[people/stevee/network.git] / src / hooks / zones / 6rd

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2013  IPFire Network Development Team                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /usr/lib/network/header-zone

HOOK_SETTINGS="HOOK SIX_RD_PREFIX LOCAL_ADDRESS PUBLIC_ADDRESS SERVER_ADDRESS"

# The address that is assigned to the tunnel device (with prefix).
SIX_RD_PREFIX=""

# The local IPv4 address of the tunnel endpoint.
# For usage if the endpoint is in a pre-routed network.
LOCAL_ADDRESS=""

# The IPv4 address of the tunnel endpoint where to connect to.
SERVER_ADDRESS=""

# The public IPv4 address of the tunnel client.
PUBLIC_ADDRESS=""

hook_check_settings() {
	assert isset SIX_RD_PREFIX
	assert isset PUBLIC_ADDRESS
	assert isset SERVER_ADDRESS

	# Check if an optional local address has been specified or use the public address instead.
	if [ -z "${LOCAL_ADDRESS}" ]; then
		LOCAL_ADDRESS="${PUBLIC_ADDRESS}"
	fi

	assert isset LOCAL_ADDRESS

	# Check input.
	if ! ipv6_net_is_valid "${SIX_RD_PREFIX}"; then
		log ERROR "Invalid 6rd prefix. Please use a valid IPv6 prefix."
		return ${EXIT_ERROR}
	fi

	if ! ipv4_is_valid "${SERVER_ADDRESS}"; then
		log ERROR "Invalid server address. Please use a valid IPv4 address."
		return ${EXIT_ERROR}
	fi

	if ! ipv4_is_valid "${PUBLIC_ADDRESS}"; then
		log ERROR "Invalid public address. Please use a valid IPv4 address."
		return ${EXIT_ERROR}
	fi

	if ! ipv4_is_valid "${LOCAL_ADDRESS}"; then
		log ERROR "Invalid local address. Please use a valid IPv4 address."
		return ${EXIT_ERROR}
	fi
}

hook_parse_cmdline() {
	local value

	while [ $# -gt 0 ]; do
		case "${1}" in
			--6rd-prefix=*)
				SIX_RD_PREFIX=$(cli_get_val ${1})
				;;
			--server-address=*)
				SERVER_ADDRESS=$(cli_get_val ${1})
				;;
			--local-ipv4-address=*)
				LOCAL_ADDRESS=$(cli_get_val ${1})
				;;
			--public-ipv4-address=*)
				PUBLIC_ADDRESS=$(cli_get_val ${1})
				;;
			*)
				echo "Unknown option: ${1}" >&2
				exit ${EXIT_ERROR}
				;;
		esac
		shift
	done
}

hook_up() {
	local zone="${1}"
	assert isset zone

	# Read configuration options.
	zone_settings_read "${zone}"

	# Configure the tunnel.
	if ! device_exists "${zone}"; then
		ip_tunnel_add "${zone}" \
			--ttl=64 \
			--local-address="${LOCAL_ADDRESS}"
	fi

	# Set 6rd prefix.
	ip_tunnel_6rd_set_prefix "${zone}" "${SIX_RD_PREFIX}"

	# Bring up the device.
	device_set_up "${zone}"

	# Update routing information.
	db_set "${zone}/ipv6/type" "${HOOK}"
	db_set "${zone}/ipv6/local-ip-address" "::${LOCAL_ADDRESS}"
	db_set "${zone}/ipv6/remote-ip-address" "::${SERVER_ADDRESS}"
	db_set "${zone}/ipv6/active" 1

	# Update the routing database.
	routing_update ${zone} ipv6
	routing_default_update

	exit ${EXIT_OK}
}

hook_down() {
	local zone=${1}
	assert isset zone

	# Remove everything from the routing db.
	db_delete "${zone}/ipv6"

	routing_update ${zone} ipv6
	routing_default_update

	# Remove the tunnel device.
	ip_tunnel_del ${zone}

	exit ${EXIT_OK}
}

hook_status() {
	local zone=${1}
	assert isset zone

	cli_device_headline ${zone}

	zone_settings_read "${zone}"

	local server_line="${SERVER_ADDRESS}"
	local server_hostname=$(dns_get_hostname ${SERVER_ADDRESS})
	if [ -n "${server_hostname}" ]; then
		server_line="${server_line} (Hostname: ${server_hostname})"
	fi

	cli_headline 2 "Configuration"
	cli_print_fmt1 2 "Server" "${server_line}"
	cli_print_fmt1 2 "6rd Prefix" "${SIX_RD_PREFIX}"
	cli_space

	# Generate the IPv6 prefix from the given 6rd Prefix and the Public IPv4 Address.
	local six_rd_address="$(ipv6_6rd_format_address "${SIX_RD_PREFIX}" "${PUBLIC_ADDRESS}")"

	cli_headline 2 "Tunnel properties"
	cli_print_fmt1 2 "IPv6 Subnet" "${six_rd_address}"
	cli_space

