projects / people / ms / network.git / blame
| Commit | Line | Data |
|---|---|---|
| 7951525a MT |
1 | #!/bin/bash |
| 2 | ############################################################################### | |
| 3 | # # | |
| 4 | # IPFire.org - A linux based firewall # | |
| 5 | # Copyright (C) 2012 IPFire Network Development Team # | |
| 6 | # # | |
| 7 | # This program is free software: you can redistribute it and/or modify # | |
| 8 | # it under the terms of the GNU General Public License as published by # | |
| 9 | # the Free Software Foundation, either version 3 of the License, or # | |
| 10 | # (at your option) any later version. # | |
| 11 | # # | |
| 12 | # This program is distributed in the hope that it will be useful, # | |
| 13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
| 14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
| 15 | # GNU General Public License for more details. # | |
| 16 | # # | |
| 17 | # You should have received a copy of the GNU General Public License # | |
| 18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
| 19 | # # | |
| 20 | ############################################################################### | |
| 21 | ||
| 22 | PROC_NET_VLAN="/proc/net/vlan" | |
| 23 | PROC_NET_VLAN_CONFIG="${PROC_NET_VLAN}/config" | |
| 24 | ||
| 25 | VLAN_PORT_INTERFIX="v" | |
| 26 | ||
| 1c6a4e30 | 27 | vlan_init() { |
| 7951525a MT |
28 | ebtables-restore <<EOF |
| 29 | *filter | |
| 30 | :INPUT ACCEPT | |
| 31 | :FORWARD ACCEPT | |
| 32 | :OUTPUT ACCEPT | |
| 33 | ||
| 34 | *broute | |
| 35 | :BROUTING ACCEPT | |
| 36 | -A BROUTING -p 802_1Q -j DROP | |
| 37 | EOF | |
| 38 | } | |
| 39 | ||
| 1c6a4e30 | 40 | vlan_create() { |
| 7951525a MT |
41 | local device=${1} |
| 42 | assert isset device | |
| 43 | ||
| 44 | local parent=${2} | |
| 45 | assert isset parent | |
| 46 | ||
| 47 | local tag=${3} | |
| 48 | assert isinteger tag | |
| 49 | ||
| 50 | local address=${4} | |
| 51 | if isset address; then | |
| 52 | assert ismac address | |
| 53 | fi | |
| 54 | ||
| 55 | # Check if a device with the name does already exist. | |
| 56 | if device_exists ${device}; then | |
| 57 | log ERROR "device '${device}' does already exist" | |
| 58 | return ${EXIT_ERROR} | |
| 59 | fi | |
| 60 | ||
| 61 | # Check if the parent device exists. | |
| 62 | if ! device_exists ${parent}; then | |
| 63 | log ERROR "parent device '${parent}' does not exist" | |
| 64 | return ${EXIT_ERROR} | |
| 65 | fi | |
| 66 | ||
| 67 | # Load ebtables stuff. | |
| 68 | vlan_init | |
| 69 | ||
| 70 | local command="ip link add link ${parent} name ${device}" | |
| 71 | ||
| 72 | if isset address; then | |
| 73 | command="${command} address ${address}" | |
| 74 | fi | |
| 75 | ||
| 76 | command="${command} type vlan id ${tag}" | |
| 77 | ||
| 78 | cmd_quiet ${command} | |
| 79 | local ret=$? | |
| 80 | ||
| 81 | if [ ${ret} -eq ${EXIT_OK} ]; then | |
| 82 | log DEBUG "vlan device '${device}' has been created" | |
| 83 | else | |
| 84 | log ERROR "could not create vlan device '${device}': ${ret}" | |
| 85 | fi | |
| 86 | ||
| 87 | return ${ret} | |
| 88 | } | |
| 89 | ||
| 1c6a4e30 | 90 | vlan_remove() { |
| 7951525a MT |
91 | local device=${1} |
| 92 | assert isset device | |
| 93 | ||
| 94 | # Set down device (if not already done). | |
| 95 | device_set_down ${device} | |
| 96 | ||
| 97 | device_delete ${device} | |
| 98 | } | |
| 99 | ||
| 1c6a4e30 | 100 | vlan_get_parent() { |
| 7951525a MT |
101 | local device=${1} |
| 102 | assert isset device | |
| 103 | ||
| 104 | # Nothing to do, if 8021q module is not loaded. | |
| 105 | [ -r "${PROC_NET_VLAN_CONFIG}" ] || return ${EXIT_OK} | |
| 106 | ||
| 107 | local dev spacer1 id spacer2 parent | |
| 108 | while read dev spacer1 id spacer2 parent; do | |
| 109 | [ "${device}" = "${dev}" ] || continue | |
| 110 | ||
| 111 | print "${parent}" | |
| 112 | return ${EXIT_OK} | |
| 113 | done < ${PROC_NET_VLAN_CONFIG} | |
| 114 | ||
| 115 | return ${EXIT_ERROR} | |
| 116 | } | |
| 117 | ||
| 1c6a4e30 | 118 | vlan_get_id() { |
| 7951525a MT |
119 | local device=${1} |
| 120 | assert isset device | |
| 121 | ||
| 122 | # Nothing to do, if 8021q module is not loaded. | |
| 123 | [ -r "${PROC_NET_VLAN_CONFIG}" ] || return ${EXIT_OK} | |
| 124 | ||
| 125 | local dev spacer1 id spacer2 parent | |
| 126 | while read dev spacer1 id spacer2 parent; do | |
| 127 | [ "${device}" = "${dev}" ] || continue | |
| 128 | ||
| 129 | print "${id}" | |
| 130 | return ${EXIT_OK} | |
| 131 | done < ${PROC_NET_VLAN_CONFIG} | |
| 132 | ||
| 133 | return ${EXIT_ERROR} | |
| 134 | } | |
| 135 | ||
| 1c6a4e30 | 136 | vlan_get_by_parent_and_vid() { |
| 7951525a MT |
137 | local parent=${1} |
| 138 | assert isset parent | |
| 139 | ||
| 140 | local vid=${2} | |
| 141 | assert isset vid | |
| 142 | ||
| 143 | # Nothing to do, if 8021q module is not loaded. | |
| 144 | [ -r "${PROC_NET_VLAN_CONFIG}" ] || return ${EXIT_OK} | |
| 145 | ||
| 146 | local dev spacer1 id spacer2 par | |
| 147 | while read dev spacer1 id spacer2 par; do | |
| 148 | [ "${parent}" = "${par}" ] || continue | |
| 149 | [ "${vid}" = "${id}" ] || continue | |
| 150 | ||
| 151 | print "${dev}" | |
| 152 | return ${EXIT_OK} | |
| 153 | done < ${PROC_NET_VLAN_CONFIG} | |
| 154 | ||
| 155 | return ${EXIT_ERROR} | |
| 156 | } |