public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download: 
* [gentoo-dev] init.d net scripts & Bash wierdness - idiot in distress
@ 2003-03-22 21:35 99% Stroller
  0 siblings, 0 replies; 1+ results
From: Stroller @ 2003-03-22 21:35 UTC (permalink / raw
  To: gentoo-dev

[-- Attachment #1: Type: text/plain, Size: 3004 bytes --]

I'm hoping someone can take a look at the attached scripts & give me
some pointers, becuase I'm clearly doing something extremely dumb.

I'm trying to run a transparent bridge for my home network, much as
discussed in the FAQs & tutorials at
http://www.sparkle-cc.co.uk/firewall/firewall.html &
http://www.tldp.org/HOWTO/Ethernet-Bridge-netfilter-HOWTO.html

I thought I'd be clever & elegant & create a new runlevel for this, so
that my /etc/init.d/net.br0 script is started instead of eth0 & eth1.
It's largely working very well & I've been very impressed by Gentoo's
run-levels system.

I initially implemented this with a very simple script in which all
variables, IPs & interface names are static. This is attached as
net.br0.old - if I copy this to /etc/init.d/net.br0 everything works
perfectly.  All I do is type `rc bridge` and all the other services
shutdown before eth0 & eth1 do, then nothing happens for a moment & then
my bridge device finishes initialising and up everything comes again.

I then decided to be "clever" and edit a copy of the
/etc/init.d/net.eth0 script, and so my new net.br0 (or net.br1 or
whatever) script takes the name of it's ${IFACE} from its own filename &
gets it's other parameters from /etc/config.d/net.br0 (or br1 &c).

Unfortunately, for some reason my new script doesn't seem to read the
gateway="br0/192.168.1.1" line from the config.d file, and I can't work
out why not. If I use my dumb script the gateway is allocated correctly,
but not when I try to read parameters from file.

You can see where I've tried `echo "foo"` and `echo "wibble"` for
debugging purposes. When I use this script as /etc/init.d/net.br0 & type
`rc bridge` the "foo" & "bar" are displayed, but not the "wibble".
Clearly the `if [ -n "${gateway}" ]...` line is not being returning
true; yet I do not understand why, as my script seems to be just the
same as the standard net.eth0 script in this respect, and my config file
(also attached) seems the same.

If anyone can explain what I'm doing wrong, I would be eternally
grateful.

Whilst I have your attention, I would also ideally like to have a list
of physical interfaces to be included in the config file. I think the
startup file would need a while loop to read them, as the bridge
interface can bridge any number of physical interfaces, as long as there
are at least 2 of them. Then the startup script needs to perform a
couple of loops through, ifconfig'ing each physical interface to IP
0.0.0.0 before adding it to the bridge device using the `brtcl add ...`
command.

I would guess that the list of physical devices might be stored in an
array, or read from a list, but I am completely inexperienced at Bash
scripting, so have no idea how to implement this. I found the Advanced
Bash Scripting Guide a bit too advanced for me - can anyone recommend an
alternative..? Is the O'Reilly Bash in a Nutshell any good..? I usually
like their books.

I do hope I've explained myself clearly,
Thanks for any pointers,

Stroller.



[-- Attachment #2: net.br0.old --]
[-- Type: application/octet-stream, Size: 908 bytes --]

#!/sbin/runscript

# Joe Stroller's bridge init.d script

depend() {
        use pcmcia	# I think it rather unlikely, but this maintains
			# standard with net.eth0 &c
}

start() {

	ebegin "Bringing bridge br0 up"

	# set their IP addresses to null to prevent interference with bridge
	ifconfig eth0 0.0.0.0
	ifconfig eth1 0.0.0.0

	# create a bridge and assign the Ethernet interfaces to it
	brctl addbr br0

	brctl addif br0 eth0
	brctl addif br0 eth1

	# finally bring the bridge up
	ifconfig br0 192.168.1.43 broadcast 192.168.1.255 netmask 255.255.255.0
	/sbin/route add -net default gw 192.168.1.1 netmask 0.0.0.0 metric 1
}

stop() {
	ebegin "Bringing bridge down"

	brctl delif br0 eth0
        brctl delif br0 eth1

	# bring the bridge down
	ifconfig br0 down

	# Bring interfaces down
        ifconfig eth0 down
        ifconfig eth1 down

	brctl delbr br0
	# this seems to free all interfaces

}

[-- Attachment #3: net.br0 --]
[-- Type: application/octet-stream, Size: 4311 bytes --]

#!/sbin/runscript

# Joe Stroller's bridge init.d script
# Config should be something like /etc/conf.d/net.br0


# For pcmcia users. note that pcmcia must be added to the same
# runlevel as the net.* script that needs it.
depend() {
	use pcmcia
}

checkconfig() {

        if [ ! -x "$(which brctl)" ]
        then
        eerror "It might help if you emerged bridge-utils. I hope you /
remembered to patch your kernel."
                return 1
        fi
}

start() {
	checkconfig || return 1
	local iface_args="$(eval echo \$\{iface_${IFACE}\})"
	local retval=0

	ebegin "Bringing ${IFACE} up"

	# we allocate IP address to br0 virtual iface, not to physical eth0/1
        ifconfig eth0 0.0.0.0
        ifconfig eth1 0.0.0.0

