4 # Copyright (C) 2009 UniPi
7 # This script is the backend to be used with
9 # It allows to configure dummynet pipes and queues.
11 # - read the user's input from the input pipe
12 # - validate the input
14 # - put results on the output vsys pipe
16 # This script expect to read from the input vsys
17 # pipe a line formatted as follow:
18 # ${PORT} ${TIMEOUT} <dummynet parameters>
19 # the timeout value is expressed as:
20 # week, day, month or anything else accepted by the date command
25 LOG_FILE=/tmp/netconfig.log
32 # set to 0 to disable debug messages
35 debug() { # $1 message to be displayed
36 [ x"${DEBUG}" != x"0" ] && echo $1 >>{LOG_FILE};
39 abort() { # $1 message to be displayed
44 user_error() { # $1 message to be displayed
45 echo "1 User error: $1"
49 filter() { # $* variables to be filtered
50 # allowed chars are: numbers, upcase and lowecase
51 # chars, and the following symbols: . _ - /
52 echo "$*" | ${SED} -r 's/[^0-9a-zA-Z. _\/\-]*//g'
55 # Add ipfw pipe and rules
56 # We use the PORT number to configure the
57 # pipe, and add rules for that port.
58 # The default directory is the slicename root
59 add_rules() { # $1 timeout value
62 debug "Add a new rule"
63 # schedule the rule deletion
64 EXPIRE=`date --date="${TIMEOUT}" +%s`
65 [ x"${EXPIRE}" = x"" ] && abort "Date format $1 not valid"
67 # prepend the profile name with the vserver directory
68 echo ${CONFIG_STRING} | ${SED} -e "s/ profile \(.[^ ]\)/ profile \/vservers\/${SLICE}\/\1/g"
71 # check syntax, if ok execute
73 local IPFW_CHECK="${IPFW} -n "
77 ${IPFW_CHECK} add ${RULE_N} pipe ${PIPE_N} ip from me to any src-port ${PORT} // ${EXPIRE} ${SLICE}
80 ${IPFW_CHECK} add ${RULE_N} pipe ${PIPE_N} ip from any to me dst-port ${PORT}
84 ${IPFW_CHECK} pipe ${PIPE_N} config ${PARSED_CONFIGURATION}
86 if [ ! $ERROR -eq 0 ]; then
87 echo "Some errors occurred not executing"
88 user_error "ipfw syntax error"
92 ${IPFW} add ${RULE_N} pipe ${PIPE_N} ip from me to any src-port ${PORT} // ${EXPIRE} ${SLICE}
93 ${IPFW} add ${RULE_N} pipe ${PIPE_N} ip from any to me dst-port ${PORT}
96 ${IPFW} pipe ${PIPE_N} config ${PARSED_CONFIGURATION}
102 ipfw delete ${RULE_N}
103 ipfw pipe delete ${RULE_N}
106 # The rule we want to configure already exist.
107 # Check for slice owner matching.
112 RULE=`ipfw list ${PORT} 2>&1 | cut -d ' ' -f 12`;
113 if [ "${RULE}" = "${SLICE}" ] ; then # replace the link configuration
114 debug "The rule already exist, the owner match, delete old rule"
119 user_error "the rule already exist, ant you are not the slice owner, try later"
123 # process a single line of input, a request
126 local TMP; # temporary var
128 debug "Received from the input pipe: $1"
130 ARGS=`echo $1 | wc -w`
131 if [ $ARGS -le 3 ]; then
132 abort "One or more input parameter is missing"
136 TMP=`echo $1 | cut -d\ -f 1`
138 TMP=`echo $1 | cut -d\ -f 2`
139 TIMEOUT=`filter $TMP`
140 TMP=`echo $1 | cut -d\ -f 3-`
141 CONFIG_STRING=`filter $TMP`
144 debug "TIMEOUT: $TIMEOUT"
145 debug "configuration string: $CONFIG_STRING"
148 [ ${PORT} -le 1024 ] && user_error "it is not allowed to modify the port range [0-1024]"
150 # start to configure pipes and rules
155 # check if the link is already configured
156 ipfw list ${PORT} 2>&1
158 if [ x"$?" != x"0" ]; then # new rule, add and set owner/timeout
160 else # the rule already exist, check owner
173 # read -a read arguments in array
174 # XXX skip lines starting with #
175 requests[$i]=$request;
182 for i in `/usr/bin/seq 0 $((${#requests[*]} - 1))`
184 process "${requests[$i]}"