]>
Commit | Line | Data |
---|---|---|
1848564d MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
e2aa12b3 | 22 | . /usr/lib/network/header-zone |
1848564d | 23 | |
de125810 MT |
24 | HOOK_MANPAGE="network-zone-bridge" |
25 | ||
6b3f9c85 MT |
26 | HOOK_SETTINGS="HOOK STP STP_FORWARD_DELAY STP_HELLO STP_MAXAGE STP_MODE" |
27 | HOOK_SETTINGS="${HOOK_SETTINGS} STP_PRIORITY MAC MTU" | |
1848564d | 28 | |
828eb94a MT |
29 | HOOK_PORT_SETTINGS="COST PRIORITY" |
30 | ||
1848564d MT |
31 | # Default values |
32 | MAC=$(mac_generate) | |
33 | MTU=1500 | |
34 | STP="on" | |
6b3f9c85 | 35 | STP_MODE="rstp" |
1848564d MT |
36 | STP_FORWARD_DELAY=0 |
37 | STP_HELLO=2 | |
38 | STP_MAXAGE=20 | |
e266c18e | 39 | STP_PRIORITY=512 |
1848564d | 40 | |
2181765d | 41 | function hook_check() { |
1848564d MT |
42 | assert ismac MAC |
43 | assert isbool STP | |
6b3f9c85 | 44 | assert isoneof STP_MODE stp rstp |
1848564d MT |
45 | assert isinteger STP_HELLO |
46 | assert isinteger STP_FORWARD_DELAY | |
d82cf370 | 47 | assert isinteger STP_PRIORITY |
1848564d MT |
48 | assert isinteger MTU |
49 | } | |
50 | ||
2181765d | 51 | function hook_parse_cmdline() { |
1848564d MT |
52 | while [ $# -gt 0 ]; do |
53 | case "${1}" in | |
54 | --stp=*) | |
55 | STP=${1#--stp=} | |
56 | ;; | |
6b3f9c85 MT |
57 | --stp-mode=*) |
58 | STP_MODE=${1#--stp-mode=} | |
59 | ;; | |
1848564d MT |
60 | --stp-hello=*) |
61 | STP_HELLO=${1#--stp-hello=} | |
62 | ;; | |
63 | --stp-forward-delay=*) | |
64 | STP_FORWARD_DELAY=${1#--stp-forward-delay=} | |
65 | ;; | |
d82cf370 MT |
66 | --stp-priority=*) |
67 | STP_PRIORITY=${1#--stp-priority=} | |
68 | ;; | |
1848564d MT |
69 | --mtu=*) |
70 | MTU=${1#--mtu=} | |
71 | ;; | |
72 | --mac=*) | |
73 | MAC=${1#--mac=} | |
74 | ;; | |
75 | *) | |
76 | warning "Ignoring unknown option '${1}'" | |
77 | ;; | |
78 | esac | |
79 | shift | |
80 | done | |
81 | } | |
82 | ||
2181765d | 83 | function hook_up() { |
1848564d | 84 | local zone=${1} |
99be6026 | 85 | assert isset zone |
1848564d | 86 | |
e9df08ad | 87 | zone_settings_read "${zone}" ${HOOK_SETTINGS} |
1848564d | 88 | |
99be6026 | 89 | # Create the bridge if it does not already exist. |
1848564d | 90 | if ! device_exists ${zone}; then |
99be6026 MT |
91 | bridge_create ${zone} \ |
92 | --address=${MAC} --mtu=${MTU} | |
1848564d | 93 | |
99be6026 MT |
94 | # Adjust MAC address and MTU if needed. |
95 | else | |
96 | device_set_address ${zone} ${MAC} | |
97 | device_set_mtu ${zone} ${MTU} | |
98 | fi | |
1848564d MT |
99 | |
100 | # Enable STP | |
101 | if enabled STP; then | |
7d85603e | 102 | stp_enable ${zone} |
1848564d MT |
103 | |
104 | if [ -n "${STP_FORWARD_DELAY}" ]; then | |
e2aa12b3 | 105 | stp_bridge_set_forward_delay ${zone} ${STP_FORWARD_DELAY} |
1848564d MT |
106 | fi |
107 | ||
108 | if [ -n "${STP_HELLO}" ]; then | |
e2aa12b3 | 109 | stp_bridge_set_hello_time ${zone} ${STP_HELLO} |
1848564d MT |
110 | fi |
111 | ||
112 | if [ -n "${STP_MAXAGE}" ]; then | |
e2aa12b3 | 113 | stp_bridge_set_max_age ${zone} ${STP_MAXAGE} |
1848564d | 114 | fi |
d82cf370 MT |
115 | |
116 | if [ -n "${STP_PRIORITY}" ]; then | |
e2aa12b3 | 117 | stp_bridge_set_priority ${zone} ${STP_PRIORITY} |
d82cf370 | 118 | fi |
1848564d | 119 | else |
6b3f9c85 | 120 | stp_disable ${zone} |
1848564d MT |
121 | fi |
122 | ||
123 | device_set_up ${zone} | |
124 | ||
cf6e4606 MT |
125 | # XXX Currently, there is a bug (in the linux kernel?) that we need to |
126 | # set our bridges to promisc mode. | |
127 | device_set_promisc ${zone} on | |
128 | ||
