* [gentoo-dev] init.d net scripts & Bash wierdness - idiot in distress
@ 2003-03-22 21:35 99% Stroller
0 siblings, 0 replies; 1+ results
From: Stroller @ 2003-03-22 21:35 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: text/plain, Size: 3004 bytes --]
I'm hoping someone can take a look at the attached scripts & give me
some pointers, becuase I'm clearly doing something extremely dumb.
I'm trying to run a transparent bridge for my home network, much as
discussed in the FAQs & tutorials at
http://www.sparkle-cc.co.uk/firewall/firewall.html &
http://www.tldp.org/HOWTO/Ethernet-Bridge-netfilter-HOWTO.html
I thought I'd be clever & elegant & create a new runlevel for this, so
that my /etc/init.d/net.br0 script is started instead of eth0 & eth1.
It's largely working very well & I've been very impressed by Gentoo's
run-levels system.
I initially implemented this with a very simple script in which all
variables, IPs & interface names are static. This is attached as
net.br0.old - if I copy this to /etc/init.d/net.br0 everything works
perfectly. All I do is type `rc bridge` and all the other services
shutdown before eth0 & eth1 do, then nothing happens for a moment & then
my bridge device finishes initialising and up everything comes again.
I then decided to be "clever" and edit a copy of the
/etc/init.d/net.eth0 script, and so my new net.br0 (or net.br1 or
whatever) script takes the name of it's ${IFACE} from its own filename &
gets it's other parameters from /etc/config.d/net.br0 (or br1 &c).
Unfortunately, for some reason my new script doesn't seem to read the
gateway="br0/192.168.1.1" line from the config.d file, and I can't work
out why not. If I use my dumb script the gateway is allocated correctly,
but not when I try to read parameters from file.
You can see where I've tried `echo "foo"` and `echo "wibble"` for
debugging purposes. When I use this script as /etc/init.d/net.br0 & type
`rc bridge` the "foo" & "bar" are displayed, but not the "wibble".
Clearly the `if [ -n "${gateway}" ]...` line is not being returning
true; yet I do not understand why, as my script seems to be just the
same as the standard net.eth0 script in this respect, and my config file
(also attached) seems the same.
If anyone can explain what I'm doing wrong, I would be eternally
grateful.
Whilst I have your attention, I would also ideally like to have a list
of physical interfaces to be included in the config file. I think the
startup file would need a while loop to read them, as the bridge
interface can bridge any number of physical interfaces, as long as there
are at least 2 of them. Then the startup script needs to perform a
couple of loops through, ifconfig'ing each physical interface to IP
0.0.0.0 before adding it to the bridge device using the `brtcl add ...`
command.
I would guess that the list of physical devices might be stored in an
array, or read from a list, but I am completely inexperienced at Bash
scripting, so have no idea how to implement this. I found the Advanced
Bash Scripting Guide a bit too advanced for me - can anyone recommend an
alternative..? Is the O'Reilly Bash in a Nutshell any good..? I usually
like their books.
I do hope I've explained myself clearly,
Thanks for any pointers,
Stroller.
[-- Attachment #2: net.br0.old --]
[-- Type: application/octet-stream, Size: 908 bytes --]
#!/sbin/runscript
# Joe Stroller's bridge init.d script
depend() {
use pcmcia # I think it rather unlikely, but this maintains
# standard with net.eth0 &c
}
start() {
ebegin "Bringing bridge br0 up"
# set their IP addresses to null to prevent interference with bridge
ifconfig eth0 0.0.0.0
ifconfig eth1 0.0.0.0
# create a bridge and assign the Ethernet interfaces to it
brctl addbr br0
brctl addif br0 eth0
brctl addif br0 eth1
# finally bring the bridge up
ifconfig br0 192.168.1.43 broadcast 192.168.1.255 netmask 255.255.255.0
/sbin/route add -net default gw 192.168.1.1 netmask 0.0.0.0 metric 1
}
stop() {
ebegin "Bringing bridge down"
brctl delif br0 eth0
brctl delif br0 eth1
# bring the bridge down
ifconfig br0 down
# Bring interfaces down
ifconfig eth0 down
ifconfig eth1 down
brctl delbr br0
# this seems to free all interfaces
}
[-- Attachment #3: net.br0 --]
[-- Type: application/octet-stream, Size: 4311 bytes --]
#!/sbin/runscript
# Joe Stroller's bridge init.d script
# Config should be something like /etc/conf.d/net.br0
# For pcmcia users. note that pcmcia must be added to the same
# runlevel as the net.* script that needs it.
depend() {
use pcmcia
}
checkconfig() {
if [ ! -x "$(which brctl)" ]
then
eerror "It might help if you emerged bridge-utils. I hope you /
remembered to patch your kernel."
