[ipfire-2.x.git] / config / udev / network-hotplug-bridges

#!/bin/bash
############################################################################
#                                                                          #
# This file is part of the IPFire Firewall.                                #
#                                                                          #
# IPFire is free software; you can redistribute it and/or modify           #
# it under the terms of the GNU General Public License as published by     #
# the Free Software Foundation; either version 2 of the License, or        #
# (at your option) any later version.                                      #
#                                                                          #
# IPFire is distributed in the hope that it will be useful,                #
# but WITHOUT ANY WARRANTY; without even the implied warranty of           #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the            #
# GNU General Public License for more details.                             #
#                                                                          #
# You should have received a copy of the GNU General Public License        #
# along with IPFire; if not, write to the Free Software                    #
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA #
#                                                                          #
# Copyright (C) 2016 IPFire Team <info@ipfire.org>                         #
#                                                                          #
############################################################################

[ -n "${INTERFACE}" ] || exit 2

eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)

detect_zone() {
	local intf="${INTERFACE%0*}"
	intf="${intf^^}"

	local zone
	for zone in GREEN BLUE ORANGE RED; do
		# Try to find if INTERFACE is the *phys version of a zone
		if [ "${intf}" = "${zone}" ]; then
			echo "${zone}"
			return 0
		fi

		# Try to find out if this INTERFACE is a slave of a zone
		local slave
		for slave in $(get_value "${zone}_SLAVES"); do
			if [ "${INTERFACE}" = "${slave}" ]; then
				echo "${zone}"
				return 0
			fi
		done
	done

	return 1
}

get_value() {
	echo "${!1}"
}

random_mac_address() {
	local address="02"

	for i in $(seq 5); do
		printf -v address "${address}:%02x" "$(( RANDOM % 256 ))"
	done

	echo "${address}"
}

# Try to detect which zone we are operating on
ZONE=$(detect_zone)

# Cannot proceed if we could not find a zone
if [ -z "${ZONE}" ]; then
	exit 0
fi

# Determine the mode of this zone
MODE="$(get_value "${ZONE}_MODE")"

# The name of the virtual bridge
BRIDGE="$(get_value "${ZONE}_DEV")"

case "${MODE}" in
	bridge)
		ADDRESS="$(get_value "${ZONE}_MACADDR")"
		[ -n "${ADDRESS}" ] || ADDRESS="$(random_mac_address)"

		# We need to create the bridge if it doesn't exist, yet
		if [ ! -d "/sys/class/net/${BRIDGE}" ]; then
			ip link add "${BRIDGE}" address "${ADDRESS}" type bridge
			#ip link set "${BRIDGE}" up
		fi

		# Attach the physical device
		ip link set dev "${INTERFACE}" master "${BRIDGE}"
		ip link set dev "${INTERFACE}" up
		;;

	macvtap)
		ADDRESS="$(</sys/class/net/${INTERFACE}/address)"
		GENERATED_ADDRESS=$(random_mac_address)

		ip link add link "${INTERFACE}" "${BRIDGE}" address "${ADDRESS}" type macvlan mode bridge
		ip link set "${INTERFACE}" address "${GENERATED_ADDRESS}"
		ip link set "${INTERFACE}" up
		;;

	"")
		exit 0
		;;

	*)
		logger -t "network" "Unhandled mode '${MODE}' for '${ZONE}' (${INTERFACE})"
		exit 1
		;;
esac
Commit	Line	Data
7b616db4 JS	1	#!/bin/bash
	2	############################################################################
	3	# #
	4	# This file is part of the IPFire Firewall. #
	5	# #
	6	# IPFire is free software; you can redistribute it and/or modify #
	7	# it under the terms of the GNU General Public License as published by #
	8	# the Free Software Foundation; either version 2 of the License, or #
	9	# (at your option) any later version. #
	10	# #
	11	# IPFire is distributed in the hope that it will be useful, #
	12	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	13	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	14	# GNU General Public License for more details. #
	15	# #
	16	# You should have received a copy of the GNU General Public License #
	17	# along with IPFire; if not, write to the Free Software #
	18	# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
	19	# #
	20	# Copyright (C) 2016 IPFire Team <info@ipfire.org> #
	21	# #
	22	############################################################################
	23
	24	[ -n "${INTERFACE}" ] \|\| exit 2
	25
4aef53d5	26	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
7b616db4	27
4aef53d5 JS	28	detect_zone() {
	29	local intf="${INTERFACE%0*}"
	30	intf="${intf^^}"
	31
	32	local zone
	33	for zone in GREEN BLUE ORANGE RED; do
	34	# Try to find if INTERFACE is the *phys version of a zone
	35	if [ "${intf}" = "${zone}" ]; then
	36	echo "${zone}"
	37	return 0
	38	fi
	39
	40	# Try to find out if this INTERFACE is a slave of a zone
	41	local slave
	42	for slave in $(get_value "${zone}_SLAVES"); do
	43	if [ "${INTERFACE}" = "${slave}" ]; then
	44	echo "${zone}"
	45	return 0
	46	fi
	47	done
	48	done
	49
	50	return 1
	51	}
	52
	53	get_value() {
	54	echo "${!1}"
	55	}
	56
	57	random_mac_address() {
	58	local address="02"
	59
	60	for i in $(seq 5); do
	61	printf -v address "${address}:%02x" "$(( RANDOM % 256 ))"
	62	done
	63
	64	echo "${address}"
	65	}
	66
	67	# Try to detect which zone we are operating on
	68	ZONE=$(detect_zone)
	69
	70	# Cannot proceed if we could not find a zone
	71	if [ -z "${ZONE}" ]; then
	72	exit 0
	73	fi
	74
	75	# Determine the mode of this zone
	76	MODE="$(get_value "${ZONE}_MODE")"
	77
	78	# The name of the virtual bridge
	79	BRIDGE="$(get_value "${ZONE}_DEV")"
	80
	81	case "${MODE}" in
	82	bridge)
	83	ADDRESS="$(get_value "${ZONE}_MACADDR")"
	84	[ -n "${ADDRESS}" ] \|\| ADDRESS="$(random_mac_address)"
	85
	86	# We need to create the bridge if it doesn't exist, yet
	87	if [ ! -d "/sys/class/net/${BRIDGE}" ]; then
	88	ip link add "${BRIDGE}" address "${ADDRESS}" type bridge
	89	#ip link set "${BRIDGE}" up
	90	fi
	91
92	# Attach the physical device
93	ip link set dev "${INTERFACE}" master "${BRIDGE}"
94	ip link set dev "${INTERFACE}" up
7b616db4	95	;;
4aef53d5 JS	96
	97	macvtap)
	98	ADDRESS="$(</sys/class/net/${INTERFACE}/address)"
	99	GENERATED_ADDRESS=$(random_mac_address)
	100
	101	ip link add link "${INTERFACE}" "${BRIDGE}" address "${ADDRESS}" type macvlan mode bridge
	102	ip link set "${INTERFACE}" address "${GENERATED_ADDRESS}"
	103	ip link set "${INTERFACE}" up
7b616db4	104	;;
7b616db4	105
4aef53d5 JS	106	"")
	107	exit 0
	108	;;
7b616db4	109
4aef53d5 JS	110	*)
	111	logger -t "network" "Unhandled mode '${MODE}' for '${ZONE}' (${INTERFACE})"
	112	exit 1
	113	;;
	114	esac