2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 function virtual_init
() {
25 ebtables-restore
<<EOF
33 -A BROUTING -p 802_1Q -j DROP
37 function virtual_create
() {
41 local newport
=${port}v
${vid}
43 if [ -z "${mac}" ]; then
47 # Initialize the vlan drivers just when we need them.
50 log INFO
"Creating virtual device '${newport}' with address '${mac}'."
52 local oldport
=$
(virtual_get_by_parent_and_vid
${port} ${vid})
54 if device_exists
${oldport}; then
57 if [ "${oldport}" != "${newport}" ]; then
58 differences
="${differences} name"
60 if [ "$(device_get_address ${oldport})" != "${mac}" ]; then
61 differences
="${differences} address"
64 echo "differences: $differences"
66 if [ -n "${differences}" ]; then
67 if device_is_used
${oldport}; then
68 error_log
"There was a device '${oldport}' set up with VID '${vid}' and parent '${port}' which is used somewhere else. Cannot go on."
71 log DEBUG
"There is a device '${oldport}' but it not used, so we grab it to ourselves."
74 log DEBUG
"Device '${newport}' already exists and reflects our configuration. Go on."
76 device_set_up
${oldport}
81 log DEBUG
"Virtual device '${newport}' does not exist, yet."
83 vconfig set_name_type DEV_PLUS_VID_NO_PAD
>/dev
/null
84 vconfig add
${port} ${vid} >/dev
/null
86 if [ $?
-ne ${EXIT_OK} ]; then
87 error_log
"Could not create virtual device '${newport}'."
91 oldport
=$
(virtual_get_by_parent_and_vid
${port} ${vid})
95 assert device_exists
${oldport}
97 if ! device_exists
${oldport}; then
98 error
"Could not determine the created virtual device '${newport}'."
102 # The device is expected to be named like ${port}.${vid}
103 # and will be renamed to the virtual schema
104 device_set_name
${oldport} ${newport}
106 if [ $?
-ne ${EXIT_OK} ]; then
107 error_log
"Could not set name of virtual device '${newport}'."
111 assert device_exists
${newport}
113 # Setting new mac address
114 device_set_address
${newport} ${mac}
116 if [ $?
-ne ${EXIT_OK} ]; then
117 error_log
"Could not set address '${mac}' to virtual device '${newport}'."
121 # Bring up the new device
122 device_set_up
${newport}
127 function virtual_remove
() {
130 log INFO
"Removing virtual device '${device}' with address '$(macify ${device})'."
132 device_set_down
${device}
134 vconfig rem
${device} >/dev
/null
136 if [ $?
-ne ${EXIT_OK} ]; then
137 error_log
"Could not remote virtual device '${newport}'."
144 function virtual_get_parent
() {
147 local parent
=$
(grep "^${device}" < /proc
/net
/vlan
/config |
awk '{ print $NF }')
149 if device_exists
${parent}; then
157 function virtual_get_by_parent_and_vid
() {
168 assert
[ -e "/proc/net/vlan/config" ]
170 fgrep
'|' < /proc
/net
/vlan
/config |
tr -d '|' | \
171 while read v_port v_id v_parent
; do
172 if [ "${v_parent}" = "${parent}" ] && [ "${v_id}" = "${vid}" ]; then