jablonka.czprosek.czf

sedlo

Subversion Repositories:
[/] [trunk/] [sedlo] - Blame information for rev 16

 

Line No. Rev Author Line
17simandl#!/bin/bash
2# author : Petr Simandl www.simandl.cz
315simandl# release date : 1/11/2006
47simandl# name : sedlo
5# description : dynamic side routing tables tool
6# license : GPL
7 
816simandlsl_version="0.0.4pre7"
97simandl 
10PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
11 
12sl_nmcnf="sedlo.conf"
13sl_sedlocnf="/etc/$sl_nmcnf"
14sl_sedlocache="/var/cache/sedlo"
15 
16sl_rttab="/etc/iproute2/rt_tables"
17sl_rtnmin=110
18sl_rtnmax=200
1916simandl#all traffic that is handled as internal (CZF traffic)
207simandlsl_ipnodef="10.0.0.0/8"
2116simandl#this will specify rupriority in rule table
22sl_priorules=10000
23#no default traffic will have rule at higher priority
24sl_prionodef=$(($sl_priorules - 1))
257simandl 
26slm_unknown="Nezname parametry : "
27 
28sl_ipcmd=`which ip`
29sl_trcmd=`which tr`
30sl_wgetcmd=`which wget`
31sl_hnmcmd=`which hostname`
32sl_awkcmd=`which awk`
33sl_catcmd=`which cat`
34sl_grepcmd=`which grep`
3510simandlsl_diffcmd=`which diff`
367simandl 
37if [ -e $sl_sedlocnf ]
38 then
39 sl_nop=1
40 else
41 echo "$sl_sedlocnf not found"
42 exit 1
43fi
44 
45if [ -e $sl_rttab ]
46 then
47 sl_nop=1
48 else
49 echo "$sl_rttab not found"
50 exit 1
51fi
52 
539simandlsl_murlcfg=`cat $sl_sedlocnf | grep "^mcnf" | uniq | awk '{print $2" "$3" "$4}'`
547simandl 
55######################################################################
568simandls_maru()
577simandl{
58if [ $scm_info -gt 0 ]; then echo "Managing rules" ; fi
59 
60sl_rules=`($sl_ipcmd ru ls | $sl_grepcmd -v "from all lookup" | $sl_awkcmd '{print $3"*ru"}' ; \
61$sl_catcmd $sl_sedlocache/$sl_nmcnf | $sl_grepcmd "^ip" | $sl_awkcmd '{print $2"*ip"}') | sort | uniq`
62 
63sl_merged=`echo $sl_rules $sl_ips | sort | uniq`
64 
65echo $sl_merged
66 
678simandl} # s_maru
6816simandl 
697simandl######################################################################
7016simandl#this will delete all rules at sl_prionodef an sl_priorules priorities
71s_flruall()
72{
73if [ $scm_info -gt 0 ]; then echo "Flushing all rules" ; fi
74 
75sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd "^"$sl_prionodef":" | $sl_trcmd '[:blank:]' '*'`
76for sl_rule in $sl_rules
77do
78 sl_ipgws=`echo $sl_rule | $sl_awkcmd -F '*' '{print $2,$3,$4,$5,$6,$7}'`
79 $sl_ipcmd ru del $sl_ipgws
80 #this should make faster applying of new routing tables
81 $sl_ipcmd ro flush cache
82done
83 
84sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd "^"$sl_priorules":" | $sl_trcmd '[:blank:]' '*'`
85for sl_rule in $sl_rules
86do
87 sl_ipgws=`echo $sl_rule | $sl_awkcmd -F '*' '{print $2,$3,$4,$5,$6,$7}'`
88 $sl_ipcmd ru del $sl_ipgws
89 #this should make faster applying of new routing tables
90 $sl_ipcmd ro flush cache
91done
92 
93} # s_flruall
94 
95######################################################################
967simandls_flru()
97{
98if [ $scm_info -gt 0 ]; then echo "Flushing all rules" ; fi
99 
