Lines 7-20
Link Here
|
7 |
# Also, SC2034 and SC2316 are muted because they produce false-positives. |
7 |
# Also, SC2034 and SC2316 are muted because they produce false-positives. |
8 |
# shellcheck shell=sh disable=SC3043,SC2034,SC2316 |
8 |
# shellcheck shell=sh disable=SC3043,SC2034,SC2316 |
9 |
|
9 |
|
10 |
l2tp_depend() |
10 |
l2tp_depend() { |
11 |
{ |
|
|
12 |
program ip |
11 |
program ip |
13 |
before bridge interface macchanger |
12 |
before bridge interface macchanger |
14 |
} |
13 |
} |
15 |
|
14 |
|
16 |
_l2tp_parse_opts() |
15 |
l2tp_pre_start() { |
17 |
{ |
16 |
local declared_session declared_tunnel l2tpsession l2tptunnel |
|
|
17 |
local name peer_session_id session_id tunnel_id |
18 |
local encap local peer_tunnel_id remote |
19 |
local key |
20 |
|
21 |
if key="l2tpsession_${IFVAR:?}"; ! eval "[ \${${key}+set} ]"; then |
22 |
return |
23 |
elif eval "l2tpsession=\$${key}"; _is_blank "${l2tpsession}"; then |
24 |
eend 1 "${key} is defined but its value is blank" |
25 |
elif ! declared_session=$(_l2tp_parse_opts "${l2tpsession}" "peer_session_id session_id tunnel_id" "name"); then |
26 |
eend 1 "${key} is missing at least one required parameter" |
27 |
elif eval "${declared_session}"; [ "${name+set}" ]; then |
28 |
eend 1 "${key} defines a \"name\" parameter, which is forbidden by netifrc" |
29 |
elif ! modprobe l2tp_eth; then |
30 |
eend 1 "Couldn't load the l2tp_eth module (perhaps the CONFIG_L2TP_ETH kernel option is disabled)" |
31 |
elif key="l2tptunnel_${IFVAR}"; eval "[ \${${key}+set} ]"; then |
32 |
if eval "l2tptunnel=\$${key}"; _is_blank "${l2tptunnel}"; then |
33 |
eend 1 "${key} is defined but its value is blank" |
34 |
elif ! declared_tunnel=$(_l2tp_parse_opts "${l2tptunnel}" "local peer_tunnel_id remote tunnel_id" "encap"); then |
35 |
eend 1 "${key} is missing at least one required parameter" |
36 |
elif set -- "${tunnel_id}"; eval "${declared_tunnel}"; [ "$1" != "${tunnel_id}" ]; then |
37 |
eend 1 "${key} defines a \"tunnel_id\" parameter that contradicts l2tpsession_${IFVAR}" |
38 |
elif _l2tp_should_add_tunnel "${tunnel_id}" "${declared_tunnel}"; set -- $?; [ "$1" -eq 2 ]; then |
39 |
eend 1 "Tunnel #${tunnel_id} exists but its properties mismatch those defined by ${key}" |
40 |
elif [ "$1" -eq 1 ]; then |
41 |
# The config matches an existing tunnel. |
42 |
true |
43 |
elif [ "${encap}" = ip ] && ! modprobe l2tp_ip; then |
44 |
eend 1 "Couldn't load the l2tp_ip module (perhaps the CONFIG_L2TP_IP kernel option is disabled)" |
45 |
else |
46 |
ebegin "Creating L2TPv3 tunnel (tunnel_id ${tunnel_id})" |
47 |
printf %s "l2tp add tunnel ${l2tptunnel}" \ |
48 |
| xargs -E '' ip |
49 |
eend $? |
50 |
fi |
51 |
elif ! _l2tp_has_tunnel "${tunnel_id}"; then |
52 |
# A tunnel may incorporate more than one session (link). This |
53 |
# module allows for the user not to define a tunnel for a given |
54 |
# session. In that case, it will be expected that the required |
55 |
# tunnel has already been created to satisfy some other session. |
56 |
eend 1 "Tunnel #${tunnel_id} not found (defining ${key} may be required)" |
57 |
fi || return |
58 |
|
59 |
ebegin "Creating L2TPv3 session (session_id ${session_id} tunnel_id ${tunnel_id})" |
60 |
printf %s "l2tp add session ${l2tpsession} name ${IFACE:?}" \ |
61 |
| xargs -E '' ip && _up |
62 |
eend $? |
63 |
} |
64 |
|
65 |
l2tp_post_stop() { |
66 |
local existing_session session_id tunnel_id |
67 |
|
68 |
# This function may be invoked for every interface. If not a virtual |
69 |
# interface, it can't possibly be one that's managed by this module, in |
70 |
# which case running ip(8) and awk(1) would be a needless expense. |
71 |
[ -e /sys/devices/virtual/net/"${IFACE:?}" ] \ |
72 |
&& existing_session=$(_l2tp_parse_existing_session 2>/dev/null) \ |
73 |
|| return 0 |
74 |
|
75 |
eval "${existing_session}" |
76 |
set -- session_id "${session_id}" tunnel_id "${tunnel_id}" |
77 |
ebegin "Destroying L2TPv3 session ($*)" |
78 |
ip l2tp del session "$@" |
79 |
eend $? && |
80 |
if ! _l2tp_in_session "${tunnel_id}"; then |
81 |
shift 2 |
82 |
ebegin "Destroying L2TPv3 tunnel ($*)" |
83 |
ip l2tp del tunnel "$@" |
84 |
eend $? |
85 |
fi |
86 |
} |
87 |
|
88 |
_is_blank() ( |
89 |
LC_CTYPE=C |
90 |
case $1 in |
91 |
*[![:blank:]]*) return 1 |
92 |
esac |
93 |
) |
94 |
|
95 |
_l2tp_parse_opts() { |
18 |
# Parses lt2psession or l2tptunnel options using xargs(1), conveying |
96 |
