diff options
author | Manuel Munz <freifunk@somakoma.de> | 2013-06-02 23:53:23 +0000 |
---|---|---|
committer | Manuel Munz <freifunk@somakoma.de> | 2013-06-02 23:53:23 +0000 |
commit | 7c9e0484e9842bb9b0e7a63a0a0857cc3d59bb21 (patch) | |
tree | fd95e451483551ae5589df3988d4f64225bdc7a8 | |
parent | a1bd60ef6ee775b8bb12fb1db61ae792b41e9d86 (diff) |
contrib/freifunk-policyrouting: Make it work with firewall3 and make use of the new ip rule support in /etc/config/network
3 files changed, 58 insertions, 57 deletions
diff --git a/contrib/package/freifunk-policyrouting/Makefile b/contrib/package/freifunk-policyrouting/Makefile index 1145bf377..a5f576e98 100644 --- a/contrib/package/freifunk-policyrouting/Makefile +++ b/contrib/package/freifunk-policyrouting/Makefile @@ -4,7 +4,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=freifunk-policyrouting -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) diff --git a/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting b/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting index 5c4eb38e9..327e8793b 100644 --- a/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting +++ b/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting @@ -9,9 +9,9 @@ proto="4" config_load freifunk-policyrouting config_get enable pr enable config_get fallback pr fallback +config_get strict pr strict config_get zones pr zones - if [ "$ACTION" = "ifup" ] && [ "$enable" = "1" ]; then network_get_subnet net $INTERFACE network_get_subnet6 net6 $INTERFACE @@ -54,6 +54,9 @@ if [ "$ACTION" = "ifup" ] && [ "$enable" = "1" ]; then for p in $proto; do if [ ! "$(ip -$p ru s | grep "from all iif $dev lookup olsr-default")" ]; then ip -$p rule add dev "$dev" lookup olsr-default prio 20000 + if [ "$strict" != 0 ]; then + ip -$p rule add dev "$dev" unreachable prio 20001 + fi if [ "$?" = 0 ]; then logger -s -t policyrouting "Use mesh gateway for interface $dev (IPv$p)" if [ -z "$(uci -P /var/state get freifunk-policyrouting.${INTERFACE})" ]; then @@ -87,6 +90,7 @@ if [ "$ACTION" = "ifdown" ]; then for p in $proto; do if [ "$(ip -$p ru s | grep "from all iif $dev lookup olsr-default")" ]; then ip -$p rule del dev "$dev" lookup olsr-default prio 20000 + ip -$p rule del dev "$dev" unreachable prio 20001 if [ "$?" = 0 ]; then logger -s -t policyrouting "Remove rule: dev "$dev" lookup olsr-default prio 20000 (IPv$p)" else diff --git a/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting b/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting index f31821a24..df98c982b 100755 --- a/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting +++ b/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting @@ -26,11 +26,10 @@ olsrd_intalltables() { uci set olsrd.@olsrd[0].RtTable='111' uci set olsrd.@olsrd[0].RtTableDefault='112' uci commit olsrd - /etc/init.d/olsrd restart + /etc/init.d/olsrd restart 2&> /dev/null fi } - rt_tables() { tables="/etc/iproute2/rt_tables" if [ -z "`grep "110" $tables`" ]; then @@ -60,20 +59,52 @@ disable_dyngw() { } restart_services() { - wifi - /etc/init.d/network restart - /etc/init.d/olsrd restart + logger -s -t policyrouting -p info "Restarting services" + /etc/init.d/network restart 2&> /dev/null + /etc/init.d/olsrd restart 2&> /dev/null } boot() { if [ "$enable" = "1" ]; then [ -d /var/state ] || mkdir -p /var/state touch /var/state/freifunk-policyrouting - start + start noservicerestart else olsrd_rmtables fi } + +add_lookup_rule() { + name=${1/-/_} + lookup=$2 + prio=$3 + + if [ -z "$name" -o -z "$lookup" -o -z "$prio" ]; then + logger -s -t policyrouting "Missing parameters for add_rule!" + else + for p in $proto; do + if [ "$p" = "6" ]; then + rule="rule6" + else + rule="rule" + fi + + uci batch <<- EOF + set network.${name}ipv${p}="$rule" + set network.${name}ipv${p}.lookup="$lookup" + set network.${name}ipv${p}.priority="$prio" + EOF + done + fi +} + +del_lookup_rule() { + name=${1/-/_} + for p in $proto; do + uci -q delete network.${name}ipv${p} + done +} + start() { if [ $enable = "1" ]; then logger -s -t policyrouting "Starting policy routing." @@ -81,58 +112,26 @@ start() { olsrd_intalltables disable_dyngw - for p in $proto; do - if [ ! "$(ip -$p ru s | grep "1000: from all lookup olsr")" ]; then - ip -$p rule add lookup olsr prio 1000 - # add table for routes to local networks - ip -$p rule add lookup localnets prio 2000 - - if [ "$?" = "0" ]; then - logger -s -t policyrouting "Added rule: lookup olsr prio 1000 (IPv$p)" - else - logger -s -t policyrouting "Error! Could not add rule: lookup olsr prio 1000 (IPv$p)" - fi - fi - done - - # add unreachable with high metric so packets stop here if they find no gateway - # in table olsr-default - if [ "$strict" != 0 ]; then - for p in $proto; do - [ ! "$(ip -$p r s t olsr-default |grep "unreachable default")" ] && { - ip -$p route add unreachable default table olsr-default metric 65535 - if [ "$?" = "0" ]; then - logger -s -t policyrouting "Added route: unreachable default table olsr-default metric 65535 (IPv$p)" - else - logger -s -t policyrouting "Error! Could not add route: unreachable default table olsr-default metric 65535 (IPv$p)" - fi - } - done + add_lookup_rule olsr olsr 1000 + add_lookup_rule localnets localnets 2000 - fi if [ "$fallback" = 1 ]; then - for p in $proto; do - [ ! "$(ip -$p ru s |grep "from all lookup olsr-default")" ] && { - ip -$p rule add lookup olsr-default prio 33000 - if [ "$?" = "0" ]; then - logger -s -t policyrouting "Added rule: olsr-default prio 33000 (IPv$p)" - else - logger -s -t policyrouting "Error! Could not add rule: olsr-default prio 33000 (IPv$p)" - fi - } - done + add_lookup_rule olsr-default olsr-default 33000 fi fi + uci commit network + if [ ! "$1" = "noservicerestart" ]; then + restart_services + fi } stop() { logger -s -t policyrouting "Stopping policy routing" olsrd_rmtables - for p in $proto; do - ip -$p route flush table olsr-default - ip -$p rule del lookup olsr-default > /dev/null 2>&1 - ip -$p rule del lookup olsr > /dev/null 2>&1 - done + del_lookup_rule olsr-default + del_lookup_rule olsr + del_lookup_rule localnets + uci commit network restart_services echo "Hint: To completely disable freifunk-policyrouting set enable=0 in /etc/config/freifunk-policyrouting." } @@ -140,11 +139,9 @@ stop() { restart() { logger -s -t policyrouting "Restarting policy routing" olsrd_rmtables - for p in $proto; do - ip -$p route flush table olsr-default - ip -$p rule del lookup olsr-default > /dev/null 2>&1 - ip -$p rule del lookup olsr > /dev/null 2>&1 - done + del_lookup_rule olsr-default + del_lookup_rule olsr + del_lookup_rule localnets + uci commit network start - restart_services } |