1848564d MT |
129 | # Bring all ports up |
130 | zone_ports_up ${zone} | |
1848564d MT |
131 | zone_configs_up ${zone} |
132 | ||
8dcb2687 | 133 | exit ${EXIT_OK} |
1848564d MT |
134 | } |
135 | ||
2181765d | 136 | function hook_down() { |
1848564d | 137 | local zone=${1} |
99be6026 | 138 | assert isset zone |
1848564d MT |
139 | |
140 | if ! device_is_up ${zone}; then | |
141 | warning "Zone '${zone}' is not up" | |
142 | exit ${EXIT_OK} | |
143 | fi | |
144 | ||
1848564d MT |
145 | zone_configs_down ${zone} |
146 | zone_ports_down ${zone} | |
147 | ||
cf6e4606 MT |
148 | # XXX See remark in _up(). |
149 | device_set_promisc ${zone} off | |
150 | ||
1848564d | 151 | device_set_down ${zone} |
99be6026 | 152 | bridge_delete ${zone} |
1848564d | 153 | |
8dcb2687 | 154 | exit ${EXIT_OK} |
1848564d MT |
155 | } |
156 | ||
2181765d | 157 | function hook_status() { |
e84e4e76 | 158 | local zone=${1} |
3cb2fc42 | 159 | assert isset zone |
e84e4e76 | 160 | |
3cb2fc42 MT |
161 | # Print the default header. |
162 | cli_device_headline ${zone} | |
e84e4e76 MT |
163 | |
164 | # Exit if zone is down | |
165 | if ! zone_is_up ${zone}; then | |
166 | echo # Empty line | |
167 | exit ${EXIT_ERROR} | |
168 | fi | |
169 | ||
3cb2fc42 MT |
170 | cli_headline 2 "Spanning Tree Protocol information" |
171 | if stp_is_enabled ${zone}; then | |
172 | local proto=$(stp_bridge_get_protocol ${zone}) | |
8d4f9311 | 173 | |
3cb2fc42 MT |
174 | cli_print_fmt1 2 "Version" "$(stp_get_name ${proto})" |
175 | cli_print_fmt1 2 "ID" "$(stp_bridge_get_id ${zone})" | |
176 | cli_print_fmt1 2 "Priority" "$(stp_bridge_get_priority ${zone})" | |
36e3fd2f MT |
177 | |
178 | if stp_bridge_is_root ${zone}; then | |
3cb2fc42 | 179 | cli_print 2 "This bridge is root." |
36e3fd2f | 180 | else |
3cb2fc42 MT |
181 | cli_print_fmt1 2 "Designated root" \ |
182 | "$(stp_bridge_get_designated_root ${zone})" | |
183 | cli_print_fmt1 2 "Root path cost" \ | |
184 | "$(stp_bridge_get_root_path_cost ${zone})" | |
36e3fd2f | 185 | fi |
3cb2fc42 | 186 | cli_space |
feb76eaf | 187 | |
36e3fd2f | 188 | # Topology information |
3cb2fc42 MT |
189 | cli_print_fmt1 2 "Topology changing" \ |
190 | "$(stp_bridge_get_topology_change_detected ${zone})" | |
191 | cli_print_fmt1 2 "Topology change time" \ | |
192 | "$(beautify_time $(stp_bridge_get_topology_change_timer ${zone}))" | |
193 | cli_print_fmt1 2 "Topology change count" \ | |
194 | "$(stp_bridge_get_topology_change_count ${zone})" | |
195 | cli_space | |
feb76eaf | 196 | else |
3cb2fc42 MT |
197 | cli_print 2 "Disabled" |
198 | cli_space | |
feb76eaf | 199 | fi |
e84e4e76 | 200 | |
50250b79 | 201 | cli_headline 2 "Ports" |
711ffac1 | 202 | zone_ports_status ${zone} |
8e3508ac | 203 | cli_space |
e84e4e76 | 204 | |
50250b79 | 205 | cli_headline 2 "Configurations" |
e84e4e76 | 206 | zone_configs_cmd status ${zone} |
3cb2fc42 | 207 | cli_space |
8e3508ac | 208 | |
e84e4e76 MT |
209 | exit ${EXIT_OK} |
210 | } | |
828eb94a MT |
211 | |
212 | function __parse_cmdline_args() { | |
213 | while [ $# -gt 0 ]; do | |
214 | case "${1}" in | |
215 | --priority=*) | |
216 | PRIORITY="$(cli_get_val ${1})" | |
217 | ;; | |
218 | --cost=*) | |
219 | COST="$(cli_get_val ${1})" | |
220 | ;; | |
221 | esac | |
222 | shift | |
223 | done | |
224 | ||
225 | return ${EXIT_OK} | |
226 | } | |
227 | ||
228 | function hook_port_add() { | |
229 | # Excepting at least two arguments here | |
230 | assert [ $# -ge 2 ] | |
231 | ||
232 | local zone="${1}" | |
233 | local port="${2}" | |
234 | shift 2 | |
235 | ||
