hooks: Use cli_get_bool convenience function where ever possible
[people/ms/network.git] / src / hooks / ports / wireless-ap
1 #!/bin/bash
2 ###############################################################################
3 #                                                                             #
4 # IPFire.org - A linux based firewall                                         #
5 # Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
6 #                                                                             #
7 # This program is free software: you can redistribute it and/or modify        #
8 # it under the terms of the GNU General Public License as published by        #
9 # the Free Software Foundation, either version 3 of the License, or           #
10 # (at your option) any later version.                                         #
11 #                                                                             #
12 # This program is distributed in the hope that it will be useful,             #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of              #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
15 # GNU General Public License for more details.                                #
16 #                                                                             #
17 # You should have received a copy of the GNU General Public License           #
18 # along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
19 #                                                                             #
20 ###############################################################################
21
22 . /usr/lib/network/header-port
23
24 HOOK_PORT_PATTERN="${PORT_PATTERN_ACCESSPOINT}"
25
26 HOOK_SETTINGS=(
27         "ADDRESS"
28         "BROADCAST_SSID"
29         "CHANNEL"
30         "CHANNEL_BANDWIDTH"
31         "DFS"
32         "ENVIRONMENT"
33         "MFP"
34         "MODE"
35         "PHY"
36         "SECRET"
37         "SSID"
38         "WPA3_PERSONAL"
39         "WPA2_PERSONAL"
40 )
41
42 # Disable WPA3+2 by default
43 DEFAULT_WPA3_PERSONAL="off"
44 DEFAULT_WPA2_PERSONAL="off"
45
46 # Broadcast SSID by default
47 DEFAULT_BROADCAST_SSID="on"
48
49 # Perform radar detection by default when possible
50 DEFAULT_DFS="on"
51
52 # 802.11w - Management Frame Protection
53 DEFAULT_MFP="on"
54
55 DEFAULT_ENVIRONMENT="${WIRELESS_DEFAULT_ENVIRONMENT}"
56
57 hook_check_settings() {
58         assert isset ADDRESS
59         assert ismac ADDRESS
60         assert isset BROADCAST_SSID
61         assert isbool BROADCAST_SSID
62         assert isset CHANNEL
63         assert isbool DFS
64         assert isbool MFP
65         assert isset MODE
66         assert isoneof MODE ${HOSTAPD_SUPPORTED_MODES}
67         assert isset PHY
68         assert ismac PHY
69         assert isset SSID
70
71         assert wireless_environment_is_valid "${ENVIRONMENT}"
72 }
73
74 hook_parse_cmdline() {
75         while [ $# -gt 0 ]; do
76                 case "${1}" in
77                         --broadcast-ssid=*)
78                                 BROADCAST_SSID=$(cli_get_val "${1}")
79                                 ;;
80                         --channel=*)
81                                 CHANNEL=$(cli_get_val "${1}")
82                                 ;;
83                         --channel-bandwidth=*)
84                                 CHANNEL_BANDWIDTH="$(cli_get_val "${1}")"
85                                 ;;
86                         --dfs=*)
87                                 DFS="$(cli_get_bool "${1}")"
88                                 ;;
89                         --environment=*)
90                                 ENVIRONMENT="$(cli_get_val "${1}")"
91
92                                 if ! wireless_environment_is_valid "${ENVIRONMENT}"; then
93                                         error "Invalid wireless environment: ${ENVIRONMENT}"
94                                         return ${EXIT_ERROR}
95                                 fi
96                                 ;;
97                         --mac=*)
98                                 ADDRESS=$(cli_get_val "${1}")
99                                 ;;
100                         --mfp=*)
101                                 MFP="$(cli_get_bool "${1}")"
102                                 ;;
103                         --mode=*)
104                                 MODE=$(cli_get_val "${1}")
105
106                                 if ! isoneof MODE ${HOSTAPD_SUPPORTED_MODES}; then
107                                         error "Unsupported mode: ${MODE}"
108                                         error "Mode must be one of ${HOSTAPD_SUPPORTED_MODES}"
109                                         return ${EXIT_ERROR}
110                                 fi
111                                 ;;
