[people/stevee/network.git] / src / hooks / zones / pppoe

#!/bin/bash
###############################################################################
#                                                                             #
# IPFire.org - A linux based firewall                                         #
# Copyright (C) 2012  IPFire Network Development Team                         #
#                                                                             #
# This program is free software: you can redistribute it and/or modify        #
# it under the terms of the GNU General Public License as published by        #
# the Free Software Foundation, either version 3 of the License, or           #
# (at your option) any later version.                                         #
#                                                                             #
# This program is distributed in the hope that it will be useful,             #
# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
# GNU General Public License for more details.                                #
#                                                                             #
# You should have received a copy of the GNU General Public License           #
# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
#                                                                             #
###############################################################################

. /usr/lib/network/header-zone

HOOK_SETTINGS="HOOK ACCESS_CONCENTRATOR AUTH USERNAME PASSWORD"
HOOK_SETTINGS="${HOOK_SETTINGS} SERVICE_NAME MTU IPV6 PREFIX_DELEGATION"

# User credentials for the dialin.
USERNAME=""
PASSWORD=""

# Set the authentication mechanism.
AUTH=

# Access Concentrator.
ACCESS_CONCENTRATOR=""

# Service name.
SERVICE_NAME=""

# Maximum Transmission Unit.
# 1492 is a very common value for that.
MTU=1492

# This hook can work with all authentication methods supported by pppd.
PPPOE_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}"
PPPOE_PLUGIN="rp-pppoe.so"

# Request an IPv6 address.
IPV6="true"

# Use IPv6 prefix delegation.
PREFIX_DELEGATION="false"

function hook_check() {
	assert isset USERNAME
	assert isset PASSWORD

	isset AUTH && assert isoneof AUTH ${PPPOE_SUPPORTED_AUTH_METHODS}

	assert isset IPV6
	assert isset PREFIX_DELEGATION
}

function hook_parse_cmdline() {
	while [ $# -gt 0 ]; do
		case "${1}" in
			--access-concentrator=*)
				ACCESS_CONCENTRATOR=$(cli_get_val ${1})
				;;
			--auth=*)
				AUTH=$(cli_get_val ${1})
				;;
			--ipv6=*)
				local value="$(cli_get_val "${1}")"
				if enabled value; then
					IPV6="true"
				else
					IPV6="false"
				fi
				;;
			--mtu=*)
				MTU=$(cli_get_val ${1})
				;;
			--password=*)
				PASSWORD=$(cli_get_val ${1})
				;;
			--prefix-delegation=*)
				PREFIX_DELEGATION="$(cli_get_bool "${1}")"
				;;
			--service-name=*)
				SERVICE_NAME=$(cli_get_val ${1})
				;;
			--username=*)
				USERNAME=$(cli_get_val ${1})
				;;
			*)
				warning "Unknown argument: ${1}" >&2
				;;
		esac
		shift
	done
}

function hook_up() {
	local zone=${1}
	assert isset zone

	zone_settings_read "${zone}" ${HOOK_SETTINGS}

	# Bring up the port.
	local port=$(__hook_get_port "${zone}")
	port_up "${port}"

	# Start the ppp daemon.
	pppd_start ${zone}

	exit ${EXIT_OK}
}

function hook_down() {
	local zone=${1}
	assert isset zone

	zone_settings_read "${zone}" ${HOOK_SETTINGS}

	# Stop the ppp daemon.
	pppd_stop ${zone}

	# Bring down the port.
	log DEBUG "Bringing down port '${PORT}'."
	port_down ${PORT}

	exit ${EXIT_OK}
}

function hook_discover() {
	local device=${1}

	# This obviously only works on ethernet (or compatible) devices
	if ! device_is_ethernet_compatible "${device}"; then
		exit ${EXIT_ERROR}
	fi

	local output
	output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1)

