]> git.ipfire.org Git - people/stevee/network.git/blob - src/functions/functions.zone
projects / people / stevee / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix hook settings writing and checking
[people/stevee/network.git] / src / functions / functions.zone
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2010 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 function zone_dir() {
23 local zone=${1}
24
25 echo "${NETWORK_ZONE_DIR}/zones/${zone}"
26 }
27
28 function zone_exists() {
29 local zone=${1}
30 assert isset zone
31
32 [ -d "$(zone_dir ${zone})" ]
33 }
34
35 function zone_match() {
36 local match
37
38 local i
39 for i in ${VALID_ZONES}; do
40 match="${match}|${i}[0-9]{1,5}"
41 done
42
43 echo "${match:1:${#match}}"
44 }
45
46 function zone_name_is_valid() {
47 local zone=${1}
48
49 # Don't accept empty strings.
50 [ -z "${zone}" ] && return ${EXIT_FALSE}
51
52 [[ ${zone} =~ $(zone_match) ]]
53 }
54
55 function zone_is_local() {
56 local zone=${1}
57
58 [[ "${zone:0:${#ZONE_LOCAL}}" = "${ZONE_LOCAL}" ]]
59 }
60
61 function zone_is_nonlocal() {
62 local zone=${1}
63
64 [[ "${zone:0:${#ZONE_NONLOCAL}}" = "${ZONE_NONLOCAL}" ]]
65 }
66
67 function zone_get_hook() {
68 local zone=${1}
69 assert isset zone
70
71 config_get_hook $(zone_dir ${zone})/settings
72 }
73
74 function zone_start() {
75 # This function will bring up the zone
76 # 'asynchronously' with help of systemd.
77
78 local zone=${1}
79 assert zone_exists ${zone}
80
81 service_start "network@${zone}.service"
82 }
83
84 function zone_start_auto() {
85 local zone="${1}"
86 assert zone_exists "${zone}"
87
88 # If the zone has already been started, we
89 # will reload it so the current configuration
90 # is re-applied.
91 if zone_is_active "${zone}"; then
92 zone_reload "${zone}"
93 return ${?}
94
95 # If the zone is still down, but in auto-start mode,
96 # we will start it.
97 elif zone_is_enabled "${zone}"; then
98 zone_start "${zone}"
99 return ${?}
100 fi
101
102 # Otherwise, nothing will be done.
103 return ${EXIT_OK}
104 }
105
106 function zone_stop() {
107 # This function will bring down the zone
108 # 'asynchronously' with help of systemd.
109
110 local zone=${1}
111 assert zone_exists ${zone}
112
113 service_stop "network@${zone}.service"
114 }
115
116 function zone_reload() {
117 local zone="${1}"
118 assert zone_exists "${zone}"
119
120 service_reload "network@${zone}.service"
121 }
122
123 function zone_hotplug_event() {
124 local zone="${1}"
125 assert isset zone
126
127 hotplug_assert_in_hotplug_event
128
129 zone_cmd "hotplug" "${zone}"
130 }
131
132 function zone_enable() {
133 # This function will enable the zone
134 # with help of systemd.
135
136 local zone="${1}"
137 assert zone_exists "${zone}"
138
139 # Enable service for the zone
140 service_enable "network@${zone}.service"
141 local ret=$?
142
143 if [ ${ret} -eq ${EXIT_OK} ]; then
144 log INFO "Auto-start enabled for zone ${zone}"
145 return ${EXIT_OK}
146 fi
147
148 log ERROR "Could not enable zone ${zone}: ${ret}"
149 return ${ret}
150 }
151
152 function zone_disable() {
153 # This function will disable the zone
154 # with help of systemd.
155
156 local zone="${1}"
157 assert zone_exists "${zone}"
158
159 # Disable service for the zone
160 service_disable "network@${zone}.service"
161 local ret=$?
162
163 if [ ${ret} -eq ${EXIT_OK} ]; then
164 log INFO "Auto-start disabled for zone ${zone}"
165 return ${EXIT_OK}
166 fi
167
168 log ERROR "Could not disable zone ${zone}: ${ret}"
169 return ${ret}
170 }
171
172 function zone_is_enabled() {
173 local zone="${1}"
174 assert isset zone
175
176 # Ask systemd if the zone is enabled.
