Fix more typos to be a good example.

Found by:	codespell
This commit is contained in:
Ulrich Spörlein 2011-05-22 14:23:48 +00:00
parent bf2fe08eea
commit 5665fe6b21
8 changed files with 139 additions and 143 deletions

View File

@ -136,7 +136,7 @@ be useful to set up clients and server for diskless boot.
should never be overwritten by the templating copy. should never be overwritten by the templating copy.
TYPICAL CUSTOMIZED CONFIGRATION SOFTLINKS TYPICAL CUSTOMIZED CONFIGURATION SOFTLINKS
The following files typically need to be turned into softlinks The following files typically need to be turned into softlinks
to /conf/ME/<filename>: to /conf/ME/<filename>:
@ -261,9 +261,9 @@ be useful to set up clients and server for diskless boot.
identity.pub identity.pub
WHEN INITIALLY CONVERTING A TARGET MACHINE TO USE TEMPLATING, ALWAYS WHEN INITIALLY CONVERTING A TARGET MACHINE TO USE TEMPLATING, ALWAYS
MAKE A FULL BACKUP OF THE TARGET MACHINE FIRST! You may accidently delete MAKE A FULL BACKUP OF THE TARGET MACHINE FIRST! You may accidentally
files on the target during the conversion due to forgetting to enter delete files on the target during the conversion due to forgetting to
items into appropriate .cpignore files on the source. enter items into appropriate .cpignore files on the source.
SECURITY CONSIDERATIONS WITH NFS ROOT EXPORT FROM TEMPLATE MACHINE SECURITY CONSIDERATIONS WITH NFS ROOT EXPORT FROM TEMPLATE MACHINE
SECURITY CONSIDERATIONS WITH NFS USR EXPORT FROM TEMPLATE MACHINE SECURITY CONSIDERATIONS WITH NFS USR EXPORT FROM TEMPLATE MACHINE

View File

@ -485,7 +485,7 @@ ${1}_isa_probe (device_t device)
/*rid*/0, membase, memsize); /*rid*/0, membase, memsize);
/* /*
* We found one, return non-positive numbers.. * We found one, return non-positive numbers..
* Return -N if we cant handle it, but not well. * Return -N if we can't handle it, but not well.
* Return -2 if we would LIKE the device. * Return -2 if we would LIKE the device.
* Return -1 if we want it a lot. * Return -1 if we want it a lot.
* Return 0 if we MUST get the device. * Return 0 if we MUST get the device.

View File

@ -40,7 +40,7 @@ BRIDGE_NAME="bnet0"
# machine as well then set ${LOCAL_IFACES} as well (they may also be # machine as well then set ${LOCAL_IFACES} as well (they may also be
# listed in ${BRIDGE_IFACES}). Of course, any ${LOCAL_IFACE} must # listed in ${BRIDGE_IFACES}). Of course, any ${LOCAL_IFACE} must
# be ifconfig(8)ured separately. If you don't want a ${LOCAL_IFACE} # be ifconfig(8)ured separately. If you don't want a ${LOCAL_IFACE}
# then assign it the emtpy string. # then assign it the empty string.
BRIDGE_IFACES="de0 fxp0 fxp1" BRIDGE_IFACES="de0 fxp0 fxp1"
LOCAL_IFACES="fxp0 fxp1" LOCAL_IFACES="fxp0 fxp1"