10016simandlsl_rules=`$sl_ipcmd ru ls | $sl_grepcmd ^$sl_priorules":" | $sl_trcmd '[:blank:]' '*'`
1017simandl 
102for sl_rule in $sl_rules
103do
104 sl_ipgws=`echo $sl_rule | $sl_awkcmd -F '*' '{print $2,$3,$4,$5,$6,$7}'`
105 $sl_ipcmd ru del $sl_ipgws
10616simandl #this should make faster applying of new routing tables
107 $sl_ipcmd ro flush cache
1087simandldone
109 
110} # s_flru
1118simandl 
1127simandl######################################################################
11316simandls_checknodefru()
114{
115#checking if we have present nodef rule and if not we create it
116sl_nodefrule=`$sl_ipcmd ru ls | $sl_grepcmd "^"$sl_prionodef":" | $sl_trcmd '[:blank:]' '*'`
117#echo $sl_nodefrule
118if [ "$sl_nodefrule x" == " x" ]
119 then
120 if [ $scm_info -gt 0 ]; then echo "Creating rule for nodef route" ; fi
121 $sl_ipcmd ru add from $sl_ipnodef to $sl_ipnodef lookup main prio $sl_prionodef
122 echo "delam novou"
123fi
124 
125}
126 
127######################################################################
12810simandl# here we get each ip and we create a rule to send this ip to a
129# certain table
130# this routine can be skipped when the number of ips and ip directions
131# are still the same = old and new configs are the same
1327simandls_fillrules()
133{
1348simandl 
13516simandl#this will check no default rule if exists and if not it will be created
136s_checknodefru
137 
1388simandl#flush old rules before filling new ones
139#not so nice solution - it is planned to change just what's necessary
140#by s_maru
1417simandls_flru
142 
14310simandlif [ $scm_info -gt 0 ]; then echo "Creating rules for ips" ; fi
1447simandl 
145sl_ips=`$sl_catcmd $sl_sedlocache/$sl_nmcnf | $sl_grepcmd "^ip" | $sl_awkcmd '{print $2"*"$4"*"$5"*"$6}'`
146 
147for sl_ip in $sl_ips
148do
149 sl_ipn=`echo $sl_ip | $sl_awkcmd -F '*' '{print $1}'`
150 sl_ipgws=`echo $sl_ip | $sl_awkcmd -F '*' '{print $2,$3,$4}'`
151 sl_ok="no"
152 for sl_ipgw in $sl_ipgws
153 do
154 sl_tbl=`$sl_ipcmd ro ls ta $sl_ipgw`
155 if [ "$sl_tbl x" != " x" ] && [ "$sl_ok" = "no" ]
156 then
15716simandl #we have IP and GW
1587simandl if [ $scm_info -gt 1 ]; then echo "Creating new rules to send $sl_ipn to table $sl_ipgw" ; fi
15916simandl $sl_ipcmd ru add from $sl_ipn lookup $sl_ipgw prio $sl_priorules
160 
161 #this should make faster applying of new routing tables
162 $sl_ipcmd ro flush cache
1637simandl sl_ok="yes"
164 else
165 if [ "$sl_ok" = "no" ]
166 then
167 if [ $scm_info -gt 1 ]; then echo "For $sl_ipn table $sl_ipgw not used because it is empty" ; fi
168 else
16916simandl if [ $scm_info -gt 1 ]; then echo "For $sl_ipn table $sl_ipgw not used because it has lower priority" ; fi
1707simandl fi
171 fi
172 done
173done
174 
175 
176} # s_fillrules
1778simandl 
1787simandl######################################################################
17910simandl# here we look into the main routing table for path to our iGWs
180# and we fill these tables with two halves default nets that
181# point to appropriate direction
182# this routine can be skipped when the routing table is the same
