]>
Commit | Line | Data |
---|---|---|
d76f5107 MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2010 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
8ee92277 | 22 | . /usr/lib/network/header-port |
d76f5107 | 23 | |
54bae947 MT |
24 | HOOK_PORT_PATTERN="${PORT_PATTERN_ACCESSPOINT}" |
25 | ||
d389e96b MT |
26 | HOOK_SETTINGS=( |
27 | "ADDRESS" | |
28 | "BROADCAST_SSID" | |
29 | "CHANNEL" | |
30 | "CHANNEL_BANDWIDTH" | |
31 | "DFS" | |
32 | "ENCRYPTION" | |
33 | "ENVIRONMENT" | |
34 | "KEY" | |
35 | "MFP" | |
36 | "MODE" | |
37 | "PHY" | |
38 | "SSID" | |
39 | ) | |
d76f5107 | 40 | |
4637109c MT |
41 | # Broadcast SSID by default |
42 | DEFAULT_BROADCAST_SSID="on" | |
d76f5107 | 43 | |
7b297fb2 | 44 | # Perform radar detection by default when possible |
4637109c | 45 | DEFAULT_DFS="on" |
7b297fb2 | 46 | |
34ca3936 MT |
47 | # 802.11w - Management Frame Protection |
48 | # Disable by default because many clients cannot connect when enabled | |
4637109c | 49 | DEFAULT_MFP="off" |
34ca3936 | 50 | |
4637109c | 51 | DEFAULT_ENVIRONMENT="${WIRELESS_DEFAULT_ENVIRONMENT}" |
7842c2ce | 52 | |
1c6a4e30 | 53 | hook_check_settings() { |
d76f5107 MT |
54 | assert isset ADDRESS |
55 | assert ismac ADDRESS | |
56 | assert isset BROADCAST_SSID | |
57 | assert isbool BROADCAST_SSID | |
58 | assert isset CHANNEL | |
7b297fb2 | 59 | assert isbool DFS |
34ca3936 | 60 | assert isbool MFP |
d76f5107 | 61 | assert isset MODE |
6c262922 | 62 | assert isoneof MODE ${HOSTAPD_SUPPORTED_MODES} |
d76f5107 MT |
63 | assert isset PHY |
64 | assert ismac PHY | |
65 | assert isset SSID | |
25e32463 MT |
66 | |
67 | if isset ENCRYPTION; then | |
68 | assert isoneof ENCRYPTION WPA WPA2 WPA/WPA2 | |
69 | ||
70 | assert isset KEY | |
71 | assert [ ${#KEY} -ge 8 ] | |
72 | assert [ ${#KEY} -le 63 ] | |
73 | fi | |
7842c2ce MT |
74 | |
75 | assert wireless_environment_is_valid "${ENVIRONMENT}" | |
d76f5107 MT |
76 | } |
77 | ||
270aab39 | 78 | hook_parse_cmdline() { |
d76f5107 MT |
79 | while [ $# -gt 0 ]; do |
80 | case "${1}" in | |
81 | --broadcast-ssid=*) | |
2212045f | 82 | BROADCAST_SSID=$(cli_get_val "${1}") |
d76f5107 MT |
83 | ;; |
84 | --channel=*) | |
2212045f | 85 | CHANNEL=$(cli_get_val "${1}") |
d76f5107 | 86 | ;; |
54094fc7 MT |
87 | --channel-bandwidth=*) |
88 | CHANNEL_BANDWIDTH="$(cli_get_val "${1}")" | |
89 | ;; | |
7b297fb2 MT |
90 | --dfs=*) |
91 | DFS="$(cli_get_val "${1}")" | |
92 | ||
93 | if enabled DFS; then | |
94 | DFS="on" | |
95 | elif disabled DFS; then | |
96 | DFS="off" | |
97 | else | |
98 | error "Invalid value for DFS: ${DFS}" | |
99 | return ${EXIT_ERROR} | |
100 | fi | |
101 | ;; | |
25e32463 | 102 | --encryption=*) |
2212045f | 103 | ENCRYPTION=$(cli_get_val "${1}") |
25e32463 | 104 | ;; |
7842c2ce MT |
105 | --environment=*) |
106 | ENVIRONMENT="$(cli_get_val "${1}")" | |
107 | ||
108 | if ! wireless_environment_is_valid "${ENVIRONMENT}"; then | |
109 | error "Invalid wireless environment: ${ENVIRONMENT}" | |
110 | return ${EXIT_ERROR} | |
111 | fi | |
112 | ;; | |
25e32463 | 113 | --key=*) |
2212045f | 114 | KEY=$(cli_get_val "${1}") |
25e32463 | 115 | ;; |
d76f5107 | 116 | --mac=*) |
2212045f | 117 | ADDRESS=$(cli_get_val "${1}") |
d76f5107 | 118 | ;; |
34ca3936 MT |
119 | --mfp=*) |
120 | MFP="$(cli_get_val "${1}")" | |
121 | ||
122 | if enabled MFP; then | |
123 | MFP="on" | |
124 | elif disabled MFP; then | |
125 | MFP="off" | |
126 | else | |
127 | error "Invalid value for --mfp: ${MFP}" | |
128 | return ${EXIT_ERROR} | |
129 | fi | |
130 | ;; | |
d76f5107 | 131 | --mode=*) |
2212045f | 132 | MODE=$(cli_get_val "${1}") |
6c262922 MT |
133 | |
134 | if ! isoneof MODE ${HOSTAPD_SUPPORTED_MODES}; then | |
135 | error "Unsupported mode: ${MODE}" | |
136 | error "Mode must be one of ${HOSTAPD_SUPPORTED_MODES}" | |
137 | return ${EXIT_ERROR} | |
138 | fi | |
d76f5107 MT |
139 | ;; |
140 | --phy=*) | |
2212045f | 141 | PHY=$(cli_get_val "${1}") |
d76f5107 MT |
142 | ;; |
143 | --ssid=*) | |
2212045f | 144 | SSID=$(cli_get_val "${1}") |
