]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/bash | |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
22 | . /usr/lib/network/header-port | |
23 | ||
24 | HOOK_PORT_PATTERN="${PORT_PATTERN_ACCESSPOINT}" | |
25 | ||
26 | HOOK_SETTINGS="ADDRESS BROADCAST_SSID CHANNEL CHANNEL_BANDWIDTH DFS MODE PHY" | |
27 | HOOK_SETTINGS="${HOOK_SETTINGS} ENCRYPTION ENVIRONMENT KEY SSID" | |
28 | HOOK_SETTINGS="${HOOK_SETTINGS} MFP" | |
29 | ||
30 | # Broadcast SSID by default | |
31 | DEFAULT_BROADCAST_SSID="on" | |
32 | ||
33 | # Perform radar detection by default when possible | |
34 | DEFAULT_DFS="on" | |
35 | ||
36 | # 802.11w - Management Frame Protection | |
37 | # Disable by default because many clients cannot connect when enabled | |
38 | DEFAULT_MFP="off" | |
39 | ||
40 | DEFAULT_ENVIRONMENT="${WIRELESS_DEFAULT_ENVIRONMENT}" | |
41 | ||
42 | hook_check_settings() { | |
43 | assert isset ADDRESS | |
44 | assert ismac ADDRESS | |
45 | assert isset BROADCAST_SSID | |
46 | assert isbool BROADCAST_SSID | |
47 | assert isset CHANNEL | |
48 | assert isbool DFS | |
49 | assert isbool MFP | |
50 | assert isset MODE | |
51 | assert isoneof MODE ${HOSTAPD_SUPPORTED_MODES} | |
52 | assert isset PHY | |
53 | assert ismac PHY | |
54 | assert isset SSID | |
55 | ||
56 | if isset ENCRYPTION; then | |
57 | assert isoneof ENCRYPTION WPA WPA2 WPA/WPA2 | |
58 | ||
59 | assert isset KEY | |
60 | assert [ ${#KEY} -ge 8 ] | |
61 | assert [ ${#KEY} -le 63 ] | |
62 | fi | |
63 | ||
64 | assert wireless_environment_is_valid "${ENVIRONMENT}" | |
65 | } | |
66 | ||
67 | hook_parse_cmdline() { | |
68 | while [ $# -gt 0 ]; do | |
69 | case "${1}" in | |
70 | --broadcast-ssid=*) | |
71 | BROADCAST_SSID=$(cli_get_val "${1}") | |
72 | ;; | |
73 | --channel=*) | |
74 | CHANNEL=$(cli_get_val "${1}") | |
75 | ;; | |
76 | --channel-bandwidth=*) | |
77 | CHANNEL_BANDWIDTH="$(cli_get_val "${1}")" | |
78 | ;; | |
79 | --dfs=*) | |
80 | DFS="$(cli_get_val "${1}")" | |
81 | ||
82 | if enabled DFS; then | |
83 | DFS="on" | |
84 | elif disabled DFS; then | |
85 | DFS="off" | |
86 | else | |
87 | error "Invalid value for DFS: ${DFS}" | |
88 | return ${EXIT_ERROR} | |
89 | fi | |
90 | ;; | |
91 | --encryption=*) | |
92 | ENCRYPTION=$(cli_get_val "${1}") | |
93 | ;; | |
94 | --environment=*) | |
95 | ENVIRONMENT="$(cli_get_val "${1}")" | |
96 | ||
97 | if ! wireless_environment_is_valid "${ENVIRONMENT}"; then | |
98 | error "Invalid wireless environment: ${ENVIRONMENT}" | |
99 | return ${EXIT_ERROR} | |
100 | fi | |
101 | ;; | |
102 | --key=*) | |
103 | KEY=$(cli_get_val "${1}") | |
104 | ;; | |
105 | --mac=*) | |
106 | ADDRESS=$(cli_get_val "${1}") | |
107 | ;; | |
108 | --mfp=*) | |
109 | MFP="$(cli_get_val "${1}")" | |
110 | ||
111 | if enabled MFP; then | |
112 | MFP="on" | |
113 | elif disabled MFP; then | |
114 | MFP="off" | |
115 | else | |
116 | error "Invalid value for --mfp: ${MFP}" | |
117 | return ${EXIT_ERROR} | |
118 | fi | |
119 | ;; | |
120 | --mode=*) | |
121 | MODE=$(cli_get_val "${1}") | |
122 | ||
123 | if ! isoneof MODE ${HOSTAPD_SUPPORTED_MODES}; then | |
124 | error "Unsupported mode: ${MODE}" | |
125 | error "Mode must be one of ${HOSTAPD_SUPPORTED_MODES}" | |
126 | return ${EXIT_ERROR} | |
127 | fi | |
128 | ;; | |
129 | --phy=*) | |
130 | PHY=$(cli_get_val "${1}") | |
131 | ;; | |
132 | --ssid=*) | |
133 | SSID=$(cli_get_val "${1}") | |
134 | ;; | |
135 | *) | |