	# create a bridge and assign the Ethernet interfaces to it
        brctl addbr ${IFACE}

        brctl addif ${IFACE} eth0
        brctl addif ${IFACE} eth1

	# finally bring the bridge up
	/sbin/ifconfig ${IFACE} ${iface_args} >/dev/null || {
		retval=$?
		eend ${retval} "Failed to bring ${IFACE} up"
		return ${retval}
	}
	
# Might have to remove this next bit
# - it probably needs to wait 30 seconds before testing

echo "foo"

	# ifconfig do not always return failure ..
	/sbin/ifconfig ${IFACE} &> /dev/null || {
		retval=$?
		eend ${retval} "Failed to bring ${IFACE} up"
		return ${retval}
	}

	eend 0

# I'm really not sure if we want aliases on our bridge,
# so I'm just leaving this here for the moment.
#
	if [ -n "$(eval echo \$\{alias_${IFACE}\})" ]
	then
		local x=""
		local num=0
		local aliasbcast=""
		local aliasnmask=""

		ebegin "  Adding aliases"
		for x in $(eval echo \$\{alias_${IFACE}\})
		do
			aliasbcast="$(eval echo \$\{broadcast_${IFACE}\} \| awk \'\{ print \$$((num + 1)) \}\')"
			if [ -n "${aliasbcast}" ]
			then
				aliasbcast="broadcast ${aliasbcast}"
			fi

			aliasnmask="$(eval echo \$\{netmask_${IFACE}\} \| awk \'\{ print \$$((num + 1)) \}\')"
			if [ -n "${aliasnmask}" ]
			then
				aliasnmask="netmask ${aliasnmask}"
			fi
		
			ebegin "    ${IFACE}:${num}"
			/sbin/ifconfig ${IFACE}:${num} ${x} \
				${aliasbcast} ${aliasnmask} >/dev/null
			num=$((num + 1))
			eend 0
		done
		save_options "alias" "$(eval echo \$\{alias_${IFACE}\})"
	fi

# I don't need IP v6 right now, so i'm disabling it.
#
#	if [ -n "$(eval echo \$\{inet6_${IFACE}\})" ]
#	then
#		local x=""
#		ebegin "  Adding inet6 addresses"
#		for x in $(eval echo \$\{inet6_${IFACE}\})
#		do
#			ebegin "    ${IFACE} inet6 add ${x}"
#			/sbin/ifconfig ${IFACE} inet6 add ${x} >/dev/null
#			eend 0
#		done
#		save_options "inet6" "$(eval echo \$\{inet6_${IFACE}\})"
#	fi
	
echo "bar"

if [ -n "${gateway}" ] && [ "${gateway%/*}" = "${IFACE}" ]
        then
echo "wibble"
                ebegin "  Setting default gateway"
                /sbin/route add default gw ${gateway#*/} dev ${gateway%/*} \
                        netmask 0.0.0.0 metric 1 >/dev/null || {
                        
                        local error=$?
                        ifconfig ${IFACE} down &>/dev/null
                        eend ${error} "Failed to bring ${IFACE} up"
                        stop
                        return ${error}
                }
                eend 0
        fi

	# Enabling rp_filter causes wacky packets to be auto-dropped by
	# the kernel
	if [ -e /proc/sys/net/ipv4/conf/${IFACE}/rp_filter ]
	then
		echo 1 > /proc/sys/net/ipv4/conf/${IFACE}/rp_filter
	fi
}

stop() {
	local myalias="$(get_options alias)"
	ebegin "Bringing ${IFACE} down"

#	# Also down the inet6 interfaces
#	local myinet6="$(get_options inet6)"
#	if [ -n "${myinet6}" ]
#	then
#		local x=""
#		for x in ${myinet6}
#		do
#			/sbin/ifconfig ${IFACE} inet6 del ${x} >/dev/null
#		done
#	fi
	
	# Do some cleanup in case the amount of aliases change
	if [ -n "${myalias}" ]
	then
		local x=""
		local num=0
		for x in ${myalias}
		do
			/sbin/ifconfig ${IFACE}:${num} down >/dev/null
			num=$((num + 1))
		done
	fi

	# Remove physical interface from bridge virtual interface
	brctl delif ${IFACE} eth0
        brctl delif ${IFACE} eth1

	# Actually bring the bridge down
	/sbin/ifconfig ${IFACE} down >/dev/null

	# Bring interfaces down to be tidy
        ifconfig eth0 down
        ifconfig eth1 down

        brctl delbr ${IFACE}
        # this seems to free all interfaces

	eend 0
}

[-- Attachment #4: conf.d-net.br0 --]
[-- Type: application/octet-stream, Size: 270 bytes --]

# /etc/conf.d/net:

# Global config file for net.* rc-scripts

# This is basically the ifconfig argument without the ifconfig $iface #

iface_br0="192.168.1.43 broadcast 192.168.1.255 netmask 255.255.255.0"

# For setting the default gateway
#
gateway="br0/192.168.1.1"

[-- Attachment #5: Type: text/plain, Size: 37 bytes --]

--
gentoo-dev@gentoo.org mailing list

^ permalink raw reply	[relevance 99%]

Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2003-03-22 21:35 99% [gentoo-dev] init.d net scripts & Bash wierdness - idiot in distress Stroller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox