2 ###############################################################################
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
20 ###############################################################################
22 .
/usr
/lib
/network
/header-zone
24 HOOK_MANPAGE
="network-zone-bridge"
26 HOOK_SETTINGS
="HOOK ADDRESS STP STP_FORWARD_DELAY STP_HELLO STP_MAXAGE"
27 HOOK_SETTINGS
="${HOOK_SETTINGS} STP_PRIORITY MTU"
29 HOOK_PORT_SETTINGS
="COST PRIORITY"
32 DEFAULT_STP_FORWARD_DELAY
=0
35 DEFAULT_STP_PRIORITY
=512
37 hook_check_settings
() {
39 assert isset MTU
&& assert mtu_is_valid
"ethernet" "${MTU}"
41 # Spanning Tree Protocol
43 assert isinteger STP_HELLO
44 assert isinteger STP_FORWARD_DELAY
45 assert isinteger STP_PRIORITY
48 hook_parse_cmdline
() {
49 while [ $# -gt 0 ]; do
52 ADDRESS
="$(cli_get_val "${1}")"
54 if ! mac_is_valid
"${ADDRESS}"; then
55 error
"Invalid MAC address: ${ADDRESS}"
61 MTU
="$(cli_get_val "${1}")"
63 if ! mtu_is_valid
"ethernet" "${MTU}"; then
64 error
"Invalid MTU: ${MTU}"
70 STP
="$(cli_get_val "${1}")"
74 elif disabled STP
; then
77 error
"Invalid value for STP: ${STP}"
82 --stp-forward-delay=*)
83 STP_FORWARD_DELAY
="$(cli_get_val "${1}")"
85 if ! isinteger STP_FORWARD_DELAY
; then
86 error
"Invalid STP forwarding delay: ${STP_FORWARD_DELAY}"
92 STP_HELLO
="$(cli_get_val "${1}")"
94 if ! isinteger STP_HELLO
; then
95 error
"Invalid STP hello time: ${STP_HELLO}"
101 STP_MAXAGE
="$(cli_get_val "${1}")"
103 if ! isinteger STP_MAXAGE
; then
104 error
"Invalid STP max age: ${STP_MAXAGE}"
110 STP_PRIORITY
="$(cli_get_val "${1}")"
112 if ! isinteger STP_PRIORITY
; then
113 error
"Invalid STP priority: ${STP_PRIORITY}"
119 error
"Unknown argument: ${1}"
126 # Generate a random MAC address if the user passed no one
127 if ! isset ADDRESS
; then
128 ADDRESS
="$(mac_generate)"
131 # Enable Spanning Tree Protocol by default
136 # Set all other defaults
146 zone_settings_read
"${zone}"
148 # Create the bridge if it does not already exist.
149 if ! device_exists
"${zone}"; then
150 bridge_create
"${zone}" \
151 --address="${ADDRESS}" \
159 if isset STP_FORWARD_DELAY
; then
160 stp_bridge_set_forward_delay
"${zone}" "${STP_FORWARD_DELAY}"
163 if isset STP_HELLO
; then
164 stp_bridge_set_hello_time
"${zone}" "${STP_HELLO}"
167 if isset STP_MAXAGE
; then
168 stp_bridge_set_max_age
"${zone}" "${STP_MAXAGE}"
171 if isset STP_PRIORITY
; then
172 stp_bridge_set_priority
"${zone}" "${STP_PRIORITY}"
175 stp_disable
"${zone}"
178 device_set_up
"${zone}"
180 # XXX Currently, there is a bug (in the linux kernel?) that we need to
181 # set our bridges to promisc mode.
182 device_set_promisc
"${zone}" on
184 # Bring up all configurations
185 zone_configs_up
"${zone}"
194 if ! device_is_up
"${zone}"; then
195 warning
"Zone '${zone}' is not up"
199 # Stop all the configs.
200 zone_configs_down
"${zone}"
202 # Bring down all the ports.
203 zone_ports_down
"${zone}"
204 zone_ports_remove
"${zone}"
207 device_set_down
"${zone}"
208 bridge_delete
"${zone}"
217 # Print the default header.
218 cli_device_headline
"${zone}"
220 # Exit if zone is down
221 if ! zone_is_up
"${zone}"; then
226 cli_headline
2 "Spanning Tree Protocol information"
227 if stp_is_enabled
"${zone}"; then
228 cli_print_fmt1
2 "ID" "$(stp_bridge_get_id ${zone})"
229 cli_print_fmt1
2 "Priority" "$(stp_bridge_get_priority ${zone})"
231 if stp_bridge_is_root
${zone}; then
232 cli_print
2 "This bridge is root."
