]>
Commit | Line | Data |
---|---|---|
1848564d MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
97cb552e | 5 | # Copyright (C) 2012 IPFire Network Development Team # |
1848564d MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
f41fa3d7 | 22 | . /usr/lib/network/header-zone |
1848564d | 23 | |
97cb552e | 24 | HOOK_SETTINGS="HOOK ACCESS_CONCENTRATOR AUTH USERNAME PASSWORD" |
529141df | 25 | HOOK_SETTINGS="${HOOK_SETTINGS} SERVICE_NAME MTU IPV6 PREFIX_DELEGATION" |
1848564d | 26 | |
97cb552e MT |
27 | # User credentials for the dialin. |
28 | USERNAME="" | |
29 | PASSWORD="" | |
1848564d | 30 | |
97cb552e | 31 | # Set the authentication mechanism. |
1848564d | 32 | AUTH= |
97cb552e | 33 | |
97cb552e MT |
34 | # Access Concentrator. |
35 | ACCESS_CONCENTRATOR="" | |
36 | ||
37 | # Service name. | |
38 | SERVICE_NAME="" | |
39 | ||
40 | # Maximum Transmission Unit. | |
41 | # 1492 is a very common value for that. | |
1848564d | 42 | MTU=1492 |
1848564d | 43 | |
97cb552e | 44 | # This hook can work with all authentication methods supported by pppd. |
3a829636 | 45 | PPPOE_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}" |
1848564d MT |
46 | PPPOE_PLUGIN="rp-pppoe.so" |
47 | ||
69e93b3c MT |
48 | # Request an IPv6 address. |
49 | IPV6="true" | |
50 | ||
08e40c8c MT |
51 | # Use IPv6 prefix delegation. |
52 | PREFIX_DELEGATION="false" | |
53 | ||
1e6f187e | 54 | function hook_check_settings() { |
97cb552e MT |
55 | assert isset USERNAME |
56 | assert isset PASSWORD | |
261132f9 | 57 | |
3a829636 | 58 | isset AUTH && assert isoneof AUTH ${PPPOE_SUPPORTED_AUTH_METHODS} |
261132f9 | 59 | |
69e93b3c | 60 | assert isset IPV6 |
08e40c8c | 61 | assert isset PREFIX_DELEGATION |
1848564d MT |
62 | } |
63 | ||
2181765d | 64 | function hook_parse_cmdline() { |
1848564d | 65 | while [ $# -gt 0 ]; do |
97cb552e MT |
66 | case "${1}" in |
67 | --access-concentrator=*) | |
68 | ACCESS_CONCENTRATOR=$(cli_get_val ${1}) | |
1848564d | 69 | ;; |
97cb552e MT |
70 | --auth=*) |
71 | AUTH=$(cli_get_val ${1}) | |
1848564d | 72 | ;; |
69e93b3c MT |
73 | --ipv6=*) |
74 | local value="$(cli_get_val "${1}")" | |
75 | if enabled value; then | |
76 | IPV6="true" | |
77 | else | |
78 | IPV6="false" | |
79 | fi | |
80 | ;; | |
1848564d | 81 | --mtu=*) |
97cb552e | 82 | MTU=$(cli_get_val ${1}) |
1848564d | 83 | ;; |
97cb552e MT |
84 | --password=*) |
85 | PASSWORD=$(cli_get_val ${1}) | |
1848564d | 86 | ;; |
08e40c8c MT |
87 | --prefix-delegation=*) |
88 | PREFIX_DELEGATION="$(cli_get_bool "${1}")" | |
89 | ;; | |
97cb552e MT |
90 | --service-name=*) |
91 | SERVICE_NAME=$(cli_get_val ${1}) | |
1848564d | 92 | ;; |
97cb552e MT |
93 | --username=*) |
94 | USERNAME=$(cli_get_val ${1}) | |
201b7dff | 95 | ;; |
1848564d | 96 | *) |
97cb552e | 97 | warning "Unknown argument: ${1}" >&2 |
1848564d MT |
98 | ;; |
99 | esac | |
100 | shift | |
101 | done | |
1848564d MT |
102 | } |
103 | ||
2181765d | 104 | function hook_up() { |
1848564d | 105 | local zone=${1} |
711ffac1 MT |
106 | assert isset zone |
107 | ||
1e6f187e | 108 | zone_settings_read "${zone}" |
2044f591 MT |
109 | |
110 | # Bring up the port. | |
529141df MT |
111 | local port=$(__hook_get_port "${zone}") |
112 | port_up "${port}" | |
2044f591 | 113 | |
97cb552e MT |
114 | # Start the ppp daemon. |
115 | pppd_start ${zone} | |
da453c33 | 116 | |
97cb552e | 117 | exit ${EXIT_OK} |
1848564d MT |
118 | } |
119 | ||
2181765d | 120 | function hook_down() { |
1848564d | 121 | local zone=${1} |
97cb552e | 122 | assert isset zone |
1848564d | 123 | |
1e6f187e | 124 | zone_settings_read "${zone}" |
