2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 .
/usr
/lib
/network
/header-config
30 hook_check_config_settings
() {
31 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
35 assert ipv6_is_valid
"${ADDRESS}"
36 assert ipv6_prefix_is_valid
"${PREFIX}"
38 isset GATEWAY
&& assert ipv6_is_valid
"${GATEWAY}"
42 assert ipv4_is_valid
"${ADDRESS}"
43 assert ipv4_prefix_is_valid
"${PREFIX}"
45 isset GATEWAY
&& assert ipv4_is_valid
"${GATEWAY}"
49 error
"Could not determine protocol: ${protocol}"
50 return ${EXIT_CONF_ERROR}
57 hook_parse_cmdline
() {
62 while [ $# -gt 0 ]; do
68 ADDRESS
="$(ip_split_prefix "${1}")"
69 PREFIX
="$(ip_get_prefix "${1}")"
72 if ! ipv6_is_valid
"${ADDRESS}"; then
73 error
"Invalid IP address: ${ADDRESS}"
74 return ${EXIT_CONF_ERROR}
78 if ! ipv6_prefix_is_valid
"${PREFIX}"; then
79 error
"Invalid prefix: ${PREFIX}"
80 return ${EXIT_CONF_ERROR}
83 # Store the IPv6 address in its shortest format
84 ADDRESS
="$(ipv6_format "${ADDRESS}")"
91 ADDRESS
="$(ip_split_prefix "${1}")"
92 PREFIX
="$(ip_get_prefix "${1}")"
95 if ! ipv4_is_valid
"${ADDRESS}"; then
96 error
"Invalid IP address: ${ADDRESS}"
97 return ${EXIT_CONF_ERROR}
101 if ! ipv4_prefix_is_valid
"${PREFIX}"; then
102 # This might be a netmask instead
103 local prefix_from_netmask
="$(ipv4_netmask2prefix "${PREFIX}")"
105 if ! ipv4_prefix_is_valid
"${prefix_from_netmask}"; then
106 PREFIX
="${prefix_from_netmask}"
108 error
"Invalid prefix or netmask: ${PREFIX}"
109 return ${EXIT_CONF_ERROR}
116 GATEWAY
="$(cli_get_val "${1}")"
119 if isset GATEWAY
&& ! ip_is_valid
"${GATEWAY}"; then
120 error
"Invalid gateway IP address: ${GATEWAY}"
121 return ${EXIT_CONF_ERROR}
126 error
"Invalid argument: ${1}"
127 return ${EXIT_CONF_ERROR}
133 # Check if an address has been set
134 if ! isset ADDRESS
; then
135 error
"No IP address provided"
136 return ${EXIT_CONF_ERROR}
139 # Check if a prefix has been set
140 if ! isset PREFIX
; then
141 error
"No prefix provided"
142 return ${EXIT_CONF_ERROR}
145 # More gateway validation
146 if isset GATEWAY
; then
147 local gateway_protocol
="$(ip_detect_protocol "${GATEWAY}")"
149 # Make sure that the prefix is of the same protocol version
150 if [ "${gateway_protocol}" != "${protocol}" ]; then
151 error
"The gateway is of a wrong protocol: ${GATEWAY}"
152 return ${EXIT_CONF_ERROR}
155 # Make IP address as short as possible
156 if [ "${gateway_protocol}" = "ipv6" ]; then
157 GATEWAY
="$(ipv6_format "${GATEWAY}")"
161 # Check any conflicts
162 if zone_config_check_same_setting
"${zone}" "static" "${id}" "ADDRESS" "${ADDRESS}"; then
163 error
"A static configuration with the same address is already configured"
164 return ${EXIT_CONF_ERROR}
172 local id
=$
(zone_config_get_new_id
${zone})
173 log DEBUG
"ID for the config is: ${id}"
175 if ! hook_parse_cmdline
"${id}" "$@"; then
176 # Return an error if the parsing of the cmd line fails
180 zone_config_settings_write
"${zone}" "${HOOK}" "${id}"
190 # Check if the device exists
191 if ! device_exists
${zone}; then
192 error
"Zone ${zone} doesn't exist"
197 if ! zone_config_settings_read
"${zone}" "${config}"; then
198 error
"Could not read configuration for ${zone} ${config}"
202 # Add IP address to the interface
203 if ! ip_address_add
"${zone}" "${ADDRESS}/${PREFIX}"; then
207 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
208 assert isset protocol
210 db_set
"${zone}/${protocol}/type" "${HOOK}"
211 db_set
"${zone}/${protocol}/local-ip-address" "${ADDRESS}/${PREFIX}"
212 db_set
"${zone}/${protocol}/remote-ip-address" "${GATEWAY}"
213 db_set
"${zone}/${protocol}/active" 1
215 # Update routing tables
216 routing_update
"${zone}" "${protocol}"
217 routing_default_update
227 if ! device_exists
${zone}; then
228 error
"Zone ${zone} doesn't exist"
233 if ! zone_config_settings_read
"${zone}" "${config}"; then
237 # Remove routing information from database
238 local protocol
="$(ip_detect_protocol "${ADDRESS}")"
239 assert isset protocol
240 db_delete
"${zone}/${protocol}"
242 # Remove the IP address
243 ip_address_del
"${zone}" "${ADDRESS}/${PREFIX}"
245 # Update routing tables
246 routing_update
"${zone}" "${protocol}"
247 routing_default_update
257 if ! device_exists
${zone}; then
258 error
"Zone ${zone} doesn't exist"
263 if ! zone_config_settings_read
"${zone}" "${config}"; then
267 local status
=${MSG_HOOK_UP}
268 if ! zone_has_ip
"${zone}" "${ADDRESS}/${PREFIX}"; then
269 status
=${MSG_HOOK_DOWN}
271 cli_statusline
3 "${HOOK}" "${status}"
273 cli_print_fmt1
3 "IP Address" "${ADDRESS}/${PREFIX}"
274 if [ -n "${GATEWAY}" ]; then
275 cli_print_fmt1
3 "Gateway" "${GATEWAY}"