# available.
#
-[ -n "$CTDB_BASE" ] || \
+[ -n "$CTDB_BASE" ] ||
CTDB_BASE=$(d="$(dirname "$0")" && cd -P "$d/../../" && pwd)
. "${CTDB_BASE}/functions"
natgw_cfg_old="${script_state_dir}/cfg_old"
natgw_leader_old="${script_state_dir}/leader_old"
-ctdb_natgw_follower_only ()
+ctdb_natgw_follower_only()
{
- _ip_address=$(ctdb_get_ip_address)
+ _ip_address=$(ctdb_get_ip_address)
- awk -v my_ip="$_ip_address" \
- '$1 == my_ip { if ($2 ~ "follower-only") { exit 0 } else { exit 1 } }' \
- "$CTDB_NATGW_NODES"
+ awk -v my_ip="$_ip_address" \
+ '$1 == my_ip { if ($2 ~ "follower-only") { exit 0 } else { exit 1 } }' \
+ "$CTDB_NATGW_NODES"
}
-natgw_check_config ()
+natgw_check_config()
{
- [ -r "$CTDB_NATGW_NODES" ] || \
- die "error: CTDB_NATGW_NODES=${CTDB_NATGW_NODES} unreadable"
- if ! ctdb_natgw_follower_only ; then
- [ -n "$CTDB_NATGW_PUBLIC_IP" ] || \
- die "Invalid configuration: CTDB_NATGW_PUBLIC_IP not set"
- [ -n "$CTDB_NATGW_PUBLIC_IFACE" ] || \
- die "Invalid configuration: CTDB_NATGW_PUBLIC_IFACE not set"
- fi
- [ -n "$CTDB_NATGW_PRIVATE_NETWORK" ] || \
- die "Invalid configuration: CTDB_NATGW_PRIVATE_NETWORK not set"
-
- # The default is to create a single default route
- [ -n "$CTDB_NATGW_STATIC_ROUTES" ] || CTDB_NATGW_STATIC_ROUTES="0.0.0.0/0"
+ [ -r "$CTDB_NATGW_NODES" ] ||
+ die "error: CTDB_NATGW_NODES=${CTDB_NATGW_NODES} unreadable"
+ if ! ctdb_natgw_follower_only; then
+ [ -n "$CTDB_NATGW_PUBLIC_IP" ] ||
+ die "Invalid configuration: CTDB_NATGW_PUBLIC_IP not set"
+ [ -n "$CTDB_NATGW_PUBLIC_IFACE" ] ||
+ die "Invalid configuration: CTDB_NATGW_PUBLIC_IFACE not set"
+ fi
+ [ -n "$CTDB_NATGW_PRIVATE_NETWORK" ] ||
+ die "Invalid configuration: CTDB_NATGW_PRIVATE_NETWORK not set"
+
+ # The default is to create a single default route
+ [ -n "$CTDB_NATGW_STATIC_ROUTES" ] || CTDB_NATGW_STATIC_ROUTES="0.0.0.0/0"
}
-natgw_write_config ()
+natgw_write_config()
{
- _f="$1"
+ _f="$1"
- cat >"$_f" <<EOF
+ cat >"$_f" <<EOF
CTDB_NATGW_NODES="$CTDB_NATGW_NODES"
CTDB_NATGW_PUBLIC_IP="$CTDB_NATGW_PUBLIC_IP"
CTDB_NATGW_PUBLIC_IFACE="$CTDB_NATGW_PUBLIC_IFACE"
EOF
}
-natgw_config_has_changed ()
+natgw_config_has_changed()
{
- natgw_write_config "$natgw_cfg_new"
-
- # Non-existent old returns true, no log message
- if [ ! -f "$natgw_cfg_old" ] ; then
- return 0
- fi
+ natgw_write_config "$natgw_cfg_new"
- # Handle no change
- if cmp "$natgw_cfg_old" "$natgw_cfg_new" >/dev/null 2>&1 ; then
- return 1
- fi
+ # Non-existent old returns true, no log message
+ if [ ! -f "$natgw_cfg_old" ]; then
+ return 0
+ fi
- echo "NAT gateway configuration has changed"
- return 0
-}
+ # Handle no change
+ if cmp "$natgw_cfg_old" "$natgw_cfg_new" >/dev/null 2>&1; then
+ return 1
+ fi
-_natgw_clear ()
-{
- _ip="${CTDB_NATGW_PUBLIC_IP%/*}"
- _maskbits="${CTDB_NATGW_PUBLIC_IP#*/}"
-
- delete_ip_from_iface \
- "$CTDB_NATGW_PUBLIC_IFACE" "$_ip" "$_maskbits" >/dev/null 2>&1
