]>
git.ipfire.org Git - people/stevee/network.git/log
Michael Tremer [Fri, 4 Aug 2017 13:30:31 +0000 (13:30 +0000)]
ipsec: Only allow strict use of security policies
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 4 Aug 2017 13:29:41 +0000 (13:29 +0000)]
ipsec: Fix DPD configuration
dpd_action has to go into the children section
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 4 Aug 2017 12:07:12 +0000 (14:07 +0200)]
bash-autocompletion: up and down for ipsec connections
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 4 Aug 2017 12:51:35 +0000 (12:51 +0000)]
ipsec: Add prototype-level support for GRE tunnels
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 4 Aug 2017 12:50:05 +0000 (12:50 +0000)]
ip-tunnel: Add support for GRE tunnels
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 4 Aug 2017 12:49:42 +0000 (12:49 +0000)]
ipsec: Fix configuration variable list
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 4 Aug 2017 12:12:44 +0000 (12:12 +0000)]
ipsec: Add prototype-level support for VTI
This will create a VTI interface for IPsec connections
configured as such and bring it up so that traffic can
be passed around.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 4 Aug 2017 11:59:04 +0000 (11:59 +0000)]
ipsec: Add commands to bring connections up and down
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 4 Aug 2017 11:57:32 +0000 (11:57 +0000)]
ip-tunnel: Make local address optional
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 4 Aug 2017 08:32:13 +0000 (10:32 +0200)]
bash-autocompletion: add basic security-policy support
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 4 Aug 2017 08:32:12 +0000 (10:32 +0200)]
raw: add command vpn-security-policy-exists
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 16:33:28 +0000 (18:33 +0200)]
ipsec: add local address, dpd settings and start action settings
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 15:47:51 +0000 (15:47 +0000)]
ipsec: Support Dead Peer Detection
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 15:40:21 +0000 (15:40 +0000)]
ipsec: Allow defining START_ACTION
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 15:20:19 +0000 (15:20 +0000)]
ipsec: Support binding a connection to a certain address
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 14:53:03 +0000 (14:53 +0000)]
ipsec: Write functions to generate strongSwan configuration
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 12:08:04 +0000 (12:08 +0000)]
ipsec: Disable compression in system policy
Compression in IPsec is slow (strongSwan only supports
DEFLATE) and there are security concerns about it
revealing information about the plaintext.
So for a little gain in bandwith, it does not seem to
be right to take that risk right now.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 12:07:40 +0000 (12:07 +0000)]
ipsec: Fix typos in CLI parsing
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 12:07:21 +0000 (12:07 +0000)]
security-policies: List "performance" as read-only
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 11:44:40 +0000 (13:44 +0200)]
bash-autocompletion: fix typos
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 10:51:27 +0000 (12:51 +0200)]
ipsec: add basic bash completion for ipsec
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 10:51:26 +0000 (12:51 +0200)]
raw: add command new list-vpn-security-policies-all
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 10:51:25 +0000 (12:51 +0200)]
raw: add new command list-ipsec-connections
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 10:51:24 +0000 (12:51 +0200)]
raw: add new command ipsec-connection-exists
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 10:51:23 +0000 (12:51 +0200)]
vpn-security-policies: add new function vpn_security_policies_list_all
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 10:51:22 +0000 (12:51 +0200)]
ipsec: add new function ipsec_list_connections
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 3 Aug 2017 09:26:53 +0000 (09:26 +0000)]
Fix typo
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 3 Aug 2017 09:26:14 +0000 (09:26 +0000)]
wpa_supplication: Correctly escape SSIDs with spaces
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 31 Jul 2017 09:28:33 +0000 (11:28 +0200)]
vti: Disable policy lookups for VTI devices
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Mon, 31 Jul 2017 09:12:02 +0000 (11:12 +0200)]
ipsec: Check PSK for a good length
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 17:02:15 +0000 (19:02 +0200)]
ipsec: Fix typo in warning message
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 17:01:11 +0000 (19:01 +0200)]
ipsec: Fix another shell syntax error
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 17:00:42 +0000 (19:00 +0200)]
ipsec: Always make value of AUTH_MODE uppercase
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 16:30:34 +0000 (18:30 +0200)]
ipsec: Add connection show command
This shows the current configuration of a connection
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 16:29:44 +0000 (18:29 +0200)]
ipsec: Fix another bash syntax error
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 13:37:15 +0000 (15:37 +0200)]
ipsec: Fix typo
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 13:29:13 +0000 (15:29 +0200)]
ipsec: Move connections to /etc/network/vpn/ipsec/connections
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 13:24:46 +0000 (15:24 +0200)]
Makefile: Fix alphabetical order
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 13:24:12 +0000 (15:24 +0200)]
vpn: Move VPN CLI functions into separate files
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sun, 30 Jul 2017 13:14:58 +0000 (15:14 +0200)]
route: Move CLI functions into functions file
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 29 Jul 2017 08:39:37 +0000 (10:39 +0200)]
network: add new ipsec functionality
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Sat, 29 Jul 2017 08:39:36 +0000 (10:39 +0200)]
ipsec: add new functions
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Thu, 27 Jul 2017 12:07:01 +0000 (14:07 +0200)]
config hook: prevent two hooks with the same settings
A ipv4-static config with the same IPv4 address twice is senseless.
