[people/stevee/network.git] / functions.ppp

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

PPP_SUPPORTED_AUTH_METHODS="chap pap"

function pppd_start() {
	local interface=${1}
	assert isset interface

	# This will block until the connection has been established or
	# pppd exited.
	service_start "pppd@${interface}.service"

	# Get the exit code of the ppp daemon and figure out
	# how to handle this.
	local ret=$(service_get_exitcode "pppd@${interface}.service")
	case "${ret}" in
		0)
			return ${EXIT_OK}
			;;
		1)
			error "pppd crashed for an unknown reason"
			;;
		2)
			error "pppd: Configuration error"
			;;
		5)
			error "pppd terminated"
			;;
		16)
			error "pppd: Link terminated by modem"
			;;
		19)
			error "pppd: Authentication failed"
			;;
		*)
			error "pppd: Unhandled exit code: ${ret}"
			;;
	esac

	return ${ret}
}

function pppd_stop() {
	local interface=${1}
	assert isset interface

	service_stop "pppd@${interface}.service"
}

function pppd_status() {
	local interface=${1}
	assert isset interface

	service_status "pppd@${interface}.service"
}

function ppp_common_ip_pre_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	routing_db_from_ppp ${zone} ipv4

	return ${EXIT_OK}
}

function ppp_common_ip_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	routing_db_set ${zone} ipv4 active 1
	routing_update ${zone} ipv4
	routing_default_update

	return ${EXIT_OK}
}

function ppp_common_ip_down() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Remove the information about this zone from the routing database
	# and update the routing table.
	routing_db_remove ${zone} ipv4
	routing_update ${zone} ipv4
	routing_default_update

	# Save accounting information
	ppp_accounting ${zone}

	return ${EXIT_OK}
}

function ppp_common_ipv6_up() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Add information about this zone to the routing database.
	routing_db_from_ppp ${zone} ipv6

	routing_db_set ${zone} ipv6 active 1
	routing_update ${zone} ipv6
	routing_default_update

	return ${EXIT_OK}
}

function ppp_common_ipv6_down() {
	local zone=${1}
	shift

	if ! zone_exists ${zone}; then
		error "Zone '${zone}' does not exist."
		return ${EXIT_ERROR}
	fi

	# Remove the information about this zone from the routing database
	# and update the routing table.
	routing_db_remove ${zone} ipv6
	routing_update ${zone} ipv6
	routing_default_update

	# Save accounting information
	ppp_accounting ${zone}

	return ${EXIT_OK}
}

function ppp_secret() {
	local USER=${1}
	local SECRET=${2}
	local a
	local secret
	local user

	# Updateing secret file
	> ${PPP_SECRETS}.tmp
	while read user a secret; do
		if [ "'${USER}'" != "${user}" ]; then
			echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
		fi
	done < ${PPP_SECRETS}
	echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
	cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
	rm -f ${PPP_SECRETS}.tmp
}

function ppp_accounting() {
	local zone=${1}
	shift

	db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
		--rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
}

function pppd_exec() {
	log DEBUG "Running pppd with parameters '$@'."

	pppd $@ > /dev/null
}

function pppd_write_config() {
	local file=${1}; shift
	assert isset file

	local auth
	local baudrate
	local connect_cmd
	local default_asyncmap="true"
	local interface
	local lcp_echo_failure=3
	local lcp_echo_interval=20
	local linkname
	local mtu mru
	local password
	local plugin plugin_options
	local serial="false"
	local username
	local value

	while [ $# -gt 0 ]; do
		case "${1}" in
			--auth=*)
				auth=$(cli_get_val ${1})
				;;
			--baudrate=*)
				baudrate=$(cli_get_val ${1})
				assert isoneof baudrate ${SERIAL_BAUDRATES}
				;;
			--connect-command=*)
				connect_cmd=$(cli_get_val ${1})
				;;
			# Enable or disable the use of the default asyncmap.
			--default-asyncmap=*)
				value=$(cli_get_val ${1})
				if enabled value; then
					default_asyncmap="true"
				else
					default_asyncmap="false"
				fi
				;;
			# The name of the created ppp interface.
			--interface=*)
				interface=$(cli_get_val ${1})
				;;
			# LCP echo failure.
			--lcr-echo-failure=*)
				lcr_echo_failure=$(cli_get_val ${1})

