WebSVN – ALCASAR – Path Comparison – / – /scripts/alcasar-network.sh Rev 2955 and /scripts/alcasar-network.sh Rev 2956

Ignore whitespace Rev 2955 → Rev 2956

 /scripts/alcasar-network.sh
 ,0 → 1,109
+#!/bin/bash
+# alcasar-network.sh
+# by Pierre RIVAULT and Rexy
+# This script is distributed under the Gnu General Public License (GPL)
+# Met à jour la configuration réseau conformément au fichier de configuration (alcasar.conf)
+# update network configuration according to alcasar.conf
+CONF_FILE="/usr/local/etc/alcasar.conf"
+TMP_ip_gw_save="/tmp/ipset_ip_gw_save"
+EXTIF=`grep ^EXTIF= $CONF_FILE|cut -d"=" -f2`
+PUBLIC_IP=`grep ^PUBLIC_IP= $CONF_FILE|cut -d"=" -f2`
+GW1=`grep ^GW= $CONF_FILE|cut -d"=" -f2`
+MTU=`grep ^PUBLIC_MTU= $CONF_FILE|cut -d"=" -f2`
+MULTIWAN=`grep ^MULTIWAN= $CONF_FILE|cut -d"=" -f2`
+MULTIWAN=${MULTIWAN:=Off}
+NET="`ipcalc -n $PUBLIC_IP | cut -d"=" -f2`/`ipcalc -p $PUBLIC_IP | cut -d"=" -f2`"
+IP=`echo $PUBLIC_IP | cut -d"/" -f1`
+PRIVATE_IP_MASK=`grep ^PRIVATE_IP $CONF_FILE | cut -d"=" -f2`
+PRIVATE_IP=`echo $PRIVATE_IP_MASK | cut -d"/" -f1`
+PRIVATE_NETMASK=`echo $PRIVATE_IP_MASK | cut -d"/" -f2`
+PRIVATE_PREFIX=`/bin/ipcalc -p $PRIVATE_IP $PRIVATE_NETMASK |cut -d"=" -f2`             # prefixe du réseau (ex. 24)
+PRIVATE_NETWORK=`/bin/ipcalc -n $PRIVATE_IP $PRIVATE_NETMASK| cut -d"=" -f2`    # @ réseau de consultation (ex.: 192.168.182.0)
+PRIVATE_NETWORK_MASK=$PRIVATE_NETWORK/$PRIVATE_PREFIX                                                   # @ + masque du réseau de consult (192.168.182.0/24)
+nb_gw=`grep ^WAN $CONF_FILE | wc -l`
+routecmd="ip route replace default scope global"
+if [ $(whoami) != "root" ]; then
+        echo "You must be root to run this!" ; echo ; exit 1
+fi
+if [ $# -eq 0 ]; then
+        args="--apply"
+else
+        args=$1
+fi
+case $args in
+        --save)
+                rm -f $TMP_ip_gw_save
+                # ipset name list for load_balancing
+                gw_list="gw0"
+                for ((i=1 ; i<=$nb_gw ; i++)); do
+                        gw_list="${gw_list} gw$i"
+                done
+                # Saving all of the already connected IP in order to put them back in the load balancing after
+                for i in $gw_list;do
+                        ipset list $i 1>/dev/null 2>&1
+                        if [ $? -eq 0 ]
+                        then
+                                # the cut -d":" -f5 deletes all the lines with a :, i.e all the lines except the members
+                                ipset list $i | cut -d":" -f5 | sed '/^[[:space:]]*$/d' >> $TMP_ip_gw_save
+                        fi
+                done
+        exit 0
+        ;;
+        --apply)
+                [ -e /etc/sysconfig/network-scripts/ifcfg-$EXTIF ] && ifdown $EXTIF
+                # set the new configuration for EXTIF
+                cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-$EXTIF
+DEVICE=$EXTIF
+BOOTPROTO=static
+IPADDR=$IP
+NETMASK=`ipcalc -m $PUBLIC_IP | cut -d= -f2`
+NETWORK=`ipcalc -n $PUBLIC_IP | cut -d= -f2`
+GATEWAY=$GW1
+DNS1=127.0.0.1
+RESOLV_MODS=yes
+ONBOOT=yes
+METRIC=10
+MII_NOT_SUPPORTED=yes
+IPV6INIT=no
+IPV6TO4INIT=no
+ACCOUNTING=no
+USERCTL=no
+MTU=$MTU
+NOZEROCONF=yes
+EOF
+                ifup $EXTIF
+                ip route flush ${NET}   # Remove the previous route for the network of EXTIF
+                ip route delete default scope global    # Remove the previous default route
+                ip route add ${NET} dev ${EXTIF} src ${IP}       # Set the new route for EXTIF network
+                ip route add ${NET} dev ${EXTIF} src ${IP} table 200    # Set the new default route. If no multiwan, these lines are equivalent to `ip route add default via ${GW1}`
+                ip route add default via ${GW1} table 200
+                routecmd="${routecmd} nexthop via ${GW1} dev ${EXTIF}"
+                ip rule flush   # Remove the previous routing rules
+                ip rule add from all lookup main pref 32766     # Set back the main rules
+                ip rule add from all lookup default pref 32767  # Set back the default rules
+                ip rule add from ${PRIVATE_NETWORK_MASK} fwmark 200 lookup 200  # Add the rule for the first gateway
+                if [ "$MULTIWAN" == "on" ] || [ "$MULTIWAN" == "On" ]; then
+                        nb_gw_supp=`grep ^WAN $CONF_FILE|wc -l`
+                        for ((i=0 ; $i < $nb_gw_supp ; i++)); do
+                                table=$(($i + 201))     # This number is used to mark the paquets in order to route them to the choosen GW
+                                GW=`grep ^WAN$(($i + 1))= $CONF_FILE|awk -F'"' '{ print $2 }' | awk -F, '{print $1}'`
+                                ip route add ${NET} dev ${EXTIF} src ${IP} table $table # Add the others route in their respective tables
+                                ip route add default via ${GW} table $table
+                                ip rule add from ${PRIVATE_NETWORK_MASK} fwmark $table lookup $table    # Add the rule for each rule depending of the mark set by the firewall
+                                routecmd="${routecmd} nexthop via ${GW} dev ${EXTIF}"   # add the added gateway into the default gateway
+                        done
+                fi
+                ${routecmd}     # define the default gateway for outgoing traffic
+                ip route flush cache
+                exit 0
+                ;;
+        *)
+                exit 1
+                ;;
+esac
 Property changes:
 Added: svn:eol-style
 +native
 \ No newline at end of property
 Added: svn:executable
 +*
 \ No newline at end of property

Subversion Repositories ALCASAR

Compare Revisions

Ignore whitespace Rev 2955 → Rev 2956