[people/ms/network.git] / hooks / zones / bridge

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /lib/network/header-zone

HOOK_SETTINGS="HOOK STP STP_FORWARD_DELAY STP_HELLO STP_MAXAGE STP_MODE"
HOOK_SETTINGS="${HOOK_SETTINGS} STP_PRIORITY MAC MTU"

# Default values
MAC=$(mac_generate)
MTU=1500
STP="on"
STP_MODE="rstp"
STP_FORWARD_DELAY=0
STP_HELLO=2
STP_MAXAGE=20
STP_PRIORITY=512

function _check() {
	assert ismac MAC
	assert isbool STP
	assert isoneof STP_MODE stp rstp
	assert isinteger STP_HELLO
	assert isinteger STP_FORWARD_DELAY
	assert isinteger STP_PRIORITY
	assert isinteger MTU
}

function _parse_cmdline() {
	while [ $# -gt 0 ]; do
		case "${1}" in
			--stp=*)
				STP=${1#--stp=}
				;;
			--stp-mode=*)
				STP_MODE=${1#--stp-mode=}
				;;
			--stp-hello=*)
				STP_HELLO=${1#--stp-hello=}
				;;
			--stp-forward-delay=*)
				STP_FORWARD_DELAY=${1#--stp-forward-delay=}
				;;
			--stp-priority=*)
				STP_PRIORITY=${1#--stp-priority=}
				;;
			--mtu=*)
				MTU=${1#--mtu=}
				;;
			--mac=*)
				MAC=${1#--mac=}
				;;
			*)
				warning "Ignoring unknown option '${1}'"
				;;
		esac
		shift
	done
}

function _up() {
	local zone=${1}
	shift

	zone_config_read ${zone}

	if ! device_exists ${zone}; then
		brctl addbr ${zone}
	fi

	[ -n "${MAC}" ] && device_set_address ${zone} ${MAC}
	[ -n "${MTU}" ] && device_set_mtu ${zone} ${MTU} 

	# Enable STP
	if enabled STP; then
		stp_enable ${zone} ${STP_MODE}

		if [ -n "${STP_FORWARD_DELAY}" ]; then
			brctl setfd ${zone} ${STP_FORWARD_DELAY}
		fi

		if [ -n "${STP_HELLO}" ]; then
			brctl sethello ${zone} ${STP_HELLO}
		fi

		if [ -n "${STP_MAXAGE}" ]; then
			brctl setmaxage ${zone} ${STP_MAXAGE}
		fi

		if [ -n "${STP_PRIORITY}" ]; then
			brctl setbridgeprio ${zone} ${STP_PRIORITY}
		fi
	else
		stp_disable ${zone}
	fi

	device_set_up ${zone}

	# XXX Currently, there is a bug (in the linux kernel?) that we need to
	# set our bridges to promisc mode.
	device_set_promisc ${zone} on

	# Bring all ports up
	zone_ports_up ${zone}
	zone_configs_up ${zone}

	event_interface_up ${zone}

	exit ${EXIT_OK}
}

function _down() {
	local zone=${1}
	shift

	if ! device_is_up ${zone}; then
		warning "Zone '${zone}' is not up"
		exit ${EXIT_OK}
	fi

	event_interface_down ${zone}

	zone_configs_down ${zone}
	zone_ports_down ${zone}

	# XXX See remark in _up().
	device_set_promisc ${zone} off

	device_set_down ${zone}
	brctl delbr ${zone}

	exit ${EXIT_OK}
}

function _status() {
	local zone=${1}

	cli_status_headline ${zone}

	# Exit if zone is down
	if ! zone_is_up ${zone}; then
		echo # Empty line
		exit ${EXIT_ERROR}
	fi

	cli_headline "  Spanning Tree Protocol information:"
	local proto=$(stp_bridge_get_protocol ${zone})
	local ret=$?

	if [ ${ret} -eq 0 ]; then
		printf "${DEVICE_PRINT_LINE1}" "Version:" "$(stp_get_name ${proto})"
		printf "${DEVICE_PRINT_LINE1}" "ID:" $(stp_bridge_get_id ${zone})
		printf "${DEVICE_PRINT_LINE1}" "Priority:" $(stp_bridge_get_priority ${zone})

		if stp_bridge_is_root ${zone}; then
			echo -e "    ${COLOUR_BOLD}This bridge is root.${COLOUR_NORMAL}"
		else
			printf "${DEVICE_PRINT_LINE1}" "Designated root:" $(stp_bridge_get_designated_root ${zone})
			printf "${DEVICE_PRINT_LINE1}" "Root path cost:" $(stp_bridge_get_root_path_cost ${zone})
		fi
		echo # Empty line