return 1
fi
}
start() {
checkconfig || return 1
local iface_args="$(eval echo \$\{iface_${IFACE}\})"
local retval=0
ebegin "Bringing ${IFACE} up"
# we allocate IP address to br0 virtual iface, not to physical eth0/1
ifconfig eth0 0.0.0.0
ifconfig eth1 0.0.0.0
# create a bridge and assign the Ethernet interfaces to it
brctl addbr ${IFACE}
brctl addif ${IFACE} eth0
brctl addif ${IFACE} eth1
# finally bring the bridge up
/sbin/ifconfig ${IFACE} ${iface_args} >/dev/null || {
retval=$?
eend ${retval} "Failed to bring ${IFACE} up"
return ${retval}
}
# Might have to remove this next bit
# - it probably needs to wait 30 seconds before testing
echo "foo"
# ifconfig do not always return failure ..
/sbin/ifconfig ${IFACE} &> /dev/null || {
retval=$?
eend ${retval} "Failed to bring ${IFACE} up"
return ${retval}
}
eend 0
# I'm really not sure if we want aliases on our bridge,
# so I'm just leaving this here for the moment.
#
if [ -n "$(eval echo \$\{alias_${IFACE}\})" ]
then
local x=""
local num=0
local aliasbcast=""
local aliasnmask=""
ebegin " Adding aliases"
for x in $(eval echo \$\{alias_${IFACE}\})
do
aliasbcast="$(eval echo \$\{broadcast_${IFACE}\} \| awk \'\{ print \$$((num + 1)) \}\')"
if [ -n "${aliasbcast}" ]
then
aliasbcast="broadcast ${aliasbcast}"
fi
aliasnmask="$(eval echo \$\{netmask_${IFACE}\} \| awk \'\{ print \$$((num + 1)) \}\')"
if [ -n "${aliasnmask}" ]
then
aliasnmask="netmask ${aliasnmask}"
fi
ebegin " ${IFACE}:${num}"
/sbin/ifconfig ${IFACE}:${num} ${x} \
${aliasbcast} ${aliasnmask} >/dev/null
num=$((num + 1))
eend 0
done
save_options "alias" "$(eval echo \$\{alias_${IFACE}\})"
fi
# I don't need IP v6 right now, so i'm disabling it.
#
# if [ -n "$(eval echo \$\{inet6_${IFACE}\})" ]
# then
# local x=""
# ebegin " Adding inet6 addresses"
# for x in $(eval echo \$\{inet6_${IFACE}\})
# do
# ebegin " ${IFACE} inet6 add ${x}"
# /sbin/ifconfig ${IFACE} inet6 add ${x} >/dev/null
# eend 0
# done
# save_options "inet6" "$(eval echo \$\{inet6_${IFACE}\})"
# fi
echo "bar"
if [ -n "${gateway}" ] && [ "${gateway%/*}" = "${IFACE}" ]
then
echo "wibble"
ebegin " Setting default gateway"
/sbin/route add default gw ${gateway#*/} dev ${gateway%/*} \
netmask 0.0.0.0 metric 1 >/dev/null || {
local error=$?
ifconfig ${IFACE} down &>/dev/null
eend ${error} "Failed to bring ${IFACE} up"
stop
return ${error}
}
eend 0
fi
# Enabling rp_filter causes wacky packets to be auto-dropped by
# the kernel
if [ -e /proc/sys/net/ipv4/conf/${IFACE}/rp_filter ]
then
echo 1 > /proc/sys/net/ipv4/conf/${IFACE}/rp_filter
fi
}
stop() {
local myalias="$(get_options alias)"
ebegin "Bringing ${IFACE} down"
# # Also down the inet6 interfaces
# local myinet6="$(get_options inet6)"
# if [ -n "${myinet6}" ]
# then
# local x=""
# for x in ${myinet6}
# do
# /sbin/ifconfig ${IFACE} inet6 del ${x} >/dev/null
# done
# fi
# Do some cleanup in case the amount of aliases change
if [ -n "${myalias}" ]
then
local x=""
local num=0
for x in ${myalias}
do
/sbin/ifconfig ${IFACE}:${num} down >/dev/null
num=$((num + 1))
done
fi
# Remove physical interface from bridge virtual interface
brctl delif ${IFACE} eth0
brctl delif ${IFACE} eth1
# Actually bring the bridge down
/sbin/ifconfig ${IFACE} down >/dev/null
# Bring interfaces down to be tidy
ifconfig eth0 down
ifconfig eth1 down
brctl delbr ${IFACE}
# this seems to free all interfaces
eend 0
}
[-- Attachment #4: conf.d-net.br0 --]
[-- Type: application/octet-stream, Size: 270 bytes --]
# /etc/conf.d/net:
# Global config file for net.* rc-scripts
# This is basically the ifconfig argument without the ifconfig $iface #
iface_br0="192.168.1.43 broadcast 192.168.1.255 netmask 255.255.255.0"
# For setting the default gateway
#
gateway="br0/192.168.1.1"
[-- Attachment #5: Type: text/plain, Size: 37 bytes --]
--
gentoo-dev@gentoo.org mailing list
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2003-03-22 21:35 99% [gentoo-dev] init.d net scripts & Bash wierdness - idiot in distress Stroller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox