From mboxrd@z Thu Jan 1 00:00:00 1970 From: Peter =?utf-8?q?M=C3=BCller?= To: development@lists.ipfire.org Subject: Re: [PATCH 1/2] aliases: Add support to assign aliases to multiple RED interfaces Date: Wed, 06 Jul 2022 09:59:12 +0000 Message-ID: In-Reply-To: <20220629182724.392049-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============4719223152563630689==" List-Id: --===============4719223152563630689== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Acked-by: Peter M=C3=BCller > This is a little patch which will extend the aliases page to offer an > interface selection if there are more than one RED interfaces. >=20 > This is a little hack to make configuration easier for users who have > manually set up more than one RED interface (e.g. for load balancing or > fail-over) and want to use the UI to configure firewall rules. >=20 > As a little benefit on the side, I had to rewrite setaliases.c to use > ip(8) instead of ifconfig(8). >=20 > Signed-off-by: Michael Tremer > --- > config/cfgroot/network-functions.pl | 20 +++++++++ > html/cgi-bin/aliases.cgi | 63 +++++++++++++++++++++++++---- > langs/en/cgi-bin/en.pl | 1 + > src/misc-progs/setaliases.c | 38 ++++++++++------- > 4 files changed, 99 insertions(+), 23 deletions(-) >=20 > diff --git a/config/cfgroot/network-functions.pl b/config/cfgroot/network-f= unctions.pl > index d50322823..4ac6d8670 100644 > --- a/config/cfgroot/network-functions.pl > +++ b/config/cfgroot/network-functions.pl > @@ -332,6 +332,26 @@ sub setup_upstream_proxy() { > } > } > =20 > +sub get_red_interfaces() { > + my $default =3D &General::get_red_interface(); > + > + my @intfs =3D ( > + $default, > + ); > + > + opendir(INTERFACES, "/sys/class/net"); > + > + while (my $intf =3D readdir(INTERFACES)) { > + if ($intf =3D~ m/^red[0-9]+$/) { > + push(@intfs, $intf); > + } > + } > + > + closedir(INTERFACES); > + > + return &General::uniq(@intfs); > +} > + > sub list_wireless_interfaces() { > my %interfaces =3D (); > =20 > diff --git a/html/cgi-bin/aliases.cgi b/html/cgi-bin/aliases.cgi > index 7b80b3c84..def03ff9b 100644 > --- a/html/cgi-bin/aliases.cgi > +++ b/html/cgi-bin/aliases.cgi > @@ -34,6 +34,7 @@ require '/var/ipfire/general-functions.pl'; # replace /va= r/ipcop with /var/ipcop > require "${General::swroot}/lang.pl"; > require "${General::swroot}/header.pl"; > require "${General::swroot}/ids-functions.pl"; > +require "${General::swroot}/network-functions.pl"; > =20 > my $configfwdfw =3D "${General::swroot}/firewall/config"; > my $configinput =3D "${General::swroot}/firewall/input"; > @@ -52,6 +53,11 @@ undef (@dummy); > my $setting =3D "${General::swroot}/ethernet/settings"; > our $datafile =3D "${General::swroot}/ethernet/aliases"; > =20 > +# Fetch the name of the main RED interface > +my $RED_INTERFACE =3D &General::get_red_interface(); > + > +# Fetch all RED interfaces > +my @RED_INTERFACES =3D &Network::get_red_interfaces(); > =20 > our %settings=3D(); > #Settings1 > @@ -61,7 +67,8 @@ our %settings=3D(); > $settings{'IP'} =3D ''; > $settings{'ENABLED'} =3D 'off'; # Every check box must be set to off > $settings{'NAME'} =3D ''; > -my @nosaved=3D('IP','ENABLED','NAME'); # List here ALL setting2 fields. Ma= ndatory > +$settings{'INTERFACE'} =3D ''; > +my @nosaved=3D('IP','ENABLED','NAME','INTERFACE'); # List