This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 3.x development tree".
The branch, master has been updated via 55b0487810513ea7e7a8bfbc185e6d91544c01b8 (commit) via 0f913c903d5c75877262bd7358138e7de286ddab (commit) via 7ada2e246735b78c3f0d72406b5962a99bace685 (commit) via a6c5ea5b9e090a5f91c5e58e8604424f43debf2b (commit) via 15a945308166aff6a7e04d891dd3c22b526234d2 (commit) via 4b3ac7bdd10bdd188d9820030ecdff51ab91663f (commit) via 54ad13e5ddecf893dd7efb52f5b238e41f8d410e (commit) via e6353c57a185f3c54234569f01715148a1c50364 (commit) via 8f4905b6810529a7b1fd124cd49cf7dcdedf425c (commit) via dfb36f727871f5ed2f6f7fe8ad587ea9cdff36ae (commit) via c1b2e14a8d5ea25a0cc8dbfdff952775c4e898f7 (commit) from 61a300fb2aecd9f9c3b3e07dbe2421229edbb04f (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 55b0487810513ea7e7a8bfbc185e6d91544c01b8 Merge: 0f913c9 61a300f Author: Michael Tremer michael.tremer@ipfire.org Date: Fri Jul 30 09:42:41 2010 +0200
Merge branch 'master' of ssh://git.ipfire.org/pub/git/ipfire-3.x
commit 0f913c903d5c75877262bd7358138e7de286ddab Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 29 21:53:48 2010 +0200
network: Initial support for IPv6 tunnels with aiccu.
commit 7ada2e246735b78c3f0d72406b5962a99bace685 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 29 14:43:26 2010 +0200
network: Updated stp framework.
Add support for 802.1d.
commit a6c5ea5b9e090a5f91c5e58e8604424f43debf2b Merge: 54ad13e 15a9453 Author: Michael Tremer michael.tremer@ipfire.org Date: Thu Jul 29 14:43:19 2010 +0200
Merge branch 'master' of ssh://git.ipfire.org/pub/git/people/ms/ipfire-3.x into next
commit 15a945308166aff6a7e04d891dd3c22b526234d2 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed Jul 28 23:55:45 2010 +0200
rstp: Update dump patch.
commit 4b3ac7bdd10bdd188d9820030ecdff51ab91663f Author: Michael Tremer michael.tremer@ipfire.org Date: Tue Jul 27 13:48:07 2010 +0200
rstp: Add dump functionality.
commit 54ad13e5ddecf893dd7efb52f5b238e41f8d410e Merge: e6353c5 9b6f6f2 Author: Michael Tremer michael.tremer@ipfire.org Date: Mon Jul 26 21:48:35 2010 +0200
Merge branch 'master' of ssh://git.ipfire.org/pub/git/people/ms/ipfire-3.x into next
commit e6353c57a185f3c54234569f01715148a1c50364 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jul 25 20:51:58 2010 +0200
glibc: Set TIMEOUTFACTOR=16.
This will give the tests some extra time on very slow build machines.
commit 8f4905b6810529a7b1fd124cd49cf7dcdedf425c Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jul 25 18:43:20 2010 +0200
network: Change configuration variables of hook 'virtual' to make clearer what they do.
commit dfb36f727871f5ed2f6f7fe8ad587ea9cdff36ae Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jul 25 18:29:45 2010 +0200
network: Change name of access point devices to apN.
commit c1b2e14a8d5ea25a0cc8dbfdff952775c4e898f7 Author: Michael Tremer michael.tremer@ipfire.org Date: Sun Jul 25 18:28:35 2010 +0200
network: Add some sanity checks when removing a port.
-----------------------------------------------------------------------
Summary of changes: pkgs/core/glibc/glibc.nm | 2 +- pkgs/core/network/src/functions.aiccu | 141 ++++++ pkgs/core/network/src/functions.constants | 2 +- pkgs/core/network/src/functions.ports | 58 +++- pkgs/core/network/src/functions.stp | 470 +++++++++++++------- pkgs/core/network/src/functions.util | 10 + pkgs/core/network/src/header-port | 26 +- pkgs/core/network/src/hooks/ports/bonding | 2 + pkgs/core/network/src/hooks/ports/virtual | 36 +- pkgs/core/network/src/hooks/ports/wireless-ap | 2 +- .../hooks/zones/{pppoe.ports/ethernet => aiccu} | 134 +++--- pkgs/core/network/src/hooks/zones/bridge | 24 +- .../network/src/hooks/zones/bridge.ports/ethernet | 6 +- .../rstp/patches/rstp-0.21-dump-commands.patch | 274 ++++++++++++ 14 files changed, 943 insertions(+), 244 deletions(-) create mode 100644 pkgs/core/network/src/functions.aiccu copy pkgs/core/network/src/hooks/zones/{pppoe.ports/ethernet => aiccu} (50%) mode change 100644 => 100755 create mode 100644 pkgs/core/rstp/patches/rstp-0.21-dump-commands.patch
Difference in files: diff --git a/pkgs/core/glibc/glibc.nm b/pkgs/core/glibc/glibc.nm index b9e0546..ad694b8 100644 --- a/pkgs/core/glibc/glibc.nm +++ b/pkgs/core/glibc/glibc.nm @@ -261,7 +261,7 @@ define STAGE_BUILD endef
