The project has announced that it will be shut down.
The aiccu technology is not used by anybody else AFAIK
hence we can drop this.
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/functions/functions.in
dist_network_SCRIPTS = \
- src/functions/functions.aiccu \
src/functions/functions.at \
src/functions/functions.auth \
src/functions/functions.batman-adv \
src/ppp/pppoe-server
dist_helpers_SCRIPTS = \
- src/helpers/aiccu \
- src/helpers/aiccu-config-helper \
src/helpers/bridge-stp \
src/helpers/dhcpd-config-helper \
src/helpers/firewall-kernel-init \
dist_hooks_zones_SCRIPTS = \
src/hooks/zones/6rd \
src/hooks/zones/6to4-tunnel \
- src/hooks/zones/aiccu \
src/hooks/zones/bridge \
src/hooks/zones/modem \
src/hooks/zones/pppoe \
man/network-zone.8 \
man/network-zone-6rd.8 \
man/network-zone-6to4-tunnel.8 \
- man/network-zone-aiccu.8 \
man/network-zone-bridge.8 \
man/network-zone-config-pppoe-server.8 \
man/network-zone-modem.8 \
+++ /dev/null
-<?xml version="1.0"?>
-<!DOCTYPE refentry PUBLIC "-//OASIS/DTD DocBook XML V4.2//EN"
- "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-
-<refentry id="network-zone-aiccu">
- <refentryinfo>
- <title>network-zone-aiccu</title>
- <productname>network</productname>
-
- <authorgroup>
- <author>
- <contrib>Developer</contrib>
- <firstname>Stefan</firstname>
- <surname>Schantl</surname>
- <email>stefan.schantl@ipfire.org</email>
- </author>
- </authorgroup>
- </refentryinfo>
-
- <refmeta>
- <refentrytitle>network-zone-aiccu</refentrytitle>
- <manvolnum>8</manvolnum>
- </refmeta>
-
- <refnamediv>
- <refname>network-zone-aiccu</refname>
- <refpurpose>Network Configuration Control Program</refpurpose>
- </refnamediv>
-
- <refsynopsisdiv>
- <cmdsynopsis>
- <command>network zone new <replaceable>ZONE</replaceable> aiccu ...</command>
- </cmdsynopsis>
-
- <cmdsynopsis>
- <command>network zone <replaceable>ZONE</replaceable> edit ...</command>
- </cmdsynopsis>
- </refsynopsisdiv>
-
- <refsect1>
- <title>Description</title>
-
- <para>
- The aiccu hook is used to create IPv6 tunnels over IPv4 networks
- when the provider does not provide native IPv6.
- </para>
- </refsect1>
-
- <refsect1>
- <title>Options</title>
-
- <para>
- The following options are understood:
- </para>
-
- <variablelist>
- <varlistentry>
- <term>
- <option>--username=<replaceable>USERNAME</replaceable></option>
- </term>
-
- <listitem>
- <para>
- The username of your account from the tunnel brocker.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>
- <option>--password=<replaceable>PASSWORD</replaceable></option>
- </term>
-
- <listitem>
- <para>
- The password of your account from the tunnel brocker.
- </para>
- </listitem>
- </varlistentry>
- </variablelist>
-
- <para>
- Optional arguments, that can be used with aiccu.
- </para>
-
- <variablelist>
- <varlistentry>
- <term>
- <option>--server=<replaceable>STRING</replaceable></option>
- </term>
-
- <listitem>
- <para>
- The configuration server to use for setting up the tunnel.
- </para>
-
- <para>
- This option has to be set to the configuration server of your
- tunnel brocker. Defaults to <emphasis>tic.sixxs.net</emphasis>.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>
- <option>--protocol=<replaceable>[<emphasis>tic</emphasis>|tsp|l2tp]</replaceable></option>
- </term>
-
- <listitem>
- <para>
- The used protocol to setup the tunnel.
- </para>
-
- <para>
- TIC is the Tunnel Information and Control protocol. It provides information
- about tunnels and the ability to control the details of a tunnel to TIC clients.
- </para>
-
- <para>
- The Tunnel Setup Protocol (TSP) is used to negotiate IP tunnel setup parameters
- between a tunnel client and a tunnel broker server.
- </para>
-
- <para>
- Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual
- private networks (VPNs) or as part of the delivery of services by ISPs.
- </para>
-
- <para>
- This option defaults to <emphasis>tic</emphasis> and have
- to be changed if your tunnel brocker does not support that.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>
- <option>--tunnel-id=<replaceable>N</replaceable></option>
- </term>
-
- <listitem>
- <para>
- The ID of this tunnel, given to you by your tunnel brocker.
- </para>
-
- <para>
- This option is only required when multiple tunnels have been requested.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term>
- <option>--require-tls=[<emphasis>true</emphasis>|false]</option>
- </term>
-
- <listitem>
- <para>
- Use STARTTLS to secure the connection to the configuration server.
- </para>
-
- <para>
- When set to true and the server does not support TLS, the transaction
- will fail. When set to false, it also tries a STARTTLS, but if this is
- not supported by the server, aiccu will continue and send the user and
- password information as plain text.
- </para>
- </listitem>
- </varlistentry>
-
- </variablelist>
- </refsect1>
-
- <refsect1>
- <title>See Also</title>
-
- <para>
- <citerefentry>
- <refentrytitle>network</refentrytitle>
- <manvolnum>8</manvolnum>
- </citerefentry>,
- <citerefentry>
- <refentrytitle>network-zone</refentrytitle>
- <manvolnum>8</manvolnum>
- </citerefentry>
- </para>
- </refsect1>
-</refentry>
+++ /dev/null
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2013 IPFire Network Development Team #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-# Define protocols which are supported by aiccu.
-AICCU_SUPPORTED_PROTOCOLS="tic tsp l2tp"
-
-aiccu_start() {
- local device=${1}
- assert isset device
-
- # Tell systemd to start aiccu on this device.
- service_start "aiccu@${device}.service"
- local ret=$?
-
- if [ ${ret} -eq ${EXIT_OK} ]; then
- log DEBUG "aiccu was successfully started on '${device}'."
- else
- log ERROR "Could not start aiccu properly on '${device}': ${ret}"
- return ${EXIT_ERROR}
- fi
-
- return ${EXIT_OK}
-}
-
-aiccu_stop() {
- local device=${1}
- assert isset device
-
- # Tell sysemd to stop aiccu on this device.
- service_stop "aiccu@${device}.service"
-}
-
-aiccu_write_config() {
- local device=${1}
- local file=${2}
- shift 2
-
- assert isset device
- assert isset file
-
- local username
- local password
- local server
- local protocol="tic"
- local tunnel_id
- local require_tls
-
- while [ $# -gt 0 ]; do
- case "${1}" in
- --username=*)
- username="$(cli_get_val ${1})"
- ;;
- --password=*)
- password="$(cli_get_val ${1})"
- ;;
- --server=*)
- server="$(cli_get_val ${1})"
- ;;
- --protocol=*)
- protocol="$(cli_get_val ${1})"
- ;;
- --tunnel-id=*)
- tunnel_id="$(cli_get_val ${1})"
- ;;
- --require-tls=*)
- require_tls="$(cli_get_val ${1})"
-
- if enabled val; then
- require_tls="true"
- else
- require_tls="false"
- fi
- ;;
- esac
- shift
- done
-
- assert isset username
- assert isset password
- assert isset server
- assert isset protocol
- assert isset require_tls
- assert isoneof protocol ${AICCU_SUPPORTED_PROTOCOLS}
-
- # Write configuration file header.
- config_header "aiccu configuration file for ${zone}" > ${file}
-
- (
- print "# Server info"
- print "server ${server}"
- print "protocol ${protocol}"
- print
-
- if isset tunnel_id; then
- print "# Tunnel ID"
- print "tunnel_id ${tunnel_id}"
- print
- fi
-
- print "# Credentials"
- print "username ${username}"
- print "password ${password}"
- print
-
- print "ipv6_interface ${device}"
- print "setupscript /usr/lib/network/helpers/aiccu"
- print
-
- print "# Security"
- print "requiretls ${require_tls}"
- print
-
- # Misc.
- print "defaultroute false"
- print "verbose true"
- print "daemonize false"
- print "automatic true"
- ) >> ${file}
-
- return ${EXIT_OK}
-}
+++ /dev/null
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2015 IPFire Network Development Team #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-. /usr/lib/network/functions
-
-# Read network settings
-network_settings_read
-
-assert isset ACTION
-assert isset INTERFACE
-
-case "${ACTION}" in
- up)
- db_set "${INTERFACE}/ipv6/local-ip-address" "${LOCAL_ADDRESS}"
- db_set "${INTERFACE}/ipv6/remote-ip-address" "${REMOTE_ADDRESS}"
- db_set "${INTERFACE}/ipv6/active" "1"
- db_set "${INTERFACE}/ipv6/mtu" "${MTU}"
-
- # Refresh routing
- routing_update "${INTERFACE}" ipv6
- routing_default_update
- ;;
-
- down)
- db_delete "${INTERFACE}/ipv6"
-
- # Refresh routing
- routing_update "${INTERFACE}" ipv6
- routing_default_update
- ;;
-
- *)
- log ERROR "Unhandled action called: ${ACTION}"
- exit ${EXIT_ERROR}
- ;;
-esac
-
-exit ${EXIT_OK}
+++ /dev/null
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2013 IPFire Network Development Team #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-. /usr/lib/network/functions
-
-# Read network settings
-network_settings_read
-
-action="${1}"
-assert isset action
-
-zone="${2}"
-assert isset zone
-assert zone_exists ${zone}
-
-config_file="${RUN_DIR}/${zone}/aiccu.conf"
-
-case "${action}" in
- create)
- # Create the configuration file for this zone.