	# Exit if there was not output
	[ -z "${output}" ] && exit ${DISCOVER_ERROR}

	# Exit if PADI timed out
	grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR}

	local ac
	while read line; do
		case "${line}" in
			Access-Concentrator:*)
				ac="${line#Access-Concentrator: }"
				;;
		esac
	done <<<"${output}"

	echo "ACCESS_CONCENTRATOR=\"$ac\""

	exit ${DISCOVER_OK}
}

function hook_status() {
	local zone=${1}
	assert isset zone

	cli_device_headline ${zone}

	zone_settings_read "${zone}" ${HOOK_SETTINGS}

	cli_headline 2 "Configuration"
	cli_print_fmt1 2 "Username" "${USERNAME}"
	cli_print_fmt1 2 "Password" "<hidden>"

	local port=$(__hook_get_port "${zone}")
	if isset port; then
		cli_print_fmt1 2 "Port" "${port}"
	fi
	cli_space

	# Exit if zone is down
	if ! zone_is_up ${zone}; then
		echo # Empty line
		exit ${EXIT_ERROR}
	fi

	# XXX display time since connection started

	cli_headline 2 "Point-to-Point-over-Ethernet protocol"
	local proto
	for proto in ${IP_SUPPORTED_PROTOCOLS}; do
		routing_db_exists ${zone} ${proto} || continue

		local headline
		case "${proto}" in
			ipv6)
				headline="Internet Protocol Version 6"
				;;
			ipv4)
				headline="Internet Protocol Version 4"
				;;
			*)
				headline="Unkown protocol"
				;;
		esac
		cli_headline 3 "${headline}"

		cli_print_fmt1 3 "IP address"  "$(routing_db_get ${zone} ${proto} local-ip-address)"
		cli_print_fmt1 3 "Gateway"     "$(routing_db_get ${zone} ${proto} remote-ip-address)"
		cli_print_fmt1 3 "DNS servers" "$(routing_db_get ${zone} ${proto} dns)"
		cli_space
		cli_print_fmt1 3 "MAC-Remote"  "$(routing_db_get ${zone} ${proto} remote-address)"
		cli_space
	done

	exit ${EXIT_OK}
}

function hook_ppp_write_config() {
	local zone=${1}
	assert isset zone

	local file=${2}
	assert isset file

	# Read in the configuration files.
	zone_settings_read "${zone}" ${HOOK_SETTINGS}

	# A port has to be assigned for this action
	local port=$(__hook_get_port "${zone}")
	if ! isset port; then
		error "No port assigned to pppoe hook of zone '${zone}'"
		exit ${EXIT_ERROR}
	fi

	# Prepare the command line options for the pppoe plugin.
	local plugin_options

	# Add the access concentrator (if any).
	if isset ACCESS_CONCENTRATOR; then
		plugin_options="${plugin_options} rp_pppoe_ac '${ACCESS_CONCENTRATOR}'"
	fi

	# Add the service name (if any).
	if isset SERVICE_NAME; then
		plugin_options="${plugin_options} rp_pppoe_service '${SERVICE_NAME}'"
	fi

	# The last argument must be the interface.
	plugin_options="${plugin_options} ${port}"

	pppd_write_config ${file} \
		--interface="${zone}" \
		--username="${USERNAME}" \
		--password="${PASSWORD}" \
		--mtu="${MTU}" \
		--auth="${AUTH}" \
		--ipv6="${IPV6}" \
		\
		--plugin="${PPPOE_PLUGIN}" \
		--plugin-options="${plugin_options}"

	exit ${EXIT_OK}
}

function __hook_get_port() {
	local zone="${1}"

	local port
	for port in $(zone_get_ports "${zone}"); do
		echo "${port}"
		return ${EXIT_OK}
	done

	return ${EXIT_ERROR}
}

function hook_port_add() {
	# Excepting at least two arguments here
	assert [ $# -ge 2 ]

	local zone="${1}"
	local port="${2}"
	shift 2

	# PPPoE can only use one port
	local ports_num="$(zone_get_ports_num "${zone}")"
	if [ ${ports_num} -ge 1 ]; then
		local port=$(__hook_get_port "${zone}")
		error "The pppoe zone hook only supports assigning one port"
		error "  port '${port}' has already been assigned to zone '${zone}'"
		return ${EXIT_ERROR}
	fi

	zone_port_settings_write "${zone}" "${port}"
	log INFO "Port '${port}' has been added to zone '${zone}'"

	exit ${EXIT_OK}
}

function hook_port_remove() {
	assert [ $# -eq 2 ]

	local zone="${1}"
	local port="${2}"

