sedlo |
Subversion Repositories: |
Rev 21 | Rev 22 | |
---|---|---|
Line 3... | Line 3... | |
# release date : 03/06/2007 |
# release date : 03/06/2007 | |
# name : sedlo |
# name : sedlo | |
# description : dynamic side routing tables tool |
# description : dynamic side routing tables tool | |
# license : GPL |
# license : GPL | |
|
| |
sl_version="0.0.4pre9" |
sl_version="0.0.4pre10" | |
|
| |
PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin |
PATH=$PATH:/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin | |
|
| |
sl_nmcnf="sedlo.conf" |
sl_nmcnf="sedlo.conf" | |
sl_sedlocnf="/etc/$sl_nmcnf" |
sl_sedlocnf="/etc/$sl_nmcnf" | |
Line 16... | Line 16... | |
sl_rttab="/etc/iproute2/rt_tables" |
sl_rttab="/etc/iproute2/rt_tables" | |
sl_rtnmin=110 |
sl_rtnmin=110 | |
sl_rtnmax=200 |
sl_rtnmax=200 | |
#all traffic that is handled as internal (CZF traffic) |
#all traffic that is handled as internal (CZF traffic) | |
sl_ipnodef="10.0.0.0/8" |
sl_ipnodef="10.0.0.0/8" | |
#this will specify rupriority in rule table |
#this will specify base priority in rule table | |
sl_priorules=10000 |
sl_priobase=10000 | |
#this will specify base priority in rule table select mask | ||
sl_priorulesmask="100.." | ||
#no default traffic will have rule at higher priority |
#no default traffic will have rule at higher priority | |
sl_prionodef=$(($sl_priorules - 1)) |
sl_prionodef=$(($sl_priobase - 1)) | |
|
| |
slm_unknown="Nezname parametry : " |
slm_unknown="Nezname parametry : " | |
|
| |
sl_ipcmd=`which ip` |
sl_ipcmd=`which ip` | |
sl_trcmd=`which tr` |
sl_trcmd=`which tr` | |
Line 51... | Line 53... | |
fi |
fi | |
|
| |
sl_murlcfg=`cat $sl_sedlocnf | grep "^mcnf" | uniq | awk '{print $2" "$3" "$4}'` |
sl_murlcfg=`cat $sl_sedlocnf | grep "^mcnf" | uniq | awk '{print $2" "$3" "$4}'` | |
|
| |
###################################################################### |
###################################################################### | |
s_maru() |
#this will delete all rules at sl_prionodef and sl_priorulesmask priorities | |
{ |
||
if [ $scm_info -gt 0 ]; then echo "Managing rules" ; fi |
||
|
||
sl_rules=`($sl_ipcmd ru ls | $sl_grepcmd -v "from all lookup" | $sl_awkcmd '{print $3"*ru"}' ; \ |
||
$sl_catcmd $sl_sedlocache/$sl_nmcnf | $sl_grepcmd "^ip" | $sl_awkcmd '{print $2"*ip"}') | sort | uniq` |
||
|
||
sl_merged=`echo $sl_rules $sl_ips | sort | uniq` |
||
|
||
echo $sl_merged |
||
|
||
} # s_maru |
||
|
||
###################################################################### |
||
#this will delete all rules at sl_prionodef an sl_priorules priorities |
||
s_flruall() |
s_flruall() | |
{ |
{ | |
if [ $scm_info -gt 0 ]; then echo "Flushing all rules" ; fi |
if [ $scm_info -gt 0 ]; then echo "Flushing all rules" ; fi | |
|
| |
sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd "^"$sl_prionodef":" | $sl_trcmd '[:blank:]' '*'` |
sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd "^"$sl_prionodef":" | $sl_trcmd '[:blank:]' '*'` | |
Line 79... | Line 67... | |
$sl_ipcmd ru del $sl_ipgws |
$sl_ipcmd ru del $sl_ipgws | |
#this should make faster applying of new routing tables |
#this should make faster applying of new routing tables | |
$sl_ipcmd ro flush cache |
$sl_ipcmd ro flush cache | |
done |
done | |
|
| |
sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd "^"$sl_priorules":" | $sl_trcmd '[:blank:]' '*'` |
sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd "^"$sl_priorulesmask":" | $sl_trcmd '[:blank:]' '*'` | |
for sl_rule in $sl_rules |
for sl_rule in $sl_rules | |
do |
do | |
sl_ipgws=`echo $sl_rule | $sl_awkcmd -F '*' '{print $2,$3,$4,$5,$6,$7}'` |
sl_ipgws=`echo $sl_rule | $sl_awkcmd -F '*' '{print $2,$3,$4,$5,$6,$7}'` | |
$sl_ipcmd ru del $sl_ipgws |
$sl_ipcmd ru del $sl_ipgws | |