236 | __parse_cmdline_args "$@" | |
237 | [ $? -eq ${EXIT_OK} ] || return ${EXIT_ERROR} | |
238 | ||
e9df08ad | 239 | zone_port_settings_write "${zone}" "${port}" ${HOOK_PORT_SETTINGS} |
828eb94a MT |
240 | |
241 | log INFO "Port '${port}' has been added to zone '${zone}'" | |
242 | ||
243 | exit ${EXIT_OK} | |
244 | } | |
245 | ||
246 | function hook_port_edit() { | |
247 | assert [ $# -ge 2 ] | |
248 | ||
249 | local zone="${1}" | |
250 | local port="${2}" | |
251 | shift 2 | |
252 | ||
e9df08ad | 253 | zone_port_settings_read "${zone}" "${port}" ${HOOK_PORT_SETTINGS} |
828eb94a MT |
254 | |
255 | __parse_cmdline_args "$@" | |
256 | [ $? -eq ${EXIT_OK} ] || return ${EXIT_ERROR} | |
257 | ||
e9df08ad | 258 | zone_port_settings_write "${zone}" "${port}" ${HOOK_PORT_SETTINGS} |
828eb94a MT |
259 | |
260 | log INFO "Port '${port}' (member of zone '${zone}') has been edited" | |
261 | ||
262 | exit ${EXIT_OK} | |
263 | } | |
264 | ||
265 | function hook_port_remove() { | |
266 | assert [ $# -eq 2 ] | |
267 | ||
268 | local zone="${1}" | |
269 | local port="${2}" | |
270 | ||
271 | # Shut down the port (if possible) | |
272 | port_down "${port}" | |
273 | ||
274 | log INFO "Port '${port}' has been removed from zone '${zone}'" | |
e9df08ad | 275 | zone_port_settings_remove "${zone}" "${port}" |
828eb94a MT |
276 | |
277 | exit ${EXIT_OK} | |
278 | } | |
279 | ||
280 | function hook_port_up() { | |
281 | assert [ $# -eq 2 ] | |
282 | ||
283 | local zone="${1}" | |
284 | local port="${2}" | |
285 | ||
e9df08ad | 286 | zone_port_settings_read "${zone}" "${port}" ${HOOK_PORT_SETTINGS} |
2c083d57 | 287 | |
828eb94a MT |
288 | port_up "${port}" |
289 | ||
290 | # Set same MTU to device that the bridge has got | |
291 | device_set_mtu "${port}" $(device_get_mtu "${zone}") | |
292 | ||
293 | bridge_attach_device "${zone}" "${port}" | |
294 | ||
2c083d57 MT |
295 | if isset COST; then |
296 | stp_port_set_cost "${zone}" "${port}" "${COST}" | |
297 | fi | |
298 | ||
299 | # TODO Apply priority (#10609) | |
828eb94a MT |
300 | |
301 | exit ${EXIT_OK} | |
302 | } | |
303 | ||
304 | function hook_port_down() { | |
305 | assert [ $# -eq 2 ] | |
306 | ||
307 | local zone="${1}" | |
308 | local port="${2}" | |
309 | ||
310 | bridge_detach_device "${zone}" "${port}" | |
311 | ||
312 | port_down "${port}" | |
313 | ||
314 | exit ${EXIT_OK} | |
315 | } | |
316 | ||
317 | function hook_port_status() { | |
318 | assert [ $# -eq 2 ] | |
319 | ||
320 | local zone="${1}" | |
321 | local port="${2}" | |
322 | ||
323 | # Do nothing for devices which are not up and running. | |
324 | device_exists "${port}" || exit ${EXIT_OK} | |
325 | ||
326 | local status | |
327 | ||
328 | # Check if the device is down. | |
329 | if ! device_is_up "${port}"; then | |
330 | status="${MSG_DEVICE_STATUS_DOWN}" | |
331 | ||
332 | # Check if the device has no carrier. | |
333 | elif ! device_has_carrier "${port}"; then | |
334 | status="${MSG_DEVICE_STATUS_NOCARRIER}" | |
335 | ||
336 | # Check for STP information. | |
337 | elif stp_is_enabled "${zone}"; then | |
338 | local state="$(stp_port_get_state "${zone}" "${port}")" | |
339 | state="MSG_STP_${state}" | |
340 | status="${!state}" | |
341 | ||
342 | status="${status} - DSR: $(stp_port_get_designated_root "${zone}" "${port}")" | |
343 | status="${status} - Cost: $(stp_port_get_cost "${zone}" "${port}")" | |
344 | else | |
345 | status="${MSG_DEVICE_STATUS_UP}" | |
346 | fi | |
347 | cli_statusline 3 "${port}" "${status}" | |
348 | ||
349 | exit ${EXIT_OK} | |
350 | } |