				if ! isinteger ${lcr_echo_failure}; then
					error "--lcr-echo-failure= requires a number"
					return ${EXIT_ERROR}
				fi
				;;
			# LCP echo interval.
			--lcr-echo-interval=*)
				lcr_echo_interval=$(cli_get_val ${1})

				if ! isinteger ${lcr_echo_failure}; then
					error "--lcr-echo-interval= requires a number"
					return ${EXIT_ERROR}
				fi
				;;
			# Maximum Transmission Unit
			--mtu=*)
				mtu=$(cli_get_val ${1})
				;;
			# Maximum Receive Unit
			--mru=*)
				mru=$(cli_get_val ${1})
				;;
			--password=*)
				password=$(cli_get_val ${1})
				;;
			--plugin=*)
				plugin=$(cli_get_val ${1})
				;;
			--plugin-options=*)
				plugin_options=$(cli_get_val ${1})
				;;
			# Sets if the modem is a serial device.
			--serial=*)
				serial=$(cli_get_val ${1})
				;;
			--serial-device=*)
				serial_device=$(cli_get_val ${1})
				;;
			--username=*)
				username=$(cli_get_val ${1})
				;;
			*)
				log WARNING "Unhandled argument: ${1}"
				;;
		esac
		shift
	done

	if [ -z "${interface}" ]; then
		log ERROR "You need to set the interface name: ${interface}"
		return ${EXIT_ERROR}
	fi
	linkname="${interface}"

	if isset auth; then
		if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
			log ERROR "Unsupported auth method: ${auth}"
			return ${EXIT_ERROR}
		fi
	fi

	if enabled serial; then
		assert isset serial_device
		assert [ -c "${serial_device}" ]
	fi

	# Set the user credentials.
	ppp_secret "${username}" "${password}"

	# Write the configuration header.
	mkdir -p $(dirname ${file}) 2>/dev/null
	config_header "PPP daemon configuration file" > ${file}

	# At first, set the name of the link.
	print "linkname ${linkname}\n" >> ${file}

	# Configure the interface/zone name.
	(
		print "# Interface name"
		print "ifname ${interface}"
		print
	) >> ${file}

	# Plugin settings
	if isset plugin; then
		(
			print "# Plugin settings"
			print "plugin ${plugin} ${plugin_options}"
			print
		) >> ${file}
	fi

	# User authentication
	if isset username; then
		(
			print "# User authentication"
			print "user ${username}"

			print "noauth"
			if isset auth; then
				print "require-${auth}"
			fi
			print
		) >> ${file}
	fi

	# MTU/MRU settings
	if isset mtu; then
		isset mru || mru=${mtu}

		(
			print "# MTU/MRU settings"
			print "mtu ${mtu}"
			print "mru ${mru}"
			print
		) >> ${file}
	fi

	if enabled serial; then
		(
			print "# Serial modem settings"
			print "${serial_device} ${baudrate}"
			print "crtscts"
			print "lock"
			print "modem"
			print
		) >> ${file}

		# Connect command
		if isset connect_cmd; then
			(
				print "# Connect command"
				print "connect \"${connect_cmd}\""
				print
			) >> ${file}
		fi
	fi

	# Default asyncmap.
	if enabled default_asyncmap; then
		(
			print "# Use the default asyncmap."
			print "default-asyncmap"
			print
		) >> ${file}
	fi

	# LCP settings.
	(
		print "# LCP settings"
		print "lcp-echo-failure ${lcp_echo_failure}"
		print "lcp-echo-interval ${lcp_echo_interval}"
		print
	) >> ${file}

	# Add the default settings.
	(
		print "# Disable the compression"
		print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"

		print "noipdefault updetach debug"
	) >> ${file}

	return ${EXIT_OK}
}
Commit	Line	Data
5b20e43a MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
1848564d	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
5b20e43a MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
97cb552e MT	22	PPP_SUPPORTED_AUTH_METHODS="chap pap"
	23
	24	function pppd_start() {
	25	local interface=${1}
	26	assert isset interface
	27
81d0c0b9 MT	28	# This will block until the connection has been established or
81d0c0b9 MT	29	# pppd exited.
1d08b9b3	30	service_start "pppd@${interface}.service"
81d0c0b9 MT	31
	32	# Get the exit code of the ppp daemon and figure out
	33	# how to handle this.
1d08b9b3	34	local ret=$(service_get_exitcode "pppd@${interface}.service")
81d0c0b9 MT	35	case "${ret}" in
	36	0)
	37	return ${EXIT_OK}
	38	;;
	39	1)
	40	error "pppd crashed for an unknown reason"
	41	;;
	42	2)
	43	error "pppd: Configuration error"
	44	;;
45d5539c	45	5)
81d0c0b9 MT	46	error "pppd terminated"
81d0c0b9 MT	47	;;
6c74a64c MT	48	16)
	49	error "pppd: Link terminated by modem"
	50	;;
81d0c0b9 MT	51	19)
	52	error "pppd: Authentication failed"
	53	;;
	54	*)
	55	error "pppd: Unhandled exit code: ${ret}"
	56	;;
	57	esac
	58
	59	return ${ret}
97cb552e MT	60	}
	61
	62	function pppd_stop() {
	63	local interface=${1}
	64	assert isset interface
	65
1d08b9b3	66	service_stop "pppd@${interface}.service"
97cb552e MT	67	}
	68
	69	function pppd_status() {
	70	local interface=${1}
	71	assert isset interface
	72
1d08b9b3	73	service_status "pppd@${interface}.service"
97cb552e MT	74	}
97cb552e MT	75
c7ad7801 MT	76	function ppp_common_ip_pre_up() {
	77	local zone=${1}
	78	shift
	79
	80	if ! zone_exists ${zone}; then
	81	error "Zone '${zone}' does not exist."
	82	return ${EXIT_ERROR}
	83	fi
	84
2c973348	85	routing_db_from_ppp ${zone} ipv4
ff8ec5ef	86
c7ad7801 MT	87	return ${EXIT_OK}
	88	}
	89
	90	function ppp_common_ip_up() {
	91	local zone=${1}
	92	shift
	93
	94	if ! zone_exists ${zone}; then
	95	error "Zone '${zone}' does not exist."
	96	return ${EXIT_ERROR}
	97	fi
	98
2c973348 MT	99	routing_db_set ${zone} ipv4 active 1
2c973348 MT	100	routing_update ${zone} ipv4
f5a771cf	101	routing_default_update
ff8ec5ef	102
c7ad7801 MT	103	return ${EXIT_OK}
	104	}
	105
	106	function ppp_common_ip_down() {
	107	local zone=${1}
	108	shift
	109
	110	if ! zone_exists ${zone}; then
	111	error "Zone '${zone}' does not exist."
	112	return ${EXIT_ERROR}
	113	fi
	114
201b7dff MT	115	# Remove the information about this zone from the routing database
	116	# and update the routing table.
	117	routing_db_remove ${zone} ipv4
	118	routing_update ${zone} ipv4
f5a771cf	119	routing_default_update
201b7dff MT	120
	121	# Save accounting information
	122	ppp_accounting ${zone}
	123
201b7dff MT	124	return ${EXIT_OK}
	125	}
	126
	127	function ppp_common_ipv6_up() {
	128	local zone=${1}
	129	shift
	130
	131	if ! zone_exists ${zone}; then
	132	error "Zone '${zone}' does not exist."
	133	return ${EXIT_ERROR}
	134	fi
	135
	136	# Add information about this zone to the routing database.
	137	routing_db_from_ppp ${zone} ipv6
	138
	139	routing_db_set ${zone} ipv6 active 1
	140	routing_update ${zone} ipv6
f5a771cf	141	routing_default_update
201b7dff	142
201b7dff MT	143	return ${EXIT_OK}
	144	}
	145
	146	function ppp_common_ipv6_down() {
	147	local zone=${1}
	148	shift
	149
	150	if ! zone_exists ${zone}; then
	151	error "Zone '${zone}' does not exist."
	152	return ${EXIT_ERROR}
	153	fi
	154
	155	# Remove the information about this zone from the routing database
	156	# and update the routing table.
	157	routing_db_remove ${zone} ipv6
	158	routing_update ${zone} ipv6
f5a771cf	159	routing_default_update
201b7dff	160
059469a8 MT	161	# Save accounting information
	162	ppp_accounting ${zone}
	163
c7ad7801 MT	164	return ${EXIT_OK}
	165	}
	166
5b20e43a MT	167	function ppp_secret() {
	168	local USER=${1}
	169	local SECRET=${2}
	170	local a
	171	local secret
	172	local user
	173
	174	# Updateing secret file
	175	> ${PPP_SECRETS}.tmp
	176	while read user a secret; do
	177	if [ "'${USER}'" != "${user}" ]; then
	178	echo "${user} ${a} ${secret}" >> ${PPP_SECRETS}.tmp
	179	fi
	180	done < ${PPP_SECRETS}
	181	echo "'${USER}' * '${SECRET}'" >> ${PPP_SECRETS}.tmp
	182	cat ${PPP_SECRETS}.tmp > ${PPP_SECRETS}
	183	rm -f ${PPP_SECRETS}.tmp
	184	}
	185
059469a8 MT	186	function ppp_accounting() {
	187	local zone=${1}
	188	shift
5b20e43a	189
059469a8 MT	190	db_ppp_update ${zone} --duration="${CONNECT_TIME}" \
059469a8 MT	191	--rcvd="${BYTES_RCVD}" --sent="${BYTES_SENT}"
5b20e43a	192	}
711ffac1 MT	193
711ffac1 MT	194	function pppd_exec() {
711ffac1 MT	195	log DEBUG "Running pppd with parameters '$@'."
	196
	197	pppd $@ > /dev/null
	198	}
97cb552e MT	199
	200	function pppd_write_config() {
	201	local file=${1}; shift
	202	assert isset file
	203
	204	local auth
6c74a64c MT	205	local baudrate
6c74a64c MT	206	local connect_cmd
45d5539c	207	local default_asyncmap="true"
97cb552e	208	local interface
45d5539c MT	209	local lcp_echo_failure=3
45d5539c MT	210	local lcp_echo_interval=20
97cb552e MT	211	local linkname
97cb552e MT	212	local mtu mru
6c74a64c	213	local password
97cb552e	214	local plugin plugin_options
6c74a64c MT	215	local serial="false"
6c74a64c MT	216	local username
45d5539c	217	local value
97cb552e MT	218
	219	while [ $# -gt 0 ]; do
	220	case "${1}" in
	221	--auth=*)
	222	auth=$(cli_get_val ${1})
	223	;;
6c74a64c MT	224	--baudrate=*)
	225	baudrate=$(cli_get_val ${1})
	226	assert isoneof baudrate ${SERIAL_BAUDRATES}
	227	;;
	228	--connect-command=*)
	229	connect_cmd=$(cli_get_val ${1})
	230	;;
45d5539c MT	231	# Enable or disable the use of the default asyncmap.
	232	--default-asyncmap=*)
	233	value=$(cli_get_val ${1})
	234	if enabled value; then
	235	default_asyncmap="true"
	236	else
	237	default_asyncmap="false"
	238	fi
	239	;;
97cb552e MT	240	# The name of the created ppp interface.
	241	--interface=*)
	242	interface=$(cli_get_val ${1})
	243	;;
45d5539c MT	244	# LCP echo failure.
	245	--lcr-echo-failure=*)
	246	lcr_echo_failure=$(cli_get_val ${1})
	247
	248	if ! isinteger ${lcr_echo_failure}; then
	249	error "--lcr-echo-failure= requires a number"
	250	return ${EXIT_ERROR}
	251	fi
	252	;;
	253	# LCP echo interval.
	254	--lcr-echo-interval=*)
	255	lcr_echo_interval=$(cli_get_val ${1})
	256
	257	if ! isinteger ${lcr_echo_failure}; then
	258	error "--lcr-echo-interval= requires a number"
	259	return ${EXIT_ERROR}
	260	fi
	261	;;
97cb552e MT	262	# Maximum Transmission Unit
	263	--mtu=*)
	264	mtu=$(cli_get_val ${1})
	265	;;
	266	# Maximum Receive Unit
	267	--mru=*)
	268	mru=$(cli_get_val ${1})
