From a145ddda284570e57413e37f025c3657205e17d8 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Fri, 25 May 2018 20:01:54 +0200 Subject: Repository scheme updated to new layout NOTE: This commit just moves files around, without actually fixing the Makefiles and specfile. See follow up commits which resolve this. --- network-scripts/ifcfg-lo | 9 + network-scripts/ifdown | 71 +++ network-scripts/ifdown-bnep | 49 ++ network-scripts/ifdown-eth | 184 ++++++ network-scripts/ifdown-ippp | 34 + network-scripts/ifdown-ipv6 | 139 ++++ network-scripts/ifdown-post | 72 +++ network-scripts/ifdown-routes | 33 + network-scripts/ifdown-sit | 58 ++ network-scripts/ifdown-tunnel | 45 ++ network-scripts/ifup | 164 +++++ network-scripts/ifup-aliases | 381 +++++++++++ network-scripts/ifup-bnep | 55 ++ network-scripts/ifup-ctc | 52 ++ network-scripts/ifup-eth | 372 +++++++++++ network-scripts/ifup-ippp | 384 +++++++++++ network-scripts/ifup-ipv6 | 316 ++++++++++ network-scripts/ifup-plip | 27 + network-scripts/ifup-plusb | 43 ++ network-scripts/ifup-post | 151 +++++ network-scripts/ifup-routes | 76 +++ network-scripts/ifup-sit | 108 ++++ network-scripts/ifup-tunnel | 94 +++ network-scripts/ifup-wireless | 62 ++ network-scripts/init.ipv6-global | 164 +++++ network-scripts/network-functions | 744 ++++++++++++++++++++++ network-scripts/network-functions-ipv6 | 1084 ++++++++++++++++++++++++++++++++ 27 files changed, 4971 insertions(+) create mode 100644 network-scripts/ifcfg-lo create mode 100755 network-scripts/ifdown create mode 100755 network-scripts/ifdown-bnep create mode 100755 network-scripts/ifdown-eth create mode 100755 network-scripts/ifdown-ippp create mode 100755 network-scripts/ifdown-ipv6 create mode 100755 network-scripts/ifdown-post create mode 100755 network-scripts/ifdown-routes create mode 100755 network-scripts/ifdown-sit create mode 100755 network-scripts/ifdown-tunnel create mode 100755 network-scripts/ifup create mode 100755 network-scripts/ifup-aliases create mode 100755 network-scripts/ifup-bnep create mode 100755 network-scripts/ifup-ctc create mode 100755 network-scripts/ifup-eth create mode 100755 network-scripts/ifup-ippp create mode 100755 network-scripts/ifup-ipv6 create mode 100755 network-scripts/ifup-plip create mode 100755 network-scripts/ifup-plusb create mode 100755 network-scripts/ifup-post create mode 100755 network-scripts/ifup-routes create mode 100755 network-scripts/ifup-sit create mode 100755 network-scripts/ifup-tunnel create mode 100755 network-scripts/ifup-wireless create mode 100755 network-scripts/init.ipv6-global create mode 100644 network-scripts/network-functions create mode 100644 network-scripts/network-functions-ipv6 (limited to 'network-scripts') diff --git a/network-scripts/ifcfg-lo b/network-scripts/ifcfg-lo new file mode 100644 index 00000000..cb4f3f94 --- /dev/null +++ b/network-scripts/ifcfg-lo @@ -0,0 +1,9 @@ +DEVICE=lo +IPADDR=127.0.0.1 +NETMASK=255.0.0.0 +NETWORK=127.0.0.0 +# If you're having problems with gated making 127.0.0.0/8 a martian, +# you can change this to something else (255.255.255.255, for example) +BROADCAST=127.255.255.255 +ONBOOT=yes +NAME=loopback diff --git a/network-scripts/ifdown b/network-scripts/ifdown new file mode 100755 index 00000000..18cee69d --- /dev/null +++ b/network-scripts/ifdown @@ -0,0 +1,71 @@ +#!/bin/bash + +unset WINDOW # defined by screen, conflicts with our usage + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +CONFIG=$1 + +[ -z "$CONFIG" ] && { + echo $"usage: ifdown " >&2 + exit 1 +} + +need_config "${CONFIG}" + +[ -f "$CONFIG" ] || { + echo $"usage: ifdown " >&2 + exit 1 +} + +if [ $UID != 0 ]; then + if [ -x /usr/sbin/usernetctl ]; then + source_config + if /usr/sbin/usernetctl ${CONFIG} report ; then + exec /usr/sbin/usernetctl ${CONFIG} down + fi + fi + echo $"Users cannot control this device." >&2 + exit 1 +fi + +source_config + +if [ -n "$IN_HOTPLUG" ] && [ "${HOTPLUG}" = "no" -o "${HOTPLUG}" = "NO" ] +then + exit 0 +fi + +if [ "$_use_nm" = "true" ]; then + if [ -n "$UUID" -a -z "$DEVICE" ]; then + DEVICE=$(nmcli -t --fields uuid,device con show --active | awk -F ':' "\$1 == \"$UUID\" { print \$2 }") + fi + if [ -n "$DEVICE" ] && ! is_nm_device_unmanaged "$DEVICE" ; then + if ! LC_ALL=C nmcli -t -f STATE,DEVICE dev status | grep -Eq "^(failed|disconnected|unmanaged|unavailable):$DEVICE$"; then + nmcli dev disconnect "$DEVICE" + exit $? + fi + exit 0 + fi +fi + +if [ -x /sbin/ifdown-pre-local ]; then + /sbin/ifdown-pre-local ${DEVICE} +fi + +OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-${DEVICETYPE}" + +if [ ! -x ${OTHERSCRIPT} ]; then + OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-${TYPE}" +fi + +if [ ! -x ${OTHERSCRIPT} ]; then + OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-eth" +fi + +exec ${OTHERSCRIPT} ${CONFIG} $2 diff --git a/network-scripts/ifdown-bnep b/network-scripts/ifdown-bnep new file mode 100755 index 00000000..9b2d385d --- /dev/null +++ b/network-scripts/ifdown-bnep @@ -0,0 +1,49 @@ +#! /bin/bash + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +CONFIG=${1} + +source_config + +# On hotplug events, just bring the virtual device up as if it's normal Ethernet +if [ -n "$IN_HOTPLUG" ]; then + exec /etc/sysconfig/network-scripts/ifdown-eth ${CONFIG} $2 +fi + +stop_panu() +{ + kill -TERM $(cat /run/pand-${DEVICE}.pid) +} + +stop_nap() +{ + kill -TERM $(cat /run/pand-${DEVICE}.pid) + /usr/bin/pand -K +} + +stop_gn() +{ + : +} + +case "$ROLE" in +PANU) + stop_panu + ;; +NAP) + stop_nap + ;; +GN) + stop_gn + ;; +*) + echo Unknown BNEP mode :$ROLE + ;; +esac + diff --git a/network-scripts/ifdown-eth b/network-scripts/ifdown-eth new file mode 100755 index 00000000..97b17aaf --- /dev/null +++ b/network-scripts/ifdown-eth @@ -0,0 +1,184 @@ +#!/bin/bash +# Network Interface Configuration System +# Copyright (c) 1996-2009 Red Hat, Inc. all rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License, version 2, +# as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +CONFIG=${1} + +source_config + +. /etc/sysconfig/network + +# Check to make sure the device is actually up +check_device_down ${DEVICE} && [ "$BOOTPROTO" != "dhcp" -a "$BOOTPROTO" != "bootp" ] && [ -n "$VLAN" -a "$VLAN" != "yes" ] && exit 0 + +if [ -n "${TEAM_MASTER}" ] && [ ! "${DEVICETYPE}" = "TeamPort" ] && [ -x ./ifdown-TeamPort ]; then + ./ifdown-TeamPort ${CONFIG} $2 +fi + +if [ "${SLAVE}" != "yes" -o -z "${MASTER}" ]; then + if [ -n "${HWADDR}" -a -z "${MACADDR}" ]; then + FOUNDMACADDR=$(get_hwaddr ${REALDEVICE}) + if [ -n "${FOUNDMACADDR}" -a "${FOUNDMACADDR}" != "${HWADDR}" ]; then + NEWCONFIG=$(get_config_by_hwaddr ${FOUNDMACADDR}) + if [ -n "${NEWCONFIG}" ]; then + eval $(LANG=C grep -F "DEVICE=" $NEWCONFIG) + else + net_log $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring." + exit 1 + fi + if [ -n "${NEWCONFIG}" -a "${NEWCONFIG##*/}" != "${CONFIG##*/}" -a "${DEVICE}" = "${REALDEVICE}" ]; then + exec /sbin/ifdown ${NEWCONFIG} + else + net_log $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring." + exit 1 + fi + fi + fi +fi + +if is_bonding_device ${DEVICE} ; then + for device in $(LANG=C grep -l "^[[:space:]]*MASTER=['\"]\?${DEVICE}['\"]\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-*) ; do + is_ignored_file "$device" && continue + /sbin/ifdown ${device##*/} + done + for arg in $BONDING_OPTS ; do + key=${arg%%=*}; + [[ "${key}" != "arp_ip_target" ]] && continue + value=${arg##*=}; + if [ "${value:0:1}" != "" ]; then + OLDIFS=$IFS; + IFS=','; + for arp_ip in $value; do + if grep -q $arp_ip /sys/class/net/${DEVICE}/bonding/arp_ip_target; then + echo "-$arp_ip" > /sys/class/net/${DEVICE}/bonding/arp_ip_target + fi + done + IFS=$OLDIFS; + else + value=${value#+}; + if grep -q $value /sys/class/net/${DEVICE}/bonding/arp_ip_target; then + echo "-$value" > /sys/class/net/${DEVICE}/bonding/arp_ip_target + fi + fi + done +fi + +/etc/sysconfig/network-scripts/ifdown-ipv6 ${CONFIG} + +retcode=0 + +for VER in "" 6 ; do + if [ -f "/run/dhclient$VER-${DEVICE}.pid" ]; then + dhcpid=$(cat /run/dhclient$VER-${DEVICE}.pid) + generate_lease_file_name $VER + if is_true "$DHCPRELEASE"; then + /sbin/dhclient -r -lf ${LEASEFILE} -pf /run/dhclient$VER-${DEVICE}.pid ${DEVICE} >/dev/null 2>&1 + retcode=$? + else + kill $dhcpid >/dev/null 2>&1 + retcode=$? + reason=STOP$VER interface=${DEVICE} /sbin/dhclient-script + fi + if [ -f "/run/dhclient$VER-${DEVICE}.pid" ]; then + rm -f /run/dhclient$VER-${DEVICE}.pid + kill $dhcpid >/dev/null 2>&1 + fi + fi +done + +# we can't just delete the configured address because that address +# may have been changed in the config file since the device was +# brought up. Flush all addresses associated with this +# instance instead. +if [ -d "/sys/class/net/${REALDEVICE}" ]; then + LABEL= + if [ "${REALDEVICE}" != "${DEVICE}" ]; then + LABEL="label ${DEVICE}" + fi + if [ "${REALDEVICE}" = "lo" ]; then + TIMEOUT="" + [ -x /usr/bin/timeout ] && TIMEOUT="/usr/bin/timeout --signal=SIGQUIT 4" + $TIMEOUT ip addr flush dev ${REALDEVICE} ${LABEL} scope global 2>/dev/null + $TIMEOUT ip addr flush dev ${REALDEVICE} ${LABEL} scope host 2>/dev/null + else + ip addr flush dev ${REALDEVICE} ${LABEL} scope global 2>/dev/null + ip -4 addr flush dev ${REALDEVICE} ${LABEL} scope host 2>/dev/null + fi + + if [ "${SLAVE}" = "yes" -a -n "${MASTER}" ]; then + echo "-${DEVICE}" > /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null + fi + + if [ "${REALDEVICE}" = "${DEVICE}" ]; then + ip link set dev ${DEVICE} down 2>/dev/null + fi +fi +[ "$retcode" = "0" ] && retcode=$? + +if [ -n "${BRIDGE}" ] && [ -x /usr/sbin/brctl ]; then + /sbin/ip link set dev ${DEVICE} down + /usr/sbin/brctl delif -- ${BRIDGE} ${DEVICE} + # Upon removing a device from a bridge, + # it's necessary to make radvd reload its config + [ -r /run/radvd/radvd.pid ] && kill -HUP $(cat /run/radvd/radvd.pid) + if [ -d /sys/class/net/${BRIDGE}/brif ] && [ $(ls -1 /sys/class/net/${BRIDGE}/brif | wc -l) -eq 0 ]; then + /usr/sbin/brctl delbr -- ${BRIDGE} + fi +fi + +if [ "${TYPE}" = "Tap" ]; then + TUNMODE="mode tap" + [[ ${DEVICE} == tun* ]] && TUNMODE="mode tun" + ip tuntap del ${TUNMODE} dev ${DEVICE} >/dev/null +fi + +if [ -n "${TEAM_CONFIG}" ] && [ ! "${DEVICETYPE}" = "Team" ] && [ -x ./ifdown-Team ]; then + ./ifdown-Team ${CONFIG} $2 +fi + +# wait up to 5 seconds for device to actually come down... +waited=0 +while ! check_device_down ${DEVICE} && [ "$waited" -lt 50 ] ; do + sleep 0.01 + waited=$(($waited+1)) +done + +# don't leave an outdated key sitting around +if [ -n "${WIRELESS_ENC_KEY}" ] && [ -x /sbin/iwconfig ]; then + /sbin/iwconfig ${DEVICE} enc 0 >/dev/null 2>&1 +fi + +if [ "$retcode" = 0 ] ; then + /etc/sysconfig/network-scripts/ifdown-post $CONFIG + # do NOT use $? because ifdown should return whether or not + # the interface went down. +fi + +if [ -n "$VLAN" ]; then + # 802.1q VLAN + if [ -f /proc/net/vlan/${DEVICE} ]; then + ip link delete ${DEVICE} type vlan + fi +fi + +exit $retcode diff --git a/network-scripts/ifdown-ippp b/network-scripts/ifdown-ippp new file mode 100755 index 00000000..ed203997 --- /dev/null +++ b/network-scripts/ifdown-ippp @@ -0,0 +1,34 @@ +#! /bin/sh + +PATH=/sbin:/usr/sbin:/bin:/usr/bin + +# Get global network configuration +[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network + +CONFIG=$1 + +. ./$CONFIG + +# stopping ibod daemon for channel bundling +if [ -f /var/lock/subsys/ibod ] ; then + kill -9 $(pidof ibod) >/dev/null 2>&1 + rm -f /var/lock/subsys/ibod +fi + +# Shut down IPv6 +/etc/sysconfig/network-scripts/ifdown-ipv6 $CONFIG + +# shutdown isdn device +isdnctrl hangup $DEVICE >/dev/null 2>&1 +sleep 1 +ip link set dev $DEVICE down >/dev/null 2>&1 + +# delete isdn device +isdnctrl delif $DEVICE >/dev/null 2>&1 + +# kill ipppd daemon +if [ -f /run/ipppd.$DEVICE.pid ] ; then + pppdpid=$(cat /run/ipppd.$DEVICE.pid) + kill -9 $pppdpid > /dev/null 2>&1 + rm -f /run/ipppd.$DEVICE.pid > /dev/null 2>&1 +fi diff --git a/network-scripts/ifdown-ipv6 b/network-scripts/ifdown-ipv6 new file mode 100755 index 00000000..7ba3efdc --- /dev/null +++ b/network-scripts/ifdown-ipv6 @@ -0,0 +1,139 @@ +#!/bin/sh +# +# ifdown-ipv6 +# +# +# Taken from: +# (P) & (C) 2000-2004 by Peter Bieringer +# +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html +# +# RHL integration assistance by Pekka Savola +# +# Version 2005-09-22 +# +# Note: if called as (like normally) by /etc/sysconfig/network-scripts/ifdown +# exit codes aren't handled by "ifdown" +# +# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1: +# DEVICE= +# IPV6INIT=yes|no: controls IPv6 configuration for this interface +# +# Optional for 6to4 tunneling: +# IPV6TO4_RELAY=: IPv4 address of the remote 6to4 relay [default: 192.88.99.1] +# IPV6TO4_ROUTING="-/ ...": information to setup internal interfaces +# +# Optional for 6to4 tunneling links to trigger radvd: +# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering [optional] +# IPV6_RADVD_PIDFILE=: PID file of radvd for sending signals, default is "/run/radvd/radvd.pid" [optional] +# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd [optional, default is SIGHUP] +# +# Required version of radvd to use 6to4 prefix recalculation +# 0.6.2p3 or newer supporting option "Base6to4Interface" +# Required version of radvd to use dynamic ppp links +# 0.7.0 + fixes or newer +# + + +. /etc/sysconfig/network + +cd /etc/sysconfig/network-scripts +. ./network-functions + +CONFIG=$1 +[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG +source_config + +REALDEVICE=${DEVICE%%:*} +DEVICE=$REALDEVICE + +[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1 +. /etc/sysconfig/network-scripts/network-functions-ipv6 + + +# IPv6 test, no module loaded, exit if system is not IPv6-ready +ipv6_test testonly || exit 0 + +# Test device status +ipv6_test_device_status $DEVICE +if [ $? != 0 -a $? != 11 ]; then + # device doesn't exist or other problem occurs + exit 1 +fi + +if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + # Switch some sysctls to secure mode + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=0 >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=0 >/dev/null 2>&1 +fi +/sbin/ip link set $DEVICE addrgenmode eui64 >/dev/null 2>&1 + +# Test status of tun6to4 device +ipv6_test_device_status tun6to4 +if [ $? = 0 -o $? = 11 ]; then + # Device exists + valid6to4config="yes" + + if [ -z "$IPV6TO4_RELAY" ]; then + IPV6TO4_RELAY="192.88.99.1" + fi + + # Get IPv4 address from interface + if [ -n "$IPV6TO4_IPV4ADDR" ]; then + # Take special configured from config file (precedence 1) + ipv4addr="$IPV6TO4_IPV4ADDR" + + # Get IPv4 address from interface first + ipv4addrlocal="$(ipv6_get_ipv4addr_of_device $DEVICE)" + if [ -z "$ipv4addrlocal" ]; then + # Take configured from config file + ipv4addrlocal="$IPADDR" + fi + else + # Get IPv4 address from interface first (has precedence 2) + ipv4addr="$(ipv6_get_ipv4addr_of_device $DEVICE)" + if [ -z "$ipv4addr" ]; then + # Take configured from config file (precedence 3) + ipv4addr="$IPADDR" + fi + ipv4addrlocal="$ipv4addr" + fi + + # Get local IPv4 address of dedicated tunnel + ipv4addr6to4local="$(ipv6_get_ipv4addr_of_tunnel tun6to4 local)" + + if [ -z "$ipv4addrlocal" -o -z "$ipv4addr6to4local" ]; then + # no IPv4 addresses given, 6to4 sure not configured + valid6to4config="no" + else + # Check against configured 6to4 tunnel to see if this interface was + # used before + if [ "$ipv4addrlocal" != "$ipv4addr6to4local" ]; then + # IPv4 address of interface does't match local tunnel address, + # interface was not used for current 6to4 setup + valid6to4config="no" + fi + fi +fi + +# Shutdown of 6to4, if configured +if [ "$valid6to4config" = "yes" ]; then + if [ -n "$IPV6TO4_ROUTING" ]; then + # Delete routes to local networks + for devsuf in $IPV6TO4_ROUTING; do + dev="${devsuf%%-*}" + ipv6_cleanup_6to4_device $dev + done + fi + + # Delete all configured 6to4 address + ipv6_cleanup_6to4_tunnels tun6to4 + + # Control running radvd + ipv6_trigger_radvd down "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE +fi + +# Delete all current configured IPv6 addresses on this interface +ipv6_cleanup_device $DEVICE diff --git a/network-scripts/ifdown-post b/network-scripts/ifdown-post new file mode 100755 index 00000000..9db16ad3 --- /dev/null +++ b/network-scripts/ifdown-post @@ -0,0 +1,72 @@ +#!/bin/sh +# This should be called whenever an interface goes down, not just when +# it is brought down explicitly. + +cd /etc/sysconfig/network-scripts +. ./network-functions + +unset REALDEVICE +if [ "$1" = --realdevice ] ; then + REALDEVICE=$2 + shift 2 +fi + +CONFIG=$1 +source_config + +[ -z "$REALDEVICE" ] && REALDEVICE=$DEVICE + +/etc/sysconfig/network-scripts/ifdown-routes ${REALDEVICE} ${DEVNAME} + +# Remove duplicate DNS entries and shift them, +# to have always correct condition below... +update_DNS_entries + +if ! is_false "${PEERDNS}" || is_true "${RESOLV_MODS}" && \ + [ "${DEVICETYPE}" = "ppp" -o "${DEVICETYPE}" = "ippp" -o -n "${DNS1}" \ + -o "${BOOTPROTO}" = "bootp" -o "${BOOTPROTO}" = "dhcp" ] ; then + if [ -f /etc/resolv.conf.save ]; then + change_resolv_conf /etc/resolv.conf.save + rm -f /etc/resolv.conf.save + fi + if [ "${DEVICETYPE}" = "ppp" -o "${DEVICETYPE}" = "ippp" ]; then + if [ -f /etc/ppp/peers/$DEVICE ] ; then + rm -f /etc/ppp/peers/$DEVICE + fi + fi +fi + +# Reset the default route if this interface had a special one +if ! check_default_route ; then + # ISDN device needs special handling dial on demand + if [ "${DEVICETYPE}" = "ippp" -o "${DEVICETYPE}" = "isdn" ] && \ + [ "$DIALMODE" = "auto" ] ; then + if [ -z "$GATEWAY" ] ; then + /sbin/ip route add default ${METRIC:+metric} \ + ${WINDOW:+window $WINDOW} dev ${DEVICE} + else + /sbin/ip route add default ${METRIC:+metric} \ + ${WINDOW:+window $WINDOW} via ${GATEWAY} + fi + else + add_default_route ${DEVICE} + fi +fi + +# Reset firewall ZONE to "default": +if [ "${REALDEVICE}" != "lo" ]; then + dbus-send --system --dest=org.fedoraproject.FirewallD1 \ + /org/fedoraproject/FirewallD1 \ + org.fedoraproject.FirewallD1.zone.removeInterface \ + string: "" string:"${DEVICE}" \ + > /dev/null 2>&1 +fi + +# Notify programs that have requested notification +do_netreport + +if [ -x /sbin/ifdown-local ]; then + /sbin/ifdown-local ${DEVICE} +fi + +exit 0 diff --git a/network-scripts/ifdown-routes b/network-scripts/ifdown-routes new file mode 100755 index 00000000..1d1549dc --- /dev/null +++ b/network-scripts/ifdown-routes @@ -0,0 +1,33 @@ +#! /bin/bash +# +# Drops static routes which go through device $1 + +if [ -z "$1" ]; then + echo $"usage: ifdown-routes []" + exit 1 +fi + +# The routes are actually dropped just by setting the link down, so nothing +# needs to be done + +MATCH='^[[:space:]]*(\#.*)?$' + +# Routing rules +FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1" +if [ -n "$2" -a "$2" != "$1" ]; then + FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2" +fi + +for file in $FILES; do + if [ -f "$file" ]; then + proto= + if [ "$file" != "${file##*/rule6-}" ]; then + proto="-6" + fi + { cat "$file" ; echo ; } | while read line; do + if [[ ! "$line" =~ $MATCH ]]; then + /sbin/ip $proto rule del $line + fi + done + fi +done diff --git a/network-scripts/ifdown-sit b/network-scripts/ifdown-sit new file mode 100755 index 00000000..4a9335a5 --- /dev/null +++ b/network-scripts/ifdown-sit @@ -0,0 +1,58 @@ +#!/bin/bash +# +# ifdown-sit +# +# +# Taken from: +# (P) & (C) 2000-2003 by Peter Bieringer +# +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html +# +# RHL integration assistance by Pekka Savola +# +# Version 2002-11-01 +# +# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1: +# DEVICE= +# + + +. /etc/sysconfig/network + +cd /etc/sysconfig/network-scripts +. ./network-functions + +CONFIG=$1 +[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG +source_config + +# IPv6 don't need aliases anymore, config is skipped +REALDEVICE=${DEVICE%%:*} +[ "$DEVICE" != "$REALDEVICE" ] && exit 0 + +[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1 +. /etc/sysconfig/network-scripts/network-functions-ipv6 + + +# Generic tunnel device sit0 is not supported here +if [ "$DEVICE" = "sit0" ]; then + net_log $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking" + exit 1 +fi + +# IPv6 test, no module loaded, exit if system is not IPv6-ready +ipv6_test testonly || exit 0 + +# Test device status +ipv6_test_device_status $DEVICE +if [ $? != 0 -a $? != 11 ]; then + # device doesn't exist or other problem occurs + exit 0 +fi + +# Cleanup additional static routes +/etc/sysconfig/network-scripts/ifdown-routes ${REALDEVICE} + +# Cleanup and shut down IPv6-in-IPv4 tunnel device +ipv6_del_tunnel_device $DEVICE diff --git a/network-scripts/ifdown-tunnel b/network-scripts/ifdown-tunnel new file mode 100755 index 00000000..a5384b18 --- /dev/null +++ b/network-scripts/ifdown-tunnel @@ -0,0 +1,45 @@ +#!/bin/bash +# Copyright (C) 1996-2006 Red Hat, Inc. all rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License, version 2, +# as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +# Thanks to: +# - Razvan Corneliu C.R. Vilt +# - Aaron Hope +# - Sean Millichamp +# for providing the scripts this one is based on + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +CONFIG=$1 +need_config "$CONFIG" +source_config + +# Generic tunnel devices are not supported here +if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 -o "$DEVICE" = ip6tnl0 ]; then + net_log $"Device '$DEVICE' isn't supported as a valid GRE device name." + exit 1 +fi + +check_device_down "$DEVICE" && exit 0 + +/sbin/ip link set dev "$DEVICE" down +/sbin/ip tunnel del "$DEVICE" + +exec /etc/sysconfig/network-scripts/ifdown-post "$CONFIG" diff --git a/network-scripts/ifup b/network-scripts/ifup new file mode 100755 index 00000000..d25db5af --- /dev/null +++ b/network-scripts/ifup @@ -0,0 +1,164 @@ +#!/bin/bash +# Network Interface Configuration System +# Copyright (c) 1996-2009 Red Hat, Inc. all rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License, version 2, +# as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +unset WINDOW # defined by screen, conflicts with our usage + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +CONFIG=${1} + +[ -z "${CONFIG}" ] && { + echo $"Usage: ifup " >&2 + exit 1 +} + +need_config "${CONFIG}" + +[ -f "${CONFIG}" ] || { + echo $"$0: configuration for ${1} not found." >&2 + echo $"Usage: ifup " >&2 + exit 1 +} + +if [ ${UID} != 0 ]; then + if [ -x /usr/sbin/usernetctl ]; then + source_config + if /usr/sbin/usernetctl ${CONFIG} report ; then + exec /usr/sbin/usernetctl ${CONFIG} up + fi + fi + echo $"Users cannot control this device." >&2 + exit 1 +fi + +source_config + +if [ "foo$2" = "fooboot" ] && [ "${ONBOOT}" = "no" -o "${ONBOOT}" = "NO" ] +then + exit 0 +fi +if [ -n "$IN_HOTPLUG" ] && [ "${HOTPLUG}" = "no" -o "${HOTPLUG}" = "NO" ] +then + exit 0 +fi +if [ -n "$IN_HOTPLUG" -a "${TYPE}" = "Bridge" ]; +then + exit 0 +fi + +if [ "$_use_nm" = "true" -a -n "$UUID" -a "$REALDEVICE" != "lo" ]; then + if [ "foo$2" = "fooboot" ] && [ "${TYPE}" = "Wireless" ]; then + exit 0 + fi + [ -n "${DEVICE}" ] && is_nm_handling ${DEVICE} && exit 0 + nmcli con up uuid "$UUID" + exit $? +fi + +# Ethernet 802.1Q VLAN support +if [ "${VLAN}" = "yes" ] && [ "$ISALIAS" = "no" ] && [ -n "$DEVICE" ]; then + if [ -n "${VID}" ]; then + if test -z "$PHYSDEV"; then + net_log $"PHYSDEV should be set for device ${DEVICE}" + exit 1 + fi + else + VID="" + MATCH='^.