]>
Commit | Line | Data |
---|---|---|
1848564d MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
97cb552e | 5 | # Copyright (C) 2012 IPFire Network Development Team # |
1848564d MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
f41fa3d7 | 22 | . /usr/lib/network/header-zone |
1848564d | 23 | |
97cb552e | 24 | HOOK_SETTINGS="HOOK ACCESS_CONCENTRATOR AUTH USERNAME PASSWORD" |
529141df | 25 | HOOK_SETTINGS="${HOOK_SETTINGS} SERVICE_NAME MTU IPV6 PREFIX_DELEGATION" |
1848564d | 26 | |
97cb552e | 27 | # This hook can work with all authentication methods supported by pppd. |
3a829636 | 28 | PPPOE_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}" |
1848564d MT |
29 | PPPOE_PLUGIN="rp-pppoe.so" |
30 | ||
69e93b3c | 31 | # Request an IPv6 address. |
53e764a7 | 32 | DEFAULT_IPV6="true" |
69e93b3c | 33 | |
08e40c8c | 34 | # Use IPv6 prefix delegation. |
53e764a7 | 35 | DEFAULT_PREFIX_DELEGATION="true" |
08e40c8c | 36 | |
1c6a4e30 | 37 | hook_check_settings() { |
97cb552e MT |
38 | assert isset USERNAME |
39 | assert isset PASSWORD | |
261132f9 | 40 | |
3a829636 | 41 | isset AUTH && assert isoneof AUTH ${PPPOE_SUPPORTED_AUTH_METHODS} |
261132f9 | 42 | |
69e93b3c | 43 | assert isset IPV6 |
08e40c8c | 44 | assert isset PREFIX_DELEGATION |
1848564d MT |
45 | } |
46 | ||
1c6a4e30 | 47 | hook_parse_cmdline() { |
1848564d | 48 | while [ $# -gt 0 ]; do |
97cb552e MT |
49 | case "${1}" in |
50 | --access-concentrator=*) | |
2212045f | 51 | ACCESS_CONCENTRATOR=$(cli_get_val "${1}") |
1848564d | 52 | ;; |
97cb552e | 53 | --auth=*) |
2212045f | 54 | AUTH=$(cli_get_val "${1}") |
1848564d | 55 | ;; |
69e93b3c MT |
56 | --ipv6=*) |
57 | local value="$(cli_get_val "${1}")" | |
58 | if enabled value; then | |
59 | IPV6="true" | |
60 | else | |
61 | IPV6="false" | |
62 | fi | |
63 | ;; | |
1848564d | 64 | --mtu=*) |
2212045f | 65 | MTU=$(cli_get_val "${1}") |
1848564d | 66 | ;; |
97cb552e | 67 | --password=*) |
2212045f | 68 | PASSWORD=$(cli_get_val "${1}") |
1848564d | 69 | ;; |
08e40c8c MT |
70 | --prefix-delegation=*) |
71 | PREFIX_DELEGATION="$(cli_get_bool "${1}")" | |
72 | ;; | |
97cb552e | 73 | --service-name=*) |
2212045f | 74 | SERVICE_NAME=$(cli_get_val "${1}") |
1848564d | 75 | ;; |
97cb552e | 76 | --username=*) |
2212045f | 77 | USERNAME=$(cli_get_val "${1}") |
201b7dff | 78 | ;; |
1848564d | 79 | *) |
97cb552e | 80 | warning "Unknown argument: ${1}" >&2 |
1848564d MT |
81 | ;; |
82 | esac | |
83 | shift | |
84 | done | |
1848564d MT |
85 | } |
86 | ||
1c6a4e30 | 87 | hook_up() { |
1848564d | 88 | local zone=${1} |
711ffac1 MT |
89 | assert isset zone |
90 | ||
ac694a6a MT |
91 | # If this zone's port is not set, we will return |
92 | # with EXIT_OK so that this zone will remain active, | |
93 | # but we cannot start pppd. | |
94 | local port=$(__hook_get_port "${zone}") | |
95 | if ! isset port || ! port_exists "${port}"; then | |
96 | log WARNING "Could not bring up zone '${zone}' because no port is attached" | |
97 | exit ${EXIT_OK} | |
98 | fi | |
99 | ||
1e6f187e | 100 | zone_settings_read "${zone}" |
2044f591 | 101 | |
3ab3292c SS |
102 | # Load the pppoe kernel module |
103 | module_load "pppoe" | |