112                         --phy=*)
113                                 PHY=$(cli_get_val "${1}")
114                                 ;;
115                         --secret=*)
116                                 SECRET="$(cli_get_val "${1}")"
117                                 ;;
118                         --ssid=*)
119                                 SSID=$(cli_get_val "${1}")
120                                 ;;
121                         --wpa2-personal=*)
122                                 WPA2_PERSONAL="$(cli_get_bool "${1}")"
123                                 ;;
124                         --wpa3-personal=*)
125                                 WPA3_PERSONAL="$(cli_get_bool "${1}")"
126                                 ;;
127                         *)
128                                 warning "Ignoring unknown argument '${1}'"
129                                 ;;
130                 esac
131                 shift
132         done
133
134         # Generate a random MAC address if none is set
135         if ! isset ADDRESS; then
136                 ADDRESS="$(mac_generate)"
137         fi
138
139         # MODE must be set
140         if ! isset MODE; then
141                 error "--mode is not set"
142                 return ${EXIT_ERROR}
143         fi
144
145         # Automatically enable ACS if no channel is set and ACS is available
146         if ! isset CHANNEL && phy_supports_acs "${PHY}"; then
147                 CHANNEL="0"
148
149                 log INFO "Automatic Channel Selection (ACS) enabled"
150         fi
151
152         # Channel bandwidth must match the mode
153         if isset CHANNEL_BANDWIDTH && ! wireless_channel_bandwidth_is_valid "${MODE}" "${CHANNEL_BANDWIDTH}"; then
154                 error "Channel Bandwidth '${CHANNEL_BANDWIDTH}' is not supported for ${MODE}"
155                 return ${EXIT_ERROR}
156         fi
157
158         # Check if SECRET is set when WPA* is enabled
159         if ! isset SECRET && (enabled WPA3_PERSONAL || enabled WPA2_PERSONAL); then
160                 error "Secret is not set when PSK authentication is enabled"
161                 return ${EXIT_ERROR}
162         fi
163
164         # Save address of phy do identify it again
165         PHY=$(phy_get ${PHY})
166         PHY=$(phy_get_address ${PHY})
167 }
168
169 hook_edit() {
170         local port=${1}
171         assert isset port
172
173         if ! hook_default_edit "$@"; then
174                 return ${EXIT_ERROR}
175         fi
176
177         # To apply all changes, we need to restart the port
178         port_restart "${port}"
179 }
180
181 hook_create() {
182         local port="${1}"
183         assert isset port
184
185         device_exists "${port}" && exit ${EXIT_OK}
186
187         port_settings_read "${port}"
188
189         # Check if the PHY is present.
190         local phy=$(phy_get ${PHY})
191         if ! isset phy; then
192                 log DEBUG "phy '${PHY}' is not present"
193                 exit ${EXIT_ERROR}
194         fi
195
196         # Create the wireless device
197         wireless_create "${port}" \
198                 --phy="${phy}" \
199                 --type="ap" \
200                 --address="${ADDRESS}"
201
202         exit ${EXIT_OK}
203 }
204
205 hook_remove() {
206         local port="${1}"
207         assert isset port
208
209         # Remove the device if present
210         if device_exists "${port}"; then
211                 wireless_remove "${port}"
212         fi
213
214         exit ${EXIT_OK}
215 }
216
217 hook_up() {
218         local port="${1}"
219         assert isset port
220
221         # The port must already exist before
222         # hostapd is started. Otherwise it will
223         # fail horribly over and over again.
224         assert device_exists "${port}"
225
226         hostapd_start "${port}"
227 }
228
229 hook_down() {
230         local port="${1}"
231         assert isset port
232
233         hostapd_stop "${port}"
234 }
235
236 hook_hotplug() {
237         local port="${1}"
238         assert isset port
239
240         case "$(hotplug_action)" in
241                 add)
242                         # Create the port when the phy is plugged in
243                         if hotplug_event_port_uses_phy "${port}"; then
244                                 hook_create "${port}"
245                         fi
246                         ;;
247
248                 remove)
249                         # Stop hostapd
250                         if hotplug_event_port_is_interface "${port}"; then
251                                 hostapd_stop "${port}"
252
253                                 exit ${EXIT_OK}
254                         fi
255                         ;;
256         esac
257
258         exit ${EXIT_NOT_HANDLED}
259 }