here ALL setting= 2 fields. Mandatory > =20 > $settings{'ACTION'} =3D ''; # add/edit/remove > $settings{'KEY1'} =3D ''; # point record for ACTION > @@ -215,10 +222,10 @@ if ($settings{'ACTION'} eq $Lang::tr{'add'}) { > } > unless ($errormessage) { > if ($settings{'KEY1'} eq '') { #add or edit ? > - unshift (@current, "$settings{'IP'},$settings{'ENABLED'},$settings{'N= AME'}\n"); > + unshift (@current, "$settings{'IP'},$settings{'ENABLED'},$settings{'N= AME'},$settings{'INTERFACE'}\n"); > &General::log($Lang::tr{'ip alias added'}); > } else { > - @current[$settings{'KEY1'}] =3D "$settings{'IP'},$settings{'ENABLED'}= ,$settings{'NAME'}\n"; > + @current[$settings{'KEY1'}] =3D "$settings{'IP'},$settings{'ENABLED'}= ,$settings{'NAME'},$settings{'INTERFACE'}\n"; > $settings{'KEY1'} =3D ''; # End edit mode > &General::log($Lang::tr{'ip alias changed'}); > } > @@ -250,6 +257,7 @@ if ($settings{'ACTION'} eq $Lang::tr{'edit'}) { > $settings{'IP'}=3D$temp[0]; # Prepare the screen for editing > $settings{'ENABLED'}=3D$temp[1]; > $settings{'NAME'}=3D$temp[2]; > + $settings{'INTERFACE'}=3D$temp[3]; > } > =20 > if ($settings{'ACTION'} eq $Lang::tr{'remove'}) { > @@ -295,6 +303,7 @@ if ($settings{'ACTION'} eq '' ) { # First launch from G= UI > &Header::openpage($Lang::tr{'external aliases configuration'}, 1, ''); > &Header::openbigbox('100%', 'left', '', $errormessage); > my %checked =3D(); # Checkbox manipulations > +my %selected =3D (); > =20 > if ($errormessage) { > &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); > @@ -320,6 +329,11 @@ END > # > $checked{'ENABLED'}{'on'} =3D ($settings{'ENABLED'} eq 'on') ? "checked=3D= 'checked'" : '' ; > =20 > +$selected{'INTERFACE'} =3D (); > +foreach my $intf (@RED_INTERFACES) { > + $selected{'INTERFACE'}{$intf} =3D ($settings{'INTERFACE'} eq $intf) ? "se= lected" : ""; > +} > + > my $buttontext =3D $Lang::tr{'add'}; > if ($settings{'KEY1'} ne '') { > $buttontext =3D $Lang::tr{'update'}; > @@ -329,7 +343,7 @@ if ($settings{'KEY1'} ne '') { > } > =20 > #Edited line number (KEY1) passed until cleared by 'save' or 'remove' or '= new sort order' > -print < +print <
> > > @@ -340,6 +354,33 @@ print < > $Lang::tr{'alias ip'}:  > > +END > + > +if (scalar @RED_INTERFACES >=3D 2) { > + print < + $Lang::tr{'inte= rface'}: > + > + > + > +END > +} > + > +print < $Lang::tr{'enabled'} <= /td> > = > > @@ -353,7 +394,7 @@ print < > > END > -; > + > &Header::closebox(); > =20 > # Add visual indicators to column headings to show sort order - EO > @@ -419,9 +460,15 @@ foreach my $line (@current) { > } > print ""; > =20 > + my $address =3D $temp[0]; > + > + if ($temp[3] ne "") { > + $address .=3D " @ $temp[3]"; > + } > + > print < $temp[2] > -$temp[0] > +$address > =20 > >
> @@ -542,7 +589,7 @@ sub SortDataFile > # The KEY,key record permits doublons. If removed, then F1 becomes the ke= y without doublon permitted. > =20 > =20 > - my @record =3D ('KEY',$key++,'IP',$temp[0],'ENABLED',$temp[1],'NAME',$tem= p[2]); > + my @record =3D ('KEY',$key++,'IP',$temp[0],'ENABLED',$temp[1],'NAME',$tem= p[2],'INTERFACE',$temp[3]); > my $record =3D {}; # create a reference to empty = hash > %{$record} =3D @record; # populate that hash with @record > $entries{$record->{KEY}} =3D $record; # add this to a hash of hashes > @@ -552,7 +599,7 @@ sub SortDataFile > =20 > # Each field value is printed , with the newline ! Don't forget separa= tor and order of them. > foreach my $entry (sort fixedleasesort keys %entries) { > - print FILE "$entries{$entry}->{IP},$entries{$entry}->{ENABLED},$entries{$= entry}->{NAME}\n"; > + print FILE "$entries{$entry}->{IP},$entries{$entry}->{ENABLED},$entries{$= entry}->{NAME},$entries{$entry}->{INTERFACE}\n"; > } > =20 > close(FILE); > diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl > index b4c24a535..eb3e5f14f 100644 > --- a/langs/en/cgi-bin/en.pl > +++ b/langs/en/cgi-bin/en.pl > @@ -422,6 +422,7 @@ > 'alcatelusb upload' =3D> 'Upload Speedtouch USB firmware', > 'alias ip' =3D> 'Alias IP', > 'aliases' =3D> 'Aliases', > +'aliases default interface' =3D> '- Default Interface -', > 'aliases not active' =3D> 'Aliases will not be active unless your RED inte= rface is STATIC', > 'all' =3D> 'All', > 'all interfaces' =3D> 'All Interfaces', > diff --git a/src/misc-progs/setaliases.c b/src/misc-progs/setaliases.c > index 4ba6816af..4d59aa0a8 100644 > --- a/src/misc-progs/setaliases.c > +++ b/src/misc-progs/setaliases.c > @@ -28,6 +28,8 @@ > struct keyvalue *kv =3D NULL; > FILE *file =3D NULL; > =20 > +#define SCOPE 128 > + > void exithandler(void) > { > if (kv) freekeyvalues(kv); > @@ -45,6 +47,7 @@ int main(void) > char *enabled; > char *sptr; > char *comment; > + char* intf =3D NULL; > int alias; > int count; > =20 > @@ -118,13 +121,12 @@ int main(void) > exit(1); > } > =20 > - /* down the aliases in turn until ifconfig complains */ > - alias=3D0; > - do > - { > - memset(command, 0, STRING_SIZE); > - snprintf(command, STRING_SIZE-1, "/sbin/ifconfig %s:%d down 2>/dev/null"= , red_dev, alias++); > - } while (safe_system(command)=3D=3D0); > + // Flush all previous aliases > + alias =3D 0; > + do { > + snprintf(command, STRING_SIZE - 1, > + "ip addr flush dev red%d scope %d 2>/dev/null", alias++, SCOPE); > + } while (safe_system(command) =3D=3D 0); > =20 > /* Now set up the new aliases from the config file */ > if (!(file =3D fopen(CONFIG_ROOT "/ethernet/aliases", "r"))) > @@ -144,15 +146,18 @@ int main(void) > aliasip =3D NULL; > enabled =3D NULL; > comment =3D NULL; > + intf =3D NULL; > sptr =3D strtok(s, ","); > while (sptr) > { > if (count =3D=3D 0) > aliasip =3D sptr; > - if (count =3D=3D 1) > + else if (count =3D=3D 1) > enabled =3D sptr; > - else > + else if (count =3D=3D 2) > comment =3D sptr; > + else if (count =3D=3D 3) > + intf =3D sptr; > count++; > sptr =3D strtok(NULL, ","); > } > @@ -175,15 +180,18 @@ int main(void) > exit(1); > } > =20 > - memset(command, 0, STRING_SIZE); > - snprintf(command, STRING_SIZE-1, > - "/sbin/ifconfig %s:%d %s netmask %s up", > - red_dev, alias, aliasip, red_netmask); > + // Default to RED_DEV if intf isn't set > + if (!intf) > + intf =3D red_dev; > + > + snprintf(command, STRING_SIZE - 1, "ip addr add %s/%s dev %s scope %d", > + aliasip, red_netmask, intf, SCOPE); > safe_system(command); > - memset(command, 0, STRING_SIZE); > + > + // Send an ARP broadcast > snprintf(command, STRING_SIZE-1, > "/usr/sbin/arping -q -c 1 -w 1 -i %s -S %s %s", > - red_dev, aliasip, default_gateway); > + intf, aliasip, default_gateway); > safe_system(command); > alias++; > } --===============4719223152563630689==--