]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/bash | |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | function routing_has_default() { | |
23 | ip route | grep -q "^default" | |
24 | } | |
25 | ||
26 | function routing_default_update() { | |
27 | local routes | |
28 | ||
29 | local zones=$(zones_get_nonlocal) | |
30 | if [ -z "${zones}" ]; then | |
31 | zones=$(zones_get_local) | |
32 | fi | |
33 | ||
34 | local gateway | |
35 | local proto | |
36 | local weight | |
37 | local zone | |
38 | local cmd | |
39 | ||
40 | for proto in ${IP_SUPPORTED_PROTOCOLS}; do | |
41 | # Clear routes | |
42 | routes="" | |
43 | ||
44 | cmd="ip $([ "${proto}" = "ipv6" ] && echo "-6") route" | |
45 | ||
46 | for zone in ${zones}; do | |
47 | # Skip if zone is not up | |
48 | routing_db_exists ${zone} ${proto} || continue | |
49 | ||
50 | if [ "$(routing_db_get ${zone} ${proto} active)" = "1" ]; then | |
51 | gateway=$(routing_db_get ${zone} ${proto} remote-ip-address) | |
52 | ||
53 | # Go on if the device is not there anymore. | |
54 | device_exists ${zone} || continue | |
55 | ||
56 | # On other devices, we will use the gateway if we got one. | |
57 | if isset gateway; then | |
58 | routes="${routes} nexthop via ${gateway}" | |
59 | ||
60 | # If we have got a Point-to-Point device, we will directly send all | |
61 | # packets into the pipe. | |
62 | elif device_is_ptp ${zone}; then | |
63 | routes="${routes} dev ${zone}" | |
64 | ||
65 | # If none of the cases above apply, we cannot go on. | |
66 | else | |
67 | continue | |
68 | fi | |
69 | ||
70 | # Apply weight. | |
71 | weight=$(routing_db_get ${zone} ${proto} weight) | |
72 | if isinteger ${weight}; then | |
73 | routes="${routes} weight ${weight}" | |
74 | fi | |
75 | else | |
76 | log DEBUG "Ignoring zone '${zone}' which is not active." | |
77 | fi | |
78 | done | |
79 | ||
80 | # Remove too much spaces. | |
81 | routes=$(echo ${routes}) | |
82 | ||
83 | # Remove all default routes. | |
84 | while ${cmd} | grep -q "^default"; do | |
85 | ${cmd} del default | |
86 | done | |
87 | ||
88 | if [ -z "${routes}" ]; then | |
89 | log INFO "Removed default route for ${proto}." | |
90 | return ${EXIT_OK} | |
91 | fi | |
92 | ||
93 | log INFO "Setting default route for ${proto}: ${routes}" | |
94 | ||
95 | cmd ${cmd} add default ${routes} | |
96 | assert [ $? -eq 0 ] | |
97 | ||
98 | case "${proto}" in | |
99 | ipv6) | |
100 | # Apply radvd configuration. | |
101 | radvd_update | |
102 | ;; | |
103 | esac | |
104 | done | |
105 | } | |
106 | ||
107 | # XXX deprecated function | |
108 | function routing_table_exists() { | |
109 | route_table_exists $@ | |
110 | } | |
111 | ||
112 | # XXX deprecated function | |
113 | function routing_table_create() { | |
114 | route_table_create $@ | |
115 | } | |
116 | ||
117 | function routing_db_path() { | |
118 | local zone=${1} | |
119 | local proto=${2} | |
120 | ||
121 | assert isset zone | |
122 | assert isset proto | |
123 | assert isoneof proto ${IP_SUPPORTED_PROTOCOLS} | |
124 | ||
125 | echo "${ROUTING_DB_DIR}/${zone}/${proto}" | |
126 | } | |
127 | ||
128 | function routing_db_exists() { | |
129 | [ -d "$(routing_db_path $@)" ] | |
130 | } | |
131 | ||
132 | function routing_db_create() { | |
133 | routing_db_exists $@ && return ${EXIT_OK} | |
134 | ||
135 | mkdir -p $(routing_db_path $@) | |
136 | } | |
137 | ||