	exit ${EXIT_OK}
}
Commit	Line	Data
9390b61b SS	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
	5	# Copyright (C) 2013 IPFire Network Development Team #
	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
	22	. /usr/lib/network/header-zone
	23
	24	HOOK_SETTINGS="HOOK SIX_RD_PREFIX LOCAL_ADDRESS PUBLIC_ADDRESS SERVER_ADDRESS"
	25
	26	# The address that is assigned to the tunnel device (with prefix).
	27	SIX_RD_PREFIX=""
	28
	29	# The local IPv4 address of the tunnel endpoint.
	30	# For usage if the endpoint is in a pre-routed network.
	31	LOCAL_ADDRESS=""
	32
	33	# The IPv4 address of the tunnel endpoint where to connect to.
	34	SERVER_ADDRESS=""
	35
	36	# The public IPv4 address of the tunnel client.
	37	PUBLIC_ADDRESS=""
	38
1c6a4e30	39	hook_check_settings() {
9390b61b SS	40	assert isset SIX_RD_PREFIX
	41	assert isset PUBLIC_ADDRESS
	42	assert isset SERVER_ADDRESS
	43
	44	# Check if an optional local address has been specified or use the public address instead.
	45	if [ -z "${LOCAL_ADDRESS}" ]; then
	46	LOCAL_ADDRESS="${PUBLIC_ADDRESS}"
	47	fi
	48
e9df08ad	49	assert isset LOCAL_ADDRESS
9390b61b SS	50
9390b61b SS	51	# Check input.
13a6e69f	52	if ! ipv6_net_is_valid "${SIX_RD_PREFIX}"; then
9390b61b SS	53	log ERROR "Invalid 6rd prefix. Please use a valid IPv6 prefix."
	54	return ${EXIT_ERROR}
	55	fi
	56
	57	if ! ipv4_is_valid "${SERVER_ADDRESS}"; then
	58	log ERROR "Invalid server address. Please use a valid IPv4 address."
	59	return ${EXIT_ERROR}
	60	fi
	61
	62	if ! ipv4_is_valid "${PUBLIC_ADDRESS}"; then
	63	log ERROR "Invalid public address. Please use a valid IPv4 address."
	64	return ${EXIT_ERROR}
	65	fi
	66
	67	if ! ipv4_is_valid "${LOCAL_ADDRESS}"; then
	68	log ERROR "Invalid local address. Please use a valid IPv4 address."
	69	return ${EXIT_ERROR}
	70	fi
	71	}
	72
1c6a4e30	73	hook_parse_cmdline() {
9390b61b SS	74	local value
	75
	76	while [ $# -gt 0 ]; do
	77	case "${1}" in
	78	--6rd-prefix=*)
	79	SIX_RD_PREFIX=$(cli_get_val ${1})
	80	;;
	81	--server-address=*)
	82	SERVER_ADDRESS=$(cli_get_val ${1})
	83	;;
	84	--local-ipv4-address=*)
	85	LOCAL_ADDRESS=$(cli_get_val ${1})
	86	;;
9cdd14fa	87	--public-ipv4-address=*)
9390b61b SS	88	PUBLIC_ADDRESS=$(cli_get_val ${1})
	89	;;
	90	*)
	91	echo "Unknown option: ${1}" >&2
	92	exit ${EXIT_ERROR}
	93	;;
	94	esac
	95	shift
	96	done
	97	}
	98
1c6a4e30	99	hook_up() {
9390b61b SS	100	local zone="${1}"
	101	assert isset zone
	102
	103	# Read configuration options.
1e6f187e	104	zone_settings_read "${zone}"
9390b61b SS	105
	106	# Configure the tunnel.
	107	if ! device_exists "${zone}"; then
	108	ip_tunnel_add "${zone}" \
	109	--ttl=64 \
	110	--local-address="${LOCAL_ADDRESS}"
	111	fi
	112
	113	# Set 6rd prefix.
	114	ip_tunnel_6rd_set_prefix "${zone}" "${SIX_RD_PREFIX}"
	115
	116	# Bring up the device.
	117	device_set_up "${zone}"
	118
	119	# Update routing information.
c041b631 MT	120	db_set "${zone}/ipv6/type" "${HOOK}"
	121	db_set "${zone}/ipv6/local-ip-address" "::${LOCAL_ADDRESS}"
	122	db_set "${zone}/ipv6/remote-ip-address" "::${SERVER_ADDRESS}"
	123	db_set "${zone}/ipv6/active" 1
9390b61b SS	124
	125	# Update the routing database.
	126	routing_update ${zone} ipv6
	127	routing_default_update
	128
	129	exit ${EXIT_OK}
	130	}
	131
1c6a4e30	132	hook_down() {
9390b61b SS	133	local zone=${1}
	134	assert isset zone
	135
	136	# Remove everything from the routing db.
c041b631 MT	137	db_delete "${zone}/ipv6"
c041b631 MT	138
9390b61b SS	139	routing_update ${zone} ipv6
	140	routing_default_update
	141
	142	# Remove the tunnel device.
	143	ip_tunnel_del ${zone}
	144
	145	exit ${EXIT_OK}
	146	}
	147
1c6a4e30	148	hook_status() {
9390b61b SS	149	local zone=${1}
	150	assert isset zone
	151
	152	cli_device_headline ${zone}
	153
1e6f187e	154	zone_settings_read "${zone}"
9390b61b SS	155
	156	local server_line="${SERVER_ADDRESS}"
	157	local server_hostname=$(dns_get_hostname ${SERVER_ADDRESS})
	158	if [ -n "${server_hostname}" ]; then
	159	server_line="${server_line} (Hostname: ${server_hostname})"
	160	fi
	161
	162	cli_headline 2 "Configuration"
	163	cli_print_fmt1 2 "Server" "${server_line}"
	164	cli_print_fmt1 2 "6rd Prefix" "${SIX_RD_PREFIX}"
	165	cli_space
	166
	167	# Generate the IPv6 prefix from the given 6rd Prefix and the Public IPv4 Address.
	168	local six_rd_address="$(ipv6_6rd_format_address "${SIX_RD_PREFIX}" "${PUBLIC_ADDRESS}")"
	169
	170	cli_headline 2 "Tunnel properties"
	171	cli_print_fmt1 2 "IPv6 Subnet" "${six_rd_address}"
	172	cli_space
	173
	174	exit ${EXIT_OK}
	175	}