+\.[0-9]{1,4}$' + if [[ "${DEVICE}" =~ $MATCH ]]; then + VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^.*\.\([0-9]\+\)/\1/') + PHYSDEV=${DEVICE%.*} + fi + MATCH='^vlan[0-9]{1,4}?' + if [[ "${DEVICE}" =~ $MATCH ]]; then + VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^vlan0*//') + # PHYSDEV should be set in ifcfg-vlan* file + if test -z "$PHYSDEV"; then + net_log $"PHYSDEV should be set for device ${DEVICE}" + exit 1 + fi + fi + fi + if [ -n "$VID" ]; then + if [ ! -d /proc/net/vlan ]; then + if ! modprobe 8021q >/dev/null 2>&1 ; then + net_log $"No 802.1Q VLAN support available in kernel for device ${DEVICE}" + exit 1 + fi + fi + + is_available_wait ${PHYSDEV} ${DEVTIMEOUT} || { + if [ "$?" = "1" ] ; then + net_log $"$alias device ${DEVICE} does not seem to be present, delaying initialization." + exit 1 + else + exit 0 + fi + } + + # Link on Physical device needs to be up but no ip required + check_device_down ${PHYSDEV} && { ip -o link set dev ${PHYSDEV} up; } + + if [ ! -f /proc/net/vlan/${DEVICE} ]; then + if [ "${REORDER_HDR}" = "no" -o "${REORDER_HDR}" = "0" ]; then + FLAG_REORDER_HDR="reorder_hdr off" + fi + + if [ "${GVRP}" = "yes" -o "${GVRP}" = "1" ]; then + FLAG_GVRP="gvrp on" + fi + + ip link add dev ${DEVICE} link ${PHYSDEV} type vlan id ${VID} ${FLAG_REORDER_HDR} ${FLAG_GVRP} || { + (/usr/bin/logger -p daemon.info -t ifup \ + $"ERROR: could not add vlan ${VID} as ${DEVICE} on dev ${PHYSDEV}" &) & + net_log $"ERROR: could not add vlan ${VID} as ${DEVICE} on dev ${PHYSDEV}" + exit 1 + } + + [ -n "${VLAN_EGRESS_PRIORITY_MAP}" ] && ip link set ${DEVICE} type vlan egress ${VLAN_EGRESS_PRIORITY_MAP} + fi + fi + + /usr/lib/systemd/systemd-sysctl \ + --prefix "/proc/sys/net/ipv4/conf/${DEVICE}" \ + --prefix "/proc/sys/net/ipv6/conf/${DEVICE}" +fi + +if [ "${BOOTPROTO}" = "bootp" -o "${BOOTPROTO}" = "dhcp" ]; then + DYNCONFIG=true +fi + +if [ -x /sbin/ifup-pre-local ]; then + /sbin/ifup-pre-local ${CONFIG} $2 +fi + +OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-${DEVICETYPE}" + +if [ ! -x ${OTHERSCRIPT} ]; then + OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-${TYPE}" +fi + +if [ ! -x ${OTHERSCRIPT} ]; then + OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-eth" +fi + +exec ${OTHERSCRIPT} ${CONFIG} $2 diff --git a/network-scripts/ifup-aliases b/network-scripts/ifup-aliases new file mode 100755 index 00000000..52d43ea8 --- /dev/null +++ b/network-scripts/ifup-aliases @@ -0,0 +1,381 @@ +#!/bin/bash + +# +# configures aliases of device $1 +# +# This script goes out of its way to arrive at the configuration of ip +# aliases described in the ifcfg-$DEV:* and ifcfg-$DEV-range* files from +# whatever existing configuration it may be given: existing aliases not +# specified in the configuration will be removed, netmasks and broadcast +# addrs will be updated on existing aliases, and new aliases will be setup. +# +# range specification files: +# +# One can specify ranges of alised ipaddress using ifcfg-$DEV-range* files. +# Specify multiple ranges using multiple files, such as ifcfg-eth0-range0 and +# ifcfg-eth0-range1, etc. In these files, the following configuration variables +# specify the range: +# +# IPADDR_START -- ipaddr to start range at. eg "192.168.30.1" +# IPADDR_END -- ipaddr to end range at. eg "192.168.30.254" +# CLONENUM_START -- interface clone number to start using for this range. eg "0" +# +# The above example values create the interfaces eth0:0 through eth0:253 using +# ipaddrs 192.168.30.1 through 192.168.30.254, inclusive. +# +# Other configuration variables such as NETMASK and BROADCAST may be specified +# in the range file and will apply to all of the ipaddresses in the range. Range +# files also inherit configuration from the ifcfg-$DEV file just like normal. +# +# Note that IPADDR_START and IPADR_END are required to be in the same class-c +# block. I.e. IPADDR_START=192.168.30.1 and IPADDR_END=192.168.31.255 is +# not valid. +# +# speed with large sets of interfaces: +# +# Considerable effort was spent making this script fast. It can efficiently +# handle a thousand ip aliases on one interface. +# +# With large sets of ipaddresses the NO_ALIASROUTING=yes configuration is +# highly recommended. (This can be specified in ifcfg-$DEV and inherited.) This +# prevents this script from setting up routing details for the virtual +# interfaces, which I don't think is needed, because outgoing traffic can use the +# main interface. However, make your own conclusions on what you need. +# +# My test setup of four class C address blocks on a P166 took 25 seconds of +# which 16 seconds of this was spent in the ifcconfig calls. Without the +# NO_ALIASROUTING=yes config an additional 12 seconds is spent in route calls. +# +# notes on internals: +# +# This script uses the bash "eval" command to lookup shell variables with names +# which are generated from other shell variables. This allows us to, in effect, +# create hashes using the shell variable namesspace by just including the hash +# key in the name of the variable. +# +# This script originally written by: David Harris +# Principal Engineer, DRH Internet +# June 30, 1999 +# +# modified by: Bill Nottingham + +TEXTDOMAIN=initscripts +TEXTDOMAINDIR=/etc/locale + +device=$1 +if [ "$device" = "" ]; then + echo $"usage: ifup-aliases []\n" + exit 1 +fi + +PARENTCONFIG=${2:-ifcfg-$device} +parent_device=$device + +cd /etc/sysconfig/network-scripts +. ./network-functions + +# Grab the current configuration of any running aliases, place device info +# into variables of the form: +# rdev__addr = +# rdev__pb = _ +# rdevip_ = +# Example: +# rdev_0_addr=192.168.1.1 +# rdev_0_pb=24_192.16.1.255 +# rdevip_192_168_1_1=0 +# +# A list of all the devices is created in rdev_LIST. + +eval $( ip addr show $device label $device:* | \ + awk 'BEGIN { COUNT=0;LAST_DEV="" } /inet / { + # Split IP address into address/prefix + split($2,IPADDR,"/"); + # Create A_B_C_D IP address form + IP_ADDR=IPADDR[1]; + gsub(/\./,"_",IP_ADDR); + # Split device into device:index + split($NF,DEV,":"); + # Update last device + LAST_DEV=LAST_DEV " " DEV[2]; + printf("rdev_%s_addr=%s\nrdevip_%s=%s\nrdev_%s_pb=%s_%s\nrdev_LIST=\"%s\"\n", + DEV[2],IPADDR[1],IP_ADDR,DEV[2],DEV[2],IPADDR[2],$4,LAST_DEV); + } END { + if(LAST_DEV == "") print "no_devices_are_up=yes" + }' ); + +# +# Store configuration of the parent device and network +# + +# read from the /etc/sysconfig/network +eval ` ( + . /etc/sysconfig/network; + echo network_GATEWAY=$GATEWAY\;; + echo network_GATEWAYDEV=$GATEWAYDEV\;; +) ` + +# read defaults from the parent config file +[ -f $PARENTCONFIG ] || { + net_log $"Missing config file $PARENTCONFIG." + exit 1 +} +eval ` ( + . ./$PARENTCONFIG; + echo default_PREFIX=$PREFIX\;; + echo default_NETMASK=$NETMASK\;; + echo default_BROADCAST=$BROADCAST\;; + echo default_GATEWAY=$GATEWAY\;; + echo default_NO_ALIASROUTING=$NO_ALIASROUTING\;; + echo default_ARPCHECK=$ARPCHECK\;; + echo default_ARPUPDATE=$ARPUPDATE\;; +) ` +[ -z "$default_GATEWAY" ] && default_GATEWAY=$network_GATEWAY + +function ini_env () +{ + DEVICE="" + IPADDR="" + IPV6ADDR="" + PREFIX=$default_PREFIX + NETMASK=$default_NETMASK + BROADCAST=$default_BROADCAST + GATEWAY=$default_GATEWAY + NO_ALIASROUTING=$default_NO_ALIASROUTING + ONPARENT="" + ARPCHECK=$default_ARPCHECK + ARPUPDATE=$default_ARPUPDATE +} + +function is_default_gateway () +{ + LC_ALL=C /sbin/ip route ls default scope global \ + | awk '$3 == "'"$1"'" { found = 1; } END { exit found == 0; }' +} + +# +# Read the alias configuration files and enable each aliased +# device using new_interface() +# + +function new_interface () +{ + + ipa=$IPADDR; ipb=${ipa#*.}; ipc=${ipb#*.}; + IPGLOP="${ipa%%.*}_${ipb%%.*}_${ipc%%.*}_${ipc#*.}"; + DEVNUM=${DEVICE#*:} + + MATCH='^[0-9A-Za-z_]*$' + if (LC_ALL=C; [[ ! "$DEVNUM" =~ $MATCH ]]); then + net_log $"error in $FILE: invalid alias number" + return 1 + fi + + eval " + ipseen=\$ipseen_${IPGLOP}; devseen=\$devseen_${DEVNUM}; + ipseen_${IPGLOP}=$FILE; devseen_${DEVNUM}=$FILE; + "; + + if [ -n "$ipseen" ]; then + net_log $"error in $FILE: already seen ipaddr $IPADDR in $ipseen" + return 1 + fi + + if [ -n "$devseen" ]; then + net_log $"error in $FILE: already seen device $parent_device:$DEVNUM in $devseen" + return 1 + fi + + if [ -z "$DEVICE" -o -z "$IPADDR" ]; then + if [ -n "$IPV6ADDR" -a -n "$DEVICE" ] && ! is_false "$IPV6INIT"; then + /etc/sysconfig/network-scripts/ifup-ipv6 ${DEVICE} + return $? + fi + net_log $"error in $FILE: didn't specify device or ipaddr" + return 1 + fi + + if [ -z "$NETMASK" -a -z "$PREFIX" ]; then + net_log $"error iN $FILE: didn't specify netmask or prefix" + fi + + if [ -z "$PREFIX" ]; then + eval $(/bin/ipcalc --prefix ${IPADDR} ${NETMASK}) + fi + + if [ -z "$BROADCAST" -o "$BROADCAST" = "$default_BROADCAST" ]; then + eval $(/bin/ipcalc --broadcast ${IPADDR}/${PREFIX}) + fi + + if [ "$no_devices_are_up" = "yes" ]; then + setup_this=yes + else + + setup_this="" + + eval " + rdev_addr=\$rdev_${DEVNUM}_addr; + rdev_pb=\$rdev_${DEVNUM}_pb; + rdev_mark=\$rdev_${DEVNUM}_mark; + rdevip=\$rdevip_${IPGLOP}; + "; + + if [ -n "$rdev_addr" ]; then + if [ "$rdev_addr" = "${IPADDR}" ]; then + newmark=keep + if [ "$rdev_pb" != "${PREFIX}_${BROADCAST}" ]; then + setup_this=freshen + else + setup_this=no + fi + else + if [ "$rdev_mark" != "remove" ]; then + /sbin/ip addr flush dev $parent_device label $parent_device:${DEVNUM} + do_netreport=yes + fi + newmark=remove + setup_this=yes + fi + if [ -n "$rdev_mark" -a "$rdev_mark" != "$newmark" ]; then + net_log $"error in ifcfg-${parent_device}: files" + return 1 + fi + eval " rdev_${DEVNUM}_mark=\$newmark "; + else + setup_this=yes + fi + + if [ -n "$rdevip" -a "$rdevip" != "${DEVNUM}" ]; then + eval " mark_remove=\$rdev_${rdevip}_mark "; + if [ -n "$mark_remove" -a "$mark_remove" != "remove" ]; then + net_log $"error in ifcfg-${parent_device}: files" + return 1 + fi + if [ "$mark_remove" != "remove" ]; then + eval " rdev_${rdevip}_mark=remove "; + /sbin/ip addr flush dev $parent_device label $parent_device:$rdevip + do_netreport=yes + fi + fi + + fi + + if [ "$setup_this" = "freshen" ] ; then + # we can do the freshen stuff right now + /sbin/ip addr change ${IPADDR}/${PREFIX} brd ${BROADCAST} + fi + + if [ "$setup_this" = "yes" ] ; then + if [ "${parent_device}" != "lo" ] && [ "${ARPCHECK}" != "no" ] && \ + is_available ${parent_device} && \ + ( grep -qswi "up" /sys/class/net/${parent_device}/operstate || grep -qswi "1" /sys/class/net/${parent_device}/carrier ) ; then + echo $"Determining if ip address ${IPADDR} is already in use for device ${parent_device}..." + ARPING=$(/sbin/arping -c 2 -w ${ARPING_WAIT:-3} -D -I ${parent_device} ${IPADDR}) + if [ $? = 1 ]; then + ARPINGMAC=$(echo $ARPING | sed -ne 's/.*\[\(.*\)\].*/\1/p') + net_log $"Error, some other host ($ARPINGMAC) already uses address ${IPADDR}." + return 1 + fi + fi + + /sbin/ip addr add ${IPADDR}/${PREFIX} brd ${BROADCAST} \ + dev ${parent_device} label ${DEVICE} + + # update ARP cache of neighboring computers: + if ! is_false "${ARPUPDATE}" && [ "${REALDEVICE}" != "lo" ]; then + /sbin/arping -q -A -c 1 -I ${parent_device} ${IPADDR} + ( sleep 2; /sbin/arping -q -U -c 1 -I ${parent_device} ${IPADDR} ) > /dev/null 2>&1 < /dev/null & + fi + + ! is_false "$IPV6INIT" && \ + /etc/sysconfig/network-scripts/ifup-ipv6 ${DEVICE} + + if [ "$NO_ALIASROUTING" != yes ]; then + + GATEWAYDEV=$network_GATEWAYDEV; + + if [ -n "${GATEWAY}" -a \ + \( -z "${GATEWAYDEV}" -o "${GATEWAYDEV}" = "${DEVICE}" \) ]; then + # set up default gateway, if it isn't already there + if ! is_default_gateway "$GATEWAY"; then + ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY} dev ${DEVICE} + fi + fi + + /etc/sysconfig/network-scripts/ifup-routes ${DEVICE} ${NAME} + + do_netreport=yes + ifuplocal_queue="$ifuplocal_queue $DEVICE" + fi + fi +} + +if [ "$BASH_VERSINFO" ]; then + shopt -s nullglob +else + allow_null_glob_expansion=foo +fi + +for FILE in ifcfg-${parent_device}:* ; do + is_ignored_file "$FILE" && continue + ini_env + . ./$FILE + [ -z "$DEVICE" ] && DEVICE=${FILE##ifcfg-} + [ "$ONPARENT" != "no" -a "$ONPARENT" != "NO" ] && new_interface + unset DEVICE +done + +for FILE in ifcfg-${parent_device}-range* ; do + is_ignored_file "$FILE" && continue + ini_env + . ./$FILE + + ipaddr_prefix=${IPADDR_START%.*} + ipaddr_startnum=${IPADDR_START##*.} + ipaddr_endnum=${IPADDR_END##*.} + + if [ "${IPADDR_START%.*}" != "${IPADDR_END%.*}" ]; then + net_log $"error in $FILE: IPADDR_START and IPADDR_END don't agree" + continue + fi + + if [ $ipaddr_startnum -gt $ipaddr_endnum ]; then + net_log $"error in $FILE: IPADDR_START greater than IPADDR_END" + continue + fi + + ipaddr_num=$ipaddr_startnum + ipaddr_clonenum=$CLONENUM_START + + while [ $ipaddr_num -le $ipaddr_endnum ]; do + IPADDR="$ipaddr_prefix.$ipaddr_num" + DEVICE="$parent_device:$ipaddr_clonenum" + IPV6INIT="no" + [ "$ONPARENT" != "no" -a "$ONPARENT" != "NO" ] && new_interface + ipaddr_num=$(($ipaddr_num+1)) + ipaddr_clonenum=$(($ipaddr_clonenum+1)) + done +done + +# +# Remove any devices that should not be around +# +for DEVNUM in $rdev_LIST ; do + eval " rdev_mark=\$rdev_${DEVNUM}_mark " + if [ -z "$rdev_mark" ]; then + /sbin/ip addr flush dev $parent_device label $parent_device:${DEVNUM} + do_netreport=yes + fi +done +# +# Notify of new device creation +# + +if [ -n "$do_netreport" ]; then + do_netreport +fi + +if [ -x /sbin/ifup-local ]; then + for DEVICE in $ifuplocal_queue ; do + /sbin/ifup-local ${DEVICE} + done +fi diff --git a/network-scripts/ifup-bnep b/network-scripts/ifup-bnep new file mode 100755 index 00000000..019e741b --- /dev/null +++ b/network-scripts/ifup-bnep @@ -0,0 +1,55 @@ +#! /bin/bash + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +CONFIG=${1} + +source_config + +# On hotplug events, just bring the virtual device up as if it's normal Ethernet +if [ -n "$IN_HOTPLUG" ]; then + exec sh -x /etc/sysconfig/network-scripts/ifup-eth ${CONFIG} $2 +fi + +start_panu() +{ + PANDARGS="--persist --pidfile=/run/pand-${DEVICE}.pid --ethernet=${DEVICE} --autozap" + [ "${CACHE}" != "no" -a "${CACHE}" != "NO" ] && PANDARGS="${PANDARGS} --cache" + if [ "${REMOTEBDADDR}" = "" ]; then + PANDARGS="${PANDARGS} --search" + else + PANDARGS="${PANDARGS} --connect ${REMOTEBDADDR}" + fi + /usr/bin/pand ${PANDARGS} +} + +start_nap() +{ + : +} + +start_gn() +{ + : +} + +case "$ROLE" in +PANU) + start_panu + ;; +NAP) + start_nap + ;; +GN) + start_gn + ;; +*) + echo Unknown BNEP mode :$ROLE + ;; +esac + diff --git a/network-scripts/ifup-ctc b/network-scripts/ifup-ctc new file mode 100755 index 00000000..83f754a0 --- /dev/null +++ b/network-scripts/ifup-ctc @@ -0,0 +1,52 @@ +#!/bin/bash +# +# /etc/sysconfig/network-scripts/ifup-ctc +# +# the ctc network driver is a point-to-point driver on S/390 machines +# +# To get the ctc module to load automatically at boot, you will need to +# add the following line to /etc/modprobe.conf: +# +# alias ctc0 ctc +# + +cd /etc/sysconfig/network-scripts +. ./network-functions + +. /etc/sysconfig/network + +CONFIG=$1 +[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG +source_config + +if [ "$2" = "boot" -a "${ONBOOT}" = "no" ] ; then + exit +fi +[ -n "${MTU}" ] && ip link set dev ${DEVICE} mtu ${MTU} + +[ -z "$PREFIX" ] && eval $(/bin/ipcalc --prefix ${IPADDR} ${NETMASK}) +ip addr add ${IPADDR} peer ${GATEWAY}/${PREFIX} dev ${DEVICE} +ip link set up dev ${DEVICE} +# Wait for the device to come up - the chandev'ified ctc driver can take +# quite a while... +timeout=0 +while ! ping -w 30 -c 1 ${GATEWAY} &>/dev/null; do + timeout=$(($timeout + 1)) + if [ $timeout = 20 ]; then + net_log $"ERROR: ${DEVICE} did not come up!" + break + fi +done + +if [ "${NETWORK}" != "" ] ; then + ip route add to ${GATEWAY} metric 1 dev ${DEVICE} +fi + +if [ "${GATEWAY}" != "" ]; then + if [ "${GATEWAYDEV}" = "" -o "${GATEWAYDEV}" = "${DEVICE}" ]; then + # set up default gateway + ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY} + fi +fi + +/etc/sysconfig/network-scripts/ifup-post $1 diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth new file mode 100755 index 00000000..a0988edb --- /dev/null +++ b/network-scripts/ifup-eth @@ -0,0 +1,372 @@ +#!/bin/bash +# Network Interface Configuration System +# Copyright (c) 1996-2014 Red Hat, Inc. all rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License, version 2, +# as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +CONFIG=${1} + +need_config "${CONFIG}" + +source_config + +if [ "${BOOTPROTO}" = "bootp" -o "${BOOTPROTO}" = "dhcp" ]; then + DYNCONFIG=true +fi + +# load the module associated with that device +# /sbin/modprobe ${REALDEVICE} +is_available ${REALDEVICE} + +# bail out, if the MAC does not fit +if [ -n "${HWADDR}" ]; then + FOUNDMACADDR=$(get_hwaddr ${REALDEVICE}) + if [ "${FOUNDMACADDR}" != "${HWADDR}" -a "${FOUNDMACADDR}" != "${MACADDR}" ]; then + net_log $"Device ${DEVICE} has different MAC address than expected, ignoring." + exit 1 + fi +fi + +# If the device is a bridge, create it with brctl, if available. +if [ "${TYPE}" = "Bridge" ]; then + if [ ! -x /usr/sbin/brctl ]; then + net_log $"Bridge support not available: brctl not found" + exit 1 + fi + + if [ ! -d /sys/class/net/${DEVICE}/bridge ]; then + /usr/sbin/brctl addbr -- ${DEVICE} || exit 1 + fi + + [ -n "${DELAY}" ] && /usr/sbin/brctl setfd -- ${DEVICE} ${DELAY} + [ -n "${STP}" ] && /usr/sbin/brctl stp -- ${DEVICE} ${STP} + [ -n "${PRIO}" ] && /usr/sbin/brctl setbridgeprio ${DEVICE} ${PRIO} + [ -n "${AGEING}" ] && /usr/sbin/brctl setageing ${DEVICE} ${AGEING} + + # add the bits to setup driver parameters here + for arg in $BRIDGING_OPTS ; do + key=${arg%%=*}; + value=${arg##*=}; + if [ "${key}" != "multicast_router" -a "${key}" != "hash_max" -a "${key}" != "multicast_snooping" ]; then + echo $value > /sys/class/net/${DEVICE}/bridge/$key + fi + done + + # set LINKDELAY (used as timeout when calling check_link_down()) + # to at least (${DELAY} * 2) + 7 if STP is enabled. This is the + # minimum time required for /sys/class/net/$REALDEVICE/carrier to + # become 1 after "ip link set dev $DEVICE up" is called. + if is_true "${STP}"; then + if [ -n "${DELAY}" ]; then + forward_delay="${DELAY}" + else + # If the ${DELAY} value is not set by the user, then we need to obtain + # the forward_delay value from kernel first, and convert it to seconds. + # Otherwise STP might not correctly complete the startup before trying + # to obtain an IP address from DHCP. + forward_delay="$(cat /sys/devices/virtual/net/${DEVICE}/bridge/forward_delay)" + forward_delay="$(convert2sec ${forward_delay} centi)" + fi + + forward_delay=$(expr ${forward_delay} \* 2 + 7) + + [ 0$LINKDELAY -lt $forward_delay ] && LINKDELAY=$forward_delay + + unset forward_delay + fi +fi + +# Create tap device. +if [ "${TYPE}" = "Tap" ]; then + [ -n "${OWNER}" ] && OWNER="user ${OWNER}" + TUNMODE="mode tap" + [[ ${DEVICE} == tun* ]] && TUNMODE="mode tun" + ip tuntap add ${TUNMODE} ${OWNER} dev ${DEVICE} > /dev/null +fi + +# Team master initialization. +if [ -n "${TEAM_CONFIG}" ] && [ ! "${DEVICETYPE}" = "Team" ] && [ -x ./ifup-Team ]; then + ./ifup-Team ${CONFIG} $2 +fi + +# now check the real state +is_available_wait ${REALDEVICE} ${DEVTIMEOUT} || { + if [ -n "$alias" ]; then + net_log $"$alias device ${DEVICE} does not seem to be present, delaying initialization." + else + net_log $"Device ${DEVICE} does not seem to be present, delaying initialization." + fi + exit 1 +} + + +# this isn't the same as the MAC in the configuration filename. It is +# available as a configuration option in the config file, forcing the kernel +# to think an ethernet card has a different MAC address than it really has. +if [ -n "${MACADDR}" ]; then + ip link set dev ${DEVICE} address ${MACADDR} +fi +if [ -n "${MTU}" ]; then + ip link set dev ${DEVICE} mtu ${MTU} +fi + +# is the device wireless? If so, configure wireless device specifics +is_wireless_device ${DEVICE} && . ./ifup-wireless + +# Team slave device? +if [ -n "${TEAM_MASTER}" ] && [ ! "${DEVICETYPE}" = "TeamPort" ] && [ -x ./ifup-TeamPort ]; then + ./ifup-TeamPort ${CONFIG} $2 + ethtool_set + exit 0 +fi + +# slave device? +if [ "${SLAVE}" = yes -a "${ISALIAS}" = no -a "${MASTER}" != "" ]; then + install_bonding_driver ${MASTER} + grep -wq "${DEVICE}" /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null || { + /sbin/ip link set dev ${DEVICE} down + echo "+${DEVICE}" > /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null + } + ethtool_set + + exit 0 +fi + +# Bonding initialization. For DHCP, we need to enslave the devices early, +# so it can actually get an IP. +if [ "$ISALIAS" = no ] && is_bonding_device ${DEVICE} ; then + install_bonding_driver ${DEVICE} + /sbin/ip link set dev ${DEVICE} up + for device in $(LANG=C grep -l "^[[:space:]]*MASTER=['\"]\?${DEVICE}['\"]\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-*) ; do + is_ignored_file "$device" && continue + /sbin/ifup ${device##*/} || net_log "Unable to start slave device ${device##*/} for master ${DEVICE}." warning + done + + [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} + + # add the bits to setup the needed post enslavement parameters + for arg in $BONDING_OPTS ; do + key=${arg%%=*}; + value=${arg##*=}; + if [ "${key}" = "primary" ]; then + echo $value > /sys/class/net/${DEVICE}/bonding/$key + fi + done +fi + +# If the device is part of a bridge, add the device to the bridge +if [ -n "${BRIDGE}" ] && [ -x /usr/sbin/brctl ]; then + if [ ! -d /sys/class/net/${BRIDGE}/bridge ]; then + /usr/sbin/brctl addbr -- ${BRIDGE} 2>/dev/null + fi + /sbin/ip addr flush dev ${DEVICE} 2>/dev/null + /sbin/ip link set dev ${DEVICE} up + ethtool_set + [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} + /usr/sbin/brctl addif -- ${BRIDGE} ${DEVICE} + # add the bits to setup driver parameters here + for arg in $BRIDGING_OPTS ; do + key=${arg%%=*}; + value=${arg##*=}; + echo $value > /sys/class/net/${DEVICE}/brport/$key + done + # Upon adding a device to a bridge, + # it's necessary to make radvd reload its config + [ -r /run/radvd/radvd.pid ] && kill -HUP $(cat /run/radvd/radvd.pid) + exit 0 +fi + +if [ -n "${DYNCONFIG}" ] && [ -x /sbin/dhclient ]; then + if is_true "${PERSISTENT_DHCLIENT}"; then + ONESHOT=""; + else + ONESHOT="-1"; + fi; + generate_config_file_name + generate_lease_file_name + + # Initialize the dhclient args and obtain the hostname options if needed: + DHCLIENTARGS="${DHCLIENTARGS} ${ONESHOT} -q ${DHCLIENTCONF} -lf ${LEASEFILE} -pf /run/dhclient-${DEVICE}.pid" + set_hostname_options DHCLIENTARGS + + echo + echo -n $"Determining IP information for ${DEVICE}..." + if ! is_true "${PERSISTENT_DHCLIENT}" && check_link_down ${DEVICE}; then + echo $" failed; no link present. Check cable?" + exit 1 + fi + + ethtool_set + + if /sbin/dhclient ${DHCLIENTARGS} ${DEVICE} ; then + echo $" done." + dhcpipv4="good" + else + echo $" failed." + if is_true "${IPV4_FAILURE_FATAL}"; then + exit 1 + fi + if is_false "$IPV6INIT" || ! is_true "$DHCPV6C"; then + exit 1 + fi + net_log "Unable to obtain IPv4 DHCP address ${DEVICE}." warning + fi + # end dynamic device configuration +else + if [ -z "${IPADDR}" -a -z "${IPADDR0}" -a -z "${IPADDR1}" -a -z "${IPADDR2}" ]; then + # enable device without IP, useful for e.g. PPPoE + ip link set dev ${REALDEVICE} up + ethtool_set + [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} + else + + expand_config + + [ -n "${ARP}" ] && \ + ip link set dev ${REALDEVICE} $(toggle_value arp $ARP) + + if ! ip link set dev ${REALDEVICE} up ; then + net_log $"Failed to bring up ${DEVICE}." + exit 1 + fi + + ethtool_set + + [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} + + if [ "${DEVICE}" = "lo" ]; then + SCOPE="scope host" + else + SCOPE=${SCOPE:-} + fi + + if [ -n "$SRCADDR" ]; then + SRC="src $SRCADDR" + else + SRC= + fi + + # set IP address(es) + for idx in {0..256} ; do + if [ -z "${ipaddr[$idx]}" ]; then + break + fi + + if ! LC_ALL=C ip addr ls ${REALDEVICE} | LC_ALL=C grep -q "${ipaddr[$idx]}/${prefix[$idx]}" ; then + if [ "${REALDEVICE}" != "lo" ] && [ "${arpcheck[$idx]}" != "no" ] ; then + ARPING=$(/sbin/arping -c 2 -w ${ARPING_WAIT:-3} -D -I ${REALDEVICE} ${ipaddr[$idx]}) + if [ $? = 1 ]; then + ARPINGMAC=$(echo $ARPING | sed -ne 's/.