execute_all "online" |
201b7dff | 99 | done |
ff8ec5ef MT |
100 | } |
101 | ||
1c6a4e30 | 102 | routing_db_from_ppp() { |
b816e04b MT |
103 | local zone=${1} |
104 | local proto=${2} | |
105 | ||
2c973348 MT |
106 | assert isset zone |
107 | assert isset proto | |
108 | ||
b816e04b | 109 | # Save ppp configuration |
c041b631 | 110 | db_set "${zone}/${proto}/type" "ppp" |
201b7dff MT |
111 | |
112 | if [ "${proto}" = "ipv6" ]; then | |
c041b631 MT |
113 | db_set "${zone}/${proto}/local-ip-address" "${PPP_LLLOCAL}" |
114 | db_set "${zone}/${proto}/remote-ip-address" "${PPP_LLREMOTE}" | |
201b7dff | 115 | elif [ "${proto}" = "ipv4" ]; then |
c041b631 MT |
116 | db_set "${zone}/${proto}/local-ip-address" "${PPP_IPLOCAL}" |
117 | db_set "${zone}/${proto}/remote-ip-address" "${PPP_IPREMOTE}" | |
201b7dff | 118 | fi |
b816e04b | 119 | |
c041b631 MT |
120 | # Save the transmitted DNS servers |
121 | if isset PPP_DNS1 || isset PPP_DNS2; then | |
122 | db_set "${zone}/${proto}/domain-name-servers" "${PPP_DNS1} ${PPP_DNS2}" | |
123 | else | |
124 | db_set "${zone}/${proto}/domain-name-servers" | |
125 | fi | |
b816e04b | 126 | |
c041b631 MT |
127 | # Save the MAC address of the remote DSLAM |
128 | if isset PPP_MACREMOTE; then | |
39cd231c | 129 | db_set "${zone}/remote-address" "${PPP_MACREMOTE,,}" |
c041b631 | 130 | fi |
b816e04b MT |
131 | } |
132 | ||
1c6a4e30 | 133 | routing_update() { |
b816e04b | 134 | local zone=${1} |
2c973348 | 135 | assert isset zone |
b816e04b MT |
136 | |
137 | # Nothing to do for local zones. | |
138 | if zone_is_local ${zone}; then | |
139 | return ${EXIT_OK} | |
140 | fi | |
141 | ||
142 | local proto=${2} | |
143 | local table=${zone} | |
2c973348 | 144 | assert isset proto |
b816e04b | 145 | |
28f0b4ab MT |
146 | local ip_cmd="ip" |
147 | if [ "${proto}" = "ipv6" ]; then | |
148 | ip_cmd="${ip_cmd} -6" | |
149 | fi | |
150 | ||
b816e04b | 151 | # Create routing table if not exists |
8bd6339d | 152 | route_table_create ${table} |
b816e04b MT |
153 | |
154 | log DEBUG "Flushing routing table ${table}" | |
28f0b4ab | 155 | cmd ${ip_cmd} route flush table ${table} |
b816e04b | 156 | |
f5a771cf | 157 | # Exit here if there is no routing information. |
c041b631 | 158 | if ! db_exists "${zone}/${proto}"; then |
f5a771cf MT |
159 | return ${EXIT_OK} |
160 | fi | |
161 | ||
c041b631 MT |
162 | local local_ip_address="$(db_get "${zone}/${proto}/local-ip-address")" |
163 | local remote_ip_address="$(db_get "${zone}/${proto}/remote-ip-address")" | |
b816e04b | 164 | |
d5bace8d MT |
165 | case "${proto}" in |
166 | ipv4) | |
13a6e69f | 167 | local network=$(ipv4_get_network "${local_ip_address}") |
d5bace8d MT |
168 | |
169 | log DEBUG "Adding route for subnet ${local_ip_address} to table ${table}" | |
13a6e69f | 170 | cmd ${ip_cmd} route add table "${table}" "${network}" dev "${zone}" |
d5bace8d MT |
171 | ;; |
172 | esac | |
b816e04b | 173 | |
28f0b4ab MT |
174 | log DEBUG "Adding default route for table ${table}" |
175 | local routing_cmd="${ip_cmd} route add table ${table} default" | |
b816e04b | 176 | if isset remote_ip_address; then |
28f0b4ab MT |
177 | routing_cmd="${routing_cmd} via ${remote_ip_address}" |
178 | else | |
179 | routing_cmd="${routing_cmd} dev ${zone}" | |
b816e04b | 180 | fi |
28f0b4ab | 181 | cmd ${routing_cmd} |
b816e04b | 182 | |
28f0b4ab | 183 | cmd ${ip_cmd} rule add from ${local_ip_address} lookup ${table} |
b816e04b | 184 | } |