1837simandls_filltables()
184{
18510simandlif [ $scm_info -gt 0 ]; then echo "Checking main routing table" ; fi
186 
1877simandlif [ $scm_info -gt 0 ]; then echo "Filling tables" ; fi
188 
1899simandlsl_igws=`$sl_catcmd $sl_sedlocache/$sl_nmcnf | $sl_grepcmd -E "^igw|^myigw" | $sl_awkcmd '{print $3"*"$2"*"$1}'`
1907simandl 
191for sl_igw in $sl_igws
192 do
193 sl_igwn=`echo $sl_igw | $sl_awkcmd -F '*' '{print $1}'`
194 sl_igwip=`echo $sl_igw | $sl_awkcmd -F '*' '{print $2}'`
1959simandl sl_igwtype=`echo $sl_igw | $sl_awkcmd -F '*' '{print $3}'`
19615simandl 
19714simandl#oprava falesneho routovani na lokalni iface - pokud jsme lokalni igw tak se nema najit ip
198#protoze cesta dal neni - jsme totiz uz na lokalnim iface
19915simandl#head je tam proto ze se pro prespolni(a bgp) muze objevit vice rout s ruznou metrikou tak vezmem jen prvni (head)
200#s nejmensi metrikou (sort)
201 sl_igwgt=`$sl_ipcmd ro ls | $sl_grepcmd -v "proto kernel" | $sl_grepcmd "^$sl_igwip " | sort | $sl_awkcmd '{print $3}' | head -n 1`
2027simandl 
2039simandl # equal cost multipath detection - just first IP is taken as way to igw
2047simandl if [ "$sl_igwgt x" = "zebra x" ]
205 then
206 sl_igwgt=`$sl_ipcmd ro ls | $sl_grepcmd -A 1 "^$sl_igwip " | $sl_grepcmd "nexthop" | $sl_awkcmd '{print $3}'`
207 fi
208 
2099simandl #if myigw then fill table for local gateway with single ip from config
210 if [ "$sl_igwtype x" = "myigw x" ]
211 then
212 sl_igwgt=$sl_igwip
213 fi
21411simandl #testing if the igw has not a route in global routing table
2157simandl if [ "$sl_igwgt x" = " x" ]
216 then
21711simandl if [ $scm_info -gt 1 ]; then echo "Route not found for igw $sl_igwn" ; fi
218 sl_myigw=`cat $sl_sedlocnf | $sl_grepcmd "^myigw" | $sl_grepcmd $sl_igwn | $sl_awkcmd '{print $3}'`
219 #testing if the igw without route is in local config
220 #if not we go to flush its table and set flag to redo rules
221 if [ "$sl_myigw x" = " x" ]
222 then
223 #getting num of routes of igw
22413simandl sl_igwnr=`$sl_ipcmd ro ls ta all | $sl_grepcmd -c "table ${sl_igwn} "`
22511simandl if [ "$sl_igwnr x" = "0 x" ]
226 then
22712simandl if [ $scm_info -gt 1 ]; then echo "Table $sl_igwn is already empty - no action taken" ; fi
22811simandl else
22912simandl if [ $scm_info -gt 1 ]; then echo "Table $sl_igwn will be flushed and rules rearranged" ; fi
23011simandl $sl_ipcmd ro fl ta $sl_igwn
231 #because this igw dissapeared we set a flag for rules recreation
232 sl_diffigw=1
233 fi
234 else
23513simandl if [ $scm_info -gt 1 ]; then echo "Igw $sl_igwn found in local config - leaving table as is" ; fi
23611simandl fi
2377simandl else
238 sl_tbl=`$sl_ipcmd ro ls ta $sl_igwn`
23912simandl #if the table is empty we fill it and we set flag for rules recreation
240 if [ "$sl_tbl x" = " x" ]
2417simandl then
24212simandl sl_diffigw=1
243 $sl_ipcmd ro add 0.0.0.0/1 via $sl_igwgt ta $sl_igwn
244 $sl_ipcmd ro add 128.0.0.0/1 via $sl_igwgt ta $sl_igwn
245 if [ "$sl_igwtype x" = "myigw x" ]
246 then
247 if [ $scm_info -gt 1 ]; then echo "Table $sl_igwn filled with default myigw $sl_igwgt" ; fi
