]> git.ipfire.org Git - people/stevee/network.git/blob - src/hooks/zones/pptp
projects / people / stevee / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove executable permissions from source files.
[people/stevee/network.git] / src / hooks / zones / pptp
1 #!/bin/bash
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2013 IPFire Network Development Team #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 . /usr/lib/network/header-zone
23
24 HOOK_SETTINGS="HOOK AUTH INTERFACE_ADDRESS IPV6 MTU PASSWORD PEER_ADDRESS PORT"
25 HOOK_SETTINGS="${HOOK_SETTINGS} PREFIX PREFIX_DELEGATION REFUSED_AUTH_METHODS"
26 HOOK_SETTINGS="${HOOK_SETTINGS} USERNAME USE_DHCP"
27
28 # User credentials for the dialin.
29 USERNAME=""
30 PASSWORD=""
31
32 # The physical ethernet port the modem is connected to.
33 PORT=""
34
35 # The IPv4 address of the PPTP server to connect to.
36 PEER_ADDRESS=""
37
38 # Set the authentication mechanism.
39 AUTH=""
40
41 # Maximum Transmission Unit.
42 # 1492 is a very common value for that.
43 MTU="1492"
44
45 # This hook can work with all authentication methods supported by pppd.
46 PPP_SUPPORTED_AUTH_METHODS="${PPP_SUPPORTED_AUTH_METHODS}"
47
48 # Use DHCP to get a IPv4 Address for the interface.
49 USE_DHCP="false"
50
51 # Request an IPv6 address.
52 IPV6="true"
53
54 # Use IPv6 prefix delegation.
55 PREFIX_DELEGATION="false"
56
57 # A list of refused authentification methods.
58 REFUSED_AUTH_METHODS=""
59
60 function hook_check() {
61 assert isset USERNAME
62 assert isset PASSWORD
63 assert isset PEER_ADDRESS
64 assert isset IPV6
65 assert isset PREFIX_DELEGATION
66
67 # Check for valid port and IP settings.
68 if isset PORT; then
69 assert isset DHCP
70
71 # Check if port exists.
72 assert port_exists ${PORT}
73
74 # Check for valid interface address.
75 assert isset INTERFACE_ADDRESS
76
77 if ! ipv4_is_valid "${INTERFACE_ADDRESS}"; then
78 log ERROR "Invalid interface address. Please use a valid IPv4 address."
79 return ${EXIT_ERROR}
80 fi
81
82 # Check for a valid network prefix.
83 assert isinteger PREFIX
84
85 if [ ${PREFIX} -gt 30 ]; then
86 error "PREFIX is greater than 30."
87 exit ${EXIT_ERROR}
88 fi
89 fi
90
91 # Check if the peer-address is valid.
92 if ! ipv4_is_valid "${PEER_ADDRESS}"; then
93 log ERROR "Invalid peer-address. Please use a valid IPv4 address."
94 return ${EXIT_ERROR}
95 fi
96
97 # Check if a supported AUTH Mechanism has been given.
98 isset AUTH && assert isoneof AUTH ${PPP_SUPPORTED_AUTH_METHODS}
99 }
100
101 function hook_parse_cmdline() {
102 while [ $# -gt 0 ]; do
103 case "${1}" in
104 --auth=*)
105 AUTH="$(cli_get_val ${1})"
106 ;;
107 --interface-address=*)
108 INTERFACE_ADDRESS="$(cli_get_val ${1})"
109 ;;
110 --ipv6=*)
111 local value="$(cli_get_val "${1}")"
112
113 if enabled value; then
114 IPV6="true"
115 else
116 IPV6="false"
117 fi
118 ;;
119 --mtu=*)
120 MTU="$(cli_get_val ${1})"
121 ;;
122 --password=*)
123 PASSWORD="$(cli_get_val ${1})"
124 ;;
125 --peer-address=*)
126 PEER_ADDRESS="$(cli_get_val ${1})"
127 ;;
128 --port=*)
129 PORT="$(cli_get_val ${1})"
130 ;;
131 --prefix=*)
132 PREFIX="$(cli_get_val ${1})"
133 ;;
134 --prefix-delegation=*)
135 local value="$(cli_get_val "${1}")"
136
137 if enabled value; then
138 PREFIX_DELEGATION="true"
139 else
140 PREFIX_DELEGATION="false"
141 fi
142 ;;
143 --refuse-auth-methods=*)
144 REFUSED_AUTH_METHODS="$(cli_get_val ${1})"
145 ;;
146 --username=*)
147 USERNAME="$(cli_get_val ${1})"
148 ;;
149 --use-dhcp=*)
150 local value="$(cli_get_val "${1}")"
151
152 if enabled value; then
153 USE_DHCP="true"
154 else
155 USE_DHCP="false"
156 fi
157 ;;
158 *)
159 warning "Unknown argument: ${1}" >&2
160 ;;
161 esac
162 shift
163 done
164 }
165
166 function hook_up() {
167 local zone="${1}"
168 assert isset zone
169
170
171 zone_config_read "${zone}"
172
173 # Check if a port will be used.
