require '/var/ipfire/general-functions.pl';
require "${General::swroot}/lang.pl";
require "${General::swroot}/header.pl";
+require "${General::swroot}/network-functions.pl";
###--- HTML HEAD ---###
my $extraHead = <<END
#zoneconf td.heading {
background-color: lightgrey;
color: white;
- }
+ }
#zoneconf td.heading.bold::first-line {
font-weight: bold;
line-height: 1.6;
&Header::getcgihash(\%cgiparams);
&Header::showhttpheaders();
-# Define all zones we will check for NIC assignment
-my @zones = ("red", "green", "orange", "blue");
+# Get all network zones that are currently enabled
+my @zones = Network::get_available_network_zones();
# Get all physical NICs present
opendir(my $dh, "/sys/class/net/");
}
}
-### Functions ###
-
-# Check if a zone is in IP mode or in PPP, PPPoE, VDSL, ... mode
-sub is_zonetype_ip {
- my $zone_type = shift;
- return ($zone_type eq "STATIC" || $zone_type eq "DHCP");
-}
-
-# Check if a zone is activated (device assigned)
-sub is_zone_activated {
- my $zone = uc shift;
- return ($ethsettings{"${zone}_DEV"} ne "");
-}
-
### START PAGE ###
&Header::openpage($Lang::tr{"zoneconf title"}, 1, $extraHead);
&Header::openbigbox('100%', 'center');
### Evaluate POST parameters ###
if ($cgiparams{"ACTION"} eq $Lang::tr{"save"}) {
- my %VALIDATE_nic_check = ();
- my $VALIDATE_error = "";
+ my %VALIDATE_nic_check = (); # array of flags (assigned, restricted/pppoe, vlan, ...) per NIC
+ my $VALIDATE_error = ""; # contains an error message if the config validation failed
- foreach (@zones) {
+ # Loop trough all known zones to ensure a complete configuration file is created
+ foreach (@Network::known_network_zones) {
my $uc = uc $_;
- my $slave_string = "";
+ my $slave_string = ""; # list of interfaces attached to the bridge
my $zone_mode = $cgiparams{"MODE $uc"};
my $VALIDATE_vlancount = 0;
my $VALIDATE_zoneslaves = 0;
+ # Each zone can contain up to one bridge and up to one VLAN,
+ # cache their mac addresses to prevent unnecessary changes
+ my $bridge_mac = $ethsettings{"${uc}_MACADDR"};
+ my $vlan_mac = $vlansettings{"${uc}_MAC_ADDRESS"};
+
+ # Clear old configuration
$ethsettings{"${uc}_MACADDR"} = "";
$ethsettings{"${uc}_MODE"} = "";
$ethsettings{"${uc}_SLAVES"} = "";
next;
}
+ # Zone in bridge mode: Always assign a MAC to the bridge
+ if($zone_mode eq "BRIDGE") {
+ # Ensure that the bridge's cached MAC does not come from a real NIC
+ # (this could happen if the zone was in default mode before)
+ foreach (@nics) {
+ my $nic_mac = $_->[0];
+ if(Network::is_mac_equal($bridge_mac, $nic_mac)) {
+ $bridge_mac = "";
+ last;
+ }
+ }
+
+ # Generate random MAC if none was configured
+ if(! Network::valid_mac($bridge_mac)) {
+ $bridge_mac = Network::random_mac();
+ }
+
+ # Assign the address to the bridge
+ $ethsettings{"${uc}_MACADDR"} = $bridge_mac;
+ }
+
foreach (@nics) {
my $mac = $_->[0];
my $nic_access = $cgiparams{"ACCESS $uc $mac"};
next unless ($nic_access);
+ # This NIC is to be assigned: check preconditions
if ($nic_access ne "NONE") {
if ($VALIDATE_nic_check{"RESTRICT $mac"}) { # If this interface is already assigned to RED in PPP mode, throw an error
$VALIDATE_error = $Lang::tr{"zoneconf val ppp assignment error"};
last;
}
+ # Enforce bridge mode when you try to assign multiple NICs to a zone
if ($zone_mode ne "BRIDGE" && $VALIDATE_zoneslaves > 0 && $nic_access ne "") {
$VALIDATE_error = $Lang::tr{"zoneconf val zoneslave amount error"};
last;
}
+ # Mark this NIC as "accessed by zone"
$VALIDATE_nic_check{"ACC $mac"} = 1;
$VALIDATE_zoneslaves++;
}
$VALIDATE_nic_check{"NATIVE $mac"} = 1;
+ # Zone in bridge mode: Add NIC to slave list. Otherwise access NIC directly
if ($zone_mode eq "BRIDGE") {
$slave_string = "${slave_string}${mac} ";
} else {
$VALIDATE_nic_check{"VLAN $mac $vlan_tag"} = 1;
- if (! looks_like_number($vlan_tag)) {
- last;
- }
- if ($vlan_tag < 1 || $vlan_tag > 4095) {
+ # check VLAN tag range: 1..4094 (0, 4095 are reserved)
+ unless (looks_like_number($vlan_tag) && ($vlan_tag >= 1) && ($vlan_tag <= 4094)) {
+ $VALIDATE_error = $Lang::tr{"zoneconf val vlan tag range error"};
last;
}
- my $rnd_mac = &Network::random_mac();
