summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorManuel Munz <freifunk@somakoma.de>2013-06-02 23:53:23 +0000
committerManuel Munz <freifunk@somakoma.de>2013-06-02 23:53:23 +0000
commit7c9e0484e9842bb9b0e7a63a0a0857cc3d59bb21 (patch)
treefd95e451483551ae5589df3988d4f64225bdc7a8
parenta1bd60ef6ee775b8bb12fb1db61ae792b41e9d86 (diff)
contrib/freifunk-policyrouting: Make it work with firewall3 and make use of the new ip rule support in /etc/config/network
-rw-r--r--contrib/package/freifunk-policyrouting/Makefile2
-rw-r--r--contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting6
-rwxr-xr-xcontrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting107
3 files changed, 58 insertions, 57 deletions
diff --git a/contrib/package/freifunk-policyrouting/Makefile b/contrib/package/freifunk-policyrouting/Makefile
index 1145bf377..a5f576e98 100644
--- a/contrib/package/freifunk-policyrouting/Makefile
+++ b/contrib/package/freifunk-policyrouting/Makefile
@@ -4,7 +4,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=freifunk-policyrouting
-PKG_RELEASE:=3
+PKG_RELEASE:=4
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)
diff --git a/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting b/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting
index 5c4eb38e9..327e8793b 100644
--- a/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting
+++ b/contrib/package/freifunk-policyrouting/files/etc/hotplug.d/iface/30-policyrouting
@@ -9,9 +9,9 @@ proto="4"
config_load freifunk-policyrouting
config_get enable pr enable
config_get fallback pr fallback
+config_get strict pr strict
config_get zones pr zones
-
if [ "$ACTION" = "ifup" ] && [ "$enable" = "1" ]; then
network_get_subnet net $INTERFACE
network_get_subnet6 net6 $INTERFACE
@@ -54,6 +54,9 @@ if [ "$ACTION" = "ifup" ] && [ "$enable" = "1" ]; then
for p in $proto; do
if [ ! "$(ip -$p ru s | grep "from all iif $dev lookup olsr-default")" ]; then
ip -$p rule add dev "$dev" lookup olsr-default prio 20000
+ if [ "$strict" != 0 ]; then
+ ip -$p rule add dev "$dev" unreachable prio 20001
+ fi
if [ "$?" = 0 ]; then
logger -s -t policyrouting "Use mesh gateway for interface $dev (IPv$p)"
if [ -z "$(uci -P /var/state get freifunk-policyrouting.${INTERFACE})" ]; then
@@ -87,6 +90,7 @@ if [ "$ACTION" = "ifdown" ]; then
for p in $proto; do
if [ "$(ip -$p ru s | grep "from all iif $dev lookup olsr-default")" ]; then
ip -$p rule del dev "$dev" lookup olsr-default prio 20000
+ ip -$p rule del dev "$dev" unreachable prio 20001
if [ "$?" = 0 ]; then
logger -s -t policyrouting "Remove rule: dev "$dev" lookup olsr-default prio 20000 (IPv$p)"
else
diff --git a/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting b/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting
index f31821a24..df98c982b 100755
--- a/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting
+++ b/contrib/package/freifunk-policyrouting/files/etc/init.d/freifunk-policyrouting
@@ -26,11 +26,10 @@ olsrd_intalltables() {
uci set olsrd.@olsrd[0].RtTable='111'
uci set olsrd.@olsrd[0].RtTableDefault='112'
uci commit olsrd
- /etc/init.d/olsrd restart
+ /etc/init.d/olsrd restart 2&> /dev/null
fi
}
-
rt_tables() {
tables="/etc/iproute2/rt_tables"
if [ -z "`grep "110" $tables`" ]; then
@@ -60,20 +59,52 @@ disable_dyngw() {
}
restart_services() {
- wifi
- /etc/init.d/network restart
- /etc/init.d/olsrd restart
+ logger -s -t policyrouting -p info "Restarting services"
+ /etc/init.d/network restart 2&> /dev/null
+ /etc/init.d/olsrd restart 2&> /dev/null
}
boot() {
if [ "$enable" = "1" ]; then
[ -d /var/state ] || mkdir -p /var/state
touch /var/state/freifunk-policyrouting
- start
+ start noservicerestart
else
olsrd_rmtables
fi
}
+
+add_lookup_rule() {
+ name=${1/-/_}
+ lookup=$2
+ prio=$3
+
+ if [ -z "$name" -o -z "$lookup" -o -z "$prio" ]; then
+ logger -s -t policyrouting "Missing parameters for add_rule!"
