3
# This is an example of a Mandos client network hook. This hook
4
# brings up a wireless interface as specified in a separate
5
# configuration file. To be used, this file and any needed
6
# configuration file(s) should be copied into the
7
# /etc/mandos/network-hooks.d directory.
9
# Copyright © 2012-2018 Teddy Hogeborn
10
# Copyright © 2012-2018 Björn Påhlsson
12
# Copying and distribution of this file, with or without modification,
13
# are permitted in any medium without royalty provided the copyright
14
# notice and this notice are preserved. This file is offered as-is,
15
# without any warranty.
20
CTRL="$RUNDIR/wpa_supplicant-global"
21
CTRLDIR="$RUNDIR/wpa_supplicant"
22
PIDFILE="$RUNDIR/wpa_supplicant-mandos.pid"
24
CONFIG="$MANDOSNETHOOKDIR/wireless.conf"
27
grep -liFe "$1" /sys/class/net/*/address \
28
| sed -e 's,.*/\([^/]*\)/[^/]*,\1,'
32
if [ -e "$CONFIG" ]; then
38
ifkeys=`sed -n -e 's/^ADDRESS_\([^=]*\)=.*/\1/p' "$CONFIG" | sort -u`
40
# Exit if DEVICE is set and is not any of the wireless interfaces
41
if [ -n "$DEVICE" ]; then
43
for KEY in $ifkeys; do
44
ADDRESS=`eval 'echo "$ADDRESS_'"$KEY"\"`
45
INTERFACE=`addrtoif "$ADDRESS"`
48
*,"$INTERFACE"|*,"$INTERFACE",*|"$INTERFACE",*|"$INTERFACE")
56
wpa_supplicant=/sbin/wpa_supplicant
60
# Used by the wpa_interface_* functions in the wireless.conf file
63
ssid|psk) arg="\"$2\"" ;;
66
"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" set_network "$NETWORK" \
67
"$1" "$arg" 2>&1 | sed -e '/^OK$/d'
70
if [ $VERBOSITY -gt 0 ]; then
71
WPAS_OPTIONS="-d $WPAS_OPTIONS"
73
if [ -n "$PIDFILE" ]; then
74
WPAS_OPTIONS="-P$PIDFILE $WPAS_OPTIONS"
78
mkdir -m u=rwx,go= -p "$CTRLDIR"
79
"$wpa_supplicant" -B -g "$CTRL" -p "$CTRLDIR" $WPAS_OPTIONS
80
for KEY in $ifkeys; do
81
ADDRESS=`eval 'echo "$ADDRESS_'"$KEY"\"`
82
INTERFACE=`addrtoif "$ADDRESS"`
83
DRIVER=`eval 'echo "$WPA_DRIVER_'"$KEY"\"`
84
IFDELAY=`eval 'echo "$DELAY_'"$KEY"\"`
85
"$wpa_cli" -g "$CTRL" interface_add "$INTERFACE" "" \
86
"${DRIVER:-wext}" "$CTRLDIR" > /dev/null \
88
NETWORK=`"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" add_network`
89
eval wpa_interface_"$KEY"
90
"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" enable_network \
91
"$NETWORK" | sed -e '/^OK$/d'
92
sleep "${IFDELAY:-$DELAY}" &
95
kill -0 $sleep 2>/dev/null || break
96
STATE=`"$wpa_cli" -p "$CTRLDIR" -i "$INTERFACE" status \
97
| sed -n -e 's/^wpa_state=//p'`
98
if [ "$STATE" = COMPLETED ]; then
100
kill -0 $sleep 2>/dev/null || break 2
101
UP=`cat /sys/class/net/"$INTERFACE"/operstate`
102
if [ "$UP" = up ]; then
103
kill $sleep 2>/dev/null
112
IPADDRS=`eval 'echo "$IPADDRS_'"$KEY"\"`
113
if [ -n "$IPADDRS" ]; then
114
if [ "$IPADDRS" = dhcp ]; then
115
ipconfig -c dhcp -d "$INTERFACE" || :
116
#dhclient "$INTERFACE"
118
for ipaddr in $IPADDRS; do
119
"$ip" addr add "$ipaddr" dev "$INTERFACE"
123
ROUTES=`eval 'echo "$ROUTES_'"$KEY"\"`
124
if [ -n "$ROUTES" ]; then
125
for route in $ROUTES; do
126
"$ip" route add "$route" dev "$INTERFACE"
133
"$wpa_cli" -g "$CTRL" terminate 2>&1 | sed -e '/^OK$/d'
134
for KEY in $ifkeys; do
135
ADDRESS=`eval 'echo "$ADDRESS_'"$KEY"\"`
136
INTERFACE=`addrtoif "$ADDRESS"`
137
"$ip" addr show scope global permanent dev "$INTERFACE" \
138
| while read type addr rest; do
141
"$ip" addr del "$addr" dev "$INTERFACE"
145
"$ip" link set dev "$INTERFACE" down
149
case "${MODE:-$1}" in
154
echo "$wpa_supplicant"
159
if [ "$IPADDRS" = dhcp ]; then
162
sed -n -e 's/#.*$//' -e 's/[ ]*$//' \
163
-e 's/^MODULE_[^=]\+=//p' "$CONFIG"
added
removed
network-hooks.d/wireless