	# Shut down the port (if possible)
	port_down "${port}"

	log INFO "Port '${port}' has been removed from zone '${zone}'"
	zone_port_settings_remove "${zone}" "${port}"

	exit ${EXIT_OK}
}
Commit	Line	Data
1848564d MT	1	#!/bin/bash
	2	###############################################################################
	3	# #
	4	# IPFire.org - A linux based firewall #
97cb552e	5	# Copyright (C) 2012 IPFire Network Development Team #
1848564d MT	6	# #
	7	# This program is free software: you can redistribute it and/or modify #
	8	# it under the terms of the GNU General Public License as published by #
	9	# the Free Software Foundation, either version 3 of the License, or #
	10	# (at your option) any later version. #
	11	# #
	12	# This program is distributed in the hope that it will be useful, #
	13	# but WITHOUT ANY WARRANTY; without even the implied warranty of #
	14	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
	15	# GNU General Public License for more details. #
	16	# #
	17	# You should have received a copy of the GNU General Public License #
	18	# along with this program. If not, see <http://www.gnu.org/licenses/>. #
	19	# #
	20	###############################################################################
	21
f41fa3d7	22	. /usr/lib/network/header-zone
1848564d	23
97cb552e	24	HOOK_SETTINGS="HOOK ACCESS_CONCENTRATOR AUTH USERNAME PASSWORD"
529141df	25	HOOK_SETTINGS="${HOOK_SETTINGS} SERVICE_NAME MTU IPV6 PREFIX_DELEGATION"
1848564d	26
97cb552e MT	27	# User credentials for the dialin.
	28	USERNAME=""
	29	PASSWORD=""
1848564d	30
97cb552e	31	# Set the authentication mechanism.
1848564d	32	AUTH=
97cb552e	33
97cb552e MT	34	# Access Concentrator.
	35	ACCESS_CONCENTRATOR=""
	36
	37	# Service name.
	38	SERVICE_NAME=""
	39
	40	# Maximum Transmission Unit.
	41	# 1492 is a very common value for that.
1848564d	42	MTU=1492
1848564d	43
97cb552e	44	# This hook can work with all authentication methods supported by pppd.
3a829636	45	PPPOE_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}"
1848564d MT	46	PPPOE_PLUGIN="rp-pppoe.so"
1848564d MT	47
69e93b3c MT	48	# Request an IPv6 address.
	49	IPV6="true"
	50
08e40c8c MT	51	# Use IPv6 prefix delegation.
	52	PREFIX_DELEGATION="false"
	53
2181765d	54	function hook_check() {
97cb552e MT	55	assert isset USERNAME
97cb552e MT	56	assert isset PASSWORD
261132f9	57
3a829636	58	isset AUTH && assert isoneof AUTH ${PPPOE_SUPPORTED_AUTH_METHODS}
261132f9	59
69e93b3c	60	assert isset IPV6
08e40c8c	61	assert isset PREFIX_DELEGATION
1848564d MT	62	}
1848564d MT	63
2181765d	64	function hook_parse_cmdline() {
1848564d	65	while [ $# -gt 0 ]; do
97cb552e MT	66	case "${1}" in
	67	--access-concentrator=*)
	68	ACCESS_CONCENTRATOR=$(cli_get_val ${1})
1848564d	69	;;
97cb552e MT	70	--auth=*)
97cb552e MT	71	AUTH=$(cli_get_val ${1})
1848564d	72	;;
69e93b3c MT	73	--ipv6=*)
	74	local value="$(cli_get_val "${1}")"
	75	if enabled value; then
	76	IPV6="true"
	77	else
	78	IPV6="false"
	79	fi
	80	;;
1848564d	81	--mtu=*)
97cb552e	82	MTU=$(cli_get_val ${1})
1848564d	83	;;
97cb552e MT	84	--password=*)
97cb552e MT	85	PASSWORD=$(cli_get_val ${1})
1848564d	86	;;
08e40c8c MT	87	--prefix-delegation=*)
	88	PREFIX_DELEGATION="$(cli_get_bool "${1}")"
	89	;;
97cb552e MT	90	--service-name=*)
