]>
Commit | Line | Data |
---|---|---|
1848564d MT |
1 | #!/bin/bash |
2 | ############################################################################### | |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
97cb552e | 5 | # Copyright (C) 2012 IPFire Network Development Team # |
1848564d MT |
6 | # # |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
21 | ||
f41fa3d7 | 22 | . /usr/lib/network/header-zone |
1848564d | 23 | |
97cb552e | 24 | HOOK_SETTINGS="HOOK ACCESS_CONCENTRATOR AUTH USERNAME PASSWORD" |
529141df | 25 | HOOK_SETTINGS="${HOOK_SETTINGS} SERVICE_NAME MTU IPV6 PREFIX_DELEGATION" |
1848564d | 26 | |
97cb552e MT |
27 | # User credentials for the dialin. |
28 | USERNAME="" | |
29 | PASSWORD="" | |
1848564d | 30 | |
97cb552e | 31 | # Set the authentication mechanism. |
1848564d | 32 | AUTH= |
97cb552e | 33 | |
97cb552e MT |
34 | # Access Concentrator. |
35 | ACCESS_CONCENTRATOR="" | |
36 | ||
37 | # Service name. | |
38 | SERVICE_NAME="" | |
39 | ||
40 | # Maximum Transmission Unit. | |
41 | # 1492 is a very common value for that. | |
1848564d | 42 | MTU=1492 |
1848564d | 43 | |
97cb552e | 44 | # This hook can work with all authentication methods supported by pppd. |
3a829636 | 45 | PPPOE_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}" |
1848564d MT |
46 | PPPOE_PLUGIN="rp-pppoe.so" |
47 | ||
69e93b3c MT |
48 | # Request an IPv6 address. |
49 | IPV6="true" | |
50 | ||
08e40c8c | 51 | # Use IPv6 prefix delegation. |
4cee7a5d | 52 | PREFIX_DELEGATION="true" |
08e40c8c | 53 | |
1c6a4e30 | 54 | hook_check_settings() { |
97cb552e MT |
55 | assert isset USERNAME |
56 | assert isset PASSWORD | |
261132f9 | 57 | |
3a829636 | 58 | isset AUTH && assert isoneof AUTH ${PPPOE_SUPPORTED_AUTH_METHODS} |
261132f9 | 59 | |
69e93b3c | 60 | assert isset IPV6 |
08e40c8c | 61 | assert isset PREFIX_DELEGATION |
1848564d MT |
62 | } |
63 | ||
1c6a4e30 | 64 | hook_parse_cmdline() { |
1848564d | 65 | while [ $# -gt 0 ]; do |
97cb552e MT |
66 | case "${1}" in |
67 | --access-concentrator=*) | |
68 | ACCESS_CONCENTRATOR=$(cli_get_val ${1}) | |
1848564d | 69 | ;; |
97cb552e MT |
70 | --auth=*) |
71 | AUTH=$(cli_get_val ${1}) | |
1848564d | 72 | ;; |
69e93b3c MT |
73 | --ipv6=*) |
74 | local value="$(cli_get_val "${1}")" | |
75 | if enabled value; then | |
76 | IPV6="true" | |
77 | else | |
78 | IPV6="false" | |
79 | fi | |
80 | ;; | |
1848564d | 81 | --mtu=*) |
97cb552e | 82 | MTU=$(cli_get_val ${1}) |
1848564d | 83 | ;; |
97cb552e MT |
84 | --password=*) |
85 | PASSWORD=$(cli_get_val ${1}) | |
1848564d | 86 | ;; |
08e40c8c MT |
87 | --prefix-delegation=*) |
88 | PREFIX_DELEGATION="$(cli_get_bool "${1}")" | |
89 | ;; | |
97cb552e MT |
90 | --service-name=*) |
91 | SERVICE_NAME=$(cli_get_val ${1}) | |
1848564d | 92 | ;; |
97cb552e MT |
93 | --username=*) |
94 | USERNAME=$(cli_get_val ${1}) | |
201b7dff | 95 | ;; |
1848564d | 96 | *) |
97cb552e | 97 | warning "Unknown argument: ${1}" >&2 |
1848564d MT |
98 | ;; |
99 | esac | |
100 | shift | |
101 | done | |
1848564d MT |
102 | } |
103 | ||
1c6a4e30 | 104 | hook_up() { |
1848564d | 105 | local zone=${1} |
711ffac1 MT |