*\[\(.*\)\].*/\1/p') + net_log $"Error, some other host ($ARPINGMAC) already uses address ${ipaddr[$idx]}." + exit 1 + fi + fi + + if ! ip addr add ${ipaddr[$idx]}/${prefix[$idx]} \ + brd ${broadcast[$idx]:-+} dev ${REALDEVICE} ${SCOPE} label ${DEVICE}; then + net_log $"Error adding address ${ipaddr[$idx]} for ${DEVICE}." + fi + fi + + if [ -n "$SRCADDR" ]; then + sysctl -w "net.ipv4.conf.${SYSCTLDEVICE}.arp_filter=1" >/dev/null 2>&1 + fi + + # update ARP cache of neighboring computers + if ! is_false "${arpupdate[$idx]}" && [ "${REALDEVICE}" != "lo" ]; then + /sbin/arping -q -A -c 1 -I ${REALDEVICE} ${ipaddr[$idx]} + ( sleep 2; + /sbin/arping -q -U -c 1 -I ${REALDEVICE} ${ipaddr[$idx]} ) > /dev/null 2>&1 < /dev/null & + fi + + # set lifetime of address to forever + ip addr change ${ipaddr[$idx]}/${prefix[$idx]} dev ${REALDEVICE} valid_lft forever preferred_lft forever + done + + # Set a default route. + if [ "${DEFROUTE}" != "no" ] && [ -z "${GATEWAYDEV}" -o "${GATEWAYDEV}" = "${REALDEVICE}" ]; then + # set up default gateway. replace if one already exists + if [ -n "${GATEWAY}" ] && [ "$(ipcalc --network ${GATEWAY} ${netmask[0]} 2>/dev/null)" = "NETWORK=${NETWORK}" ]; then + ip route replace default ${METRIC:+metric $METRIC} \ + ${EXTRA_ROUTE_OPTS} \ + via ${GATEWAY} ${WINDOW:+window $WINDOW} ${SRC} \ + ${GATEWAYDEV:+dev $GATEWAYDEV} || + net_log $"Error adding default gateway ${GATEWAY} for ${DEVICE}." + elif [ "${GATEWAYDEV}" = "${DEVICE}" ]; then + ip route replace default ${METRIC:+metric $METRIC} \ + ${EXTRA_ROUTE_OPTS} \ + ${SRC} ${WINDOW:+window $WINDOW} dev ${REALDEVICE} || + net_log $"Error adding default gateway for ${REALDEVICE}." + fi + fi + fi +fi + +# Add Zeroconf route. +if [ -z "${NOZEROCONF}" -a "${ISALIAS}" = "no" -a "${REALDEVICE}" != "lo" ]; then + ip route add 169.254.0.0/16 dev ${REALDEVICE} metric $((1000 + $(cat /sys/class/net/${REALDEVICE}/ifindex))) scope link +fi + +if [ "${TYPE}" = "Bridge" ]; then + for arg in $BRIDGING_OPTS ; do + key=${arg%%=*}; + value=${arg##*=}; + if [ "${key}" = "multicast_router" -o "${key}" = "hash_max" -o "${key}" = "multicast_snooping" ]; then + echo $value > /sys/class/net/${DEVICE}/bridge/$key + fi + done +fi + +# IPv6 initialisation? +/etc/sysconfig/network-scripts/ifup-ipv6 ${CONFIG} +if is_true "${DHCPV6C}" && [ -x /sbin/dhclient ]; then + + # Assign interface into a firewalld zone so we can obtain the IPv6 via DHCPv6: + if [ "${REALDEVICE}" != "lo" ]; then + dbus-send --print-reply --system --dest=org.fedoraproject.FirewallD1 \ + /org/fedoraproject/FirewallD1 \ + org.fedoraproject.FirewallD1.zone.changeZoneOfInterface \ + string:"${ZONE}" string:"${DEVICE}" \ + > /dev/null 2>&1 + fi + + generate_config_file_name 6 + generate_lease_file_name 6 + echo + echo -n $"Determining IPv6 information for ${DEVICE}..." + + # Initialize the dhclient args for IPv6 and obtain the hostname options if needed: + DHCLIENTARGS="-6 -1 ${DHCPV6C_OPTIONS} ${DHCLIENTCONF} -lf ${LEASEFILE} -pf /run/dhclient6-${DEVICE}.pid ${DEVICE}" + set_hostname_options DHCLIENTARGS + + if /sbin/dhclient $DHCLIENTARGS; then + echo $" done." + else + echo $" failed." + if [ "${dhcpipv4}" = "good" -o -n "${IPADDR}" ]; then + net_log "Unable to obtain IPv6 DHCP address ${DEVICE}." warning + else + exit 1 + fi + fi +fi + +exec /etc/sysconfig/network-scripts/ifup-post ${CONFIG} ${2} diff --git a/network-scripts/ifup-ippp b/network-scripts/ifup-ippp new file mode 100755 index 00000000..e1f08a79 --- /dev/null +++ b/network-scripts/ifup-ippp @@ -0,0 +1,384 @@ +#! /bin/bash +# +# ifup-ippp +# +# This script is normally called from the ifup script when it detects an ippp device. + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +# Get global network configuration +[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network + +GATEWAY="" + +# set device +CONFIG=$1 +[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1} +source_config + +if [ "${2}" = "boot" -a "${ONBOOT}" = "no" ]; then + exit +fi + +if [ ! -f /var/lock/subsys/isdn ] && [ -x /etc/init.d/isdn ] ; then + /etc/init.d/isdn start +fi + +# check that ipppd is available for syncppp +if [ "$ENCAP" = "syncppp" ]; then + if [ ! -x /sbin/ipppd ] && [ ! -x /usr/sbin/ipppd ] ; then + /usr/bin/logger -p daemon.info -t ifup-ippp "ipppd does not exist or is not executable" + exit 1 + fi +fi + +# check that isdnctrl is available +if [ ! -x /sbin/isdnctrl ] && [ ! -x /usr/sbin/isdnctrl ] ; then + /usr/bin/logger -p daemon.info -t ifup-ippp "isdnctrl does not exist or is not executable" + exit 1 +fi + +# check all ISDN devices +if ! isdnctrl list all >/dev/null 2>&1 ; then + /usr/bin/logger -p daemon.info -t ifup-ippp "cannot list ISDN devices" + exit 1 +fi + +# check if device already is configured +isdnctrl list $DEVICE >/dev/null 2>&1 && exit 0 + +function log_echo() +{ + /usr/bin/logger -p daemon.info -t ifup-ippp $"$*" +} + +function log_isdnctrl() +{ + /usr/bin/logger -p daemon.info -t ifup-ippp isdnctrl $* + isdnctrl $* >/dev/null 2>&1 || exit 1 +} + +function create_option_file() +{ + umask 066 + echo "$1" > /etc/ppp/ioption-secret-$DEVICE + umask 022 +} + +function start_ibod() +{ + # don't start ibod, if it's running + [ -f /var/lock/subsys/ibod ] && return + + device=$1 + if [ -f /etc/isdn/ibod.cf ] && [ -x /usr/sbin/ibod ] ; then + ibod $device & + pid=$(pidof ibod) + [ -n "$pid" ] && touch /var/lock/subsys/ibod + fi +} + +function addprovider() +{ + options= + if [ -z "$PHONE_OUT" ]; then + log_echo "Error: $1: no outgoing phone number set" + return 1 + fi + + # set the encapsulation mode + [ -z "$ENCAP" ] && ENCAP="syncppp" + + # set the dial mode + [ -z "$DIALMODE" ] && DIALMODE="off" + + [ "$AUTH" = "none" -o "$AUTH" = "noauth" -o -z "$AUTH" ] && AUTH="-pap -chap" + + # set layer-2/3 protocol + [ -z "$L2_PROT" ] && L2_PROT="hdlc" + [ -z "$L3_PROT" ] && L3_PROT="trans" + + # check local/remote IP + [ -z "$IPADDR" ] && IPADDR="0.0.0.0" + [ -z "$GATEWAY" ] && GATEWAY="0.0.0.0" + + # set default route + [ "$DEFROUTE" = "yes" ] && options="$options defaultroute deldefaultroute" + + # set authentication + _auth=$(echo "$AUTH" | sed 's/[a-z -]*//g') + if [ -n "$_auth" ]; then + if [ -z "$USER" -a "$DIALIN" != "on" ]; then + log_echo " Error: $1 (syncppp) user is not set" + return 1 + fi + if [ "$DIALIN" != "on" ]; then + # we should hide the user name, so i add user name to option file. + if [ "$AUTH" = "-pap +chap" ]; then + create_option_file "name \"$USER\"" + else + create_option_file "user \"$USER\"" + fi + options="$options file /etc/ppp/ioption-secret-$DEVICE" + fi + + # authentication options: + # +pap and/or +chap does not work correct by dialout - remove + # them if it's configured as dialout + [ "$DIALIN" = "on" ] || AUTH=$(echo "$AUTH" | sed 's/+[a-z]*//g') + fi + + # add ISDN device + log_isdnctrl addif $DEVICE + + # set local MSN + [ -z "$MSN" ] || log_isdnctrl eaz $DEVICE $MSN + + # set dialout numbers + if echo $COUNTRYCODE | grep ":" >/dev/null 2>&1 ; then + COUNTRYCODE="$(echo $COUNTRYCODE | cut -f 2 -d ':')" + [ "$COUNTRYCODE" = "0" ] && COUNTRYCODE= + else + COUNTRYCODE= + fi + for i in $PHONE_OUT; do + log_isdnctrl addphone $DEVICE out $COUNTRYCODE$PREFIX$AREACODE$i + done + for i in $PHONE_IN; do + log_isdnctrl addphone $DEVICE in $i + done + + # set layer-2/3 protocol + log_isdnctrl l2_prot $DEVICE $L2_PROT + log_isdnctrl l3_prot $DEVICE $L3_PROT + + # set encapsulation + log_isdnctrl encap $DEVICE $ENCAP + + # set dialmode + log_isdnctrl dialmode $DEVICE $DIALMODE + + [ -n "$SECURE" ] && log_isdnctrl secure $DEVICE $SECURE + [ -n "$HUPTIMEOUT" ] && log_isdnctrl huptimeout $DEVICE $HUPTIMEOUT + [ -n "$CHARGEHUP" ] && log_isdnctrl chargehup $DEVICE $CHARGEHUP + [ -n "$CHARGEINT" ] && log_isdnctrl chargeint $DEVICE $CHARGEINT + + [ -n "$IHUP" ] && log_isdnctrl ihup $DEVICE $IHUP + + # set the number of dial atempts for each number + [ -n "$DIALMAX" ] && log_isdnctrl dialmax $DEVICE $DIALMAX + + # set callback + if [ "$CALLBACK" = "out" -o "$CALLBACK" = "in" ] ; then + log_isdnctrl callback $DEVICE $CALLBACK + else + log_isdnctrl callback $DEVICE off + fi + [ -n "$CBDELAY" ] && log_isdnctrl cbdelay $DEVICE $CBDELAY + [ -n "$CBHUP" ] && log_isdnctrl cbhup $DEVICE $CBHUP + + options="$options ipparam $DEVNAME" + + [ "$ENCAP" = "syncppp" ] && log_isdnctrl pppbind $DEVICE + + if [ "$IPADDR" = "0.0.0.0" ]; then + options="$options ipcp-accept-local" + else + if [ "$DIALIN" != "on" ]; then + options="$options noipdefault" + fi + fi + # Add device + options="$options /dev/$DEVICE" + + # set channel bundling + if [ "$BUNDLING" = "yes" -o "$BUNDLING" = "on" ] && [ -n "$SLAVE_DEVICE" ]; then + [ -z "$SLAVE_MSN" ] && SLAVE_MSN="$MSN" + [ -z "$SLAVE_PHONE_OUT" ] && SLAVE_PHONE_OUT="$PHONE_OUT" + [ -z "$SLAVE_PHONE_IN" ] && SLAVE_PHONE_IN="$PHONE_IN" + [ -z "$SLAVE_HUPTIMEOUT" ] && SLAVE_HUPTIMEOUT="$HUPTIMEOUT" + [ -z "$SLAVE_CHARGEHUP" ] && SLAVE_CHARGEHUP="$CHARGEHUP" + [ -z "$SLAVE_CHARGEINT" ] && SLAVE_CHARGEINT="$CHARGEINT" + [ -z "$SLAVE_CBHUP" ] && SLAVE_CBHUP="$CBHUP" + [ -z "$SLAVE_IHUP" ] && SLAVE_IHUP="$IHUP" + [ -z "$SLAVE_DIALMAX" ] && SLAVE_DIALMAX="$DIALMAX" + [ -z "$SLAVE_CALLBACK" ] && SLAVE_CALLBACK="$CALLBACK" + [ -z "$SLAVE_CBDELAY" ] && SLAVE_CBDELAY="$CBDELAY" + if [ "$DIALIN" != "on" ] ; then + [ -z "$SLAVE_DIALMODE" ] && SLAVE_DIALMODE="auto" + else + # Master should not dial by default on incoming MPPP + [ -z "$SLAVE_DIALMODE" ] && SLAVE_DIALMODE="$DIALMODE" + fi + + slave=$SLAVE_DEVICE + options="$options /dev/$slave +mp" + + # Create slave and set options + log_isdnctrl addslave $DEVICE $slave + [ -z $SLAVE_MSN ] || log_isdnctrl eaz $slave $SLAVE_MSN + + # set phone number + for i in $SLAVE_PHONE_OUT; do + log_isdnctrl addphone $slave out $COUNTRYCODE$PREFIX$AREACODE$i + done + for i in $SLAVE_PHONE_IN; do + log_isdnctrl addphone $slave in $i + done + + # set layer-2/3 protocol + log_isdnctrl l2_prot $slave $L2_PROT + log_isdnctrl l3_prot $slave $L3_PROT + + # set encapsulation + log_isdnctrl encap $slave $ENCAP + + # set dial mode + log_isdnctrl dialmode $slave $SLAVE_DIALMODE + + [ -n "$SECURE" ] && log_isdnctrl secure $slave $SECURE + [ -n "$SLAVE_HUPTIMEOUT" ] && log_isdnctrl huptimeout $slave $SLAVE_HUPTIMEOUT + [ -n "$SLAVE_CHARGEHUP" ] && log_isdnctrl chargehup $slave $SLAVE_CHARGEHUP + [ -n "$SLAVE_CHARGEINT" ] && log_isdnctrl chargeint $slave $SLAVE_CHARGEINT + [ -n "$SLAVE_IHUP" ] && log_isdnctrl ihup $slave $SLAVE_IHUP + [ -n "$SLAVE_DIALMAX" ] && log_isdnctrl dialmax $slave $SLAVE_DIALMAX + + # set callback + [ -n "$SLAVE_CBHUP" ] && log_isdnctrl cbhup $slave $SLAVE_CBHUP + [ -n "$SLAVE_CALLBACK" ] || SLAVE_CALLBACK="off" + log_isdnctrl callback $slave $SLAVE_CALLBACK + [ -n "$SLAVE_CBDELAY" ] && log_isdnctrl cbdelay $DEVICE $SLAVE_CBDELAY + + # options for master device + [ -n "$SLAVE_DELAY" ] && log_isdnctrl sdelay $DEVICE $SLAVE_DELAY + [ -n "$SLAVE_TRIGGER" ] && log_isdnctrl trigger $DEVICE $SLAVE_TRIGGER + fi + + if [ "$GATEWAY" = "0.0.0.0" ]; then + if [ "$DIALIN" != "on" ]; then + options="$options ipcp-accept-remote" + fi + options="$IPADDR:$GATEWAY $options" + else + options="$options $IPADDR:$GATEWAY" + fi + + # Van Jacobson style TCP/IP header compression and + # VJ connection-ID compression + [ "$VJ" = "off" ] && options="$options -vj" + [ "$VJCCOMP" = "off" ] && options="$options -vjccomp" + + # Address/Control compression, protocol field compression, + [ "$AC" = "off" ] && options="$options -ac" + [ "$PC" = "off" ] && options="$options -pc" + + # BSD-Compression scheme + if [ "$BSDCOMP" = "on" ] ; then + options="$options bsdcomp 9,9" + else + options="$options -bsdcomp" + fi + # Stac compression + if [ "$LZS" = "on" ] ; then + # supports LZS check mode 3 and 4 + [ -n "$LZS_MODE" ] || LZS_MODE="4" + [ "$LZS_MODE" = "3" ] && options="$options lzs 1" + [ "$LZS_MODE" = "4" ] && options="$options lzs 1:4" + fi + + # Set max receive and max transmit units + [ -n "$MRU" ] && options="$options mru $MRU" + [ -n "$MTU" ] && options="$options mtu $MTU" + + # set CBCP protocoll + if [ "$CBCP" = "on" ] ; then + if [ -n "$CBCP_MSN" ] ; then + # User managed callback + options="$options callback $CBCP_MSN" + else + # admin managed callback, it's enabled by default + options="$options callback 6" + fi + else + # Disable CBCP + options="$options -callback-cbcp" + fi + + # set CCP protocoll + [ "$CCP" = "off" ] && options="$options noccp" + + # set host name + [ -n "$ISDN_HOSTNAME" ] && options="$options remotename $ISDN_HOSTNAME" + + # Set authentication + for i in $AUTH ; do + options="$options $i" + done + + # add ppp options + for i in $PPPOPTIONS ; do + options="$options $i" + done + + # check dns entry + if [ -z "$DNS1" -a -z "$DNS2" ]; then + options="$options ms-get-dns" + else + [ -n "$DNS1" ] && options="$options ms-dns $DNS1" + [ -n "$DNS2" ] && options="$options ms-dns $DNS2" + fi + + # set debug + [ "$DEBUG" = "yes" ] && options="-d $options" + + # set netmask, if available + [ -n "$NETMASK" ] && { + val=$(ipcalc --prefix $IPADDR $NETMASK) + pfx=${val##PREFIX=} + } + # activate ISDN device + /usr/bin/logger -p daemon.info -t ifup-ippp "ip addr add $IPADDR peer $GATEWAY${pfx:/$pfx} dev $DEVICE" + ip addr add $IPADDR peer $GATEWAY${pfx:/$pfx} dev $DEVICE + ip link set dev $DEVICE up + + if [ "$ENCAP" = "syncppp" ]; then + # start ipppd daemon + /usr/bin/logger -p daemon.info -t ifup-ippp "ipppd $options $netmask" + ipppd $options $netmask >/dev/null 2>&1 + + # start ibod daemon + if [ "$DIALIN" != "on" ]; then + [ "$BUNDLING" = "yes" -o "$BUNDLING" = "on" ] && [ -n "$SLAVE_DEVICE" ] && start_ibod $DEVICE + fi + fi + + # set default gateway for dial on demand + if [ "$DIALMODE" = "auto" ] ; then + echo 1 > /proc/sys/net/ipv4/ip_dynaddr + if [ "$DEFROUTE" = "yes" ] ; then + if [ "$GATEWAY" = "0.0.0.0" ]; then + ip route replace default ${METRIC:+metric $METRIC} dev ${DEVICE} >/dev/null 2>&1 + else + ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY} dev ${DEVICE} >/dev/null 2>&1 + fi + fi + fi + + # Setup IPv6 + if ! is_false "$IPV6INIT" && ! [[ -z "$IPV6ADDR" ]]; then + # Native IPv6 use of device configured, check of encapsulation required + if [ "$ENCAP" = "syncppp" ]; then + echo $"Warning: ipppd (kernel 2.4.x and below) doesn't support IPv6 using encapsulation 'syncppp'" + elif [ "$ENCAP" = "rawip" ]; then + echo $"Warning: link doesn't support IPv6 using encapsulation 'rawip'" + fi + fi + /etc/sysconfig/network-scripts/ifup-ipv6 $CONFIG +} + +addprovider || exit 1 + +exit 0 diff --git a/network-scripts/ifup-ipv6 b/network-scripts/ifup-ipv6 new file mode 100755 index 00000000..ecbe5b79 --- /dev/null +++ b/network-scripts/ifup-ipv6 @@ -0,0 +1,316 @@ +#!/bin/bash +# +# ifup-ipv6 +# +# +# Taken from: +# (P) & (C) 2000-2006 by Peter Bieringer +# +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html +# +# RHL integration assistance by Pekka Savola +# +# Version: 2006-07-20 +# +# Note: if called (like normally) by /etc/sysconfig/network-scripts/ifup +# exit codes aren't handled by "ifup" +# +# Uses following information from "/etc/sysconfig/network": +# IPV6_DEFAULTDEV=: controls default route (optional) +# IPV6_DEFAULTGW=
: controls default route (optional) +# +# Uses following information from "/etc/sysconfig/network-scripts/ifcfg-$1": +# IPV6INIT=yes|no: controls IPv6 configuration for this interface +# IPV6ADDR=[/]: specify primary static IPv6 address +# IPV6ADDR_SECONDARIES="[/] ..." (optional) +# IPV6_ROUTER=yes|no: controls IPv6 autoconfiguration (no: multi-homed interface without routing) +# IPV6_AUTOCONF=yes|no: controls IPv6 autoconfiguration +# defaults: +# IPV6FORWARDING=yes: IPV6_AUTOCONF=no, IPV6_ROUTER=yes +# IPV6FORWARDING=no: IPV6_AUTOCONF=yes +# IPV6_MTU=: controls IPv6 MTU for this link (optional) +# IPV6_PRIVACY="rfc3041": control IPv6 privacy (optional) +# This script only supports "rfc3041" (if kernel supports it) +# +# Optional for 6to4 tunneling (hardwired name of tunnel device is "tun6to4"): +# IPV6TO4INIT=yes|no: controls 6to4 tunneling setup +# IPV6TO4_RELAY=: IPv4 address of the remote 6to4 relay (default: 192.88.99.1) +# IPV6TO4_MTU=: controls IPv6 MTU for the 6to4 link (optional, default is MTU of interface - 20) +# IPV6TO4_IPV4ADDR=: overwrite local IPv4 address (optional) +# IPV6TO4_ROUTING="-/ ...": information to setup additional interfaces +# Example: IPV6TO4_ROUTING="eth0-:f101::1/64 eth1-:f102::1/64" +# +# Optional for 6to4 tunneling to trigger radvd: +# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering (optional) +# IPV6_RADVD_PIDFILE=: PID file of radvd for sending signals, default is "/run/radvd/radvd.pid" (optional) +# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd (optional, default is SIGHUP) +# +# Required version of radvd to use 6to4 prefix recalculation +# 0.6.2p3 or newer supporting option "Base6to4Interface" +# Required version of radvd to use dynamic ppp links +# 0.7.0 + fixes or newer +# + + +. /etc/sysconfig/network + +cd /etc/sysconfig/network-scripts +. ./network-functions + +CONFIG=$1 +[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG +source_config + +REALDEVICE=${DEVICE%%:*} +DEVICE=$REALDEVICE + +# Test whether IPv6 configuration is disabled for this interface +is_false "$IPV6INIT" && exit 0 + +[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1 +. /etc/sysconfig/network-scripts/network-functions-ipv6 + + +# IPv6 test, module loaded, exit if system is not IPv6-ready +ipv6_test || exit 1 + +# Test device status +ipv6_test_device_status $DEVICE +if [ $? != 0 -a $? != 11 ]; then + # device doesn't exist or other problem occurs + exit 1 +fi + +# Setup IPv6 address on specified interface +if [ -n "$IPV6ADDR" ]; then + ipv6_add_addr_on_device $DEVICE $IPV6ADDR || exit 1 +fi + +# Get current global IPv6 forwarding +ipv6_global_forwarding_current="$(/sbin/sysctl -e -n net.ipv6.conf.all.forwarding)" + +# Set some proc switches depending on defines +if [ "$IPV6FORWARDING" = "yes" ]; then + # Global forwarding should be enabled + + # Check, if global IPv6 forwarding was already set by global script + if [ $ipv6_global_forwarding_current -ne 1 ]; then + net_log $"Global IPv6 forwarding is enabled in configuration, but not currently enabled in kernel" + net_log $"Please restart network with '/sbin/service network restart'" + fi + + ipv6_local_forwarding=1 + ipv6_local_auto=0 + ipv6_local_accept_ra=0 + if [ "$IPV6_ROUTER" = "no" ]; then + ipv6_local_forwarding=0 + fi + if [ "$IPV6_AUTOCONF" = "yes" ]; then + ipv6_local_auto=1 + ipv6_local_accept_ra=2 + fi +else + # Global forwarding should be disabled + + # Check, if global IPv6 forwarding was already set by global script + if [ $ipv6_global_forwarding_current -ne 0 ]; then + net_log $"Global IPv6 forwarding is disabled in configuration, but not currently disabled in kernel" + net_log $"Please restart network with '/sbin/service network restart'" + fi + + ipv6_local_forwarding=0 + ipv6_local_auto=1 + ipv6_local_accept_ra=1 + if [ "$IPV6_AUTOCONF" = "no" ]; then + ipv6_local_auto=0 + if [ ! "$IPV6_FORCE_ACCEPT_RA" = "yes" ]; then + ipv6_local_accept_ra=0 + fi + fi +fi + +if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=$ipv6_local_forwarding >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=$ipv6_local_accept_ra >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=$ipv6_local_auto >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.autoconf=$ipv6_local_auto >/dev/null 2>&1 +fi + +# Set IPv6 MTU, if given +if [ -n "$IPV6_MTU" ]; then + ipv6_set_mtu $DEVICE $IPV6_MTU +fi + +# Setup additional IPv6 addresses from list, if given +if [ -n "$IPV6ADDR_SECONDARIES" ]; then + for ipv6addr in $IPV6ADDR_SECONDARIES; do + ipv6_add_addr_on_device $DEVICE $ipv6addr + done +fi + +# Enable IPv6 RFC3041 privacy extensions if desired +if [ "$IPV6_PRIVACY" = "rfc3041" ]; then + if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.use_tempaddr=2 >/dev/null 2>&1 + if [ $? -ne 0 ]; then + net_log $"Cannot enable IPv6 privacy method '$IPV6_PRIVACY', not supported by kernel" + fi + fi +fi + +# Setup default IPv6 route, check are done by function +if [ -n "$IPV6_DEFAULTDEV" -o -n "$IPV6_DEFAULTGW" ]; then + ipv6_set_default_route "$IPV6_DEFAULTGW" "$IPV6_DEFAULTDEV" "$DEVICE" +fi + +# Setup additional static IPv6 routes on specified interface, if given +if [ -f /etc/sysconfig/static-routes-ipv6 ]; then + LC_ALL=C grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device args; do + ipv6_add_route $args $DEVICE + done +fi + +# Setup of 6to4, if configured +if [ "$IPV6TO4INIT" = "yes" ]; then + valid6to4config="yes" + + # Test device status of 6to4 tunnel + ipv6_test_device_status tun6to4 + if [ $? = 0 ]; then + # device is already up + net_log $"Device 'tun6to4' (from '$DEVICE') is already up, shutdown first" + exit 1 + fi + + # Get IPv4 address for global 6to4 prefix calculation + if [ -n "$IPV6TO4_IPV4ADDR" ]; then + # Take special configured from config file (precedence 1) + ipv4addr="$IPV6TO4_IPV4ADDR" + + # Get local IPv4 address from interface + ipv4addrlocal="$(ipv6_get_ipv4addr_of_device $DEVICE)" + if [ -z "$ipv4addrlocal" ]; then + # Take configured from config file + ipv4addrlocal="$IPADDR" + fi + else + # Get IPv4 address from interface first (has precedence 2) + ipv4addr="$(ipv6_get_ipv4addr_of_device $DEVICE)" + if [ -z "$ipv4addr" ]; then + # Take configured from config file (precedence 3) + ipv4addr="$IPADDR" + fi + ipv4addrlocal="$ipv4addr" + fi + + if [ -n "$ipv4addr" ]; then + if ! ipv6_test_ipv4_addr_global_usable $ipv4addr; then + net_log $"Given IPv4 address '$ipv4addr' is not globally usable" info + valid6to4config="no" + fi + if [ -z "$IPV6TO4_RELAY" ]; then + IPV6TO4_RELAY="192.88.99.1" + fi + + # Check/generate relay address + ipv6to4_relay="$(ipv6_create_6to4_relay_address $IPV6TO4_RELAY)" + if [ $? -ne 0 ]; then + valid6to4config="no" + fi + else + net_log $"IPv6to4 configuration needs an IPv4 address on related interface or otherwise specified" info + valid6to4config="no" + fi + + # Setup 6to4 tunnel (hardwired name is "tun6to4"), if config is valid + if [ "$valid6to4config" = "yes" ]; then + # Get MTU of master device + ipv4mtu="$(/sbin/ip link show dev $DEVICE | awk '/\/ { print $5 }')" + if [ -n "$ipv4mtu" ]; then + # IPv6 tunnel MTU is IPv4 MTU minus 20 for IPv4 header + tunnelmtu=$(($ipv4mtu-20)) + fi + + if [ -n "$IPV6TO4_MTU" ]; then + if [ $IPV6TO4_MTU -gt $tunnelmtu ]; then + net_log $"Warning: configured MTU '$IPV6TO4_MTU' for 6to4 exceeds maximum limit of '$tunnelmtu', ignored" warning + else + tunnelmtu=$IPV6TO4_MTU + fi + fi + + ipv6_add_6to4_tunnel tun6to4 $ipv4addr "" $tunnelmtu $ipv4addrlocal || exit 1 + + # Add route to for compatible addresses (removed later again) + ipv6_add_route "::/96" "::" tun6to4 + + # Add default route, if device matches + if [ "$IPV6_DEFAULTDEV" = "tun6to4" ]; then + if [ -n "$IPV6_DEFAULTGW" ]; then + net_log $"Warning: interface 'tun6to4' does not support 'IPV6_DEFAULTGW', ignored" warning + fi + ipv6_set_default_route $ipv6to4_relay tun6to4 + fi + + # Add static routes + if [ -f /etc/sysconfig/static-routes-ipv6 ]; then + LC_ALL=C grep -w "^tun6to4" /etc/sysconfig/static-routes-ipv6 | while read device network gateway; do + if [ -z "$network" ]; then + continue + fi + if [ -z "$gateway" ]; then + gateway="$ipv6to4_relay" + fi + ipv6_add_route $network $gateway tun6to4 + done + fi + + # Setup additional static IPv6 routes (newer config style) + if [ -f "/etc/sysconfig/network-scripts/route6-tun6to4" ]; then + sed -ne 's/#.*//' -e '/[^[:space:]]/p' /etc/sysconfig/network-scripts/route6-tun6to4 | while read line; do + if echo "$line" | LC_ALL=C grep -vq 'via'; then + # Add gateway if missing + line="$line via $ipv6to4_relay" + fi + /sbin/ip -6 route add $line + done + fi + + # Cleanup autmatically generated autotunnel (not needed for 6to4) + /sbin/ip -6 route del ::/96 dev tun6to4 + /sbin/ip -6 addr del "::$ipv4addrlocal/128" dev tun6to4 + + if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then + # RADVD is in use, so forwarding of IPv6 packets should be enabled, display warning + if [ $ipv6_global_forwarding_current -ne 1 ]; then + net_log $"Using 6to4 and RADVD IPv6 forwarding usually should be enabled, but it isn't" warning + fi + + if [ -n "$IPV6TO4_ROUTING" ]; then + ipv6to4prefix="$(ipv6_create_6to4_prefix $ipv4addr)" + if [ -n "$ipv6to4prefix" ]; then + # Add route to local networks + for devsuf in $IPV6TO4_ROUTING; do + dev="${devsuf%%-*}" + suf="$(echo $devsuf | awk -F- '{ print $2 }')" + ipv6_add_addr_on_device ${dev} ${ipv6to4prefix}${suf} + done + else + net_log $"Error occurred while calculating the IPv6to4 prefix" + fi + else + net_log $"radvd control enabled, but config is not complete" + fi + + # Control running radvd + ipv6_trigger_radvd up "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE + fi + else + net_log $"6to4 configuration is not valid" + exit 1 + fi +fi + +#wait for all global IPv6 addresses to leave the "tentative" state +ipv6_wait_tentative $DEVICE diff --git a/network-scripts/ifup-plip b/network-scripts/ifup-plip new file mode 100755 index 00000000..2cea68b4 --- /dev/null +++ b/network-scripts/ifup-plip @@ -0,0 +1,27 @@ +#!/bin/sh + +cd /etc/sysconfig/network-scripts +. ./network-functions + +CONFIG=$1 +source_config + +if [ "foo$2" = "fooboot" -a "${ONBOOT}" = "no" ]; then + exit +fi + +[ -z "$PREFIX" ] && eval $(/bin/ipcalc --prefix ${IPADDR} ${NETMASK}) +ip addr add ${IPADDR} peer ${REMIP}/${PREFIX} dev ${DEVICE} +ip link set up dev ${DEVICE} +ip route add ${NETWORK} dev ${DEVICE} + +. /etc/sysconfig/network + +if [ "${GATEWAY}" != "" ]; then + if [ "${GATEWAYDEV}" = "" -o "${GATEWAYDEV}" = "${DEVICE}" ]; then + # set up default gateway + ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY} + fi +fi + +/etc/sysconfig/network-scripts/ifup-post $1 diff --git a/network-scripts/ifup-plusb b/network-scripts/ifup-plusb new file mode 100755 index 00000000..1b29afeb --- /dev/null +++ b/network-scripts/ifup-plusb @@ -0,0 +1,43 @@ +#!/bin/sh +# +# /etc/sysconfig/network-scripts/ifup-plusb +# +# the plusb network driver is a USB host-host cable based on the Prolific +# chip. It works a lot like the plip driver. +# +# To get the plusb module to load automatically at boot, you will need to +# add the following lines to /etc/conf.modules: +# +# alias plusb0 plusb +# + +cd /etc/sysconfig/network-scripts +. ./network-functions + +CONFIG=$1 +source_config + +if [ "foo$2" = "fooboot" -a "${ONBOOT}" = "no" ] +then + exit +fi + +[ -z "$PREFIX" ] && eval $(/bin/ipcalc --prefix ${IPADDR} ${NETMASK}) + +if [ ${BROADCAST} != "" ] ; then + ip addr add ${IPADDR} peer ${REMIP}/${PREFIX} broadcast ${BROADCAST} dev ${DEVICE} +else + ip addr add ${IPADDR} peer ${REMIP}/${PREFIX} dev ${DEVICE} +fi +ip link set up dev ${DEVICE} + +. /etc/sysconfig/network + +if [ "${GATEWAY}" != "" ]; then + if [ "${GATEWAYDEV}" = "" -o "${GATEWAYDEV}" = "${DEVICE}" ]; then + # set up default gateway + ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY} + fi +fi + +/etc/sysconfig/network-scripts/ifup-post $1 diff --git a/network-scripts/ifup-post b/network-scripts/ifup-post new file mode 100755 index 00000000..f8a91add --- /dev/null +++ b/network-scripts/ifup-post @@ -0,0 +1,151 @@ +#!/bin/bash + +# Source the general functions for is_true() and is_false(): +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +[ -f ../network ] && . ../network + +unset REALDEVICE +if [ "$1" = --realdevice ] ; then + REALDEVICE=$2 + shift 2 +fi + +CONFIG=$1 +source_config + +[ -z "$REALDEVICE" ] && REALDEVICE=$DEVICE + +if is_false "$ISALIAS"; then + /etc/sysconfig/network-scripts/ifup-aliases ${DEVICE} ${CONFIG} +fi + +if ! is_true "$NOROUTESET"; then + /etc/sysconfig/network-scripts/ifup-routes ${REALDEVICE} ${DEVNAME} +fi + + +if ! is_false "${PEERDNS}" || ! is_false "${RESOLV_MODS}"; then + # Obtain the DNS entries when using PPP if necessary: + [ -n "${MS_DNS1}" ] && DNS1="${MS_DNS1}" + [ -n "${MS_DNS2}" ] && DNS2="${MS_DNS2}" + + # Remove duplicate DNS entries and shift them, if necessary: + update_DNS_entries + + # Determine what regexp we should use (for testing below): + if [ -n "${DNS3}" ]; then + grep_regexp="[^#]?nameserver[[:space:]]+${DNS1}[^#]?nameserver[[:space:]]+${DNS2}[^#]?nameserver[[:space:]]+${DNS3}" + elif [ -n "${DNS2}" ]; then + grep_regexp="[^#]?nameserver[[:space:]]+${DNS1}[^#]?nameserver[[:space:]]+${DNS2}" + elif [ -n "${DNS1}" ]; then + grep_regexp="[^#]?nameserver[[:space:]]+${DNS1}" + else + # No DNS entries used at all ->> match everything. + grep_regexp=".*" + fi + + # Test if the search field needs updating, or + # if the nameserver entries order should be updated: + if [ -n "${DOMAIN}" ] && ! grep -q "^search.*${DOMAIN}.*$" /etc/resolv.conf || + ! tr --delete '\n' < /etc/resolv.conf | grep -E -q "${grep_regexp}"; then + + if tmp_file=$(mktemp); then + search_str='' + + while read line; do + case ${line} in + + # Skip nameserver entries when at least one DNS option was given + # (at this stage we know that we have to update all the nameserver + # enries anyway -- see below), or copy them if we are changing just + # the 'search' field in /etc/resolv.conf: + nameserver*) + if [[ "${grep_regexp}" != ".*" ]]; then + continue + else + echo "${line}" >> "${tmp_file}" + fi + ;; + + domain* | search*) + if [ -n "${DOMAIN}" ]; then + read search value < <(echo ${line}) + search_str+=" ${value}" + else + echo "${line}" >> "${tmp_file}" + fi + ;; + + # Keep the rest of the /etc/resolv.conf as it was: + *) + echo "${line}" >> "${tmp_file}" + ;; + esac + done < /etc/resolv.conf + + # Insert the domain into 'search' field: + if [ -n "${DOMAIN}" ]; then + echo "search ${DOMAIN}${search_str}" >> "${tmp_file}" + fi + + # Add the requested nameserver entries: + [ -n "${DNS1}" ] && echo "nameserver ${DNS1}" >> "${tmp_file}" + [ -n "${DNS2}" ] && echo "nameserver ${DNS2}" >> "${tmp_file}" + [ -n "${DNS3}" ] && echo "nameserver ${DNS3}" >> "${tmp_file}" + + # Backup resolv.conf only if it doesn't exist already: + ! [ -f /etc/resolv.conf.save ] && cp -af /etc/resolv.conf /etc/resolv.conf.save + + # Maintain permissions, but set umask in case it doesn't exist: + umask_old=$(umask) + umask 022 + + # Update the resolv.conf: + change_resolv_conf "${tmp_file}" + + rm -f "${tmp_file}" + umask ${umask_old} + unset tmp_file search_str umask_old + else + net_log $"/etc/resolv.conf was not updated: failed to create temporary file" 'err' 'ifup-post' + fi + fi + + unset grep_regexp +fi + +# don't set hostname on ppp/slip connections +if [ "$2" = "boot" -a \ + "${DEVICE}" != lo -a \ + "${DEVICETYPE}" != "ppp" -a \ + "${DEVICETYPE}" != "slip" ]; then + if need_hostname; then + IPADDR=$(LANG=C ip -o -4 addr ls dev ${DEVICE} | awk '{ print $4 ; exit }') + eval $(/bin/ipcalc --silent --hostname ${IPADDR} ; echo "status=$?") + if [ "$status" = "0" ]; then + set_hostname $HOSTNAME + fi + fi +fi + +# Set firewall ZONE for this device (empty means default): +if [ "${REALDEVICE}" != "lo" ]; then + dbus-send --system --dest=org.fedoraproject.FirewallD1 \ + /org/fedoraproject/FirewallD1 \ + org.fedoraproject.FirewallD1.zone.changeZoneOfInterface \ + string:"${ZONE}" string:"${DEVICE}" \ + > /dev/null 2>&1 +fi + +# Notify programs that have requested notification +do_netreport + +if [ -x /sbin/ifup-local ]; then + /sbin/ifup-local ${DEVICE} +fi + +exit 0 diff --git a/network-scripts/ifup-routes b/network-scripts/ifup-routes new file mode 100755 index 00000000..517c2bbb --- /dev/null +++ b/network-scripts/ifup-routes @@ -0,0 +1,76 @@ +#! /bin/bash +# +# adds static routes which go through device $1 + +if [ -z "$1" ]; then + echo $"usage: ifup-routes []" + exit 1 +fi + +MATCH='^[[:space:]]*(\#.*)?$' + +handle_file () { + . $1 + routenum=0 + while [ "x$(eval echo '$'ADDRESS$routenum)x" != "xx" ]; do + eval $(ipcalc -p $(eval echo '$'ADDRESS$routenum) $(eval echo '$'NETMASK$routenum)) + line="$(eval echo '$'ADDRESS$routenum)/$PREFIX" + if [ "x$(eval echo '$'GATEWAY$routenum)x" != "xx" ]; then + line="$line via $(eval echo '$'GATEWAY$routenum)" + fi + line="$line dev $2" + /sbin/ip route add $line + routenum=$(($routenum+1)) + done +} + +handle_ip_file() { + local f t type= file=$1 proto="-4" + f=${file##*/} + t=${f%%-*} + type=${t%%6} + if [ "$type" != "$t" ]; then + proto="-6" + fi + { cat "$file" ; echo ; } | while read line; do + if [[ ! "$line" =~ $MATCH ]]; then + /sbin/ip $proto $type add $line + fi + done +} + +FILES="/etc/sysconfig/network-scripts/route-$1 /etc/sysconfig/network-scripts/route6-$1" +if [ -n "$2" -a "$2" != "$1" ]; then + FILES="$FILES /etc/sysconfig/network-scripts/route-$2 /etc/sysconfig/network-scripts/route6-$2" +fi + +for file in $FILES; do + if [ -f "$file" ]; then + if grep -Eq '^[[:space:]]*ADDRESS[0-9]+=' $file ; then + # new format + handle_file $file ${1%:*} + else + # older format + handle_ip_file $file + fi + fi +done + + +# Red Hat network configuration format +NICK=${2:-$1} +CONFIG="/etc/sysconfig/network-scripts/$NICK.route" +[ -f $CONFIG ] && handle_file $CONFIG $1 + + +# Routing rules +FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1" +if [ -n "$2" -a "$2" != "$1" ]; then + FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2" +fi + +for file in $FILES; do + if [ -f "$file" ]; then + handle_ip_file $file + fi +done diff --git a/network-scripts/ifup-sit b/network-scripts/ifup-sit new file mode 100755 index 00000000..3daa3801 --- /dev/null +++ b/network-scripts/ifup-sit @@ -0,0 +1,108 @@ +#!/bin/bash +# +# ifup-sit +# +# +# Taken from: +# (P) & (C) 2000-2003 by Peter Bieringer +# +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html +# +# RHL integration assistance by Pekka Savola +# +# Version: 2003-09-08 +# +# Uses following information from /etc/sysconfig/network: +# IPV6_DEFAULTDEV=: controls default route (optional) +# IPV6_DEFAULTGW=
: controls default route (optional) +# +# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1: +# DEVICE= +# IPV6INIT=yes|no: controls IPv6 configuration for this interface +# IPV6_MTU=: controls IPv6 MTU for this link (optional) +# +# For static tunnels +# IPV6TUNNELIPV4=: IPv4 address of remote tunnel endpoint +# IPV6TUNNELIPV4LOCAL=: (optional) local IPv4 address of tunnel +# IPV6ADDR=[/]: (optional) local IPv6 address of a numbered tunnel +# IPV6ADDR_SECONDARIES="[/] ..." (optional) additional local IPv6 addresses +# + + +. /etc/sysconfig/network + +cd /etc/sysconfig/network-scripts +. ./network-functions + +CONFIG=$1 +[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG +source_config + +# IPv6 don't need aliases anymore, config is skipped +REALDEVICE=${DEVICE%%:*} +[ "$DEVICE" != "$REALDEVICE" ] && exit 0 + +# Test whether IPv6 configuration is disabled for this interface +is_false "$IPV6INIT" && exit 0 + +[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1 +. /etc/sysconfig/network-scripts/network-functions-ipv6 + + +# IPv6 test, module loaded, exit if system is not IPv6-ready +ipv6_test || exit 1 + +# Generic tunnel device sit0 is not supported here +if [ "$DEVICE" = "sit0" ]; then + net_log $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking" + exit 1 +fi + +if [ -z "$IPV6TUNNELIPV4" ]; then + net_log $"Missing remote IPv4 address of tunnel, configuration is not valid" + exit 1 +fi + +# Test device status +ipv6_test_device_status $DEVICE +if [ $? = 0 ]; then + # device is already up + net_log $"Device '$DEVICE' is already up, please shutdown first" + exit 1 +fi + +# Create tunnel +ipv6_add_tunnel_device $DEVICE $IPV6TUNNELIPV4 "" $IPV6TUNNELIPV4LOCAL || exit 1 + +# Set IPv6 MTU, if given +if [ -n "$IPV6_MTU" ]; then + ipv6_set_mtu $DEVICE $IPV6_MTU +fi + +# Apply local IPv6 address, if given (numbered tunnel) +if [ -n "$IPV6ADDR" ]; then + ipv6_add_addr_on_device $DEVICE $IPV6ADDR +fi + +# Setup additional IPv6 addresses from list, if given +if [ -n "$IPV6ADDR_SECONDARIES" ]; then + for ipv6addr in $IPV6ADDR_SECONDARIES; do + ipv6_add_addr_on_device $DEVICE $ipv6addr + done +fi + +# Setup default IPv6 route, check are done by function +if [ -n "$IPV6_DEFAULTDEV" -o -n "$IPV6_DEFAULTGW" ]; then + ipv6_set_default_route "$IPV6_DEFAULTGW" "$IPV6_DEFAULTDEV" "$DEVICE" +fi + +# Setup additional static IPv6 routes on specified interface, if given +if [ -f /etc/sysconfig/static-routes-ipv6 ]; then + LC_ALL=C grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device ipv6route args; do + ipv6_add_route $ipv6route :: $DEVICE +done +fi + +# Setup static routes +/etc/sysconfig/network-scripts/ifup-routes ${REALDEVICE} diff --git a/network-scripts/ifup-tunnel b/network-scripts/ifup-tunnel new file mode 100755 index 00000000..afdfe928 --- /dev/null +++ b/network-scripts/ifup-tunnel @@ -0,0 +1,94 @@ +#!/bin/bash +# Copyright (C) 1996-2009 Red Hat, Inc. all rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License, version 2, +# as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + +# Thanks to: +# - Razvan Corneliu C.R. Vilt +# - Aaron Hope +# - Sean Millichamp +# for providing the scripts this one is based on + +. /etc/init.d/functions + +cd /etc/sysconfig/network-scripts +. ./network-functions + +CONFIG=$1 +need_config "$CONFIG" +source_config + +if [ "$PEER_OUTER_IPADDR" = "$PEER_INNER_IPADDR" ]; then + # Specifying PEER_INNER_IPADDR would automatically add a route to the peer + # through the tunnel, redirecting tunnel packets back to the tunnel and + # creating a dead loop. + unset PEER_INNER_IPADDR +fi + +case "$TYPE" in +GRE) + MODE=gre + proto=-4 + /sbin/modprobe ip_gre + ;; +IPIP) + MODE=ipip + proto=-4 + /sbin/modprobe ipip + ;; +IPIP6|EXTERNAL) + MODE=ipip6 + proto=-6 + /sbin/modprobe ip6_tunnel + ;; +*) + net_log $"Invalid tunnel type $TYPE" + exit 1 + ;; +esac + +# Generic tunnel devices are not supported here +if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 -o "$DEVICE" = ip6tnl0 ]; then + net_log $"Device '$DEVICE' isn't supported as a valid GRE device name." + exit 1 +fi + +# Create the tunnel +# The outer addresses are those of the underlying (public) network. +if [ "$TYPE" = 'EXTERNAL' ]; then + /sbin/ip link add "$DEVICE" type ip6tnl external +else + /sbin/ip $proto tunnel add "$DEVICE" mode "$MODE" \ + ${MY_OUTER_IPADDR:+local "$MY_OUTER_IPADDR"} \ + ${PEER_OUTER_IPADDR:+remote "$PEER_OUTER_IPADDR"} \ + ${KEY:+key "$KEY"} ${TTL:+ttl "$TTL"} +fi + +if [ -n "$MTU" ]; then + /sbin/ip link set "$DEVICE" mtu "$MTU" +fi + +# The inner address are used mainly for communication between a gateway +# and a private network. When the peer is configured with an inner address +# contained in the peer's private network or identical to it's public address, +# it need not be specified. +/sbin/ip addr add "$MY_INNER_IPADDR" dev "$DEVICE" \ + ${PEER_INNER_IPADDR:+peer "$PEER_INNER_IPADDR"} + +/sbin/ip link set dev "$DEVICE" up + +# IPv6 initialisation? +/etc/sysconfig/network-scripts/ifup-ipv6 ${CONFIG} + +exec /etc/sysconfig/network-scripts/ifup-post "$CONFIG" "$2" diff --git a/network-scripts/ifup-wireless b/network-scripts/ifup-wireless new file mode 100755 index 00000000..702b6199 --- /dev/null +++ b/network-scripts/ifup-wireless @@ -0,0 +1,62 @@ +#!/bin/bash +# Network Interface Configuration System +# Copyright (c) 1996-2009 Red Hat, Inc. all rights reserved. +# +# Based on PCMCIA wireless script by (David Hinds/Jean Tourrilhes) +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License, version 2, +# as published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# Configure wireless network device options. See iw(8) for more info. +# Valid variables: +# MODE: Ad-Hoc, Managed, etc. +# ESSID: Name of the wireless network +# FREQ: Frequency to operate on. See CHANNEL +# KEY: Encryption key for WEP. + +# Only meant to be called from ifup. + +cd /etc/sysconfig/network-scripts +. ./network-functions + +IW=${IW:-iw} + +[ "$KEY" ] && KEYS="key d:0:$KEY" + +shopt -s nocasematch + +case "$MODE" in +managed) + if [ "$ESSID" ]; then + $IW dev "$DEVICE" set type managed + $IW dev "$DEVICE" connect -w "$ESSID" $FREQ $KEYS + fi + ;; +ad-hoc) + if [ -n "$ESSID" -a -n "$FREQ" ]; then + $IW dev "$DEVICE" set type ibss + $IW dev "$DEVICE" ibss join "$ESSID" "$FREQ" $KEYS + fi + ;; +monitor) + if [ "$FREQ" ]; then + $IW dev "$DEVICE" set type monitor + $IW dev "$DEVICE" set freq "$FREQ" + fi + ;; +esac + +if [ -n "$WOWLAN" ] ; then + PHYDEVICE=$(phy_wireless_device $DEVICE) + iw phy $PHYDEVICE wowlan enable ${WOWLAN} +fi diff --git a/network-scripts/init.ipv6-global b/network-scripts/init.ipv6-global new file mode 100755 index 00000000..b20ff72e --- /dev/null +++ b/network-scripts/init.ipv6-global @@ -0,0 +1,164 @@ +#!/bin/bash +# +# init.ipv6-global +# +# +# Taken from: init.ipv6-global +# (P) & (C) 2001-2005 by Peter Bieringer +# +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html +# +# RHL integration assistance by Pekka Savola +# +# Version: 2005-01-04 +# +# Calling parameters: +# $1: action (currently supported: start|stop|showsysctl) +# $2: position for start|stop (currently supported: pre|post) +# +# Called by hooks from /etc/[rc.d/]init.d/network +# +# Uses following information from /etc/sysconfig/network: +# IPV6FORWARDING=yes|no: controls global IPv6 forwarding (default: no) +# IPV6_AUTOCONF=yes|no: controls global automatic IPv6 configuration +# (default: yes if IPV6FORWARDING=no, no if IPV6FORWARDING=yes) +# IPV6_AUTOTUNNEL=yes|no: controls automatic IPv6 tunneling (default: no) +# IPV6_DEFAULTGW= [optional] +# IPV6_DEFAULTDEV= [optional] +# + +. /etc/sysconfig/network + +cd /etc/sysconfig/network-scripts +. ./network-functions + +# Get action and hook position +ACTION="$1" +POSITION="$2" + +[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1 +. /etc/sysconfig/network-scripts/network-functions-ipv6 + +# Initialize IPv6, depending on caller option +case $ACTION in +start) + case $POSITION in + pre) + # IPv6 test, module loaded, exit if system is not IPv6-ready + ipv6_test || exit 1 + + if [ "$IPV6FORWARDING" = "yes" ]; then + ipv6_global_forwarding=1 + ipv6_global_auto=0 + else + ipv6_global_forwarding=0 + if [ "$IPV6_AUTOCONF" = "no" ]; then + ipv6_global_auto=0 + else + ipv6_global_auto=1 + fi + fi + + if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + # Reset IPv6 sysctl switches for "all", "default" and still existing devices + for i in /proc/sys/net/ipv6/conf/* ; do + interface=${i##*/} + sinterface=${interface/.//} + # Host/Router behaviour for the interface + /sbin/sysctl -e -w net.ipv6.conf.$sinterface.forwarding=$ipv6_global_forwarding >/dev/null 2>&1 + + # Autoconfiguration and redirect handling for Hosts + /sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_ra=$ipv6_global_auto >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_redirects=$ipv6_global_auto >/dev/null 2>&1 + done + fi + ;; + + post) + # IPv6 test, module loaded, exit if system is not IPv6-ready + ipv6_test || exit 1 + + if [ "$IPV6_AUTOTUNNEL" = "yes" ]; then + ipv6_enable_autotunnel + # autotunnel interface doesn't require a MTU setup + fi + + ## Add some routes which should never appear on the wire + # Unreachable IPv4-only addresses, normally blocked by source address selection + /sbin/ip route add unreach ::ffff:0.0.0.0/96 + # Unreachable IPv4-mapped addresses + /sbin/ip route add unreach ::0.0.0.0/96 + # Unreachable 6to4: IPv4 multicast, reserved, limited broadcast + /sbin/ip route add unreach 2002:e000::/19 + # Unreachable 6to4: IPv4 loopback + /sbin/ip route add unreach 2002:7f00::/24 + # Unreachable 6to4: IPv4 private (RFC 1918) + /sbin/ip route add unreach 2002:0a00::/24 + /sbin/ip route add unreach 2002:ac10::/28 + /sbin/ip route add unreach 2002:c0a8::/32 + # Unreachable 6to4: IPv4 private (APIPA / DHCP link-local) + /sbin/ip route add unreach 2002:a9fe::/32 + # Unreachable IPv6: 6bone test addresses + /sbin/ip route add unreach 3ffe:ffff::/32 + + # Set default route for autotunnel, if specified + if [ "$IPV6_DEFAULTDEV" = "sit0" -a "$IPV6_AUTOTUNNEL" = "yes" ]; then + if [ -n "$IPV6_DEFAULTGW" ]; then + ipv6_set_default_route $IPV6_DEFAULTGW $IPV6_DEFAULTDEV sit0 + elif [ -n "$IPV6_DEFAULTDEV" ]; then + ipv6_set_default_route "" $IPV6_DEFAULTDEV sit0 + fi + fi + ;; + + *) + echo "Usage: $0 $1 {pre|post}" + ;; + + esac + ;; + +stop) + case $POSITION in + pre) + ;; + + post) + # IPv6 test, no module loaded, exit if system is not IPv6-ready + ipv6_test testonly || exit 0 + + if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + for i in /proc/sys/net/ipv6/conf/* ; do + interface=${i##*/} + sinterface=${interface/.//} + # Assume Host behaviour + /sbin/sysctl -e -w net.ipv6.conf.