97cb552e MT	91	SERVICE_NAME=$(cli_get_val ${1})
1848564d	92	;;
97cb552e MT	93	--username=*)
97cb552e MT	94	USERNAME=$(cli_get_val ${1})
201b7dff	95	;;
1848564d	96	*)
97cb552e	97	warning "Unknown argument: ${1}" >&2
1848564d MT	98	;;
	99	esac
	100	shift
	101	done
1848564d MT	102	}
1848564d MT	103
2181765d	104	function hook_up() {
1848564d	105	local zone=${1}
711ffac1 MT	106	assert isset zone
711ffac1 MT	107
e9df08ad	108	zone_settings_read "${zone}" ${HOOK_SETTINGS}
2044f591 MT	109
2044f591 MT	110	# Bring up the port.
529141df MT	111	local port=$(__hook_get_port "${zone}")
529141df MT	112	port_up "${port}"
2044f591	113
97cb552e MT	114	# Start the ppp daemon.
97cb552e MT	115	pppd_start ${zone}
da453c33	116
97cb552e	117	exit ${EXIT_OK}
1848564d MT	118	}
1848564d MT	119
2181765d	120	function hook_down() {
1848564d	121	local zone=${1}
97cb552e	122	assert isset zone
1848564d	123
e9df08ad	124	zone_settings_read "${zone}" ${HOOK_SETTINGS}
2044f591	125
97cb552e MT	126	# Stop the ppp daemon.
97cb552e MT	127	pppd_stop ${zone}
1848564d	128
2044f591 MT	129	# Bring down the port.
	130	log DEBUG "Bringing down port '${PORT}'."
	131	port_down ${PORT}
	132
1848564d MT	133	exit ${EXIT_OK}
	134	}
	135
2181765d	136	function hook_discover() {
1848564d MT	137	local device=${1}
1848564d MT	138
5dfc94a8 MT	139	# This obviously only works on ethernet (or compatible) devices
5dfc94a8 MT	140	if ! device_is_ethernet_compatible "${device}"; then
5b20e43a	141	exit ${EXIT_ERROR}
1848564d MT	142	fi
	143
	144	local output
	145	output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1)
	146
	147	# Exit if there was not output
	148	[ -z "${output}" ] && exit ${DISCOVER_ERROR}
	149
	150	# Exit if PADI timed out
	151	grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR}
	152
	153	local ac
	154	while read line; do
	155	case "${line}" in
	156	Access-Concentrator:*)
	157	ac="${line#Access-Concentrator: }"
	158	;;
	159	esac
	160	done <<<"${output}"
	161
	162	echo "ACCESS_CONCENTRATOR=\"$ac\""
	163
	164	exit ${DISCOVER_OK}
	165	}
5b20e43a	166
2181765d	167	function hook_status() {
8eadf1da	168	local zone=${1}
711ffac1 MT	169	assert isset zone
711ffac1 MT	170
3cb2fc42	171	cli_device_headline ${zone}
8eadf1da	172
e9df08ad	173	zone_settings_read "${zone}" ${HOOK_SETTINGS}
711ffac1	174
3cb2fc42	175	cli_headline 2 "Configuration"
97cb552e MT	176	cli_print_fmt1 2 "Username" "${USERNAME}"
97cb552e MT	177	cli_print_fmt1 2 "Password" "<hidden>"
529141df MT	178
	179	local port=$(__hook_get_port "${zone}")
	180	if isset port; then
	181	cli_print_fmt1 2 "Port" "${port}"
	182	fi
3cb2fc42 MT	183	cli_space
3cb2fc42 MT	184
8eadf1da MT	185	# Exit if zone is down
	186	if ! zone_is_up ${zone}; then
	187	echo # Empty line
	188	exit ${EXIT_ERROR}
	189	fi
	190
711ffac1 MT	191	# XXX display time since connection started
711ffac1 MT	192
3cb2fc42	193	cli_headline 2 "Point-to-Point-over-Ethernet protocol"
201b7dff MT	194	local proto
	195	for proto in ${IP_SUPPORTED_PROTOCOLS}; do
	196	routing_db_exists ${zone} ${proto} \|\| continue
3cb2fc42 MT	197
	198	local headline
	199	case "${proto}" in
	200	ipv6)
	201	headline="Internet Protocol Version 6"
	202	;;
	203	ipv4)
	204	headline="Internet Protocol Version 4"
	205	;;
	206	*)
	207	headline="Unkown protocol"
	208	;;
	209	esac