# Parses lt2psession or l2tptunnel options using xargs(1), conveying |
19 |
# them as arguments to awk(1). The awk program interprets the arguments |
97 |
# them as arguments to awk(1). The awk program interprets the arguments |
20 |
# as a series of key/value pairs and safely prints those specified as |
98 |
# as a series of key/value pairs and safely prints those specified as |
Lines 152-236
_l2tp_in_session() {
Link Here
|
152 |
} |
230 |
} |
153 |
return 1 |
231 |
return 1 |
154 |
} |
232 |
} |
155 |
|
|
|
156 |
_is_blank() ( |
157 |
LC_CTYPE=C |
158 |
case $1 in |
159 |
*[![:blank:]]*) return 1 |
160 |
esac |
161 |
) |
162 |
|
163 |
l2tp_pre_start() |
164 |
{ |
165 |
local declared_session declared_tunnel l2tpsession l2tptunnel |
166 |
local name peer_session_id session_id tunnel_id |
167 |
local encap local peer_tunnel_id remote |
168 |
local key |
169 |
|
170 |
if key="l2tpsession_${IFVAR:?}"; ! eval "[ \${${key}+set} ]"; then |
171 |
return |
172 |
elif eval "l2tpsession=\$${key}"; _is_blank "${l2tpsession}"; then |
173 |
eend 1 "${key} is defined but its value is blank" |
174 |
elif ! declared_session=$(_l2tp_parse_opts "${l2tpsession}" "peer_session_id session_id tunnel_id" "name"); then |
175 |
eend 1 "${key} is missing at least one required parameter" |
176 |
elif eval "${declared_session}"; [ "${name+set}" ]; then |
177 |
eend 1 "${key} defines a \"name\" parameter, which is forbidden by netifrc" |
178 |
elif ! modprobe l2tp_eth; then |
179 |
eend 1 "Couldn't load the l2tp_eth module (perhaps the CONFIG_L2TP_ETH kernel option is disabled)" |
180 |
elif key="l2tptunnel_${IFVAR}"; eval "[ \${${key}+set} ]"; then |
181 |
if eval "l2tptunnel=\$${key}"; _is_blank "${l2tptunnel}"; then |
182 |
eend 1 "${key} is defined but its value is blank" |
183 |
elif ! declared_tunnel=$(_l2tp_parse_opts "${l2tptunnel}" "local peer_tunnel_id remote tunnel_id" "encap"); then |
184 |
eend 1 "${key} is missing at least one required parameter" |
185 |
elif set -- "${tunnel_id}"; eval "${declared_tunnel}"; [ "$1" != "${tunnel_id}" ]; then |
186 |
eend 1 "${key} defines a \"tunnel_id\" parameter that contradicts l2tpsession_${IFVAR}" |
187 |
elif _l2tp_should_add_tunnel "${tunnel_id}" "${declared_tunnel}"; set -- $?; [ "$1" -eq 2 ]; then |
188 |
eend 1 "Tunnel #${tunnel_id} exists but its properties mismatch those defined by ${key}" |
189 |
elif [ "$1" -eq 1 ]; then |
190 |
# The config matches an existing tunnel. |
191 |
true |
192 |
elif [ "${encap}" = ip ] && ! modprobe l2tp_ip; then |
193 |
eend 1 "Couldn't load the l2tp_ip module (perhaps the CONFIG_L2TP_IP kernel option is disabled)" |
194 |
else |
195 |
ebegin "Creating L2TPv3 tunnel (tunnel_id ${tunnel_id})" |
196 |
printf %s "l2tp add tunnel ${l2tptunnel}" \ |
197 |
| xargs -E '' ip |
198 |
eend $? |
199 |
fi |
200 |
elif ! _l2tp_has_tunnel "${tunnel_id}"; then |
201 |
# A tunnel may incorporate more than one session (link). This |
202 |
# module allows for the user not to define a tunnel for a given |
203 |
# session. In that case, it will be expected that the required |
204 |
# tunnel has already been created to satisfy some other session. |
205 |
eend 1 "Tunnel #${tunnel_id} not found (defining ${key} may be required)" |
206 |
fi || return |
207 |
|
208 |
ebegin "Creating L2TPv3 session (session_id ${session_id} tunnel_id ${tunnel_id})" |
209 |
printf %s "l2tp add session ${l2tpsession} name ${IFACE:?}" \ |
210 |
| xargs -E '' ip && _up |
211 |
eend $? |
212 |
} |
213 |
|
214 |
l2tp_post_stop() |
215 |
{ |
216 |
local existing_session session_id tunnel_id |
217 |
|
218 |
# This function may be invoked for every interface. If not a virtual |
219 |
# interface, it can't possibly be one that's managed by this module, in |
220 |
# which case running ip(8) and awk(1) would be a needless expense. |
221 |
[ -e /sys/devices/virtual/net/"${IFACE:?}" ] \ |
222 |
&& existing_session=$(_l2tp_parse_existing_session 2>/dev/null) \ |
223 |
|| return 0 |
224 |
|
225 |
eval "${existing_session}" |
226 |
set -- session_id "${session_id}" tunnel_id "${tunnel_id}" |
227 |
ebegin "Destroying L2TPv3 session ($*)" |
228 |
ip l2tp del session "$@" |
229 |
eend $? && |
230 |
if ! _l2tp_in_session "${tunnel_id}"; then |
231 |
shift 2 |
232 |
ebegin "Destroying L2TPv3 tunnel ($*)" |
233 |
ip l2tp del tunnel "$@" |
234 |
eend $? |
235 |
fi |
236 |
} |
237 |
- |