104 | ||
2044f591 | 105 | # Bring up the port. |
529141df | 106 | port_up "${port}" |
2044f591 | 107 | |
97cb552e MT |
108 | # Start the ppp daemon. |
109 | pppd_start ${zone} | |
da453c33 | 110 | |
97cb552e | 111 | exit ${EXIT_OK} |
1848564d MT |
112 | } |
113 | ||
1c6a4e30 | 114 | hook_down() { |
1848564d | 115 | local zone=${1} |
97cb552e | 116 | assert isset zone |
1848564d | 117 | |
1e6f187e | 118 | zone_settings_read "${zone}" |
2044f591 | 119 | |
97cb552e MT |
120 | # Stop the ppp daemon. |
121 | pppd_stop ${zone} | |
1848564d | 122 | |
2044f591 | 123 | # Bring down the port. |
ebd29545 SS |
124 | local port=$(__hook_get_port "${zone}") |
125 | if isset port; then | |
126 | log DEBUG "Bringing down port '${port}'" | |
127 | port_down "${port}" | |
128 | fi | |
2044f591 | 129 | |
1848564d MT |
130 | exit ${EXIT_OK} |
131 | } | |
132 | ||
1c6a4e30 | 133 | hook_hotplug() { |
0994996d MT |
134 | local zone="${1}" |
135 | ||
136 | case "$(hotplug_action)" in | |
137 | add) | |
138 | if hotplug_event_interface_is_port_of_zone "${zone}"; then | |
139 | # Bring up the zone if it is enabled but not active, yet. | |
140 | zone_start_auto "${zone}" | |
141 | ||
142 | exit ${EXIT_OK} | |
143 | fi | |
144 | ;; | |
145 | remove) | |
146 | # PPPoE cannot work if the ethernet device has been removed | |
147 | if hotplug_event_interface_is_port_of_zone "${zone}"; then | |
148 | if zone_is_active "${zone}"; then | |
149 | zone_stop "${zone}" | |
150 | fi | |
151 | ||
152 | exit ${EXIT_OK} | |
153 | fi | |
154 | ;; | |
155 | esac | |
156 | ||
157 | exit ${EXIT_NOT_HANDLED} | |
158 | } | |
159 | ||
1c6a4e30 | 160 | hook_discover() { |
1848564d MT |
161 | local device=${1} |
162 | ||
5dfc94a8 MT |
163 | # This obviously only works on ethernet (or compatible) devices |
164 | if ! device_is_ethernet_compatible "${device}"; then | |
5b20e43a | 165 | exit ${EXIT_ERROR} |
1848564d MT |
166 | fi |
167 | ||
168 | local output | |
169 | output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1) | |
170 | ||
171 | # Exit if there was not output | |
172 | [ -z "${output}" ] && exit ${DISCOVER_ERROR} | |
173 | ||
174 | # Exit if PADI timed out | |
175 | grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR} | |
176 | ||
177 | local ac | |
178 | while read line; do | |
179 | case "${line}" in | |
180 | Access-Concentrator:*) | |
181 | ac="${line#Access-Concentrator: }" | |
182 | ;; | |
183 | esac | |
184 | done <<<"${output}" | |
185 | ||
186 | echo "ACCESS_CONCENTRATOR=\"$ac\"" | |
187 | ||
188 | exit ${DISCOVER_OK} | |
189 | } | |
5b20e43a | 190 | |
1c6a4e30 | 191 | hook_status() { |
8eadf1da | 192 | local zone=${1} |
711ffac1 MT |
193 | assert isset zone |
194 | ||
3cb2fc42 | 195 | cli_device_headline ${zone} |
8eadf1da | 196 | |
1e6f187e | 197 | zone_settings_read "${zone}" |
711ffac1 | 198 | |
3cb2fc42 | 199 | cli_headline 2 "Configuration" |
97cb552e MT |
200 | cli_print_fmt1 2 "Username" "${USERNAME}" |
201 | cli_print_fmt1 2 "Password" "<hidden>" | |
529141df MT |
202 | |
203 | local port=$(__hook_get_port "${zone}") | |
204 | if isset port; then | |
205 | cli_print_fmt1 2 "Port" "${port}" | |
206 | fi | |
3cb2fc42 MT |