		# Topology information
		printf "${DEVICE_PRINT_LINE1}" "Topology changing:" $(stp_bridge_get_topology_change_detected ${zone})
		printf "${DEVICE_PRINT_LINE1}" "Topology change time:" $(beautify_time $(stp_bridge_get_topology_change_timer ${zone}))
		printf "${DEVICE_PRINT_LINE1}" "Topology change count:" $(stp_bridge_get_topology_change_count ${zone})
	else
		echo -e "    ${COLOUR_BOLD}STP is disabled.${COLOUR_NORMAL}"
	fi

	cli_headline "  Ports:"
	zone_ports_status ${zone}

	cli_headline "  Configurations:"
	zone_configs_cmd status ${zone}

	echo # Empty line
	exit ${EXIT_OK}
}

run $@
Commit	Line	Data
1848564d MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	. /lib/network/header-zone
	23
6b3f9c85 MT	24	HOOK_SETTINGS="HOOK STP STP_FORWARD_DELAY STP_HELLO STP_MAXAGE STP_MODE"
6b3f9c85 MT	25	HOOK_SETTINGS="${HOOK_SETTINGS} STP_PRIORITY MAC MTU"
1848564d MT	26
	27	# Default values
	28	MAC=$(mac_generate)
	29	MTU=1500
	30	STP="on"
6b3f9c85	31	STP_MODE="rstp"
1848564d MT	32	STP_FORWARD_DELAY=0
	33	STP_HELLO=2
	34	STP_MAXAGE=20
e266c18e	35	STP_PRIORITY=512
1848564d MT	36
	37	function _check() {
	38	assert ismac MAC
	39	assert isbool STP
6b3f9c85	40	assert isoneof STP_MODE stp rstp
1848564d MT	41	assert isinteger STP_HELLO
1848564d MT	42	assert isinteger STP_FORWARD_DELAY
d82cf370	43	assert isinteger STP_PRIORITY
1848564d MT	44	assert isinteger MTU
	45	}
	46
	47	function _parse_cmdline() {
	48	while [ $# -gt 0 ]; do
	49	case "${1}" in
	50	--stp=*)
	51	STP=${1#--stp=}
	52	;;
6b3f9c85 MT	53	--stp-mode=*)
	54	STP_MODE=${1#--stp-mode=}
	55	;;
1848564d MT	56	--stp-hello=*)
	57	STP_HELLO=${1#--stp-hello=}
	58	;;
	59	--stp-forward-delay=*)
	60	STP_FORWARD_DELAY=${1#--stp-forward-delay=}
	61	;;
d82cf370 MT	62	--stp-priority=*)
	63	STP_PRIORITY=${1#--stp-priority=}
	64	;;
1848564d MT	65	--mtu=*)
	66	MTU=${1#--mtu=}
	67	;;
	68	--mac=*)
	69	MAC=${1#--mac=}
	70	;;
	71	*)
	72	warning "Ignoring unknown option '${1}'"
	73	;;
	74	esac
	75	shift
	76	done
	77	}
	78
	79	function _up() {
	80	local zone=${1}
	81	shift
	82
eb9d9b03	83	zone_config_read ${zone}
1848564d MT	84
	85	if ! device_exists ${zone}; then
	86	brctl addbr ${zone}
	87	fi
	88
7cbea20d	89	[ -n "${MAC}" ] && device_set_address ${zone} ${MAC}
1848564d MT	90	[ -n "${MTU}" ] && device_set_mtu ${zone} ${MTU}
	91
	92	# Enable STP
	93	if enabled STP; then
e266c18e	94	stp_enable ${zone} ${STP_MODE}
1848564d MT	95
	96	if [ -n "${STP_FORWARD_DELAY}" ]; then
	97	brctl setfd ${zone} ${STP_FORWARD_DELAY}
	98	fi
	99
	100	if [ -n "${STP_HELLO}" ]; then
	101	brctl sethello ${zone} ${STP_HELLO}
	102	fi
	103
	104	if [ -n "${STP_MAXAGE}" ]; then
	105	brctl setmaxage ${zone} ${STP_MAXAGE}
	106	fi
d82cf370 MT	107
	108	if [ -n "${STP_PRIORITY}" ]; then
	109	brctl setbridgeprio ${zone} ${STP_PRIORITY}
