done
}
+function config_remove() {
+ local config_file="${1}"
+
+ local abspath="$(readlink -e "${config_file}")"
+ if [ "${config_file}" != "${abspath}" ]; then
+ log ERROR "Can only handle absolute paths"
+ return ${EXIT_ERROR}
+ fi
+
+ rm -f "${config_file}"
+}
+
function config_print() {
local param
EXIT_OK=0
EXIT_ERROR=1
EXIT_CONF_ERROR=2
+EXIT_NOT_SUPPORTED=3
EXIT_COMMAND_NOT_FOUND=127
EXIT_ERROR_ASSERT=128
local ret=$?
case "${ret}" in
- ${EXIT_COMMAND_NOT_FOUND})
- log ERROR "Hook command not implemented: ${hook_command} ($@)"
+ ${EXIT_COMMAND_NOT_FOUND}|${EXIT_NOT_SUPPORTED})
+ log ERROR "Hook '${hook}' does not implement the method '${cmd}':"
+ log ERROR " arguments: $@"
exit ${EXIT_COMMAND_NOT_FOUND}
;;
${EXIT_ERROR_ASSERT})
hook_exists zone $@
}
-function hook_zone_port_exists() {
- local hook_zone=${1}
- local hook_port=${2}
-
- hook_exists zone "${hook_zone}.ports/${hook_port}"
-}
-
function hook_zone_config_exists() {
local hook_zone=${1}
local hook_config=${2}
hook_exists zone "${hook_zone}.configs/${hook_config}"
}
-function hook_zone_has_ports() {
- local hook=${1}
-
- [ -d "${NETWORK_HOOKS_DIR_ZONES}/${hook}.ports" ]
-}
-
function hook_zone_has_configs() {
local hook=${1}
hook_exec zone $@
}
-function hook_zone_port_exec() {
- local hook_zone=${1}
- local hook_port=${2}
- shift 2
-
- hook_zone_exec "${hook_zone}.ports/${hook_port}" $@
-}
-
function hook_zone_config_exec() {
local hook_zone=${1}
local hook_port=${2}
done
}
-function hook_zone_ports_get_all() {
- local hook=${1}
-
- if ! hook_exists zone ${hook}; then
- error "Hook '${hook}' does not exist."
- return ${EXIT_ERROR}
- fi
-
- # If the zone hook has got no ports we exit silently
- if ! hook_zone_has_ports ${hook}; then
- return ${EXIT_OK}
- fi
-
- local h
- for h in $(hook_dir zone)/${hook}.ports/*; do
- h=$(basename ${h})
- if hook_zone_port_exists ${hook} ${h}; then
- echo "${h}"
- fi
- done
-}
-
function hook_zone_configs_get_all() {
local hook=${1}
assert isset action
assert zone_exists ${zone}
- # Aliases
- case "${action}" in
- del|delete|remove)
- action="rem"
- ;;
- esac
-
case "${action}" in
- add|edit|rem)
+ add|edit|remove)
zone_port_${action} ${zone} $@
;;
*)
}
function zone_port_add() {
- local zone=${1}
- shift
-
+ local zone="${1}"
assert isset zone
- local hook=$(zone_get_hook ${zone})
+ local port="${2}"
+ assert isset port
+
+ shift 2
+
+ # Check if the port actually exists.
+ if ! port_exists "${port}"; then
+ error "Cannot add port '${port}' which does not exist"
+ return ${EXIT_ERROR}
+ fi
+ # Check if the port is already connected to this or any other zone.
+ local z
+ for z in $(zones_get_all); do
+ if zone_has_port "${z}" "${port}"; then
+ error "Port '${port}' is already assigned to zone '${z}'"
+ return ${EXIT_ERROR}
+ fi
+ done
+
+ local hook=$(zone_get_hook "${zone}")
assert isset hook
- hook_zone_exec ${hook} port_add ${zone} $@
+ hook_zone_exec "${hook}" "port_add" "${zone}" "${port}" "$@"
}
function zone_port_edit() {
- zone_port_cmd edit $@
-}
+ local zone="${1}"
+ assert isset zone
-function zone_port_rem() {
- zone_port_cmd rem $@
-}
+ local port="${2}"
+ assert isset port
-function zone_port_cmd() {
- local cmd=${1}
- local zone=${2}
- local port=${3}
- shift 3
+ shift 2
- assert isset zone
- assert isset port
+ # Check if the port actually exists.