$sinterface.forwarding=0 >/dev/null 2>&1 + + # Disable autoconfiguration and redirects + /sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_ra=0 >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_redirects=0 >/dev/null 2>&1 + done + fi + + # Cleanup still existing tunnel devices + ipv6_cleanup_tunnel_devices + + # Shut down generic tunnel interface now + if ipv6_test_device_status sit0 ; then + /sbin/ip link set sit0 down + fi + ;; + + *) + echo "Usage: $0 $1 {pre|post}" + ;; + + esac + ;; + +*) + echo $"Usage: $0 {start|stop|reload|restart|showsysctl}" + exit 1 + ;; +esac diff --git a/network-scripts/network-functions b/network-scripts/network-functions new file mode 100644 index 00000000..c2756b19 --- /dev/null +++ b/network-scripts/network-functions @@ -0,0 +1,744 @@ +# -*-Shell-script-*- +# +# This file is not a stand-alone shell script; it provides functions +# to network scripts that source it. + +# Set up a default search path. +PATH="/sbin:/usr/sbin:/bin:/usr/bin" +export PATH + +# We need to initialize the $HOSTNAME variable by ourselves now: +# (It was previously done for RHEL-6 branch, but got lost in time.) +HOSTNAME="$(hostname)" + +[ -z "$__sed_discard_ignored_files" ] && . /etc/init.d/functions + +get_hwaddr () +{ + if [ -f /sys/class/net/${1}/address ]; then + tr '[a-z]' '[A-Z]' < /sys/class/net/${1}/address + elif [ -d "/sys/class/net/${1}" ]; then + LC_ALL= LANG= ip -o link show ${1} 2>/dev/null | \ + awk '{ print toupper(gensub(/.*link\/[^ ]* ([[:alnum:]:]*).*/, + "\\1", 1)); }' + fi +} + +get_config_by_device () +{ + LANG=C grep -l "^[[:space:]]*DEVICE=['\"]\?${1}['\"]\?\([[:space:]#]\|$\)" \ + /etc/sysconfig/network-scripts/ifcfg-* \ + | LC_ALL=C sed -e "$__sed_discard_ignored_files" +} + +get_config_by_hwaddr () +{ + LANG=C grep -il "^[[:space:]]*HWADDR=['\"]\?${1}['\"]\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-* \ + | LC_ALL=C sed -e "$__sed_discard_ignored_files" +} + +get_config_by_subchannel () +{ + LANG=C grep -E -i -l \ + "^[[:space:]]*SUBCHANNELS=['\"]?([0-9]\.[0-9]\.[a-f0-9]+,){0,2}${1}(,[0-9]\.[0-9]\.[a-f0-9]+){0,2}['\"]?([[:space:]]+#|[[:space:]]*$)" \ + /etc/sysconfig/network-scripts/ifcfg-* \ + | LC_ALL=C sed -e "$__sed_discard_ignored_files" +} + +get_config_by_name () +{ + LANG=C grep -E -i -l "^[[:space:]]*NAME=\"(Auto |System )?${1}\"" \ + /etc/sysconfig/network-scripts/ifcfg-* \ + | LC_ALL=C sed -e "$__sed_discard_ignored_files" +} + +get_device_by_hwaddr () +{ + LANG=C ip -o link | awk -F ': ' -vIGNORECASE=1 '!/link\/ieee802\.11/ && /'"$1"'/ { print $2 }' +} + +get_uuid_by_config () +{ + dbus-send --system --print-reply --dest=com.redhat.ifcfgrh1 /com/redhat/ifcfgrh1 com.redhat.ifcfgrh1.GetIfcfgDetails string:"/etc/sysconfig/network-scripts/$1" 2>/dev/null | awk -F '"' '/string / { print $2 }' +} + +generate_lease_file_name () +{ + local ver=$1 + LEASEFILE="/var/lib/dhclient/dhclient$ver-${DEVICE}.leases" + if [ -f $LEASEFILE ]; then + return + fi + LEASEFILE="/var/lib/dhclient/dhclient$ver-${UUID}-${DEVICE}.lease" +} + +generate_config_file_name () +{ + local ver=$1 + if [ -s /etc/dhcp/dhclient$ver-${DEVICE}.conf ]; then + DHCLIENTCONF="-cf /etc/dhcp/dhclient$ver-${DEVICE}.conf"; + elif [ -s /etc/dhclient$ver-${DEVICE}.conf ]; then + DHCLIENTCONF="-cf /etc/dhclient$ver-${DEVICE}.conf"; + else + DHCLIENTCONF=''; + fi +} + +need_config () +{ + local nconfig + + CONFIG="ifcfg-${1}" + [ -f "${CONFIG}" ] && return + CONFIG="${1##*/}" + [ -f "${CONFIG}" ] && return + nconfig=$(get_config_by_name "${1}") + if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then + CONFIG=${nconfig##*/} + return + fi + local addr=$(get_hwaddr ${1}) + if [ -n "$addr" ]; then + nconfig=$(get_config_by_hwaddr ${addr}) + if [ -n "$nconfig" ] ; then + CONFIG=${nconfig##*/} + [ -f "${CONFIG}" ] && return + fi + fi + nconfig=$(get_config_by_device ${1}) + if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then + CONFIG=${nconfig##*/} + return + fi +} + +source_config () +{ + CONFIG=${CONFIG##*/} + DEVNAME=${CONFIG##ifcfg-} + . /etc/sysconfig/network-scripts/$CONFIG + [ -r "keys-$DEVNAME" ] && . /etc/sysconfig/network-scripts/keys-$DEVNAME + case "$TYPE" in + Ethernet) + DEVICETYPE="eth" + ;; + CIPE) + DEVICETYPE="cipcb" + ;; + IPSEC) + DEVICETYPE="ipsec" + ;; + Modem) + DEVICETYPE="ppp" + ;; + xDSL) + DEVICETYPE="ppp" + ;; + ISDN) + DEVICETYPE="ippp" + ;; + Wireless) + DEVICETYPE="eth" + ;; + "Token Ring") + DEVICETYPE="eth" + ;; + CTC) + DEVICETYPE="ctc" + ;; + GRE | IPIP | IPIP6) + DEVICETYPE="tunnel" + ;; + SIT | sit) + DEVICETYPE="sit" + ;; + InfiniBand | infiniband) + DEVICETYPE="ib" + ;; + OVS*) + DEVICETYPE="ovs" + ;; + esac + if [ -n "$HWADDR" ]; then + HWADDR=$(tr '[a-z]' '[A-Z]' <<<"$HWADDR") + fi + if [ -n "$MACADDR" ]; then + MACADDR=$(tr '[a-z]' '[A-Z]' <<<"$MACADDR") + fi + [ -z "$DEVICE" -a -n "$HWADDR" ] && DEVICE=$(get_device_by_hwaddr $HWADDR) + [ -z "$DEVICETYPE" ] && DEVICETYPE=$(echo ${DEVICE} | sed "s/[0-9]*$//") + [ -z "$REALDEVICE" -a -n "$PARENTDEVICE" ] && REALDEVICE=$PARENTDEVICE + [ -z "$REALDEVICE" ] && REALDEVICE=${DEVICE%%:*} + [ -z "$SYSCTLDEVICE" ] && SYSCTLDEVICE=${REALDEVICE/.//} + if [ "${DEVICE}" != "${REALDEVICE}" ]; then + ISALIAS=yes + else + ISALIAS=no + fi + if is_nm_running && [ "$REALDEVICE" != "lo" ] ; then + nm_con_load "$CONFIG" + if ! is_false $NM_CONTROLLED; then + UUID=$(get_uuid_by_config $CONFIG) + [ -n "$UUID" ] && _use_nm=true + fi + fi +} + +nm_con_load () { + dbus-send --system --print-reply \ + --dest=org.freedesktop.NetworkManager \ + /org/freedesktop/NetworkManager/Settings \ + org.freedesktop.NetworkManager.Settings.LoadConnections \ + array:string:"/etc/sysconfig/network-scripts/${1}" >/dev/null 2>&1 +} + +ethtool_set() +{ + oldifs=$IFS; + IFS=';'; + if [ -n "${ETHTOOL_DELAY}" ]; then + # Convert microseconds to seconds: + local ETHTOOL_DELAY_SEC=$(convert2sec ${ETHTOOL_DELAY} micro) + sleep ${ETHTOOL_DELAY_SEC} + fi + for opts in $ETHTOOL_OPTS ; do + IFS=$oldifs; + if [[ "${opts}" =~ [[:space:]]*- ]]; then + /sbin/ethtool $opts + else + /sbin/ethtool -s ${REALDEVICE} $opts + fi + IFS=';'; + done + IFS=$oldifs; +} + +expand_config () +{ + local i=0 val + for idx in '' {0..255} ; do + ipaddr[$i]=$(eval echo '$'IPADDR$idx) + if [ -z "${ipaddr[$i]}" ]; then + [ "$idx" ] && [ $idx -ge 2 ] && break + continue + fi + prefix[$i]=$(eval echo '$'PREFIX$idx) + netmask[$i]=$(eval echo '$'NETMASK$idx) + broadcast[$i]=$(eval echo '$'BROADCAST$idx) + arpcheck[$i]=$(eval echo '$'ARPCHECK$idx) + arpupdate[$i]=$(eval echo '$'ARPUPDATE$idx) + + if [ "${prefix[$i]}x" != "x" ]; then + val=$(/bin/ipcalc --netmask "${ipaddr[$i]}/${prefix[$i]}") + netmask[$i]=${val##NETMASK=} + fi + + if [ "${netmask[$i]}x" = "x" ]; then + val=$(/bin/ipcalc --netmask "${ipaddr[$i]}") + netmask[$i]=${val##NETMASK=} + fi + + if [ "${prefix[$i]}x" = "x" ]; then + val=$(/bin/ipcalc --prefix ${ipaddr[$i]} ${netmask[$i]}) + prefix[$i]=${val##PREFIX=} + fi + + if [ "${broadcast[$i]}x" = "x" ]; then + val=$(/bin/ipcalc --broadcast ${ipaddr[$i]} ${netmask[$i]}) + broadcast[$i]=${val##BROADCAST=} + fi + + if [ "${arpcheck[$i]}x" != "x" ]; then + arpcheck[$i]=${arpcheck[$i]##ARPCHECK=} + arpcheck[$i]=${arpcheck[$i],,*} + fi + + if [ "${arpupdate[$i]}x" != "x" ]; then + arpupdate[$i]=${arpupdate[$i]##ARPUPDATE=} + arpupdate[$i]=${arpupdate[$i],,*} + fi + + i=$((i+1)) + done + + [ -n "$DHCP_HOSTNAME" ] && DHCP_HOSTNAME=${DHCP_HOSTNAME%%.*} + + if [ -z "${NETWORK}" ]; then + eval $(/bin/ipcalc --network ${ipaddr[0]} ${netmask[0]}) + fi +} + +toggle_value () +{ + if [ "$2" = "yes" -o "$2" = "YES" ] ; then + echo "$1 on" + elif [ "$2" = "no" -o "$2" = "NO" ] ; then + echo "$1 off" + else + echo '' + fi +} + +do_netreport () +{ + # Notify programs that have requested notification + ( + cd /run/netreport || exit + for i in * ; do + if [ -f $i ]; then + if [ "$(id -u)" = "0" ]; then + OWNER=$(stat -c %U $i) + su -s /bin/bash $OWNER -c "kill -SIGIO $i >/dev/null 2>&1 || rm -f $i >/dev/null 2>&1" > /dev/null 2>&1 + else + kill -SIGIO $i >/dev/null 2>&1 || rm -f $i >/dev/null 2>&1 + fi + fi + done + ) +} + +is_nm_running () +{ + dbus-send --system --print-reply \ + --dest=org.freedesktop.DBus \ + /org/freedesktop/DBus \ + org.freedesktop.DBus.GetNameOwner \ + string:"org.freedesktop.NetworkManager" >/dev/null 2>&1 +} + +is_nm_active () +{ + LANG=C nmcli -t --fields device,state dev status 2>/dev/null | grep -q "^${1}:connected$" +} + +is_nm_handling () +{ + LANG=C nmcli -t --fields device,state dev status 2>/dev/null | grep -q "^\(${1}:connected\)\|\(${1}:connecting.*\)$" +} + +is_nm_device_unmanaged () +{ + LANG=C nmcli -t --fields GENERAL dev show "${1}" 2>/dev/null | awk -F ':' '/GENERAL.STATE/ { if ($2 == "unmanaged") exit 0 ; else exit 1; }' +} + +# Sets $alias to the device module if $? != 0 +is_available () +{ + [ -z "$1" ] && return 1 + + [ -d "/sys/class/net/$1" ] && return 0 + + [ -n "$BONDING_OPTS" ] && install_bonding_driver $1 + + alias=$(modprobe -c | awk \ + 'BEGIN { alias = ""; } + $1 == "alias" && $2 == "'"$1"'" { alias = $3; } + $1 == "install" { install[$2] = $3; } + END { + cmd = install[alias]; + print alias; + if (alias == "" || alias == "off" || cmd == "/bin/true" || cmd == ":") + exit 1; + exit 0; + } + ') + [ $? -eq 0 ] || return 2 + + modprobe $1 > /dev/null 2>&1 || { + return 1 + } + if [ -n "$HWADDR" ]; then + local curdev=$(get_device_by_hwaddr "$HWADDR") + if [ -z "$curdev" ]; then + return 1 + fi + fi + + if [ ${alias} = "bonding" ]; then + install_bonding_driver $1 + fi + + [ -d "/sys/class/net/$1" ] && return 0 || return 1 +} + +is_available_wait () +{ + [ -z "$1" ] && return 1 + + local retry=${2##*[!0-9]*} + + is_available $1 && return 0 + ret=$? + + while [ 0"$retry" -gt 0 ]; do + sleep 1 + [ -d "/sys/class/net/$1" ] && return 0 + retry=$(($retry -1)) + done + + return $ret +} + +is_hostname_set () +{ + case "${HOSTNAME}" in + '(none)' | 'localhost' | 'localhost.localdomain') + # Hostname NOT set: + return 1 + ;; + *) + # Hostname IS set: + return 0 + ;; + esac +} + +need_hostname () +{ + # Should we avoid obtaining hostname from DHCP? (user override) + is_true "${NO_DHCP_HOSTNAME}" && return 1 + + if is_hostname_set; then + # Hostname is already set, we do not need to acquire it: + return 1 + else + # Hostname is NOT set, we need to acquire it: + return 0 + fi +} + +set_hostname_options () +{ + # User explicitly requires to *not* send DHCP_HOSTNAME, DHCP_FQDN or HOSTNAME: + is_false "${DHCP_SEND_HOSTNAME}" && return + + if [[ -n "${DHCP_HOSTNAME}" && -n "${DHCP_FQDN}" ]]; then + net_log $"Both 'DHCP_HOSTNAME=${DHCP_HOSTNAME}' and 'DHCP_FQDN=${DHCP_FQDN}' are configured... Using DHCP_FQDN." warning + fi + + local hostname_options='' + + # DHCP_FQDN takes precedence before DHCP_HOSTNAME -- as it does in NetworkManager, + # and DHCP_HOSTNAME takes precedence before HOSTNAME: + if [[ -n "${DHCP_FQDN}" ]]; then + hostname_options="-F ${DHCP_FQDN}" + elif [[ -n "${DHCP_HOSTNAME}" ]]; then + hostname_options="-H ${DHCP_HOSTNAME}" + elif is_hostname_set; then + # We need to truncate the hostname in case it is the FQDN: + hostname_options="-H ${HOSTNAME%%.*}" + else + # Nothing to send to the DHCP server: + # ['(none)', 'localhost' or 'localhost.localdomain' are not valid] + return + fi + + # Append the hostname options to the content of passed variable name: + eval "$1='${!1} ${hostname_options}'" + + return +} + +set_hostname () +{ + hostname $1 + if ! grep search /etc/resolv.conf >/dev/null 2>&1; then + domain=$(echo $1 | sed 's/^[^\.]*\.//') + if [ -n "$domain" ]; then + rsctmp=$(mktemp /tmp/XXXXXX); + cat /etc/resolv.conf > $rsctmp + echo "search $domain" >> $rsctmp + + # Backup resolv.conf only if it doesn't exist already: + ! [ -f /etc/resolv.conf.save ] && cp -af /etc/resolv.conf /etc/resolv.conf.save + + change_resolv_conf $rsctmp + /bin/rm -f $rsctmp + fi + fi +} + +check_device_down () +{ + [ ! -d /sys/class/net/$1 ] && return 0 + if LC_ALL=C ip -o link show dev $1 2>/dev/null | grep -q ",UP" ; then + return 1 + else + return 0 + fi +} + +check_link_down () +{ + if ! LC_ALL=C ip link show dev $1 2>/dev/null| grep -q ",UP" ; then + ip link set dev $1 up >/dev/null 2>&1 + fi + timeout=0 + delay=10 + [ -n "$LINKDELAY" ] && delay=$(($LINKDELAY * 2)) + while [ $timeout -le $delay ]; do + [ "$(cat /sys/class/net/$REALDEVICE/carrier 2>/dev/null)" != "0" ] && return 1 + sleep 0.5 + timeout=$((timeout+1)) + done + return 0 +} + +check_default_route () +{ + LC_ALL=C ip route list match 0.0.0.0/0 | grep -q default +} + +find_gateway_dev () +{ + . /etc/sysconfig/network + if [ -n "${GATEWAY}" -a "${GATEWAY}" != "none" ] ; then + dev=$(LC_ALL=C /sbin/ip route get to "${GATEWAY}" 2>/dev/null | \ + sed -n 's/.* dev \([[:alnum:]]*\) .*/\1/p') + if [ -n "$dev" ]; then + GATEWAYDEV="$dev" + fi + fi +} + +# After the device $1 goes away, restore the standard default route; typically +# used for ppp with DEFROUTE temporarily replacing the "standard" default +# route. +# FIXME: This function doesn't support some newer features (GATEWAY in ifcfg, +# $WINDOW, $METRIC) +add_default_route () +{ + . /etc/sysconfig/network + check_default_route && return 0 + find_gateway_dev + if [ "$GATEWAYDEV" != "" -a -n "${GATEWAY}" -a \ + "${GATEWAY}" != "none" ]; then + if ! check_device_down $1; then + if [ "$GATEWAY" = "0.0.0.0" ]; then + /sbin/ip route add default dev ${GATEWAYDEV} + else + /sbin/ip route add default via ${GATEWAY} + fi + fi + elif [ -f /etc/default-routes ]; then + while read spec; do + /sbin/ip route add $spec + done < /etc/default-routes + rm -f /etc/default-routes + fi +} + +is_wireless_device () +{ + [ -x /usr/sbin/iw ] || return 1 + LC_ALL=C /usr/sbin/iw dev $1 info > /dev/null 2>&1 && return 0 + return 1 +} + +phy_wireless_device () +{ + cat /sys/class/net/$1/phy80211/name +} + +bond_master_exists () +{ + local bond_name + [ -z "${1}" ] && return 1 + [ ! -f /sys/class/net/bonding_masters ] && return 1 + + for bond_name in $(< /sys/class/net/bonding_masters); do + [ "${bond_name}" == "${1}" ] && return 0 + done + return 1 +} + +install_bonding_driver () +{ + local fn="install_bonding_driver" + + if ! bond_master_exists ${1}; then + modprobe bonding || return 1 + echo "+$1" > /sys/class/net/bonding_masters 2>/dev/null + fi + ( + # Set config here + need_config "$1" + source_config + if [ -f /sys/class/net/${DEVICE}/bonding/slaves ] && [ $(wc -l < /sys/class/net/${DEVICE}/bonding/slaves) -eq 0 ]; then + /sbin/ip link set dev ${DEVICE} down + + # parse options and put them to arrays + for arg in $BONDING_OPTS ; do + bopts_keys[${#bopts_keys[*]}]=${arg%%=*} + bopts_vals[${#bopts_vals[*]}]=${arg##*=} + done + + # add the bits to setup driver parameters here + # first set mode, miimon + for (( idx=0; idx < ${#bopts_keys[*]}; idx++ )) ; do + key=${bopts_keys[$idx]} + value=${bopts_vals[$idx]} + + if [ "${key}" = "mode" ] ; then + echo "${value}" > /sys/class/net/${DEVICE}/bonding/$key || { + net_log $"Failed to set value '$value' [mode] to ${DEVICE} bonding device" err $fn + } + bopts_keys[$idx]="" + fi + if [ "${key}" = "miimon" ] ; then + echo "${value}" > /sys/class/net/${DEVICE}/bonding/$key || { + net_log $"Failed to set value '$value' [miimon] to ${DEVICE} bonding device" err $fn + } + bopts_keys[$idx]="" + fi + done + + # set all other remaining options + for (( idx=0; idx < ${#bopts_keys[*]}; idx++ )) ; do + key=${bopts_keys[$idx]} + value=${bopts_vals[$idx]} + + # option already set; take next + [[ -z "$key" ]] && continue + + if [ "${key}" = "arp_ip_target" -a "${value:0:1}" != "+" ]; then + OLDIFS=$IFS; + IFS=','; + for arp_ip in $value; do + if ! grep -q $arp_ip /sys/class/net/${DEVICE}/bonding/$key; then + echo +$arp_ip > /sys/class/net/${DEVICE}/bonding/$key || { + net_log $"Failed to set '$arp_ip' value [arp_ip_target] to ${DEVICE} bonding device" err $fn + } + fi + done + IFS=$OLDIFS; + elif [ "${key}" = "arp_ip_target" ]; then + if ! grep -q ${value#+} /sys/class/net/${DEVICE}/bonding/$key; then + echo "$value" > /sys/class/net/${DEVICE}/bonding/$key || { + net_log $"Failed to set '$value' value [arp_ip_target] to ${DEVICE} bonding device" err $fn + } + fi + elif [ "${key}" != "primary" ]; then + echo $value > /sys/class/net/${DEVICE}/bonding/$key || { + net_log $"Failed to set '$value' value [$key] to ${DEVICE} bonding device" err $fn + } + fi + done + fi + ) + return 0 +} + +is_bonding_device () +{ + [ -f "/sys/class/net/$1/bonding/slaves" ] +} + +# Invoke this when /etc/resolv.conf has changed: +change_resolv_conf () +{ + s=$(/bin/grep '^[\ \ ]*option' /etc/resolv.conf 2>/dev/null) + if [ $# -gt 1 ]; then + if [ "x$s" != "x" ]; then + s="$s"$'\n' + fi + n_args=$# + while [ $n_args -gt 0 ]; do + case "$s" in + *$1*) + shift + n_args=$(($n_args-1)) + continue + ;; + esac + s="$s$1" + shift + if [ $# -gt 0 ]; then + s="$s"$'\n' + fi + n_args=$(($n_args-1)) + done + elif [ $# -eq 1 ]; then + if [ "x$s" != "x" ]; then + s="$s"$'\n'$(/bin/grep -vF "$s" $1) + else + s=$(cat $1) + fi + fi + (echo "$s" > /etc/resolv.conf) >/dev/null 2>&1; + r=$? + if [ $r -eq 0 ]; then + [ -x /sbin/restorecon ] && /sbin/restorecon /etc/resolv.conf >/dev/null 2>&1 # reset the correct context + /usr/bin/logger -p local7.notice -t "NET" -i "$0 : updated /etc/resolv.conf" + [ -e /run/nscd/socket ] && /usr/sbin/nscd -i hosts # invalidate cache + fi + return $r +} + +# Logging function +# +# Usage: net_log +# +# Default level is 'err'. + +net_log() +{ + local message="$1" + local level="$2" + local name="$3" + + [ -z "$message" ] && return 1 + [ -z "$level" ] && level=err + [ -z "$name" ] && name=$0 + + case $level in + 'debug') + local txt_level=$"DEBUG " + ;; + 'err') + local txt_level=$"ERROR " + ;; + 'warning') + local txt_level=$"WARN " + ;; + 'info') + local txt_level=$"INFO " + ;; + esac + + echo "$txt_level: [$name] $message" + + if [ -x /usr/bin/logger ]; then + /usr/bin/logger -p daemon.$level -t "$name" "$message" + fi + return 0 +} + +update_DNS_entries() +{ + # Remove duplicate values from DNS options if any: + if [ -n "${DNS3}" ] && [[ "${DNS3}" == "${DNS2}" || "${DNS3}" == "${DNS1}" ]]; then + unset DNS3 + fi + + if [ -n "${DNS2}" ] && [[ "${DNS2}" == "${DNS1}" ]]; then + unset DNS2 + fi + + # Shift the DNS options if necessary: + if [ -z "${DNS1}" ] && [ -n "${DNS2}" ]; then + DNS1="${DNS2}" + unset DNS2 + fi + + if [ -z "${DNS2}" ] && [ -n "${DNS3}" ]; then + DNS2="${DNS3}" + unset DNS3 + fi + + # We need to check DNS1 again in case only DNS3 was set at all: + if [ -z "${DNS1}" ] && [ -n "${DNS2}" ]; then + DNS1="${DNS2}" + unset DNS2 + fi +} diff --git a/network-scripts/network-functions-ipv6 b/network-scripts/network-functions-ipv6 new file mode 100644 index 00000000..b5b3e939 --- /dev/null +++ b/network-scripts/network-functions-ipv6 @@ -0,0 +1,1084 @@ +# network-functions-ipv6 +# +# Taken from: network-functions-ipv6 +# (P) & (C) 1997-2005 by Peter Bieringer +# +# You will find more information on the initscripts-ipv6 homepage at +# http://www.deepspace6.net/projects/initscripts-ipv6.html +# +# Version: 2006-08-03 +# +# + + +##### Test for IPv6 capabilities +# $1: (optional) testflag: currently supported: "testonly" (do not load a module) +# return code: 0=ok 2=IPv6 test fails +ipv6_test() { + local fn="ipv6_test" + + local testflag=$1 + + if ! [ -f /proc/net/if_inet6 ]; then + if [ "$testflag" = "testonly" ]; then + return 2 + else + modprobe ipv6 + + if ! [ -f /proc/net/if_inet6 ]; then + return 2 + fi + fi + fi + + if ! [ -d /proc/sys/net/ipv6/conf/ ]; then + return 2 + fi + + return 0 +} + +##### Static IPv6 route configuration + +# Set static IPv6 route +# $1: : to route +# $2: : over which $1 should be routed (if "::", gw will be skipped) +# $3: [] : (optional) +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem adding route +ipv6_add_route() { + local fn="ipv6_add_route" + + local networkipv6=$1 + local gatewayipv6=$2 + local device=$3 # maybe empty + + if [ -z "$networkipv6" ]; then + net_log $"Missing parameter 'IPv6-network' (arg 1)" err $fn + return 1 + fi + + if [ -z "$gatewayipv6" ]; then + net_log $"Missing parameter 'IPv6-gateway' (arg 2)" err $fn + return 1 + fi + + ipv6_test || return 2 + + ipv6_test_ipv6_addr_valid $networkipv6 || return 2 + ipv6_test_ipv6_addr_valid $gatewayipv6 || return 2 + + if [ -z "$device" ]; then + local returntxt="$(/sbin/ip -6 route add $networkipv6 via $gatewayipv6 metric 1 2>&1)" + else + if [ "$gatewayipv6" = "::" ]; then + local returntxt="$(/sbin/ip -6 route add $networkipv6 dev $device metric 1 2>&1)" + else + local returntxt="$(/sbin/ip -6 route add $networkipv6 via $gatewayipv6 dev $device metric 1 2>&1)" + fi + fi + + if [ -n "$returntxt" ]; then + if echo $returntxt | LC_ALL=C grep -q "File exists"; then + # Netlink: "File exists" + true + elif echo $returntxt | LC_ALL=C grep -q "No route to host"; then + # Netlink: "No route to host" + net_log $"'No route to host' adding route '$networkipv6' via gateway '$gatewayipv6' through device '$device'" err $fn + return 3 + else + net_log $"Unknown error" err $fn + return 3 + fi + fi + + return 0 +} + +##### automatic tunneling configuration + +## Configure automatic tunneling up +# return code: 0=ok 2=IPv6 test fails 3=major problem +ipv6_enable_autotunnel() { + local fn="ipv6_enable_autotunnel" + + ipv6_test || return 2 + + # enable IPv6-over-IPv4 tunnels + if ipv6_test_device_status sit0; then + true + else + # bring up basic tunnel device + /sbin/ip link set sit0 up + + if ! ipv6_test_device_status sit0; then + net_log $"Tunnel device 'sit0' enabling didn't work" err $fn + return 3 + fi + + # Set sysctls proper (regardless "default") + /sbin/sysctl -e -w net.ipv6.conf.sit0.forwarding=1 >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null 2>&1 + fi + + return 0 +} + +##### Interface configuration + +## Add an IPv6 address for given interface +# $1: +# $2: +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_add_addr_on_device() { + local fn="ipv6_add_addr_on_device" + + local device=$1 + local address=$2 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + if [ -z "$address" ]; then + net_log $"Missing parameter 'IPv6-address' (arg 2)" err $fn + return 1 + fi + + ipv6_test || return 2 + + ipv6_test_ipv6_addr_valid $address || return 1 + + ipv6_test_device_status $device + local result=$? + + if [ "$result" = "0" ]; then + true + elif [ "$result" != "11" ]; then + net_log $"Device '$device' doesn't exist" err $fn + return 3 + else + /sbin/ip link set $device up + + if ! ipv6_test_device_status $device; then + net_log $"Device '$device' enabling didn't work" err $fn + return 3 + fi + fi + + # Extract address parts + local prefixlength_implicit="$(echo $address | awk -F/ '{ print $2 }')" + local address_implicit="${address%%/*}" + + # Check prefix length and using '64' as default + if [ -z "$prefixlength_implicit" ]; then + local prefixlength_implicit="64" + local address="$address_implicit/$prefixlength_implicit" + fi + + /sbin/ip -6 addr replace $address dev $device + local result=$? + + if [ $result -eq 2 ]; then + return 0 + elif [ $result -ne 0 ]; then + net_log $"Cannot add IPv6 address '$address' on dev '$device'" err $fn + return 3 + fi + + return 0 +} + + +## Remove all IPv6 routes and addresses on given interface (cleanup to prevent kernel crashes) +# $1: +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_cleanup_device() { + local fn="ipv6_cleanup_device" + + local device=$1 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + ipv6_test testonly || return 2 + + # Remove all IPv6 routes through this device (but not "lo") + if [ "$device" != "lo" ]; then + /sbin/ip -6 route flush dev $device scope global >/dev/null 2>&1 + /sbin/ip -6 route flush dev $device scope site >/dev/null 2>&1 + fi + + # Remove all IPv6 addresses on this interface + /sbin/ip -6 addr flush dev $device scope