2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2018 IPFire Network Development Team #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 BIRD_CONF
="/etc/bird.conf"
25 service_start
"bird.service"
29 service_stop
"bird.service"
33 service_reload
"bird.service"
36 # Update configuration any apply it in one go
38 if ! bird_generate_config
; then
39 log ERROR
"Could not write Bird configuration"
47 bird_generate_config
() {
48 log DEBUG
"Write BIRD configuration file"
51 config_header
"bird" > ${BIRD_CONF}
53 # Write some basic settings
56 print
"# Log everything to syslog"
57 print
"log syslog all;"
60 print
"# Turn on internal watchdog"
61 print
"watchdog warning 5s;"
62 print
"watchdog timeout 30s;"
65 print
"# Define default route tables"
66 print
"ipv6 table master6;"
67 print
"ipv4 table master4;"
69 print
"# Enable device configuration"
70 print
"protocol device {}"
73 print
"# Export all routes to kernel"
74 for proto
in ${IP_SUPPORTED_PROTOCOLS}; do
75 print
"protocol kernel {"
77 print
" table ${proto/ipv/master};"
87 for proto
in ${IP_SUPPORTED_PROTOCOLS}; do
88 print
"protocol static {"
92 # Read routes for this protocol from configuration
93 __bird_static_routes
"${proto}"
99 # Write IPv6 Router Advertisement configuration
100 __bird_ipv6_radv
>> ${BIRD_CONF}
103 __bird_static_routes
() {
107 local ${NETWORK_CONFIG_ROUTES_PARAMS}
110 route_parse_line
"${line}"
111 [ $?
-eq ${EXIT_OK} ] ||
continue
115 for arg
in unreachable prohibit blackhole
; do
116 if enabled
"${arg}"; then
122 # Skip all routes of another protocol
123 local _proto
="$(ip_detect_protocol "${network}")"
124 if [ "${proto}" != "${_proto}" ]; then
129 unreachable|prohibit|blackhole
)
130 print
" route ${network} ${type};"
134 print
" route ${network} via ${gateway};"
137 done < ${NETWORK_CONFIG_ROUTES}
141 print
"protocol radv {"
144 for zone
in $
(zones_get_local
); do
145 log DEBUG
"Writing bird radv configuration for ${zone}"
147 # Skip if there is no prefix or prefix is link-local.
148 local addr
="$(db_get "${zone}/ipv
6/local-ip-address
")"
149 if [ -z "${addr}" ] ||
[ "${addr:0:5}" = "fe80:" ]; then
153 # Check if the subnet is configured by the DHCP server.
155 local prefix
="$(ipv6_get_network "${addr}")"
156 if isset prefix
&& dhcpd_subnet_match ipv6
"${prefix}"; then
160 print
" interface \"${zone}\" {"
161 # Failover to other routers within 10s
162 print
" max ra interval 10;"
164 # Tell clients we are running DHCP
165 if enabled dhcp
; then
166 print
" managed yes;"
167 print
" other config yes;"
170 if device_exists
"${zone}"; then
172 local mtu
="$(device_get_mtu "${zone}")"
173 print
" link mtu ${mtu};"
178 # Announce all prefixes
179 print
" prefix ::/0 {"
181 if enabled dhcp
; then
182 print
" autonomous off;"
189 # Advertise any DNS servers
190 if enabled DNS_ADVERTISE_SERVERS
; then
191 # Get a list of all IPv6 name servers
194 for server
in $
(dns_server_list_sorted
); do
195 # Skip any non-IPv6 servers
196 ipv6_is_valid
"${server}" ||
continue
198 servers
+=( "${server}" )
201 if isset servers
; then
205 for server
in ${servers}; do
206 print
" ns ${server};"
217 for domain
in $
(dns_get_search_domains
); do
218 print
" domain \"${domain}\";"