+ if ! port_exists "${port}"; then
+ error "Port '${port}' does not exist"
+ return ${EXIT_ERROR}
+ fi
- local hook_zone=$(zone_get_hook ${zone})
- local hook_port=$(port_get_hook ${port})
+ # Check if the zone actually has this port.
+ if ! zone_has_port "${zone}" "${port}"; then
+ error "Port '${port}' is not attached to zone '${zone}'"
+ return ${EXIT_ERROR}
+ fi
- assert isset hook_zone
- assert isset hook_port
+ local hook=$(zone_get_hook "${zone}")
+ assert isset hook
- hook_zone_port_exec ${hook_zone} ${hook_port} ${cmd} ${zone} ${port} $@
+ hook_zone_exec "${hook}" "port_edit" "${zone}" "${port}" "$@"
}
-function zone_port_up() {
- zone_port_cmd up $@
-}
+function zone_port_remove() {
+ local zone="${1}"
+ assert isset zone
+
+ local port="${2}"
+ assert isset port
+
+ shift 2
+
+ # Check if the zone actually has this port.
+ if ! zone_has_port "${zone}" "${port}"; then
+ error "Port '${port}' is not attached to zone '${zone}'"
+ return ${EXIT_ERROR}
+ fi
+
+ local hook=$(zone_get_hook "${zone}")
+ assert isset hook
-function zone_port_down() {
- zone_port_cmd down $@
+ hook_zone_exec "${hook}" "port_remove" "${zone}" "${port}" "$@"
}
function zone_get_ports() {
}
function hook_port_add() {
- hook_port_cmd add "$@"
+ return ${EXIT_NOT_SUPPORTED}
}
function hook_port_edit() {
- hook_port_cmd edit "$@"
+ return ${EXIT_NOT_SUPPORTED}
}
-function hook_port_rem() {
- hook_port_cmd remove "$@"
+function hook_port_remove() {
+ return ${EXIT_NOT_SUPPORTED}
}
function hook_port_show() {
}
function hook_port_status() {
- hook_port_cmd status "$@"
-}
-
-function hook_port_cmd() {
- local cmd="${1}"
- assert isset cmd
-
- local zone="${2}"
- assert isset zone
-
- local port="${3}"
- assert isset port
-
- shift 3
-
- local hook_zone="$(zone_get_hook ${zone})"
- assert isset hook_zone
-
- local hook_port="$(port_get_hook ${port})"
- assert isset hook_port
-
- if ! listmatch "${hook_port}" $(zone_get_supported_port_hooks ${zone}); then
- log ERROR "Zone '${zone}' does not support port of type '${hook_port}'."
- exit ${EXIT_ERROR}
- fi
-
- hook_zone_port_exec "${hook_zone}" "${hook_port}" "${cmd}" "${zone}" "${port}" "$@"
- exit $?
