[people/stevee/network.git] / hooks / zones / bridge.configs / ipv4-static

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /lib/network/header-config

HOOK_SETTINGS="HOOK ADDRESS PREFIX GATEWAY"

function _check() {
	assert isset ADDRESS
	assert isinteger PREFIX

	if [ ${PREFIX} -gt 30 ]; then
		error "PREFIX is greater than 30."
		exit ${EXIT_ERROR}
	fi
}

function _create() {
	local zone=${1}
	shift

	while [ $# -gt 0 ]; do
		case "${1}" in
			--address=*)
				ADDRESS=${1#--address=}
				;;
			--netmask=*)
				NETMASK=${1#--netmask=}
				;;
			--prefix=*)
				PREFIX=${1#--prefix=}
				;;
			--gateway=*)
				GATEWAY=${1#--gateway=}
				;;
		esac
		shift
	done

	if [ -z "${PREFIX}" -a -n "${NETMASK}" ]; then
		PREFIX=$(ipv4_mask_to_cidr ${NETMASK})
	fi

	# XXX maybe we can add some hashing to identify a configuration again
	config_write $(zone_dir ${zone})/configs/${HOOK}.$(uuid) ${HOOK_SETTINGS}

	exit ${EXIT_OK}
}

function _up() {
	local zone=${1}
	local config=${2}
	shift 2

	if ! device_exists ${zone}; then
		error "Zone '${zone}' doesn't exist."
		exit ${EXIT_ERROR}
	fi

	config_read $(zone_dir ${zone})/configs/${config}

	if ! zone_has_ipv4 ${zone} ${ADDRESS}/${PREFIX}; then
		if ipv4_detect_duplicate ${zone} ${ADDRESS}; then
			error_log "Duplicate address detected on zone '${zone}' (${ADDRESS})."
			error_log "Cannot continue."
			exit ${EXIT_ERROR}
		fi

		ip addr add ${ADDRESS}/${PREFIX} dev ${zone}

		# Announce our new address to the neighbours
		ipv4_update_neighbours ${zone} ${ADDRESS}
	fi

	if zone_is_nonlocal ${zone} && [ -n "${GATEWAY}" ]; then
		# Save configuration
		red_db_set ${zone} type "${HOOK}"
		red_db_set ${zone} local-ip-address ${ADDRESS}/${PREFIX}
		red_db_set ${zone} remote-ip-address ${GATEWAY}
		
		red_db_set ${zone} active 1
		red_routing_update ${zone}
	fi

	exit ${EXIT_OK}
}

function _down() {
	local zone=${1}
	local config=${2}
	shift 2

	if ! device_exists ${zone}; then
		error "Zone '${zone}' doesn't exist."
		exit ${EXIT_ERROR}
	fi
	
	config_read $(zone_dir ${zone})/configs/${config}

	if zone_has_ipv4 ${zone} ${ADDRESS}/${PREFIX}; then
		ip addr del ${ADDRESS}/${PREFIX} dev ${zone}
	fi

	exit ${EXIT_OK}
}

function _status() {
	local zone=${1}
	local config=${2}
	shift 2

	if ! device_exists ${zone}; then
		error "Zone '${zone}' doesn't exist."
		exit ${EXIT_ERROR}
	fi
	
	config_read $(zone_dir ${zone})/configs/${config}

	printf "        %10s - " "${HOOK}"
	if zone_has_ipv4 ${zone} ${ADDRESS}/${PREFIX}; then
		echo -ne "${COLOUR_ENABLED}ENABLED ${COLOUR_NORMAL}"
	else
		echo -ne "${COLOUR_DISABLED}DISABLED${COLOUR_NORMAL}"
	fi
	echo " - ${ADDRESS}/${PREFIX}"

	if [ -n "${GATEWAY}" ]; then
		echo "          Gateway: ${GATEWAY}"
	fi

	exit ${EXIT_OK}
}

function ipv4_mask_to_cidr() {
	local mask=0

	local field
	for field in $(tr '.' ' ' <<<${1}); do
		mask=$(( $(( ${mask} << 8 )) | ${field} ))
	done

	local cidr=0
	local x=$(( 128 << 24 )) # 0x80000000

	while [ $(( ${x} & ${mask} )) -ne 0 ]; do
		[ ${mask} -eq ${x} ] && mask=0 || mask=$(( ${mask} << 1 ))
		cidr=$((${cidr} + 1))
	done

	if [ $(( ${mask} & 2147483647 )) -ne 0 ]; then # 2147483647 = 0x7fffffff
		echo "Invalid net mask: $1" >&2
	else
		echo ${cidr}
	fi
}

run $@
Commit	Line	Data
1848564d MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
a5ebb169	22	. /lib/network/header-config
1848564d MT	23
	24	HOOK_SETTINGS="HOOK ADDRESS PREFIX GATEWAY"
	25
	26	function _check() {
	27	assert isset ADDRESS
	28	assert isinteger PREFIX
	29
	30	if [ ${PREFIX} -gt 30 ]; then
	31	error "PREFIX is greater than 30."
	32	exit ${EXIT_ERROR}
	33	fi
	34	}
	35
	36	function _create() {
	37	local zone=${1}
	38	shift
	39
	40	while [ $# -gt 0 ]; do
	41	case "${1}" in
	42	--address=*)
	43	ADDRESS=${1#--address=}
	44	;;
	45	--netmask=*)
	46	NETMASK=${1#--netmask=}
	47	;;
	48	--prefix=*)
	49	PREFIX=${1#--prefix=}
	50	;;
	51	--gateway=*)
	52	GATEWAY=${1#--gateway=}
	53	;;
	54	esac
	55	shift
	56	done
	57
	58	if [ -z "${PREFIX}" -a -n "${NETMASK}" ]; then
	59	PREFIX=$(ipv4_mask_to_cidr ${NETMASK})
	60	fi
	61
a5ebb169 MT	62	# XXX maybe we can add some hashing to identify a configuration again
a5ebb169 MT	63	config_write $(zone_dir ${zone})/configs/${HOOK}.$(uuid) ${HOOK_SETTINGS}
1848564d MT	64
	65	exit ${EXIT_OK}
	66	}
	67
	68	function _up() {
	69	local zone=${1}
	70	local config=${2}
	71	shift 2
	72
	73	if ! device_exists ${zone}; then
	74	error "Zone '${zone}' doesn't exist."
	75	exit ${EXIT_ERROR}
	76	fi
a5ebb169 MT	77
a5ebb169 MT	78	config_read $(zone_dir ${zone})/configs/${config}
1848564d MT	79
1848564d MT	80	if ! zone_has_ipv4 ${zone} ${ADDRESS}/${PREFIX}; then
05c234a8	81	if ipv4_detect_duplicate ${zone} ${ADDRESS}; then
9eebfc55	82	error_log "Duplicate address detected on zone '${zone}' (${ADDRESS})."
05c234a8 MT	83	error_log "Cannot continue."
	84	exit ${EXIT_ERROR}
	85	fi
	86
1848564d	87	ip addr add ${ADDRESS}/${PREFIX} dev ${zone}
05c234a8 MT	88
	89	# Announce our new address to the neighbours
	90	ipv4_update_neighbours ${zone} ${ADDRESS}
1848564d MT	91	fi
1848564d MT	92
940d7206	93	if zone_is_nonlocal ${zone} && [ -n "${GATEWAY}" ]; then
9c71c87c MT	94	# Save configuration
	95	red_db_set ${zone} type "${HOOK}"
	96	red_db_set ${zone} local-ip-address ${ADDRESS}/${PREFIX}
	97	red_db_set ${zone} remote-ip-address ${GATEWAY}
	98
	99	red_db_set ${zone} active 1
	100	red_routing_update ${zone}
1848564d MT	101	fi
	102
	103	exit ${EXIT_OK}
	104	}
	105
	106	function _down() {
	107	local zone=${1}
	108	local config=${2}
	109	shift 2
	110
	111	if ! device_exists ${zone}; then
	112	error "Zone '${zone}' doesn't exist."
	113	exit ${EXIT_ERROR}
	114	fi
	115
a5ebb169	116	config_read $(zone_dir ${zone})/configs/${config}
1848564d MT	117
	118	if zone_has_ipv4 ${zone} ${ADDRESS}/${PREFIX}; then
	119	ip addr del ${ADDRESS}/${PREFIX} dev ${zone}
	120	fi
	121
	122	exit ${EXIT_OK}
	123	}
	124
ae1def39 MT	125	function _status() {
	126	local zone=${1}
	127	local config=${2}
	128	shift 2
	129
	130	if ! device_exists ${zone}; then
	131	error "Zone '${zone}' doesn't exist."
	132	exit ${EXIT_ERROR}
	133	fi
	134
a5ebb169	135	config_read $(zone_dir ${zone})/configs/${config}
ae1def39	136
54a70b3e	137	printf " %10s - " "${HOOK}"
ae1def39	138	if zone_has_ipv4 ${zone} ${ADDRESS}/${PREFIX}; then
a5ebb169	139	echo -ne "${COLOUR_ENABLED}ENABLED ${COLOUR_NORMAL}"
ae1def39	140	else
a5ebb169	141	echo -ne "${COLOUR_DISABLED}DISABLED${COLOUR_NORMAL}"
ae1def39	142	fi
54a70b3e	143	echo " - ${ADDRESS}/${PREFIX}"
ae1def39 MT	144
	145	if [ -n "${GATEWAY}" ]; then
	146	echo " Gateway: ${GATEWAY}"
	147	fi
	148
	149	exit ${EXIT_OK}
	150	}
	151
1848564d MT	152	function ipv4_mask_to_cidr() {
	153	local mask=0
	154
	155	local field
	156	for field in $(tr '.' ' ' <<<${1}); do
	157	mask=$(( $(( ${mask} << 8 )) \| ${field} ))
	158	done
	159
	160	local cidr=0
	161	local x=$(( 128 << 24 )) # 0x80000000
	162
	163	while [ $(( ${x} & ${mask} )) -ne 0 ]; do
	164	[ ${mask} -eq ${x} ] && mask=0 \|\| mask=$(( ${mask} << 1 ))
	165	cidr=$((${cidr} + 1))
	166	done
	167
	168	if [ $(( ${mask} & 2147483647 )) -ne 0 ]; then # 2147483647 = 0x7fffffff
	169	echo "Invalid net mask: $1" >&2
	170	else
	171	echo ${cidr}
	172	fi
	173	}
	174
	175	run $@