View File

@ -13,13 +13,13 @@ ngctl mkpeer ${CARD}: frame_relay rawdata downstream
# Link management protocol node. # Link management protocol node.
ngctl mkpeer ${CARD}:rawdata lmi dlci0 auto0 ngctl mkpeer ${CARD}:rawdata lmi dlci0 auto0
# Also attach dlci 1023, as it needs both to try autoconfiguring. # Also attach dlci 1023, as it needs both to try auto-configuring.
# The Link management protocol is now alive and probing.. # The Link management protocol is now alive and probing..
ngctl connect ${CARD}:rawdata ${CARD}:rawdata.dlci0 dlci1023 auto1023 ngctl connect ${CARD}:rawdata ${CARD}:rawdata.dlci0 dlci1023 auto1023
# Attach the DLCI(channel) the Telco has assigned you to # Attach the DLCI(channel) the Telco has assigned you to
# a node to hadle whatever protocol encapsulation your peer # a node to handle whatever protocol encapsulation your peer
# is using. In this case rfc1490 encapsulation. # is using. In this case RFC1490 encapsulation.
ngctl mkpeer ${CARD}:rawdata rfc1490 dlci${DLCI} downstream ngctl mkpeer ${CARD}:rawdata rfc1490 dlci${DLCI} downstream
@ -34,8 +34,8 @@ ngctl mkpeer ${CARD}:rawdata.dlci${DLCI} iface inet inet
# Then use ifconfig on interface ng0 as usual # Then use ifconfig on interface ng0 as usual
# A variant on this whole set might use the 'name' command to make it more # A variant on this whole set might use the 'name' command to make it more
# readable. but it doesn't work if you have multiple lines or dlcis # readable. But it doesn't work if you have multiple lines or dlcis
# e.g. # e.g.
# ngctl mkpeer ${CARD}: frame_relay rawdata downstream # ngctl mkpeer ${CARD}: frame_relay rawdata downstream
# ngctl name ${CARD}:rawdata mux # ngctl name ${CARD}:rawdata mux
# ngctl mkpeer mux: lmi dlci0 auto0 # ngctl mkpeer mux: lmi dlci0 auto0

View File

@ -46,7 +46,7 @@
# Note that we used ngctl's ``name'' command to do this. However, # Note that we used ngctl's ``name'' command to do this. However,
# the following manually constructed netgraph message would have # the following manually constructed netgraph message would have
# acomplished the exact same thing: # accomplished the exact same thing:
+ msg foo name { name="fred" } + msg foo name { name="fred" }
@ -85,7 +85,7 @@
# As soon as we sent the message, we got back a response. Here # As soon as we sent the message, we got back a response. Here
# ngctl is telling us that it received a control message with the # ngctl is telling us that it received a control message with the
# NGF_RESP (response) flag set, the reponse was to a prior ``getname'' # NGF_RESP (response) flag set, the response was to a prior ``getname''
# control message, that the originator was the node addressable # control message, that the originator was the node addressable
# as ``fred:''. The message arguments field is then displayed to # as ``fred:''. The message arguments field is then displayed to
# us in its ASCII form. In this case, what we get back is a struct # us in its ASCII form. In this case, what we get back is a struct

View File

@ -6,7 +6,7 @@
CARD=sr0 CARD=sr0
# create an interface "ng0" and attach it to the sync port. # create an interface "ng0" and attach it to the sync port.
# The packets had jolly well better be ip because we are not discriminating. # The packets had jolly well better be IP because we are not discriminating.
ngctl mkpeer ${CARD}: iface rawdata inet ngctl mkpeer ${CARD}: iface rawdata inet
# if ng0 already exists, use a CONNECT command instead of a mkpeer. e.g. # if ng0 already exists, use a CONNECT command instead of a mkpeer. e.g.