2044f591 | 125 | |
97cb552e MT |
126 | # Stop the ppp daemon. |
127 | pppd_stop ${zone} | |
1848564d | 128 | |
2044f591 MT |
129 | # Bring down the port. |
130 | log DEBUG "Bringing down port '${PORT}'." | |
131 | port_down ${PORT} | |
132 | ||
1848564d MT |
133 | exit ${EXIT_OK} |
134 | } | |
135 | ||
0994996d MT |
136 | function hook_hotplug() { |
137 | local zone="${1}" | |
138 | ||
139 | case "$(hotplug_action)" in | |
140 | add) | |
141 | if hotplug_event_interface_is_port_of_zone "${zone}"; then | |
142 | # Bring up the zone if it is enabled but not active, yet. | |
143 | zone_start_auto "${zone}" | |
144 | ||
145 | exit ${EXIT_OK} | |
146 | fi | |
147 | ;; | |
148 | remove) | |
149 | # PPPoE cannot work if the ethernet device has been removed | |
150 | if hotplug_event_interface_is_port_of_zone "${zone}"; then | |
151 | if zone_is_active "${zone}"; then | |
152 | zone_stop "${zone}" | |
153 | fi | |
154 | ||
155 | exit ${EXIT_OK} | |
156 | fi | |
157 | ;; | |
158 | esac | |
159 | ||
160 | exit ${EXIT_NOT_HANDLED} | |
161 | } | |
162 | ||
2181765d | 163 | function hook_discover() { |
1848564d MT |
164 | local device=${1} |
165 | ||
5dfc94a8 MT |
166 | # This obviously only works on ethernet (or compatible) devices |
167 | if ! device_is_ethernet_compatible "${device}"; then | |
5b20e43a | 168 | exit ${EXIT_ERROR} |
1848564d MT |
169 | fi |
170 | ||
171 | local output | |
172 | output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1) | |
173 | ||
174 | # Exit if there was not output | |
175 | [ -z "${output}" ] && exit ${DISCOVER_ERROR} | |
176 | ||
177 | # Exit if PADI timed out | |
178 | grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR} | |
179 | ||
180 | local ac | |
181 | while read line; do | |
182 | case "${line}" in | |
183 | Access-Concentrator:*) | |
184 | ac="${line#Access-Concentrator: }" | |
185 | ;; | |
186 | esac | |
187 | done <<<"${output}" | |
188 | ||
189 | echo "ACCESS_CONCENTRATOR=\"$ac\"" | |
190 | ||
191 | exit ${DISCOVER_OK} | |
192 | } | |
5b20e43a | 193 | |
2181765d | 194 | function hook_status() { |
8eadf1da | 195 | local zone=${1} |
711ffac1 MT |
196 | assert isset zone |
197 | ||
3cb2fc42 | 198 | cli_device_headline ${zone} |
8eadf1da | 199 | |
1e6f187e | 200 | zone_settings_read "${zone}" |
711ffac1 | 201 | |
3cb2fc42 | 202 | cli_headline 2 "Configuration" |
97cb552e MT |
203 | cli_print_fmt1 2 "Username" "${USERNAME}" |
204 | cli_print_fmt1 2 "Password" "<hidden>" | |
529141df MT |
205 | |
206 | local port=$(__hook_get_port "${zone}") | |
207 | if isset port; then | |
208 | cli_print_fmt1 2 "Port" "${port}" | |
209 | fi | |
3cb2fc42 MT |
210 | cli_space |
211 | ||
8eadf1da MT |
212 | # Exit if zone is down |
213 | if ! zone_is_up ${zone}; then | |
214 | echo # Empty line | |
215 | exit ${EXIT_ERROR} | |
216 | fi | |
217 | ||
711ffac1 MT |
218 | # XXX display time since connection started |
219 | ||
3cb2fc42 | 220 | cli_headline 2 "Point-to-Point-over-Ethernet protocol" |
201b7dff MT |
221 | local proto |
222 | for proto in ${IP_SUPPORTED_PROTOCOLS}; do | |
223 | routing_db_exists ${zone} ${proto} || continue | |
3cb2fc42 MT |
224 | |
225 | local headline | |
226 | case "${proto}" in | |
227 | ipv6) | |
228 | headline="Internet Protocol Version 6" | |
229 | ;; | |
230 | ipv4) | |
231 | headline="Internet Protocol Version 4" | |
232 | ;; | |
233 | *) | |
234 | headline="Unkown protocol" | |
235 | ;; | |
236 | esac | |
237 | cli_headline 3 "${headline}" | |
238 | ||
239 | cli_print_fmt1 3 "IP address" "$(routing_db_get ${zone} ${proto} local-ip-address)" | |