	269	;;
6c74a64c MT	270	--password=*)
	271	password=$(cli_get_val ${1})
	272	;;
97cb552e MT	273	--plugin=*)
	274	plugin=$(cli_get_val ${1})
	275	;;
	276	--plugin-options=*)
	277	plugin_options=$(cli_get_val ${1})
	278	;;
6c74a64c MT	279	# Sets if the modem is a serial device.
	280	--serial=*)
	281	serial=$(cli_get_val ${1})
	282	;;
	283	--serial-device=*)
	284	serial_device=$(cli_get_val ${1})
	285	;;
	286	--username=*)
	287	username=$(cli_get_val ${1})
97cb552e MT	288	;;
	289	*)
	290	log WARNING "Unhandled argument: ${1}"
	291	;;
	292	esac
	293	shift
	294	done
	295
	296	if [ -z "${interface}" ]; then
	297	log ERROR "You need to set the interface name: ${interface}"
	298	return ${EXIT_ERROR}
	299	fi
45d5539c	300	linkname="${interface}"
97cb552e MT	301
	302	if isset auth; then
	303	if ! isoneof ${auth} ${PPP_SUPPORTED_AUTH_METHODS}; then
	304	log ERROR "Unsupported auth method: ${auth}"
	305	return ${EXIT_ERROR}
	306	fi
	307	fi
	308
6c74a64c MT	309	if enabled serial; then
	310	assert isset serial_device
	311	assert [ -c "${serial_device}" ]
	312	fi
	313
	314	# Set the user credentials.
	315	ppp_secret "${username}" "${password}"
	316
97cb552e MT	317	# Write the configuration header.
	318	mkdir -p $(dirname ${file}) 2>/dev/null
	319	config_header "PPP daemon configuration file" > ${file}
	320
	321	# At first, set the name of the link.
45d5539c	322	print "linkname ${linkname}\n" >> ${file}
97cb552e	323
6c74a64c MT	324	# Configure the interface/zone name.
	325	(
	326	print "# Interface name"
	327	print "ifname ${interface}"
	328	print
	329	) >> ${file}
97cb552e MT	330
	331	# Plugin settings
	332	if isset plugin; then
	333	(
	334	print "# Plugin settings"
	335	print "plugin ${plugin} ${plugin_options}"
	336	print
	337	) >> ${file}
	338	fi
	339
	340	# User authentication
6c74a64c	341	if isset username; then
97cb552e MT	342	(
97cb552e MT	343	print "# User authentication"
6c74a64c	344	print "user ${username}"
97cb552e MT	345
	346	print "noauth"
	347	if isset auth; then
	348	print "require-${auth}"
	349	fi
	350	print
	351	) >> ${file}
	352	fi
	353
	354	# MTU/MRU settings
	355	if isset mtu; then
	356	isset mru \|\| mru=${mtu}
	357
	358	(
	359	print "# MTU/MRU settings"
	360	print "mtu ${mtu}"
	361	print "mru ${mru}"
	362	print
	363	) >> ${file}
	364	fi
	365
6c74a64c MT	366	if enabled serial; then
	367	(
	368	print "# Serial modem settings"
	369	print "${serial_device} ${baudrate}"
	370	print "crtscts"
	371	print "lock"
	372	print "modem"
	373	print
	374	) >> ${file}
	375
	376	# Connect command
	377	if isset connect_cmd; then
	378	(
	379	print "# Connect command"
	380	print "connect \"${connect_cmd}\""
	381	print
	382	) >> ${file}
	383	fi
	384	fi
	385
45d5539c MT	386	# Default asyncmap.
	387	if enabled default_asyncmap; then
	388	(
	389	print "# Use the default asyncmap."
	390	print "default-asyncmap"
	391	print
	392	) >> ${file}
	393	fi
	394
	395	# LCP settings.
	396	(
	397	print "# LCP settings"
	398	print "lcp-echo-failure ${lcp_echo_failure}"
	399	print "lcp-echo-interval ${lcp_echo_interval}"
	400	print
	401	) >> ${file}
	402
97cb552e MT	403	# Add the default settings.
	404	(
	405	print "# Disable the compression"
	406	print "noccp noaccomp nodeflate nopcomp novj novjccomp nobsdcomp nomppe"
	407
81d0c0b9	408	print "noipdefault updetach debug"
97cb552e MT	409	) >> ${file}
	410
	411	return ${EXIT_OK}
	412	}