]>
Commit | Line | Data |
---|---|---|
1848564d MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
97cb552e | 5 | # Copyright (C) 2012 IPFire Network Development Team # |
1848564d MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
f41fa3d7 | 22 | . /usr/lib/network/header-zone |
1848564d | 23 | |
97cb552e | 24 | HOOK_SETTINGS="HOOK ACCESS_CONCENTRATOR AUTH USERNAME PASSWORD" |
529141df | 25 | HOOK_SETTINGS="${HOOK_SETTINGS} SERVICE_NAME MTU IPV6 PREFIX_DELEGATION" |
1848564d | 26 | |
97cb552e MT |
27 | # User credentials for the dialin. |
28 | USERNAME="" | |
29 | PASSWORD="" | |
1848564d | 30 | |
97cb552e | 31 | # Set the authentication mechanism. |
1848564d | 32 | AUTH= |
97cb552e | 33 | |
97cb552e MT |
34 | # Access Concentrator. |
35 | ACCESS_CONCENTRATOR="" | |
36 | ||
37 | # Service name. | |
38 | SERVICE_NAME="" | |
39 | ||
40 | # Maximum Transmission Unit. | |
41 | # 1492 is a very common value for that. | |
1848564d | 42 | MTU=1492 |
1848564d | 43 | |
97cb552e | 44 | # This hook can work with all authentication methods supported by pppd. |
3a829636 | 45 | PPPOE_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}" |
1848564d MT |
46 | PPPOE_PLUGIN="rp-pppoe.so" |
47 | ||
69e93b3c MT |
48 | # Request an IPv6 address. |
49 | IPV6="true" | |
50 | ||
08e40c8c MT |
51 | # Use IPv6 prefix delegation. |
52 | PREFIX_DELEGATION="false" | |
53 | ||
2181765d | 54 | function hook_check() { |
97cb552e MT |
55 | assert isset USERNAME |
56 | assert isset PASSWORD | |
261132f9 | 57 | |
3a829636 | 58 | isset AUTH && assert isoneof AUTH ${PPPOE_SUPPORTED_AUTH_METHODS} |
261132f9 | 59 | |
69e93b3c | 60 | assert isset IPV6 |
08e40c8c | 61 | assert isset PREFIX_DELEGATION |
1848564d MT |
62 | } |
63 | ||
2181765d | 64 | function hook_parse_cmdline() { |
1848564d | 65 | while [ $# -gt 0 ]; do |
97cb552e MT |
66 | case "${1}" in |
67 | --access-concentrator=*) | |
68 | ACCESS_CONCENTRATOR=$(cli_get_val ${1}) | |
1848564d | 69 | ;; |
97cb552e MT |
70 | --auth=*) |
71 | AUTH=$(cli_get_val ${1}) | |
1848564d | 72 | ;; |
69e93b3c MT |
73 | --ipv6=*) |
74 | local value="$(cli_get_val "${1}")" | |
75 | if enabled value; then | |
76 | IPV6="true" | |
77 | else | |
78 | IPV6="false" | |
79 | fi | |
80 | ;; | |
1848564d | 81 | --mtu=*) |
97cb552e | 82 | MTU=$(cli_get_val ${1}) |
1848564d | 83 | ;; |
97cb552e MT |
84 | --password=*) |
85 | PASSWORD=$(cli_get_val ${1}) | |
1848564d | 86 | ;; |
08e40c8c MT |
87 | --prefix-delegation=*) |
88 | PREFIX_DELEGATION="$(cli_get_bool "${1}")" | |
89 | ;; | |
97cb552e MT |
90 | --service-name=*) |
91 | SERVICE_NAME=$(cli_get_val ${1}) | |
1848564d | 92 | ;; |
97cb552e MT |
93 | --username=*) |
94 | USERNAME=$(cli_get_val ${1}) | |
201b7dff | 95 | ;; |
1848564d | 96 | *) |
97cb552e | 97 | warning "Unknown argument: ${1}" >&2 |
1848564d MT |
98 | ;; |
99 | esac | |
100 | shift | |
101 | done | |
1848564d MT |
102 | } |
103 | ||
2181765d | 104 | function hook_up() { |
1848564d | 105 | local zone=${1} |
711ffac1 MT |
106 | assert isset zone |
107 | ||
e9df08ad | 108 | zone_settings_read "${zone}" ${HOOK_SETTINGS} |
2044f591 MT |
109 | |
110 | # Bring up the port. | |
529141df MT |
111 | local port=$(__hook_get_port "${zone}") |
112 | port_up "${port}" | |
2044f591 | 113 | |
97cb552e MT |
114 | # Start the ppp daemon. |
115 | pppd_start ${zone} | |
da453c33 | 116 | |