+ return ${EXIT_NOT_SUPPORTED}
}
function hook_port_up() {
- hook_port_cmd up "$@"
+ cmd_not_implemented
}
function hook_port_down() {
- hook_port_cmd down "$@"
+ cmd_not_implemented
}
function hook_config() {
HOOK_SETTINGS="HOOK STP STP_FORWARD_DELAY STP_HELLO STP_MAXAGE STP_MODE"
HOOK_SETTINGS="${HOOK_SETTINGS} STP_PRIORITY MAC MTU"
+HOOK_PORT_SETTINGS="COST PRIORITY"
+
# Default values
MAC=$(mac_generate)
MTU=1500
exit ${EXIT_OK}
}
+
+function __parse_cmdline_args() {
+ while [ $# -gt 0 ]; do
+ case "${1}" in
+ --priority=*)
+ PRIORITY="$(cli_get_val ${1})"
+ ;;
+ --cost=*)
+ COST="$(cli_get_val ${1})"
+ ;;
+ esac
+ shift
+ done
+
+ return ${EXIT_OK}
+}
+
+function hook_port_add() {
+ # Excepting at least two arguments here
+ assert [ $# -ge 2 ]
+
+ local zone="${1}"
+ local port="${2}"
+ shift 2
+
+ __parse_cmdline_args "$@"
+ [ $? -eq ${EXIT_OK} ] || return ${EXIT_ERROR}
+
+ config_write "$(zone_dir "${zone}")/ports/${port}" ${HOOK_PORT_SETTINGS}
+
+ log INFO "Port '${port}' has been added to zone '${zone}'"
+
+ exit ${EXIT_OK}
+}
+
+function hook_port_edit() {
+ assert [ $# -ge 2 ]
+
+ local zone="${1}"
+ local port="${2}"
+ shift 2
+
+ config_read "$(zone_dir "${zone}")/ports/${port}" ${HOOK_PORT_SETTINGS}
+
+ __parse_cmdline_args "$@"
+ [ $? -eq ${EXIT_OK} ] || return ${EXIT_ERROR}
+
+ config_write "$(zone_dir "${zone}")/ports/${port}" ${HOOK_PORT_SETTINGS}
+
+ log INFO "Port '${port}' (member of zone '${zone}') has been edited"
+
+ exit ${EXIT_OK}
+}
+
+function hook_port_remove() {
+ assert [ $# -eq 2 ]
+
+ local zone="${1}"
+ local port="${2}"
+
+ # Shut down the port (if possible)
+ port_down "${port}"
+
+ log INFO "Port '${port}' has been removed from zone '${zone}'"
+ config_remove "$(zone_dir "${zone}")/ports/${port}"
+
+ exit ${EXIT_OK}
+}
+
+function hook_port_up() {
+ assert [ $# -eq 2 ]
+
+ local zone="${1}"
+ local port="${2}"
+
+ port_up "${port}"
+
+ # Set same MTU to device that the bridge has got
+ device_set_mtu "${port}" $(device_get_mtu "${zone}")
+
+ bridge_attach_device "${zone}" "${port}"
+
+ # XXX must set cost and prio here
+
+ exit ${EXIT_OK}
+}
+
+function hook_port_down() {
+ assert [ $# -eq 2 ]
+
+ local zone="${1}"
+ local port="${2}"
+
+ bridge_detach_device "${zone}" "${port}"
+
+ port_down "${port}"
+
+ exit ${EXIT_OK}
+}
+
+function hook_port_status() {
+ assert [ $# -eq 2 ]
+
+ local zone="${1}"
+ local port="${2}"
+
+ # Do nothing for devices which are not up and running.
+ device_exists "${port}" || exit ${EXIT_OK}
+
+ local status
+
+ # Check if the device is down.
+ if ! device_is_up "${port}"; then
+ status="${MSG_DEVICE_STATUS_DOWN}"
+
+ # Check if the device has no carrier.
+ elif ! device_has_carrier "${port}"; then
+ status="${MSG_DEVICE_STATUS_NOCARRIER}"
+
+ # Check for STP information.
+ elif stp_is_enabled "${zone}"; then
+ local state="$(stp_port_get_state "${zone}" "${port}")"
+ state="MSG_STP_${state}"
+ status="${!state}"
+
+ status="${status} - DSR: $(stp_port_get_designated_root "${zone}" "${port}")"
+ status="${status} - Cost: $(stp_port_get_cost "${zone}" "${port}")"
+ else
+ status="${MSG_DEVICE_STATUS_UP}"
+ fi
+ cli_statusline 3 "${port}" "${status}"
+
+ exit ${EXIT_OK}
+}
+++ /dev/null
-ethernet
\ No newline at end of file
+++ /dev/null
-ethernet
\ No newline at end of file
+++ /dev/null
-ethernet
\ No newline at end of file
+++ /dev/null
-#!/bin/bash
-###############################################################################
-# #
-# IPFire.org - A linux based firewall #
-# Copyright (C) 2010 Michael Tremer & Christian Schmidt #
-# #
-# This program is free software: you can redistribute it and/or modify #
-# it under the terms of the GNU General Public License as published by #
-# the Free Software Foundation, either version 3 of the License, or #
-# (at your option) any later version. #
-# #
-# This program is distributed in the hope that it will be useful, #
-# but WITHOUT ANY WARRANTY; without even the implied warranty of #
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
-# #
-# You should have received a copy of the GNU General Public License #
-# along with this program. If not, see <http://www.gnu.org/licenses/>. #
-# #
-###############################################################################
-
-. /usr/lib/network/header-port
-
-HOOK_SETTINGS="COST PRIORITY"
-
-function hook_check() {
- local i
- for i in COST PRIORITY; do
- if isset ${i}; then
- assert isinteger ${i}
- fi
- done
-}
-
-function hook_add() {
- local zone=${1}
- local port=${2}
- shift 2
-
- assert isset zone
- assert isset port
-
- if ! port_exists ${port}; then
- error "Port '${port}' does not exist."
