From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject:
 [PATCH 1/2] aliases: Add support to assign aliases to multiple RED interfaces
Date: Wed, 29 Jun 2022 18:27:23 +0000
Message-ID: <20220629182724.392049-1-michael.tremer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6705405607954363110=="
List-Id: <development.lists.ipfire.org>

--===============6705405607954363110==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

This is a little patch which will extend the aliases page to offer an
interface selection if there are more than one RED interfaces.

This is a little hack to make configuration easier for users who have
manually set up more than one RED interface (e.g. for load balancing or
fail-over) and want to use the UI to configure firewall rules.

As a little benefit on the side, I had to rewrite setaliases.c to use
ip(8) instead of ifconfig(8).

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 config/cfgroot/network-functions.pl | 20 +++++++++
 html/cgi-bin/aliases.cgi            | 63 +++++++++++++++++++++++++----
 langs/en/cgi-bin/en.pl              |  1 +
 src/misc-progs/setaliases.c         | 38 ++++++++++-------
 4 files changed, 99 insertions(+), 23 deletions(-)

diff --git a/config/cfgroot/network-functions.pl b/config/cfgroot/network-fun=
ctions.pl
index d50322823..4ac6d8670 100644
--- a/config/cfgroot/network-functions.pl
+++ b/config/cfgroot/network-functions.pl
@@ -332,6 +332,26 @@ sub setup_upstream_proxy() {
 	}
 }
=20
+sub get_red_interfaces() {
+	my $default =3D &General::get_red_interface();
+
+	my @intfs =3D (
+		$default,
+	);
+
+	opendir(INTERFACES, "/sys/class/net");
+
+	while (my $intf =3D readdir(INTERFACES)) {
+		if ($intf =3D~ m/^red[0-9]+$/) {
+			push(@intfs, $intf);
+		}
+	}
+
+	closedir(INTERFACES);
+
+	return &General::uniq(@intfs);
+}
+
 sub list_wireless_interfaces() {
 	my %interfaces =3D ();
=20
diff --git a/html/cgi-bin/aliases.cgi b/html/cgi-bin/aliases.cgi
index 7b80b3c84..def03ff9b 100644
--- a/html/cgi-bin/aliases.cgi
+++ b/html/cgi-bin/aliases.cgi
@@ -34,6 +34,7 @@ require '/var/ipfire/general-functions.pl';	# replace /var/=
ipcop with /var/ipcop
 require "${General::swroot}/lang.pl";
 require "${General::swroot}/header.pl";
 require "${General::swroot}/ids-functions.pl";
+require "${General::swroot}/network-functions.pl";
=20
 my $configfwdfw		=3D "${General::swroot}/firewall/config";
 my $configinput		=3D "${General::swroot}/firewall/input";
@@ -52,6 +53,11 @@ undef (@dummy);
 my $setting =3D "${General::swroot}/ethernet/settings";
 our $datafile =3D "${General::swroot}/ethernet/aliases";
=20
+# Fetch the name of the main RED interface
+my $RED_INTERFACE =3D &General::get_red_interface();
+
+# Fetch all RED interfaces
+my @RED_INTERFACES =3D &Network::get_red_interfaces();
=20
 our %settings=3D();
 #Settings1
@@ -61,7 +67,8 @@ our %settings=3D();
 $settings{'IP'} =3D '';
 $settings{'ENABLED'} =3D 'off';		# Every check box must be set to off
 $settings{'NAME'} =3D '';
-my @nosaved=3D('IP','ENABLED','NAME');	# List here ALL setting2 fields. Mand=
atory
+$settings{'INTERFACE'} =3D '';
+my @nosaved=3D('IP','ENABLED','NAME','INTERFACE');	# List here ALL setting2 =
fields. Mandatory
=20
 $settings{'ACTION'} =3D '';		# add/edit/remove
 $settings{'KEY1'} =3D '';			# point record for ACTION
@@ -215,10 +222,10 @@ if ($settings{'ACTION'} eq $Lang::tr{'add'}) {
 	}
     unless ($errormessage) {
 	if ($settings{'KEY1'} eq '') { #add or edit ?
-	    unshift (@current, "$settings{'IP'},$settings{'ENABLED'},$settings{'NAM=
E'}\n");
+	    unshift (@current, "$settings{'IP'},$settings{'ENABLED'},$settings{'NAM=
E'},$settings{'INTERFACE'}\n");
 	    &General::log($Lang::tr{'ip alias added'});
 	} else {
-	    @current[$settings{'KEY1'}] =3D "$settings{'IP'},$settings{'ENABLED'},$=
settings{'NAME'}\n";