106 | assert isset zone |
107 | ||
ac694a6a MT |
108 | # If this zone's port is not set, we will return |
109 | # with EXIT_OK so that this zone will remain active, | |
110 | # but we cannot start pppd. | |
111 | local port=$(__hook_get_port "${zone}") | |
112 | if ! isset port || ! port_exists "${port}"; then | |
113 | log WARNING "Could not bring up zone '${zone}' because no port is attached" | |
114 | exit ${EXIT_OK} | |
115 | fi | |
116 | ||
1e6f187e | 117 | zone_settings_read "${zone}" |
2044f591 | 118 | |
3ab3292c SS |
119 | # Load the pppoe kernel module |
120 | module_load "pppoe" | |
121 | ||
2044f591 | 122 | # Bring up the port. |
529141df | 123 | port_up "${port}" |
2044f591 | 124 | |
97cb552e MT |
125 | # Start the ppp daemon. |
126 | pppd_start ${zone} | |
da453c33 | 127 | |
97cb552e | 128 | exit ${EXIT_OK} |
1848564d MT |
129 | } |
130 | ||
1c6a4e30 | 131 | hook_down() { |
1848564d | 132 | local zone=${1} |
97cb552e | 133 | assert isset zone |
1848564d | 134 | |
1e6f187e | 135 | zone_settings_read "${zone}" |
2044f591 | 136 | |
97cb552e MT |
137 | # Stop the ppp daemon. |
138 | pppd_stop ${zone} | |
1848564d | 139 | |
2044f591 | 140 | # Bring down the port. |
ebd29545 SS |
141 | local port=$(__hook_get_port "${zone}") |
142 | if isset port; then | |
143 | log DEBUG "Bringing down port '${port}'" | |
144 | port_down "${port}" | |
145 | fi | |
2044f591 | 146 | |
1848564d MT |
147 | exit ${EXIT_OK} |
148 | } | |
149 | ||
1c6a4e30 | 150 | hook_hotplug() { |
0994996d MT |
151 | local zone="${1}" |
152 | ||
153 | case "$(hotplug_action)" in | |
154 | add) | |
155 | if hotplug_event_interface_is_port_of_zone "${zone}"; then | |
156 | # Bring up the zone if it is enabled but not active, yet. | |
157 | zone_start_auto "${zone}" | |
158 | ||
159 | exit ${EXIT_OK} | |
160 | fi | |
161 | ;; | |
162 | remove) | |
163 | # PPPoE cannot work if the ethernet device has been removed | |
164 | if hotplug_event_interface_is_port_of_zone "${zone}"; then | |
165 | if zone_is_active "${zone}"; then | |
166 | zone_stop "${zone}" | |
167 | fi | |
168 | ||
169 | exit ${EXIT_OK} | |
170 | fi | |
171 | ;; | |
172 | esac | |
173 | ||
174 | exit ${EXIT_NOT_HANDLED} | |
175 | } | |
176 | ||
1c6a4e30 | 177 | hook_discover() { |
1848564d MT |
178 | local device=${1} |
179 | ||
5dfc94a8 MT |
180 | # This obviously only works on ethernet (or compatible) devices |
181 | if ! device_is_ethernet_compatible "${device}"; then | |
5b20e43a | 182 | exit ${EXIT_ERROR} |
1848564d MT |
183 | fi |
184 | ||
185 | local output | |
186 | output=$(pppoe-discovery -I ${device} -U $(uuid) 2>&1) | |
187 | ||
188 | # Exit if there was not output | |
189 | [ -z "${output}" ] && exit ${DISCOVER_ERROR} | |
190 | ||
191 | # Exit if PADI timed out | |
192 | grep -q "Timeout" <<<${output} && exit ${DISCOVER_ERROR} | |
193 | ||
194 | local ac | |
195 | while read line; do | |
196 | case "${line}" in | |
197 | Access-Concentrator:*) | |
198 | ac="${line#Access-Concentrator: }" | |
199 | ;; | |
200 | esac | |
201 | done <<<"${output}" | |
202 | ||
203 | echo "ACCESS_CONCENTRATOR=\"$ac\"" | |
204 | ||
205 | exit ${DISCOVER_OK} | |