- exit ${EXIT_ERROR}
- fi
-
- config_read $(zone_dir ${zone})/ports/${port}
-
- while [ $# -gt 0 ]; do
- case "${1}" in
- --priority=*)
- PRIORITY=${1#--priority=}
- ;;
- --cost=*)
- COST=${1#--cost=}
- ;;
- esac
- shift
- done
-
- config_write $(zone_dir ${zone})/ports/${port} ${HOOK_SETTINGS}
-
- exit ${EXIT_OK}
-}
-
-function hook_edit() {
- hook_add $@
-}
-
-function hook_remove() {
- local zone=${1}
- local port=${2}
-
- assert isset zone
- assert isset port
-
- assert zone_exists ${zone}
-
- if ! listmatch ${port} $(zone_get_ports ${zone}); then
- error "Port '${port}' does not belong to '${zone}'."
- error "Won't remove anything."
- exit ${EXIT_ERROR}
- fi
-
- if port_exists ${port}; then
- ( _down ${zone} ${port} )
- fi
-
- rm -f $(zone_dir ${zone})/ports/${port}
-
- exit ${EXIT_OK}
-}
-
-function hook_up() {
- local zone=${1}
- local port=${2}
-
- assert isset zone
- assert isset port
-
- assert zone_exists ${zone}
- assert port_exists ${port}
-
- port_up ${port}
-
- # Set same MTU to device that the bridge has got
- device_set_mtu ${port} $(device_get_mtu ${zone})
-
- bridge_attach_device ${zone} ${port}
-
- # XXX must set cost and prio here
-
- exit ${EXIT_OK}
-}
-
-function hook_down() {
- local zone=${1}
- local port=${2}
-
- assert isset zone
- assert isset port
-
- assert zone_exists ${zone}
- assert port_exists ${port}
-
- bridge_detach_device ${zone} ${port}
-
- port_down ${port}
-
- exit ${EXIT_OK}
-}
-
-function hook_status() {
- local zone=${1}
- local port=${2}
-
- # Do nothing for devices which are not up and running.
- device_exists ${port} || exit ${EXIT_OK}
-
- local status
-
- # Check if the device is down.
- if ! device_is_up ${port}; then
- status=${MSG_DEVICE_STATUS_DOWN}
-
- # Check if the device has no carrier.
- elif ! device_has_carrier ${port}; then
- status=${MSG_DEVICE_STATUS_NOCARRIER}
-
- # Check for STP information.
- elif stp_is_enabled ${zone}; then
- local state=$(stp_port_get_state ${zone} ${port})
- state="MSG_STP_${state}"
- status="${!state}"
-
- status="${status} - DSR: $(stp_port_get_designated_root ${zone} ${port})"
- status="${status} - Cost: $(stp_port_get_cost ${zone} ${port})"
- else
- status=${MSG_DEVICE_STATUS_UP}
- fi
- cli_statusline 3 "${port}" "${status}"
-
- exit ${EXIT_OK}
-}
+++ /dev/null
-ethernet
\ No newline at end of file
+++ /dev/null
-ethernet
\ No newline at end of file
+++ /dev/null
-ethernet
\ No newline at end of file