From 943e3f7edf908a91a3b87b44dbb3cd1717b7a08f Mon Sep 17 00:00:00 2001 From: Michael Tremer Date: Sat, 10 Jul 2010 18:55:08 +0200 Subject: [PATCH] network: Again very much changes that are hard to break down. --- functions.device | 2 + functions.hook | 14 +++- functions.util | 10 +++ functions.virtual | 8 +++ functions.zone | 94 ++++++------------------ hooks/zones/bridge.ports/ethernet | 45 ++++++++---- hooks/zones/pppoe | 46 ++++++------ hooks/zones/pppoe.ports/bonding | 1 + hooks/zones/pppoe.ports/ethernet | 115 ++++++++++++++++++++++++++++++ hooks/zones/pppoe.ports/virtual | 1 + 10 files changed, 223 insertions(+), 113 deletions(-) create mode 100644 functions.virtual create mode 120000 hooks/zones/pppoe.ports/bonding create mode 100644 hooks/zones/pppoe.ports/ethernet create mode 120000 hooks/zones/pppoe.ports/virtual diff --git a/functions.device b/functions.device index cc1bba80..375d1065 100644 --- a/functions.device +++ b/functions.device @@ -637,6 +637,8 @@ function device_virtual_get_by_parent_and_vid() { local v_id local v_parent + assert [ -e "/proc/net/vlan/config" ] + fgrep '|' < /proc/net/vlan/config | tr -d '|' | \ while read v_port v_id v_parent; do if [ "${v_parent}" = "${parent}" ] && [ "${v_id}" = "${vid}" ]; then diff --git a/functions.hook b/functions.hook index 57b5389e..5b93bfe0 100644 --- a/functions.hook +++ b/functions.hook @@ -22,13 +22,20 @@ function hook_dir() { local type=${1} - echo "${HOOKS_DIR}/${type}s" + if [ -n "${type}" ]; then + type="/${type}s" + fi + + echo "${HOOKS_DIR}${type}" } function hook_exists() { local type=${1} local hook=${2} + assert isset type + assert isset hook + local hook_dir=$(hook_dir ${type}) [ -d "${hook_dir}/${hook}" ] && return ${EXIT_ERROR} @@ -41,6 +48,9 @@ function hook_exec() { local hook=${2} shift 2 + assert isset type + assert isset hook + if ! hook_exists ${type} ${hook}; then error "Hook '${hook}' does not exist." return ${EXIT_ERROR} @@ -52,6 +62,8 @@ function hook_exec() { function config_get_hook() { local config=${1} + assert isset config + ( . ${config} echo "${HOOK}" diff --git a/functions.util b/functions.util index 83ec302c..023de250 100644 --- a/functions.util +++ b/functions.util @@ -216,6 +216,7 @@ function isset() { [ -n "${!var}" ] } +# XXX Nearly same as listmatch function isoneof() { local var=${!1} shift @@ -348,3 +349,12 @@ function beautify_bytes() { echo "${value}${unit}" } + +function module_load() { + local module=${1} + + if ! grep -q "^${module}" /proc/modules; then + log DEBUG "Loading module '${module}'." + modprobe ${module} + fi +} diff --git a/functions.virtual b/functions.virtual new file mode 100644 index 00000000..a3e79424 --- /dev/null +++ b/functions.virtual @@ -0,0 +1,8 @@ +#!/bin/bash +# XXX header missing + +function virtual_init() { + module_load 8021q +} + +init_register virtual_init diff --git a/functions.zone b/functions.zone index 981c8e27..201444a9 100644 --- a/functions.zone +++ b/functions.zone @@ -98,6 +98,9 @@ function zone_create() { mkdir -p $(zone_dir ${zone}) + # Create directory for ports + mkdir -p $(zone_dir ${zone})/ports + hook_zone_exec ${hook} create ${zone} $@ local ret=$? @@ -226,31 +229,6 @@ function zone_status() { hook_zone_exec ${hook} status ${zone} $@ } -# XXX deprecated -function zone_port() { - local zone=${1} - shift - - if ! zone_exists ${zone}; then - error "Zone '${zone}' does not exist." - return ${EXIT_ERROR} - fi - - local hook=$(config_get_hook $(zone_dir ${zone})/settings) - - if [ -z "${hook}" ]; then - error "Config file did not provide any hook." - return ${EXIT_ERROR} - fi - - if ! hook_zone_exists ${hook}; then - error "Hook '${hook}' does not exist." - return ${EXIT_ERROR} - fi - - hook_zone_exec ${hook} port ${zone} $@ -} - function zone_port() { local zone=${1} local action=${2} @@ -260,35 +238,23 @@ function zone_port() { assert isset action assert zone_exists ${zone} + # Aliases case "${action}" in - add|remove|edit) - zone_port_${action} ${zone} $@ + del|delete|remove) + action="rem" ;; esac -} - -function zone_port_add() { - local zone=${1} - local port=${2} - shift 2 - - assert isset zone - assert isset port - assert zone_exists ${zone} - - local hook_port=$(port_get_hook ${port}) - - assert isset hook_port - - if ! listmatch ${hook_port} $(zone_get_supported_hooks ${zone}); then - error "Zone '${zone}' does not support ports with hook '${hook_port}'." - return ${EXIT_ERROR} - fi - # XXX does this already exist? - - # XXX I would rather like a relative symlink - ln -sf $(port_file ${port}) $(zone_dir ${zone})/port.