]> git.ipfire.org Git - network.git/blob - src/functions/functions.bird
projects / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bird: Start service when needed and not already running
[network.git] / src / functions / functions.bird
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2018 IPFire Network Development Team #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 BIRD_CONF="/etc/bird.conf"
23
24 bird_is_active() {
25 service_is_active "bird.service"
26 }
27
28 bird_start() {
29 service_start "bird.service"
30 }
31
32 bird_stop() {
33 service_stop "bird.service"
34 }
35
36 bird_reload() {
37 service_reload "bird.service"
38 }
39
40 # Update configuration any apply it in one go
41 bird_update() {
42 if ! bird_generate_config; then
43 log ERROR "Could not write Bird configuration"
44 return ${EXIT_ERROR}
45 fi
46
47 # Reload bird
48 if bird_is_active; then
49 bird_reload
50 else
51 bird_start
52 fi
53 }
54
55 bird_generate_config() {
56 log DEBUG "Write BIRD configuration file"
57
58 # Write header
59 config_header "bird" > ${BIRD_CONF}
60
61 # Write some basic settings
62 local proto
63 (
64 print "# Log everything to syslog"
65 print "log syslog all;"
66 print
67
68 print "# Turn on internal watchdog"
69 print "watchdog warning 5s;"
70 print "watchdog timeout 30s;"
71 print
72
73 print "# Define default route tables"
74 print "ipv6 table master6;"
75 print "ipv4 table master4;"
76
77 print "# Enable device configuration"
78 print "protocol device {}"
79 print
80
81 print "# Export all routes to kernel"
82 for proto in ${IP_SUPPORTED_PROTOCOLS}; do
83 print "protocol kernel {"
84 print " ${proto} {"
85 print " table ${proto/ipv/master};"
86 print " export all;"
87 print " };"
88 print " learn;"
89 print "}"
90 print
91 done
92 ) >> ${BIRD_CONF}
93
94 # Static routes
95 for proto in ${IP_SUPPORTED_PROTOCOLS}; do
96 print "protocol static {"
97 print " ${proto};"
98 print
99
100 # Read routes for this protocol from configuration
101 __bird_static_routes "${proto}"
102
103 print "}"
104 print
105 done >> ${BIRD_CONF}
106
107 # Write IPv6 Router Advertisement configuration
108 __bird_ipv6_radv >> ${BIRD_CONF}
109 }
110
111 __bird_static_routes() {
112 local proto="${1}"
113 assert isset proto
114
115 local ${NETWORK_CONFIG_ROUTES_PARAMS}
116 local line
117 while read line; do
118 route_parse_line "${line}"
119 [ $? -eq ${EXIT_OK} ] || continue
120
121 local type
122 local arg
123 for arg in unreachable prohibit blackhole; do
124 if enabled "${arg}"; then
125 type="${arg}"
126 break
127 fi
128 done
129
130 # Skip all routes of another protocol
131 local _proto="$(ip_detect_protocol "${network}")"
132 if [ "${proto}" != "${_proto}" ]; then
133 continue
134 fi
135
136 case "${type}" in
137 unreachable|prohibit|blackhole)
138 print " route ${network} ${type};"
139 ;;
140
141 *)
142 print " route ${network} via ${gateway};"
143 ;;
144 esac
145 done < ${NETWORK_CONFIG_ROUTES}
146 }
147
148 __bird_ipv6_radv() {
149 print "protocol radv {"
150
151 local zone
152 for zone in $(zones_get_local); do
153 log DEBUG "Writing bird radv configuration for ${zone}"
154
155 # Skip if there is no prefix or prefix is link-local.
156 local addr="$(db_get "${zone}/ipv6/local-ip-address")"
157 if [ -z "${addr}" ] || [ "${addr:0:5}" = "fe80:" ]; then
158 continue
159 fi
160
161 # Check if the subnet is configured by the DHCP server.
162 local dhcp="false"
163 local prefix="$(ipv6_get_network "${addr}")"
164 if isset prefix && dhcpd_subnet_match ipv6 "${prefix}"; then
165 dhcp="true"
166 fi
167
168 print " interface \"${zone}\" {"
169 # Failover to other routers within 10s
170 print " max ra interval 10;"
171
172 # Tell clients we are running DHCP
173 if enabled dhcp; then
174 print " managed yes;"
175 print " other config yes;"
176 fi
177
178 if device_exists "${zone}"; then
179 # Announce link MTU
180 local mtu="$(device_get_mtu "${zone}")"
181 print " link mtu ${mtu};"
182 fi
183
184 print # empty line
185
186 # Announce all prefixes
187 print " prefix ::/0 {"
188
189 if enabled dhcp; then
190 print " autonomous off;"
191 fi
192
193 print " };"
194 print " };\n"
195 done
196
197 # Advertise any DNS servers
198 if enabled DNS_ADVERTISE_SERVERS; then
199 # Get a list of all IPv6 name servers
200 local servers=()
201 local server
202 for server in $(dns_server_list_sorted); do
203 # Skip any non-IPv6 servers
204 ipv6_is_valid "${server}" || continue
205
206 servers+=( "${server}" )
207 done
208
209 if isset servers; then
210 print " rdnss {"
211
212 local server
213 for server in ${servers}; do
214 print " ns ${server};"
215 done
216
217 print " };"
218 fi
219 fi
220
221 # DNS Search Domain
222 print " dnssl {"
223
224 local domain
225 for domain in $(dns_get_search_domains); do
226 print " domain \"${domain}\";"
227 done
228
229 print " };"
230
231 print "}\n"
232 }
Networking code of IPFire 3.x.