global >/dev/null 2>&1 + /sbin/ip -6 addr flush dev $device scope site >/dev/null 2>&1 + + return 0 +} + + +## Remove all IPv6 6to4 related routes and addresses on given interface +# $1: +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_cleanup_6to4_device() { + local fn="ipv6_cleanup_6to4_device" + + local device=$1 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + ipv6_test testonly || return 2 + + # Cleanup 6to4 addresses on this device + /sbin/ip -6 addr show dev $device scope global permanent | awk '/\/ && $2 ~ /^2002:/ { print $2 }' | while read addr; do + /sbin/ip -6 addr del ${addr} dev ${device} + done + + # Get all IPv6 routes through given interface related to 6to4 and remove them + /sbin/ip -6 route show dev $device | LC_ALL=C grep "^2002:" | while read ipv6net dummy; do + /sbin/ip -6 route del $ipv6net dev $device + done + + return 0 +} + + +##### Some address test functions + +## Test a given IPv6 address for validity +# $1: +# return code: 0=ok 1=not valid +ipv6_test_ipv6_addr_valid() { + ipcalc -cs6 $1 +} + + +## Test a given IPv4 address for validity +# $1: +# return code: 0=ok 1=not valid +ipv6_test_ipv4_addr_valid() { + ipcalc -cs4 $1 +} + + +## Test a given IPv4 address for not a private but unicast one +# $1: +# return code: 0=ok 1=argument error 10=private or not unicast +ipv6_test_ipv4_addr_global_usable() { + local fn="ipv6_test_ipv4_addr_global_usable" + + local testipv4addr_globalusable=$1 + + + if [ -z "$testipv4addr_globalusable" ]; then + return 1 + fi + + # Test for a globally usable IPv4 address now + # test 0.0.0.0/8 + /bin/ipcalc --network $testipv4addr_globalusable 255.0.0.0 | LC_ALL=C grep -q "NETWORK=0\.0\.0\.0" && return 10 + # test 10.0.0.0/8 (RFC 1918 / private) + /bin/ipcalc --network $testipv4addr_globalusable 255.0.0.0 | LC_ALL=C grep -q "NETWORK=10\.0\.0\.0" && return 10 + # test 127.0.0.0/8 (loopback) + /bin/ipcalc --network $testipv4addr_globalusable 255.0.0.0 | LC_ALL=C grep -q "NETWORK=127\.0\.0\.0" && return 10 + # test 169.254.0.0/16 (APIPA / DHCP link local) + /bin/ipcalc --network $testipv4addr_globalusable 255.255.0.0 | LC_ALL=C grep -q "NETWORK=169\.254\.0\.0" && return 10 + # test 172.16.0.0/12 (RFC 1918 / private) + /bin/ipcalc --network $testipv4addr_globalusable 255.240.0.0 | LC_ALL=C grep -q "NETWORK=172\.16\.0\.0" && return 10 + # test 192.168.0.0/16 (RFC 1918 / private) + /bin/ipcalc --network $testipv4addr_globalusable 255.255.0.0 | LC_ALL=C grep -q "NETWORK=192\.168\.0\.0" && return 10 + # test 224.0.0.0/3 (multicast and reserved, broadcast) + /bin/ipcalc --network $testipv4addr_globalusable 224.0.0.0 | LC_ALL=C grep -q "NETWORK=224\.0\.0\.0" && return 10 + + return 0 +} + + +## Test a given device for status +# $1: +# return code: 0=ok 1=argument error 10=not exists 11=down +ipv6_test_device_status() { + local fn="ipv6_test_device_status" + + local device=$1 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + # Test if device exists + if [ ! -d "/sys/class/net/${device}" ]; then + # not exists + return 10 + fi + + # Test if device is up + if /sbin/ip link show dev $device 2>/dev/null | LC_ALL=C grep -q "UP"; then + # up + return 0 + else + # down + return 11 + fi +} + + +## Create 6to4 prefix +# $1: +# stdout: <6to4address> +# return code: 0=ok 1=argument error +ipv6_create_6to4_prefix() { + local fn="ipv6_create_6to4_prefix" + + local ipv4addr=$1 + + if [ -z "$ipv4addr" ]; then + net_log $"Missing parameter 'IPv4 address' (arg 1)" err $fn + fi + + local major1="${ipv4addr%%.*}" + local minor1="$(echo $ipv4addr | awk -F. '{ print $2 }')" + local major2="$(echo $ipv4addr | awk -F. '{ print $3 }')" + local minor2="$(echo $ipv4addr | awk -F. '{ print $4 }')" + + if [ -z "$major1" -o -z "$minor1" -o -z "$major2" -o -z "$minor2" ]; then + return 1 + fi + + if [ $major1 -eq 0 ]; then + local block1="$(printf "%x" $minor1)" + else + local block1="$(printf "%x%02x" $major1 $minor1)" + fi + if [ $major2 -eq 0 ]; then + local block2="$(printf "%x" $minor2)" + else + local block2="$(printf "%x%02x" $major2 $minor2)" + fi + + local prefix6to4="2002:$block1:$block2" + + echo "$prefix6to4" + return 0 +} + + +## Check and create 6to4 tunnel relay address +# $1: +# stdout: +# return code: 0=ok 1=argument error +ipv6_create_6to4_relay_address() { + local fn="ipv6_create_6to4_relay_address" + + local addr=$1 + + if [ -z "$addr" ]; then + net_log $"Missing parameter 'address' (arg 1)" err $fn + return 1 + fi + + # Check + if ipv6_test_ipv4_addr_valid $addr ; then + # ok, an IPv4 one + if ipv6_test_ipv4_addr_global_usable $addr; then + # IPv4 globally usable + local ipv6to4_relay="::$addr" + else + net_log $"Given address '$addr' is not a global IPv4 one (arg 1)" err $fn + return 1 + fi + else + net_log $"Given address '$addr' is not a valid IPv4 one (arg 1)" err $fn + return 1 + fi + + echo "$ipv6to4_relay" + + return 0 +} + + +##### 6to4 tunneling setup + +## Configure 6to4 tunneling up +# $1: : only "tun6to4" is supported +# $2: : global IPv4 address of interface (will be used to generate 6to4 prefix) +# $3: [] : for 6to4 prefix (optional, default is "::1") +# $4: [] : MTU of tunnel device (optional, default is automatic) +# $5: [] : local IPv4 address of tunnel interface (required in case of 6to4 behind NAT) +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_add_6to4_tunnel() { + local fn="ipv6_add_6to4_tunnel" + + local device=$1 + local globalipv4=$2 + local globalipv6to4suffix=$3 + local mtu=$4 + local localipv4=$5 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + if [ -z "$globalipv4" ]; then + net_log $"Missing parameter 'global IPv4 address' (arg 2)" err $fn + return 1 + fi + + # Check device + if [ "$device" != "tun6to4" ]; then + net_log $"Given device '$device' is not supported (arg 1)" err $fn + return 1 + fi + + # Copy global IPv4 address to local if last one is not given + if [ -z "$localipv4" ]; then + localipv4="$globalipv4" + fi + + ipv6_test || return 2 + + # Generate 6to4 address + local prefix6to4="$(ipv6_create_6to4_prefix $globalipv4)" + if [ $? -ne 0 -o -z "$prefix6to4" ]; then + return 3 + fi + + if [ -z "$globalipv6to4suffix" ]; then + local address6to4="${prefix6to4}::1/16" + else + local address6to4="${prefix6to4}::${globalipv6to4suffix}/16" + fi + + ipv6_add_tunnel_device tun6to4 0.0.0.0 $address6to4 $localipv4 + if [ $? -ne 0 ]; then + local retval=3 + else + local retval=0 + fi + + # Add unspecific unreachable route for local 6to4 address space + /sbin/ip route add unreach ${prefix6to4}::/48 + + # Set MTU, if given + if [ -n "$mtu" ]; then + ipv6_set_mtu $device $mtu + fi + + return $retval +} + + +## Configure all 6to4 tunneling down +# $1: : only "tun6to4" is supported +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_cleanup_6to4_tunnels() { + local fn="ipv6_cleanup_6to4_tunnels" + + local device=$1 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + # Check device + if [ "$device" != "tun6to4" ]; then + net_log $"Given device '$device' is not supported (arg 1)" err $fn + return 1 + fi + + ipv6_test testonly || return 2 + + ipv6_del_tunnel_device tun6to4 + + # Remove all unspecific unreachable routes for local 6to4 address space + /sbin/ip -6 route | LC_ALL=C grep "^unreachable 2002:.*/48 dev lo" | while read token net rest; do + /sbin/ip route del unreach $net + done + + return 0 +} + + +## Configure 6to4 tunneling down +# $1: : only "tun6to4" is supported +# $2: : global address of local interface +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_del_6to4_tunnel() { + local fn="ipv6_del_6to4_tunnel" + + local device=$1 + local localipv4=$2 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + if [ -z "$localipv4" ]; then + net_log $"Missing parameter 'local IPv4 address' (arg 2)" err $fn + return 1 + fi + + # Check device + if [ "$device" != "tun6to4" ]; then + net_log $"Given device '$device' is not supported (arg 1)" err $fn + return 1 + fi + + ipv6_test || return 2 + + ipv6_del_tunnel_device tun6to4 + local retval=$? + + # Remove unspecific unreachable route for local 6to4 address space + /sbin/ip route del unreach ${prefix6to4}::/48 + + return $retval +} + + +## Configure a static tunnel device up +# $1: +# $2: : of foreign tunnel +# $3: [] : local one of a P-t-P tunnel (optional) +# $4: [] : local one of tunnel (optional) +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_add_tunnel_device() { + local fn="ipv6_add_tunnel_device" + + local device=$1 + local addressipv4tunnel=$2 + local addressipv6local=$3 + local addressipv4tunnellocal=$4 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + if [ -z "$addressipv4tunnel" ]; then + net_log $"Missing parameter 'IPv4-tunnel address' (arg 2)" err $fn + return 1 + fi + + if [ -z "$addressipv4tunnellocal" ]; then + local addressipv4tunnellocal="any" + fi + + ipv6_test || return 2 + + if ! ipv6_test_device_status $device; then + local ttldefault="$(/sbin/sysctl -e net.ipv4.ip_default_ttl | awk '{ print $3 }')" + if [ -z "$ttldefault" ]; then + local ttldefault=64 + fi + + # Test whether remote IPv4 address was already applied to another tunnel + if [ "$addressipv4tunnel" != "0.0.0.0" -a "$addressipv4tunnel" != "any" ]; then + /sbin/ip tunnel show remote $addressipv4tunnel 2>/dev/null | LC_ALL=C grep -w "ipv6/ip" | while IFS=":" read devnew rest; do + if [ "$devnew" != "$device" ]; then + net_log $"Given remote address '$addressipv4tunnel' on tunnel device '$device' is already configured on device '$devnew'" err $fn + return 3 + fi + done + fi + + /sbin/ip tunnel add $device mode sit ttl $ttldefault remote $addressipv4tunnel local $addressipv4tunnellocal + if [ $? -ne 0 ]; then + return 3 + fi + + # Test, whether "ip tunnel show" reports valid content + if ! /sbin/ip tunnel show $device 2>/dev/null | LC_ALL=C grep -q -w "remote"; then + net_log $"Tunnel device '$device' creation didn't work" err $fn + return 3 + fi + + /sbin/ip link set $device up + + if ! ipv6_test_device_status $device; then + net_log $"Tunnel device '$device' bringing up didn't work" err $fn + return 3 + fi + + # Set sysctls proper (regardless "default") + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=1 >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1 + /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=0 >/dev/null 2>&1 + + if [ -n "$addressipv6local" ]; then + # Setup P-t-P address + ipv6_add_addr_on_device $device $addressipv6local + if [ $? -ne 0 ]; then + return 3 + fi + fi + else + false + fi + + return 0 +} + + +## Configure a static tunnel device down +# $1: +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_del_tunnel_device() { + local fn="ipv6_del_tunnel_device" + + local device=$1 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + ipv6_test testonly || return 2 + + if ipv6_test_device_status $device; then + ipv6_cleanup_device $device + else + if [ "$device" != "sit0" ]; then + false + fi + fi + + if [ "$device" != "sit0" ]; then + if /sbin/ip tunnel show $device 2>/dev/null | LC_ALL=C grep -q -w "ipv6/ip"; then + /sbin/ip tunnel del $device + + if ipv6_test_device_status $device; then + return 3 + fi + else + false + fi + fi + + return 0 +} + + +## Cleanup all dedicated tunnel devices +ipv6_cleanup_tunnel_devices() { + local fn="ipv6_cleanup_tunnel_devices" + + ipv6_test testonly || return 2 + + # Find still existing tunnel devices and shutdown and delete them + + /sbin/ip tunnel show | awk -F: '/\/ { print $1 }' | while read device; do + ipv6_del_tunnel_device $device + done + + return 0 +} + + +## Get address of a dedicated tunnel +# $1: +# $2: local|remote : local or remote address +# stdout: if available +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_get_ipv4addr_of_tunnel() { + local fn="ipv6_get_local_ipv4_of_tunnel" + + local device=$1 + local selection=$2 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + if [ -z "$selection" ]; then + net_log $"Missing parameter 'selection' (arg 2)" err $fn + return 1 + fi + if [ "$selection" != "local" -a "$selection" != "remote" ]; then + net_log $"Unsupported selection '$selection' specified (arg 2)" err $fn + return 1 + fi + + ipv6_test testonly || return 2 + + ipv6_test_device_status $device + + if [ $? != 0 -a $? != 11 ]; then + # Device doesn't exist + return 3 + fi + + # Device exists, retrieve address + if [ "$selection" = "local" ]; then + local tunnel_local_ipv4addr="$(/sbin/ip tunnel show $device | awk '{ print $6 }')" + elif [ "$selection" = "remote" ]; then + local tunnel_local_ipv4addr="$(/sbin/ip tunnel show $device | awk '{ print $4 }')" + fi + + if [ $? != 0 ]; then + return 3 + fi + + if [ "$tunnel_local_ipv4addr" = "any" ]; then + local tunnel_local_ipv4addr="0.0.0.0" + fi + + echo "$tunnel_local_ipv4addr" + + return 0 +} + + +## Get IPv4 address of a device +# $1: +# stdout: if available +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem (more than one IPv4 address applied) +ipv6_get_ipv4addr_of_device() { + local fn="ipv6_get_ipv4addr_of_device" + + local device=$1 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + ipv6_test_device_status $device + + if [ $? != 0 -a $? != 11 ]; then + # Device doesn't exist + return 3 + fi + + # Device exists, retrieve the first address only + local ipv4addr="$(/sbin/ip -o -4 addr show dev $device | awk '{ print $4 }' | awk -F/ '{ print $1; exit }')" + + if [ $? != 0 ]; then + return 3 + fi + + if [ "$ipv4addr" = "any" ]; then + local ipv4addr="0.0.0.0" + fi + + echo "$ipv4addr" + + return 0 +} + + +## Set IPv6 MTU for a device +# $1: +# $2: +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_set_mtu() { + local fn="ipv6_set_mtu" + + local device=$1 + local ipv6_mtu=$2 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + if [ -z "$ipv6_mtu" ]; then + net_log $"Missing parameter 'IPv6 MTU' (arg 2)" err $fn + return 1 + fi + + # Check range + if [ $ipv6_mtu -lt 1280 -o $ipv6_mtu -gt 65535 ]; then + net_log $"Given IPv6 MTU '$ipv6_mtu' is out of range" err $fn + return 1 + fi + + ipv6_test testonly || return 2 + + # Set value + /sbin/ip link set dev $device mtu $ipv6_mtu + + return 0 +} + + +## Set a default route +# $1: : gateway, can also contain scope suffix (device name), cause a warning if not matching with $2 (but will have precedence) +# $2: : gateway device (optional in case of $1 is a global address or $1 contains scope suffix) +# $3: : (optional) device to check scope and gateway device against (setup is skipped, if not matching) +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_set_default_route() { + local fn="ipv6_set_default_route" + + local address=$1 + local device=$2 + local device_check=$3 + + ipv6_test testonly || return 2 + + # Map the unspecified address to nothing + if [ "$address" = "::" ]; then + local address="" + fi + + if [ -n "$address" ]; then + local addressgw=${address%%%*} + local device_scope=$(echo $address | awk -F% '{ print $2 }') + + if [ -z "$addressgw" ]; then + net_log $"Given IPv6 default gateway '$address' is not in proper format" err $fn + return 3 + fi + + # Scope device has precedence + if [ -n "$device_scope" -a -n "$device" -a "$device_scope" != "$device" ]; then + net_log $"Given IPv6 default gateway '$address' has scope '$device_scope' defined, given default gateway device '$device' will be not used" info $fn + local device="" + fi + + # Link local addresses require a device + if echo $addressgw | LC_ALL=C grep -qi "^fe80:"; then + if [ -z "$device_scope" ]; then + if [ -z "$device" ]; then + net_log $"Given IPv6 default gateway '$address' is link-local, but no scope or gateway device is specified" err $fn + return 3 + fi + fi + fi + + # Check whether the route belongs to the specific given interface + if [ -n "$device_check" ]; then + # Check whether scope device matches given check device + if [ -n "$device_scope" -a "$device_check" != "$device_scope" ]; then + # scope device != specific given -> skip + return 0 + elif [ -n "$device" -a "$device_check" != "$device" ]; then + # gateway device != specific given -> skip + return 0 + fi + fi + + # Set device now, if not given + if [ -z "$device" ]; then + local device="$device_scope" + fi + + if [ -z "$device" ]; then + # Note: this can cause a warning and a not installed route, if given address is not reachable on the link + ipv6_add_route ::/0 $addressgw + else + ipv6_add_route ::/0 $addressgw $device + fi + elif [ -n "$device" ]; then + # Check whether the route belongs to the specific given interface + if [ -n "$device_check" -a "$device_check" != "$device" ]; then + # gateway device != specific given -> skip + return 0 + fi + + ipv6_test_route_requires_next_hop $device + local result=$? + + if [ $result = 0 ]; then + net_log $"Given IPv6 default device '$device' requires an explicit nexthop" err $fn + return 3 + elif [ $result != 10 ]; then + net_log $"Given IPv6 default device '$device' doesn't exist or isn't up" err $fn + return 3 + fi + + ipv6_add_route ::/0 :: $device + else + net_log $"No parameters given to setup a default route" err $fn + return 3 + fi + + return 0 +} + + +## Resolve need of explicit next hop for an interface +# $1: +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem 10=needs no explicit hop +ipv6_test_route_requires_next_hop() { + local fn="ipv6_test_route_requires_next_hop" + + local device=$1 + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + ipv6_test testonly || return 2 + + ipv6_test_device_status $device + + if [ $? != 0 ]; then + return 3 + fi + + if [ "$device" = "sit0" ]; then + return 10 + fi + + if /sbin/ip -o link show $device 2>/dev/null | LC_ALL=C grep -q "POINTOPOINT"; then + return 10 + fi + + return 0 +} + + +## Trigger radvd +# $1: up|down : device reason for triggering (coming up or going down) +# $2: [startstop|restart|reload|SIGHUP] : triger mechanism (default is "SIGHUP") +# "startstop" : reason=up -> start, reason=down -> stop +# $3: [] : alternative pid file [optional] +# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem +ipv6_trigger_radvd() { + local fn="ipv6_trigger_radvd" + + local reason=$1 + local mechanism=$2 + local pidfile=$3 + + if [ -z "$reason" ]; then + net_log $"No reason given for sending trigger to radvd" err $fn + return 1 + fi + + if [ "$reason" != "up" -a "$reason" != "down" ]; then + net_log $"Unsupported reason '$reason' for sending trigger to radvd" err $fn + return 1 + fi + + if [ -z "$mechanism" ]; then + # Take default + local mechanism="SIGHUP" + fi + + if [ -z "$pidfile" ]; then + local pidfile="/run/radvd/radvd.pid" + fi + + # Print message and select action + case $mechanism in + 'startstop') + case $reason in + up) + local action="start" + ;; + down) + local action="stop" + ;; + esac + ;; + 'reload'|'restart'|'SIGHUP') + local action="$mechanism" + ;; + *) + net_log $"Unsupported mechanism '$mechanism' for sending trigger to radvd" err $fn + return 3 + ;; + esac + + # PID file needed? + if [ "$action" = "SIGHUP" ]; then + if ! [ -f "$pidfile" ]; then + if [ "$reason" = "down" ]; then + # be quiet because triggering may have been disabled + true + else + net_log $"Given pidfile '$pidfile' doesn't exist, cannot send trigger to radvd" err $fn + fi + return 3 + fi + + # Get PID + local pid="$(cat $pidfile)" + if [ -z "$pid" ]; then + # pidfile empty - strange + net_log $"Pidfile '$pidfile' is empty, cannot send trigger to radvd" err $fn + return 3 + fi + fi + + + # Do action + case $action in + 'SIGHUP') + kill -HUP $pid + ;; + 'reload'|'restart'|'stop'|'start') + if ! /sbin/chkconfig --list radvd >/dev/null 2>&1; then + if [ "$reason" = "down" ]; then + # be quiet because triggering may have been disabled + true + else + net_log $"radvd not (properly) installed, triggering failed" err $fn + fi + return 3 + else + /sbin/service radvd $action >/dev/null 2>&1 + fi + ;; + *) + # Normally not reached, "action" is set above to proper value + ;; + esac + + return 0 +} + +#https://www.vaspects.com/2013/12/11/services-dont-bind-to-ipv6-address/ +ipv6_wait_tentative() { + local fn="ipv6_wait_tentative" + local device=$1 + local countdown=30 + local ip_output="" + + if [ -z "$device" ]; then + net_log $"Missing parameter 'device' (arg 1)" err $fn + return 1 + fi + + [ "$device" = lo ] && return 0 + + while [ ${countdown} -gt 0 ]; do + ip_output="$(ip -6 addr show dev ${device} scope global tentative)" + + if [ -z "$ip_output" ]; then + return 0; + elif echo "$ip_output" | grep "dadfailed" > /dev/null; then + net_log $"Duplicate Address Detection: Duplicate addresses detected" err $fn + net_log $"Duplicate Address Detection: Please, fix your network configuration" err $fn + return 1 + fi + + net_log $"Waiting for interface ${device} IPv6 address(es) to leave the 'tentative' state" info $fn + sleep 1 + countdown=$(($countdown - 1)) + done + + ip_output="$(ip -6 addr show dev ${device} scope global tentative)" + + if [ -n "$ip_output" ]; then + net_log $"Some IPv6 address(es) of ${device} remain still in 'tentative' state" warning $fn + net_log $"Run 'ip -6 addr show dev ${device} scope global tentative' to see more" warning $fn + fi + + return 0 +} -- cgit v1.2.1 From 9b2dbe00100d4e1077404b9d781f35adad979467 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Thu, 24 May 2018 16:06:03 +0200 Subject: netreport functionality dropped This concept is quite outdated, and not sane to use at all. --- network-scripts/ifdown-post | 3 --- network-scripts/ifup-aliases | 11 ----------- network-scripts/ifup-post | 3 --- network-scripts/network-functions | 18 ------------------ 4 files changed, 35 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown-post b/network-scripts/ifdown-post index 9db16ad3..ab6b1b55 100755 --- a/network-scripts/ifdown-post +++ b/network-scripts/ifdown-post @@ -62,9 +62,6 @@ if [ "${REALDEVICE}" != "lo" ]; then > /dev/null 2>&1 fi -# Notify programs that have requested notification -do_netreport - if [ -x /sbin/ifdown-local ]; then /sbin/ifdown-local ${DEVICE} fi diff --git a/network-scripts/ifup-aliases b/network-scripts/ifup-aliases index 52d43ea8..8a943c1b 100755 --- a/network-scripts/ifup-aliases +++ b/network-scripts/ifup-aliases @@ -230,7 +230,6 @@ function new_interface () else if [ "$rdev_mark" != "remove" ]; then /sbin/ip addr flush dev $parent_device label $parent_device:${DEVNUM} - do_netreport=yes fi newmark=remove setup_this=yes @@ -253,7 +252,6 @@ function new_interface () if [ "$mark_remove" != "remove" ]; then eval " rdev_${rdevip}_mark=remove "; /sbin/ip addr flush dev $parent_device label $parent_device:$rdevip - do_netreport=yes fi fi @@ -303,7 +301,6 @@ function new_interface () /etc/sysconfig/network-scripts/ifup-routes ${DEVICE} ${NAME} - do_netreport=yes ifuplocal_queue="$ifuplocal_queue $DEVICE" fi fi @@ -363,16 +360,8 @@ for DEVNUM in $rdev_LIST ; do eval " rdev_mark=\$rdev_${DEVNUM}_mark " if [ -z "$rdev_mark" ]; then /sbin/ip addr flush dev $parent_device label $parent_device:${DEVNUM} - do_netreport=yes fi done -# -# Notify of new device creation -# - -if [ -n "$do_netreport" ]; then - do_netreport -fi if [ -x /sbin/ifup-local ]; then for DEVICE in $ifuplocal_queue ; do diff --git a/network-scripts/ifup-post b/network-scripts/ifup-post index f8a91add..e1c5e391 100755 --- a/network-scripts/ifup-post +++ b/network-scripts/ifup-post @@ -141,9 +141,6 @@ if [ "${REALDEVICE}" != "lo" ]; then > /dev/null 2>&1 fi -# Notify programs that have requested notification -do_netreport - if [ -x /sbin/ifup-local ]; then /sbin/ifup-local ${DEVICE} fi diff --git a/network-scripts/network-functions b/network-scripts/network-functions index c2756b19..a2382e33 100644 --- a/network-scripts/network-functions +++ b/network-scripts/network-functions @@ -278,24 +278,6 @@ toggle_value () echo '' fi } - -do_netreport () -{ - # Notify programs that have requested notification - ( - cd /run/netreport || exit - for i in * ; do - if [ -f $i ]; then - if [ "$(id -u)" = "0" ]; then - OWNER=$(stat -c %U $i) - su -s /bin/bash $OWNER -c "kill -SIGIO $i >/dev/null 2>&1 || rm -f $i >/dev/null 2>&1" > /dev/null 2>&1 - else - kill -SIGIO $i >/dev/null 2>&1 || rm -f $i >/dev/null 2>&1 - fi - fi - done - ) -} is_nm_running () { -- cgit v1.2.1 From 8659ca9ef9c1b0826799ea8da217c886ff0c26b5 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Wed, 6 Jun 2018 19:09:36 +0200 Subject: ifdown-post: artifact whitespace removed from the DBus call This was causing the DBus call to fail, and we didn't catch it before since we were forwarding everything into /dev/null... Related: RHBZ#1586284 --- network-scripts/ifdown-post | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown-post b/network-scripts/ifdown-post index ab6b1b55..83d48775 100755 --- a/network-scripts/ifdown-post +++ b/network-scripts/ifdown-post @@ -58,7 +58,7 @@ if [ "${REALDEVICE}" != "lo" ]; then dbus-send --system --dest=org.fedoraproject.FirewallD1 \ /org/fedoraproject/FirewallD1 \ org.fedoraproject.FirewallD1.zone.removeInterface \ - string: "" string:"${DEVICE}" \ + string:"" string:"${DEVICE}" \ > /dev/null 2>&1 fi -- cgit v1.2.1 From 12a83d3ef4244d354cba541ce8d3f0ded9773c89 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Wed, 6 Jun 2018 19:19:11 +0200 Subject: network-scripts: setting of firewall ZONE fixed For currently unknown reason the dbus-send calls will fail to set the firewall zone for the given interface if we omit the --print-reply option... This looks like some kind of race-condition in dbus-send, since the --print-reply makes the call synchronous and slower. Hopefully this is only a temporary workaround until DBus is fixed. Resolves: #1586284 --- network-scripts/ifdown-post | 4 ++-- network-scripts/ifup-eth | 3 ++- network-scripts/ifup-post | 4 ++-- 3 files changed, 6 insertions(+), 5 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown-post b/network-scripts/ifdown-post index 83d48775..334cdaeb 100755 --- a/network-scripts/ifdown-post +++ b/network-scripts/ifdown-post @@ -53,9 +53,9 @@ if ! check_default_route ; then fi fi -# Reset firewall ZONE to "default": +# Reset firewall zone (empty ZONE means default): if [ "${REALDEVICE}" != "lo" ]; then - dbus-send --system --dest=org.fedoraproject.FirewallD1 \ + dbus-send --print-reply --system --dest=org.fedoraproject.FirewallD1 \ /org/fedoraproject/FirewallD1 \ org.fedoraproject.FirewallD1.zone.removeInterface \ string:"" string:"${DEVICE}" \ diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index a0988edb..932635d4 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -339,7 +339,8 @@ fi /etc/sysconfig/network-scripts/ifup-ipv6 ${CONFIG} if is_true "${DHCPV6C}" && [ -x /sbin/dhclient ]; then - # Assign interface into a firewalld zone so we can obtain the IPv6 via DHCPv6: + # Assign interface into a firewalld zone so we can + # obtain the IPv6 via DHCPv6 (empty ZONE means default): if [ "${REALDEVICE}" != "lo" ]; then dbus-send --print-reply --system --dest=org.fedoraproject.FirewallD1 \ /org/fedoraproject/FirewallD1 \ diff --git a/network-scripts/ifup-post b/network-scripts/ifup-post index e1c5e391..5a89cbf3 100755 --- a/network-scripts/ifup-post +++ b/network-scripts/ifup-post @@ -132,9 +132,9 @@ if [ "$2" = "boot" -a \ fi fi -# Set firewall ZONE for this device (empty means default): +# Set firewall ZONE for this device (empty ZONE means default): if [ "${REALDEVICE}" != "lo" ]; then - dbus-send --system --dest=org.fedoraproject.FirewallD1 \ + dbus-send --print-reply --system --dest=org.fedoraproject.FirewallD1 \ /org/fedoraproject/FirewallD1 \ org.fedoraproject.FirewallD1.zone.changeZoneOfInterface \ string:"${ZONE}" string:"${DEVICE}" \ -- cgit v1.2.1 From bf40c2768d6b6614cc0f1b4fb68ca011489e89d3 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Mon, 11 Jun 2018 16:58:20 +0200 Subject: network-scripts: Replace brctl with ip-link Since ip-link has full support for Linux bridges (and slave ports), use that instead of the deprecated brctl from bridge-utils. --- network-scripts/ifdown-eth | 7 +++---- network-scripts/ifup-eth | 29 ++++++++++++++++------------- 2 files changed, 19 insertions(+), 17 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown-eth b/network-scripts/ifdown-eth index 97b17aaf..c610fd20 100755 --- a/network-scripts/ifdown-eth +++ b/network-scripts/ifdown-eth @@ -135,14 +135,13 @@ if [ -d "/sys/class/net/${REALDEVICE}" ]; then fi [ "$retcode" = "0" ] && retcode=$? -if [ -n "${BRIDGE}" ] && [ -x /usr/sbin/brctl ]; then - /sbin/ip link set dev ${DEVICE} down - /usr/sbin/brctl delif -- ${BRIDGE} ${DEVICE} +if [ -n "${BRIDGE}" ]; then + ip link set dev ${DEVICE} nomaster down # Upon removing a device from a bridge, # it's necessary to make radvd reload its config [ -r /run/radvd/radvd.pid ] && kill -HUP $(cat /run/radvd/radvd.pid) if [ -d /sys/class/net/${BRIDGE}/brif ] && [ $(ls -1 /sys/class/net/${BRIDGE}/brif | wc -l) -eq 0 ]; then - /usr/sbin/brctl delbr -- ${BRIDGE} + ip link del ${BRIDGE} fi fi diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index 932635d4..bbb17790 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -45,21 +45,24 @@ if [ -n "${HWADDR}" ]; then fi fi -# If the device is a bridge, create it with brctl, if available. +# If the device is a bridge, create it if [ "${TYPE}" = "Bridge" ]; then - if [ ! -x /usr/sbin/brctl ]; then - net_log $"Bridge support not available: brctl not found" - exit 1 + bridge_opts="" + [ -n "${DELAY}" ] && bridge_opts+="forward_delay ${DELAY} " + if is_true "${STP}"; then + bridge_opts+="stp_state 1 " + elif is_false "${STP}"; then + bridge_opts+="stp_state 0 " fi + [ -n "${PRIO}" ] && bridge_opts+="priority ${PRIO} " + [ -n "${AGEING}" ] && bridge_opts+="ageing_time ${AGEING} " if [ ! -d /sys/class/net/${DEVICE}/bridge ]; then - /usr/sbin/brctl addbr -- ${DEVICE} || exit 1 + ip link add ${DEVICE} type bridge $bridge_opts + elif [ -n "${OPTS}" ]; then + ip link set ${DEVICE} type bridge $bridge_opts fi - - [ -n "${DELAY}" ] && /usr/sbin/brctl setfd -- ${DEVICE} ${DELAY} - [ -n "${STP}" ] && /usr/sbin/brctl stp -- ${DEVICE} ${STP} - [ -n "${PRIO}" ] && /usr/sbin/brctl setbridgeprio ${DEVICE} ${PRIO} - [ -n "${AGEING}" ] && /usr/sbin/brctl setageing ${DEVICE} ${AGEING} + unset bridge_opts # add the bits to setup driver parameters here for arg in $BRIDGING_OPTS ; do @@ -173,15 +176,15 @@ if [ "$ISALIAS" = no ] && is_bonding_device ${DEVICE} ; then fi # If the device is part of a bridge, add the device to the bridge -if [ -n "${BRIDGE}" ] && [ -x /usr/sbin/brctl ]; then +if [ -n "${BRIDGE}" ]; then if [ ! -d /sys/class/net/${BRIDGE}/bridge ]; then - /usr/sbin/brctl addbr -- ${BRIDGE} 2>/dev/null + ip link add ${BRIDGE} type bridge 2>/dev/null fi /sbin/ip addr flush dev ${DEVICE} 2>/dev/null /sbin/ip link set dev ${DEVICE} up ethtool_set [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} - /usr/sbin/brctl addif -- ${BRIDGE} ${DEVICE} + ip link set ${DEVICE} master ${BRIDGE} # add the bits to setup driver parameters here for arg in $BRIDGING_OPTS ; do key=${arg%%=*}; -- cgit v1.2.1 From 88b3ac3840cc993901f971a2a99046881d9e46c4 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 12 Jun 2018 13:54:15 +0200 Subject: network-scripts: Add previously dropped error checking When converting from brctl to ip-link, the call to exit in case bridge adding failed was dropped by accident. --- network-scripts/ifup-eth | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index bbb17790..b55db79e 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -58,9 +58,9 @@ if [ "${TYPE}" = "Bridge" ]; then [ -n "${AGEING}" ] && bridge_opts+="ageing_time ${AGEING} " if [ ! -d /sys/class/net/${DEVICE}/bridge ]; then - ip link add ${DEVICE} type bridge $bridge_opts + ip link add ${DEVICE} type bridge $bridge_opts || exit 1 elif [ -n "${OPTS}" ]; then - ip link set ${DEVICE} type bridge $bridge_opts + ip link set ${DEVICE} type bridge $bridge_opts || exit 1 fi unset bridge_opts -- cgit v1.2.1 From de16adb62bfc62cdfb2fce185d83bfe157c41803 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Wed, 1 Aug 2018 17:41:08 +0200 Subject: network/ifup/ifdown: deprecation warnings for 'network-scripts' added In case of 'network' service these warnings are displayed only once, to not spam unnecessarily user's journalctl if they have many NICs. --- network-scripts/ifdown | 6 ++++++ network-scripts/ifup | 6 ++++++ 2 files changed, 12 insertions(+) (limited to 'network-scripts') diff --git a/network-scripts/ifdown b/network-scripts/ifdown index 18cee69d..5fb6a793 100755 --- a/network-scripts/ifdown +++ b/network-scripts/ifdown @@ -16,6 +16,12 @@ CONFIG=$1 exit 1 } +if ! is_true ${DEPRECATION_WARNING_ISSUED}; then + net_log $"You are using 'ifdown' script provided by 'network-scripts', which are now deprecated." warning ifdown + net_log $"'network-scripts' will be removed from distribution in near future." warning ifdown + net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifdown +fi + need_config "${CONFIG}" [ -f "$CONFIG" ] || { diff --git a/network-scripts/ifup b/network-scripts/ifup index d25db5af..a90295b7 100755 --- a/network-scripts/ifup +++ b/network-scripts/ifup @@ -31,6 +31,12 @@ CONFIG=${1} exit 1 } +if ! is_true ${DEPRECATION_WARNING_ISSUED}; then + net_log $"You are using 'ifup' script provided by 'network-scripts', which are now deprecated." warning ifup + net_log $"'network-scripts' will be removed from distribution in near future." warning ifup + net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifup +fi + need_config "${CONFIG}" [ -f "${CONFIG}" ] || { -- cgit v1.2.1 From 27724e4df026baa6def7d44ed08f4b8a7c1fdec7 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Mon, 30 Jul 2018 14:15:24 +0200 Subject: ifup-eth: use 'bc' instead of 'expr' when computing $forward_delay Because the return value of 'convert2sec()' function can sometimes be decimal, the follow up 'expr' call can fail, since 'expr' does not support floating point calculations. This can sometimes lead to error: """ expr: non-integer argument /etc/sysconfig/network-scripts/ifup-eth: line 91: [: 0: unary operator expected """ To solve this bug, we switch to 'bc' utility, which supports floating point computations. We also have to change the comparison condition of $LINKDELAY and $forward_delay to use 'bc' as well. --- network-scripts/ifup-eth | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index b55db79e..73a6c834 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -89,9 +89,11 @@ if [ "${TYPE}" = "Bridge" ]; then forward_delay="$(convert2sec ${forward_delay} centi)" fi - forward_delay=$(expr ${forward_delay} \* 2 + 7) + forward_delay=$(bc -q <<< "${forward_delay} * 2 + 7") - [ 0$LINKDELAY -lt $forward_delay ] && LINKDELAY=$forward_delay + # It's possible we are comparing floating point numbers here, therefore + # we are using 'bc' for comparison. The [ ] and [[ ]] do not work. + (( $(bc -l <<< "${LINKDELAY:-0} < ${forward_delay}") )) && LINKDELAY=${forward_delay} unset forward_delay fi -- cgit v1.2.1 From e92401ef4c2d317601f6280d654cd2b7b297e8b7 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Mon, 6 Aug 2018 11:15:47 +0200 Subject: network/ifup/ifdown: deprecations warnings redirected to stderr --- network-scripts/ifdown | 6 +++--- network-scripts/ifup | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown b/network-scripts/ifdown index 5fb6a793..aa8fce7b 100755 --- a/network-scripts/ifdown +++ b/network-scripts/ifdown @@ -17,9 +17,9 @@ CONFIG=$1 } if ! is_true ${DEPRECATION_WARNING_ISSUED}; then - net_log $"You are using 'ifdown' script provided by 'network-scripts', which are now deprecated." warning ifdown - net_log $"'network-scripts' will be removed from distribution in near future." warning ifdown - net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifdown + net_log $"You are using 'ifdown' script provided by 'network-scripts', which are now deprecated." warning ifdown >&2 + net_log $"'network-scripts' will be removed from distribution in near future." warning ifdown >&2 + net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifdown >&2 fi need_config "${CONFIG}" diff --git a/network-scripts/ifup b/network-scripts/ifup index a90295b7..435c3176 100755 --- a/network-scripts/ifup +++ b/network-scripts/ifup @@ -32,9 +32,9 @@ CONFIG=${1} } if ! is_true ${DEPRECATION_WARNING_ISSUED}; then - net_log $"You are using 'ifup' script provided by 'network-scripts', which are now deprecated." warning ifup - net_log $"'network-scripts' will be removed from distribution in near future." warning ifup - net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifup + net_log $"You are using 'ifup' script provided by 'network-scripts', which are now deprecated." warning ifup >&2 + net_log $"'network-scripts' will be removed from distribution in near future." warning ifup >&2 + net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifup >&2 fi need_config "${CONFIG}" -- cgit v1.2.1 From bf6a9d7d1f708077bfaad8ea109ad8b4eeb69556 Mon Sep 17 00:00:00 2001 From: "David Kaspar [Dee'Kej]" Date: Mon, 20 Aug 2018 14:31:56 +0200 Subject: ifup-post: fix incorrect condition for RESOLV_MODS This was causing the /etc/resolv.conf file to be always updated when RESOLV_MODS was not set... Before the commit 5d6156454bf8f6dab4a5fdd7e1bf6 we were not updating the /etc/resolv.conf file if the RESOLV_MODS was empty. See https://bugzilla.redhat.com/show_bug.cgi?id=1610411 for more info. --- network-scripts/ifup-post | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'network-scripts') diff --git a/network-scripts/ifup-post b/network-scripts/ifup-post index 5a89cbf3..4cb986f8 100755 --- a/network-scripts/ifup-post +++ b/network-scripts/ifup-post @@ -28,7 +28,7 @@ if ! is_true "$NOROUTESET"; then fi -if ! is_false "${PEERDNS}" || ! is_false "${RESOLV_MODS}"; then +if ! is_false "${PEERDNS}" || is_true "${RESOLV_MODS}"; then # Obtain the DNS entries when using PPP if necessary: [ -n "${MS_DNS1}" ] && DNS1="${MS_DNS1}" [ -n "${MS_DNS2}" ] && DNS2="${MS_DNS2}" -- cgit v1.2.1 From 76226a349cd65ec9b511bc68e8f3cf8c291b7057 Mon Sep 17 00:00:00 2001 From: Zhiqiang Liu Date: Tue, 12 Feb 2019 20:58:06 +0800 Subject: ifup-eth: apply PERSISTENT_DHCLIENT to IPv6 dhclient daemon IPv6 dhclient daemon only tries one time to obtain a IPv6 address from a DHCPv6 server regardless of the setting of PERSISTENT_DHCLIENT. PERSISTENT_DHCLIENT option is only used for IPv4 dhclient daemon. With the popularization of IPv6 protocol, some users prefer setting IPv6 like IPv4. I think there are two solutions as follows, 1. adopt PERSISTENT_DHCLIENT option to both IPv4 and IPv6. 2. create a new option, such as PERSISTENT_DHCLIENT_IPV6 option, just for IPv6. The first solution does not introduce addition options, and the IPv4 and IPv6 settings are consistent. So I perfer choosing the first solution. Fixes: bf00a0048 ("Replace /var/run with /run everywhere") Signed-off-by: Zhiqiang Liu --- network-scripts/ifup-eth | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'network-scripts') diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index 73a6c834..95db3e60 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -360,7 +360,13 @@ if is_true "${DHCPV6C}" && [ -x /sbin/dhclient ]; then echo -n $"Determining IPv6 information for ${DEVICE}..." # Initialize the dhclient args for IPv6 and obtain the hostname options if needed: - DHCLIENTARGS="-6 -1 ${DHCPV6C_OPTIONS} ${DHCLIENTCONF} -lf ${LEASEFILE} -pf /run/dhclient6-${DEVICE}.pid ${DEVICE}" + if is_true "${PERSISTENT_DHCLIENT}"; then + ONESHOT=""; + else + ONESHOT="-1"; + fi; + + DHCLIENTARGS="-6 ${ONESHOT} ${DHCPV6C_OPTIONS} ${DHCLIENTCONF} -lf ${LEASEFILE} -pf /run/dhclient6-${DEVICE}.pid ${DEVICE}" set_hostname_options DHCLIENTARGS if /sbin/dhclient $DHCLIENTARGS; then -- cgit v1.2.1 From d6af590090a2a8ffd45e273bdbd46a3fefc8debb Mon Sep 17 00:00:00 2001 From: Zhiqiang Liu Date: Mon, 22 Jul 2019 13:38:55 +0800 Subject: ifup/ifdown: print DEPRECATION_WARNING_ISSUED waring info after source_config In ifup/ifdown scripts, move deprecation waring info after source_config, so users can config DEPRECATION_WARNING_ISSUED in ifcfg-** file to decide whether show deprecation waring info when calling ifup/ifdown. Signed-off-by: Zhiqiang Liu --- network-scripts/ifdown | 12 ++++++------ network-scripts/ifup | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown b/network-scripts/ifdown index aa8fce7b..ec05891d 100755 --- a/network-scripts/ifdown +++ b/network-scripts/ifdown @@ -16,12 +16,6 @@ CONFIG=$1 exit 1 } -if ! is_true ${DEPRECATION_WARNING_ISSUED}; then - net_log $"You are using 'ifdown' script provided by 'network-scripts', which are now deprecated." warning ifdown >&2 - net_log $"'network-scripts' will be removed from distribution in near future." warning ifdown >&2 - net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifdown >&2 -fi - need_config "${CONFIG}" [ -f "$CONFIG" ] || { @@ -42,6 +36,12 @@ fi source_config +if ! is_true ${DEPRECATION_WARNING_ISSUED}; then + net_log $"You are using 'ifdown' script provided by 'network-scripts', which are now deprecated." warning ifdown >&2 + net_log $"'network-scripts' will be removed from distribution in near future." warning ifdown >&2 + net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifdown >&2 +fi + if [ -n "$IN_HOTPLUG" ] && [ "${HOTPLUG}" = "no" -o "${HOTPLUG}" = "NO" ] then exit 0 diff --git a/network-scripts/ifup b/network-scripts/ifup index 435c3176..397dd93b 100755 --- a/network-scripts/ifup +++ b/network-scripts/ifup @@ -31,12 +31,6 @@ CONFIG=${1} exit 1 } -if ! is_true ${DEPRECATION_WARNING_ISSUED}; then - net_log $"You are using 'ifup' script provided by 'network-scripts', which are now deprecated." warning ifup >&2 - net_log $"'network-scripts' will be removed from distribution in near future." warning ifup >&2 - net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifup >&2 -fi - need_config "${CONFIG}" [ -f "${CONFIG}" ] || { @@ -58,6 +52,12 @@ fi source_config +if ! is_true ${DEPRECATION_WARNING_ISSUED}; then + net_log $"You are using 'ifup' script provided by 'network-scripts', which are now deprecated." warning ifup >&2 + net_log $"'network-scripts' will be removed from distribution in near future." warning ifup >&2 + net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifup >&2 +fi + if [ "foo$2" = "fooboot" ] && [ "${ONBOOT}" = "no" -o "${ONBOOT}" = "NO" ] then exit 0 -- cgit v1.2.1 From c2012fb057ce96ce49191af5a8526753bbc6f701 Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Thu, 11 Jul 2019 12:14:19 +0200 Subject: Add ip6gre tunnel option Resolve: BZ #1691552 --- network-scripts/ifup-tunnel | 5 +++++ network-scripts/network-functions | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'network-scripts') diff --git a/network-scripts/ifup-tunnel b/network-scripts/ifup-tunnel index afdfe928..ea85df52 100755 --- a/network-scripts/ifup-tunnel +++ b/network-scripts/ifup-tunnel @@ -42,6 +42,11 @@ GRE) proto=-4 /sbin/modprobe ip_gre ;; +GRE6) + MODE=ip6gre + proto=-6 + /sbin/modprobe ip6_gre + ;; IPIP) MODE=ipip proto=-4 diff --git a/network-scripts/network-functions b/network-scripts/network-functions index a2382e33..614ad490 100644 --- a/network-scripts/network-functions +++ b/network-scripts/network-functions @@ -146,7 +146,7 @@ source_config () CTC) DEVICETYPE="ctc" ;; - GRE | IPIP | IPIP6) + GRE | GRE6 | IPIP | IPIP6) DEVICETYPE="tunnel" ;; SIT | sit) -- cgit v1.2.1 From c060c55bd62a18f5563cc30c894d07b0ec1be497 Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Mon, 19 Aug 2019 10:26:18 +0200 Subject: ifup-eth: Check that device name is set --- network-scripts/ifup-eth | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'network-scripts') diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index 95db3e60..9448eae7 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -112,6 +112,11 @@ if [ -n "${TEAM_CONFIG}" ] && [ ! "${DEVICETYPE}" = "Team" ] && [ -x ./ifup-Team ./ifup-Team ${CONFIG} $2 fi +if [ -z "${REALDEVICE}" ]; then + net_log $"Device name does not seem to be present." + exit 1 +fi + # now check the real state is_available_wait ${REALDEVICE} ${DEVTIMEOUT} || { if [ -n "$alias" ]; then -- cgit v1.2.1 From dd703a8494647d401dbffa0f036233e08044ec60 Mon Sep 17 00:00:00 2001 From: Bell Date: Wed, 21 Aug 2019 11:54:30 +0300 Subject: ifup-eth: Fix bridge setting stp option Fixes https://bugzilla.redhat.com/1743522 An uninitialized variable was copied from a closed PR [1] to submitted PR [2]. [1] https://github.com/fedora-sysv/initscripts/pull/212 [2] https://github.com/fedora-sysv/initscripts/pull/213 Signed-off-by: Bell Levin --- network-scripts/ifup-eth | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'network-scripts') diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index 9448eae7..b559b5c4 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -59,7 +59,7 @@ if [ "${TYPE}" = "Bridge" ]; then if [ ! -d /sys/class/net/${DEVICE}/bridge ]; then ip link add ${DEVICE} type bridge $bridge_opts || exit 1 - elif [ -n "${OPTS}" ]; then + elif [ -n "${bridge_opts}" ]; then ip link set ${DEVICE} type bridge $bridge_opts || exit 1 fi unset bridge_opts -- cgit v1.2.1 From 66d26269a83229b7340f7ace06dfc715c04df7d8 Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Thu, 12 Sep 2019 12:32:36 +0200 Subject: Repalace hardcoded tests for yes and no with testing functions Resolve issue: #42 --- network-scripts/ifdown-eth | 8 ++++---- network-scripts/ifdown-ipv6 | 4 ++-- network-scripts/ifup | 10 +++++----- network-scripts/ifup-aliases | 12 ++++++------ network-scripts/ifup-eth | 10 +++++----- network-scripts/ifup-ippp | 40 +++++++++++++++++++-------------------- network-scripts/ifup-ipv6 | 20 ++++++++++---------- network-scripts/init.ipv6-global | 12 ++++++------ network-scripts/network-functions | 4 ++-- 9 files changed, 60 insertions(+), 60 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown-eth b/network-scripts/ifdown-eth index c610fd20..7b457e85 100755 --- a/network-scripts/ifdown-eth +++ b/network-scripts/ifdown-eth @@ -29,13 +29,13 @@ source_config . /etc/sysconfig/network # Check to make sure the device is actually up -check_device_down ${DEVICE} && [ "$BOOTPROTO" != "dhcp" -a "$BOOTPROTO" != "bootp" ] && [ -n "$VLAN" -a "$VLAN" != "yes" ] && exit 0 +check_device_down ${DEVICE} && [ "$BOOTPROTO" != "dhcp" -a "$BOOTPROTO" != "bootp" ] && [ -n "$VLAN" ] && ! is_true "$VLAN" && exit 0 if [ -n "${TEAM_MASTER}" ] && [ ! "${DEVICETYPE}" = "TeamPort" ] && [ -x ./ifdown-TeamPort ]; then ./ifdown-TeamPort ${CONFIG} $2 fi -if [ "${SLAVE}" != "yes" -o -z "${MASTER}" ]; then +if ! is_true "${SLAVE}" || [ -z "${MASTER}" ]; then if [ -n "${HWADDR}" -a -z "${MACADDR}" ]; then