[people/stevee/network.git] / functions.ipv6

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

IP_SUPPORTED_PROTOCOLS="${IP_SUPPORTED_PROTOCOLS} ipv6"

function ipv6_device_autoconf_enable() {
	local device="${1}"
	assert device_exists "${device}"

	sysctl_set "net.ipv6.conf.${device}.accept_ra" 1
	sysctl_set "net.ipv6.conf.${device}.autoconf" 1
}

function ipv6_device_autoconf_disable() {
	local device="${1}"
	assert device_exists "${device}"

	sysctl_set "net.ipv6.conf.${device}.accept_ra" 0
	sysctl_set "net.ipv6.conf.${device}.autoconf" 0
}

# Enable IPv6 RFC3041 privacy extensions if desired
function ipv6_device_privacy_extensions_enable() {
	local device="${1}"
	assert device_exists "${device}"

	sysctl_set "net.ipv6.conf.${device}.use_tempaddr" 2
}

function ipv6_device_privacy_extensions_disable() {
	local device="${1}"
	assert device_exists "${device}"

	sysctl_set "net.ipv6.conf.${device}.use_tempaddr" 0
}

function ipv6_is_valid() {
	ipcalc --ipv6 -c $@ >/dev/null 2>&1

	case "$?" in
		0)
			return ${EXIT_OK}
			;;
		*)
			return ${EXIT_ERROR}
			;;
	esac
}

function ipv6_prefix_is_valid() {
	local prefix=${1}
	assert isset prefix

	[ ${prefix} -le   0 ] && return ${EXIT_FALSE}
	[ ${prefix} -gt 128 ] && return ${EXIT_FALSE}

	return ${EXIT_TRUE}
}

function ipv6_implode() {
	local address=${1}
	assert isset address

	local ADDRESS6_IMPL
	eval $(ipcalc -6 -i ${address} 2>/dev/null)
	assert isset ADDRESS6_IMPL

	print "${ADDRESS6_IMPL}"
}

function ipv6_explode() {
	local address=${1}
	assert isset address

	# Nothing to do if the length of the address is 39.
	if [ ${#address} -eq 39 ]; then
		print "${address}"
		return ${EXIT_OK}
	fi

	local ADDRESS6_EXPL
	eval $(ipcalc -6 -e ${address} 2>/dev/null)
	assert isset ADDRESS6_EXPL

	print "${ADDRESS6_EXPL}"
}

function ipv6_addr_eq() {
	local addr1=${1}
	assert isset addr1

	local addr2=${2}
	assert isset addr2

	local addr
	for addr in addr1 addr2; do
		printf -v ${addr} "%s" $(ipv6_explode ${!addr})
	done

	[[ "${addr1}" = "${addr2}" ]] \
		&& return ${EXIT_TRUE} || return ${EXIT_FALSE}
}

function ipv6_addr_gt() {
	local addr1=${1}
	assert isset addr1

	local addr2=${2}
	assert isset addr2

	local addr
	for addr in addr1 addr2; do
		printf -v ${addr} "%s" $(ipv6_explode ${!addr})
	done

	local i addr1_oct addr2_oct
	for i in 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30; do
		addr1_oct="0x${addr1:${i}:2}"
		addr2_oct="0x${addr2:${i}:2}"

		[[ ${addr1_oct} -gt ${addr2_oct} ]] && return ${EXIT_TRUE}
	done

	return ${EXIT_FALSE}
}

function ipv6_hash() {
	local address=${1}

	assert isset address

	# Explode address
	address=$(ipv6_explode ${address})

	echo "${address//:/}"
}

function ipv6_get_network() {
	local addr=${1}
	assert isset addr

	# Check if a prefix (e.g. /64) is provided.
	local prefix=$(ip_get_prefix ${addr})
	assert ipv6_prefix_is_valid ${prefix}

	local PREFIX6
	eval $(ipcalc --ipv6 -p ${addr})
	assert isset PREFIX6

	print "${PREFIX6}/${prefix}"
}
Commit	Line	Data
4231f419 MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
e617226b MT	22	IP_SUPPORTED_PROTOCOLS="${IP_SUPPORTED_PROTOCOLS} ipv6"
e617226b MT	23
4231f419	24	function ipv6_device_autoconf_enable() {
9f742d49 MT	25	local device="${1}"
9f742d49 MT	26	assert device_exists "${device}"
58fb41ee	27
9f742d49 MT	28	sysctl_set "net.ipv6.conf.${device}.accept_ra" 1
9f742d49 MT	29	sysctl_set "net.ipv6.conf.${device}.autoconf" 1
4231f419 MT	30	}
	31
	32	function ipv6_device_autoconf_disable() {
9f742d49 MT	33	local device="${1}"
9f742d49 MT	34	assert device_exists "${device}"
58fb41ee	35
9f742d49 MT	36	sysctl_set "net.ipv6.conf.${device}.accept_ra" 0
9f742d49 MT	37	sysctl_set "net.ipv6.conf.${device}.autoconf" 0
58fb41ee MT	38	}
	39
	40	# Enable IPv6 RFC3041 privacy extensions if desired
	41	function ipv6_device_privacy_extensions_enable() {
9f742d49 MT	42	local device="${1}"
9f742d49 MT	43	assert device_exists "${device}"
58fb41ee	44
9f742d49	45	sysctl_set "net.ipv6.conf.${device}.use_tempaddr" 2
58fb41ee MT	46	}
	47
	48	function ipv6_device_privacy_extensions_disable() {
9f742d49 MT	49	local device="${1}"
9f742d49 MT	50	assert device_exists "${device}"
58fb41ee	51
9f742d49	52	sysctl_set "net.ipv6.conf.${device}.use_tempaddr" 0
4231f419 MT	53	}
	54
	55	function ipv6_is_valid() {
fa6df98c	56	ipcalc --ipv6 -c $@ >/dev/null 2>&1
58fb41ee	57
fa6df98c MT	58	case "$?" in
	59	0)
	60	return ${EXIT_OK}
	61	;;
	62	*)
38f61548	63	return ${EXIT_ERROR}
fa6df98c MT	64	;;
fa6df98c MT	65	esac
4231f419 MT	66	}
4231f419 MT	67
cb965348 MT	68	function ipv6_prefix_is_valid() {
	69	local prefix=${1}
	70	assert isset prefix
	71
	72	[ ${prefix} -le 0 ] && return ${EXIT_FALSE}
	73	[ ${prefix} -gt 128 ] && return ${EXIT_FALSE}
	74
	75	return ${EXIT_TRUE}
	76	}
	77
4231f419 MT	78	function ipv6_implode() {
4231f419 MT	79	local address=${1}
58fb41ee MT	80	assert isset address
58fb41ee MT	81
ab70371d MT	82	local ADDRESS6_IMPL
	83	eval $(ipcalc -6 -i ${address} 2>/dev/null)
	84	assert isset ADDRESS6_IMPL
4231f419	85
ab70371d	86	print "${ADDRESS6_IMPL}"
4231f419 MT	87	}
	88
	89	function ipv6_explode() {
	90	local address=${1}
58fb41ee MT	91	assert isset address
58fb41ee MT	92
ab70371d	93	# Nothing to do if the length of the address is 39.
4231f419	94	if [ ${#address} -eq 39 ]; then
ab70371d MT	95	print "${address}"
ab70371d MT	96	return ${EXIT_OK}
4231f419 MT	97	fi
4231f419 MT	98
ab70371d MT	99	local ADDRESS6_EXPL
	100	eval $(ipcalc -6 -e ${address} 2>/dev/null)
	101	assert isset ADDRESS6_EXPL
4231f419	102
ab70371d MT	103	print "${ADDRESS6_EXPL}"
ab70371d MT	104	}
4231f419	105
ab70371d MT	106	function ipv6_addr_eq() {
	107	local addr1=${1}
	108	assert isset addr1
4231f419	109
ab70371d MT	110	local addr2=${2}
ab70371d MT	111	assert isset addr2
4231f419	112
ab70371d MT	113	local addr
	114	for addr in addr1 addr2; do
	115	printf -v ${addr} "%s" $(ipv6_explode ${!addr})
	116	done
4231f419	117
ab70371d MT	118	[[ "${addr1}" = "${addr2}" ]] \
	119	&& return ${EXIT_TRUE} \|\| return ${EXIT_FALSE}
	120	}
4231f419	121
ab70371d MT	122	function ipv6_addr_gt() {
	123	local addr1=${1}
	124	assert isset addr1
4231f419	125
ab70371d MT	126	local addr2=${2}
ab70371d MT	127	assert isset addr2
4231f419	128
ab70371d MT	129	local addr
	130	for addr in addr1 addr2; do
	131	printf -v ${addr} "%s" $(ipv6_explode ${!addr})
4231f419 MT	132	done
4231f419 MT	133
ab70371d MT	134	local i addr1_oct addr2_oct
	135	for i in 0 2 4 6 8 10 12 14 16 18 20 22 24 26 28 30; do
	136	addr1_oct="0x${addr1:${i}:2}"
	137	addr2_oct="0x${addr2:${i}:2}"
4231f419	138
ab70371d MT	139	[[ ${addr1_oct} -gt ${addr2_oct} ]] && return ${EXIT_TRUE}
ab70371d MT	140	done
4231f419	141
ab70371d	142	return ${EXIT_FALSE}
4231f419 MT	143	}
	144
	145	function ipv6_hash() {
	146	local address=${1}
	147
58fb41ee MT	148	assert isset address
58fb41ee MT	149
4231f419 MT	150	# Explode address
	151	address=$(ipv6_explode ${address})
	152
	153	echo "${address//:/}"
	154	}
ab70371d MT	155
	156	function ipv6_get_network() {
	157	local addr=${1}
	158	assert isset addr
	159
	160	# Check if a prefix (e.g. /64) is provided.
	161	local prefix=$(ip_get_prefix ${addr})
	162	assert ipv6_prefix_is_valid ${prefix}
	163
	164	local PREFIX6
	165	eval $(ipcalc --ipv6 -p ${addr})
	166	assert isset PREFIX6
	167
	168	print "${PREFIX6}/${prefix}"
	169	}