| 1 | #! /bin/sh |
| 2 | ### |
| 3 | ### TrIPE interface initialization script |
| 4 | ### suitable for Linux; other operating systems probably want something |
| 5 | ### similar |
| 6 | |
| 7 | ###----- Licensing notica --------------------------------------------------- |
| 8 | ### |
| 9 | ### Redistribution, modification and use of this file is permitted without |
| 10 | ### limitation. |
| 11 | ### |
| 12 | ### This file is distributed in the hope that it will be useful, |
| 13 | ### but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 14 | ### MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
| 15 | |
| 16 | set -e |
| 17 | |
| 18 | ## Import compile-time configuration. |
| 19 | : ${bindir=@bindir@} |
| 20 | : ${tripectl=$bindir/tripectl} |
| 21 | PATH=/usr/bin:/usr/sbin:/bin:/sbin:$bindir |
| 22 | export PATH TRIPEDIR |
| 23 | |
| 24 | ## Determine whether we have IPv6 support. |
| 25 | if [ -d /proc/sys/net/ipv6 ]; then have6=t; else have6=nil; fi |
| 26 | |
| 27 | ###-------------------------------------------------------------------------- |
| 28 | ### Collect arguments. |
| 29 | |
| 30 | ## Collect the simple arguments. |
| 31 | if [ $# -lt 3 ]; then |
| 32 | echo >&2 "usage: $0 PEER IFNAME ADDR..."; exit 1 |
| 33 | fi |
| 34 | peer=$1 ifname=$2 family=$3; shift 3 |
| 35 | |
| 36 | ## Parse the address family. |
| 37 | case "$family,$#" in |
| 38 | INET,1) addr=$1 port=4070 ;; |
| 39 | INET,2) addr=$1 port=$2 ;; |
| 40 | INET,*) echo >&2 "$0: bad INET address"; exit 1 ;; |
| 41 | *) echo >&2 "$0: unknown address family $family"; exit 1 ;; |
| 42 | esac |
| 43 | |
| 44 | ###-------------------------------------------------------------------------- |
| 45 | ### Set the interface name. |
| 46 | |
| 47 | case "${P_IFNAME+set}" in |
| 48 | set) |
| 49 | ip link set "$ifname" name "$P_IFNAME" |
| 50 | ifname=$P_IFNAME |
| 51 | $tripectl setifname "$peer" "$ifname" |
| 52 | ;; |
| 53 | esac |
| 54 | |
| 55 | ###-------------------------------------------------------------------------- |
| 56 | ### Configure the point-to-point link. |
| 57 | |
| 58 | ## Split local addresses into v4 and v6 lists. |
| 59 | unset l4addr l6addr |
| 60 | for a in $P_LADDR; do |
| 61 | case "$a" in |
| 62 | *:*) l6addr=${l6addr+$l6addr }$a ;; |
| 63 | *) l4addr=${l4addr+$l4addr }$a ;; |
| 64 | esac |
| 65 | done |
| 66 | |
| 67 | ## Determine the remote v4 and v6 addresses. We only allow one remote |
| 68 | ## address for each: others can be added as routes. |
| 69 | unset r4addr r6addr |
| 70 | for a in $P_RADDR; do |
| 71 | case "$a" in |
| 72 | *:*) r6addr=$a ;; |
| 73 | *) r4addr=$a ;; |
| 74 | esac |
| 75 | done |
| 76 | |
| 77 | ## Configure the first v4 address as point-to-point; add the others as plain |
| 78 | ## addresses. |
| 79 | haveaddr4=nil |
| 80 | set -- $l4addr |
| 81 | case $#,${r4addr+set} in |
| 82 | [1-9]*,set) |
| 83 | ip addr add "$1" peer "$r4addr" dev "$ifname" |
| 84 | haveaddr4=t |
| 85 | shift |
| 86 | ;; |
| 87 | esac |
| 88 | for a in "$@"; do |
| 89 | ip addr add "$a/32" dev "$ifname" |
| 90 | haveaddr4=t |
| 91 | done |
| 92 | |
| 93 | ## IPv6 point-to-point links seem broken in Linux. Attach the local and |
| 94 | ## remote addresses by hand. |
| 95 | haveaddr6=nil |
| 96 | set -- $l6addr |
| 97 | case $have6,$# in |
| 98 | t,[1-9]*) |
| 99 | for a in "$@"; do |
| 100 | ip addr add "$a/128" dev "$ifname" |
| 101 | haveaddr6=t |
| 102 | done |
| 103 | case ${r6addr+set} in |
| 104 | set) ip route add $r6addr/128 proto static dev "$ifname" ;; |
| 105 | esac |
| 106 | ;; |
| 107 | esac |
| 108 | |
| 109 | ###-------------------------------------------------------------------------- |
| 110 | ### Bring the interface up. |
| 111 | |
| 112 | case $haveaddr4,$haveaddr6 in |
| 113 | nil,nil) |
| 114 | ;; |
| 115 | *) |
| 116 | case "${P_MTU+set}" in |
| 117 | set) |
| 118 | mtu=$P_MTU;; |
| 119 | *) |
| 120 | pathmtu=$(pathmtu "$addr") |
| 121 | mtu=$(expr "$pathmtu" - 33 - $A_CIPHER_BLKSZ - $A_MAC_TAGSZ) |
| 122 | ;; |
| 123 | esac |
| 124 | ip link set dev "$ifname" up mtu "$mtu" |
| 125 | ;; |
| 126 | esac |
| 127 | |
| 128 | ###-------------------------------------------------------------------------- |
| 129 | ### Set up routing. |
| 130 | |
| 131 | ## Split the routes into v4 and v6 lists. |
| 132 | unset route4 route6 |
| 133 | for p in $P_NETS; do |
| 134 | case "$p" in |
| 135 | *:*) route6=${route6+$route6 }$p ;; |
| 136 | *) route4=${route4+$route4 }$p ;; |
| 137 | esac |
| 138 | done |
| 139 | |
| 140 | ## Add the v4 routes. |
| 141 | set -- $route4 |
| 142 | case $haveaddr4,$# in |
| 143 | t,[1-9]*) |
| 144 | for p in "$@"; do |
| 145 | ip route add $p proto static via "$r4addr" |
| 146 | done |
| 147 | ;; |
| 148 | esac |
| 149 | |
| 150 | ## Add the v6 routes. |
| 151 | set -- $route6 |
| 152 | case $haveaddr6,$# in |
| 153 | t,[1-9]*) |
| 154 | for p in "$@"; do |
| 155 | ip route add $p proto static via "$r6addr" |
| 156 | done |
| 157 | ;; |
| 158 | esac |
| 159 | |
| 160 | ###-------------------------------------------------------------------------- |
| 161 | ### Maybe invoke a follow-on script. |
| 162 | |
| 163 | case "${P_IFUPEXTRA+set}" in |
| 164 | set) |
| 165 | eval "$P_IFUPEXTRA" |
| 166 | ;; |
| 167 | esac |
| 168 | |
| 169 | ###-------------------------------------------------------------------------- |
| 170 | ### Issue a notification that we've won. |
| 171 | |
| 172 | $tripectl notify tripe-ifup configured "$peer" |
| 173 | |
| 174 | ###----- That's all, folks -------------------------------------------------- |