From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 29 Jul 2010 19:53:48 +0000 (+0200)
Subject: network: Initial support for IPv6 tunnels with aiccu.
X-Git-Tag: 001~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=671fa0bd18a7f8d9086d82419f12cab16fd5dcfe;p=network.git

network: Initial support for IPv6 tunnels with aiccu.
---

diff --git a/functions.aiccu b/functions.aiccu
new file mode 100644
index 00000000..5a49eddc
--- /dev/null
+++ b/functions.aiccu
@@ -0,0 +1,141 @@
+#!/bin/bash
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+function aiccu_init() {
+	log INFO "Initializing aiccu."
+	mkdir -p $(aiccu_config_dir)
+}
+
+init_register aiccu_init
+
+function aiccu_config_dir() {
+	local device=${1}
+
+	echo "${RUN_DIR}/aiccu/${device}"
+}
+
+function aiccu_start() {
+	local device=${1}
+	shift
+
+	assert isset device
+
+	local config_dir=$(aiccu_config_dir ${device})
+	mkdir -p ${config_dir}
+
+	local config_file=${config_dir}/config
+	aiccu_configure ${device} $@ > ${config_file}
+
+	aiccu start ${config_file} &>/dev/null
+	local ret=$?
+
+	case "${ret}" in
+		0)
+			log DEBUG "Aiccu was successfully started for '${device}'."
+			return ${EXIT_OK}
+			;;
+		*)
+			error_log "Could not start aiccu properly for '${device}'."
+			
+			error_log "Configuration file dump:"
+			local line
+			while read line; do
+				error_log "  ${line}"
+			done < ${config_file}
+
+			return ${EXIT_ERROR}
+			;;
+	esac
+}
+
+function aiccu_stop() {
+	local device=${1}
+
+	assert isset device
+
+	aiccu stop $(aiccu_config_dir ${device})/config
+
+	rm -rf $(aiccu_config_dir ${device})
+}
+
+function aiccu_configure() {
+	local device=${1}
+
+	assert isset device
+
+	local user
+	local secret
+	local server
+	local protocol="tic"
+	local tunnel_id
+
+	while [ $# -gt  0 ]; do
+		case "${1}" in
+			--user=*)
+				user=$(cli_get_val ${1})
+				;;
+			--secret=*)
+				secret=$(cli_get_val ${1})
+				;;
+			--server=*)
+				server=$(cli_get_val ${1})
+				;;
+			--protocol=*)
+				protocol=$(cli_get_val ${1})
+				;;
+			--tunnel-id=*)
+				tunnel_id=$(cli_get_val ${1})
+				;;
+		esac
+		shift
+	done
+
+	assert isset user
+	assert isset secret
+	assert isset server
+	assert isset protocol
+	assert isoneof protocol tic tsp l2tp
+
+cat <<EOF
+## AICCU configuration for ${zone}
+
+username ${user}
+password ${secret}
+
+server ${server}
+protocol ${protocol}
+
+$(isset tunnel_id && echo "tunnel_id ${tunnel_id}")
+
+ipv6_interface ${device}
+
+verbose true
+daemonize true
+automatic true
+
+pidfile $(aiccu_config_dir ${zone})/pid
+
+#setupscript /tmp/aiccu.sh
+
+EOF
+
+	return ${EXIT_OK}
+}
diff --git a/hooks/zones/aiccu b/hooks/zones/aiccu
new file mode 100755
index 00000000..e867ff40
--- /dev/null
+++ b/hooks/zones/aiccu
@@ -0,0 +1,131 @@
+#!/bin/bash
+###############################################################################
+#                                                                             #
+# IPFire.org - A linux based firewall                                         #
+# Copyright (C) 2010  Michael Tremer & Christian Schmidt                      #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+###############################################################################
+
+. /lib/network/header-zone
+
+HOOK_SETTINGS="HOOK PROTOCOL USER SECRET SERVER TUNNEL_ID"
+
+USER=
+SECRET=
+SERVER="tic.sixxs.net"
+PROTOCOL="tic"
+TUNNEL_ID=
+
+function _check() {
+	assert isset USER
+	assert isset SECRET
+	assert isset SERVER
+	assert isset PROTOCOL
+}
+
+function _parse_cmdline() {
+	local value
+
+	while [ $# -gt 0 ]; do
+		case "$1" in
+			--user=*)
+				USER=$(cli_get_val ${1})
+				;;
+			--secret=*)
+				SECRET=$(cli_get_val ${1})
+				;;
+			--server=*)
+				SERVER=$(cli_get_val ${1})
+				;;
+			--protocol=*)
+				PROTOCOL=$(cli_get_val ${1})
+				;;
+			--tunnel-id=*)
+				TUNNEL_ID=$(cli_get_val ${1})
+				;;
+			*)
+				echo "Unknown option: $1" >&2
+				exit ${EXIT_ERROR}
+				;;
+		esac
+		shift
+	done
+}
+
+function _up() {
+	local zone=${1}
+	shift
+
+	assert isset zone
+
+	zone_config_read ${zone}
+
+	aiccu_start ${zone} \
+		--server="${SERVER}" \
+		--protocol="${PROTOCOL}" \
+		--user="${USER}" \
+		--secret="${SECRET}" \
+		--tunnel-id="${TUNNEL_ID}"
+
+	exit $?
+}
+
+function _down() {
+	local zone=${1}
+	shift
+
+	aiccu_stop ${zone}
+
+	exit ${EXIT_OK}
+}
+
+function _status() {
+	local zone=${1}
+
+	assert isset zone
+
+	cli_status_headline ${zone}
+
+	zone_config_read ${zone}
+
+	cli_headline "  Configuration:"
+	printf "${DEVICE_PRINT_LINE1}" "User:" "${USER}"
+	printf "${DEVICE_PRINT_LINE1}" "Secret:" "<hidden>"
+	echo
+	printf "${DEVICE_PRINT_LINE1}" "Server:" "${SERVER}"
+	printf "${DEVICE_PRINT_LINE1}" "Protocol:" "${PROTOCOL}"
+	if isset TUNNEL_ID; then
+		echo
+		printf "${DEVICE_PRINT_LINE1}" "Tunnel ID:" "${TUNNEL_ID}"
+	fi
+	echo
+	printf "${DEVICE_PRINT_LINE1}" "Use default route?" "$(enabled DEFAULTROUTE && echo "enabled" || echo "disabled")"
+	printf "${DEVICE_PRINT_LINE1}" "Use peer DNS?" "$(enabled PEERDNS && echo "enabled" || echo "disabled")"
+
+	# Exit if zone is down
+	if ! zone_is_up ${zone}; then
+		echo # Empty line
+		exit ${EXIT_ERROR}
+	fi
+
+	cli_headline "  Protocol information:"
+	printf "${DEVICE_PRINT_LINE1}" "MTU:" "$(device_get_mtu ${zone})"
+	echo
+
+	exit ${EXIT_OK}
+}
+
+run $@