+ else
+ for p in $proto; do
+ if [ "$p" = "6" ]; then
+ rule="rule6"
+ else
+ rule="rule"
+ fi
+
+ uci batch <<- EOF
+ set network.${name}ipv${p}="$rule"
+ set network.${name}ipv${p}.lookup="$lookup"
+ set network.${name}ipv${p}.priority="$prio"
+ EOF
+ done
+ fi
+}
+
+del_lookup_rule() {
+ name=${1/-/_}
+ for p in $proto; do
+ uci -q delete network.${name}ipv${p}
+ done
+}
+
start() {
if [ $enable = "1" ]; then
logger -s -t policyrouting "Starting policy routing."
@@ -81,58 +112,26 @@ start() {
olsrd_intalltables
disable_dyngw
- for p in $proto; do
- if [ ! "$(ip -$p ru s | grep "1000: from all lookup olsr")" ]; then
- ip -$p rule add lookup olsr prio 1000
- # add table for routes to local networks
- ip -$p rule add lookup localnets prio 2000
-
- if [ "$?" = "0" ]; then
- logger -s -t policyrouting "Added rule: lookup olsr prio 1000 (IPv$p)"
- else
- logger -s -t policyrouting "Error! Could not add rule: lookup olsr prio 1000 (IPv$p)"
- fi
- fi
- done
-
- # add unreachable with high metric so packets stop here if they find no gateway
- # in table olsr-default
- if [ "$strict" != 0 ]; then
- for p in $proto; do
- [ ! "$(ip -$p r s t olsr-default |grep "unreachable default")" ] && {
- ip -$p route add unreachable default table olsr-default metric 65535
- if [ "$?" = "0" ]; then
- logger -s -t policyrouting "Added route: unreachable default table olsr-default metric 65535 (IPv$p)"
- else
- logger -s -t policyrouting "Error! Could not add route: unreachable default table olsr-default metric 65535 (IPv$p)"
- fi
- }
- done
+ add_lookup_rule olsr olsr 1000
+ add_lookup_rule localnets localnets 2000
- fi
if [ "$fallback" = 1 ]; then
- for p in $proto; do
- [ ! "$(ip -$p ru s |grep "from all lookup olsr-default")" ] && {
- ip -$p rule add lookup olsr-default prio 33000
- if [ "$?" = "0" ]; then
- logger -s -t policyrouting "Added rule: olsr-default prio 33000 (IPv$p)"
- else
- logger -s -t policyrouting "Error! Could not add rule: olsr-default prio 33000 (IPv$p)"
- fi
- }
- done
+ add_lookup_rule olsr-default olsr-default 33000
fi
fi
+ uci commit network
+ if [ ! "$1" = "noservicerestart" ]; then
+ restart_services
+ fi
}
stop() {
logger -s -t policyrouting "Stopping policy routing"
olsrd_rmtables
- for p in $proto; do
- ip -$p route flush table olsr-default
- ip -$p rule del lookup olsr-default > /dev/null 2>&1
- ip -$p rule del lookup olsr > /dev/null 2>&1
- done
+ del_lookup_rule olsr-default
+ del_lookup_rule olsr
+ del_lookup_rule localnets
+ uci commit network
restart_services
echo "Hint: To completely disable freifunk-policyrouting set enable=0 in /etc/config/freifunk-policyrouting."
}
@@ -140,11 +139,9 @@ stop() {
restart() {
logger -s -t policyrouting "Restarting policy routing"
olsrd_rmtables
- for p in $proto; do
- ip -$p route flush table olsr-default
- ip -$p rule del lookup olsr-default > /dev/null 2>&1
- ip -$p rule del lookup olsr > /dev/null 2>&1
- done
+ del_lookup_rule olsr-default
+ del_lookup_rule olsr
+ del_lookup_rule localnets
+ uci commit network
start
- restart_services
}