248 else
249 if [ $scm_info -gt 1 ]; then echo "Table $sl_igwn filled with default gw $sl_igwgt" ; fi
250 fi
251 #the table is not empty so we check if routes are the same
2529simandl else
25312simandl #picking default gateway from the table
254 sl_igwogt=`$sl_ipcmd ro ls ta $sl_igwn | $sl_awkcmd '{print $3}' | uniq`
255 #checking if the old default is same as the new one
256 if [ "$sl_igwogt x" = "$sl_igwgt x" ]
257 then
258 if [ $scm_info -gt 1 ]; then echo "Table $sl_igwn will not be changed and default is $sl_igwgt" ; fi
259 else
260 #the new default is different so we will flush the table, fill new default
26115simandl if [ $scm_info -gt 1 ]; then echo "Table $sl_igwn will be rewritten to default $sl_igwgt" ; fi
26212simandl #flushing old default route in the table
263 $sl_ipcmd ro fl ta $sl_igwn
264 #filling new default
265 $sl_ipcmd ro add 0.0.0.0/1 via $sl_igwgt ta $sl_igwn
266 $sl_ipcmd ro add 128.0.0.0/1 via $sl_igwgt ta $sl_igwn
267 fi
2689simandl fi
2697simandl fi
270 done
271 
272} # s_filltables
2738simandl 
2747simandl######################################################################
27510simandl# filling rttab with tables from config
276# only new tables are created with a new uniq number that is not important because
277# usually we handle tables just by their names
278# this routine acts only when a new iGW appears - only adding a table is supported
279# no deleting is implemented because it seems to be not necessary to delete an old table
280# because there is space enough and after reboot table will not be created
2817simandls_mktables()
282{
28310simandlif [ $scm_info -gt 0 ]; then echo "Checking tables" ; fi
284 
2859simandlsl_igws=`$sl_catcmd $sl_sedlocache/$sl_nmcnf | $sl_grepcmd -E "^igw|^myigw" | $sl_awkcmd '{print $3}'`
2867simandlfor sl_igw in $sl_igws
287 do
288 sl_igwrttb=`$sl_catcmd $sl_rttab | $sl_awkcmd '{print $2}' | $sl_grepcmd $sl_igw `
289 if [ "$sl_igwrttb x" = " x" ]
290 then
291 if [ $scm_info -gt 1 ]; then echo "Creating table for $sl_igw" ; fi
292 sl_cnt="$sl_rtnmax"
293 sl_ok="no"
294 until [ "$sl_cnt" -eq "$sl_rtnmin" ] || [ "$sl_ok" = "yes" ]
295 do
296 #space is used to recognized two and three digit numbers
297 sl_igwrttb=`cat $sl_rttab | awk '{print $1" "}' | grep "$sl_cnt " `
298 if [ "$sl_igwrttb x" = " x" ]
299 then
300 sl_ok="yes"
301 echo "$sl_cnt $sl_igw" >> $sl_rttab
302 fi
303 sl_cnt=$(($sl_cnt - 1 ))
30411simandl done
305 # a new table was created so we should set a flag for rules creation
306 sl_difftbl=1
3077simandl else
308 if [ $scm_info -gt 1 ]; then echo "Table found for $sl_igw no action taken" ; fi
309 fi
3109simandl done
3117simandl} # s_mktables
3128simandl 
3137simandl######################################################################
314s_getcfg()
315{
316if [ $scm_info -gt 0 ]; then echo "Getting config" ; fi
317if [ $scm_info -gt 1 ]; then echo "Using main config $sl_murlcfg" ; fi
318if [ $scm_info -gt 1 ]; then echo "Using local config $sl_sedlocnf" ; fi
319 
32010simandlrm -f "$sl_sedlocache/$sl_nmcnf.main.tmp"
3217simandl 
32210simandl$sl_wgetcmd -q -t 3 $sl_murlcfg -O "$sl_sedlocache/$sl_nmcnf.main.tmp"
323 
3247simandlif [ -s $sl_sedlocache/$sl_nmcnf.main.tmp ]
325 then
326 date > $sl_sedlocache/last_getcnf.txt
327 cp $sl_sedlocache/$sl_nmcnf.main.tmp $sl_sedlocache/$sl_nmcnf.main
32810simandl if [ $scm_info -gt 1 ]; then echo "Main config downloaded and accepted" ; fi
3297simandl else
3308simandl if [ $scm_info -gt 1 ]; then echo "Main config not downloaded - cached config will be used" ; fi
331 echo -n "Main config not downloaded " > $sl_sedlocache/last_getcnf.txt
3327simandl date >> $sl_sedlocache/last_getcnf.txt
333fi
334 
33510simandl# before generating a new cached config we store the old one for
336# comparison with the new one
337rm -f "$sl_sedlocache/$sl_nmcnf.old"
338if [ -s $sl_sedlocache/$sl_nmcnf ]
339 then
340 cp $sl_sedlocache/$sl_nmcnf $sl_sedlocache/$sl_nmcnf.old
341 else
342 touch $sl_sedlocache/$sl_nmcnf.old
343fi
344 
3457simandl# preparing cached config from local and main
346# the local config should be processed as the second to have
347# higher priority for rules from local config
348echo "# generated file" > $sl_sedlocache/$sl_nmcnf
349for sl_file in `ls $sl_sedlocache/$sl_nmcnf.main ; ls $sl_sedlocnf`
350do
351cat $sl_file | grep "^mcnf" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2}' >> $sl_sedlocache/$sl_nmcnf
352cat $sl_file | grep "^igw" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2"\t"$3}' >> $sl_sedlocache/$sl_nmcnf
353cat $sl_file | grep "^ip" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2"\t"$3"\t"$4"\t"$5"\t"$6}' >> $sl_sedlocache/$sl_nmcnf
354done
3558simandl 
356#local gateways taken from local config
357cat $sl_sedlocnf | grep "^myigw" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2"\t"$3}' >> $sl_sedlocache/$sl_nmcnf
358 
3597simandl#cat $sl_sedlocache/$sl_nmcnf | sort | uniq > $sl_sedlocache/$sl_nmcnf.uniq
360#mv $sl_sedlocache/$sl_nmcnf.uniq $sl_sedlocache/$sl_nmcnf
361 
36210simandlsl_diffcfg=`diff $sl_sedlocache/$sl_nmcnf $sl_sedlocache/$sl_nmcnf.old | grep -c .`
363if [ $sl_diffcfg -gt 0 ]
364 then
365 if [ $scm_info -gt 0 ]; then echo "New config is different than the old one" ; fi
366 else
367 if [ $scm_info -gt 0 ]; then echo "New config is the same as the old one" ; fi
368fi
369 
37011simandl# showing number of rules in config and system
37110simandlsl_numru=`ip ru ls | grep -c lookup`
372sl_numip=`grep -c ^ip $sl_sedlocache/$sl_nmcnf`
373sl_numru=$(($sl_numru - 3 ))
374if [ $sl_numip -gt $sl_numru ]
375 then
376 if [ $scm_info -gt 0 ]; then echo "We have less rules ($sl_numru) than new config has ips ($sl_numip)" ; fi
37711simandl# sl_diffcfg="1"
37810simandl else
379 if [ $scm_info -gt 0 ]; then echo "We have $sl_numru rules and $sl_numip ips" ; fi
380fi
381 
3827simandl}
3838simandl 
3847simandl######################################################################
385s_version()
386{
387 echo sedlo $sl_version
388} # s_version
3898simandl 
3907simandl######################################################################