138 | function routing_db_remove() { | |
139 | rm -rf $(routing_db_path $@) | |
140 | } | |
141 | ||
142 | function routing_db_set() { | |
143 | local zone=${1} | |
144 | local proto=${2} | |
145 | local parameter=${3} | |
146 | shift 3 | |
147 | ||
148 | local value="$@" | |
149 | ||
150 | log INFO "Updating database (${zone} - ${proto}): ${parameter} = ${value}" | |
151 | ||
152 | routing_db_create ${zone} ${proto} | |
153 | ||
154 | echo "${value}" > $(routing_db_path ${zone} ${proto})/${parameter} | |
155 | } | |
156 | ||
157 | function routing_db_get() { | |
158 | local zone=${1} | |
159 | local proto=${2} | |
160 | local parameter=${3} | |
161 | shift 3 | |
162 | ||
163 | cat $(routing_db_path ${zone} ${proto})/${parameter} 2>/dev/null | |
164 | } | |
165 | ||
166 | function routing_db_from_ppp() { | |
167 | local zone=${1} | |
168 | local proto=${2} | |
169 | ||
170 | assert isset zone | |
171 | assert isset proto | |
172 | ||
173 | # Save ppp configuration | |
174 | routing_db_set ${zone} ${proto} type "ppp" | |
175 | ||
176 | if [ "${proto}" = "ipv6" ]; then | |
177 | routing_db_set ${zone} ${proto} local-ip-address ${PPP_LLLOCAL} | |
178 | routing_db_set ${zone} ${proto} remote-ip-address ${PPP_LLREMOTE} | |
179 | elif [ "${proto}" = "ipv4" ]; then | |
180 | routing_db_set ${zone} ${proto} local-ip-address ${PPP_IPLOCAL} | |
181 | routing_db_set ${zone} ${proto} remote-ip-address ${PPP_IPREMOTE} | |
182 | fi | |
183 | ||
184 | routing_db_set ${zone} ${proto} dns ${PPP_DNS1} ${PPP_DNS2} | |
185 | ||
186 | routing_db_set ${zone} ${proto} remote-address ${PPP_MACREMOTE,,} | |
187 | } | |
188 | ||
189 | function routing_update() { | |
190 | local zone=${1} | |
191 | assert isset zone | |
192 | ||
193 | # Nothing to do for local zones. | |
194 | if zone_is_local ${zone}; then | |
195 | return ${EXIT_OK} | |
196 | fi | |
197 | ||
198 | local proto=${2} | |
199 | local table=${zone} | |
200 | assert isset proto | |
201 | ||
202 | local ip_cmd="ip" | |
203 | if [ "${proto}" = "ipv6" ]; then | |
204 | ip_cmd="${ip_cmd} -6" | |
205 | fi | |
206 | ||
207 | # Create routing table if not exists | |
208 | routing_table_create ${table} | |
209 | ||
210 | log DEBUG "Flushing routing table ${table}" | |
211 | cmd ${ip_cmd} route flush table ${table} | |
212 | ||
213 | # Exit here if there is no routing information. | |
214 | if ! routing_db_exists ${zone} ${proto}; then | |
215 | return ${EXIT_OK} | |
216 | fi | |
217 | ||
218 | local local_ip_address=$(routing_db_get ${zone} ${proto} local-ip-address) | |
219 | local remote_ip_address=$(routing_db_get ${zone} ${proto} remote-ip-address) | |
220 | ||
221 | case "${proto}" in | |
222 | ipv4) | |
223 | local net_address=$(ipv4_get_netaddress ${local_ip_address}) | |
224 | ||
225 | log DEBUG "Adding route for subnet ${local_ip_address} to table ${table}" | |
226 | cmd ${ip_cmd} route add table ${table} ${net_address} dev ${zone} | |
227 | ;; | |
228 | esac | |
229 | ||
230 | log DEBUG "Adding default route for table ${table}" | |
231 | local routing_cmd="${ip_cmd} route add table ${table} default" | |
232 | if isset remote_ip_address; then | |
233 | routing_cmd="${routing_cmd} via ${remote_ip_address}" | |
234 | else | |
235 | routing_cmd="${routing_cmd} dev ${zone}" | |
236 | fi | |
237 | cmd ${routing_cmd} | |
238 | ||
239 | cmd ${ip_cmd} rule add from ${local_ip_address} lookup ${table} | |
240 | } |