bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk
505.3.10
by Teddy Hogeborn
* network-hooks.d: New directory. |
1 |
#!/bin/sh
|
2 |
#
|
|
3 |
# This is an example of a Mandos client network hook. This hook
|
|
4 |
# brings up a bridge interface as specified in a separate
|
|
5 |
# configuration file. To be used, this file and any needed
|
|
6 |
# configuration file(s) should be copied into the
|
|
7 |
# /etc/mandos/network-hooks.d directory.
|
|
8 |
#
|
|
9 |
# Copying and distribution of this file, with or without modification,
|
|
10 |
# are permitted in any medium without royalty provided the copyright
|
|
11 |
# notice and this notice are preserved. This file is offered as-is,
|
|
12 |
# without any warranty.
|
|
13 |
||
14 |
set -e |
|
15 |
||
16 |
CONFIG="$MANDOSNETHOOKDIR/bridge.conf" |
|
17 |
||
18 |
# Read config file, which must set "BRIDGE", "PORTS", and optionally
|
|
19 |
# "IPADDRS" and "ROUTES".
|
|
20 |
if [ -e "$CONFIG" ]; then |
|
21 |
. "$CONFIG" |
|
22 |
fi
|
|
23 |
||
24 |
if [ -z "$BRIDGE" -o -z "$PORTS" ]; then |
|
25 |
exit |
|
26 |
fi
|
|
27 |
||
28 |
if [ -n "$DEVICE" -a "$DEVICE" != "$BRIDGE" ]; then |
|
29 |
exit |
|
30 |
fi
|
|
31 |
||
505.3.20
by Teddy Hogeborn
* network-hooks.d/bridge: Look for both /sbin/brctl and /usr/sbin/brctl. |
32 |
for brctl in /sbin/brctl /usr/sbin/brctl; do |
33 |
if [ -e "$brctl" ]; then |
|
34 |
break |
|
35 |
fi |
|
36 |
done
|
|
37 |
||
505.3.10
by Teddy Hogeborn
* network-hooks.d: New directory. |
38 |
case "$1" in |
39 |
start) |
|
505.3.16
by teddy at bsnet
* network-hooks.d/bridge: Use "/usr/sbin/brctl" explicitly. |
40 |
/usr/sbin/brctl addbr "$BRIDGE" |
505.3.10
by Teddy Hogeborn
* network-hooks.d: New directory. |
41 |
for port in $PORTS; do |
505.3.16
by teddy at bsnet
* network-hooks.d/bridge: Use "/usr/sbin/brctl" explicitly. |
42 |
/usr/sbin/brctl addif "$BRIDGE" "$port" |
505.3.10
by Teddy Hogeborn
* network-hooks.d: New directory. |
43 |
done |
44 |
ip link set up "$BRIDGE" |
|
45 |
if [ -n "$IPADDRS" ]; then |
|
46 |
for ipaddr in $IPADDRS; do |
|
47 |
ip addr add "$ipaddr" dev "$BRIDGE" |
|
48 |
done |
|
49 |
fi |
|
50 |
if [ -n "$ROUTES" ]; then |
|
51 |
for route in $ROUTES; do |
|
52 |
ip route add "$route" dev "$BRIDGE" |
|
53 |
done |
|
54 |
fi |
|
55 |
;; |
|
56 |
stop) |
|
57 |
ip link set down "$BRIDGE" |
|
58 |
for port in $PORTS; do |
|
505.3.16
by teddy at bsnet
* network-hooks.d/bridge: Use "/usr/sbin/brctl" explicitly. |
59 |
/usr/sbin/brctl delif "$BRIDGE" "$port" |
505.3.10
by Teddy Hogeborn
* network-hooks.d: New directory. |
60 |
done |
505.3.16
by teddy at bsnet
* network-hooks.d/bridge: Use "/usr/sbin/brctl" explicitly. |
61 |
/usr/sbin/brctl delbr "$BRIDGE" |
505.3.10
by Teddy Hogeborn
* network-hooks.d: New directory. |
62 |
;; |
63 |
files) |
|
64 |
echo /bin/ip |
|
505.3.20
by Teddy Hogeborn
* network-hooks.d/bridge: Look for both /sbin/brctl and /usr/sbin/brctl. |
65 |
echo "$brctl" |
505.3.14
by teddy at bsnet
Hooks take new "modules" argument, and hook names can contain periods. |
66 |
;; |
67 |
modules) |
|
68 |
echo bridge |
|
505.3.10
by Teddy Hogeborn
* network-hooks.d: New directory. |
69 |
;; |
70 |
esac
|