d76f5107 MT |
145 | ;; |
146 | *) | |
147 | warning "Ignoring unknown argument '${1}'" | |
148 | ;; | |
149 | esac | |
150 | shift | |
151 | done | |
152 | ||
8578e61d MT |
153 | # Generate a random MAC address if none is set |
154 | if ! isset ADDRESS; then | |
155 | ADDRESS="$(mac_generate)" | |
156 | fi | |
157 | ||
6c262922 MT |
158 | # MODE must be set |
159 | if ! isset MODE; then | |
160 | error "--mode is not set" | |
161 | return ${EXIT_ERROR} | |
162 | fi | |
163 | ||
1b4aa2ca MT |
164 | # Automatically enable ACS if no channel is set and ACS is available |
165 | if ! isset CHANNEL && phy_supports_acs "${PHY}"; then | |
166 | CHANNEL="0" | |
167 | ||
168 | log INFO "Automatic Channel Selection (ACS) enabled" | |
169 | fi | |
170 | ||
54094fc7 MT |
171 | # Channel bandwidth must match the mode |
172 | if isset CHANNEL_BANDWIDTH && ! wireless_channel_bandwidth_is_valid "${MODE}" "${CHANNEL_BANDWIDTH}"; then | |
f9e980d9 | 173 | error "Channel Bandwidth '${CHANNEL_BANDWIDTH}' is not supported for ${MODE}" |
54094fc7 MT |
174 | return ${EXIT_ERROR} |
175 | fi | |
176 | ||
d76f5107 MT |
177 | # Save address of phy do identify it again |
178 | PHY=$(phy_get ${PHY}) | |
179 | PHY=$(phy_get_address ${PHY}) | |
270aab39 MT |
180 | } |
181 | ||
1c6a4e30 | 182 | hook_edit() { |
d76f5107 | 183 | local port=${1} |
d76f5107 MT |
184 | assert isset port |
185 | ||
2212045f | 186 | if ! hook_default_edit "$@"; then |
270aab39 MT |
187 | return ${EXIT_ERROR} |
188 | fi | |
d76f5107 | 189 | |
270aab39 MT |
190 | # To apply all changes, we need to restart the port |
191 | port_restart "${port}" | |
d76f5107 MT |
192 | } |
193 | ||
1c6a4e30 | 194 | hook_create() { |
1ba6a2bb | 195 | local port="${1}" |
d76f5107 MT |
196 | assert isset port |
197 | ||
1ba6a2bb MT |
198 | device_exists "${port}" && exit ${EXIT_OK} |
199 | ||
d389e96b | 200 | port_settings_read "${port}" ${HOOK_SETTINGS[*]} |
d76f5107 | 201 | |
49ec20d8 MT |
202 | # Check if the PHY is present. |
203 | local phy=$(phy_get ${PHY}) | |
204 | if ! isset phy; then | |
205 | log DEBUG "phy '${PHY}' is not present" | |
206 | exit ${EXIT_ERROR} | |
207 | fi | |
208 | ||
1ba6a2bb MT |
209 | # Create the wireless device |
210 | wireless_create "${port}" \ | |
211 | --phy="${phy}" \ | |
212 | --type="ap" \ | |
213 | --address="${ADDRESS}" | |
d76f5107 MT |
214 | |
215 | exit ${EXIT_OK} | |
216 | } | |
217 | ||
1c6a4e30 | 218 | hook_remove() { |
1ba6a2bb | 219 | local port="${1}" |
d76f5107 MT |
220 | assert isset port |
221 | ||
b8026986 MT |
222 | # Remove the device if present |
223 | if device_exists "${port}"; then | |
224 | wireless_remove "${port}" | |
47859d95 | 225 | fi |
d76f5107 MT |
226 | |
227 | exit ${EXIT_OK} | |
228 | } | |
229 | ||
1c6a4e30 | 230 | hook_up() { |
1ba6a2bb MT |
231 | local port="${1}" |
232 | assert isset port | |
233 | ||
234 | # The port must already exist before | |
235 | # hostapd is started. Otherwise it will | |
236 | # fail horribly over and over again. | |
237 | assert device_exists "${port}" | |
238 | ||
239 | hostapd_start "${port}" | |
240 | } | |
241 | ||
1c6a4e30 | 242 | hook_down() { |
1ba6a2bb MT |
243 | local port="${1}" |
244 | assert isset port | |
245 | ||
246 | hostapd_stop "${port}" | |
247 | } | |
248 | ||
1c6a4e30 | 249 | hook_hotplug() { |
b8026986 | 250 | local port="${1}" |
47859d95 | 251 | assert isset port |
49ec20d8 | 252 | |
b8026986 MT |
253 | case "$(hotplug_action)" in |
254 | add) | |
1ba6a2bb MT |
255 | # Create the port when the phy is plugged in |
256 | if hotplug_event_port_uses_phy "${port}"; then | |
257 | hook_create "${port}" | |
b8026986 MT |
258 | fi |
259 | ;; | |
260 | ||
261 | remove) | |
262 | # Stop hostapd | |
263 | if hotplug_event_port_is_interface "${port}"; then | |
264 | hostapd_stop "${port}" | |
b8026986 | 265 | |
1ba6a2bb MT |
266 | exit ${EXIT_OK} |
267 | fi | |
b8026986 MT |
268 | ;; |
269 | esac | |
47859d95 | 270 | |
1ba6a2bb | 271 | exit ${EXIT_NOT_HANDLED} |
47859d95 | 272 | } |