207 | cli_space |
208 | ||
8eadf1da MT |
209 | # Exit if zone is down |
210 | if ! zone_is_up ${zone}; then | |
211 | echo # Empty line | |
212 | exit ${EXIT_ERROR} | |
213 | fi | |
214 | ||
711ffac1 MT |
215 | # XXX display time since connection started |
216 | ||
3cb2fc42 | 217 | cli_headline 2 "Point-to-Point-over-Ethernet protocol" |
39cd231c SS |
218 | cli_print_fmt1 2 "MAC-Remote" "$(db_get "${zone}/remote-address")" |
219 | cli_space | |
220 | ||
201b7dff MT |
221 | local proto |
222 | for proto in ${IP_SUPPORTED_PROTOCOLS}; do | |
c041b631 | 223 | db_exists "${zone}/${proto}" || continue |
3cb2fc42 MT |
224 | |
225 | local headline | |
226 | case "${proto}" in | |
227 | ipv6) | |
228 | headline="Internet Protocol Version 6" | |
229 | ;; | |
230 | ipv4) | |
231 | headline="Internet Protocol Version 4" | |
232 | ;; | |
233 | *) | |
234 | headline="Unkown protocol" | |
235 | ;; | |
236 | esac | |
237 | cli_headline 3 "${headline}" | |
238 | ||
c041b631 MT |
239 | cli_print_fmt1 3 "IP address" "$(db_get "${zone}/${proto}/local-ip-address")" |
240 | cli_print_fmt1 3 "Gateway" "$(db_get "${zone}/${proto}/remote-ip-address")" | |
d64f0511 | 241 | cli_print_fmt1 3 "DNS servers" "$(db_get "${zone}/${proto}/domain-name-servers")" |
3cb2fc42 | 242 | cli_space |
201b7dff | 243 | done |
3cb2fc42 | 244 | |
8eadf1da MT |
245 | exit ${EXIT_OK} |
246 | } | |
247 | ||
1c6a4e30 | 248 | hook_ppp_write_config() { |
97cb552e MT |
249 | local zone=${1} |
250 | assert isset zone | |
251 | ||
252 | local file=${2} | |
253 | assert isset file | |
254 | ||
255 | # Read in the configuration files. | |
1e6f187e | 256 | zone_settings_read "${zone}" |
97cb552e | 257 | |
529141df MT |
258 | # A port has to be assigned for this action |
259 | local port=$(__hook_get_port "${zone}") | |
260 | if ! isset port; then | |
261 | error "No port assigned to pppoe hook of zone '${zone}'" | |
262 | exit ${EXIT_ERROR} | |
263 | fi | |
264 | ||
97cb552e MT |
265 | # Prepare the command line options for the pppoe plugin. |
266 | local plugin_options | |
267 | ||
268 | # Add the access concentrator (if any). | |
269 | if isset ACCESS_CONCENTRATOR; then | |
270 | plugin_options="${plugin_options} rp_pppoe_ac '${ACCESS_CONCENTRATOR}'" | |
711ffac1 MT |
271 | fi |
272 | ||
97cb552e MT |
273 | # Add the service name (if any). |
274 | if isset SERVICE_NAME; then | |
275 | plugin_options="${plugin_options} rp_pppoe_service '${SERVICE_NAME}'" | |
276 | fi | |
711ffac1 | 277 | |
97cb552e | 278 | # The last argument must be the interface. |
529141df | 279 | plugin_options="${plugin_options} ${port}" |
97cb552e MT |
280 | |
281 | pppd_write_config ${file} \ | |
282 | --interface="${zone}" \ | |
6c74a64c MT |
283 | --username="${USERNAME}" \ |
284 | --password="${PASSWORD}" \ | |
97cb552e MT |
285 | --mtu="${MTU}" \ |
286 | --auth="${AUTH}" \ | |
69e93b3c | 287 | --ipv6="${IPV6}" \ |
97cb552e MT |
288 | \ |
289 | --plugin="${PPPOE_PLUGIN}" \ | |
290 | --plugin-options="${plugin_options}" | |
291 | ||
6c74a64c | 292 | exit ${EXIT_OK} |
711ffac1 | 293 | } |
529141df | 294 | |
1c6a4e30 | 295 | __hook_get_port() { |
529141df MT |
296 | local zone="${1}" |
297 | ||