391s_report()
392{
3939simandl echo Content-type: text/html
394 echo
395 echo "Sedlo na routeru `hostname`"
396 echo "<pre>"
3977simandl echo "##### SEDLO #####"
398 echo "date : `date`"
399 echo "version : $sl_version"
400 echo "local_config : $sl_sedlocnf"
4019simandl echo "main_config : <a href=\"$sl_murlcfg\">$sl_murlcfg</a>"
4027simandl echo "last update : `cat $sl_sedlocache/last_getcnf.txt`"
403 echo "##### TABLES #####"
404 cat $sl_rttab
4059simandl echo ; echo "##### DEFAULT ROUTES IN TABLES #####"
406 $sl_ipcmd ro ls ta all | $sl_grepcmd table | $sl_grepcmd -v local | $sl_trcmd " " "\t"
407 echo ; echo "##### RULES FOR IPS #####"
408 $sl_ipcmd ru ls | $sl_trcmd " " "\t"
409 echo "</pre>"
4107simandl} # s_report
4118simandl 
4129simandl 
413 
4147simandl######################################################################
415s_help()
416{
417 echo Pouziti: sedlo [param]
418 echo param:
419 echo -V vypise verzi
420 echo -help vypise napovedu
421 echo -v malo upovidany
422 echo -vv hodne upovidany
423 echo -nogetcfg zajisti ze se nedude znovu nacitat konfigurace a pouzije se predchozi z cache
424 echo -report vypise prehled pravidel a tabulek
425 echo -flru odstrani vsechny pravidla
42611simandl echo -force bezpodminecne znovu obnovi vsechny pravidla
4277simandl} # s_help
4288simandl 
4297simandl######################################################################
430######################################################################
431 
432sl_unknown=""
433scm_nogetcfg=0
434scm_flru=0
435scm_info=0
43611simandlscm_force=0
437sl_diffigw=0
438sl_difftbl=0
4397simandl 
440# parsing input parameters
441while [ "a$1" != "a" ]
442do
443 case $1 in
444 -V)
445 s_version
446 exit 0
447 ;;
448 -h)
449 s_help
450 exit 0
451 ;;
452 -report)
453 s_report
454 exit 0
455 ;;
456 -flru)
457 scm_flru=1
458 shift
459 ;;
46011simandl -force)
461 scm_force=1
462 shift
463 ;;
4647simandl -help)
465 s_help
466 exit 0
467 ;;
468 -nogetcfg)
469 scm_nogetcfg=1
470 shift
471 ;;
472 -v)
473 scm_info=1
474 shift
475 ;;
476 -vv)
477 scm_info=2
478 shift
479 ;;
480 *)
481 sl_unknown="$sl_unknown$1 "
482 shift
483 esac
484done
485 
486# printing the list of bad parameters (if there are some)
487if [ "a$sl_unknown" != "a" ]
488then
489 echo "$slm_unknown $sl_unknown"
490 s_help
491 exit 0
492fi
493 
494if [ $scm_flru -eq 1 ]
495then
49616simandl s_flruall
4977simandl exit 0
498fi
499 
500if [ $scm_nogetcfg -eq 0 ]
501then
502 s_getcfg
503fi
504 
505s_mktables
506s_filltables
50715simandl#toto je pro ladici ucely
50811simandl#echo $sl_difftbl
509#echo $sl_diffcfg
510#echo $sl_diffigw
511#echo $scm_force
51213simandl#exit 0
51315simandl 
51411simandl#flushing and filling rules is done only when
515#new table is created
516#config is changed
517#some igw dissapears or appears
518#-force command line parameter was used
519if [ $sl_difftbl -gt 0 ] || [ $sl_diffcfg -gt 0 ] || [ $sl_diffigw -gt 0 ] || [ $scm_force -gt 0 ]
52010simandlthen
521 s_fillrules
522fi
523 
52416simandl 
5257simandlexit 0

Powered by WebSVN 2.2.1