234 cli_print_fmt1
2 "Designated root" \
235 "$(stp_bridge_get_designated_root ${zone})"
236 cli_print_fmt1
2 "Root path cost" \
237 "$(stp_bridge_get_root_path_cost ${zone})"
241 # Topology information
242 cli_print_fmt1
2 "Topology changing" \
243 "$(stp_bridge_get_topology_change_detected ${zone})"
244 cli_print_fmt1
2 "Topology change time" \
245 "$(beautify_time $(stp_bridge_get_topology_change_timer ${zone}))"
246 cli_print_fmt1
2 "Topology change count" \
247 "$(stp_bridge_get_topology_change_count ${zone})"
250 cli_print
2 "Disabled"
254 cli_headline
2 "Ports"
255 zone_ports_status
"${zone}"
258 cli_headline
2 "Configurations"
259 zone_configs_cmd status
"${zone}"
269 case "$(hotplug_action)" in
271 # Attach all ports when zone is coming up
272 if hotplug_event_interface_is_zone
"${zone}"; then
275 for port
in $
(zone_get_ports
"${zone}"); do
276 log DEBUG
"Trying to attach port ${port} to ${zone}"
278 hook_port_up
"${zone}" "${port}"
281 # Handle ports of this zone that have just been added
282 elif hotplug_event_interface_is_port_of_zone
"${zone}"; then
283 # Attach the device if the parent bridge is up
284 if zone_is_active
"${zone}"; then
285 hook_port_up
"${zone}" "${INTERFACE}"
291 if hotplug_event_interface_is_zone
"${zone}"; then
292 # Bring down/destroy all ports
294 for port
in $
(zone_get_ports
"${zone}"); do
295 log DEBUG
"Trying to detach port ${port} from ${zone}"
297 hook_port_down
"${zone}" "${port}"
300 # Handle ports of this zone that have just been removed
301 elif hotplug_event_interface_is_port_of_zone
"${zone}"; then
302 hook_port_down
"${zone}" "${INTERFACE}"
307 exit ${EXIT_NOT_HANDLED}
314 hook_check_port_settings
() {
316 assert isinteger COST
319 if isset PRIORITY
; then
320 assert isinteger PRIORITY
325 # Excepting at least two arguments here
332 if zone_has_port
"${zone}" "${port}"; then
333 zone_port_settings_read
"${zone}" "${port}"
341 COST
="$(cli_get_val "${arg}")"
344 PRIORITY
="$(cli_get_val "${arg}")"
347 done <<< "$(args "$@
")"
349 if ! zone_port_settings_write
"${zone}" "${port}"; then
362 # Shut down the port (if possible)
365 if ! zone_port_settings_remove
"${zone}" "${port}"; then
373 hook_port_attach
"$@"
382 # Try bringing up the port if it has not been
384 # We will get here as soon as the port device has
385 # been created and will then connect it with the bridge.
386 if ! device_exists
"${port}"; then
387 port_create
"${port}"
392 # Read configuration values
393 zone_port_settings_read
"${zone}" "${port}" ${HOOK_PORT_SETTINGS}
395 # Make sure that the port is up
398 # Attach the port to the bridge
399 bridge_attach_device "${zone}" "${port}"
401 # Set STP configuration
403 stp_port_set_cost "${zone}" "${port}" "${COST}"
406 if isset PRIORITY; then
407 stp_port_set_priority "${zone}" "${port}" "${PRIORITY}"
419 if device_exists "${port}"; then
420 bridge_detach_device "${zone}" "${port}"
434 # Do nothing for devices which are not up and running.
435 device_exists "${port}" || exit ${EXIT_OK}
439 # Check if the device is down.
440 if ! device_is_up "${port}"; then
441 status="${MSG_DEVICE_STATUS_DOWN}"
443 # Check if the device has no carrier.
444 elif ! device_has_carrier "${port}"; then
445 status="${MSG_DEVICE_STATUS_NOCARRIER}"
447 # Check for STP information.
448 elif stp_is_enabled "${zone}"; then
449 local state="$
(stp_port_get_state
"${zone}" "${port}")"
450 state="MSG_STP_
${state}"
453 status="${status} - DSR: $(stp_port_get_designated_root "${zone}" "${port}")"
454 status
="${status} - Cost: $(stp_port_get_cost "${zone}" "${port}")"
456 status="${MSG_DEVICE_STATUS_UP}"
458 cli_statusline 3 "${port}" "${status}"