3 # taking this bridge-initialization code out of lbuild-initvm.sh
4 # so we can use it on our libvirt/lxc local infra
5 # there's something very similar in
6 # tests/system/template-qemu/qemu-bridge-init
7 # that the current code was actually based on, but
8 # nobody was ever bold enough to reconcile these two
11 DEFAULT_PUBLIC_BRIDGE=br0
13 ##############################
14 # use /proc/net/dev instead of a hard-wired list
15 function gather_interfaces () {
17 with open("/proc/net/dev") as feed:
19 if ':' not in line: continue
20 ifname = line.replace(" ","").split(":")[0]
21 if ifname.startswith("lo"): continue
22 if ifname.startswith("br"): continue
23 if ifname.startswith("virbr"): continue
24 if ifname.startswith("veth"): continue
25 if ifname.startswith("tap"): continue
26 if ifname.startswith("vif"): continue
31 function discover_interface () {
32 for ifname in $(gather_interfaces); do
33 ip link show $ifname | grep -qi 'state UP' && { echo $ifname; return; }
35 # still not found ? that's bad
39 ##############################
40 function check_yum_installed () {
42 rpm -q $package >& /dev/null || yum -y install $package
46 function check_yumgroup_installed () {
48 yum grouplist "$group" | grep -q Installed || { yum -y groupinstall "$group" ; }
51 #################### bridge initialization
52 function create_bridge_if_needed() {
54 # do not turn on verbosity
57 public_bridge=$1; shift
59 # already created ? - we're done
60 ip addr show $public_bridge >& /dev/null && {
61 echo "Bridge already set up - skipping create_bridge_if_needed"
65 # find out the physical interface to bridge onto
66 if_lan=$(discover_interface)
68 ip addr show $if_lan &>/dev/null || {
69 echo "Cannot use interface $if_lan - exiting"
73 #################### bride initialization
74 check_yum_installed bridge-utils
76 echo "========== $COMMAND: entering create_bridge - beg"
81 echo "========== $COMMAND: entering create_bridge - end"
83 # disable netfilter calls for bridge interface (they cause panick on 2.6.35 anyway)
85 # another option would be to accept the all forward packages for
86 # bridged interface like: -A FORWARD -m physdev --physdev-is-bridged -j ACCEPT
87 sysctl net.bridge.bridge-nf-call-iptables=0
88 sysctl net.bridge.bridge-nf-call-ip6tables=0
89 sysctl net.bridge.bridge-nf-call-arptables=0
92 #Getting host IP/masklen
93 address=$(ip addr show $if_lan | grep -v inet6 | grep inet | head --lines=1 | awk '{print $2;}')
94 [ -z "$address" ] && { echo "ERROR: Could not determine IP address for $if_lan" ; exit 1 ; }
96 broadcast=$(ip addr show $if_lan | grep -v inet6 | grep inet | head --lines=1 | awk '{print $4;}')
97 [ -z "$broadcast" ] && echo "WARNING: Could not determine broadcast address for $if_lan"
99 gateway=$(ip route show | grep default | awk '{print $3;}')
100 [ -z "$gateway" ] && echo "WARNING: Could not determine gateway IP"
103 # creating the bridge
104 echo "Creating public bridge interface $public_bridge"
105 brctl addbr $public_bridge
106 brctl addif $public_bridge $if_lan
107 echo "Activating promiscuous mode if_lan=$if_lan"
108 ip link set $if_lan up promisc on
110 # rely on dhcp to re assign IP..
111 echo "Starting dhclient on $public_bridge"
112 dhclient $public_bridge
115 #Reconfigure the routing table
116 echo "Configuring gateway=$gateway"
117 ip route add default via $gateway dev $public_bridge
118 ip route del default via $gateway dev $if_lan
119 # at this point we have an extra route like e.g.
121 #default via 138.96.112.250 dev br0
122 #138.96.112.0/21 dev em1 proto kernel scope link src 138.96.112.57
123 #138.96.112.0/21 dev br0 proto kernel scope link src 138.96.112.57
124 #192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
125 route_dest=$(ip route show | grep -v default | grep "dev $public_bridge" | awk '{print $1;}')
126 ip route del $route_dest dev $if_lan
128 echo "========== $COMMAND: exiting create_bridge - beg"
131 echo "========== $COMMAND: exiting create_bridge - end"
140 if [[ -n "$@" ]] ; then
141 public_bridge="$1"; shift
143 public_bridge="$DEFAULT_PUBLIC_BRIDGE"
145 create_bridge_if_needed $public_bridge