#!/bin/bash
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see . #
# #
###############################################################################
. /lib/network/header-zone
# TODO AC name, service name, sync?
HOOK_SETTINGS="HOOK AUTH LINKNAME USER SECRET PEERDNS DEFAULTROUTE MTU"
HOOK_SETTINGS="${HOOK_SETTINGS} DEVICE DEVICE_VID DEVICE_TYPE"
AUTH=
DEFAULTROUTE=1
LINKNAME="$(uuid)"
MTU=1492
PEERDNS=1
SECRET=
USER=
PPPOE_ALLOWED_AUTHS="chap pap"
PPPOE_PLUGIN="rp-pppoe.so"
function _pppoe_real_device() {
local device
if [ -n "${DEVICE_VID}" ]; then
device="${DEVICE_MAC}"
else
device="${DEVICE}"
fi
devicify ${device}
}
function _check() {
assert isset USER
assert isset SECRET
assert isset LINKNAME
assert isset DEFAULTROUTE
assert isset PEERDNS
assert isset DEVICE
assert isset DEVICE_TYPE
assert isbool DEFAULTROUTE
assert isbool PEERDNS
assert ismac DEVICE
assert isoneof DEVICE_TYPE real virtual
isset AUTH && assert isoneof AUTH ${PPPOE_ALLOWED_AUTHS}
isset DEVICE_ID && assert isinteger DEVICE_VID
}
function _parse_cmdline() {
while [ $# -gt 0 ]; do
case "$1" in
--user=*)
USER=${1#--user=}
;;
--secret=*)
SECRET=${1#--secret=}
;;
--linkname=*)
LINKNAME=${1#--name=}
;;
--mtu=*)
MTU=${1#--mtu=}
;;
--no-defaultroute)
DEFAULTROUTE=0
;;
--no-dns)
PEERDNS=0
;;
--auth=*)
AUTH=${1#--auth=}
;;
--device=*)
DEVICE=${1#--device=}
;;
--device-vid=*)
DEVICE_VID=${1#--device-vid=}
;;
*)
echo "Unknown option: $1" >&2
exit ${EXIT_ERROR}
;;
esac
shift
done
if ! device_exists $(devicify ${DEVICE}); then
error "Device '${DEVICE}' does not exist."
exit ${EXIT_ERROR}
fi
DEVICE=$(macify ${DEVICE})
if isset DEVICE_VID; then
DEVICE_TYPE="virtual"
else
DEVICE_TYPE="real"
fi
}
function _up() {
local zone=${1}
shift
config_read ${ZONE_DIR}/${zone}/settings
# Creating necessary files
[ -d "${RED_RUN}/${LINKNAME}" ] || mkdir -p ${RED_RUN}/${LINKNAME}
# Setting up the device
if [ -n "${DEVICE_VID}" ]; then
device_create_virtual ${DEVICE} ${DEVICE_VID} ${DEVICE_MAC}
else
device_set_up ${DEVICE}
fi
ppp_secret "${USER}" "${SECRET}"
cat <${RED_RUN}/${LINKNAME}/options
# Naming options
ifname ${zone}
name ${LINKNAME}
linkname ${LINKNAME}
plugin ${PPPOE_PLUGIN} $(_pppoe_real_device)
# User configuration
user ${USER}
$(enabled PEERDNS && echo "usepeerdns")
$(enabled DEFAULTROUTE && echo "defaultroute")
noauth
$(isset AUTH && echo "require-${AUTH}")
noipdefault
# Maximum transmission/receive unit
mtu ${MTU}
mru ${MTU}
# Disable the compression
noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe
updetach debug
EOF
pppd file ${RED_RUN}/${LINKNAME}/options >/dev/null
local ret=$?
# Get exit code from ppp daemon and handle it:
case "${ret}" in
0)
log DEBUG "pppd detached successfully"
exit ${EXIT_OK}
;;
esac
error_log "pppd exited with unknown exit code '${ret}'"
exit ${EXIT_ERROR}
}
function _down() {
local zone=${1}
shift
config_read ${ZONE_DIR}/${zone}/settings
# Kill pppd
pid=$(cat /var/run/${zone}.pid 2>/dev/null)
if [ -n "${pid}" ]; then
kill ${pid} &>/dev/null
fi
# Pull down device or remove virtual one
if [ -n "${DEVICE_VID}" ]; then
device_remove_virtual ${DEVICE_MAC}
else
device_set_down ${DEVICE}
fi
exit ${EXIT_OK}
}
function _discover() {
local device=${1}
if [ "$(device_get_type ${device})" != "real" ]; then
exit ${EXIT_ERROR}
fi
local output
output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1)
# Exit if there was not output
[ -z "${output}" ] && exit ${DISCOVER_ERROR}
# Exit if PADI timed out
grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR}
local ac
while read line; do
case "${line}" in
Access-Concentrator:*)
ac="${line#Access-Concentrator: }"
;;
esac
done <<<"${output}"
echo "ACCESS_CONCENTRATOR=\"$ac\""
exit ${DISCOVER_OK}
}
run $@