174 if isset PORT; then
175
176 # Bring up the port.
177 log DEBUG "Bringing up port '${PORT}'."
178 port_up "${PORT}"
179
180 # Check if DHCP will be used, or a static IP has been configured.
181 if enabled USE_DHCP; then
182 # Start dhclient for IPv4 on this zone.
183 dhclient_start "${PORT}" "ipv4"
184 else
185 # Add ip address and network prefix.
186 ip_address_add "${PORT}" "${INTERFACE_ADDRESS}"/"${PREFIX}"
187 fi
188 fi
189
190 # Start the ppp daemon.
191 pppd_start "${zone}"
192
193 exit ${EXIT_OK}
194 }
195
196 function hook_down() {
197 local zone="${1}"
198 assert isset zone
199
200 zone_config_read "${zone}"
201
202 # Stop the ppp daemon.
203 pppd_stop "${zone}"
204
205
206 # Check if a port has been used.
207 if isset PORT; then
208
209 # Stop DHCP-Client or remove static IP address.
210 if enabled USE_DHCP; then
211 # Stop dhclient for IPv4 on this zone.
212 dhclient_stop "${PORT}" "ipv4"
213 else
214 # Remove address from interface.
215 ip_address_del "${PORT}" "${INTERFACE_ADDRESS}"/"${PREFIX}"
216 fi
217
218 # Bring down the port.
219 log DEBUG "Bringing down port '${PORT}'."
220 port_down "${PORT}"
221 fi
222
223 exit ${EXIT_OK}
224 }
225
226 function hook_status() {
227 local zone="${1}"
228 assert isset zone
229
230 cli_device_headline "${zone}"
231
232 zone_config_read "${zone}"
233
234 # Display port configuration if a port is used.
235 if isset PORT; then
236 cli_headline 2 "Configuration"
237 cli_print_fmt1 2 "IP Address" "${INTERFACE_ADDRESS}"/"${PREFIX}"
238 cli_print_fmt1 2 "Peer Address" "${PEER_ADDRESS}"
239 cli_print_fmt1 2 "Port" "${PORT}"
240 cli_space
241 fi
242
243 cli_headline 2 "Dialin Information"
244 cli_print_fmt1 2 "Username" "${USERNAME}"
245 cli_print_fmt1 2 "Password" "<hidden>"
246 cli_space
247
248 # Exit if zone is down
249 if ! zone_is_up ${zone}; then
250 echo # Empty line
251 exit ${EXIT_ERROR}
252 fi
253
254 cli_headline 2 "Point-to-Point-Tunneling protocol"
255 local proto
256 for proto in ${IP_SUPPORTED_PROTOCOLS}; do
257 routing_db_exists ${zone} ${proto} || continue
258
259 local headline
260 case "${proto}" in
261 ipv6)
262 headline="Internet Protocol Version 6"
263 ;;
264 ipv4)
265 headline="Internet Protocol Version 4"
266 ;;
267 *)
268 headline="Unkown protocol"
269 ;;
270 esac
271 cli_headline 3 "${headline}"
272
273 cli_print_fmt1 3 "IP address" "$(routing_db_get "${zone}" "${proto}" "local-ip-address")"
274 cli_print_fmt1 3 "Gateway" "$(routing_db_get "${zone}" "${proto}" "remote-ip-address")"
275 cli_print_fmt1 3 "DNS servers" "$(routing_db_get "${zone}" "${proto}" "dns")"
276 cli_space
277 done
278
279 exit ${EXIT_OK}
280 }
281
282 function hook_ppp_write_config() {
283 local zone="${1}"
284 assert isset zone
285
286 local file="${2}"
287 assert isset file
288
289 # Read in the configuration files.
290 zone_config_read "${zone}"
291
292 # Prepare the command line options for the pptp plugin.
293 local pptp_commandline="pptp ${PEER_ADDRESS} --nolaunchpppd"
294
295 pppd_write_config ${file} \
296 --interface="${zone}" \
297 --username="${USERNAME}" \
298 --password="${PASSWORD}" \
299 --mtu="${MTU}" \
300 --auth="${AUTH}" \
301 --pty="${pptp_commandline}" \
302 --ipv6="${IPV6}" \
303 --refuse="${REFUSED_AUTH_METHODS}"
304
305 exit ${EXIT_OK}
306 }
Stevee's network tree.