]> git.ipfire.org Git - people/ms/network.git/blob - src/hooks/configs/static
projects / people / ms / network.git / blob
? search:


23ae2d89d6e8157730f528aee9f80c427759e7eb
[people/ms/network.git] / src / hooks / configs / static
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 . /usr/lib/network/header-config
23
24 HOOK_CONFIG_SETTINGS="HOOK ADDRESS PREFIX GATEWAY"
25
26 hook_check_config_settings() {
27 local protocol="$(ip_detect_protocol "${ADDRESS}")"
28
29 case "${protocol}" in
30 ipv6)
31 assert ipv6_is_valid "${ADDRESS}"
32 assert ipv6_prefix_is_valid "${PREFIX}"
33
34 isset GATEWAY && assert ipv6_is_valid "${GATEWAY}"
35 ;;
36
37 ipv4)
38 assert ipv4_is_valid "${ADDRESS}"
39 assert ipv4_prefix_is_valid "${PREFIX}"
40
41 isset GATEWAY && assert ipv4_is_valid "${GATEWAY}"
42 ;;
43
44 *)
45 error "Could not determine protocol: ${protocol}"
46 return ${EXIT_CONF_ERROR}
47 ;;
48 esac
49
50 return ${EXIT_OK}
51 }
52
53 hook_parse_cmdline() {
54 local protocol
55 local id="${1}"
56 shift
57
58 while [ $# -gt 0 ]; do
59 case "${1}" in
60 # IPv6
61 *:*/*)
62 protocol="ipv6"
63
64 ADDRESS="$(ip_split_prefix "${1}")"
65 PREFIX="$(ip_get_prefix "${1}")"
66
67 # Validate address
68 if ! ipv6_is_valid "${ADDRESS}"; then
69 error "Invalid IP address: ${ADDRESS}"
70 return ${EXIT_CONF_ERROR}
71 fi
72
73 # Validate prefix
74 if ! ipv6_prefix_is_valid "${PREFIX}"; then
75 error "Invalid prefix: ${PREFIX}"
76 return ${EXIT_CONF_ERROR}
77 fi
78
79 # Store the IPv6 address in its shortest format
80 ADDRESS="$(ipv6_format "${ADDRESS}")"
81 ;;
82
83 # IPv4
84 *.*.*.*/*)
85 protocol="ipv4"
86
87 ADDRESS="$(ip_split_prefix "${1}")"
88 PREFIX="$(ip_get_prefix "${1}")"
89
90 # Validate address
91 if ! ipv4_is_valid "${ADDRESS}"; then
92 error "Invalid IP address: ${ADDRESS}"
93 return ${EXIT_CONF_ERROR}
94 fi
95
96 # Validate prefix
97 if ! ipv4_prefix_is_valid "${PREFIX}"; then
98 # This might be a netmask instead
99 local prefix_from_netmask="$(ipv4_netmask2prefix "${PREFIX}")"
100
101 if ! ipv4_prefix_is_valid "${prefix_from_netmask}"; then
102 PREFIX="${prefix_from_netmask}"
103 else
104 error "Invalid prefix or netmask: ${PREFIX}"
105 return ${EXIT_CONF_ERROR}
106 fi
107 fi
108 ;;
109
110 # Gateway
111 --gateway=*)
112 GATEWAY="$(cli_get_val "${1}")"
113
114 # Validate input
115 if isset GATEWAY && ! ip_is_valid "${GATEWAY}"; then
116 error "Invalid gateway IP address: ${GATEWAY}"
117 return ${EXIT_CONF_ERROR}
118 fi
119 ;;
120
121 *)
122 error "Invalid argument: ${1}"
123 return ${EXIT_CONF_ERROR}
124 ;;
125 esac
126 shift
127 done
128
129 # Check if an address has been set
130 if ! isset ADDRESS; then
131 error "No IP address provided"
132 return ${EXIT_CONF_ERROR}
133 fi
134
135 # Check if a prefix has been set
136 if ! isset PREFIX; then
137 error "No prefix provided"
138 return ${EXIT_CONF_ERROR}
139 fi
140
141 # More gateway validation
142 if isset GATEWAY; then
143 local gateway_protocol="$(ip_detect_protocol "${GATEWAY}")"
144
145 # Make sure that the prefix is of the same protocol version
146 if [ "${gateway_protocol}" != "${protocol}" ]; then
147 error "The gateway is of a wrong protocol: ${GATEWAY}"
148 return ${EXIT_CONF_ERROR}
