2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 PPP_SUPPORTED_AUTH_METHODS
="chap pap"
24 function pppd_start
() {
26 assert isset interface
28 # This will block until the connection has been established or
30 service_start
"pppd@${interface}.service"
32 # Get the exit code of the ppp daemon and figure out
34 local ret
=$
(service_get_exitcode
"pppd@${interface}.service")
40 error
"pppd crashed for an unknown reason"
43 error
"pppd: Configuration error"
46 error
"pppd terminated"
49 error
"pppd: Link terminated by modem"
52 error
"pppd: Authentication failed"
55 error
"pppd: Unhandled exit code: ${ret}"
62 function pppd_stop
() {
64 assert isset interface
66 service_stop
"pppd@${interface}.service"
69 function pppd_status
() {
71 assert isset interface
73 service_status
"pppd@${interface}.service"
76 function ppp_common_ip_pre_up
() {
80 if ! zone_exists
${zone}; then
81 error
"Zone '${zone}' does not exist."
85 routing_db_from_ppp
${zone} ipv4
90 function ppp_common_ipv4_up
() {
94 if ! zone_exists
${zone}; then
95 error
"Zone '${zone}' does not exist."
99 routing_db_set
${zone} ipv4 active
1
100 routing_update
${zone} ipv4
101 routing_default_update
106 function ppp_common_ipv4_down
() {
110 if ! zone_exists
${zone}; then
111 error
"Zone '${zone}' does not exist."
115 # Remove the information about this zone from the routing database
116 # and update the routing table.
117 routing_db_remove
${zone} ipv4
118 routing_update
${zone} ipv4
119 routing_default_update
121 # Save accounting information
122 ppp_accounting
${zone}
127 function ppp_common_ipv6_up
() {
131 if ! zone_exists
${zone}; then
132 error
"Zone '${zone}' does not exist."
136 # Add information about this zone to the routing database.
137 routing_db_from_ppp
${zone} ipv6
139 routing_db_set
${zone} ipv6 active
1
140 routing_update
${zone} ipv6
141 routing_default_update
146 function ppp_common_ipv6_down
() {
150 if ! zone_exists
${zone}; then
151 error
"Zone '${zone}' does not exist."
155 # Remove the information about this zone from the routing database
156 # and update the routing table.
157 routing_db_remove
${zone} ipv6
158 routing_update
${zone} ipv6
159 routing_default_update
161 # Save accounting information
162 ppp_accounting
${zone}
167 function ppp_secret
() {
174 # Updateing secret file
176 while read user a secret
; do
177 if [ "'${USER}'" != "${user}" ]; then
178 echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
180 done < ${PPP_SECRETS}
181 echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
182 cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
183 rm -f ${PPP_SECRETS}.tmp
186 function ppp_accounting() {
190 db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
191 --rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
194 function pppd_exec() {
195 log DEBUG "Running pppd with parameters '$@
'."
200 function pppd_write_config() {
201 local file=${1}; shift
207 local default_asyncmap="true"
210 local lcp_echo_failure=3
211 local lcp_echo_interval=20
215 local plugin plugin_options
222 while [ $# -gt 0 ]; do
225 auth=$(cli_get_val ${1})
228 baudrate=$(cli_get_val ${1})
229 assert isoneof baudrate ${SERIAL_BAUDRATES}
232 connect_cmd=$(cli_get_val ${1})
234 # Enable or disable the use of the default asyncmap.
235 --default-asyncmap=*)
236 value=$(cli_get_val ${1})
237 if enabled value; then
238 default_asyncmap="true"
240 default_asyncmap="false"
243 # The name of the created ppp interface.
245 interface=$(cli_get_val ${1})
249 ipv6="$(cli_get_val ${1})"
252 --lcr-echo-failure=*)
253 lcr_echo_failure=$(cli_get_val ${1})
255 if ! isinteger ${lcr_echo_failure}; then
256 error "--lcr-echo-failure= requires a number"
261 --lcr-echo-interval=*)
262 lcr_echo_interval=$(cli_get_val ${1})
264 if ! isinteger ${lcr_echo_failure}; then
265 error "--lcr-echo-interval= requires a number"
269 # Maximum Transmission Unit
271 mtu=$(cli_get_val ${1})
273 # Maximum Receive Unit
275 mru=$(cli_get_val ${1})
278 password=$(cli_get_val ${1})
281 plugin=$(cli_get_val ${1})
284 plugin_options=$(cli_get_val ${1})
287 pty=$(cli_get_val ${1})
289 # Refused authentication methods
291 list_append refuses "$(cli_get_val "${1}")"
292 error_log "REFUSES $refuses $1"
294 # Sets if the modem is a serial device.
296 serial=$(cli_get_val ${1})
299 serial_device=$(cli_get_val ${1})
302 username=$(cli_get_val ${1})
305 log WARNING "Unhandled argument: ${1}"
311 if [ -z "${interface}" ]; then
312 log ERROR "You need to set the interface name: ${interface}"
315 linkname="${interface}"
318 if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
319 log ERROR "Unsupported auth method: ${auth}"
324 if enabled serial; then
325 assert isset serial_device
326 assert [ -c "${serial_device}" ]
329 # Set the user credentials.
330 ppp_secret "${username}" "${password}"
332 # Write the configuration header.
333 mkdir -p $(dirname ${file}) 2>/dev/null
334 config_header "PPP daemon configuration file" > ${file}
336 # At first, set the name of the link.
337 print "linkname ${linkname}\n" >> ${file}
339 # Configure the interface/zone name.
341 print "# Interface name"
342 print "ifname ${interface}"
347 if isset plugin; then
349 print "# Plugin settings"
350 print "plugin ${plugin} ${plugin_options}"
358 print "# pty settings"
359 print "pty \"${pty}\""
364 # User authentication
365 if isset username; then
367 print "# User authentication"
368 print "user ${username}"
372 print "require-${auth}"
375 # Refused authentication methods
376 for refuse in ${refuses}; do
377 print "refuse-${refuse}"
384 if enabled ipv6; then
386 print "# IPv6 support"
394 isset mru || mru=${mtu}
397 print "# MTU/MRU settings"
404 if enabled serial; then
406 print "# Serial modem settings"
407 print "${serial_device} ${baudrate}"
415 if isset connect_cmd; then
417 print "# Connect command"
418 print "connect \"${connect_cmd}\""
425 if enabled default_asyncmap; then
427 print "# Use the default asyncmap."
428 print "default-asyncmap"
435 print "# LCP settings"
436 print "lcp-echo-failure ${lcp_echo_failure}"
437 print "lcp-echo-interval ${lcp_echo_interval}"
441 # Add the default settings.
443 print "# Disable the compression"
444 print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"
446 print "noipdefault updetach debug"