+	    @current[$settings{'KEY1'}] =3D "$settings{'IP'},$settings{'ENABLED'},$=
settings{'NAME'},$settings{'INTERFACE'}\n";
 	    $settings{'KEY1'} =3D '';       # End edit mode
 	    &General::log($Lang::tr{'ip alias changed'});
 	}
@@ -250,6 +257,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) {
     $settings{'IP'}=3D$temp[0];			# Prepare the screen for editing
     $settings{'ENABLED'}=3D$temp[1];
     $settings{'NAME'}=3D$temp[2];
+    $settings{'INTERFACE'}=3D$temp[3];
 }
=20
 if ($settings{'ACTION'} eq $Lang::tr{'remove'}) {
@@ -295,6 +303,7 @@ if ($settings{'ACTION'} eq '' ) { # First launch from GUI
 &Header::openpage($Lang::tr{'external aliases configuration'}, 1, '');
 &Header::openbigbox('100%', 'left', '', $errormessage);
 my %checked =3D();     # Checkbox manipulations
+my %selected =3D ();
=20
 if ($errormessage) {
     &Header::openbox('100%', 'left', $Lang::tr{'error messages'});
@@ -320,6 +329,11 @@ END
 #
 $checked{'ENABLED'}{'on'} =3D ($settings{'ENABLED'} eq 'on') ? "checked=3D'c=
hecked'" : '' ;
=20
+$selected{'INTERFACE'} =3D ();
+foreach my $intf (@RED_INTERFACES) {
+	$selected{'INTERFACE'}{$intf} =3D ($settings{'INTERFACE'} eq $intf) ? "sele=
cted" : "";
+}
+
 my $buttontext =3D $Lang::tr{'add'};
 if ($settings{'KEY1'} ne '') {
     $buttontext =3D $Lang::tr{'update'};
@@ -329,7 +343,7 @@ if ($settings{'KEY1'} ne '') {
 }
=20
 #Edited line number (KEY1) passed until cleared by 'save' or 'remove' or 'ne=
w sort order'
-print <<END
+print <<END;
 <form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
 <input type=3D'hidden' name=3D'KEY1' value=3D'$settings{'KEY1'}' />
 <input type=3D'hidden' name=3D'OLDNAME' value=3D'$settings{'NAME'}' />
@@ -340,6 +354,33 @@ print <<END
 <td><input type=3D'text' name=3D'NAME' value=3D'$settings{'NAME'}' size=3D'3=
2' /></td>
 <td class=3D'base' style=3D'text-align:right; color:${Header::colourred};'>$=
Lang::tr{'alias ip'}:&nbsp;</td>
 <td><input type=3D'text' name=3D'IP' value=3D'$settings{'IP'}' size=3D'16' /=
></td>
+END
+
+if (scalar @RED_INTERFACES >=3D 2) {
+	print <<END;
+		<td class=3D'base' style=3D'color:${Header::colourred};'>$Lang::tr{'interf=
ace'}:</td>
+		<td>
+			<select name=3D"INTERFACE">
+				<option value=3D"">$Lang::tr{'aliases default interface'}</option>
+END
+
+	# Print an option for each RED interface
+	foreach my $intf (@RED_INTERFACES) {
+		# Skip the default one
+		next if ($RED_INTERFACE eq $intf);
+
+		print <<END;
+				<option value=3D"$intf" $selected{'INTERFACE'}{$intf}>$intf</option>
+END
+	}
+
+	print <<END;
+			</select>
+		</td>
+END
+}
+
+print <<END;
 <td class=3D'base' style=3D'text-align:right;'>$Lang::tr{'enabled'}&nbsp;</t=
d>
 <td><input type=3D'checkbox' name=3D'ENABLED' $checked{'ENABLED'}{'on'} /></=
td>
 </tr>
@@ -353,7 +394,7 @@ print <<END
 </table>
 </form>
 END
-;
+
 &Header::closebox();
=20
 # Add visual indicators to column headings to show sort order - EO
@@ -419,9 +460,15 @@ foreach my $line (@current) {
     }
     print "<tr style=3D'$col'>";
=20
+	my $address =3D $temp[0];
+
+	if ($temp[3] ne "") {
+		$address .=3D " @ $temp[3]";
+	}
+
     print <<END
 <td style=3D'text-align:center; $col'>$temp[2]</td>
-<td style=3D'text-align:center; $col'>$temp[0]</td>
+<td style=3D'text-align:center; $col'>$address</td>
=20
 <td style=3D'text-align:center; $col'>
 <form method=3D'post' action=3D'$ENV{'SCRIPT_NAME'}'>
@@ -542,7 +589,7 @@ sub SortDataFile
 	# The KEY,key record permits doublons. If removed, then F1 becomes the key =
without doublon permitted.
=20
=20
-	my @record =3D ('KEY',$key++,'IP',$temp[0],'ENABLED',$temp[1],'NAME',$temp[=
2]);
+	my @record =3D ('KEY',$key++,'IP',$temp[0],'ENABLED',$temp[1],'NAME',$temp[=
2],'INTERFACE',$temp[3]);
 	my $record =3D {};                        	# create a reference to empty ha=