	210	cli_headline 3 "${headline}"
	211
	212	cli_print_fmt1 3 "IP address" "$(routing_db_get ${zone} ${proto} local-ip-address)"
	213	cli_print_fmt1 3 "Gateway" "$(routing_db_get ${zone} ${proto} remote-ip-address)"
	214	cli_print_fmt1 3 "DNS servers" "$(routing_db_get ${zone} ${proto} dns)"
	215	cli_space
	216	cli_print_fmt1 3 "MAC-Remote" "$(routing_db_get ${zone} ${proto} remote-address)"
	217	cli_space
201b7dff	218	done
3cb2fc42	219
8eadf1da MT	220	exit ${EXIT_OK}
	221	}
	222
2181765d	223	function hook_ppp_write_config() {
97cb552e MT	224	local zone=${1}
	225	assert isset zone
	226
	227	local file=${2}
	228	assert isset file
	229
	230	# Read in the configuration files.
e9df08ad	231	zone_settings_read "${zone}" ${HOOK_SETTINGS}
97cb552e	232
529141df MT	233	# A port has to be assigned for this action
	234	local port=$(__hook_get_port "${zone}")
	235	if ! isset port; then
	236	error "No port assigned to pppoe hook of zone '${zone}'"
	237	exit ${EXIT_ERROR}
	238	fi
	239
97cb552e MT	240	# Prepare the command line options for the pppoe plugin.
	241	local plugin_options
	242
	243	# Add the access concentrator (if any).
	244	if isset ACCESS_CONCENTRATOR; then
	245	plugin_options="${plugin_options} rp_pppoe_ac '${ACCESS_CONCENTRATOR}'"
711ffac1 MT	246	fi
711ffac1 MT	247
97cb552e MT	248	# Add the service name (if any).
	249	if isset SERVICE_NAME; then
	250	plugin_options="${plugin_options} rp_pppoe_service '${SERVICE_NAME}'"
	251	fi
711ffac1	252
97cb552e	253	# The last argument must be the interface.
529141df	254	plugin_options="${plugin_options} ${port}"
97cb552e MT	255
	256	pppd_write_config ${file} \
	257	--interface="${zone}" \
6c74a64c MT	258	--username="${USERNAME}" \
6c74a64c MT	259	--password="${PASSWORD}" \
97cb552e MT	260	--mtu="${MTU}" \
97cb552e MT	261	--auth="${AUTH}" \
69e93b3c	262	--ipv6="${IPV6}" \
97cb552e MT	263	\
	264	--plugin="${PPPOE_PLUGIN}" \
	265	--plugin-options="${plugin_options}"
	266
6c74a64c	267	exit ${EXIT_OK}
711ffac1	268	}
529141df MT	269
	270	function __hook_get_port() {
	271	local zone="${1}"
	272
	273	local port
	274	for port in $(zone_get_ports "${zone}"); do
	275	echo "${port}"
	276	return ${EXIT_OK}
	277	done
	278
	279	return ${EXIT_ERROR}
	280	}
	281
	282	function hook_port_add() {
	283	# Excepting at least two arguments here
	284	assert [ $# -ge 2 ]
	285
	286	local zone="${1}"
	287	local port="${2}"
	288	shift 2
	289
	290	# PPPoE can only use one port
	291	local ports_num="$(zone_get_ports_num "${zone}")"
	292	if [ ${ports_num} -ge 1 ]; then
	293	local port=$(__hook_get_port "${zone}")
	294	error "The pppoe zone hook only supports assigning one port"
	295	error " port '${port}' has already been assigned to zone '${zone}'"
	296	return ${EXIT_ERROR}
	297	fi
	298
e9df08ad	299	zone_port_settings_write "${zone}" "${port}"
529141df MT	300	log INFO "Port '${port}' has been added to zone '${zone}'"
	301
	302	exit ${EXIT_OK}
	303	}
	304
	305	function hook_port_remove() {
	306	assert [ $# -eq 2 ]
	307
	308	local zone="${1}"
	309	local port="${2}"
	310
	311	# Shut down the port (if possible)
	312	port_down "${port}"
	313
	314	log INFO "Port '${port}' has been removed from zone '${zone}'"
e9df08ad	315	zone_port_settings_remove "${zone}" "${port}"
529141df MT	316
	317	exit ${EXIT_OK}
	318	}