206 | } | |
5b20e43a | 207 | |
1c6a4e30 | 208 | hook_status() { |
8eadf1da | 209 | local zone=${1} |
711ffac1 MT |
210 | assert isset zone |
211 | ||
3cb2fc42 | 212 | cli_device_headline ${zone} |
8eadf1da | 213 | |
1e6f187e | 214 | zone_settings_read "${zone}" |
711ffac1 | 215 | |
3cb2fc42 | 216 | cli_headline 2 "Configuration" |
97cb552e MT |
217 | cli_print_fmt1 2 "Username" "${USERNAME}" |
218 | cli_print_fmt1 2 "Password" "<hidden>" | |
529141df MT |
219 | |
220 | local port=$(__hook_get_port "${zone}") | |
221 | if isset port; then | |
222 | cli_print_fmt1 2 "Port" "${port}" | |
223 | fi | |
3cb2fc42 MT |
224 | cli_space |
225 | ||
8eadf1da MT |
226 | # Exit if zone is down |
227 | if ! zone_is_up ${zone}; then | |
228 | echo # Empty line | |
229 | exit ${EXIT_ERROR} | |
230 | fi | |
231 | ||
711ffac1 MT |
232 | # XXX display time since connection started |
233 | ||
3cb2fc42 | 234 | cli_headline 2 "Point-to-Point-over-Ethernet protocol" |
201b7dff MT |
235 | local proto |
236 | for proto in ${IP_SUPPORTED_PROTOCOLS}; do | |
c041b631 | 237 | db_exists "${zone}/${proto}" || continue |
3cb2fc42 MT |
238 | |
239 | local headline | |
240 | case "${proto}" in | |
241 | ipv6) | |
242 | headline="Internet Protocol Version 6" | |
243 | ;; | |
244 | ipv4) | |
245 | headline="Internet Protocol Version 4" | |
246 | ;; | |
247 | *) | |
248 | headline="Unkown protocol" | |
249 | ;; | |
250 | esac | |
251 | cli_headline 3 "${headline}" | |
252 | ||
c041b631 MT |
253 | cli_print_fmt1 3 "IP address" "$(db_get "${zone}/${proto}/local-ip-address")" |
254 | cli_print_fmt1 3 "Gateway" "$(db_get "${zone}/${proto}/remote-ip-address")" | |
d64f0511 | 255 | cli_print_fmt1 3 "DNS servers" "$(db_get "${zone}/${proto}/domain-name-servers")" |
3cb2fc42 | 256 | cli_space |
c041b631 | 257 | cli_print_fmt1 3 "MAC-Remote" "$(db_get "${zone}/${proto}/remote-address")" |
3cb2fc42 | 258 | cli_space |
201b7dff | 259 | done |
3cb2fc42 | 260 | |
8eadf1da MT |
261 | exit ${EXIT_OK} |
262 | } | |
263 | ||
1c6a4e30 | 264 | hook_ppp_write_config() { |
97cb552e MT |
265 | local zone=${1} |
266 | assert isset zone | |
267 | ||
268 | local file=${2} | |
269 | assert isset file | |
270 | ||
271 | # Read in the configuration files. | |
1e6f187e | 272 | zone_settings_read "${zone}" |
97cb552e | 273 | |
529141df MT |
274 | # A port has to be assigned for this action |
275 | local port=$(__hook_get_port "${zone}") | |
276 | if ! isset port; then | |
277 | error "No port assigned to pppoe hook of zone '${zone}'" | |
278 | exit ${EXIT_ERROR} | |
279 | fi | |
280 | ||
97cb552e MT |
281 | # Prepare the command line options for the pppoe plugin. |
282 | local plugin_options | |
283 | ||
284 | # Add the access concentrator (if any). | |
285 | if isset ACCESS_CONCENTRATOR; then | |
286 | plugin_options="${plugin_options} rp_pppoe_ac '${ACCESS_CONCENTRATOR}'" | |
711ffac1 MT |
287 | fi |
288 | ||
97cb552e MT |
289 | # Add the service name (if any). |
290 | if isset SERVICE_NAME; then | |
291 | plugin_options="${plugin_options} rp_pppoe_service '${SERVICE_NAME}'" | |
292 | fi | |
711ffac1 | 293 | |