#this should make faster applying of new routing tables |
#this should make faster applying of new routing tables | |
$sl_ipcmd ro flush cache |
$sl_ipcmd ro flush cache | |
done |
done | |
|
| |
} # s_flruall |
} # s_flruall | |
|
||
###################################################################### |
||
s_flru() |
||
{ |
||
if [ $scm_info -gt 0 ]; then echo "Flushing all rules" ; fi |
||
|
||
sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd ^$sl_priorules":" | $sl_trcmd '[:blank:]' '*'` |
||
|
||
for sl_rule in $sl_rules |
||
do |
||
sl_ipgws=`echo $sl_rule | $sl_awkcmd -F '*' '{print $2,$3,$4,$5,$6,$7}'` |
||
$sl_ipcmd ru del $sl_ipgws |
||
#this should make faster applying of new routing tables |
||
$sl_ipcmd ro flush cache |
||
done |
||
|
||
} # s_flru |
||
|
| |
###################################################################### |
###################################################################### | |
s_checknodefru() |
s_checknodefru() | |
{ |
{ | |
#checking if we have present nodef rule and if not we create it |
#checking if we have present nodef rule and if not we create it | |
Line 117... | Line 88... | |
#echo $sl_nodefrule |
#echo $sl_nodefrule | |
if [ "$sl_nodefrule x" == " x" ] |
if [ "$sl_nodefrule x" == " x" ] | |
then |
then | |
if [ $scm_info -gt 0 ]; then echo "Creating rule for nodef route" ; fi |
if [ $scm_info -gt 0 ]; then echo "Creating rule for nodef route" ; fi | |
$sl_ipcmd ru add from $sl_ipnodef to $sl_ipnodef lookup main prio $sl_prionodef |
$sl_ipcmd ru add from $sl_ipnodef to $sl_ipnodef lookup main prio $sl_prionodef | |
echo "delam novou" | ||
fi |
fi | |
|
||
} |
} | |
|
| |
###################################################################### |
###################################################################### | |
# here we get each ip and we create a rule to send this ip to a |
# here we get each ip and we create a rule to send this ip to a | |
# certain table |
# certain table | |
Line 131... | Line 102... | |
s_fillrules() |
s_fillrules() | |
{ |
{ | |
|
| |
#this will check no default rule if exists and if not it will be created |
#this will check no default rule if exists and if not it will be created | |
s_checknodefru |
s_checknodefru | |
|
||
#flush old rules before filling new ones |
||
#not so nice solution - it is planned to change just what's necessary |
||
#by s_maru |
||
#s_flru |
||
|
| |
if [ $scm_info -gt 0 ]; then echo "Checking rules for ips" ; fi |
if [ $scm_info -gt 0 ]; then echo "Checking rules for ips" ; fi | |
|
| |
sl_ips=`$sl_catcmd $sl_sedlocache/$sl_nmcnf | $sl_grepcmd "^ip" | $sl_awkcmd '{print $2"*"$4"*"$5"*"$6}'` |
sl_ips=`$sl_catcmd $sl_sedlocache/$sl_nmcnf | $sl_grepcmd "^ip" | $sl_awkcmd '{print $2"*"$4"*"$5"*"$6}'` | |
sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd ^$sl_priorules":" | $sl_trcmd '[:blank:]' '*'` |
sl_rules=`$sl_ipcmd ru ls | $sl_grepcmd ^$sl_priorulesmask":" | $sl_trcmd '[:blank:]' '*'` | |
|
| |
#for all IPs we check and leave, change or create rule |
#for all IPs we check and leave, change or create rule | |
for sl_ip in $sl_ips |
for sl_ip in $sl_ips | |
do |
do | |
sl_ipn=`echo $sl_ip | $sl_awkcmd -F '*' '{print $1}'` |
sl_ipn=`echo $sl_ip | $sl_awkcmd -F '*' '{print $1}'` | |
Line 174... | Line 140... | |
$sl_ipcmd ru del $sl_ipgws |
$sl_ipcmd ru del $sl_ipgws | |
#this should make faster applying of new routing tables |
#this should make faster applying of new routing tables | |
$sl_ipcmd ro flush cache |
$sl_ipcmd ro flush cache | |
done |
done | |
fi |
fi | |
|
#getting subnet mask if exists | |
sl_subnet=`echo $sl_ip | $sl_awkcmd -F '/' '{print $2}' | $sl_awkcmd -F '*' '{print $1}' ` | ||
if [ "$sl_subnet x" == " x" ] | ||
then | ||
#if subnet was not found we set subnet to 32 | ||
sl_subnet=32 | ||
