diff options
author | Miloslav Trmac <mitr@volny.cz> | 2006-07-25 02:36:49 +0000 |
---|---|---|
committer | Miloslav Trmac <mitr@volny.cz> | 2006-07-25 02:36:49 +0000 |
commit | b900bfe5a536065665f6575aaa84b0615db856dc (patch) | |
tree | ffa2914f8d9d99c70f8c023aa6d0912232d09f6f | |
parent | 8ebf0a43d2df1b47d6404d33518c1654d740cf73 (diff) | |
download | initscripts-b900bfe5a536065665f6575aaa84b0615db856dc.tar initscripts-b900bfe5a536065665f6575aaa84b0615db856dc.tar.gz initscripts-b900bfe5a536065665f6575aaa84b0615db856dc.tar.bz2 initscripts-b900bfe5a536065665f6575aaa84b0615db856dc.tar.xz initscripts-b900bfe5a536065665f6575aaa84b0615db856dc.zip |
GRE and IPIP tunnel support (#168990, based on patches by
Razvan Corneliu C.R. Vilt <razvan.vilt@linux360.ro>,
Aaron Hope <aaron.hope@unh.edu> and Sean Millichamp <sean@enertronllc.com>)
check_device_down: Handle tunnel_device@NONE: <...>
-rw-r--r-- | initscripts.spec | 2 | ||||
-rw-r--r-- | sysconfig.txt | 18 | ||||
-rw-r--r-- | sysconfig/network-scripts/ifdown-tunnel | 39 | ||||
-rw-r--r-- | sysconfig/network-scripts/ifup-tunnel | 73 | ||||
-rw-r--r-- | sysconfig/network-scripts/network-functions | 6 |
5 files changed, 134 insertions, 4 deletions
diff --git a/initscripts.spec b/initscripts.spec index 3d40e2bd..8952e559 100644 --- a/initscripts.spec +++ b/initscripts.spec @@ -146,6 +146,8 @@ rm -rf $RPM_BUILD_ROOT %config /etc/sysconfig/network-scripts/ifdown-ipsec %config /etc/sysconfig/network-scripts/ifup-sit %config /etc/sysconfig/network-scripts/ifdown-sit +%config /etc/sysconfig/network-scripts/ifup-tunnel +%config /etc/sysconfig/network-scripts/ifdown-tunnel %config /etc/sysconfig/network-scripts/ifup-aliases %config /etc/sysconfig/network-scripts/ifup-ippp %config /etc/sysconfig/network-scripts/ifdown-ippp diff --git a/sysconfig.txt b/sysconfig.txt index 94db5134..3e770e88 100644 --- a/sysconfig.txt +++ b/sysconfig.txt @@ -868,12 +868,26 @@ Files in /etc/sysconfig/network-scripts/ Usage of AH or ESP may be disabled by setting {AH,ESP}_PROTO to "none". Bonding-specific items - - SLAVE=yes + + SLAVE=yes Specifies device as a slave MASTER=bondXX Specifies master device to bind to + Tunnel-specific items: + TYPE=GRE|IPIP + MY_INNER_IPADDR=local IP address of the tunnel interface + PEER_OUTER_IPADDR=IP address of the remote tunnel endpoint + MY_OUTER_IPADDR=IP address of the local tunnel endpoint + If unspecified, an IP address is selected automatically for outgoing + tunnel packets, and incoming tunnel packets are accepted on all local + IP addresses. + PEER_INNER_IPADDR=IP address of the remote end of the tunnel interface + If this is specified, a route to PEER_INNER_IPADDR through the tunnel + is added automatically. + TTL=TTL value for tunnel packets + Default is to use the TTL of the packet transported through the tunnel + /etc/sysconfig/network-scripts/chat-<interface-name>: chat script for PPP or SLIP connection intended to establish diff --git a/sysconfig/network-scripts/ifdown-tunnel b/sysconfig/network-scripts/ifdown-tunnel new file mode 100644 index 00000000..0e8d1cc9 --- /dev/null +++ b/sysconfig/network-scripts/ifdown-tunnel @@ -0,0 +1,39 @@ +#!/bin/bash +# Copyright (C) 1996-2006 Red Hat, Inc. all rights reserved. +# +# This software may be freely redistributed under the terms of the GNU +# public license. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +# Thanks to: +# - Razvan Corneliu C.R. Vilt <razvan.vilt@linux360.ro> +# - Aaron Hope <aaron.hope@unh.edu> +# - Sean Millichamp <sean@enertronllc.com> +# for providing the scripts this one is based on + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. network-functions + +[ -f ../network ] && . ../network + +CONFIG=$1 +need_config "$CONFIG" +source_config + +# Generic tunnel devices are not supported here +if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 ]; then + echo $"Device '$DEVICE' isn't supported as a valid GRE device name." + exit 1 +fi + +check_device_down "$DEVICE" && exit 0 + +/sbin/ip link set dev "$DEVICE" down +/sbin/ip tunnel del "$DEVICE" + +exec /etc/sysconfig/network-scripts/ifdown-post "$CONFIG" diff --git a/sysconfig/network-scripts/ifup-tunnel b/sysconfig/network-scripts/ifup-tunnel new file mode 100644 index 00000000..7e5058f1 --- /dev/null +++ b/sysconfig/network-scripts/ifup-tunnel @@ -0,0 +1,73 @@ +#!/bin/bash +# Copyright (C) 1996-2006 Red Hat, Inc. all rights reserved. +# +# This software may be freely redistributed under the terms of the GNU +# public license. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +# Thanks to: +# - Razvan Corneliu C.R. Vilt <razvan.vilt@linux360.ro> +# - Aaron Hope <aaron.hope@unh.edu> +# - Sean Millichamp <sean@enertronllc.com> +# for providing the scripts this one is based on + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. network-functions + +CONFIG=$1 +need_config "$CONFIG" +source_config + +if [ "$PEER_OUTER_IPADDR" = "$PEER_INNER_IPADDR" ]; then + # Specifying PEER_INNER_IPADDR would automatically add a route to the peer + # through the tunnel, redirecting tunnel packets back to the tunnel and + # creating a dead loop. + unset PEER_INNER_IPADDR +fi + +case "$TYPE" in + GRE) + MODE=gre + /sbin/modprobe ip_gre + ;; + IPIP) + MODE=ipip + /sbin/modprobe ipip + ;; + *) + echo $"Invalid tunnel type $TYPE" + exit 1 + ;; +esac + +# Generic tunnel devices are not supported here +if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 ]; then + echo $"Device '$DEVICE' isn't supported as a valid GRE device name." + exit 1 +fi + +# Create the tunnel +# The outer addresses are those of the underlying (public) network. +/sbin/ip tunnel add "$DEVICE" mode "$MODE" \ + ${MY_OUTER_IPADDR:+local "$MY_OUTER_IPADDR"} \ + remote "$PEER_OUTER_IPADDR" ${TTL:+ttl "$TTL"} + +if [ -n "$MTU" ]; then + /sbin/ip link set "$DEVICE" mtu "$MTU" +fi + +# The inner address are used mainly for communication between a gateway +# and a private network. When the peer is configured with an inner address +# contained in the peer's private network or identical to it's public address, +# it need not be specified. +/sbin/ip addr add "$MY_INNER_IPADDR" dev "$DEVICE" \ + ${PEER_INNER_IPADDR:+peer "$PEER_INNER_IPADDR"} + +/sbin/ip link set dev "$DEVICE" up + +exec /etc/sysconfig/network-scripts/ifup-post "$CONFIG" "$2" diff --git a/sysconfig/network-scripts/network-functions b/sysconfig/network-scripts/network-functions index aea5f0c9..eb2ce1c8 100644 --- a/sysconfig/network-scripts/network-functions +++ b/sysconfig/network-scripts/network-functions @@ -92,7 +92,9 @@ source_config () IUCV) DEVICETYPE="iucv" ;; - + GRE | IPIP) + DEVICETYPE="tunnel" + ;; esac [ -z "$DEVICETYPE" ] && DEVICETYPE=`echo ${DEVICE} | sed "s/[0-9]*$//"` [ -z "$REALDEVICE" -a -n "$PARENTDEVICE" ] && REALDEVICE=$PARENTDEVICE @@ -254,7 +256,7 @@ check_device_down () return 0 fi else - if LC_ALL=C ip -o link 2>/dev/null | grep -q "$1:.*,UP" ; then + if LC_ALL=C ip -o link 2>/dev/null | grep -q "$1[:@].*,UP" ; then return 1 else return 0 |