2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 function virtual_init
() {
25 ebtables-restore
<<EOF
33 -A BROUTING -p 802_1Q -j DROP
37 init_register virtual_init
39 function virtual_create
() {
43 local newport
=${port}v
${vid}
45 if [ -z "${mac}" ]; then
49 log INFO
"Creating virtual device '${newport}' with address '${mac}'."
51 local oldport
=$
(virtual_get_by_parent_and_vid
${port} ${vid})
53 if device_exists
${oldport}; then
56 if [ "${oldport}" != "${newport}" ]; then
57 differences
="${differences} name"
59 if [ "$(device_get_address ${oldport})" != "${mac}" ]; then
60 differences
="${differences} address"
63 echo "differences: $differences"
65 if [ -n "${differences}" ]; then
66 if device_is_used
${oldport}; then
67 error_log
"There was a device '${oldport}' set up with VID '${vid}' and parent '${port}' which is used somewhere else. Cannot go on."
70 log DEBUG
"There is a device '${oldport}' but it not used, so we grab it to ourselves."
73 log DEBUG
"Device '${newport}' already exists and reflects our configuration. Go on."
75 device_set_up
${oldport}
80 log DEBUG
"Virtual device '${newport}' does not exist, yet."
82 vconfig set_name_type DEV_PLUS_VID_NO_PAD
>/dev
/null
83 vconfig add
${port} ${vid} >/dev
/null
85 if [ $?
-ne ${EXIT_OK} ]; then
86 error_log
"Could not create virtual device '${newport}'."
90 oldport
=$
(virtual_get_by_parent_and_vid
${port} ${vid})
94 assert device_exists
${oldport}
96 if ! device_exists
${oldport}; then
97 error
"Could not determine the created virtual device '${newport}'."
101 # The device is expected to be named like ${port}.${vid}
102 # and will be renamed to the virtual schema
103 device_set_name
${oldport} ${newport}
105 if [ $?
-ne ${EXIT_OK} ]; then
106 error_log
"Could not set name of virtual device '${newport}'."
110 assert device_exists
${newport}
112 # Setting new mac address
113 device_set_address
${newport} ${mac}
115 if [ $?
-ne ${EXIT_OK} ]; then
116 error_log
"Could not set address '${mac}' to virtual device '${newport}'."
120 # Bring up the new device
121 device_set_up
${newport}
126 function virtual_remove
() {
129 log INFO
"Removing virtual device '${device}' with address '$(macify ${device})'."
131 device_set_down
${device}
133 vconfig rem
${device} >/dev
/null
135 if [ $?
-ne ${EXIT_OK} ]; then
136 error_log
"Could not remote virtual device '${newport}'."
143 function virtual_get_parent
() {
146 local parent
=$
(grep "^${device}" < /proc
/net
/vlan
/config |
awk '{ print $NF }')
148 if device_exists
${parent}; then
156 function virtual_get_by_parent_and_vid
() {
167 assert
[ -e "/proc/net/vlan/config" ]
169 fgrep
'|' < /proc
/net
/vlan
/config |
tr -d '|' | \
170 while read v_port v_id v_parent
; do
171 if [ "${v_parent}" = "${parent}" ] && [ "${v_id}" = "${vid}" ]; then