298 | local port | |
299 | for port in $(zone_get_ports "${zone}"); do | |
300 | echo "${port}" | |
301 | return ${EXIT_OK} | |
302 | done | |
303 | ||
304 | return ${EXIT_ERROR} | |
305 | } | |
306 | ||
1c6a4e30 | 307 | hook_port_attach() { |
529141df MT |
308 | # Excepting at least two arguments here |
309 | assert [ $# -ge 2 ] | |
310 | ||
311 | local zone="${1}" | |
312 | local port="${2}" | |
313 | shift 2 | |
314 | ||
315 | # PPPoE can only use one port | |
316 | local ports_num="$(zone_get_ports_num "${zone}")" | |
317 | if [ ${ports_num} -ge 1 ]; then | |
ac694a6a | 318 | local ports="$(zone_get_ports "${zone}")" |
529141df | 319 | error "The pppoe zone hook only supports assigning one port" |
ac694a6a | 320 | error " port '${ports}' has already been assigned to zone '${zone}'" |
529141df MT |
321 | return ${EXIT_ERROR} |
322 | fi | |
323 | ||
ac694a6a MT |
324 | if ! zone_port_settings_write "${zone}" "${port}"; then |
325 | exit ${EXIT_ERROR} | |
326 | fi | |
529141df MT |
327 | |
328 | exit ${EXIT_OK} | |
329 | } | |
330 | ||
1c6a4e30 | 331 | hook_port_detach() { |
529141df MT |
332 | assert [ $# -eq 2 ] |
333 | ||
334 | local zone="${1}" | |
335 | local port="${2}" | |
336 | ||
ac694a6a MT |
337 | # Shut down the entire zone here, because it cannot |
338 | # run without a port any way and removing the port would | |
339 | # create a hotplug event which will be processed after the | |
340 | # port has already been detached... | |
341 | zone_stop "${zone}" | |
529141df | 342 | |
ac694a6a MT |
343 | if ! zone_port_settings_remove "${zone}" "${port}"; then |
344 | exit ${EXIT_ERROR} | |
345 | fi | |
529141df MT |
346 | |
347 | exit ${EXIT_OK} | |
348 | } | |
4cee7a5d | 349 | |
82cd8617 MT |
350 | hook_port_up() { |
351 | assert [ $# -eq 2 ] | |
352 | ||
353 | local zone="${1}" | |
354 | local port="${2}" | |
355 | ||
356 | # Try bringing up the port if it has not been brought up before | |
357 | if ! device_exists "${port}"; then | |
358 | port_create "${port}" | |
359 | fi | |
360 | ||
361 | # Make sure that the port is up | |
362 | port_up "${port}" | |
363 | ||
364 | exit ${EXIT_OK} | |
365 | } | |
366 | ||
367 | hook_port_down() { | |
368 | assert [ $# -eq 2 ] | |
369 | ||
370 | local zone="${1}" | |
371 | local port="${2}" | |
372 | ||
373 | if device_exists "${port}"; then | |
374 | port_down "${port}" | |
375 | fi | |
376 | ||
377 | exit ${EXIT_OK} | |
378 | } | |
379 | ||
1c6a4e30 | 380 | hook_ppp_ipv6_up() { |
4cee7a5d MT |
381 | local zone="${1}" |
382 | ||
383 | ppp_common_ipv6_up "${zone}" | |
384 | ||
385 | # Read configuration | |
386 | zone_settings_read "${zone}" | |
387 | ||
388 | if enabled PREFIX_DELEGATION; then | |
389 | dhclient_start "${zone}" ipv6 | |
390 | fi | |
391 | ||
392 | exit ${EXIT_OK} | |
393 | } | |
394 | ||
1c6a4e30 | 395 | hook_ppp_ipv6_down() { |
4cee7a5d MT |
396 | local zone="${1}" |
397 | ||
398 | ppp_common_ipv6_down "${zone}" | |
399 | ||
400 | # Read configuration | |
401 | zone_settings_read "${zone}" | |
402 | ||
403 | if enabled PREFIX_DELEGATION; then | |
404 | dhclient_stop "${zone}" ipv6 | |
405 | fi | |
406 | ||
407 | exit ${EXIT_OK} | |
408 | } |