- for _net_gw in $CTDB_NATGW_STATIC_ROUTES ; do
- _net="${_net_gw%@*}"
- ip route del "$_net" metric 10 >/dev/null 2>/dev/null
- done
-
- # Delete the masquerading setup from a previous iteration where we
- # were the NAT-GW
- iptables -D POSTROUTING -t nat \
- -s "$CTDB_NATGW_PRIVATE_NETWORK" ! -d "$CTDB_NATGW_PRIVATE_NETWORK" \
- -j MASQUERADE >/dev/null 2>/dev/null
-
- iptables -D INPUT -p tcp --syn -d "${_ip}/32" -j REJECT 2>/dev/null
+ echo "NAT gateway configuration has changed"
+ return 0
}
-natgw_clear ()
+_natgw_clear()
{
- if [ -r "$natgw_cfg_old" ] ; then
- (. "$natgw_cfg_old" ; _natgw_clear)
- else
- _natgw_clear
- fi
+ _ip="${CTDB_NATGW_PUBLIC_IP%/*}"
+ _maskbits="${CTDB_NATGW_PUBLIC_IP#*/}"
+
+ delete_ip_from_iface \
+ "$CTDB_NATGW_PUBLIC_IFACE" "$_ip" "$_maskbits" >/dev/null 2>&1
+ for _net_gw in $CTDB_NATGW_STATIC_ROUTES; do
+ _net="${_net_gw%@*}"
+ ip route del "$_net" metric 10 >/dev/null 2>/dev/null
+ done
+
+ # Delete the masquerading setup from a previous iteration where we
+ # were the NAT-GW
+ iptables -D POSTROUTING -t nat \
+ -s "$CTDB_NATGW_PRIVATE_NETWORK" ! -d "$CTDB_NATGW_PRIVATE_NETWORK" \
+ -j MASQUERADE >/dev/null 2>/dev/null
+
+ iptables -D INPUT -p tcp --syn -d "${_ip}/32" -j REJECT 2>/dev/null
}
-natgw_set_leader ()
+natgw_clear()
{
- set_proc sys/net/ipv4/ip_forward 1
- iptables -A POSTROUTING -t nat \
- -s "$CTDB_NATGW_PRIVATE_NETWORK" ! -d "$CTDB_NATGW_PRIVATE_NETWORK" \
- -j MASQUERADE
-
- # block all incoming connections to the NATGW IP address
- ctdb_natgw_public_ip_host="${CTDB_NATGW_PUBLIC_IP%/*}/32"
- iptables -D INPUT -p tcp --syn \
- -d "$ctdb_natgw_public_ip_host" -j REJECT 2>/dev/null
- iptables -I INPUT -p tcp --syn \
- -d "$ctdb_natgw_public_ip_host" -j REJECT 2>/dev/null
-
- ip addr add "$CTDB_NATGW_PUBLIC_IP" dev "$CTDB_NATGW_PUBLIC_IFACE"
- for _net_gw in $CTDB_NATGW_STATIC_ROUTES ; do
- _net="${_net_gw%@*}"
- if [ "$_net" != "$_net_gw" ] ; then
- _gw="${_net_gw#*@}"
+ if [ -r "$natgw_cfg_old" ]; then
+ (
+ . "$natgw_cfg_old"
+ _natgw_clear
+ )
else
- _gw="$CTDB_NATGW_DEFAULT_GATEWAY"
+ _natgw_clear
fi
+}
- [ -n "$_gw" ] || continue
- ip route add "$_net" metric 10 via "$_gw"
- done
+natgw_set_leader()
+{
+ set_proc sys/net/ipv4/ip_forward 1
+ iptables -A POSTROUTING -t nat \
+ -s "$CTDB_NATGW_PRIVATE_NETWORK" ! -d "$CTDB_NATGW_PRIVATE_NETWORK" \
+ -j MASQUERADE
+
+ # block all incoming connections to the NATGW IP address
+ ctdb_natgw_public_ip_host="${CTDB_NATGW_PUBLIC_IP%/*}/32"
+ iptables -D INPUT -p tcp --syn \
+ -d "$ctdb_natgw_public_ip_host" -j REJECT 2>/dev/null
+ iptables -I INPUT -p tcp --syn \
+ -d "$ctdb_natgw_public_ip_host" -j REJECT 2>/dev/null
+
+ ip addr add "$CTDB_NATGW_PUBLIC_IP" dev "$CTDB_NATGW_PUBLIC_IFACE"
+ for _net_gw in $CTDB_NATGW_STATIC_ROUTES; do
+ _net="${_net_gw%@*}"
+ if [ "$_net" != "$_net_gw" ]; then
+ _gw="${_net_gw#*@}"
+ else
+ _gw="$CTDB_NATGW_DEFAULT_GATEWAY"