define STAGE_TEST - cd $(DIR_SRC)/glibc-build && make check \ + cd $(DIR_SRC)/glibc-build && TIMEOUTFACTOR=16 make check \ CFLAGS="$(CFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE" \ CXXFLAGS="$(CXXFLAGS) -fno-stack-protector -U_FORTIFY_SOURCE" endef diff --git a/pkgs/core/network/src/functions.aiccu b/pkgs/core/network/src/functions.aiccu new file mode 100644 index 0000000..5a49edd --- /dev/null +++ b/pkgs/core/network/src/functions.aiccu @@ -0,0 +1,141 @@ +#!/bin/bash +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +function aiccu_init() { + log INFO "Initializing aiccu." + mkdir -p $(aiccu_config_dir) +} + +init_register aiccu_init + +function aiccu_config_dir() { + local device=${1} + + echo "${RUN_DIR}/aiccu/${device}" +} + +function aiccu_start() { + local device=${1} + shift + + assert isset device + + local config_dir=$(aiccu_config_dir ${device}) + mkdir -p ${config_dir} + + local config_file=${config_dir}/config + aiccu_configure ${device} $@ > ${config_file} + + aiccu start ${config_file} &>/dev/null + local ret=$? + + case "${ret}" in + 0) + log DEBUG "Aiccu was successfully started for '${device}'." + return ${EXIT_OK} + ;; + *) + error_log "Could not start aiccu properly for '${device}'." + + error_log "Configuration file dump:" + local line + while read line; do + error_log " ${line}" + done < ${config_file} + + return ${EXIT_ERROR} + ;; + esac +} + +function aiccu_stop() { + local device=${1} + + assert isset device + + aiccu stop $(aiccu_config_dir ${device})/config + + rm -rf $(aiccu_config_dir ${device}) +} + +function aiccu_configure() { + local device=${1} + + assert isset device + + local user + local secret + local server + local protocol="tic" + local tunnel_id + + while [ $# -gt 0 ]; do + case "${1}" in + --user=*) + user=$(cli_get_val ${1}) + ;; + --secret=*) + secret=$(cli_get_val ${1}) + ;; + --server=*) + server=$(cli_get_val ${1}) + ;; + --protocol=*) + protocol=$(cli_get_val ${1}) + ;; + --tunnel-id=*) + tunnel_id=$(cli_get_val ${1}) + ;; + esac + shift + done + + assert isset user + assert isset secret + assert isset server + assert isset protocol + assert isoneof protocol tic tsp l2tp + +cat <<EOF +## AICCU configuration for ${zone} + +username ${user} +password ${secret} + +server ${server} +protocol ${protocol} + +$(isset tunnel_id && echo "tunnel_id ${tunnel_id}") + +ipv6_interface ${device} + +verbose true +daemonize true +automatic true + +pidfile $(aiccu_config_dir ${zone})/pid + +#setupscript /tmp/aiccu.sh + +EOF + + return ${EXIT_OK} +} diff --git a/pkgs/core/network/src/functions.constants b/pkgs/core/network/src/functions.constants index 4dd9198..efca146 100644 --- a/pkgs/core/network/src/functions.constants +++ b/pkgs/core/network/src/functions.constants @@ -69,4 +69,4 @@ SYS_CLASS_NET="/sys/class/net" # Timeout values TIMEOUT_RESTART=2
-DEVICE_PRINT_LINE1=" %-20s %s\n" +DEVICE_PRINT_LINE1=" %-24s %s\n" diff --git a/pkgs/core/network/src/functions.ports b/pkgs/core/network/src/functions.ports index feecaa2..9cda564 100644 --- a/pkgs/core/network/src/functions.ports +++ b/pkgs/core/network/src/functions.ports @@ -99,10 +99,34 @@ function port_destroy() {
port_exists ${port} || return ${EXIT_OK}
- local attached_zone=$(port_is_attached ${port}) + # Check if the port is attached to any zone and don't delete it. + local ok=${EXIT_OK}
+ local attached_zone=$(port_is_attached ${port}) if [ -n "${attached_zone}" ]; then - error "Cannot destroy port '${port}' which is attached to zone '${attached_zone}'." + error_log "Cannot destroy port '${port}' which is attached to zone '${attached_zone}'." + ok=${EXIT_ERROR} + fi + + # Check if the port is linked to any other port and don't allow the user + # to delete it. + local other_port + for other_port in $(ports_get); do + [ "${other_port}" = "${port}" ] && continue + + if listmatch ${port} $(port_get_parents ${other_port}); then + error_log "Cannot destroy port '${port}' which is a parent port to '${other_port}'." + ok=${EXIT_ERROR} + fi + + if listmatch ${port} $(port_get_children ${other_port}); then + error_log "Cannot destroy port '${port}' which is child of port '${other_port}'." + ok=${EXIT_ERROR} + fi + done + + # If ok says we are not okay --> exit + if [ ${ok} -ne ${EXIT_OK} ]; then return ${EXIT_ERROR} fi
@@ -136,6 +160,10 @@ function port_status() { port_cmd status $@ }
+function port_info() { + port_cmd info $@ +} + function port_cmd() { local cmd=${1} local port=${2} @@ -194,3 +222,29 @@ function port_find_free() { i=$(( ${i} + 1 )) done } + +function port_get_info() { + local port=${1} + local key=${2} + + assert isset port + assert port_exists ${port} + assert isset key + + ( + eval $(port_info ${port}) + echo "${!key}" + ) +} + +function port_get_parents() { + local port=${1} + + port_get_info ${port} PORT_PARENTS +} + +function port_get_children() { + local port=${1} + + port_get_info ${port} PORT_CHILDREN +} diff --git a/pkgs/core/network/src/functions.stp b/pkgs/core/network/src/functions.stp index a85138f..ba906ba 100644 --- a/pkgs/core/network/src/functions.stp +++ b/pkgs/core/network/src/functions.stp @@ -28,40 +28,19 @@ function stp_init() {
init_register stp_init
-# XXX Very slow thing, caching? -function __rstpctl_cmd() { - local command=$@ +function __rstpctl_bridge_get() { + local bridge=${1} + local param=${2} + + assert isset bridge + assert isset param
- local line local key local val - - rstpctl ${command} | \ - sed -e "s/\t\t\t/\n/g" \ - -e "s/^ //g" \ - -e "s/\t\s*/___/g" | \ - while read line; do - [ "${line}" = "${line/___/_}" ] && continue - - key=${line%%___*} - key=${key// /_} - key=${key^^} - - val=${line#*___} - - echo "${key}="${val}"" - done -} - -function __rstpctl_showbridge_get() { - local bridge=${1} - local param=${2^^} - - local line - for line in $(__rstpctl_cmd showbridge ${bridge}); do - if [ "${line%%=*}" = "${param}" ]; then - line="${line##*=}" - echo "${line//"/}" + rstpctl dumpbridge ${bridge} | \ + while read bridge key val; do + if [ "${key}" = "${param}" ]; then + echo "${val}" return ${EXIT_OK} fi done @@ -69,16 +48,21 @@ function __rstpctl_showbridge_get() { return ${EXIT_ERROR} }
-function __rstpctl_showportdetail_get() { +function __rstpctl_port_get() { local bridge=${1} local port=${2} - local param=${3^^} + local param=${3}
- local line - for line in $(__rstpctl_cmd showportdetail ${bridge} ${port}); do - if [ "${line%%=*}" = "${param}" ]; then - line="${line##*=}" - echo "${line//"/}" + assert isset bridge + assert isset port + assert isset param + + local key + local val + rstpctl dumpports ${bridge} | \ + while read por key val; do + if [ "${port}" = "${por}" -a "${key}" = "${param}" ]; then + echo "${val}" return ${EXIT_OK} fi done @@ -86,213 +70,399 @@ function __rstpctl_showportdetail_get() { return ${EXIT_ERROR} }
-function __rstp_port_enabled() { +function stp_enable() { local bridge=${1} - local port=${2}
- local status=$(__rstpctl_showportdetail_get ${bridge} ${port} enabled) + assert isset bridge + assert zone_exists ${bridge}
- if [ "${status}" = "yes" ]; then - return ${EXIT_OK} - fi + brctl stp ${bridge} on
- return ${EXIT_ERROR} + local mode=$(zone_config_get ${bridge} STP_MODE) + + case "${mode}" in + stp) + rstpctl setforcevers ${bridge} slow + ;; + rstp) + rstpctl setforcevers ${bridge} normal + ;; + *) + error_log "Unknown protocol version: ${mode}." + ;; + esac }
-function __rstp_port_state() { +function stp_disable() { local bridge=${1} - local port=${2}
- local output=$(__rstpctl_showportdetail_get ${bridge} ${port} state) - echo "${output^^}" + assert isset bridge + assert zone_exists ${bridge} + + brctl stp ${bridge} off }
-function __rstp_port_pathcost() { +function stp_bridge_get_protocol() { local bridge=${1} - local port=${2}
- __rstpctl_showportdetail_get ${bridge} ${port} path_cost + assert isset bridge + + local mode=$(__rstpctl_bridge_get ${bridge} protocol_version) + + case "${mode}" in + 0) + echo "stp" + ;; + 2) + echo "rstp" + ;; + esac }
-function __rstp_port_designated_root() { +function stp_bridge_set_protocol() { + : XXX WANTED +} + +function stp_bridge_get_id() { local bridge=${1} - local port=${2}
- __rstpctl_showportdetail_get ${bridge} ${port} designated_root + assert isset bridge + + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "id" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/bridge_id" + return ${EXIT_OK} + ;; + esac + + return ${EXIT_ERROR} }
-function __rstp_port_designated_bridge() { +function stp_bridge_get_forward_delay() { local bridge=${1} - local port=${2}
- __rstpctl_showportdetail_get ${bridge} ${port} designated_bridge + assert isset bridge + + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "bridge_forward_delay" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/forward_delay" + return ${EXIT_OK} + ;; + esac + + return ${EXIT_ERROR} }
-function __rstp_topology_change() { +function stp_bridge_get_hello_time() { local bridge=${1}
- local state=$(__rstpctl_showbridge_get ${bridge} topology_change) + assert isset bridge
- case "${state}" in - yes) - echo "${state}" + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "bridge_hello_time" return ${EXIT_OK} ;; - no) - echo "${state}" - return ${EXIT_ERROR} + stp) + __device_get_file ${bridge} "bridge/hello_time" + return ${EXIT_OK} ;; esac + + return ${EXIT_ERROR} }
-function __rstp_topology_change_count() { +function stp_bridge_get_max_age() { local bridge=${1}
- # XXX typo in rstpctl -> toplogy - __rstpctl_showbridge_get ${bridge} toplogy_change_count + assert isset bridge + + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "bridge_max_age" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/max_age" + return ${EXIT_OK} + ;; + esac + + return ${EXIT_ERROR} }
-function __rstp_topology_change_time() { +function stp_bridge_get_designated_root() { local bridge=${1} + local output + + assert isset bridge
- __rstpctl_showbridge_get ${bridge} time_since_topology_change + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + output=$(__rstpctl_bridge_get ${bridge} "designated_root") + ;; + stp) + output=$(__device_get_file ${bridge} "bridge/root_id") + ;; + esac + + if ! isset output; then + return ${EXIT_ERROR} + fi + + mac_format "${output:5:12}" + + return ${EXIT_OK} }
-function __rstp_bridge_id() { +function stp_bridge_get_root_path_cost() { local bridge=${1}
- local id=$(__rstpctl_showbridge_get ${bridge} bridge_id) - id=${id:5:12} + assert isset bridge + + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "root_path_cost" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/root_path_cost" + return ${EXIT_OK} + ;; + esac
- mac_format "${id}" + return ${EXIT_ERROR} }
-function __rstp_designated_root() { +function stp_bridge_get_root_port_id() { local bridge=${1}
- local root=$(__rstpctl_showbridge_get ${bridge} designated_root) - root=${root:5:12} + assert isset bridge + + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "root_port" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/root_port" + return ${EXIT_OK} + ;; + esac
- mac_format "${root}" + return ${EXIT_ERROR} }
-function __rstp_pathcost() { +function stp_bridge_get_root_port() { local bridge=${1}
- __rstpctl_showbridge_get ${bridge} path_cost -} + assert isset bridge
-function __stp_port_enabled() { - : # XXX TBD -} + local id=$(stp_bridge_get_root_port_id ${bridge})
-function __stp_port_state() { - : # XXX TBD -} + local member + local member_id + for member in $(bridge_get_members ${bridge}); do + member_id=$(stp_port_get_id ${bridge} ${member})
-function __stp_port_pathcost() { - : # XXX TBD -} + if [ "${id}" = "${member_id}" ]; then + echo "${member}" + return ${EXIT_OK} + fi + done
-function __stp_port_designated_root() { - : # XXX TBD + return ${EXIT_ERROR} }
-function __stp_port_designated_bridge() { - : # XXX TBD -} +function stp_bridge_is_root() { + local bridge=${1}
-function stp_port_enabled() { - __stp_wrapper port_enabled $@ -} + assert isset bridge
-function stp_port_state() { - __stp_wrapper port_state $@ + [ -n "$(stp_bridge_get_root_port ${bridge})" ] }
-function stp_port_pathcost() { - __stp_wrapper port_pathcost $@ -} +function stp_bridge_get_priority() { + local bridge=${1}
-function stp_port_designated_root() { - local root=$(__stp_wrapper port_designated_root $@) + assert isset bridge
- # Cut prefix 8000. and format mac - root="${root:5:12}" - mac_format "${root}" -} + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + local output=$(__rstpctl_bridge_get ${bridge} "root_path_cost") + dec "${output:0:4}" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/priority" + return ${EXIT_OK} + ;; + esac
-function stp_port_designated_bridge() { - __stp_wrapper port_designated_bridge $@ + return ${EXIT_ERROR} }
-function stp_topology_change() { - __stp_wrapper topology_change $@ -} +function stp_bridge_get_topology_change_count() { + local bridge=${1}
-function stp_topology_change_count() { - __stp_wrapper topology_change_count $@ -} + assert isset bridge
-function stp_topology_change_time() { - __stp_wrapper topology_change_time $@ -} + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "topology_change_count" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/topology_change" + return ${EXIT_OK} + ;; + esac
-function stp_bridge_id() { - __stp_wrapper bridge_id $@ + return ${EXIT_ERROR} }
-function stp_designated_root() { - __stp_wrapper designated_root $@ -} +function stp_bridge_get_topology_change_timer() { + local bridge=${1} + + assert isset bridge + + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "time_since_topology_change" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/topology_change_timer" + return ${EXIT_OK} + ;; + esac
-function stp_pathcost() { - __stp_wrapper pathcost $@ + return ${EXIT_ERROR} }
-function __stp_wrapper() { - local func=${1} - shift +function stp_bridge_get_topology_change_detected() { + local bridge=${1}
- # XXX we will detect what kind of protocol the - # bridge is running and process the correct funtions - local proto_version="rstp" + assert isset bridge
- __${proto_version}_${func} $@ -} + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_bridge_get ${bridge} "topology_change" + return ${EXIT_OK} + ;; + stp) + __device_get_file ${bridge} "bridge/topology_change_detected" + return ${EXIT_OK} + ;; + esac
-function stp_mode() { - : # XXX wanted + return ${EXIT_ERROR} }
-function stp_enable() { +# STP states +STP_STATE[0]="disabled" +STP_STATE[1]="listening" +STP_STATE[2]="learning" +STP_STATE[3]="forwarding" +STP_STATE[4]="blocking" + +function stp_port_get_state() { local bridge=${1} + local port=${2} + local output
assert isset bridge - assert zone_exists ${bridge} + assert isset port
- brctl stp ${bridge} on + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + output=$(__rstpctl_port_get ${bridge} ${port} "state") + ;; + stp) + output=$(__device_get_file ${bridge} "brif/${port}/state")
- local mode=$(zone_config_get ${bridge} STP_MODE) + # Translate int to name + output="${STP_STATE[${output}]}" + ;; + esac
- case "${mode}" in + if ! isset output; then + return ${EXIT_ERROR} + fi + + echo "${output^^}" + + return ${EXIT_OK} +} + +function stp_port_get_id() { + local bridge=${1} + local port=${2} + + assert isset bridge + assert isset port + + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + __rstpctl_port_get ${bridge} ${port} "id" + return ${EXIT_OK} + ;; stp) - rstpctl setforcevers ${bridge} slow + dec $(__device_get_file ${bridge} "brif/${port}/port_no") + return ${EXIT_OK} ;; + esac + + return ${EXIT_ERROR} +} + +function stp_port_get_cost() { + local bridge=${1} + local port=${2} + + assert isset bridge + assert isset port + + case "$(stp_bridge_get_protocol ${bridge})" in rstp) - rstpctl setforcevers ${bridge} normal + __rstpctl_port_get ${bridge} ${port} "path_cost" + return ${EXIT_OK} ;; - *) - error_log "Unknown protocol version: ${mode}." + stp) + __device_get_file ${bridge} "brif/${port}/path_cost" + return ${EXIT_OK} ;; esac + + return ${EXIT_ERROR} }
-function stp_disable() { +function stp_port_get_designated_root() { local bridge=${1} + local port=${2} + local output
assert isset bridge - assert zone_exists ${bridge} + assert isset port
- brctl stp ${bridge} off + case "$(stp_bridge_get_protocol ${bridge})" in + rstp) + output=$(__rstpctl_port_get ${bridge} ${port} "designated_root") + ;; + stp) + output=$(__device_get_file ${bridge} "brif/${port}/designated_root") + ;; + esac + + mac_format ${output:5:12} + + return ${EXIT_ERROR} } diff --git a/pkgs/core/network/src/functions.util b/pkgs/core/network/src/functions.util index 104316f..8b20787 100644 --- a/pkgs/core/network/src/functions.util +++ b/pkgs/core/network/src/functions.util @@ -405,3 +405,13 @@ function process_kill() { done done } + +function dec() { + local hex=${1} + + if [ "${hex:0:2}" != "0x" ]; then + hex="0x${hex}" + fi + + printf "%d\n" "${hex}" +} diff --git a/pkgs/core/network/src/header-port b/pkgs/core/network/src/header-port index d06b2e1..95b39d0 100644 --- a/pkgs/core/network/src/header-port +++ b/pkgs/core/network/src/header-port @@ -22,6 +22,7 @@ . /lib/network/functions
HOOK=$(basename ${0}) +INFO_SETTINGS="HOOK PORT_PARENTS PORT_CHILDREN"
while [ $# -gt 0 ]; do case "${1}" in @@ -39,7 +40,7 @@ done
function run() { case "${action}" in - edit|add|create|rem|up|down|status) + edit|add|create|rem|up|down|status|info) _${action} $@ ;; esac @@ -47,3 +48,26 @@ function run() { error "Port hook '${HOOK}' didn't exit properly." exit ${EXIT_ERROR} } + +function _info() { + local port=${1} + shift + + assert isset port + + config_read $(port_file ${port}) + + local key + local val + for key in PORT_PARENTS PORT_CHILDREN; do + val="${key}_VAR" + val=${!val} + eval "${key}="${!val}"" + done + + for key in ${INFO_SETTINGS}; do + echo "${key}="${!key}"" + done + + exit ${ERROR_OK} +} diff --git a/pkgs/core/network/src/hooks/ports/bonding b/pkgs/core/network/src/hooks/ports/bonding index 9e04435..0a8535f 100755 --- a/pkgs/core/network/src/hooks/ports/bonding +++ b/pkgs/core/network/src/hooks/ports/bonding @@ -23,6 +23,8 @@
HOOK_SETTINGS="HOOK DEVICE_MAC MIIMON MODE SLAVES"
+PORT_CHILDREN_VAR="SLAVES" + DEVICE_MAC=$(mac_generate) MIIMON=100
diff --git a/pkgs/core/network/src/hooks/ports/virtual b/pkgs/core/network/src/hooks/ports/virtual index 10f0b80..a8c7d49 100755 --- a/pkgs/core/network/src/hooks/ports/virtual +++ b/pkgs/core/network/src/hooks/ports/virtual @@ -21,24 +21,26 @@
. /lib/network/header-port
-HOOK_SETTINGS="HOOK DEVICE DEVICE_MAC DEVICE_VID" +HOOK_SETTINGS="HOOK ADDRESS PARENT TAG"
-DEVICE_MAC=$(mac_generate) +PORT_PARENTS_VAR="PARENT" + +ADDRESS=$(mac_generate)
function _check() { - assert isset DEVICE - assert ismac DEVICE_MAC - assert isinteger DEVICE_VID + assert isset PARENT + assert ismac ADDRESS + assert isinteger TAG
- if [ ${DEVICE_VID} -gt 4096 ]; then - error "DEVICE_VID is greater than 4096." + if [ ${TAG} -gt 4096 ]; then + error "TAG is greater than 4096." exit ${EXIT_ERROR} fi
local reserved for reserved in 0 4095; do - if [ "${DEVICE_VID}" = "${reserved}" ]; then - error "DEVICE_VID=${reserved} is reserved." + if [ "${TAG}" = "${reserved}" ]; then + error "TAG=${reserved} is reserved." exit ${EXIT_ERROR} fi done @@ -48,13 +50,13 @@ function _create() { while [ $# -gt 0 ]; do case "${1}" in --device=*) - DEVICE=${1#--device=} + PARENT=${1#--device=} ;; --mac=*) - DEVICE_MAC=${1#--mac=} + ADDRESS=${1#--mac=} ;; --id=*) - DEVICE_VID=${1#--id=} + TAG=${1#--id=} ;; *) warning "Unknown argument '${1}'" @@ -63,7 +65,7 @@ function _create() { shift done
- local port="${DEVICE}v${DEVICE_VID}" + local port="${PARENT}v${TAG}"
config_write $(port_file ${port}) ${HOOK_SETTINGS}
@@ -81,7 +83,7 @@ function _edit() { while [ $# -gt 0 ]; do case "${1}" in --mac=*) - DEVICE_MAC=${1#--mac=} + ADDRESS=${1#--mac=} ;; *) warning "Unknown argument '${1}'" @@ -103,7 +105,7 @@ function _up() { config_read $(port_file ${port})
if ! device_exists ${port}; then - virtual_create ${DEVICE} ${DEVICE_VID} ${DEVICE_MAC} + virtual_create ${PARENT} ${TAG} ${ADDRESS} fi
exit ${EXIT_OK} @@ -129,9 +131,9 @@ function _status() { local zone=${1} local port=${2}
-config_read $(zone_dir ${zone})/${port} + config_read $(zone_dir ${zone})/${port}
- local device=$(devicify ${DEVICE_MAC}) + local device=$(devicify ${ADDRESS})
printf " %-10s - " "${device}" if ! device_is_up ${device}; then diff --git a/pkgs/core/network/src/hooks/ports/wireless-ap b/pkgs/core/network/src/hooks/ports/wireless-ap index 4340a75..036ea06 100755 --- a/pkgs/core/network/src/hooks/ports/wireless-ap +++ b/pkgs/core/network/src/hooks/ports/wireless-ap @@ -21,7 +21,7 @@
. /lib/network/header-port
-DEVICE_PATTERN="wifiN" +DEVICE_PATTERN="apN"
HOOK_SETTINGS="HOOK ADDRESS BROADCAST_SSID COUNTRY_CODE MODE PHY SSID"
diff --git a/pkgs/core/network/src/hooks/zones/aiccu b/pkgs/core/network/src/hooks/zones/aiccu new file mode 100755 index 0000000..e867ff4 --- /dev/null +++ b/pkgs/core/network/src/hooks/zones/aiccu @@ -0,0 +1,131 @@ +#!/bin/bash +############################################################################### +# # +# IPFire.org - A linux based firewall # +# Copyright (C) 2010 Michael Tremer & Christian Schmidt # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see http://www.gnu.org/licenses/. # +# # +############################################################################### + +. /lib/network/header-zone + +HOOK_SETTINGS="HOOK PROTOCOL USER SECRET SERVER TUNNEL_ID" + +USER= +SECRET= +SERVER="tic.sixxs.net" +PROTOCOL="tic" +TUNNEL_ID= + +function _check() { + assert isset USER + assert isset SECRET + assert isset SERVER + assert isset PROTOCOL +} + +function _parse_cmdline() { + local value + + while [ $# -gt 0 ]; do + case "$1" in + --user=*) + USER=$(cli_get_val ${1}) + ;; + --secret=*) + SECRET=$(cli_get_val ${1}) + ;; + --server=*) + SERVER=$(cli_get_val ${1}) + ;; + --protocol=*) + PROTOCOL=$(cli_get_val ${1}) + ;; + --tunnel-id=*) + TUNNEL_ID=$(cli_get_val ${1}) + ;; + *) + echo "Unknown option: $1" >&2 + exit ${EXIT_ERROR} + ;; + esac + shift + done +} + +function _up() { + local zone=${1} + shift + + assert isset zone + + zone_config_read ${zone} + + aiccu_start ${zone} \ + --server="${SERVER}" \ + --protocol="${PROTOCOL}" \ + --user="${USER}" \ + --secret="${SECRET}" \ + --tunnel-id="${TUNNEL_ID}" + + exit $? +} + +function _down() { + local zone=${1} + shift + + aiccu_stop ${zone} + + exit ${EXIT_OK} +} + +function _status() { + local zone=${1} + + assert isset zone + + cli_status_headline ${zone} + + zone_config_read ${zone} + + cli_headline " Configuration:" + printf "${DEVICE_PRINT_LINE1}" "User:" "${USER}" + printf "${DEVICE_PRINT_LINE1}" "Secret:" "<hidden>" + echo + printf "${DEVICE_PRINT_LINE1}" "Server:" "${SERVER}" + printf "${DEVICE_PRINT_LINE1}" "Protocol:" "${PROTOCOL}" + if isset TUNNEL_ID; then + echo + printf "${DEVICE_PRINT_LINE1}" "Tunnel ID:" "${TUNNEL_ID}" + fi + echo + printf "${DEVICE_PRINT_LINE1}" "Use default route?" "$(enabled DEFAULTROUTE && echo "enabled" || echo "disabled")" + printf "${DEVICE_PRINT_LINE1}" "Use peer DNS?" "$(enabled PEERDNS && echo "enabled" || echo "disabled")" + + # Exit if zone is down + if ! zone_is_up ${zone}; then + echo # Empty line + exit ${EXIT_ERROR} + fi + + cli_headline " Protocol information:" + printf "${DEVICE_PRINT_LINE1}" "MTU:" "$(device_get_mtu ${zone})" + echo + + exit ${EXIT_OK} +} + +run $@ diff --git a/pkgs/core/network/src/hooks/zones/bridge b/pkgs/core/network/src/hooks/zones/bridge index 701d3ab..022ca65 100755 --- a/pkgs/core/network/src/hooks/zones/bridge +++ b/pkgs/core/network/src/hooks/zones/bridge @@ -157,21 +157,27 @@ function _status() { # XXX Add bridge stp priority here # brctl does not give any information about that
- cli_headline " Spanning Tree Protocol information:" - echo " Bridge ID : $(stp_bridge_id ${zone})" - echo " Designated root : $(stp_designated_root ${zone})" - echo " Path cost : $(stp_pathcost ${zone})" + cli_headline " Spanning Tree Protocol information:" + printf "${DEVICE_PRINT_LINE1}" "ID:" $(stp_bridge_get_id ${zone}) + printf "${DEVICE_PRINT_LINE1}" "Priority:" $(stp_bridge_get_priority ${zone}) + + if stp_bridge_is_root ${zone}; then + echo -e " ${COLOUR_BOLD}This bridge is root.${COLOUR_NORMAL}" + else + printf "${DEVICE_PRINT_LINE1}" "Designated root:" $(stp_bridge_get_designated_root ${zone}) + printf "${DEVICE_PRINT_LINE1}" "Root path cost:" $(stp_bridge_get_root_path_cost ${zone}) + fi echo # Empty line
