[people/ms/network.git] / src / functions / functions.ip

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

# A list of supported versions of the IP protocol
IP_SUPPORTED_PROTOCOLS=""

ip_split_prefix() {
	local address=${1}
	assert isset address

	echo "${address%%/*}"
}

ip_get_prefix() {
	local address=${1}
	assert isset address

	# Break if no prefix is provided
	[[ ${address} =~ \/ ]] || return ${EXIT_OK}

	echo "${address##*/}"
}

ip_detect_protocol() {
	local address="${1}"

	assert isset address

	local protocol
	for protocol in ${IP_SUPPORTED_PROTOCOLS}; do
		if ${protocol}_is_valid "${address}"; then
			echo "${protocol}"
			return ${EXIT_OK}
		fi
	done

	return ${EXIT_ERROR}
}

ip_protocol_is_supported() {
	local proto=${1}

	assert isset proto

	listmatch ${proto} ${IP_SUPPORTED_PROTOCOLS}
}

ip_is_valid() {
	local address=${1}
	assert isset address

	local proto=$(ip_detect_protocol ${address})
	isset proto && return ${EXIT_TRUE} || return ${EXIT_FALSE}
}

ip_is_network() {
	local network=${1}
	assert isset network

	# Get the address part.
	local address=$(ip_split_prefix ${network})
	isset address || return ${EXIT_FALSE}

	# Get the prefix.
	local prefix=$(ip_get_prefix ${network})
	isset prefix || return ${EXIT_FALSE}

	# Detect the protocol.
	local proto=$(ip_detect_protocol ${address})
	assert isset proto

	# Check if the prefix is correct.
	ip_prefix_is_valid ${proto} ${prefix} || return ${EXIT_FALSE}

	return ${EXIT_TRUE}
}

ip_prefix_is_valid() {
	local proto=${1}
	assert isset proto

	local prefix=${2}

	case "${proto}" in
		ipv4)
			ipv4_prefix_is_valid ${prefix}
			return $?
			;;
		ipv6)
			ipv6_prefix_is_valid ${prefix}
			return $?
			;;
	esac

	assert ip_protocol_is_supported ${proto}
}

ip_get_network() {
	inetcalc -n $@ && return ${EXIT_OK} || return ${EXIT_ERROR}
}

ip_address_add() {
	local device=${1}
	local address=${2}

	assert isset address
	assert device_exists ${device}

	local prefix=$(ip_get_prefix ${address})
	address=$(ip_split_prefix ${address})

	assert isset prefix
	assert isset address

	echo "ADDRESS = $address"

	# Detect the protocol version
	local protocol=$(ip_detect_protocol "${address}")
	assert ip_protocol_is_supported "${protocol}"

	case "${protocol}" in
		ipv6)
			assert ipv6_prefix_is_valid "${prefix}"
			;;
		ipv4)
			assert ipv4_prefix_is_valid "${prefix}"
			;;
	esac

	case "${protocol}" in
		ipv4)
			if ipv4_detect_duplicate ${device} ${address}; then
				error_log "Duplicate address detected on zone '${device}' (${address})."
				error_log "Cannot continue."
				return ${EXIT_ERROR}
			fi
			;;
	esac

	if ! device_has_ip ${device} ${address}/${prefix}; then
		assert ip addr add ${address}/${prefix} dev ${device}

		log DEBUG "IP address '${address}' (${protocol}) was successfully configured on device '${device}'."

		case "${protocol}" in
			ipv4)
				# Announce our new address to the neighbours
				ipv4_update_neighbours ${device} ${address}
				;;
		esac
	else
		log DEBUG "IP address '${address}' (${protocol}) was already configured on device '${device}'."
	fi

	return ${EXIT_OK}
}

ip_address_del() {
	local device=${1}
	local address=${2}

	assert isset address
	assert device_exists ${device}

	local prefix=$(ip_get_prefix ${address})
	address=$(ip_split_prefix ${address})

	assert isset prefix

	# Detect the protocol version
	local protocol=$(ip_detect_protocol "${address}")
	assert ip_protocol_is_supported "${protocol}"

	if device_has_ip ${device} ${address}/${prefix}; then
		assert ip addr del ${address}/${prefix} dev ${device}

		log DEBUG "IP address '${address}' (${protocol}) was successfully removed from device '${device}'."
	else
		log DEBUG "IP address '${address}' (${protocol}) was not configured on device '${device}'."
	fi