177 if service_is_enabled "network@${zone}.service"; then
178 return ${EXIT_TRUE}
179 fi
180
181 return ${EXIT_FALSE}
182 }
183
184 function zone_is_active() {
185 local zone="${1}"
186 assert isset zone
187
188 if service_is_active "network@${zone}.service"; then
189 return ${EXIT_TRUE}
190 fi
191
192 return ${EXIT_FALSE}
193 }
194
195 function zone_is_enabled_or_active() {
196 local zone="${1}"
197 assert isset zone
198
199 zone_is_enabled "${zone}" || zone_is_active "${zone}"
200 }
201
202 function zone_cmd() {
203 local cmd="${1}"
204 local port="${2}"
205 shift 2
206
207 assert isset cmd
208 assert isset zone
209
210 local hook="$(zone_get_hook ${zone})"
211 assert isset hook
212
213 hook_exec zone "${hook}" "${cmd}" "${zone}" $@
214 }
215
216 function zone_new() {
217 local zone=${1}
218 local hook=${2}
219 shift 2
220
221 if ! zone_name_is_valid ${zone}; then
222 error "Zone name '${zone}' is not valid."
223 return ${EXIT_ERROR}
224 fi
225
226 if zone_exists ${zone}; then
227 error "Zone '${zone}' does already exist."
228 return ${EXIT_ERROR}
229 fi
230
231 if ! hook_zone_exists ${hook}; then
232 error "Hook '${hook}' does not exist."
233 return ${EXIT_ERROR}
234 fi
235
236 mkdir -p $(zone_dir ${zone})
237
238 # Create directories for configs and ports
239 mkdir -p $(zone_dir ${zone})/{configs,ports}
240
241 hook_zone_exec "${hook}" "new" "${zone}" $@
242 local ret=$?
243
244 # Maybe the zone new hook did not exit correctly.
245 # If this is the case we remove the created zone immediately.
246 if [ "${ret}" = "${EXIT_ERROR}" ]; then
247 zone_destroy_now "${zone}"
248 return ${EXIT_ERROR}
249 fi
250
251 # Automatically enable zone.
252 zone_enable "${zone}"
253 }
254
255 function zone_edit() {
256 local zone=${1}
257 shift
258
259 if ! zone_exists ${zone}; then
260 error "Zone '${zone}' does not exist."
261 return ${EXIT_ERROR}
262 fi
263
264 # Check if the zone is tagged for removal.
265 if zone_has_destroy_tag ${zone}; then
266 error "You cannot edit a zone that is tagged for removal."
267 return ${EXIT_ERROR}
268 fi
269
270 local hook="$(zone_get_hook "${zone}")"
271 if [ -z "${hook}" ]; then
272 error "Config file did not provide any hook."
273 return ${EXIT_ERROR}
274 fi
275
276 if ! hook_zone_exists ${hook}; then
277 error "Hook '${hook}' does not exist."
278 return ${EXIT_ERROR}
279 fi
280
281 hook_zone_exec ${hook} edit ${zone} $@
282 }
283
284
285 function zone_destroy() {
286 local zone="${1}"
287 assert zone_exists "${zone}"
288
289 # Make the zone for removal.
290 touch "$(zone_dir "${zone}")/.destroy"
291
292 log INFO "Zone '${zone}' has been tagged for removal."
293 }
294
295 function zone_has_destroy_tag() {
296 local zone="${1}"
297 assert zone_exists "${zone}"
298
299 [ -e "$(zone_dir "${zone}")/.destroy" ]
300 }
301
302 # This function will remove the given zone
303 # RIGHT NOW. Use zone_destroy to remove it
304 # at the next status change.
305 function zone_destroy_now() {
306 local zone="${1}"
307 assert zone_exists "${zone}"
308
309 log INFO "Removing zone '${zone}' right now."
310
311 # Force the zone down.
312 zone_is_up "${zone}" && zone_set_down "${zone}"
313
314 # Disable zone.