97cb552e | 294 | # The last argument must be the interface. |
529141df | 295 | plugin_options="${plugin_options} ${port}" |
97cb552e MT |
296 | |
297 | pppd_write_config ${file} \ | |
298 | --interface="${zone}" \ | |
6c74a64c MT |
299 | --username="${USERNAME}" \ |
300 | --password="${PASSWORD}" \ | |
97cb552e MT |
301 | --mtu="${MTU}" \ |
302 | --auth="${AUTH}" \ | |
69e93b3c | 303 | --ipv6="${IPV6}" \ |
97cb552e MT |
304 | \ |
305 | --plugin="${PPPOE_PLUGIN}" \ | |
306 | --plugin-options="${plugin_options}" | |
307 | ||
6c74a64c | 308 | exit ${EXIT_OK} |
711ffac1 | 309 | } |
529141df | 310 | |
1c6a4e30 | 311 | __hook_get_port() { |
529141df MT |
312 | local zone="${1}" |
313 | ||
314 | local port | |
315 | for port in $(zone_get_ports "${zone}"); do | |
316 | echo "${port}" | |
317 | return ${EXIT_OK} | |
318 | done | |
319 | ||
320 | return ${EXIT_ERROR} | |
321 | } | |
322 | ||
1c6a4e30 | 323 | hook_port_attach() { |
529141df MT |
324 | # Excepting at least two arguments here |
325 | assert [ $# -ge 2 ] | |
326 | ||
327 | local zone="${1}" | |
328 | local port="${2}" | |
329 | shift 2 | |
330 | ||
331 | # PPPoE can only use one port | |
332 | local ports_num="$(zone_get_ports_num "${zone}")" | |
333 | if [ ${ports_num} -ge 1 ]; then | |
ac694a6a | 334 | local ports="$(zone_get_ports "${zone}")" |
529141df | 335 | error "The pppoe zone hook only supports assigning one port" |
ac694a6a | 336 | error " port '${ports}' has already been assigned to zone '${zone}'" |
529141df MT |
337 | return ${EXIT_ERROR} |
338 | fi | |
339 | ||
ac694a6a MT |
340 | if ! zone_port_settings_write "${zone}" "${port}"; then |
341 | exit ${EXIT_ERROR} | |
342 | fi | |
529141df MT |
343 | |
344 | exit ${EXIT_OK} | |
345 | } | |
346 | ||
1c6a4e30 | 347 | hook_port_detach() { |
529141df MT |
348 | assert [ $# -eq 2 ] |
349 | ||
350 | local zone="${1}" | |
351 | local port="${2}" | |
352 | ||
ac694a6a MT |
353 | # Shut down the entire zone here, because it cannot |
354 | # run without a port any way and removing the port would | |
355 | # create a hotplug event which will be processed after the | |
356 | # port has already been detached... | |
357 | zone_stop "${zone}" | |
529141df | 358 | |
ac694a6a MT |
359 | if ! zone_port_settings_remove "${zone}" "${port}"; then |
360 | exit ${EXIT_ERROR} | |
361 | fi | |
529141df MT |
362 | |
363 | exit ${EXIT_OK} | |
364 | } | |
4cee7a5d | 365 | |
1c6a4e30 | 366 | hook_ppp_ipv6_up() { |
4cee7a5d MT |
367 | local zone="${1}" |
368 | ||
369 | ppp_common_ipv6_up "${zone}" | |
370 | ||
371 | # Read configuration | |
372 | zone_settings_read "${zone}" | |
373 | ||
374 | if enabled PREFIX_DELEGATION; then | |
375 | dhclient_start "${zone}" ipv6 | |
376 | fi | |
377 | ||
378 | exit ${EXIT_OK} | |
379 | } | |
380 | ||
1c6a4e30 | 381 | hook_ppp_ipv6_down() { |
4cee7a5d MT |
382 | local zone="${1}" |
383 | ||
384 | ppp_common_ipv6_down "${zone}" | |
385 | ||
386 | # Read configuration | |
387 | zone_settings_read "${zone}" | |
388 | ||
389 | if enabled PREFIX_DELEGATION; then | |
390 | dhclient_stop "${zone}" ipv6 | |
391 | fi | |
392 | ||
393 | exit ${EXIT_OK} | |
394 | } |