	110	fi
1848564d	111	else
6b3f9c85	112	stp_disable ${zone}
1848564d MT	113	fi
	114
	115	device_set_up ${zone}
	116
cf6e4606 MT	117	# XXX Currently, there is a bug (in the linux kernel?) that we need to
	118	# set our bridges to promisc mode.
	119	device_set_promisc ${zone} on
	120
1848564d MT	121	# Bring all ports up
1848564d MT	122	zone_ports_up ${zone}
1848564d MT	123	zone_configs_up ${zone}
	124
	125	event_interface_up ${zone}
8dcb2687 MT	126
8dcb2687 MT	127	exit ${EXIT_OK}
1848564d MT	128	}
	129
	130	function _down() {
	131	local zone=${1}
	132	shift
	133
	134	if ! device_is_up ${zone}; then
	135	warning "Zone '${zone}' is not up"
	136	exit ${EXIT_OK}
	137	fi
	138
	139	event_interface_down ${zone}
	140
	141	zone_configs_down ${zone}
	142	zone_ports_down ${zone}
	143
cf6e4606 MT	144	# XXX See remark in _up().
	145	device_set_promisc ${zone} off
	146
1848564d MT	147	device_set_down ${zone}
	148	brctl delbr ${zone}
	149
8dcb2687	150	exit ${EXIT_OK}
1848564d MT	151	}
1848564d MT	152
e84e4e76 MT	153	function _status() {
	154	local zone=${1}
	155
	156	cli_status_headline ${zone}
	157
	158	# Exit if zone is down
	159	if ! zone_is_up ${zone}; then
	160	echo # Empty line
	161	exit ${EXIT_ERROR}
	162	fi
	163
feb76eaf	164	cli_headline " Spanning Tree Protocol information:"
8d4f9311 MT	165	local proto=$(stp_bridge_get_protocol ${zone})
	166	local ret=$?
	167
	168	if [ ${ret} -eq 0 ]; then
	169	printf "${DEVICE_PRINT_LINE1}" "Version:" "$(stp_get_name ${proto})"
36e3fd2f MT	170	printf "${DEVICE_PRINT_LINE1}" "ID:" $(stp_bridge_get_id ${zone})
	171	printf "${DEVICE_PRINT_LINE1}" "Priority:" $(stp_bridge_get_priority ${zone})
	172
	173	if stp_bridge_is_root ${zone}; then
	174	echo -e " ${COLOUR_BOLD}This bridge is root.${COLOUR_NORMAL}"
	175	else
	176	printf "${DEVICE_PRINT_LINE1}" "Designated root:" $(stp_bridge_get_designated_root ${zone})
	177	printf "${DEVICE_PRINT_LINE1}" "Root path cost:" $(stp_bridge_get_root_path_cost ${zone})
	178	fi
	179	echo # Empty line
feb76eaf	180
36e3fd2f MT	181	# Topology information
	182	printf "${DEVICE_PRINT_LINE1}" "Topology changing:" $(stp_bridge_get_topology_change_detected ${zone})
	183	printf "${DEVICE_PRINT_LINE1}" "Topology change time:" $(beautify_time $(stp_bridge_get_topology_change_timer ${zone}))
	184	printf "${DEVICE_PRINT_LINE1}" "Topology change count:" $(stp_bridge_get_topology_change_count ${zone})
feb76eaf	185	else
36e3fd2f	186	echo -e " ${COLOUR_BOLD}STP is disabled.${COLOUR_NORMAL}"
feb76eaf	187	fi
e84e4e76	188
feb76eaf	189	cli_headline " Ports:"
711ffac1	190	zone_ports_status ${zone}
e84e4e76	191
feb76eaf	192	cli_headline " Configurations:"
e84e4e76 MT	193	zone_configs_cmd status ${zone}
	194
	195	echo # Empty line
	196	exit ${EXIT_OK}
	197	}
	198
1848564d	199	run $@