315 zone_disable "${zone}"
316
317 rm -rf "$(zone_dir "${zone}")"
318 }
319
320 function zone_up() {
321 local zone=${1}
322 shift
323
324 if ! zone_exists ${zone}; then
325 error "Zone '${zone}' does not exist."
326 return ${EXIT_ERROR}
327 fi
328
329 # Check if a zone has got the remove tag.
330 if zone_has_destroy_tag ${zone}; then
331 error "Cannot bring up any zone which is to be removed."
332 return ${EXIT_ERROR}
333 fi
334
335 local hook="$(zone_get_hook "${zone}")"
336 if [ -z "${hook}" ]; then
337 error "Config file did not provide any hook."
338 return ${EXIT_ERROR}
339 fi
340
341 if ! hook_zone_exists ${hook}; then
342 error "Hook '${hook}' does not exist."
343 return ${EXIT_ERROR}
344 fi
345
346 zone_db ${zone} starting
347
348 hook_zone_exec ${hook} up ${zone} $@
349
350 zone_db ${zone} started
351 }
352
353 function zone_down() {
354 local zone=${1}
355 shift
356
357 if ! zone_exists ${zone}; then
358 error "Zone '${zone}' does not exist."
359 return ${EXIT_ERROR}
360 fi
361
362 local hook="$(zone_get_hook "${zone}")"
363 if [ -z "${hook}" ]; then
364 error "Config file did not provide any hook."
365 return ${EXIT_ERROR}
366 fi
367
368 if ! hook_zone_exists ${hook}; then
369 error "Hook '${hook}' does not exist."
370 return ${EXIT_ERROR}
371 fi
372
373 zone_db ${zone} stopping
374
375 hook_zone_exec ${hook} down ${zone} $@
376
377 zone_db ${zone} stopped
378
379 # Remove the zone, if it has got a remove tag.
380 if zone_has_destroy_tag "${zone}"; then
381 zone_destroy_now "${zone}"
382 fi
383 }
384
385 function zone_status() {
386 local zone="${1}"
387 assert isset zone
388 shift
389
390 if ! zone_exists "${zone}"; then
391 error "Zone '${zone}' does not exist."
392 return ${EXIT_ERROR}
393 fi
394
395 local hook="$(zone_get_hook "${zone}")"
396 if [ -z "${hook}" ]; then
397 error "Config file did not provide any hook."
398 return ${EXIT_ERROR}
399 fi
400
401 if ! hook_zone_exists "${hook}"; then
402 error "Hook '${hook}' does not exist."
403 return ${EXIT_ERROR}
404 fi
405
406 hook_zone_exec "${hook}" "status" "${zone}" "$@"
407
408 # Show that the zone it to be removed soon.
409 if zone_has_destroy_tag ${zone}; then
410 warning "This zone is tagged for removal."
411 fi
412 }
413
414 function zone_port() {
415 local zone=${1}
416 local action=${2}
417 shift 2
418
419 assert isset zone
420 assert isset action
421 assert zone_exists ${zone}
422
423 case "${action}" in
424 add|edit|remove)
425 zone_port_${action} ${zone} $@
426 ;;
427 *)
428 error "Unrecognized argument: ${action}"
429 cli_usage root-zone-port-subcommands
430 exit ${EXIT_ERROR}
431 ;;
432 esac
433 }
434
435 function zone_port_add() {
436 local zone="${1}"
437 assert isset zone
438
439 local port="${2}"
440 assert isset port
441
442 shift 2
443
444 # Check if the port actually exists.
445 if ! port_exists "${port}"; then
446 error "Cannot add port '${port}' which does not exist"
447 return ${EXIT_ERROR}
448 fi
449
450 # Check if the port is already connected to this or any other zone.
