2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Network Development Team #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 .
/usr
/lib
/network
/header-zone
24 HOOK_SETTINGS
="HOOK AUTH INTERFACE_ADDRESS IPV6 MTU PASSWORD PEER_ADDRESS PORT"
25 HOOK_SETTINGS
="${HOOK_SETTINGS} PREFIX PREFIX_DELEGATION REFUSED_AUTH_METHODS"
26 HOOK_SETTINGS
="${HOOK_SETTINGS} USERNAME USE_DHCP"
28 # User credentials for the dialin.
32 # The physical ethernet port the modem is connected to.
35 # The IPv4 address of the PPTP server to connect to.
38 # Set the authentication mechanism.
41 # Maximum Transmission Unit.
42 # 1492 is a very common value for that.
45 # This hook can work with all authentication methods supported by pppd.
46 PPP_SUPPORTED_AUTH_METHODS
="${PPP_SUPPORTED_AUTH_METHODS}"
48 # Use DHCP to get a IPv4 Address for the interface.
51 # Request an IPv6 address.
54 # Use IPv6 prefix delegation.
55 PREFIX_DELEGATION
="false"
57 # A list of refused authentification methods.
58 REFUSED_AUTH_METHODS
=""
60 function hook_check
() {
63 assert isset PEER_ADDRESS
65 assert isset PREFIX_DELEGATION
67 # Check for valid port and IP settings.
71 # Check if port exists.
72 assert port_exists
${PORT}
74 # Check for valid interface address.
75 assert isset INTERFACE_ADDRESS
77 if ! ipv4_is_valid
"${INTERFACE_ADDRESS}"; then
78 log ERROR
"Invalid interface address. Please use a valid IPv4 address."
82 # Check for a valid network prefix.
83 assert isinteger PREFIX
85 if [ ${PREFIX} -gt 30 ]; then
86 error
"PREFIX is greater than 30."
91 # Check if the peer-address is valid.
92 if ! ipv4_is_valid
"${PEER_ADDRESS}"; then
93 log ERROR
"Invalid peer-address. Please use a valid IPv4 address."
97 # Check if a supported AUTH Mechanism has been given.
98 isset AUTH
&& assert isoneof AUTH
${PPP_SUPPORTED_AUTH_METHODS}
101 function hook_parse_cmdline
() {
102 while [ $# -gt 0 ]; do
105 AUTH
="$(cli_get_val ${1})"
107 --interface-address=*)
108 INTERFACE_ADDRESS
="$(cli_get_val ${1})"
111 local value
="$(cli_get_val "${1}")"
113 if enabled value
; then
120 MTU
="$(cli_get_val ${1})"
123 PASSWORD
="$(cli_get_val ${1})"
126 PEER_ADDRESS
="$(cli_get_val ${1})"
129 PORT
="$(cli_get_val ${1})"
132 PREFIX
="$(cli_get_val ${1})"
134 --prefix-delegation=*)
135 local value
="$(cli_get_val "${1}")"
137 if enabled value
; then
138 PREFIX_DELEGATION
="true"
140 PREFIX_DELEGATION
="false"
143 --refuse-auth-methods=*)
144 REFUSED_AUTH_METHODS
="$(cli_get_val ${1})"
147 USERNAME
="$(cli_get_val ${1})"
150 local value
="$(cli_get_val "${1}")"
152 if enabled value
; then
159 warning
"Unknown argument: ${1}" >&2
171 zone_config_read
"${zone}"
173 # Check if a port will be used.
177 log DEBUG
"Bringing up port '${PORT}'."
180 # Check if DHCP will be used, or a static IP has been configured.
181 if enabled USE_DHCP
; then
182 # Start dhclient for IPv4 on this zone.
183 dhclient_start
"${PORT}" "ipv4"
185 # Add ip address and network prefix.
186 ip_address_add
"${PORT}" "${INTERFACE_ADDRESS}"/"${PREFIX}"
190 # Start the ppp daemon.
196 function hook_down
() {
200 zone_config_read
"${zone}"
202 # Stop the ppp daemon.
206 # Check if a port has been used.
209 # Stop DHCP-Client or remove static IP address.
210 if enabled USE_DHCP
; then
211 # Stop dhclient for IPv4 on this zone.
212 dhclient_stop
"${PORT}" "ipv4"
214 # Remove address from interface.
215 ip_address_del
"${PORT}" "${INTERFACE_ADDRESS}"/"${PREFIX}"
218 # Bring down the port.
219 log DEBUG
"Bringing down port '${PORT}'."
226 function hook_status
() {
230 cli_device_headline
"${zone}"
232 zone_config_read
"${zone}"
234 # Display port configuration if a port is used.
236 cli_headline
2 "Configuration"
237 cli_print_fmt1
2 "IP Address" "${INTERFACE_ADDRESS}"/"${PREFIX}"
238 cli_print_fmt1
2 "Peer Address" "${PEER_ADDRESS}"
239 cli_print_fmt1
2 "Port" "${PORT}"
243 cli_headline
2 "Dialin Information"
244 cli_print_fmt1
2 "Username" "${USERNAME}"
245 cli_print_fmt1
2 "Password" "<hidden>"
248 # Exit if zone is down
249 if ! zone_is_up
${zone}; then
254 cli_headline
2 "Point-to-Point-Tunneling protocol"
256 for proto
in ${IP_SUPPORTED_PROTOCOLS}; do
257 routing_db_exists
${zone} ${proto} ||
continue
262 headline
="Internet Protocol Version 6"
265 headline
="Internet Protocol Version 4"
268 headline
="Unkown protocol"
271 cli_headline
3 "${headline}"
273 cli_print_fmt1
3 "IP address" "$(routing_db_get "${zone}" "${proto}" "local-ip-address
")"
274 cli_print_fmt1
3 "Gateway" "$(routing_db_get "${zone}" "${proto}" "remote-ip-address
")"
275 cli_print_fmt1
3 "DNS servers" "$(routing_db_get "${zone}" "${proto}" "dns
")"
282 function hook_ppp_write_config
() {
289 # Read in the configuration files.
290 zone_config_read
"${zone}"
292 # Prepare the command line options for the pptp plugin.
293 local pptp_commandline
="pptp ${PEER_ADDRESS} --nolaunchpppd"
295 pppd_write_config
${file} \
296 --interface="${zone}" \
297 --username="${USERNAME}" \
298 --password="${PASSWORD}" \
301 --pty="${pptp_commandline}" \
303 --refuse="${REFUSED_AUTH_METHODS}"