- zone_settings_read "${zone}"
-
- config_dir="$(dirname ${config_file})"
- mkdir -p ${config_dir}
-
- aiccu_write_config ${zone} ${config_file} \
- --server="${SERVER}" \
- --protocol="${PROTOCOL}" \
- --username="${USERNAME}" \
- --password="${PASSWORD}" \
- --tunnel-id="${TUNNEL_ID}" \
- --require-tls="${REQUIRE_TLS}"
- ;;
-
- remove)
- rm -f ${config_file}
- ;;
-
- *)
- log ERROR "Unknown action passed: ${action}"
- exit ${EXIT_ERROR}
- ;;
-esac
-
-exit ${EXIT_OK}
+++ /dev/null
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2013 IPFire Network Development Team #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-. /usr/lib/network/header-zone
-
-HOOK_SETTINGS="HOOK PASSWORD PROTOCOL REQUIRE_TLS USERNAME SERVER TUNNEL_ID"
-
-USERNAME=
-PASSWORD=
-SERVER="tic.sixxs.net"
-PROTOCOL="tic"
-TUNNEL_ID=
-REQUIRE_TLS="true"
-
-hook_check_settings() {
- assert isset USERNAME
- assert isset PASSWORD
- assert isset SERVER
- assert isset PROTOCOL
- assert isset REQUIRE_TLS
-
- # Check if a supported protocol has been given.
- if ! list_match "${PROTOCOL}" ${AICCU_SUPPORTED_PROTOCOLS}; then
- log ERROR "This protocol is not supported by aiccu: ${PROTOCOL}"
- log ERROR "Valid protocols are: ${AICCU_SUPPORTED_PROTOCOLS}"
- return ${EXIT_ERROR}
- fi
-}
-
-hook_parse_cmdline() {
- local value
-
- while [ $# -gt 0 ]; do
- case "$1" in
- --username=*)
- USERNAME="$(cli_get_val ${1})"
- ;;
- --password=*)
- PASSWORD="$(cli_get_val ${1})"
- ;;
- --server=*)
- SERVER="$(cli_get_val ${1})"
- ;;
- --protocol=*)
- PROTOCOL="$(cli_get_val ${1})"
- ;;
- --tunnel-id=*)
- TUNNEL_ID="$(cli_get_val ${1})"
- ;;
- --require-tls=*)
- REQUIRE_TLS="$(cli_get_val ${1})"
-
- if enabled val; then
- REQUIRE_TLS="true"
- else
- REQUIRE_TLS="false"
- fi
- ;;
- *)
- echo "Unknown option: $1" >&2
- exit ${EXIT_ERROR}
- ;;
- esac
- shift
- done
-}
-
-hook_up() {
- local zone=${1}
- assert isset zone
-
- # Start aiccu on this zone.
- aiccu_start ${zone}
-
- exit ${EXIT_OK}
-}
-
-hook_down() {
- local zone=${1}
- assert isset zone
-
- # Stop aiccu on this zone.
- aiccu_stop ${zone}
-
- exit ${EXIT_OK}
-}
-
-hook_status() {
- local zone=${1}
- assert isset zone
-
- cli_device_headline ${zone}
-
- zone_settings_read "${zone}"
-
- cli_headline 2 "Configuration"
- cli_print_fmt1 2 "User" "${USERNAME}"
- cli_print_fmt1 2 "Secret" "<hidden>"
- cli_space
- cli_print_fmt1 2 "Server" "${SERVER}"
- cli_print_fmt1 2 "Protocol" "${PROTOCOL}"
- if isset TUNNEL_ID; then
- cli_space
- cli_print_fmt1 2 "Tunnel ID" "${TUNNEL_ID}"
- fi
- cli_space
-
- exit ${EXIT_OK}
-}
# This will hold temporary configuration files,
# PID files and much more.
d /run/network 0755 root root -
-d /run/network/aiccu 0755 root root -
d /run/network/hostapd 0755 root root -
# Point-to-point protocol daemon