+ fi
+
+ [ -n "$_gw" ] || continue
+ ip route add "$_net" metric 10 via "$_gw"
+ done
}
-natgw_set_follower ()
+natgw_set_follower()
{
- _natgwip="$1"
+ _natgwip="$1"
- for _net_gw in $CTDB_NATGW_STATIC_ROUTES ; do
- _net="${_net_gw%@*}"
- ip route add "$_net" via "$_natgwip" metric 10
- done
+ for _net_gw in $CTDB_NATGW_STATIC_ROUTES; do
+ _net="${_net_gw%@*}"
+ ip route add "$_net" via "$_natgwip" metric 10
+ done
}
-natgw_ensure_leader ()
+natgw_ensure_leader()
{
- # Intentional word splitting here
- # shellcheck disable=SC2046
- set -- $("${CTDB_HELPER_BINDIR}/ctdb_natgw" leader)
- natgwleader="${1:--1}" # Default is -1, for failure above
- natgwip="$2"
-
- if [ "$natgwleader" = "-1" ]; then
- # Fail...
- die "There is no NATGW leader node"
- fi
+ # Intentional word splitting here
+ # shellcheck disable=SC2046
+ set -- $("${CTDB_HELPER_BINDIR}/ctdb_natgw" leader)
+ natgwleader="${1:--1}" # Default is -1, for failure above
+ natgwip="$2"
+
+ if [ "$natgwleader" = "-1" ]; then
+ # Fail...
+ die "There is no NATGW leader node"
+ fi
}
-natgw_leader_has_changed ()
+natgw_leader_has_changed()
{
- if [ -r "$natgw_leader_old" ] ; then
- read -r _old_natgwleader <"$natgw_leader_old"
- else
- _old_natgwleader=""
- fi
- [ "$_old_natgwleader" != "$natgwleader" ]
+ if [ -r "$natgw_leader_old" ]; then
+ read -r _old_natgwleader <"$natgw_leader_old"
+ else
+ _old_natgwleader=""
+ fi
+ [ "$_old_natgwleader" != "$natgwleader" ]
}
-natgw_save_state ()
+natgw_save_state()
{
- echo "$natgwleader" >"$natgw_leader_old"
- # Created by natgw_config_has_changed()
- mv "$natgw_cfg_new" "$natgw_cfg_old"
+ echo "$natgwleader" >"$natgw_leader_old"
+ # Created by natgw_config_has_changed()
+ mv "$natgw_cfg_new" "$natgw_cfg_old"
}
-
case "$1" in
setup)
natgw_check_config
# Error if CTDB_NATGW_PUBLIC_IP is listed in public addresses
ip_pat=$(echo "$CTDB_NATGW_PUBLIC_IP" | sed -e 's@\.@\\.@g')
ctdb_public_addresses="${CTDB_BASE}/public_addresses"
- if grep -q "^${ip_pat}[[:space:]]" "$ctdb_public_addresses" ; then
+ if grep -q "^${ip_pat}[[:space:]]" "$ctdb_public_addresses"; then
die "ERROR: CTDB_NATGW_PUBLIC_IP same as a public address"
fi
set_proc sys/net/ipv4/conf/all/arp_announce 2
;;
-updatenatgw|ipreallocated)
+updatenatgw | ipreallocated)
natgw_check_config
natgw_ensure_leader
pnn=$(ctdb_get_pnn)
if [ "$pnn" = "$natgwleader" ]; then
- natgw_set_leader
+ natgw_set_leader
else
- natgw_set_follower "$natgwip"
+ natgw_set_follower "$natgwip"
fi
# flush our route cache
natgw_save_state
;;
-shutdown|removenatgw)
+shutdown | removenatgw)
natgw_check_config
natgw_clear
;;
monitor)
natgw_check_config
- if [ -n "$CTDB_NATGW_PUBLIC_IFACE" ] ; then
- interface_monitor "$CTDB_NATGW_PUBLIC_IFACE" || exit 1
+ if [ -n "$CTDB_NATGW_PUBLIC_IFACE" ]; then
+ interface_monitor "$CTDB_NATGW_PUBLIC_IFACE" || exit 1
fi
;;
esac
projects / thirdparty / samba.git / commitdiff