451 local z
452 for z in $(zones_get_all); do
453 if zone_has_port "${z}" "${port}"; then
454 error "Port '${port}' is already assigned to zone '${z}'"
455 return ${EXIT_ERROR}
456 fi
457 done
458
459 local hook=$(zone_get_hook "${zone}")
460 assert isset hook
461
462 hook_zone_exec "${hook}" "port_add" "${zone}" "${port}" "$@"
463 }
464
465 function zone_port_edit() {
466 local zone="${1}"
467 assert isset zone
468
469 local port="${2}"
470 assert isset port
471
472 shift 2
473
474 # Check if the port actually exists.
475 if ! port_exists "${port}"; then
476 error "Port '${port}' does not exist"
477 return ${EXIT_ERROR}
478 fi
479
480 # Check if the zone actually has this port.
481 if ! zone_has_port "${zone}" "${port}"; then
482 error "Port '${port}' is not attached to zone '${zone}'"
483 return ${EXIT_ERROR}
484 fi
485
486 local hook=$(zone_get_hook "${zone}")
487 assert isset hook
488
489 hook_zone_exec "${hook}" "port_edit" "${zone}" "${port}" "$@"
490 }
491
492 function zone_port_remove() {
493 local zone="${1}"
494 assert isset zone
495
496 local port="${2}"
497 assert isset port
498
499 shift 2
500
501 # Check if the zone actually has this port.
502 if ! zone_has_port "${zone}" "${port}"; then
503 error "Port '${port}' is not attached to zone '${zone}'"
504 return ${EXIT_ERROR}
505 fi
506
507 local hook=$(zone_get_hook "${zone}")
508 assert isset hook
509
510 hook_zone_exec "${hook}" "port_remove" "${zone}" "${port}" "$@"
511 }
512
513 function zone_get_ports() {
514 local zone=${1}
515
516 assert isset zone
517
518 local port
519 for port in $(zone_dir ${zone})/ports/*; do
520 port=$(basename ${port})
521
522 if port_exists ${port}; then
523 echo "${port}"
524 fi
525 done
526 }
527
528 function zone_get_ports_num() {
529 local zone="${1}"
530 assert isset zone
531
532 local counter=0
533 local port
534 for port in $(zone_dir "${zone}")/ports/*; do
535 port="$(basename "${port}")"
536
537 if port_exists "${port}"; then
538 counter=$(( ${counter} + 1 ))
539 fi
540 done
541
542 echo "${counter}"
543 return ${EXIT_OK}
544 }
545
546 function zone_has_port() {
547 # Check, if the given port is configured
548 # in this zone.
549
550 local zone=${1}
551 local port=${2}
552 shift 2
553
554 assert isset zone
555 assert isset port
556
557 [ -e "$(zone_dir ${zone})/ports/${port}" ]
558 }
559
560 function zone_config() {
561 local zone="${1}"
562 local cmd="${2}"
563 shift 2
564
565 assert isset zone
566 assert isset cmd
567 assert zone_exists "${zone}"
568
569 case "${cmd}" in
570 create)
571 zone_config_create "${zone}" "$@"
572 ;;
573 edit)
574 zone_config_edit "${zone}" "$@"
575 ;;
576 remove)
577 zone_config_remove "${zone}" "$@"
578 ;;
579 *)
580 error "Unrecognized argument: ${cmd}"
581 cli_usage root-zone-config-subcommands
582 exit ${EXIT_ERROR}
583 ;;
584 esac
585 }
586
587 function zone_config_cmd() {
588 assert [ $# -gt 2 ]
589
590 local cmd="${1}"
591 local zone="${2}"
592 shift 2
593
594 local hook="$(zone_get_hook "${zone}")"
595 assert isset hook
596
597 hook_zone_exec "${hook}" "config_${cmd}" "${zone}" "$@"
598 }
599
600 function zone_config_create() {
601 zone_config_cmd "create" "$@"
602 }
603
604 function zone_config_edit() {
605 zone_config_cmd "edit" "$@"
606 }
607
608 function zone_config_remove() {
609 zone_config_cmd "remove" "$@"
610 }
611
612 function zone_config_show() {
613 zone_config_cmd "show" "$@"
614 }
615
