]> git.ipfire.org Git - people/stevee/network.git/blob - hooks/zones/6rd
projects / people / stevee / network.git / blob
? search:


8dc94a8834bac188c18db92ef26785bd3fbc1e94
[people/stevee/network.git] / hooks / zones / 6rd
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Network Development Team #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 . /usr/lib/network/header-zone
23
24 HOOK_SETTINGS="HOOK SIX_RD_PREFIX LOCAL_ADDRESS PUBLIC_ADDRESS SERVER_ADDRESS"
25
26 # The address that is assigned to the tunnel device (with prefix).
27 SIX_RD_PREFIX=""
28
29 # The local IPv4 address of the tunnel endpoint.
30 # For usage if the endpoint is in a pre-routed network.
31 LOCAL_ADDRESS=""
32
33 # The IPv4 address of the tunnel endpoint where to connect to.
34 SERVER_ADDRESS=""
35
36 # The public IPv4 address of the tunnel client.
37 PUBLIC_ADDRESS=""
38
39 function hook_check() {
40 assert isset SIX_RD_PREFIX
41 assert isset PUBLIC_ADDRESS
42 assert isset SERVER_ADDRESS
43
44 # Check if an optional local address has been specified or use the public address instead.
45 if [ -z "${LOCAL_ADDRESS}" ]; then
46 LOCAL_ADDRESS="${PUBLIC_ADDRESS}"
47 fi
48
49 assert isset LOCAL_ADDRESS
50
51 # Check input.
52 if ! ipv6_is_valid "${SIX_RD_PREFIX}"; then
53 log ERROR "Invalid 6rd prefix. Please use a valid IPv6 prefix."
54 return ${EXIT_ERROR}
55 fi
56
57 if ! ipv4_is_valid "${SERVER_ADDRESS}"; then
58 log ERROR "Invalid server address. Please use a valid IPv4 address."
59 return ${EXIT_ERROR}
60 fi
61
62 if ! ipv4_is_valid "${PUBLIC_ADDRESS}"; then
63 log ERROR "Invalid public address. Please use a valid IPv4 address."
64 return ${EXIT_ERROR}
65 fi
66
67 if ! ipv4_is_valid "${LOCAL_ADDRESS}"; then
68 log ERROR "Invalid local address. Please use a valid IPv4 address."
69 return ${EXIT_ERROR}
70 fi
71 }
72
73 function hook_parse_cmdline() {
74 local value
75
76 while [ $# -gt 0 ]; do
77 case "${1}" in
78 --6rd-prefix=*)
79 SIX_RD_PREFIX=$(cli_get_val ${1})
80 ;;
81 --server-address=*)
82 SERVER_ADDRESS=$(cli_get_val ${1})
83 ;;
84 --local-ipv4-address=*)
85 LOCAL_ADDRESS=$(cli_get_val ${1})
86 ;;
87 --public-ipv4-address=*)
88 PUBLIC_ADDRESS=$(cli_get_val ${1})
89 ;;
90 *)
91 echo "Unknown option: ${1}" >&2
92 exit ${EXIT_ERROR}
93 ;;
94 esac
95 shift
96 done
97 }
98
99 function hook_up() {
100 local zone="${1}"
101 assert isset zone
102
103 # Read configuration options.
104 zone_config_read "${zone}"
105
106 # Configure the tunnel.
107 if ! device_exists "${zone}"; then
108 ip_tunnel_add "${zone}" \
109 --ttl=64 \
110 --local-address="${LOCAL_ADDRESS}"
111 fi
112
113 # Set 6rd prefix.
114 ip_tunnel_6rd_set_prefix "${zone}" "${SIX_RD_PREFIX}"
115
116 # Bring up the device.
117 device_set_up "${zone}"
118
119 # Update routing information.
120 routing_db_set "${zone}" ipv6 "type" "${HOOK}"
121 routing_db_set "${zone}" ipv6 "local-ip-address" "::${LOCAL_ADDRESS}"
122 routing_db_set "${zone}" ipv6 "remote-ip-address" "::${SERVER_ADDRESS}"
123 routing_db_set "${zone}" ipv6 "active" 1
124
125 # Update the routing database.
126 routing_update ${zone} ipv6
127 routing_default_update
128
129 exit ${EXIT_OK}
130 }
131
132 function hook_down() {
133 local zone=${1}
134 assert isset zone
135
136 # Remove everything from the routing db.
137 routing_db_remove ${zone} ipv6
138 routing_update ${zone} ipv6
139 routing_default_update
140
141 # Remove the tunnel device.
142 ip_tunnel_del ${zone}
143
144 exit ${EXIT_OK}
145 }
146
147 function hook_status() {
148 local zone=${1}
149 assert isset zone
150
151 cli_device_headline ${zone}
152
153 zone_config_read ${zone}
154
155 local server_line="${SERVER_ADDRESS}"
156 local server_hostname=$(dns_get_hostname ${SERVER_ADDRESS})
157 if [ -n "${server_hostname}" ]; then
158 server_line="${server_line} (Hostname: ${server_hostname})"
159 fi
160
161 cli_headline 2 "Configuration"
162 cli_print_fmt1 2 "Server" "${server_line}"
163 cli_print_fmt1 2 "6rd Prefix" "${SIX_RD_PREFIX}"
164 cli_space
165
166 # Generate the IPv6 prefix from the given 6rd Prefix and the Public IPv4 Address.
167 local six_rd_address="$(ipv6_6rd_format_address "${SIX_RD_PREFIX}" "${PUBLIC_ADDRESS}")"
168
169 cli_headline 2 "Tunnel properties"
170 cli_print_fmt1 2 "IPv6 Subnet" "${six_rd_address}"
171 cli_space
172
173 exit ${EXIT_OK}
174 }
Stevee's network tree.