2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 .
/usr
/lib
/network
/header-config
24 HOOK_CONFIG_SETTINGS
="HOOK ADDRESS PREFIX GATEWAY"
26 hook_check_config_settings
() {
27 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
31 assert ipv6_is_valid
"${ADDRESS}"
32 assert ipv6_prefix_is_valid
"${PREFIX}"
34 isset GATEWAY
&& assert ipv6_is_valid
"${GATEWAY}"
38 assert ipv4_is_valid
"${ADDRESS}"
39 assert ipv4_prefix_is_valid
"${PREFIX}"
41 isset GATEWAY
&& assert ipv4_is_valid
"${GATEWAY}"
45 error
"Could not determine protocol: ${protocol}"
46 return ${EXIT_CONF_ERROR}
53 hook_parse_cmdline
() {
56 while [ $# -gt 0 ]; do
62 ADDRESS
="$(ip_split_prefix "${1}")"
63 PREFIX
="$(ip_get_prefix "${1}")"
66 if ! ipv6_is_valid
"${ADDRESS}"; then
67 error
"Invalid IP address: ${ADDRESS}"
68 return ${EXIT_CONF_ERROR}
72 if ! ipv6_prefix_is_valid
"${PREFIX}"; then
73 error
"Invalid prefix: ${PREFIX}"
74 return ${EXIT_CONF_ERROR}
77 # Store the IPv6 address in its shortest format
78 ADDRESS
="$(ipv6_format "${ADDRESS}")"
85 ADDRESS
="$(ip_split_prefix "${1}")"
86 PREFIX
="$(ip_get_prefix "${1}")"
89 if ! ipv4_is_valid
"${ADDRESS}"; then
90 error
"Invalid IP address: ${ADDRESS}"
91 return ${EXIT_CONF_ERROR}
95 if ! ipv4_prefix_is_valid
"${PREFIX}"; then
96 # This might be a netmask instead
97 local prefix_from_netmask
="$(ipv4_netmask2prefix "${PREFIX}")"
99 if ! ipv4_prefix_is_valid
"${prefix_from_netmask}"; then
100 PREFIX
="${prefix_from_netmask}"
102 error
"Invalid prefix or netmask: ${PREFIX}"
103 return ${EXIT_CONF_ERROR}
110 GATEWAY
="$(cli_get_val "${1}")"
113 if isset GATEWAY
&& ! ip_is_valid
"${GATEWAY}"; then
114 error
"Invalid gateway IP address: ${GATEWAY}"
115 return ${EXIT_CONF_ERROR}
120 error
"Invalid argument: ${1}"
121 return ${EXIT_CONF_ERROR}
127 # Check if an address has been set
128 if ! isset ADDRESS
; then
129 error
"No IP address provided"
130 return ${EXIT_CONF_ERROR}
133 # Check if a prefix has been set
134 if ! isset PREFIX
; then
135 error
"No prefix provided"
136 return ${EXIT_CONF_ERROR}
139 # More gateway validation
140 if isset GATEWAY
; then
141 local gateway_protocol
="$(ip_detect_protocol "${GATEWAY}")"
143 # Make sure that the prefix is of the same protocol version
144 if [ "${gateway_protocol}" != "${protocol}" ]; then
145 error
"The gateway is of a wrong protocol: ${GATEWAY}"
146 return ${EXIT_CONF_ERROR}
149 # Make IP address as short as possible
150 if [ "${gateway_protocol}" = "ipv6" ]; then
151 GATEWAY
="$(ipv6_format "${GATEWAY}")"
155 # Check any conflicts
156 if zone_config_check_same_setting
"${zone}" "static" "ADDRESS" "${ADDRESS}"; then
157 error
"A static configuration with the same address is already configured"
158 return ${EXIT_CONF_ERROR}
167 # Check if the device exists
168 if ! device_exists
${zone}; then
169 error
"Zone ${zone} doesn't exist"
174 if ! zone_config_settings_read
"${zone}" "${config}"; then
175 error
"Could not read configuration for ${zone} ${config}"
179 # Add IP address to the interface
180 if ! ip_address_add
"${zone}" "${ADDRESS}/${PREFIX}"; then
184 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
185 assert isset protocol
187 db_set
"${zone}/${protocol}/type" "${HOOK}"
188 db_set
"${zone}/${protocol}/local-ip-address" "${ADDRESS}/${PREFIX}"
189 db_set
"${zone}/${protocol}/remote-ip-address" "${GATEWAY}"
190 db_set
"${zone}/${protocol}/active" 1
192 # Update routing tables
193 routing_update
"${zone}" "${protocol}"
194 routing_default_update
204 if ! device_exists
${zone}; then
205 error
"Zone ${zone} doesn't exist"
210 if ! zone_config_settings_read
"${zone}" "${config}"; then
214 # Remove routing information from database
215 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
216 assert isset protocol
217 db_delete
"${zone}/${protocol}"
219 # Remove the IP address
220 ip_address_del
"${zone}" "${ADDRESS}/${PREFIX}"
222 # Update routing tables
223 routing_update
"${zone}" "${protocol}"
224 routing_default_update
234 if ! device_exists
${zone}; then
235 error
"Zone ${zone} doesn't exist"
240 if ! zone_config_settings_read
"${zone}" "${config}"; then
244 local status
=${MSG_HOOK_UP}
245 if ! zone_has_ip
"${zone}" "${ADDRESS}/${PREFIX}"; then
246 status
=${MSG_HOOK_DOWN}
248 cli_statusline
3 "${HOOK}" "${status}"
250 cli_print_fmt1
3 "IP Address" "${ADDRESS}/${PREFIX}"
251 if [ -n "${GATEWAY}" ]; then
252 cli_print_fmt1
3 "Gateway" "${GATEWAY}"