sh
 	%{$record} =3D @record;                		# populate that hash with @record
 	$entries{$record->{KEY}} =3D $record; 		# add this to a hash of hashes
@@ -552,7 +599,7 @@ sub SortDataFile
=20
     # Each field value is printed , with the newline ! Don't forget separato=
r and order of them.
     foreach my $entry (sort fixedleasesort keys %entries) {
-	print FILE "$entries{$entry}->{IP},$entries{$entry}->{ENABLED},$entries{$en=
try}->{NAME}\n";
+	print FILE "$entries{$entry}->{IP},$entries{$entry}->{ENABLED},$entries{$en=
try}->{NAME},$entries{$entry}->{INTERFACE}\n";
     }
=20
     close(FILE);
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index b4c24a535..eb3e5f14f 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -422,6 +422,7 @@
 'alcatelusb upload' =3D> 'Upload Speedtouch USB firmware',
 'alias ip' =3D> 'Alias IP',
 'aliases' =3D> 'Aliases',
+'aliases default interface' =3D> '- Default Interface -',
 'aliases not active' =3D> 'Aliases will not be active unless your RED interf=
ace is STATIC',
 'all' =3D> 'All',
 'all interfaces' =3D> 'All Interfaces',
diff --git a/src/misc-progs/setaliases.c b/src/misc-progs/setaliases.c
index 4ba6816af..4d59aa0a8 100644
--- a/src/misc-progs/setaliases.c
+++ b/src/misc-progs/setaliases.c
@@ -28,6 +28,8 @@
 struct keyvalue *kv =3D NULL;
 FILE *file =3D NULL;
=20
+#define SCOPE 128
+
 void exithandler(void)
 {
 	if (kv) freekeyvalues(kv);
@@ -45,6 +47,7 @@ int main(void)
 	char *enabled;
 	char *sptr;
 	char *comment;
+	char* intf =3D NULL;
 	int alias;
 	int count;
=20
@@ -118,13 +121,12 @@ int main(void)
 		exit(1);
 	}
=20
-	/* down the aliases in turn until ifconfig complains */
-	alias=3D0;
-	do
-	{
-		memset(command, 0, STRING_SIZE);
-		snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d down 2>/dev/null", =
red_dev, alias++);
-	} while (safe_system(command)=3D=3D0);
+	// Flush all previous aliases
+	alias =3D 0;
+	do {
+		snprintf(command, STRING_SIZE - 1,
+			"ip addr flush dev red%d scope %d 2>/dev/null", alias++, SCOPE);
+	} while (safe_system(command) =3D=3D 0);
=20
 	/* Now set up the new aliases from the config file */
         if (!(file =3D fopen(CONFIG_ROOT "/ethernet/aliases", "r")))
@@ -144,15 +146,18 @@ int main(void)
                 aliasip =3D NULL;
                 enabled =3D NULL;
                 comment =3D NULL;
+                intf =3D NULL;
                 sptr =3D strtok(s, ",");
                 while (sptr)
                 {
                         if (count =3D=3D 0)
                                 aliasip =3D sptr;
-                        if (count =3D=3D 1)
+                        else if (count =3D=3D 1)
                                 enabled =3D sptr;
-                        else
+                        else if (count =3D=3D 2)
                                 comment =3D sptr;
+                        else if (count =3D=3D 3)
+                                intf =3D sptr;
                         count++;
 			sptr =3D strtok(NULL, ",");
 		}
@@ -175,15 +180,18 @@ int main(void)
                         exit(1);
                 }
=20
-		memset(command, 0, STRING_SIZE);
-		snprintf(command, STRING_SIZE-1,
-				"/sbin/ifconfig %s:%d %s netmask %s up",
-			     red_dev, alias, aliasip, red_netmask);
+		// Default to RED_DEV if intf isn't set
+		if (!intf)
+			intf =3D red_dev;
+
+		snprintf(command, STRING_SIZE - 1, "ip addr add %s/%s dev %s scope %d",
+			aliasip, red_netmask, intf, SCOPE);
 		safe_system(command);
-		memset(command, 0, STRING_SIZE);
+
+		// Send an ARP broadcast
 		snprintf(command, STRING_SIZE-1,
 				"/usr/sbin/arping -q -c 1 -w 1 -i %s -S %s %s",
-				red_dev, aliasip, default_gateway);
+				intf, aliasip, default_gateway);
 		safe_system(command);
 		alias++;
 	}
--=20
2.30.2


--===============6705405607954363110==--