FOUNDMACADDR=$(get_hwaddr ${REALDEVICE}) if [ -n "${FOUNDMACADDR}" -a "${FOUNDMACADDR}" != "${HWADDR}" ]; then @@ -125,7 +125,7 @@ if [ -d "/sys/class/net/${REALDEVICE}" ]; then ip -4 addr flush dev ${REALDEVICE} ${LABEL} scope host 2>/dev/null fi - if [ "${SLAVE}" = "yes" -a -n "${MASTER}" ]; then + if is_true "${SLAVE}" && [ -n "${MASTER}" ]; then echo "-${DEVICE}" > /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null fi @@ -167,7 +167,7 @@ if [ -n "${WIRELESS_ENC_KEY}" ] && [ -x /sbin/iwconfig ]; then /sbin/iwconfig ${DEVICE} enc 0 >/dev/null 2>&1 fi -if [ "$retcode" = 0 ] ; then +if [ "$retcode" = "0" ]; then /etc/sysconfig/network-scripts/ifdown-post $CONFIG # do NOT use $? because ifdown should return whether or not # the interface went down. diff --git a/network-scripts/ifdown-ipv6 b/network-scripts/ifdown-ipv6 index 7ba3efdc..5bc08d31 100755 --- a/network-scripts/ifdown-ipv6 +++ b/network-scripts/ifdown-ipv6 @@ -62,7 +62,7 @@ if [ $? != 0 -a $? != 11 ]; then exit 1 fi -if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then +if ! is_false "$IPV6_SET_SYSCTLS"; then # Switch some sysctls to secure mode /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=0 >/dev/null 2>&1 /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1 @@ -119,7 +119,7 @@ if [ $? = 0 -o $? = 11 ]; then fi # Shutdown of 6to4, if configured -if [ "$valid6to4config" = "yes" ]; then +if is_true "$valid6to4config"; then if [ -n "$IPV6TO4_ROUTING" ]; then # Delete routes to local networks for devsuf in $IPV6TO4_ROUTING; do diff --git a/network-scripts/ifup b/network-scripts/ifup index 397dd93b..9c1380bb 100755 --- a/network-scripts/ifup +++ b/network-scripts/ifup @@ -58,11 +58,11 @@ if ! is_true ${DEPRECATION_WARNING_ISSUED}; then net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifup >&2 fi -if [ "foo$2" = "fooboot" ] && [ "${ONBOOT}" = "no" -o "${ONBOOT}" = "NO" ] +if [ "foo$2" = "fooboot" ] && is_false "${ONBOOT}" then exit 0 fi -if [ -n "$IN_HOTPLUG" ] && [ "${HOTPLUG}" = "no" -o "${HOTPLUG}" = "NO" ] +if [ -n "$IN_HOTPLUG" ] && is_false "${HOTPLUG}" then exit 0 fi @@ -81,7 +81,7 @@ if [ "$_use_nm" = "true" -a -n "$UUID" -a "$REALDEVICE" != "lo" ]; then fi # Ethernet 802.1Q VLAN support -if [ "${VLAN}" = "yes" ] && [ "$ISALIAS" = "no" ] && [ -n "$DEVICE" ]; then +if is_true "${VLAN}" && is_false "$ISALIAS" && [ -n "$DEVICE" ]; then if [ -n "${VID}" ]; then if test -z "$PHYSDEV"; then net_log $"PHYSDEV should be set for device ${DEVICE}" @@ -125,11 +125,11 @@ if [ "${VLAN}" = "yes" ] && [ "$ISALIAS" = "no" ] && [ -n "$DEVICE" ]; then check_device_down ${PHYSDEV} && { ip -o link set dev ${PHYSDEV} up; } if [ ! -f /proc/net/vlan/${DEVICE} ]; then - if [ "${REORDER_HDR}" = "no" -o "${REORDER_HDR}" = "0" ]; then + if is_false "${REORDER_HDR}"; then FLAG_REORDER_HDR="reorder_hdr off" fi - if [ "${GVRP}" = "yes" -o "${GVRP}" = "1" ]; then + if is_true "${GVRP}"; then FLAG_GVRP="gvrp on" fi diff --git a/network-scripts/ifup-aliases b/network-scripts/ifup-aliases index 8a943c1b..8020f407 100755 --- a/network-scripts/ifup-aliases +++ b/network-scripts/ifup-aliases @@ -206,7 +206,7 @@ function new_interface () eval $(/bin/ipcalc --broadcast ${IPADDR}/${PREFIX}) fi - if [ "$no_devices_are_up" = "yes" ]; then + if is_true "$no_devices_are_up"; then setup_this=yes else @@ -262,8 +262,8 @@ function new_interface () /sbin/ip addr change ${IPADDR}/${PREFIX} brd ${BROADCAST} fi - if [ "$setup_this" = "yes" ] ; then - if [ "${parent_device}" != "lo" ] && [ "${ARPCHECK}" != "no" ] && \ + if is_true "$setup_this"; then + if [ "${parent_device}" != "lo" ] && ! is_false "${ARPCHECK}" && \ is_available ${parent_device} && \ ( grep -qswi "up" /sys/class/net/${parent_device}/operstate || grep -qswi "1" /sys/class/net/${parent_device}/carrier ) ; then echo $"Determining if ip address ${IPADDR} is already in use for device ${parent_device}..." @@ -287,7 +287,7 @@ function new_interface () ! is_false "$IPV6INIT" && \ /etc/sysconfig/network-scripts/ifup-ipv6 ${DEVICE} - if [ "$NO_ALIASROUTING" != yes ]; then + if ! is_true "$NO_ALIASROUTING"; then GATEWAYDEV=$network_GATEWAYDEV; @@ -317,7 +317,7 @@ for FILE in ifcfg-${parent_device}:* ; do ini_env . ./$FILE [ -z "$DEVICE" ] && DEVICE=${FILE##ifcfg-} - [ "$ONPARENT" != "no" -a "$ONPARENT" != "NO" ] && new_interface + ! is_false "$ONPARENT" && new_interface unset DEVICE done @@ -347,7 +347,7 @@ for FILE in ifcfg-${parent_device}-range* ; do IPADDR="$ipaddr_prefix.$ipaddr_num" DEVICE="$parent_device:$ipaddr_clonenum" IPV6INIT="no" - [ "$ONPARENT" != "no" -a "$ONPARENT" != "NO" ] && new_interface + ! is_false "$ONPARENT" && new_interface ipaddr_num=$(($ipaddr_num+1)) ipaddr_clonenum=$(($ipaddr_clonenum+1)) done diff --git a/network-scripts/ifup-eth b/network-scripts/ifup-eth index b559b5c4..178b5173 100755 --- a/network-scripts/ifup-eth +++ b/network-scripts/ifup-eth @@ -149,7 +149,7 @@ if [ -n "${TEAM_MASTER}" ] && [ ! "${DEVICETYPE}" = "TeamPort" ] && [ -x ./ifup- fi # slave device? -if [ "${SLAVE}" = yes -a "${ISALIAS}" = no -a "${MASTER}" != "" ]; then +if is_true "${SLAVE}" && is_false "${ISALIAS}" && [ -n "${MASTER}" ]; then install_bonding_driver ${MASTER} grep -wq "${DEVICE}" /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null || { /sbin/ip link set dev ${DEVICE} down @@ -162,7 +162,7 @@ fi # Bonding initialization. For DHCP, we need to enslave the devices early, # so it can actually get an IP. -if [ "$ISALIAS" = no ] && is_bonding_device ${DEVICE} ; then +if is_false "$ISALIAS" && is_bonding_device ${DEVICE}; then install_bonding_driver ${DEVICE} /sbin/ip link set dev ${DEVICE} up for device in $(LANG=C grep -l "^[[:space:]]*MASTER=['\"]\?${DEVICE}['\"]\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-*) ; do @@ -281,7 +281,7 @@ else fi if ! LC_ALL=C ip addr ls ${REALDEVICE} | LC_ALL=C grep -q "${ipaddr[$idx]}/${prefix[$idx]}" ; then - if [ "${REALDEVICE}" != "lo" ] && [ "${arpcheck[$idx]}" != "no" ] ; then + if [ "${REALDEVICE}" != "lo" ] && ! is_false "${arpcheck[$idx]}"; then ARPING=$(/sbin/arping -c 2 -w ${ARPING_WAIT:-3} -D -I ${REALDEVICE} ${ipaddr[$idx]}) if [ $? = 1 ]; then ARPINGMAC=$(echo $ARPING | sed -ne 's/.*\[\(.*\)\].*/\1/p') @@ -312,7 +312,7 @@ else done # Set a default route. - if [ "${DEFROUTE}" != "no" ] && [ -z "${GATEWAYDEV}" -o "${GATEWAYDEV}" = "${REALDEVICE}" ]; then + if ! is_false "${DEFROUTE}" && [ -z "${GATEWAYDEV}" -o "${GATEWAYDEV}" = "${REALDEVICE}" ]; then # set up default gateway. replace if one already exists if [ -n "${GATEWAY}" ] && [ "$(ipcalc --network ${GATEWAY} ${netmask[0]} 2>/dev/null)" = "NETWORK=${NETWORK}" ]; then ip route replace default ${METRIC:+metric $METRIC} \ @@ -331,7 +331,7 @@ else fi # Add Zeroconf route. -if [ -z "${NOZEROCONF}" -a "${ISALIAS}" = "no" -a "${REALDEVICE}" != "lo" ]; then +if [ -z "${NOZEROCONF}" ] && is_false "${ISALIAS}" && [ "${REALDEVICE}" != "lo" ]; then ip route add 169.254.0.0/16 dev ${REALDEVICE} metric $((1000 + $(cat /sys/class/net/${REALDEVICE}/ifindex))) scope link fi diff --git a/network-scripts/ifup-ippp b/network-scripts/ifup-ippp index e1f08a79..b8df7c07 100755 --- a/network-scripts/ifup-ippp +++ b/network-scripts/ifup-ippp @@ -106,16 +106,16 @@ function addprovider() [ -z "$GATEWAY" ] && GATEWAY="0.0.0.0" # set default route - [ "$DEFROUTE" = "yes" ] && options="$options defaultroute deldefaultroute" + is_true "$DEFROUTE" && options="$options defaultroute deldefaultroute" # set authentication _auth=$(echo "$AUTH" | sed 's/[a-z -]*//g') if [ -n "$_auth" ]; then - if [ -z "$USER" -a "$DIALIN" != "on" ]; then + if [ -z "$USER" ] && ! is_true "$DIALIN"; then log_echo " Error: $1 (syncppp) user is not set" return 1 fi - if [ "$DIALIN" != "on" ]; then + if ! is_true "$DIALIN"; then # we should hide the user name, so i add user name to option file. if [ "$AUTH" = "-pap +chap" ]; then create_option_file "name \"$USER\"" @@ -128,7 +128,7 @@ function addprovider() # authentication options: # +pap and/or +chap does not work correct by dialout - remove # them if it's configured as dialout - [ "$DIALIN" = "on" ] || AUTH=$(echo "$AUTH" | sed 's/+[a-z]*//g') + is_true "$DIALIN" || AUTH=$(echo "$AUTH" | sed 's/+[a-z]*//g') fi # add ISDN device @@ -187,7 +187,7 @@ function addprovider() if [ "$IPADDR" = "0.0.0.0" ]; then options="$options ipcp-accept-local" else - if [ "$DIALIN" != "on" ]; then + if ! is_true "$DIALIN"; then options="$options noipdefault" fi fi @@ -195,7 +195,7 @@ function addprovider() options="$options /dev/$DEVICE" # set channel bundling - if [ "$BUNDLING" = "yes" -o "$BUNDLING" = "on" ] && [ -n "$SLAVE_DEVICE" ]; then + if is_true "$BUNDLING" && [ -n "$SLAVE_DEVICE" ]; then [ -z "$SLAVE_MSN" ] && SLAVE_MSN="$MSN" [ -z "$SLAVE_PHONE_OUT" ] && SLAVE_PHONE_OUT="$PHONE_OUT" [ -z "$SLAVE_PHONE_IN" ] && SLAVE_PHONE_IN="$PHONE_IN" @@ -207,7 +207,7 @@ function addprovider() [ -z "$SLAVE_DIALMAX" ] && SLAVE_DIALMAX="$DIALMAX" [ -z "$SLAVE_CALLBACK" ] && SLAVE_CALLBACK="$CALLBACK" [ -z "$SLAVE_CBDELAY" ] && SLAVE_CBDELAY="$CBDELAY" - if [ "$DIALIN" != "on" ] ; then + if ! is_true "$DIALIN"; then [ -z "$SLAVE_DIALMODE" ] && SLAVE_DIALMODE="auto" else # Master should not dial by default on incoming MPPP @@ -258,7 +258,7 @@ function addprovider() fi if [ "$GATEWAY" = "0.0.0.0" ]; then - if [ "$DIALIN" != "on" ]; then + if ! is_true "$DIALIN"; then options="$options ipcp-accept-remote" fi options="$IPADDR:$GATEWAY $options" @@ -268,21 +268,21 @@ function addprovider() # Van Jacobson style TCP/IP header compression and # VJ connection-ID compression - [ "$VJ" = "off" ] && options="$options -vj" - [ "$VJCCOMP" = "off" ] && options="$options -vjccomp" + is_false "$VJ" && options="$options -vj" + is_false "$VJCCOMP" && options="$options -vjccomp" # Address/Control compression, protocol field compression, - [ "$AC" = "off" ] && options="$options -ac" - [ "$PC" = "off" ] && options="$options -pc" + is_false "$AC" && options="$options -ac" + is_false "$PC" && options="$options -pc" # BSD-Compression scheme - if [ "$BSDCOMP" = "on" ] ; then + if is_true "$BSDCOMP"; then options="$options bsdcomp 9,9" else options="$options -bsdcomp" fi # Stac compression - if [ "$LZS" = "on" ] ; then + if is_true "$LZS"; then # supports LZS check mode 3 and 4 [ -n "$LZS_MODE" ] || LZS_MODE="4" [ "$LZS_MODE" = "3" ] && options="$options lzs 1" @@ -294,7 +294,7 @@ function addprovider() [ -n "$MTU" ] && options="$options mtu $MTU" # set CBCP protocoll - if [ "$CBCP" = "on" ] ; then + if is_true "$CBCP"; then if [ -n "$CBCP_MSN" ] ; then # User managed callback options="$options callback $CBCP_MSN" @@ -308,7 +308,7 @@ function addprovider() fi # set CCP protocoll - [ "$CCP" = "off" ] && options="$options noccp" + is_false "$CCP" && options="$options noccp" # set host name [ -n "$ISDN_HOSTNAME" ] && options="$options remotename $ISDN_HOSTNAME" @@ -332,7 +332,7 @@ function addprovider() fi # set debug - [ "$DEBUG" = "yes" ] && options="-d $options" + is_true "$DEBUG" && options="-d $options" # set netmask, if available [ -n "$NETMASK" ] && { @@ -350,15 +350,15 @@ function addprovider() ipppd $options $netmask >/dev/null 2>&1 # start ibod daemon - if [ "$DIALIN" != "on" ]; then - [ "$BUNDLING" = "yes" -o "$BUNDLING" = "on" ] && [ -n "$SLAVE_DEVICE" ] && start_ibod $DEVICE + if ! is_true "$DIALIN"; then + is_true "$BUNDLING" && [ -n "$SLAVE_DEVICE" ] && start_ibod $DEVICE fi fi # set default gateway for dial on demand if [ "$DIALMODE" = "auto" ] ; then echo 1 > /proc/sys/net/ipv4/ip_dynaddr - if [ "$DEFROUTE" = "yes" ] ; then + if is_true "$DEFROUTE" ; then if [ "$GATEWAY" = "0.0.0.0" ]; then ip route replace default ${METRIC:+metric $METRIC} dev ${DEVICE} >/dev/null 2>&1 else diff --git a/network-scripts/ifup-ipv6 b/network-scripts/ifup-ipv6 index ecbe5b79..55762264 100755 --- a/network-scripts/ifup-ipv6 +++ b/network-scripts/ifup-ipv6 @@ -91,7 +91,7 @@ fi ipv6_global_forwarding_current="$(/sbin/sysctl -e -n net.ipv6.conf.all.forwarding)" # Set some proc switches depending on defines -if [ "$IPV6FORWARDING" = "yes" ]; then +if is_true "$IPV6FORWARDING"; then # Global forwarding should be enabled # Check, if global IPv6 forwarding was already set by global script @@ -103,10 +103,10 @@ if [ "$IPV6FORWARDING" = "yes" ]; then ipv6_local_forwarding=1 ipv6_local_auto=0 ipv6_local_accept_ra=0 - if [ "$IPV6_ROUTER" = "no" ]; then + if is_false "$IPV6_ROUTER"; then ipv6_local_forwarding=0 fi - if [ "$IPV6_AUTOCONF" = "yes" ]; then + if is_true "$IPV6_AUTOCONF"; then ipv6_local_auto=1 ipv6_local_accept_ra=2 fi @@ -122,15 +122,15 @@ else ipv6_local_forwarding=0 ipv6_local_auto=1 ipv6_local_accept_ra=1 - if [ "$IPV6_AUTOCONF" = "no" ]; then + if is_false "$IPV6_AUTOCONF"; then ipv6_local_auto=0 - if [ ! "$IPV6_FORCE_ACCEPT_RA" = "yes" ]; then + if ! is_true "$IPV6_FORCE_ACCEPT_RA"; then ipv6_local_accept_ra=0 fi fi fi -if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then +if ! is_false "$IPV6_SET_SYSCTLS"; then /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=$ipv6_local_forwarding >/dev/null 2>&1 /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=$ipv6_local_accept_ra >/dev/null 2>&1 /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=$ipv6_local_auto >/dev/null 2>&1 @@ -151,7 +151,7 @@ fi # Enable IPv6 RFC3041 privacy extensions if desired if [ "$IPV6_PRIVACY" = "rfc3041" ]; then - if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + if ! is_false "$IPV6_SET_SYSCTLS"; then /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.use_tempaddr=2 >/dev/null 2>&1 if [ $? -ne 0 ]; then net_log $"Cannot enable IPv6 privacy method '$IPV6_PRIVACY', not supported by kernel" @@ -172,7 +172,7 @@ if [ -f /etc/sysconfig/static-routes-ipv6 ]; then fi # Setup of 6to4, if configured -if [ "$IPV6TO4INIT" = "yes" ]; then +if is_true "$IPV6TO4INIT"; then valid6to4config="yes" # Test device status of 6to4 tunnel @@ -224,7 +224,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then fi # Setup 6to4 tunnel (hardwired name is "tun6to4"), if config is valid - if [ "$valid6to4config" = "yes" ]; then + if is_true "$valid6to4config"; then # Get MTU of master device ipv4mtu="$(/sbin/ip link show dev $DEVICE | awk '/\/ { print $5 }')" if [ -n "$ipv4mtu" ]; then @@ -281,7 +281,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then /sbin/ip -6 route del ::/96 dev tun6to4 /sbin/ip -6 addr del "::$ipv4addrlocal/128" dev tun6to4 - if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then + if is_true "$IPV6_CONTROL_RADVD"; then # RADVD is in use, so forwarding of IPv6 packets should be enabled, display warning if [ $ipv6_global_forwarding_current -ne 1 ]; then net_log $"Using 6to4 and RADVD IPv6 forwarding usually should be enabled, but it isn't" warning diff --git a/network-scripts/init.ipv6-global b/network-scripts/init.ipv6-global index b20ff72e..0940962d 100755 --- a/network-scripts/init.ipv6-global +++ b/network-scripts/init.ipv6-global @@ -48,19 +48,19 @@ start) # IPv6 test, module loaded, exit if system is not IPv6-ready ipv6_test || exit 1 - if [ "$IPV6FORWARDING" = "yes" ]; then + if is_true "$IPV6FORWARDING"; then ipv6_global_forwarding=1 ipv6_global_auto=0 else ipv6_global_forwarding=0 - if [ "$IPV6_AUTOCONF" = "no" ]; then + if is_false "$IPV6_AUTOCONF"; then ipv6_global_auto=0 else ipv6_global_auto=1 fi fi - if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + if ! is_false "$IPV6_SET_SYSCTLS"; then # Reset IPv6 sysctl switches for "all", "default" and still existing devices for i in /proc/sys/net/ipv6/conf/* ; do interface=${i##*/} @@ -79,7 +79,7 @@ start) # IPv6 test, module loaded, exit if system is not IPv6-ready ipv6_test || exit 1 - if [ "$IPV6_AUTOTUNNEL" = "yes" ]; then + if is_true "$IPV6_AUTOTUNNEL"; then ipv6_enable_autotunnel # autotunnel interface doesn't require a MTU setup fi @@ -103,7 +103,7 @@ start) /sbin/ip route add unreach 3ffe:ffff::/32 # Set default route for autotunnel, if specified - if [ "$IPV6_DEFAULTDEV" = "sit0" -a "$IPV6_AUTOTUNNEL" = "yes" ]; then + if [ "$IPV6_DEFAULTDEV" = "sit0" ] && is_true "$IPV6_AUTOTUNNEL"; then if [ -n "$IPV6_DEFAULTGW" ]; then ipv6_set_default_route $IPV6_DEFAULTGW $IPV6_DEFAULTDEV sit0 elif [ -n "$IPV6_DEFAULTDEV" ]; then @@ -128,7 +128,7 @@ stop) # IPv6 test, no module loaded, exit if system is not IPv6-ready ipv6_test testonly || exit 0 - if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then + if ! is_false "$IPV6_SET_SYSCTLS"; then for i in /proc/sys/net/ipv6/conf/* ; do interface=${i##*/} sinterface=${interface/.//} diff --git a/network-scripts/network-functions b/network-scripts/network-functions index 614ad490..5c6c3265 100644 --- a/network-scripts/network-functions +++ b/network-scripts/network-functions @@ -270,9 +270,9 @@ expand_config () toggle_value () { - if [ "$2" = "yes" -o "$2" = "YES" ] ; then + if is_true "$2"; then echo "$1 on" - elif [ "$2" = "no" -o "$2" = "NO" ] ; then + elif is_false "$2"; then echo "$1 off" else echo '' -- cgit v1.2.1 From 10f09913a177efaf007448c95c8b49dcfdc0a35f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Nykr=C3=BDn?= Date: Thu, 17 Oct 2019 12:34:25 +0200 Subject: network-function: bridges are created by ifup-eth Resolves: rhbz#1404265 --- network-scripts/network-functions | 3 +++ 1 file changed, 3 insertions(+) (limited to 'network-scripts') diff --git a/network-scripts/network-functions b/network-scripts/network-functions index 5c6c3265..99096bd8 100644 --- a/network-scripts/network-functions +++ b/network-scripts/network-functions @@ -158,6 +158,9 @@ source_config () OVS*) DEVICETYPE="ovs" ;; + Bridge) + DEVICETYPE="eth" + ;; esac if [ -n "$HWADDR" ]; then HWADDR=$(tr '[a-z]' '[A-Z]' <<<"$HWADDR") -- cgit v1.2.1 From 28dddb9c38a511276b239bf302830ede554aa420 Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Thu, 5 Mar 2020 16:18:14 +0100 Subject: Use function is_true for testing true conditions --- network-scripts/ifdown | 2 +- network-scripts/ifup | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/ifdown b/network-scripts/ifdown index ec05891d..ceba9bab 100755 --- a/network-scripts/ifdown +++ b/network-scripts/ifdown @@ -47,7 +47,7 @@ then exit 0 fi -if [ "$_use_nm" = "true" ]; then +if is_true "$_use_nm"; then if [ -n "$UUID" -a -z "$DEVICE" ]; then DEVICE=$(nmcli -t --fields uuid,device con show --active | awk -F ':' "\$1 == \"$UUID\" { print \$2 }") fi diff --git a/network-scripts/ifup b/network-scripts/ifup index 9c1380bb..5aac4c9f 100755 --- a/network-scripts/ifup +++ b/network-scripts/ifup @@ -71,7 +71,7 @@ then exit 0 fi -if [ "$_use_nm" = "true" -a -n "$UUID" -a "$REALDEVICE" != "lo" ]; then +if is_true "$_use_nm" && [ -n "$UUID" ] && [ "$REALDEVICE" != "lo" ]; then if [ "foo$2" = "fooboot" ] && [ "${TYPE}" = "Wireless" ]; then exit 0 fi -- cgit v1.2.1 From 4e2400798397ae2567a8cfd824c14ccd41983b08 Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Wed, 29 Jan 2020 12:58:19 +0100 Subject: Wait for scope link addresses as well as for scope global addresses Resolves: rhbz#1773798 --- network-scripts/network-functions-ipv6 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'network-scripts') diff --git a/network-scripts/network-functions-ipv6 b/network-scripts/network-functions-ipv6 index b5b3e939..2f7b19b8 100644 --- a/network-scripts/network-functions-ipv6 +++ b/network-scripts/network-functions-ipv6 @@ -1058,7 +1058,7 @@ ipv6_wait_tentative() { [ "$device" = lo ] && return 0 while [ ${countdown} -gt 0 ]; do - ip_output="$(ip -6 addr show dev ${device} scope global tentative)" + ip_output="$(ip -6 addr show dev ${device} tentative)" if [ -z "$ip_output" ]; then return 0; @@ -1073,11 +1073,11 @@ ipv6_wait_tentative() { countdown=$(($countdown - 1)) done - ip_output="$(ip -6 addr show dev ${device} scope global tentative)" + ip_output="$(ip -6 addr show dev ${device} tentative)" if [ -n "$ip_output" ]; then net_log $"Some IPv6 address(es) of ${device} remain still in 'tentative' state" warning $fn - net_log $"Run 'ip -6 addr show dev ${device} scope global tentative' to see more" warning $fn + net_log $"Run 'ip -6 addr show dev ${device} tentative' to see more" warning $fn fi return 0 -- cgit v1.2.1 From f4d69c8d3f9854a933d8d957d7f4046a8289509a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Allan=20Nordh=C3=B8y?= Date: Tue, 14 Jul 2020 15:42:09 +0200 Subject: Fix spelling, for more info --- network-scripts/network-functions-ipv6 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'network-scripts') diff --git a/network-scripts/network-functions-ipv6 b/network-scripts/network-functions-ipv6 index 2f7b19b8..d1244815 100644 --- a/network-scripts/network-functions-ipv6 +++ b/network-scripts/network-functions-ipv6 @@ -1077,7 +1077,7 @@ ipv6_wait_tentative() { if [ -n "$ip_output" ]; then net_log $"Some IPv6 address(es) of ${device} remain still in 'tentative' state" warning $fn - net_log $"Run 'ip -6 addr show dev ${device} tentative' to see more" warning $fn + net_log $"Run 'ip -6 addr show dev ${device} tentative' for more info" warning $fn fi return 0 -- cgit v1.2.1 From 365fa8c3730c53e81a9bada5b780937750ccb567 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Allan=20Nordh=C3=B8y?= Date: Tue, 14 Jul 2020 15:42:32 +0200 Subject: =?UTF-8?q?Correct=20spelling,=20IP,=20=E2=80=A6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- network-scripts/ifup-aliases | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'network-scripts') diff --git a/network-scripts/ifup-aliases b/network-scripts/ifup-aliases index 8020f407..971ce208 100755 --- a/network-scripts/ifup-aliases +++ b/network-scripts/ifup-aliases @@ -266,7 +266,7 @@ function new_interface () if [ "${parent_device}" != "lo" ] && ! is_false "${ARPCHECK}" && \ is_available ${parent_device} && \ ( grep -qswi "up" /sys/class/net/${parent_device}/operstate || grep -qswi "1" /sys/class/net/${parent_device}/carrier ) ; then - echo $"Determining if ip address ${IPADDR} is already in use for device ${parent_device}..." + echo $"Determining if IP address ${IPADDR} is already in use for device ${parent_device}…" ARPING=$(/sbin/arping -c 2 -w ${ARPING_WAIT:-3} -D -I ${parent_device} ${IPADDR}) if [ $? = 1 ]; then ARPINGMAC=$(echo $ARPING | sed -ne 's/.*\[\(.*\)\].*/\1/p') -- cgit v1.2.1 From 905497da1838e5d7b35d6a0daf6c241c47d59323 Mon Sep 17 00:00:00 2001 From: zhangnaru0605 <67086371+zhangnaru0605@users.noreply.github.com> Date: Tue, 14 Jul 2020 21:43:15 +0800 Subject: Maintain permisision to set umask set umask in case resolv.conf doesn't exist --- network-scripts/network-functions | 3 +++ 1 file changed, 3 insertions(+) (limited to 'network-scripts') diff --git a/network-scripts/network-functions b/network-scripts/network-functions index 99096bd8..332115b8 100644 --- a/network-scripts/network-functions +++ b/network-scripts/network-functions @@ -622,6 +622,8 @@ is_bonding_device () # Invoke this when /etc/resolv.conf has changed: change_resolv_conf () { + oldumask=$(umask) + umask 022 s=$(/bin/grep '^[\ \ ]*option' /etc/resolv.conf 2>/dev/null) if [ $# -gt 1 ]; then if [ "x$s" != "x" ]; then @@ -657,6 +659,7 @@ change_resolv_conf () /usr/bin/logger -p local7.notice -t "NET" -i "$0 : updated /etc/resolv.conf" [ -e /run/nscd/socket ] && /usr/sbin/nscd -i hosts # invalidate cache fi + umask "$oldumask" return $r } -- cgit v1.2.1