]> git.ipfire.org Git - people/ms/network.git/blob - src/functions/functions.bird
projects / people / ms / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
bird: Make sure the daemon is always running
[people/ms/network.git] / src / functions / functions.bird
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2018 IPFire Network Development Team #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 BIRD_CONF="/etc/bird.conf"
23
24 bird_start() {
25 service_start "bird.service"
26 }
27
28 bird_stop() {
29 service_stop "bird.service"
30 }
31
32 bird_reload() {
33 service_reload "bird.service"
34 }
35
36 bird_enable() {
37 # Generate configuration file
38 if ! bird_generate_config; then
39 log ERROR "Could not write Bird configuration"
40 return ${EXIT_ERROR}
41 fi
42
43 # Enable the service to be automatically started next time
44 service_enable "bird.service"
45
46 # Start it now
47 bird_start
48 }
49
50 # Update configuration any apply it in one go
51 bird_update() {
52 if ! bird_generate_config; then
53 log ERROR "Could not write Bird configuration"
54 return ${EXIT_ERROR}
55 fi
56
57 # Reload bird
58 bird_reload
59 }
60
61 bird_generate_config() {
62 log DEBUG "Write BIRD configuration file"
63
64 # Write header
65 config_header "bird" > ${BIRD_CONF}
66
67 # Write some basic settings
68 local proto
69 (
70 print "# Log everything to syslog"
71 print "log syslog all;"
72 print
73
74 print "# Turn on internal watchdog"
75 print "watchdog warning 5s;"
76 print "watchdog timeout 30s;"
77 print
78
79 print "# Define default route tables"
80 print "ipv6 table master6;"
81 print "ipv4 table master4;"
82
83 print "# Enable device configuration"
84 print "protocol device {}"
85 print
86
87 print "# Export all routes to kernel"
88 for proto in ${IP_SUPPORTED_PROTOCOLS}; do
89 print "protocol kernel {"
90 print " ${proto} {"
91 print " table ${proto/ipv/master};"
92 print " export all;"
93 print " };"
94 print " learn;"
95 print "}"
96 print
97 done
98 ) >> ${BIRD_CONF}
99
100 # Static routes
101 for proto in ${IP_SUPPORTED_PROTOCOLS}; do
102 print "protocol static {"
103 print " ${proto};"
104 print
105
106 # Read routes for this protocol from configuration
107 __bird_static_routes "${proto}"
108
109 print "}"
110 print
111 done >> ${BIRD_CONF}
112
113 # Write IPv6 Router Advertisement configuration
114 __bird_ipv6_radv >> ${BIRD_CONF}
115 }
116
117 __bird_static_routes() {
118 local proto="${1}"
119 assert isset proto
120
121 local ${NETWORK_CONFIG_ROUTES_PARAMS}
122 local line
123 while read line; do
124 route_parse_line "${line}"
125 [ $? -eq ${EXIT_OK} ] || continue
126
127 local type
128 local arg
129 for arg in unreachable prohibit blackhole; do
130 if enabled "${arg}"; then
131 type="${arg}"
132 break
133 fi
134 done
135
136 # Skip all routes of another protocol
137 local _proto="$(ip_detect_protocol "${network}")"
138 if [ "${proto}" != "${_proto}" ]; then
139 continue
140 fi
141
142 case "${type}" in
143 unreachable|prohibit|blackhole)
144 print " route ${network} ${type};"
145 ;;
146
147 *)
148 print " route ${network} via ${gateway};"
149 ;;
150 esac
151 done < ${NETWORK_CONFIG_ROUTES}
152 }
153
154 __bird_ipv6_radv() {
155 print "protocol radv {"
156
157 local zone
158 for zone in $(zones_get_local); do
159 log DEBUG "Writing bird radv configuration for ${zone}"
160
161 # Skip if there is no prefix or prefix is link-local.
162 local addr="$(db_get "${zone}/ipv6/local-ip-address")"
163 if [ -z "${addr}" ] || [ "${addr:0:5}" = "fe80:" ]; then
164 continue
165 fi
166
167 # Check if the subnet is configured by the DHCP server.
168 local dhcp="false"
169 local prefix="$(ipv6_get_network "${addr}")"
170 if isset prefix && dhcpd_subnet_match ipv6 "${prefix}"; then
171 dhcp="true"
172 fi
173
174 print " interface \"${zone}\" {"
175 # Failover to other routers within 10s
176 print " max ra interval 10;"
177
178 # Tell clients we are running DHCP
179 if enabled dhcp; then
180 print " managed yes;"
181 print " other config yes;"
182 fi
183
184 if device_exists "${zone}"; then
185 # Announce link MTU
186 local mtu="$(device_get_mtu "${zone}")"
187 print " link mtu ${mtu};"
188 fi
189
190 print # empty line
191
192 # Announce all prefixes
193 print " prefix ::/0 {"
194
195 if enabled dhcp; then
196 print " autonomous off;"
197 fi
198
199 print " };"
200 print " };\n"
201 done
202
203 # Advertise any DNS servers
204 if enabled DNS_ADVERTISE_SERVERS; then
205 # Get a list of all IPv6 name servers
206 local servers=()
207 local server
208 for server in $(dns_server_list_sorted); do
209 # Skip any non-IPv6 servers
210 ipv6_is_valid "${server}" || continue
211
212 servers+=( "${server}" )
213 done
214
215 if isset servers; then
216 print " rdnss {"
217
218 local server
219 for server in ${servers}; do
220 print " ns ${server};"
221 done
222
223 print " };"
224 fi
225 fi
226
227 # DNS Search Domain
228 print " dnssl {"
229
230 local domain
231 for domain in $(dns_get_search_domains); do
232 print " domain \"${domain}\";"
233 done
234
235 print " };"
236
237 print "}\n"
238 }
Networking code of IPFire 3.x.