136 | warning "Ignoring unknown argument '${1}'" | |
137 | ;; | |
138 | esac | |
139 | shift | |
140 | done | |
141 | ||
142 | # Generate a random MAC address if none is set | |
143 | if ! isset ADDRESS; then | |
144 | ADDRESS="$(mac_generate)" | |
145 | fi | |
146 | ||
147 | # MODE must be set | |
148 | if ! isset MODE; then | |
149 | error "--mode is not set" | |
150 | return ${EXIT_ERROR} | |
151 | fi | |
152 | ||
153 | # Automatically enable ACS if no channel is set and ACS is available | |
154 | if ! isset CHANNEL && phy_supports_acs "${PHY}"; then | |
155 | CHANNEL="0" | |
156 | ||
157 | log INFO "Automatic Channel Selection (ACS) enabled" | |
158 | fi | |
159 | ||
160 | # Channel bandwidth must match the mode | |
161 | if isset CHANNEL_BANDWIDTH && ! wireless_channel_bandwidth_is_valid "${MODE}" "${CHANNEL_BANDWIDTH}"; then | |
162 | error "Channel Bandwidth '${CHANNEL_BANDWIDTH}' is not supported for ${MODE}" | |
163 | return ${EXIT_ERROR} | |
164 | fi | |
165 | ||
166 | # Save address of phy do identify it again | |
167 | PHY=$(phy_get ${PHY}) | |
168 | PHY=$(phy_get_address ${PHY}) | |
169 | } | |
170 | ||
171 | hook_edit() { | |
172 | local port=${1} | |
173 | assert isset port | |
174 | ||
175 | if ! hook_default_edit "$@"; then | |
176 | return ${EXIT_ERROR} | |
177 | fi | |
178 | ||
179 | # To apply all changes, we need to restart the port | |
180 | port_restart "${port}" | |
181 | } | |
182 | ||
183 | hook_create() { | |
184 | local port="${1}" | |
185 | assert isset port | |
186 | ||
187 | device_exists "${port}" && exit ${EXIT_OK} | |
188 | ||
189 | port_settings_read "${port}" ${HOOK_SETTINGS} | |
190 | ||
191 | # Check if the PHY is present. | |
192 | local phy=$(phy_get ${PHY}) | |
193 | if ! isset phy; then | |
194 | log DEBUG "phy '${PHY}' is not present" | |
195 | exit ${EXIT_ERROR} | |
196 | fi | |
197 | ||
198 | # Create the wireless device | |
199 | wireless_create "${port}" \ | |
200 | --phy="${phy}" \ | |
201 | --type="ap" \ | |
202 | --address="${ADDRESS}" | |
203 | ||
204 | exit ${EXIT_OK} | |
205 | } | |
206 | ||
207 | hook_remove() { | |
208 | local port="${1}" | |
209 | assert isset port | |
210 | ||
211 | # Remove the device if present | |
212 | if device_exists "${port}"; then | |
213 | wireless_remove "${port}" | |
214 | fi | |
215 | ||
216 | exit ${EXIT_OK} | |
217 | } | |
218 | ||
219 | hook_up() { | |
220 | local port="${1}" | |
221 | assert isset port | |
222 | ||
223 | # The port must already exist before | |
224 | # hostapd is started. Otherwise it will | |
225 | # fail horribly over and over again. | |
226 | assert device_exists "${port}" | |
227 | ||
228 | hostapd_start "${port}" | |
229 | } | |
230 | ||
231 | hook_down() { | |
232 | local port="${1}" | |
233 | assert isset port | |
234 | ||
235 | hostapd_stop "${port}" | |
236 | } | |
237 | ||
238 | hook_hotplug() { | |
239 | local port="${1}" | |
240 | assert isset port | |
241 | ||
242 | case "$(hotplug_action)" in | |
243 | add) | |
244 | # Create the port when the phy is plugged in | |
245 | if hotplug_event_port_uses_phy "${port}"; then | |
246 | hook_create "${port}" | |
247 | fi | |
248 | ;; | |
249 | ||
250 | remove) | |
251 | # Stop hostapd | |
252 | if hotplug_event_port_is_interface "${port}"; then | |
253 | hostapd_stop "${port}" | |
254 | ||
255 | exit ${EXIT_OK} | |
256 | fi | |
257 | ;; | |
258 | esac | |
259 | ||
260 | exit ${EXIT_NOT_HANDLED} | |
261 | } |