else | ||
#this is just to be sure to have subnet between 1 and 32 | ||
if [ $sl_subnet -gt 32 ]; then sl_subnet=32 ; fi | ||
if [ $sl_subnet -lt 1 ]; then sl_subnet=1 ; fi | ||
fi | ||
#bigger subnets have lower priority | ||
sl_priorule=$(($sl_priobase + 32)) | ||
sl_priorule=$(($sl_priorule - $sl_subnet)) | ||
| ||
if [ $scm_info -gt 0 ]; then echo "Creating new rule to send $sl_ipn to table $sl_ipgw" ; fi |
if [ $scm_info -gt 0 ]; then echo "Creating new rule to send $sl_ipn to table $sl_ipgw" ; fi | |
$sl_ipcmd ru add from $sl_ipn lookup $sl_ipgw prio $sl_priorules |
$sl_ipcmd ru add from $sl_ipn lookup $sl_ipgw prio $sl_priorule | |
|
| |
else |
else | |
if [ $scm_info -gt 1 ]; then echo "Rule to send $sl_ipn to table $sl_ipgw already exists" ; fi |
if [ $scm_info -gt 1 ]; then echo "Rule to send $sl_ipn to table $sl_ipgw already exists" ; fi | |
fi |
fi | |
sl_ok="yes" |
sl_ok="yes" | |
Line 381... | Line 361... | |
else |
else | |
touch $sl_sedlocache/$sl_nmcnf.old |
touch $sl_sedlocache/$sl_nmcnf.old | |
fi |
fi | |
|
| |
# preparing cached config from local and main |
# preparing cached config from local and main | |
# the local config should be processed as the second to have |
# the local config should be processed as the first to have | |
# higher priority for rules from local config |
# higher priority for rules from local config | |
echo "# generated file" > $sl_sedlocache/$sl_nmcnf |
echo "# generated file" > $sl_sedlocache/$sl_nmcnf | |
for sl_file in `ls $sl_sedlocache/$sl_nmcnf.main ; ls $sl_sedlocnf` |
for sl_file in `ls $sl_sedlocnf ; ls $sl_sedlocache/$sl_nmcnf.main ` | |
do |
do | |
cat $sl_file | grep "^mcnf" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2}' >> $sl_sedlocache/$sl_nmcnf |
cat $sl_file | grep "^mcnf" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2}' >> $sl_sedlocache/$sl_nmcnf | |
cat $sl_file | grep "^igw" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2"\t"$3}' >> $sl_sedlocache/$sl_nmcnf |
cat $sl_file | grep "^igw" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2"\t"$3}' >> $sl_sedlocache/$sl_nmcnf | |
cat $sl_file | grep "^ip" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2"\t"$3"\t"$4"\t"$5"\t"$6}' >> $sl_sedlocache/$sl_nmcnf |
cat $sl_file | grep "^ip" | $sl_trcmd ';' '#' | awk '{print $1"\t"$2"\t"$3"\t"$4"\t"$5"\t"$6}' >> $sl_sedlocache/$sl_nmcnf | |
done |
done | |
Line 416... | Line 396... | |
if [ $scm_info -gt 0 ]; then echo "We have less rules ($sl_numru) than new config has ips ($sl_numip)" ; fi |
if [ $scm_info -gt 0 ]; then echo "We have less rules ($sl_numru) than new config has ips ($sl_numip)" ; fi | |
# sl_diffcfg="1" |
# sl_diffcfg="1" | |
else |
else | |
if [ $scm_info -gt 0 ]; then echo "We have $sl_numru rules and $sl_numip ips" ; fi |
if [ $scm_info -gt 0 ]; then echo "We have $sl_numru rules and $sl_numip ips" ; fi | |
fi |
fi | |
|
||
} |
} | |
|
| |
###################################################################### |
###################################################################### | |
s_version() |
s_version() | |
{ |
{ | |
Line 446... | Line 425... | |
$sl_ipcmd ro ls ta all | $sl_grepcmd table | $sl_grepcmd -v local | $sl_trcmd " " "\t" |
$sl_ipcmd ro ls ta all | $sl_grepcmd table | $sl_grepcmd -v local | $sl_trcmd " " "\t" | |
echo ; echo "##### RULES FOR IPS #####" |
echo ; echo "##### RULES FOR IPS #####" | |
$sl_ipcmd ru ls | $sl_trcmd " " "\t" |
$sl_ipcmd ru ls | $sl_trcmd " " "\t" | |
echo "</pre>" |
echo "</pre>" | |
} # s_report |
} # s_report | |
|
||
|
||
|
| |
###################################################################### |
###################################################################### | |
s_help() |
s_help() | |
{ |
{ | |
echo Pouziti: sedlo [param] |
echo Pouziti: sedlo [param] |