97cb552e | 117 | exit ${EXIT_OK} |
1848564d MT |
118 | } |
119 | ||
2181765d | 120 | function hook_down() { |
1848564d | 121 | local zone=${1} |
97cb552e | 122 | assert isset zone |
1848564d | 123 | |
e9df08ad | 124 | zone_settings_read "${zone}" ${HOOK_SETTINGS} |
2044f591 | 125 | |
97cb552e MT |
126 | # Stop the ppp daemon. |
127 | pppd_stop ${zone} | |
1848564d | 128 | |
2044f591 MT |
129 | # Bring down the port. |
130 | log DEBUG "Bringing down port '${PORT}'." | |
131 | port_down ${PORT} | |
132 | ||
1848564d MT |
133 | exit ${EXIT_OK} |
134 | } | |
135 | ||
2181765d | 136 | function hook_discover() { |
1848564d MT |
137 | local device=${1} |
138 | ||
5dfc94a8 MT |
139 | # This obviously only works on ethernet (or compatible) devices |
140 | if ! device_is_ethernet_compatible "${device}"; then | |
5b20e43a | 141 | exit ${EXIT_ERROR} |
1848564d MT |
142 | fi |
143 | ||
144 | local output | |
145 | output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1) | |
146 | ||
147 | # Exit if there was not output | |
148 | [ -z "${output}" ] && exit ${DISCOVER_ERROR} | |
149 | ||
150 | # Exit if PADI timed out | |
151 | grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR} | |
152 | ||
153 | local ac | |
154 | while read line; do | |
155 | case "${line}" in | |
156 | Access-Concentrator:*) | |
157 | ac="${line#Access-Concentrator: }" | |
158 | ;; | |
159 | esac | |
160 | done <<<"${output}" | |
161 | ||
162 | echo "ACCESS_CONCENTRATOR=\"$ac\"" | |
163 | ||
164 | exit ${DISCOVER_OK} | |
165 | } | |
5b20e43a | 166 | |
2181765d | 167 | function hook_status() { |
8eadf1da | 168 | local zone=${1} |
711ffac1 MT |
169 | assert isset zone |
170 | ||
3cb2fc42 | 171 | cli_device_headline ${zone} |
8eadf1da | 172 | |
e9df08ad | 173 | zone_settings_read "${zone}" ${HOOK_SETTINGS} |
711ffac1 | 174 | |
3cb2fc42 | 175 | cli_headline 2 "Configuration" |
97cb552e MT |
176 | cli_print_fmt1 2 "Username" "${USERNAME}" |
177 | cli_print_fmt1 2 "Password" "<hidden>" | |
529141df MT |
178 | |
179 | local port=$(__hook_get_port "${zone}") | |
180 | if isset port; then | |
181 | cli_print_fmt1 2 "Port" "${port}" | |
182 | fi | |
3cb2fc42 MT |
183 | cli_space |
184 | ||
8eadf1da MT |
185 | # Exit if zone is down |
186 | if ! zone_is_up ${zone}; then | |
187 | echo # Empty line | |
188 | exit ${EXIT_ERROR} | |
189 | fi | |
190 | ||
711ffac1 MT |
191 | # XXX display time since connection started |
192 | ||
3cb2fc42 | 193 | cli_headline 2 "Point-to-Point-over-Ethernet protocol" |
201b7dff MT |
194 | local proto |
195 | for proto in ${IP_SUPPORTED_PROTOCOLS}; do | |
196 | routing_db_exists ${zone} ${proto} || continue | |
3cb2fc42 MT |
197 | |
198 | local headline | |
199 | case "${proto}" in | |
200 | ipv6) | |
201 | headline="Internet Protocol Version 6" | |
202 | ;; | |
203 | ipv4) | |
204 | headline="Internet Protocol Version 4" | |
205 | ;; | |
206 | *) | |
207 | headline="Unkown protocol" | |
208 | ;; | |
209 | esac | |
210 | cli_headline 3 "${headline}" | |
211 | ||
212 | cli_print_fmt1 3 "IP address" "$(routing_db_get ${zone} ${proto} local-ip-address)" | |
213 | cli_print_fmt1 3 "Gateway" "$(routing_db_get ${zone} ${proto} remote-ip-address)" | |
214 | cli_print_fmt1 3 "DNS servers" "$(routing_db_get ${zone} ${proto} dns)" | |
215 | cli_space | |
216 | cli_print_fmt1 3 "MAC-Remote" "$(routing_db_get ${zone} ${proto} remote-address)" | |