616 function zone_show() {
617 local zone=${1}
618
619 echo "${zone}"
620 echo " Type: $(zone_get_hook ${zone})"
621 echo
622 }
623
624 function zones_show() {
625 local zone
626
627 for zone in $(zones_get $@); do
628 zone_show ${zone}
629 done
630 }
631
632 function zones_get_all() {
633 local zone
634 for zone in $(zone_dir)/*; do
635 zone=$(basename ${zone})
636 zone_exists ${zone} || continue
637
638 echo "${zone}"
639 done
640 }
641
642 function zones_get_local() {
643 local zone
644 for zone in $(zones_get_all); do
645 zone_is_local ${zone} && echo "${zone}"
646 done
647 }
648
649 function zones_get_nonlocal() {
650 local zone
651 for zone in $(zones_get_all); do
652 zone_is_nonlocal ${zone} && echo "${zone}"
653 done
654 }
655
656 function zones_get() {
657 local local=1
658 local remote=1
659
660 local zones
661
662 while [ $# -gt 0 ]; do
663 case "${1}" in
664 --local-only)
665 local=1
666 remote=0
667 ;;
668 --remote-only)
669 local=0
670 remote=1
671 ;;
672 --all)
673 local=1
674 remote=1
675 ;;
676 *)
677 if zone_name_is_valid ${1}; then
678 zones="${zones} ${1}"
679 else
680 warning "Unrecognized argument '${1}'"
681 fi
682 ;;
683 esac
684 shift
685 done
686
687 if [ -n "${zones}" ]; then
688 local zone
689 for zone in ${zones}; do
690 zone_exists ${zone} && echo "${zone}"
691 done
692 exit ${EXIT_OK}
693 fi
694
695 if [ ${local} -eq 1 ] && [ ${remote} -eq 1 ]; then
696 zones_get_all
697 elif [ ${local} -eq 1 ]; then
698 zones_get_local
699 elif [ ${remote} -eq 1 ]; then
700 zones_get_nonlocal
701 fi
702 }
703
704 function zone_ports_list() {
705 local zone=${1}
706
707 local port
708 for port in $(zone_dir ${zone})/ports/*; do
709 [ -e "${port}" ] || continue
710
711 echo $(basename ${port})
712 done
713 }
714
715 function zone_ports_cmd() {
716 local cmd=${1}
717 local zone=${2}
718 shift 2
719
720 assert isset cmd
721 assert isset zone
722
723 assert zone_exists ${zone}
724
725 local hook=$(zone_get_hook ${zone})
726
727 local port
728 for port in $(zone_get_ports ${zone}); do
729 hook_zone_exec ${hook} ${cmd} ${zone} ${port} $@
730 done
731 }
732
733 function zone_ports_create() {
734 zone_ports_cmd "port_create" $@
735 }
736
737 function zone_ports_remove() {
738 zone_ports_cmd "port_remove" $@
739 }
740
741 function zone_ports_up() {
742 zone_ports_cmd port_up $@
743 }
744
745 function zone_ports_down() {
746 zone_ports_cmd port_down $@
747 }
748
749 function zone_ports_status() {
750 zone_ports_cmd port_status $@
751 }
752
753 function zone_configs_cmd() {
754 assert [ $# -ge 2 ]
755
756 local cmd="${1}"
757 local zone="${2}"
758 shift 2
759
760 assert zone_exists "${zone}"
761
762 local config
763 for config in $(zone_configs_list "${zone}"); do
764 local config_hook="$(zone_config_get_hook "${zone}" "${config}")"
765 assert isset config_hook
766
767 hook_config_exec "${config_hook}" "${cmd}" "${zone}" "${config}" $@
768 done
769 }
770
771 function zone_configs_up() {
772 zone_configs_cmd "up" $@
773 }
774
775 function zone_configs_down() {
776 zone_configs_cmd "down" $@
777 }
778
779 function zone_configs_status() {
780 zone_configs_cmd "status" $@
781 }
782
783 function zone_configs_list() {
784 local zone=${1}
785
786 local config
787 for config in $(zone_dir ${zone})/configs/*; do
788 [ -e "${config}" ] || continue
789
790 basename ${config}
791 done
792 }
793
794 function zone_config_get_hook() {
795 assert [ $# -eq 2 ]
796
797 local zone="${1}"
798 assert isset zone
799
800 local config="${2}"
801 assert isset config
802
803 local HOOK
804 zone_config_settings_read "${zone}" "${config}" \
805 --ignore-superfluous-settings HOOK
806
807 print "${HOOK}"
808 }
809
810 function zone_has_ip() {
811 device_has_ip $@
812 }
813
814 function zone_db() {
815 local zone=${1}
816 local action=${2}
817 shift 2
818
819 case "${action}" in
820 starting|started|stopping|stopped)
821 db_connection_update ${zone} ${action}
822 ;;
823 esac
824 }
825
826 function zone_is_up() {
827 local zone=${1}
828
829 device_is_up ${zone}
830 }
831
832 function zone_is_down() {
833 ! zone_is_up $@
834 }
835
836 function zone_get_supported_port_hooks() {
837 local zone=${1}
838
839 local hook=$(zone_get_hook ${zone})
840
841 hook_zone_ports_get_all ${hook}
842 }
843
844 function zone_get_supported_config_hooks() {
845 hook_config_get_all
846 }
847
848 function zone_file() {
849 local zone=${1}
850
851 assert isset zone
852
853 echo "$(zone_dir ${zone})/settings"
854 }
855
856 function zone_settings_read() {
857 local zone=${1}
858 assert isset zone
859
860 # Save the HOOK variable.
861 local hook="${HOOK}"
862
863 settings_read "${zone}" ${HOOK_SETTINGS}
864
865 # Restore hook.
866 HOOK="${hook}"
867 }
868
869 function zone_settings_write() {
870 local zone="${1}"
871 assert isset zone
872
873 local args
874 if function_exists "hook_check_settings"; then
875 list_append args "--check=\"hook_check_settings\""
876 fi
877 list_append args ${HOOK_SETTINGS}
878
879 settings_write "$(zone_file ${zone})" ${args}
880 }
881
882 function zone_settings_set() {
883 local zone=${1}
884 shift
885 local args="$@"
886
887 assert isset zone
888
889 (
890 zone_settings_read ${zone}
891
892 for arg in ${args}; do
893 eval "${arg}"
894 done
895
896 zone_settings_write ${zone}
897 )
898 }
899
900 function zone_settings_get() {
901 local zone=${1}
902 local key=${2}
903
904 assert isset zone
905 assert isset key
906
907 (
908 zone_settings_read "${zone}" "${key}" \
909 --ignore-superfluous-settings
910
911 echo "${!key}"
912 )
913 }
914
915 function zone_config_settings_read() {
916 assert [ $# -gt 2 ]
917
918 local zone="${1}"
919 local config="${2}"
920 shift 2
921
922 local path="$(zone_dir "${zone}")/configs/${config}"
923 settings_read "${path}" "$@"
924 }
925
926 function zone_config_settings_write() {
927 assert [ $# -gt 2 ]
928
929 local zone="${1}"
930 local config="${2}"
931 shift 2
932
933 local path="$(zone_dir "${zone}")/configs/${config}"
934 settings_write "${path}" "$@"
935 }
936
937 function zone_port_settings_read() {
938 assert [ $# -gt 2 ]
939
940 local zone="${1}"
941 local port="${2}"
942 shift 2
943
944 local path="$(zone_dir "${zone}")/ports/${port}"
945 settings_read "${path}" "$@"
946 }
947
948 function zone_port_settings_write() {
949 assert [ $# -ge 2 ]
950
951 local zone="${1}"
952 local port="${2}"
953 shift 2
954
955 local args
956 if function_exists "hook_check_port_settings"; then
957 list_append args "--check=\"hook_check_port_settings\""
958 fi
959 list_append args $@
960
961 local path="$(zone_dir "${zone}")/ports/${port}"
962 settings_write "${path}" ${args}
963 }
964
965 function zone_port_settings_remove() {
966 assert [ $# -eq 2 ]
967
968 local zone="${1}"
969 local port="${2}"
970
971 local path="$(zone_dir "${zone}")/ports/${port}"
972 settings_remove "${path}"
973 }
Stevee's network tree.