+ # Generate random MAC if none was configured
+ if(! Network::valid_mac($vlan_mac)) {
+ $vlan_mac = Network::random_mac();
+ }
$vlansettings{"${uc}_PARENT_DEV"} = $mac;
$vlansettings{"${uc}_VLAN_ID"} = $vlan_tag;
- $vlansettings{"${uc}_MAC_ADDRESS"} = $rnd_mac;
+ $vlansettings{"${uc}_MAC_ADDRESS"} = $vlan_mac; # Generated MAC
+ # Zone in bridge mode: Add VLAN to slave list
if ($zone_mode eq "BRIDGE") {
- $slave_string = "${slave_string}${rnd_mac} ";
+ $slave_string = "${slave_string}${vlan_mac} ";
}
$VALIDATE_vlancount++; # We can't allow more than one VLAN per zone
if ($zone_mode eq "BRIDGE") {
$ethsettings{"${uc}_MODE"} = "bridge";
$ethsettings{"${uc}_SLAVES"} = $slave_string;
- } elsif ($zone_mode eq "MACVTAP") {
- $ethsettings{"${uc}_MODE"} = "macvtap";
}
# STP options
foreach (@zones) {
my $uc = uc $_;
- # If the zone is not activated, don't show it
- next unless is_zone_activated($_);
-
# If the red zone is in PPP mode, don't show a mode dropdown
if ($uc eq "RED") {
my $red_type = $ethsettings{"RED_TYPE"};
- unless (is_zonetype_ip($red_type)) {
+ unless (Network::is_red_mode_ip()) {
print "\t\t<td class='heading bold $_'>$uc ($red_type)</td>\n";
next; # We're done here
$mode_selected{"DEFAULT"} = "selected";
} elsif ($zone_mode eq "bridge") {
$mode_selected{"BRIDGE"} = "selected";
- } elsif ($zone_mode eq "macvtap") {
- $mode_selected{"MACVTAP"} = "selected";
}
print <<END
<td class='heading bold $_'>$uc<br>
- <select name="MODE $uc">
+ <select name="MODE $uc" data-zone="$uc" onchange="changeZoneMode(this)">
<option value="DEFAULT" $mode_selected{"DEFAULT"}>$Lang::tr{"zoneconf nicmode default"}</option>
<option value="BRIDGE" $mode_selected{"BRIDGE"}>$Lang::tr{"zoneconf nicmode bridge"}</option>
- <option value="MACVTAP" $mode_selected{"MACVTAP"}>$Lang::tr{"zoneconf nicmode macvtap"}</option>
</select>
</td>
END
my $uc = uc $_;
my $highlight = "";
- # If the zone is not activated, don't show it
- next unless is_zone_activated($_);
-
if ($uc eq "RED") {
# VLANs/Bridging is not possible if the RED interface is set to PPP, PPPoE, VDSL, ...
- unless (is_zonetype_ip($ethsettings{"RED_TYPE"})) {
+ unless (Network::is_red_mode_ip()) {
my $checked = "";
if ($mac eq $ethsettings{"${uc}_MACADDR"}) {
<option value="NATIVE" $access_selected{"NATIVE"}>$Lang::tr{"zoneconf access native"}</option>
<option value="VLAN" $access_selected{"VLAN"} $vlan_disabled>$Lang::tr{"zoneconf access vlan"}</option>
</select>
- <input type="number" class="vlanid" id="TAG-$uc-$mac" name="TAG $uc $mac" min="1" max="4095" value="$zone_vlan_id" $field_disabled>
+ <input type="number" class="vlanid" id="TAG-$uc-$mac" name="TAG $uc $mac" min="1" max="4094" value="$zone_vlan_id" required $field_disabled>
</td>
END
;
foreach (@zones) { # load settings and prepare form elements for each zone
my $uc = uc $_;
- # skip if zone is not activated
- next unless is_zone_activated($_);
-
# STP is not available if the RED interface is set to PPP, PPPoE, VDSL, ...
if ($uc eq "RED") {
- unless (is_zonetype_ip($ethsettings{"RED_TYPE"})) {
+ unless (Network::is_red_mode_ip()) {
push(@stp_html, ["\t\t<td></td>\n", "\t\t<td></td>\n"]); # print empty cell
next;
}
my $stp_enabled = $ethsettings{"${uc}_STP"} eq "on";
my $stp_priority = $ethsettings{"${uc}_STP_PRIORITY"};
+ # set priority to default value if no numerical value is configured
+ $stp_priority = 32768 unless looks_like_number($stp_priority);
+
# form element modifiers
my $checked = "";
my $disabled = "";
# enable checkbox HTML
my $row_1 = <<END
<td>
- <input type="checkbox" name="STP-$uc" $disabled $checked>
+ <input type="checkbox" id="STP-$uc" name="STP-$uc" data-zone="$uc" onchange="changeEnableSTP(this)" $disabled $checked>
</td>
END
;
# priority input box HTML
my $row_2 = <<END
<td>
- <input type="number" class="stp-priority" name="STP-PRIORITY-$uc" min="1" max="65535" value="$stp_priority" $disabled>
+ <input type="number" class="stp-priority" id="STP-PRIORITY-$uc" name="STP-PRIORITY-$uc" min="1" max="65535" value="$stp_priority" required $disabled>
</td>
END
;
projects / people / mfischer / ipfire-2.x.git / blobdiff