# Topology information - printf " Topology changing : %6s\n" $(stp_topology_change ${zone}) - printf " Topology change time : %6s\n" $(beautify_time $(stp_topology_change_time ${zone})) - printf " Topology change count : %6s\n" $(stp_topology_change_count ${zone}) + printf "${DEVICE_PRINT_LINE1}" "Topology changing:" $(stp_bridge_get_topology_change_detected ${zone}) + printf "${DEVICE_PRINT_LINE1}" "Topology change time:" $(beautify_time $(stp_bridge_get_topology_change_timer ${zone})) + printf "${DEVICE_PRINT_LINE1}" "Topology change count:" $(stp_bridge_get_topology_change_count ${zone})
- cli_headline " Ports:" + cli_headline " Ports:" zone_ports_status ${zone}
- cli_headline " Configurations:" + cli_headline " Configurations:" zone_configs_cmd status ${zone}
echo # Empty line diff --git a/pkgs/core/network/src/hooks/zones/bridge.ports/ethernet b/pkgs/core/network/src/hooks/zones/bridge.ports/ethernet index f7dd506..c249e17 100755 --- a/pkgs/core/network/src/hooks/zones/bridge.ports/ethernet +++ b/pkgs/core/network/src/hooks/zones/bridge.ports/ethernet @@ -139,12 +139,12 @@ function _status() { if ! device_is_up ${port}; then echo -ne "${COLOUR_DOWN} DOWN ${COLOUR_NORMAL}" else - local state=$(stp_port_state ${zone} ${port}) + local state=$(stp_port_get_state ${zone} ${port}) local colour="COLOUR_STP_${state}" printf "${!colour}%10s${COLOUR_NORMAL}" ${state}
- echo -n " - DSR: $(stp_port_designated_root ${zone} ${port})" - echo -n " - Cost: $(stp_port_pathcost ${zone} ${port})" + echo -n " - DSR: $(stp_port_get_designated_root ${zone} ${port})" + echo -n " - Cost: $(stp_port_get_cost ${zone} ${port})" fi
echo diff --git a/pkgs/core/rstp/patches/rstp-0.21-dump-commands.patch b/pkgs/core/rstp/patches/rstp-0.21-dump-commands.patch new file mode 100644 index 0000000..cc48819 --- /dev/null +++ b/pkgs/core/rstp/patches/rstp-0.21-dump-commands.patch @@ -0,0 +1,274 @@ +diff --git a/ctl_main.c b/ctl_main.c +index dd041d7..7382d97 100644 +--- a/ctl_main.c ++++ b/ctl_main.c +@@ -443,6 +443,240 @@ static int cmd_debuglevel(int argc, char *const *argv) + return CTL_set_debug_level(getuint(argv[1])); + } + ++#define DUMP_FMT(br_name, key) "%-8s %-26s ", br_name, key ++ ++static int do_dumpbridge(const char *br_name) { ++ STP_BridgeStatus s; ++ ++ int br_index = get_index_die(br_name, "bridge", 0); ++ if (br_index < 0) ++ return -1; ++ ++ int r = CTL_get_bridge_status(br_index, &s); ++ if (r) ++ return -1; ++ ++ /* bridge forward delay */ ++ printf(DUMP_FMT(br_name, "bridge_forward_delay")); ++ printf("%u\n", s.bridge_forward_delay); ++ ++ /* bridge hello time */ ++ printf(DUMP_FMT(br_name, "bridge_hello_time")); ++ printf("%u\n", s.bridge_hello_time); ++ ++ /* bridge max age */ ++ printf(DUMP_FMT(br_name, "bridge_max_age")); ++ printf("%u\n", s.bridge_max_age); ++ ++ /* designated root */ ++ printf(DUMP_FMT(br_name, "designated_root")); ++ printf(BR_ID_FMT "\n", BR_ID_ARGS(s.designated_root)); ++ ++ /* enabled */ ++ printf(DUMP_FMT(br_name, "enabled")); ++ printf("%s\n", BOOL_STR(s.enabled)); ++ ++ /* forward delay */ ++ printf(DUMP_FMT(br_name, "forward_delay")); ++ printf("%u\n", s.forward_delay); ++ ++ /* hello time */ ++ printf(DUMP_FMT(br_name, "hello_time")); ++ printf("%u\n", s.hello_time); ++ ++ /* id */ ++ printf(DUMP_FMT(br_name, "id")); ++ printf(BR_ID_FMT "\n", BR_ID_ARGS(s.bridge_id)); ++ ++ /* max age */ ++ printf(DUMP_FMT(br_name, "max_age")); ++ printf("%u\n", s.max_age); ++ ++ /* protocol version */ ++ printf(DUMP_FMT(br_name, "protocol_version")); ++ printf("%d\n", s.protocol_version); ++ ++ /* root path cost */ ++ printf(DUMP_FMT(br_name, "root_path_cost")); ++ printf("%u\n", s.root_path_cost); ++ ++ /* root port */ ++ printf(DUMP_FMT(br_name, "root_port")); ++ printf("%u\n", s.root_port); ++ ++ /* time since topology change */ ++ printf(DUMP_FMT(br_name, "time_since_topology_change")); ++ printf("%u\n", s.time_since_topology_change); ++ ++ /* topology change */ ++ printf(DUMP_FMT(br_name, "topology_change")); ++ printf("%u\n", s.topology_change); ++ ++ /* topology change count */ ++ printf(DUMP_FMT(br_name, "topology_change_count")); ++ printf("%u\n", s.topology_change_count); ++ ++ /* tx hold count */ ++ printf(DUMP_FMT(br_name, "tx_hold_count")); ++ printf("%u\n", s.tx_hold_count); ++ ++ return 0; ++} ++ ++static int do_dumpbridgeport(int br_index, const char *pt_name) { ++ STP_PortStatus