A new function zone_config_check_same_setting is introduced.
The function provides an easy way to check if a config
of the given hook has the same value for a given key.
We can now check inside hook_new if an ipv4-static or ipv6-static config
with the same value exist and break with an error.
Fixes: #11418
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:44 +0000 (10:44 +0200)]
autocompletion: use hids instead of ids
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:43 +0000 (10:44 +0200)]
raw: add command zone-config-hid-is-valid
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:42 +0000 (10:44 +0200)]
raw: add command list-zone-config-hids
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:41 +0000 (10:44 +0200)]
header-config: add generic hook_hid function
This function will always be there so when we call hook_hid we will get a result.
This is also nice for testing.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:40 +0000 (10:44 +0200)]
hook: also hook_hid is a valid command
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:39 +0000 (10:44 +0200)]
zone: config list print also hids
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:38 +0000 (10:44 +0200)]
zone: accept also hids in zone_config()
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 26 Jul 2017 08:44:37 +0000 (10:44 +0200)]
zone: add config hid functions
These are the basic functions to work with hids.
Fixes: #11406
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 14 Jul 2017 12:19:42 +0000 (14:19 +0200)]
header-zone: refactor hook_config_destroy
We now just bring the hook down, execute hook_destroy which can be not empty inside the hook,
because it is defined in src/header-config.
After this we delete the config file.
Fixes: #11416
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Fri, 14 Jul 2017 12:19:41 +0000 (14:19 +0200)]
zone: new function zone_config_settings_destroy
Similar to zone_config_settings_write and zone_config_settings_read
this function provides an easy way to delete a config file.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Mon, 24 Jul 2017 19:10:05 +0000 (21:10 +0200)]
autocompletion: improve config part
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Mon, 24 Jul 2017 19:10:04 +0000 (21:10 +0200)]
network: add new raw command zone-config-id-is-valid
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Mon, 24 Jul 2017 19:10:03 +0000 (21:10 +0200)]
network: add new raw command list-zone-config-ids
This commands make it possible to list all used ids
for a zone from the command line.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Mon, 24 Jul 2017 19:10:02 +0000 (21:10 +0200)]
zone: add new function zone_config_list_ids
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Sat, 22 Jul 2017 20:10:48 +0000 (22:10 +0200)]
Remove support for Rapid Spanning Tree Protocol
The userspace daemon is not very stable and unfortunately
not very well tested so that reliable use of it is impossible
right now.