	return ${EXIT_OK}
}
Commit	Line	Data
2b5c311d MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
e617226b MT	22	# A list of supported versions of the IP protocol
	23	IP_SUPPORTED_PROTOCOLS=""
	24
1c6a4e30	25	ip_split_prefix() {
2b5c311d	26	local address=${1}
2b5c311d MT	27	assert isset address
	28
	29	echo "${address%%/*}"
	30	}
	31
1c6a4e30	32	ip_get_prefix() {
2b5c311d	33	local address=${1}
2b5c311d MT	34	assert isset address
2b5c311d MT	35
38f61548 MT	36	# Break if no prefix is provided
	37	[[ ${address} =~ \/ ]] \|\| return ${EXIT_OK}
	38
2b5c311d MT	39	echo "${address##*/}"
	40	}
	41
1c6a4e30	42	ip_detect_protocol() {
13a6e69f	43	local address="${1}"
2b5c311d MT	44
	45	assert isset address
	46
	47	local protocol
e617226b	48	for protocol in ${IP_SUPPORTED_PROTOCOLS}; do
13a6e69f	49	if ${protocol}_is_valid "${address}"; then
2b5c311d MT	50	echo "${protocol}"
	51	return ${EXIT_OK}
	52	fi
	53	done
	54
	55	return ${EXIT_ERROR}
	56	}
e617226b	57
1c6a4e30	58	ip_protocol_is_supported() {
e617226b MT	59	local proto=${1}
	60
	61	assert isset proto
	62
	63	listmatch ${proto} ${IP_SUPPORTED_PROTOCOLS}
	64	}
38f61548	65
1c6a4e30	66	ip_is_valid() {
afb7d704 MT	67	local address=${1}
	68	assert isset address
	69
	70	local proto=$(ip_detect_protocol ${address})
	71	isset proto && return ${EXIT_TRUE} \|\| return ${EXIT_FALSE}
	72	}
	73
1c6a4e30	74	ip_is_network() {
cb965348 MT	75	local network=${1}
	76	assert isset network
	77
	78	# Get the address part.
	79	local address=$(ip_split_prefix ${network})
	80	isset address \|\| return ${EXIT_FALSE}
	81
	82	# Get the prefix.
	83	local prefix=$(ip_get_prefix ${network})
	84	isset prefix \|\| return ${EXIT_FALSE}
	85
	86	# Detect the protocol.
	87	local proto=$(ip_detect_protocol ${address})
	88	assert isset proto
	89
	90	# Check if the prefix is correct.
	91	ip_prefix_is_valid ${proto} ${prefix} \|\| return ${EXIT_FALSE}
	92
	93	return ${EXIT_TRUE}
	94	}
	95
1c6a4e30	96	ip_prefix_is_valid() {
cb965348 MT	97	local proto=${1}
	98	assert isset proto
	99
	100	local prefix=${2}
	101
	102	case "${proto}" in
	103	ipv4)
	104	ipv4_prefix_is_valid ${prefix}
	105	return $?
	106	;;
	107	ipv6)
	108	ipv6_prefix_is_valid ${prefix}
	109	return $?
	110	;;
	111	esac
	112
	113	assert ip_protocol_is_supported ${proto}
	114	}
	115
13a6e69f MT	116	ip_get_network() {
	117	inetcalc -n $@ && return ${EXIT_OK} \|\| return ${EXIT_ERROR}
	118	}
	119
1c6a4e30	120	ip_address_add() {
38f61548 MT	121	local device=${1}
	122	local address=${2}
	123
	124	assert isset address
	125	assert device_exists ${device}
	126
	127	local prefix=$(ip_get_prefix ${address})
	128	address=$(ip_split_prefix ${address})
	129
	130	assert isset prefix
13a6e69f MT	131	assert isset address
	132
	133	echo "ADDRESS = $address"
38f61548 MT	134
38f61548 MT	135	# Detect the protocol version
13a6e69f MT	136	local protocol=$(ip_detect_protocol "${address}")
	137	assert ip_protocol_is_supported "${protocol}"
	138
	139	case "${protocol}" in
	140	ipv6)
	141	assert ipv6_prefix_is_valid "${prefix}"
	142	;;
	143	ipv4)
	144	assert ipv4_prefix_is_valid "${prefix}"
	145	;;
	146	esac
38f61548 MT	147
	148	case "${protocol}" in
	149	ipv4)
	150	if ipv4_detect_duplicate ${device} ${address}; then
	151	error_log "Duplicate address detected on zone '${device}' (${address})."
	152	error_log "Cannot continue."
	153	return ${EXIT_ERROR}
	154	fi
	155	;;
	156	esac
	157
	158	if ! device_has_ip ${device} ${address}/${prefix}; then
	159	assert ip addr add ${address}/${prefix} dev ${device}
	160
	161	log DEBUG "IP address '${address}' (${protocol}) was successfully configured on device '${device}'."
	162
	163	case "${protocol}" in
	164	ipv4)
	165	# Announce our new address to the neighbours
	166	ipv4_update_neighbours ${device} ${address}
	167	;;
	168	esac
	169	else
	170	log DEBUG "IP address '${address}' (${protocol}) was already configured on device '${device}'."
	171	fi
	172
	173	return ${EXIT_OK}
	174	}
	175
1c6a4e30	176	ip_address_del() {
38f61548 MT	177	local device=${1}
	178	local address=${2}
	179
	180	assert isset address
	181	assert device_exists ${device}
	182
	183	local prefix=$(ip_get_prefix ${address})
	184	address=$(ip_split_prefix ${address})
	185
	186	assert isset prefix
	187
	188	# Detect the protocol version
13a6e69f MT	189	local protocol=$(ip_detect_protocol "${address}")
13a6e69f MT	190	assert ip_protocol_is_supported "${protocol}"
38f61548 MT	191
	192	if device_has_ip ${device} ${address}/${prefix}; then
	193	assert ip addr del ${address}/${prefix} dev ${device}
	194
	195	log DEBUG "IP address '${address}' (${protocol}) was successfully removed from device '${device}'."
	196	else
	197	log DEBUG "IP address '${address}' (${protocol}) was not configured on device '${device}'."
	198	fi
	199
	200	return ${EXIT_OK}
	201	}