149 fi
150
151 # Make IP address as short as possible
152 if [ "${gateway_protocol}" = "ipv6" ]; then
153 GATEWAY="$(ipv6_format "${GATEWAY}")"
154 fi
155 fi
156
157 # Check any conflicts
158 if zone_config_check_same_setting "${zone}" "static" "${id}" "ADDRESS" "${ADDRESS}"; then
159 error "A static configuration with the same address is already configured"
160 return ${EXIT_CONF_ERROR}
161 fi
162 }
163
164 hook_new() {
165 local zone="${1}"
166 shift
167
168 local id=$(zone_config_get_new_id ${zone})
169 log DEBUG "ID for the config is: ${id}"
170
171 if ! hook_parse_cmdline "${id}" "$@"; then
172 # Return an error if the parsing of the cmd line fails
173 return ${EXIT_ERROR}
174 fi
175
176 zone_config_settings_write "${zone}" "${HOOK}" "${id}"
177
178 exit ${EXIT_OK}
179 }
180
181 hook_up() {
182 local zone="${1}"
183 local config="${2}"
184 shift 2
185
186 # Check if the device exists
187 if ! device_exists ${zone}; then
188 error "Zone ${zone} doesn't exist"
189 return ${EXIT_ERROR}
190 fi
191
192 # Read configuration
193 if ! zone_config_settings_read "${zone}" "${config}"; then
194 error "Could not read configuration for ${zone} ${config}"
195 return ${EXIT_ERROR}
196 fi
197
198 # Add IP address to the interface
199 if ! ip_address_add "${zone}" "${ADDRESS}/${PREFIX}"; then
200 return ${EXIT_ERROR}
201 fi
202
203 local protocol="$(ip_detect_protocol "${ADDRESS}")"
204 assert isset protocol
205
206 db_set "${zone}/${protocol}/type" "${HOOK}"
207 db_set "${zone}/${protocol}/local-ip-address" "${ADDRESS}/${PREFIX}"
208 db_set "${zone}/${protocol}/remote-ip-address" "${GATEWAY}"
209 db_set "${zone}/${protocol}/active" 1
210
211 # Update routing tables
212 routing_update "${zone}" "${protocol}"
213 routing_default_update
214
215 exit ${EXIT_OK}
216 }
217
218 hook_down() {
219 local zone=${1}
220 local config=${2}
221 shift 2
222
223 if ! device_exists ${zone}; then
224 error "Zone ${zone} doesn't exist"
225 exit ${EXIT_ERROR}
226 fi
227
228 # Read configuration
229 if ! zone_config_settings_read "${zone}" "${config}"; then
230 return ${EXIT_ERRO}
231 fi
232
233 # Remove routing information from database
234 local protocol="$(ip_detect_protocol "${ADDRESS}")"
235 assert isset protocol
236 db_delete "${zone}/${protocol}"
237
238 # Remove the IP address
239 ip_address_del "${zone}" "${ADDRESS}/${PREFIX}"
240
241 # Update routing tables
242 routing_update "${zone}" "${protocol}"
243 routing_default_update
244
245 return ${EXIT_OK}
246 }
247
248 hook_status() {
249 local zone=${1}
250 local config=${2}
251 shift 2
252
253 if ! device_exists ${zone}; then
254 error "Zone ${zone} doesn't exist"
255 exit ${EXIT_ERROR}
256 fi
257
258 # Read configuration
259 if ! zone_config_settings_read "${zone}" "${config}"; then
260 return ${EXIT_ERROR}
261 fi
262
263 local status=${MSG_HOOK_UP}
264 if ! zone_has_ip "${zone}" "${ADDRESS}/${PREFIX}"; then
265 status=${MSG_HOOK_DOWN}
266 fi
267 cli_statusline 3 "${HOOK}" "${status}"
268
269 cli_print_fmt1 3 "IP Address" "${ADDRESS}/${PREFIX}"
270 if [ -n "${GATEWAY}" ]; then
271 cli_print_fmt1 3 "Gateway" "${GATEWAY}"
272 fi
273 cli_space
274
275 return ${EXIT_OK}
276 }
Networking code of IPFire 3.x.