217 | cli_space | |
201b7dff | 218 | done |
3cb2fc42 | 219 | |
8eadf1da MT |
220 | exit ${EXIT_OK} |
221 | } | |
222 | ||
2181765d | 223 | function hook_ppp_write_config() { |
97cb552e MT |
224 | local zone=${1} |
225 | assert isset zone | |
226 | ||
227 | local file=${2} | |
228 | assert isset file | |
229 | ||
230 | # Read in the configuration files. | |
e9df08ad | 231 | zone_settings_read "${zone}" ${HOOK_SETTINGS} |
97cb552e | 232 | |
529141df MT |
233 | # A port has to be assigned for this action |
234 | local port=$(__hook_get_port "${zone}") | |
235 | if ! isset port; then | |
236 | error "No port assigned to pppoe hook of zone '${zone}'" | |
237 | exit ${EXIT_ERROR} | |
238 | fi | |
239 | ||
97cb552e MT |
240 | # Prepare the command line options for the pppoe plugin. |
241 | local plugin_options | |
242 | ||
243 | # Add the access concentrator (if any). | |
244 | if isset ACCESS_CONCENTRATOR; then | |
245 | plugin_options="${plugin_options} rp_pppoe_ac '${ACCESS_CONCENTRATOR}'" | |
711ffac1 MT |
246 | fi |
247 | ||
97cb552e MT |
248 | # Add the service name (if any). |
249 | if isset SERVICE_NAME; then | |
250 | plugin_options="${plugin_options} rp_pppoe_service '${SERVICE_NAME}'" | |
251 | fi | |
711ffac1 | 252 | |
97cb552e | 253 | # The last argument must be the interface. |
529141df | 254 | plugin_options="${plugin_options} ${port}" |
97cb552e MT |
255 | |
256 | pppd_write_config ${file} \ | |
257 | --interface="${zone}" \ | |
6c74a64c MT |
258 | --username="${USERNAME}" \ |
259 | --password="${PASSWORD}" \ | |
97cb552e MT |
260 | --mtu="${MTU}" \ |
261 | --auth="${AUTH}" \ | |
69e93b3c | 262 | --ipv6="${IPV6}" \ |
97cb552e MT |
263 | \ |
264 | --plugin="${PPPOE_PLUGIN}" \ | |
265 | --plugin-options="${plugin_options}" | |
266 | ||
6c74a64c | 267 | exit ${EXIT_OK} |
711ffac1 | 268 | } |
529141df MT |
269 | |
270 | function __hook_get_port() { | |
271 | local zone="${1}" | |
272 | ||
273 | local port | |
274 | for port in $(zone_get_ports "${zone}"); do | |
275 | echo "${port}" | |
276 | return ${EXIT_OK} | |
277 | done | |
278 | ||
279 | return ${EXIT_ERROR} | |
280 | } | |
281 | ||
282 | function hook_port_add() { | |
283 | # Excepting at least two arguments here | |
284 | assert [ $# -ge 2 ] | |
285 | ||
286 | local zone="${1}" | |
287 | local port="${2}" | |
288 | shift 2 | |
289 | ||
290 | # PPPoE can only use one port | |
291 | local ports_num="$(zone_get_ports_num "${zone}")" | |
292 | if [ ${ports_num} -ge 1 ]; then | |
293 | local port=$(__hook_get_port "${zone}") | |
294 | error "The pppoe zone hook only supports assigning one port" | |
295 | error " port '${port}' has already been assigned to zone '${zone}'" | |
296 | return ${EXIT_ERROR} | |
297 | fi | |
298 | ||
e9df08ad | 299 | zone_port_settings_write "${zone}" "${port}" |
529141df MT |
300 | log INFO "Port '${port}' has been added to zone '${zone}'" |
301 | ||
302 | exit ${EXIT_OK} | |
303 | } | |
304 | ||
305 | function hook_port_remove() { | |
306 | assert [ $# -eq 2 ] | |
307 | ||
308 | local zone="${1}" | |
309 | local port="${2}" | |
310 | ||
311 | # Shut down the port (if possible) | |
312 | port_down "${port}" | |
313 | ||
314 | log INFO "Port '${port}' has been removed from zone '${zone}'" | |
e9df08ad | 315 | zone_port_settings_remove "${zone}" "${port}" |
529141df MT |
316 | |
317 | exit ${EXIT_OK} | |
318 | } |