p; ++ int r = 0; ++ int port_index = get_index_die(pt_name, "port", 0); ++ if (port_index < 0) ++ return -1; ++ ++ r = CTL_get_port_status(br_index, port_index, &p); ++ if (r) { ++ fprintf(stderr, "Failed to get port state for port %d\n", port_index); ++ return -1; ++ } ++ ++ /* admin edge port */ ++ printf(DUMP_FMT(pt_name, "admin_edge_port")); ++ printf("%s\n", BOOL_STR(p.admin_edge_port)); ++ ++ /* admin point to point */ ++ printf(DUMP_FMT(pt_name, "admin_point_to_point")); ++ printf("%s\n", BOOL_STR(p.admin_p2p)); ++ ++ /* auto edge port */ ++ printf(DUMP_FMT(pt_name, "auto_edge_port")); ++ printf("%s\n", BOOL_STR(p.auto_edge_port)); ++ ++ /* path cost */ ++ printf(DUMP_FMT(pt_name, "admin_path_cost")); ++ printf("%d\n", p.admin_path_cost); ++ ++ /* designated bridge */ ++ printf(DUMP_FMT(pt_name, "designated_bridge")); ++ printf(BR_ID_FMT "\n", BR_ID_ARGS(p.designated_bridge)); ++ ++ /* designated cost */ ++ printf(DUMP_FMT(pt_name, "designated_cost")); ++ printf("%d\n", p.designated_cost); ++ ++ /* designated port */ ++ printf(DUMP_FMT(pt_name, "designated_port")); ++ printf("%0x\n", p.designated_port); ++ ++ /* designated root */ ++ printf(DUMP_FMT(pt_name, "designated_root")); ++ printf(BR_ID_FMT "\n", BR_ID_ARGS(p.designated_root)); ++ ++ /* enabled */ ++ printf(DUMP_FMT(pt_name, "enabled")); ++ printf("%s\n", BOOL_STR(p.enabled)); ++ ++ /* id */ ++ printf(DUMP_FMT(pt_name, "id")); ++ printf("%u\n", p.id & 0xfff); ++ ++ /* oper edge port */ ++ printf(DUMP_FMT(pt_name, "oper_edge_port")); ++ printf("%s\n", BOOL_STR(p.oper_edge_port)); ++ ++ /* path cost */ ++ printf(DUMP_FMT(pt_name, "path_cost")); ++ printf("%d\n", p.path_cost); ++ ++ /* point to point */ ++ printf(DUMP_FMT(pt_name, "point_to_point")); ++ printf("%s\n", BOOL_STR(p.oper_p2p)); ++ ++ /* state */ ++ printf(DUMP_FMT(pt_name, "state")); ++ printf(STATE_STR(p.state)); ++ printf("\n"); ++ ++ /* topology change ack */ ++ printf(DUMP_FMT(pt_name, "topology_change_ack")); ++ printf("%s\n", BOOL_STR(p.tc_ack)); ++ ++ return 0; ++} ++ ++static int cmd_dumpbridge(int argc, char *const *argv) ++{ ++ int i, count = 0; ++ int r = 0; ++ struct dirent **namelist; ++ ++ if (argc > 1) { ++ count = argc - 1; ++ } else { ++ count = ++ scandir(SYSFS_CLASS_NET, &namelist, isbridge, alphasort); ++ if (count < 0) { ++ fprintf(stderr, "Error getting list of all bridges\n"); ++ return -1; ++ } ++ } ++ ++ for (i = 0; i < count; i++) { ++ const char *name; ++ if (argc > 1) ++ name = argv[i + 1]; ++ else ++ name = namelist[i]->d_name; ++ ++ int err = do_dumpbridge(name); ++ if (err) ++ r = err; ++ } ++ ++ if (argc <= 1) { ++ for (i = 0; i < count; i++) ++ free(namelist[i]); ++ free(namelist); ++ } ++ ++ return r; ++} ++ ++static int cmd_dumpbridgeports(int argc, char *const *argv) ++{ ++ int r = 0; ++ ++ int br_index = get_index(argv[1], "bridge"); ++ ++ int i, count = 0; ++ struct dirent **namelist; ++ ++ if (argc > 2) { ++ count = argc - 2; ++ } else { ++ char buf[SYSFS_PATH_MAX]; ++ snprintf(buf, sizeof(buf), SYSFS_CLASS_NET "/%s/brif", argv[1]); ++ count = scandir(buf, &namelist, not_dot_dotdot, alphasort); ++ if (count < 0) { ++ fprintf(stderr, ++ "Error getting list of all ports of bridge %s\n", ++ argv[1]); ++ return -1; ++ } ++ } ++ ++ for (i = 0; i < count; i++) { ++ const char *name; ++ name = namelist[i]->d_name; ++ ++ int err = do_dumpbridgeport(br_index, name); ++ if (err) ++ r = err; ++ } ++ ++ for (i = 0; i < count; i++) ++ free(namelist[i]); ++ free(namelist); ++ ++ return r; ++} ++ + struct command { + int nargs; + int optargs; +@@ -483,6 +717,10 @@ static const struct command commands[] = { + {2, 0, "portmcheck", cmd_portmcheck, + "<bridge> <port>\ttry to get back from STP to RSTP mode"}, + {1, 0, "debuglevel", cmd_debuglevel, "<level>\t\tLevel of verbosity"}, ++ {0, 32, "dumpbridge", cmd_dumpbridge, ++ "Dump all information about a bridge in machine parseable format"}, ++ {1, 0, "dumpports", cmd_dumpbridgeports, ++ "Dump all port information in machine parseable format"}, + }; + + const struct command *command_lookup(const char *cmd) +diff --git a/rstpctl.8 b/rstpctl.8 +index ca72eaf..f827c85 100644 +--- a/rstpctl.8 ++++ b/rstpctl.8 +@@ -115,6 +115,13 @@ switch back to RSTP mode. + .B rstpctl debuglevel <level> + sets the level of verbosity of rstpd's logging. + ++.B rstpctl dumpbridge [<bridge> ...] ++dumps all informational parameters to the console. This is needed to ++parse the output in shell scripts for example. ++ ++.B rstpctl dumpports <bridge> [<port> ...] ++like dumpbridge but prints information about the ports of a bridge. ++ + .SH NOTES + TODO: Indicate lack of persistence of configuration across restarts of + daemon.
hooks/post-receive -- IPFire 3.x development tree