${port} + case "${action}" in + add|edit|rem) + zone_port_${action} ${zone} $@ + ;; + *) + error "Unrecognized argument: ${action}" + cli_usage root-zone-port-subcommands + exit ${EXIT_ERROR} + ;; + esac } function zone_port_add() { @@ -305,25 +271,11 @@ function zone_port_add() { } function zone_port_edit() { - local zone=${1} - local port=${2} - shift 2 - - assert isset zone - assert isset port - - port_edit ${port} $@ + zone_port_cmd edit $@ } -function zone_port_remove() { - local zone=${1} - local port=${2} - shift 2 - - assert isset zone - assert isset port - - rm -f $(zone_dir ${zone})/port.${port} +function zone_port_rem() { + zone_port_cmd rem $@ } function zone_port_cmd() { @@ -346,11 +298,6 @@ function zone_port_cmd() { hook_zone_port_exec ${hook_zone} ${hook_port} ${cmd} ${zone} ${port} $@ } -function zone_port_cmd() { - error_log "UNSUPPORTED FUNCTION CALLED: zone_port_cmd" - backtrace -} - function zone_port_up() { zone_port_cmd up $@ } @@ -365,9 +312,8 @@ function zone_get_ports() { assert isset zone local port - for port in $(zone_dir ${zone})/port.*; do + for port in $(zone_dir ${zone})/ports/*; do port=$(basename ${port}) - port=${port#port.} if port_exists ${port}; then echo "${port}" diff --git a/hooks/zones/bridge.ports/ethernet b/hooks/zones/bridge.ports/ethernet index 0b8fd78e..1bef3590 100755 --- a/hooks/zones/bridge.ports/ethernet +++ b/hooks/zones/bridge.ports/ethernet @@ -21,34 +21,53 @@ . /lib/network/header-port -HOOK_SETTINGS="HOOK DEVICE" +HOOK_SETTINGS="COST PRIORITY" function _check() { - assert isset DEVICE_MAC - assert ismac DEVICE_MAC + local i + for i in COST PRIORITY; do + if isset ${i}; then + assert isinteger ${i} + fi + done } -function _create() { +function _add() { local zone=${1} - local device=${2} + local port=${2} shift 2 - if [ -z "${device}" ]; then - error "No device given." + assert isset zone + assert isset port + + if ! port_exists ${port}; then + error "Port '${port}' does not exist." exit ${EXIT_ERROR} fi - if ! device_exists ${device}; then - warning "Device does not exist." - fi + config_read $(zone_dir ${zone})/ports/${port} - DEVICE=$(macify ${device}) + while [ $# -gt 0 ]; do + case "${1}" in + --priority=*) + PRIORITY=${1#--priority=} + ;; + --cost=*) + COST=${1#--cost=} + ;; + esac + shift + done - config_write $(zone_dir ${zone})/port.${HOOK}.$(device_hash ${device}) ${HOOK_SETTINGS} + config_write $(zone_dir ${zone})/ports/${port} ${HOOK_SETTINGS} exit ${EXIT_OK} } +function _edit() { + _add $@ +} + function _up() { local zone=${1} local port=${2} @@ -66,6 +85,8 @@ function _up() { bridge_attach_device ${zone} ${port} + # XXX must set cost and prio here + exit ${EXIT_OK} } diff --git a/hooks/zones/pppoe b/hooks/zones/pppoe index 3cf4877b..bc14d820 100755 --- a/hooks/zones/pppoe +++ b/hooks/zones/pppoe @@ -21,9 +21,9 @@ . /lib/network/header-zone -# TODO AC name, service name, sync? +# TODO XXX AC name, service name, sync? -HOOK_SETTINGS="HOOK AUTH LINKNAME USER SECRET PEERDNS DEFAULTROUTE MTU PORTS" +HOOK_SETTINGS="HOOK AUTH LINKNAME USER SECRET PEERDNS DEFAULTROUTE MTU" AUTH= DEFAULTROUTE=1 @@ -34,7 +34,6 @@ SECRET= USER= PPPOE_ALLOWED_AUTHS="chap pap" -PPPOE_ALLOWED_PORTS="bonding ethernet virtual" PPPOE_PLUGIN="rp-pppoe.so" function pppd_pid() { @@ -118,8 +117,12 @@ function _up() { zone_config_read ${zone} - if ! isset PORTS || ! port_exists ${PORTS}; then - error_log "Parent device '${PORTS}' does not exist. Cannot bring up zone '${zone}'." + local port=$(zone_get_ports ${zone}) + + assert isset port + + if ! port_exists ${port}; then + error_log "Parent device '${port}' does not exist. Cannot bring up zone '${zone}'." exit ${EXIT_ERROR} fi @@ -128,7 +131,7 @@ function _up() { [ -d "${RED_RUN}/${LINKNAME}" ] || mkdir -p ${RED_RUN}/${LINKNAME} # Setting up the device - port_up ${PORTS} + zone_ports_up ${zone} ppp_secret "${USER}" "${SECRET}" @@ -140,7 +143,7 @@ ifname ${zone} name ${LINKNAME} linkname ${LINKNAME} -plugin ${PPPOE_PLUGIN} ${PORTS} +plugin ${PPPOE_PLUGIN} ${port} # User configuration user ${USER} @@ -184,13 +187,11 @@ function _down() { local zone=${1} shift - zone_config_read ${zone} - # Kill pppd # XXX very ugly kill $(pppd_pid ${zone}) &>/dev/null - port_down ${PORTS} + zone_ports_down ${zone} exit ${EXIT_OK} } @@ -242,7 +243,11 @@ function _status() { printf "${DEVICE_PRINT_LINE1}" "Use default route?" "$(enabled DEFAULTROUTE && echo "enabled" || echo "disabled")" printf "${DEVICE_PRINT_LINE1}" "Use peer DNS?" "$(enabled PEERDNS && echo "enabled" || echo "disabled")" echo - printf "${DEVICE_PRINT_LINE1}" "Port:" "${PORTS:-none}" + cli_headline " Ports:" + zone_ports_status ${zone} + if [ -z "$(zone_get_ports ${zone})" ]; then + echo -e " ${COLOUR_WARN}No ports attached. Won't be able to start.${COLOUR_NORMAL}" + fi # Exit if zone is down if ! zone_is_up ${zone}; then @@ -269,24 +274,13 @@ function _port_add() { local port=${2} shift 2 - assert isset zone - assert isset port - assert port_exists ${port} - - zone_config_read ${zone} - - if isset PORTS; then - warning "There is already a port defined: '${PORTS}'." - warning "Will overwrite current configuration." - fi - - if ! listmatch $(port_get_hook ${port}) ${PPPOE_ALLOWED_PORTS}; then - error "You can only add ports to this hook that are of type '${PPPOE_ALLOWED_PORTS}'." + if [ $(listlength $(zone_get_ports ${zone})) -ge 1 ]; then + error "This hook only supports one port at a time." + error "Please remove any existant port(s) and try again." exit ${EXIT_ERROR} fi - PORTS="${port}" - zone_config_write ${zone} + _port_cmd add ${zone} ${port} $@ exit ${EXIT_OK} } diff --git a/hooks/zones/pppoe.ports/bonding b/hooks/zones/pppoe.ports/bonding new file mode 120000 index 00000000..3857774a --- /dev/null +++ b/hooks/zones/pppoe.ports/bonding @@ -0,0 +1 @@ +ethernet \ No newline at end of file diff --git a/hooks/zones/pppoe.ports/ethernet b/hooks/zones/pppoe.ports/ethernet new file mode 100644 index 00000000..67a781ff --- /dev/null +++ b/hooks/zones/pppoe.ports/ethernet @@ -0,0 +1,115 @@ +#!/bin/bash +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +############################################################################### + +. /lib/network/header-port + +function _add() { + local zone=${1} + local port=${2} + shift 2 + + assert isset zone + assert isset port + + if ! port_exists ${port}; then + error "Port '${port}' does not exist." + exit ${EXIT_ERROR} + fi + + touch $(zone_dir ${zone})/ports/${port} + + exit ${EXIT_OK} +} + +function _edit() { + _add $@ +} + +function _rem() { + local zone=${1} + local port=${2} + shift 2 + + assert isset zone + assert isset port + + if ! listmatch ${port} $(zone_get_ports ${zone}); then + error "Port '${port}' does not belong to '${zone}'." + error "Won't remove anything." + exit ${EXIT_ERROR} + fi + + warning "Removing port '${port}' from '${zone}' will shutdown the zone." + + # Shut down this zone + zone_down ${zone} + + rm -f $(zone_dir ${zone})/ports/${port} + + exit ${EXIT_OK} +} + +function _up() { + local zone=${1} + local port=${2} + + assert isset zone + assert isset port + + assert zone_exists ${zone} + assert port_exists ${port} + + port_up ${port} + + exit ${EXIT_OK} +} + +function _down() { + local zone=${1} + local port=${2} + + assert isset zone + assert isset port + + assert zone_exists ${zone} + assert port_exists ${port} + + port_down ${port} + + exit ${EXIT_OK} +} + +function _status() { + local zone=${1} + local port=${2} + + printf " %-10s - " "${port}" + if device_is_up ${port}; then + echo -ne "${COLOUR_UP} UP ${COLOUR_NORMAL}" + else + echo -ne "${COLOUR_DOWN} DOWN ${COLOUR_NORMAL}" + fi + echo + + exit ${EXIT_OK} +} + +run $@ diff --git a/hooks/zones/pppoe.ports/virtual b/hooks/zones/pppoe.ports/virtual new file mode 120000 index 00000000..3857774a --- /dev/null +++ b/hooks/zones/pppoe.ports/virtual @@ -0,0 +1 @@ +ethernet \ No newline at end of file -- 2.39.2