2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 .
/usr
/lib
/network
/header-config
24 HOOK_CONFIG_SETTINGS
="HOOK ADDRESS PREFIX GATEWAY"
26 hook_check_config_settings
() {
27 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
31 assert ipv6_is_valid
"${ADDRESS}"
32 assert ipv6_prefix_is_valid
"${PREFIX}"
34 isset GATEWAY
&& assert ipv6_is_valid
"${GATEWAY}"
38 assert ipv4_is_valid
"${ADDRESS}"
39 assert ipv4_prefix_is_valid
"${PREFIX}"
41 isset GATEWAY
&& assert ipv4_is_valid
"${GATEWAY}"
45 error
"Could not determine protocol: ${protocol}"
46 return ${EXIT_CONF_ERROR}
53 hook_parse_cmdline
() {
58 while [ $# -gt 0 ]; do
64 ADDRESS
="$(ip_split_prefix "${1}")"
65 PREFIX
="$(ip_get_prefix "${1}")"
68 if ! ipv6_is_valid
"${ADDRESS}"; then
69 error
"Invalid IP address: ${ADDRESS}"
70 return ${EXIT_CONF_ERROR}
74 if ! ipv6_prefix_is_valid
"${PREFIX}"; then
75 error
"Invalid prefix: ${PREFIX}"
76 return ${EXIT_CONF_ERROR}
79 # Store the IPv6 address in its shortest format
80 ADDRESS
="$(ipv6_format "${ADDRESS}")"
87 ADDRESS
="$(ip_split_prefix "${1}")"
88 PREFIX
="$(ip_get_prefix "${1}")"
91 if ! ipv4_is_valid
"${ADDRESS}"; then
92 error
"Invalid IP address: ${ADDRESS}"
93 return ${EXIT_CONF_ERROR}
97 if ! ipv4_prefix_is_valid
"${PREFIX}"; then
98 # This might be a netmask instead
99 local prefix_from_netmask
="$(ipv4_netmask2prefix "${PREFIX}")"
101 if ! ipv4_prefix_is_valid
"${prefix_from_netmask}"; then
102 PREFIX
="${prefix_from_netmask}"
104 error
"Invalid prefix or netmask: ${PREFIX}"
105 return ${EXIT_CONF_ERROR}
112 GATEWAY
="$(cli_get_val "${1}")"
115 if isset GATEWAY
&& ! ip_is_valid
"${GATEWAY}"; then
116 error
"Invalid gateway IP address: ${GATEWAY}"
117 return ${EXIT_CONF_ERROR}
122 error
"Invalid argument: ${1}"
123 return ${EXIT_CONF_ERROR}
129 # Check if an address has been set
130 if ! isset ADDRESS
; then
131 error
"No IP address provided"
132 return ${EXIT_CONF_ERROR}
135 # Check if a prefix has been set
136 if ! isset PREFIX
; then
137 error
"No prefix provided"
138 return ${EXIT_CONF_ERROR}
141 # More gateway validation
142 if isset GATEWAY
; then
143 local gateway_protocol
="$(ip_detect_protocol "${GATEWAY}")"
145 # Make sure that the prefix is of the same protocol version
146 if [ "${gateway_protocol}" != "${protocol}" ]; then
147 error
"The gateway is of a wrong protocol: ${GATEWAY}"
148 return ${EXIT_CONF_ERROR}
151 # Make IP address as short as possible
152 if [ "${gateway_protocol}" = "ipv6" ]; then
153 GATEWAY
="$(ipv6_format "${GATEWAY}")"
157 # Check any conflicts
158 if zone_config_check_same_setting
"${zone}" "static" "${id}" "ADDRESS" "${ADDRESS}"; then
159 error
"A static configuration with the same address is already configured"
160 return ${EXIT_CONF_ERROR}
168 local id
=$
(zone_config_get_new_id
${zone})
169 log DEBUG
"ID for the config is: ${id}"
171 if ! hook_parse_cmdline
"${id}" "$@"; then
172 # Return an error if the parsing of the cmd line fails
176 zone_config_settings_write
"${zone}" "${HOOK}" "${id}"
186 # Check if the device exists
187 if ! device_exists
${zone}; then
188 error
"Zone ${zone} doesn't exist"
193 if ! zone_config_settings_read
"${zone}" "${config}"; then
194 error
"Could not read configuration for ${zone} ${config}"
198 # Add IP address to the interface
199 if ! ip_address_add
"${zone}" "${ADDRESS}/${PREFIX}"; then
203 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
204 assert isset protocol
206 db_set
"${zone}/${protocol}/type" "${HOOK}"
207 db_set
"${zone}/${protocol}/local-ip-address" "${ADDRESS}/${PREFIX}"
208 db_set
"${zone}/${protocol}/remote-ip-address" "${GATEWAY}"
209 db_set
"${zone}/${protocol}/active" 1
211 # Update routing tables
212 routing_update
"${zone}" "${protocol}"
213 routing_default_update
223 if ! device_exists
${zone}; then
224 error
"Zone ${zone} doesn't exist"
229 if ! zone_config_settings_read
"${zone}" "${config}"; then
233 # Remove routing information from database
234 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
235 assert isset protocol
236 db_delete
"${zone}/${protocol}"
238 # Remove the IP address
239 ip_address_del
"${zone}" "${ADDRESS}/${PREFIX}"
241 # Update routing tables
242 routing_update
"${zone}" "${protocol}"
243 routing_default_update
253 if ! device_exists
${zone}; then
254 error
"Zone ${zone} doesn't exist"
259 if ! zone_config_settings_read
"${zone}" "${config}"; then
263 local status
=${MSG_HOOK_UP}
264 if ! zone_has_ip
"${zone}" "${ADDRESS}/${PREFIX}"; then
265 status
=${MSG_HOOK_DOWN}
267 cli_statusline
3 "${HOOK}" "${status}"
269 cli_print_fmt1
3 "IP Address" "${ADDRESS}/${PREFIX}"
270 if [ -n "${GATEWAY}" ]; then
271 cli_print_fmt1
3 "Gateway" "${GATEWAY}"