240 | cli_print_fmt1 3 "Gateway" "$(routing_db_get ${zone} ${proto} remote-ip-address)" | |
241 | cli_print_fmt1 3 "DNS servers" "$(routing_db_get ${zone} ${proto} dns)" | |
242 | cli_space | |
243 | cli_print_fmt1 3 "MAC-Remote" "$(routing_db_get ${zone} ${proto} remote-address)" | |
244 | cli_space | |
201b7dff | 245 | done |
3cb2fc42 | 246 | |
8eadf1da MT |
247 | exit ${EXIT_OK} |
248 | } | |
249 | ||
2181765d | 250 | function hook_ppp_write_config() { |
97cb552e MT |
251 | local zone=${1} |
252 | assert isset zone | |
253 | ||
254 | local file=${2} | |
255 | assert isset file | |
256 | ||
257 | # Read in the configuration files. | |
1e6f187e | 258 | zone_settings_read "${zone}" |
97cb552e | 259 | |
529141df MT |
260 | # A port has to be assigned for this action |
261 | local port=$(__hook_get_port "${zone}") | |
262 | if ! isset port; then | |
263 | error "No port assigned to pppoe hook of zone '${zone}'" | |
264 | exit ${EXIT_ERROR} | |
265 | fi | |
266 | ||
97cb552e MT |
267 | # Prepare the command line options for the pppoe plugin. |
268 | local plugin_options | |
269 | ||
270 | # Add the access concentrator (if any). | |
271 | if isset ACCESS_CONCENTRATOR; then | |
272 | plugin_options="${plugin_options} rp_pppoe_ac '${ACCESS_CONCENTRATOR}'" | |
711ffac1 MT |
273 | fi |
274 | ||
97cb552e MT |
275 | # Add the service name (if any). |
276 | if isset SERVICE_NAME; then | |
277 | plugin_options="${plugin_options} rp_pppoe_service '${SERVICE_NAME}'" | |
278 | fi | |
711ffac1 | 279 | |
97cb552e | 280 | # The last argument must be the interface. |
529141df | 281 | plugin_options="${plugin_options} ${port}" |
97cb552e MT |
282 | |
283 | pppd_write_config ${file} \ | |
284 | --interface="${zone}" \ | |
6c74a64c MT |
285 | --username="${USERNAME}" \ |
286 | --password="${PASSWORD}" \ | |
97cb552e MT |
287 | --mtu="${MTU}" \ |
288 | --auth="${AUTH}" \ | |
69e93b3c | 289 | --ipv6="${IPV6}" \ |
97cb552e MT |
290 | \ |
291 | --plugin="${PPPOE_PLUGIN}" \ | |
292 | --plugin-options="${plugin_options}" | |
293 | ||
6c74a64c | 294 | exit ${EXIT_OK} |
711ffac1 | 295 | } |
529141df MT |
296 | |
297 | function __hook_get_port() { | |
298 | local zone="${1}" | |
299 | ||
300 | local port | |
301 | for port in $(zone_get_ports "${zone}"); do | |
302 | echo "${port}" | |
303 | return ${EXIT_OK} | |
304 | done | |
305 | ||
306 | return ${EXIT_ERROR} | |
307 | } | |
308 | ||
309 | function hook_port_add() { | |
310 | # Excepting at least two arguments here | |
311 | assert [ $# -ge 2 ] | |
312 | ||
313 | local zone="${1}" | |
314 | local port="${2}" | |
315 | shift 2 | |
316 | ||
317 | # PPPoE can only use one port | |
318 | local ports_num="$(zone_get_ports_num "${zone}")" | |
319 | if [ ${ports_num} -ge 1 ]; then | |
320 | local port=$(__hook_get_port "${zone}") | |
321 | error "The pppoe zone hook only supports assigning one port" | |
322 | error " port '${port}' has already been assigned to zone '${zone}'" | |
323 | return ${EXIT_ERROR} | |
324 | fi | |
325 | ||
e9df08ad | 326 | zone_port_settings_write "${zone}" "${port}" |
529141df MT |
327 | log INFO "Port '${port}' has been added to zone '${zone}'" |
328 | ||
329 | exit ${EXIT_OK} | |
330 | } | |
331 | ||
332 | function hook_port_remove() { | |
333 | assert [ $# -eq 2 ] | |
334 | ||
335 | local zone="${1}" | |
336 | local port="${2}" | |
337 | ||
338 | # Shut down the port (if possible) | |
339 | port_down "${port}" | |
340 | ||
341 | log INFO "Port '${port}' has been removed from zone '${zone}'" | |
e9df08ad | 342 | zone_port_settings_remove "${zone}" "${port}" |
529141df MT |
343 | |
344 | exit ${EXIT_OK} | |
345 | } |