From: Michael Tremer Date: Sun, 23 Sep 2012 11:18:42 +0000 (+0000) Subject: bridge: Replace brctl by ip. X-Git-Tag: 005~32 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=99be6026eef17000a163d19a0d7caf936963b5b3;p=network.git bridge: Replace brctl by ip. --- diff --git a/functions.bridge b/functions.bridge index b4f41c1f..601ce0bc 100644 --- a/functions.bridge +++ b/functions.bridge @@ -2,7 +2,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2010 Michael Tremer & Christian Schmidt # +# Copyright (C) 2012 IPFire Network Development Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -19,54 +19,142 @@ # # ############################################################################### -function bridge_attach_device() { +function bridge_create() { local bridge=${1} - local device=${2} + assert isset bridge + shift + + local address + local mtu + + while [ $# -gt 0 ]; do + case "${1}" in + --address=*) + address=$(cli_get_val ${1}) + ;; + --mtu=*) + mtu=$(cli_get_val ${1}) + ;; + *) + error "Unrecognized argument: ${1}" + return ${EXIT_ERROR} + ;; + esac + shift + done + if device_exists ${bridge}; then + log ERROR "bridge: bridge '${bridge}' does already exist" + return ${EXIT_ERROR} + fi + + # Build the ip command. + local command="ip link add name ${bridge}" + + # Add address, if we know it. + if ismac address; then + command="${command} address ${address}" + fi + + # Add MTU if it has been set. + if isinteger mtu; then + command="${command} mtu ${mtu}" + fi + + # Last argument is the device type. + command="${command} type bridge" + + # Run the command. + cmd_quiet ${command} + local ret=$? + + if [ ${ret} -eq ${EXIT_OK} ]; then + log DEBUG "bridge: bridge '${bridge}' has been created" + else + log ERROR "bridge: Could not create bridge '${bridge}': ${ret}" + fi + + return ${ret} +} + +function bridge_delete() { + local bridge=${1} assert isset bridge + + device_delete ${bridge} +} + +function bridge_attach_device() { + local bridge=${1} + assert isset bridge + + local device=${2} assert isset device - assert device_exists ${bridge} + # Check if bridge exists. + if ! device_exists ${bridge}; then + log ERROR "bridge: bridge '${bridge}' does not exist to attach devices to" + return ${EXIT_ERROR} + fi + # Check if device exists. if ! device_exists ${device}; then - log WARN "Could not attach '${device}' to '${bridge}' becase device does not exist." + log ERROR "bridge: could not attach '${device}' to '${bridge}' because device does not exist" return ${EXIT_ERROR} fi - # If device is already attached, exit silently + # If device is already attached, exit silently. if listmatch ${device} $(bridge_get_members ${bridge}); then return ${EXIT_OK} fi - log INFO "Attaching device '${device}' to bridge '${bridge}'." + # Actually connect bridge and device. + cmd_quiet ip link set ${device} master ${bridge} + local ret=$? + + if [ ${ret} -eq ${EXIT_OK} ]; then + log DEBUG "bridge: device '${device}' has been attached to bridge '${bridge}'" + else + log ERROR "bridge: could not attach device '${device}' to bridge '${bridge}': ${ret}" + fi - brctl addif ${bridge} ${device} + return ${ret} } function bridge_detach_device() { local bridge=${1} - local device=${2} - assert isset bridge + + local device=${2} assert isset device - + + # Check if bridge exists. if ! device_exists ${bridge}; then - error "Bridge '${bridge}' does not exist." + log ERROR "bridge: bridge '${bridge}' does not exist to detach devices from" return ${EXIT_ERROR} fi + # Check if device exists. if ! device_exists ${device}; then - return ${EXIT_OK} + log ERROR "bridge: could not detach '${device}' from '${bridge}' because device does not exist" + return ${EXIT_ERROR} fi - # If device is not attached, exit silently + # If device is not attched, exit silently. if ! listmatch ${device} $(bridge_get_members ${bridge}); then return ${EXIT_OK} fi - log INFO "Detaching device '${device}' from bridge '${bridge}'." + cmd_quiet ip link set ${device} nomaster + locat ret=$? + + if [ ${ret} -eq ${EXIT_OK} ]; then + log DEBUG "bridge: device '${device}' has been detached from bridge '${bridge}'" + else + log ERROR "bridge: could not detach device '${device}' from bridge '${bridge}': ${ret}" + fi - brctl delif ${bridge} ${device} + return ${ret} } function bridge_get_members() { diff --git a/functions.device b/functions.device index ab1eae15..c9836c0c 100644 --- a/functions.device +++ b/functions.device @@ -73,6 +73,25 @@ function device_exists() { serial_exists ${device} } +function device_delete() { + local device=${1} + assert isset device + + # Nothing to do, it device does not exist. + device_exists ${device} || return ${EXIT_OK} + + # Delete the device. + cmd_quiet ip link delete ${device} + local ret=$? + + if [ ${ret} -ne ${EXIT_OK} ]; then + log ERROR "device: Could not delete device '${device}': ${ret}" + return ${EXIT_ERROR} + fi + + return ${ret} +} + function device_has_flag() { local device=${1} local flag=${2} @@ -95,6 +114,38 @@ function device_is_up() { device_has_flag ${device} 0x1 } +function device_ifindex_to_name() { + local idx=${1} + assert isset idx + + local device device_idx + for device in ${SYS_CLASS_NET}/*; do + device=$(basename ${device}) + device_exists ${device} || continue + + device_idx=$(device_get_ifindex ${device}) + + if [ "${device_idx}" = "${idx}" ]; then + print "${device}" + return ${EXIT_OK} + fi + done + + return ${EXIT_ERROR} +} + +function device_get_ifindex() { + local device=${1} + assert isset device + + local path="${SYS_CLASS_NET}/${1}/ifindex" + + # Check if file can be read. + [ -r "${path}" ] || return ${EXIT_ERROR} + + print "$(<${path})" +} + # Check if the device is a bonding device function device_is_bonding() { [ -d "/sys/class/net/${1}/bonding" ] @@ -118,6 +169,22 @@ function device_is_bridge_attached() { [ -d "${SYS_CLASS_NET}/${device}/brport" ] } +function device_get_bridge() { + local device=${1} + assert isset device + + # Check if device is attached to a bridge. + device_is_bridge_attached ${device} || return ${EXIT_ERROR} + + local ifindex_path="${SYS_CLASS_NET}/${device}/brport/bridge/ifindex" + [ -r "${ifindex_path}" ] || return ${EXIT_ERROR} + + local ifindex=$(<${ifindex_path}) + assert isset ifindex + + device_ifindex_to_name ${ifindex} +} + # Check if the device is a virtual device function device_is_virtual() { local device=${1} diff --git a/hooks/zones/bridge b/hooks/zones/bridge index 526a5ae0..6895de0f 100755 --- a/hooks/zones/bridge +++ b/hooks/zones/bridge @@ -80,16 +80,20 @@ function _parse_cmdline() { function _up() { local zone=${1} - shift + assert isset zone zone_config_read ${zone} + # Create the bridge if it does not already exist. if ! device_exists ${zone}; then - brctl addbr ${zone} - fi + bridge_create ${zone} \ + --address=${MAC} --mtu=${MTU} - [ -n "${MAC}" ] && device_set_address ${zone} ${MAC} - [ -n "${MTU}" ] && device_set_mtu ${zone} ${MTU} + # Adjust MAC address and MTU if needed. + else + device_set_address ${zone} ${MAC} + device_set_mtu ${zone} ${MTU} + fi # Enable STP if enabled STP; then @@ -124,22 +128,18 @@ function _up() { zone_ports_up ${zone} zone_configs_up ${zone} - event_interface_up ${zone} - exit ${EXIT_OK} } function _down() { local zone=${1} - shift + assert isset zone if ! device_is_up ${zone}; then warning "Zone '${zone}' is not up" exit ${EXIT_OK} fi - event_interface_down ${zone} - zone_configs_down ${zone} zone_ports_down ${zone} @@ -147,7 +147,7 @@ function _down() { device_set_promisc ${zone} off device_set_down ${zone} - brctl delbr ${zone} + bridge_delete ${zone} exit ${EXIT_OK} }