]> git.ipfire.org Git - people/stevee/network.git/blobdiff - functions.aiccu
projects / people / stevee / network.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
wireless: Add function to find DFS channels.
[people/stevee/network.git] / functions.aiccu
diff --git a/functions.aiccu b/functions.aiccu
index 5c4d38bb322943d57200ed86a0e0cb35535a3d18..d29c538bbfa3e6603790d83a7b79fe6f36782ef4 100644 (file)
--- a/functions.aiccu
+++ b/functions.aiccu
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
+# Copyright (C) 2013  IPFire Network Development Team                         #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -19,116 +19,119 @@
 #                                                                             #
 ###############################################################################
 
-function aiccu_config_dir() {
-       local device=${1}
-
-       echo "${RUN_DIR}/aiccu/${device}"
-}
+# Define protocols which are supported by aiccu.
+AICCU_SUPPORTED_PROTOCOLS="tic tsp l2tp"
 
 function aiccu_start() {
        local device=${1}
-       shift
-
        assert isset device
 
-       local config_dir=$(aiccu_config_dir ${device})
-       mkdir -p ${config_dir}
-
-       local config_file=${config_dir}/config
-       aiccu_configure ${device} $@ > ${config_file}
-
-       aiccu start ${config_file} &>/dev/null
+       # Tell systemd to start aiccu on this device.
+       service_start "aiccu@${device}.service"
        local ret=$?
 
-       case "${ret}" in
-               0)
-                       log DEBUG "Aiccu was successfully started for '${device}'."
-                       return ${EXIT_OK}
-                       ;;
-               *)
-                       error_log "Could not start aiccu properly for '${device}'."
-                       
-                       error_log "Configuration file dump:"
-                       local line
-                       while read line; do
-                               error_log "  ${line}"
-                       done < ${config_file}
-
-                       return ${EXIT_ERROR}
-                       ;;
-       esac
+       if [ ${ret} -eq ${EXIT_OK} ]; then
+               log DEBUG "aiccu was successfully started on '${device}'."
+       else
+               log ERROR "Could not start aiccu properly on '${device}': ${ret}"
+               return ${EXIT_ERROR}
+       fi
+
+       return ${EXIT_OK}
 }
 
 function aiccu_stop() {
        local device=${1}
-
        assert isset device
 
-       aiccu stop $(aiccu_config_dir ${device})/config
-
-       rm -rf $(aiccu_config_dir ${device})
+       # Tell sysemd to stop aiccu on this device.
+       service_stop "aiccu@${device}.service"
 }
 
-function aiccu_configure() {
+function aiccu_write_config() {
        local device=${1}
+       local file=${2}
+       shift 2
 
        assert isset device
+       assert isset file
 
-       local user
-       local secret
+       local username
+       local password
        local server
        local protocol="tic"
        local tunnel_id
+       local require_tls
 
        while [ $# -gt  0 ]; do
                case "${1}" in
-                       --user=*)
-                               user=$(cli_get_val ${1})
+                       --username=*)
+                               username="$(cli_get_val ${1})"
                                ;;
-                       --secret=*)
-                               secret=$(cli_get_val ${1})
+                       --password=*)
+                               password="$(cli_get_val ${1})"
                                ;;
                        --server=*)
-                               server=$(cli_get_val ${1})
+                               server="$(cli_get_val ${1})"
                                ;;
                        --protocol=*)
-                               protocol=$(cli_get_val ${1})
+                               protocol="$(cli_get_val ${1})"
                                ;;
                        --tunnel-id=*)
-                               tunnel_id=$(cli_get_val ${1})
+                               tunnel_id="$(cli_get_val ${1})"
+                               ;;
+                       --require-tls=*)
+                               require_tls="$(cli_get_val ${1})"
+
+                               if enabled val; then
+                                       require_tls="true"
+                               else
+                                       require_tls="false"
+                               fi
                                ;;
                esac
                shift
        done
 
-       assert isset user
-       assert isset secret
+       assert isset username
+       assert isset password
        assert isset server
        assert isset protocol
-       assert isoneof protocol tic tsp l2tp
-
-cat <<EOF
-## AICCU configuration for ${zone}
-
-username ${user}
-password ${secret}
-
-server ${server}
-protocol ${protocol}
-
-$(isset tunnel_id && echo "tunnel_id ${tunnel_id}")
-
-ipv6_interface ${device}
-
-verbose true
-daemonize true
-automatic true
-
-pidfile $(aiccu_config_dir ${zone})/pid
-
-#setupscript /tmp/aiccu.sh
-
-EOF
+       assert isset require_tls
+       assert isoneof ${protocol} ${AICCU_SUPPORTED_PROTOCOLS}
+
+       # Write configuration file header.
+       config_header "aiccu configuration file for ${zone}" > ${file}
+
+       (
+               print "# Server info"
+               print "server ${server}"
+               print "protocol ${protocol}"
+               print
+
+               if isset tunnel_id; then
+                       print "# Tunnel ID"
+                       print "tunnel_id ${tunnel_id}"
+                       print
+               fi
+
+               print "# Credentials"
+               print "username ${username}"
+               print "password ${password}"
+               print
+
+               print "ipv6_interface ${device}"
+               print
+
+               print "# Security"
+               print "requiretls ${require_tls}"
+               print
+
+               # Misc.
+               print "verbose true"
+               print "daemonize false"
+               print "automatic true"
+       ) >> ${file}
 
        return ${EXIT_OK}
 }
Stevee's network tree.