We keep supporting STP as implemented in the Linux kernel
which has some disadvantages, but has proven to be more solid.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 20:43:39 +0000 (22:43 +0200)]
security-policies: Add new "performance" policy
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 20:38:19 +0000 (22:38 +0200)]
Remove overcomplicated list assignment which doesn't work
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 20:32:33 +0000 (22:32 +0200)]
Fix syntax error after line-break
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 20:23:23 +0000 (22:23 +0200)]
util: Log return code of commands only if something failed
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 20:14:20 +0000 (22:14 +0200)]
list: Make use of the assign function to set variables
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 20:14:06 +0000 (22:14 +0200)]
header-port: Remove unsafe use of eval
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 20:13:44 +0000 (22:13 +0200)]
list: Remove unsafe use of eval
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 19:15:08 +0000 (21:15 +0200)]
security-polices: Improve modification of cipher lists
This now supports setting a cipher list in one command and returns
some useful warnings when an intended change could not be performed.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 18:26:32 +0000 (20:26 +0200)]
batman-adv: Use correct functions to read from /sys/class/net
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 18:19:06 +0000 (20:19 +0200)]
Improve performance of reading files from the device tree
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 18:16:11 +0000 (20:16 +0200)]
Add support for VTI interfaces
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Fri, 21 Jul 2017 17:51:25 +0000 (19:51 +0200)]
security-policies: Add function to generate ESP proposal for strongswan
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Thu, 20 Jul 2017 22:21:49 +0000 (00:21 +0200)]
security-policies: Add function to generate AH proposal for strongswan
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:56:48 +0000 (21:56 +0200)]
securiy-policies: Enhance system policy to support elliptic curves
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:54:24 +0000 (21:54 +0200)]
security-policies: Show descriptions for group types
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:51:34 +0000 (21:51 +0200)]
security-policies: Add all supported group types
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:31:34 +0000 (21:31 +0200)]
Fix typo in integrity description
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:31:09 +0000 (21:31 +0200)]
security-policies: Show integrity with description
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:29:06 +0000 (21:29 +0200)]
security-policies: Add all supported integrity for now
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:24:51 +0000 (21:24 +0200)]
security-policies: Show description for each cipher instead of handle
This is easier and nicer to read
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:22:01 +0000 (21:22 +0200)]
security-policies: Import all ciphers that we support for now
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:13:44 +0000 (21:13 +0200)]
security-policies: Turn VPN_SUPPORTED_CIPHERS into an associative array
This allows us to store meaningful descriptions with the handles
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:08:04 +0000 (21:08 +0200)]
Avoid lines getting too long
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:04:26 +0000 (21:04 +0200)]
security-polices: Create a system policy
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 19:04:04 +0000 (21:04 +0200)]
security-policies: Show policy after it has been created
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 18:53:55 +0000 (20:53 +0200)]
security-policies: Check if default policy exists
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 18:50:48 +0000 (20:50 +0200)]
copy: Do not empty $dst when source file cannot be read
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 18:47:01 +0000 (20:47 +0200)]
security-polcies: Only allow creating one policy at a time
This keeps the function easier and lets it return a better error code
when ever something goes wrong.
I don't expect to do anyone doing this in bulk.
I also changed some of the error messages.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 18:38:02 +0000 (20:38 +0200)]
security-policies: Improve coding style
No functional changes.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 17:11:54 +0000 (19:11 +0200)]
copy: Remove trailing dot from log message
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 17:11:33 +0000 (19:11 +0200)]
copy: Move comment to right spot
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Michael Tremer [Wed, 19 Jul 2017 17:11:08 +0000 (19:11 +0200)]
copy: Make function handle paths with spaces
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Mon, 17 Jul 2017 19:05:18 +0000 (21:05 +0200)]
Add vpn security policies to cli
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 14:10:22 +0000 (16:10 +0200)]
hook: return error codes to previos functions
When we call an hook we should not exit with the error code.
Instead we should return the code to the function that called that hook function.
So we candle handle errors better.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 14:10:21 +0000 (16:10 +0200)]
zone: fix zone_new
Everytime somethings goes wrong when we call hook_new we wannt to call zone_destroy.
Not only when we get an EXIT_ERROR also when we get an EXIT_CONF_ERROR and so on.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 14:10:20 +0000 (16:10 +0200)]
header-zone: refactor hook_edit nad hook_new
We now return error codes and break when something important goes wrong.
because of that, we have to split hook_new and hook_edit.
When zone_settins-read fails in hook_edit we cannot go but it would every time we would call it in hook_new.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 08:52:38 +0000 (10:52 +0200)]
ipv4-static: create hook_parse_cmdline function
This patch just split the parsing of the cmd line
into a separate function to allowing an edit with the generic hook_edit function.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 08:52:37 +0000 (10:52 +0200)]
ipv6-auto: create hook_parse_cmdline function
This patch just split the parsing of the cmd line
into a separate function to allowing an edit with the generic hook_edit function.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 08:52:36 +0000 (10:52 +0200)]
ipv6-static: create hook_parse_cmdline function
This patch just split the parsing of the cmd line
into a separate function to allowing an edit with the generic hook_edit function.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 08:52:35 +0000 (10:52 +0200)]
pppoe-server: create hook_parse_cmdline function
This patch just split the parsing of the cmd line
into a separate function to allowing an edit with the generic hook_edit function.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 13:21:51 +0000 (15:21 +0200)]
list: fix a bug
When the list is called "list" we have a problem because
${list}="list"
and ${!list}="list"
This creates effects nobody wants and which are also not so easy to understand.
To avoid such problems in the future we now throw an assertation when the list is called list.
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
Jonatan Schlag [Wed, 19 Jul 2017 08:23:20 +0000 (10:23 +0200)]
config: improve config_get_id_from_config and config_get_hook_from_config
Signed-off-by: Jonatan Schlag <jonatan.schlag@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>