View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# Copyright (c) 2010, Yavuz Gokirmak # Copyright (c) 2010, Yavuz Gokirmak
# #
# All rights reserved. # All rights reserved.
# #
@ -14,7 +14,6 @@
# #
# $FreeBSD$ # $FreeBSD$
# #
#
# This script creates and connects n router like nodes. Complex wide # This script creates and connects n router like nodes. Complex wide
# area topologies can be created with the help of script. # area topologies can be created with the help of script.
# #
@ -25,9 +24,9 @@
# #
# 0. Make your own copy of this example script. # 0. Make your own copy of this example script.
# #
# 1. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual # 1. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual
# nodes. Virtual topology definition includes node names and their # nodes. Virtual topology definition includes node names and their
# IP address. Target top. sytax: ( name|ip<->name|ip ... ) # IP address. Target top. syntax: ( name|ip<->name|ip ... )
# Example 1: ( n1|10.0.2.1/30<->n2|10.0.2.2/30 ...) # Example 1: ( n1|10.0.2.1/30<->n2|10.0.2.2/30 ...)
# Example 2: ( n1|2001:b90::14a/125<->n1|2001:b90::14b/125 ...) # Example 2: ( n1|2001:b90::14a/125<->n1|2001:b90::14b/125 ...)
# #
@ -35,21 +34,21 @@
# #
# 3. Add necessary static route commands for each virtual node. For # 3. Add necessary static route commands for each virtual node. For
# example assume you have three virtual nodes connected each other # example assume you have three virtual nodes connected each other
# llike a chain ( n1 is connected to n2, n2 is connecte to n3 ). # like a chain (n1 is connected to n2, n2 is connected to n3).
# In order to estabklish connectivity among these virtual nodes, # In order to establish connectivity among these virtual nodes,
# you have to add default routes to node n1 and node n3. Example # you have to add default routes to node n1 and node n3. Example
# static route command is: # static route command is:
# STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2" # STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
# STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5" # STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5"
# After defining default routes with above format you have to set # After defining default routes with above format you have to set
# the total number of static route commands as: # the total number of static route commands as:
# STATIC_ROUTE_CNT=2 # STATIC_ROUTE_CNT=2
# #
# 4. Stop bridging by running this script with "stop" as the # 4. Stop bridging by running this script with "stop" as the
# command line argument. # command line argument.
# #
# 5. This cript uses a template file in order to carry information # 5. This script uses a template file in order to carry information
# between start and stop calls. # between start and stop calls.
# In the start call, the netgraph interfaces and jails are created. # In the start call, the netgraph interfaces and jails are created.
# At the stop phase, all created objects should be removed. # At the stop phase, all created objects should be removed.
# DO NOT delete the temporary file between the start and stop phases. # DO NOT delete the temporary file between the start and stop phases.
@ -84,8 +83,8 @@
# #
# #
# List the names of virtual nodes and their IP addresses. Use ':' # List the names of virtual nodes and their IP addresses. Use ':'
# character to seperate node name from node IP address and netmask. # character to separate node name from node IP address and netmask.
TARGET_TOPOLOGY="n1|10.0.2.1/30<->n2|10.0.2.2/30 n2|10.0.2.5/30<->n3|10.0.2.6/30 n2|10.0.2.9/30<->n4|10.0.2.10/30" TARGET_TOPOLOGY="n1|10.0.2.1/30<->n2|10.0.2.2/30 n2|10.0.2.5/30<->n3|10.0.2.6/30 n2|10.0.2.9/30<->n4|10.0.2.10/30"
STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2" STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
@ -93,10 +92,10 @@ STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5"
STATIC_ROUTE2="jexec n4 route add -inet default 10.0.2.9" STATIC_ROUTE2="jexec n4 route add -inet default 10.0.2.9"
STATIC_ROUTE_CNT=3 STATIC_ROUTE_CNT=3
# MAC manifacturer prefix. This can be modified according to needs. # MAC manufacturer prefix. This can be modified according to needs.
MAC_PREFIX="00:1d:92" MAC_PREFIX="00:1d:92"
# Temporary file is important for proper execution of script. # Temporary file is important for proper execution of script.
TEMP_FILE="/var/tmp/.virtual.chain.tmp" TEMP_FILE="/var/tmp/.virtual.chain.tmp"
# Set root directory for jails to be created. # Set root directory for jails to be created.
@ -112,7 +111,7 @@ JAIL_PATH="/usr/jails/router"
virtual_chain_start() { virtual_chain_start() {
# Load netgraph KLD's as necessary. # Load netgraph KLD's as necessary.
for KLD in ng_ether ng_bridge ng_eiface; do for KLD in ng_ether ng_bridge ng_eiface; do
if ! kldstat -v | grep -qw ${KLD}; then if ! kldstat -v | grep -qw ${KLD}; then
echo -n "Loading ${KLD}.ko... " echo -n "Loading ${KLD}.ko... "
@ -122,21 +121,21 @@ virtual_chain_start() {
done done
# Reset all interfaces and jails. If temporary file can not be found # Reset all interfaces and jails. If temporary file can not be found
# script assumes that there is no previous configuration. # script assumes that there is no previous configuration.
if [ ! -e ${TEMP_FILE} ]; then if [ ! -e ${TEMP_FILE} ]; then
echo "No previous configuration(${TEMP_FILE}) found to clean-up." echo "No previous configuration(${TEMP_FILE}) found to clean-up."
else else
echo -n "Cleaning previous configuration..." echo -n "Cleaning previous configuration..."
virtual_chain_stop virtual_chain_stop
echo "done" echo "done"
fi fi
# Create temporary file for usage. This file includes generated # Create temporary file for usage. This file includes generated
# interface names and jail names. All bridges, interfaces and jails # interface names and jail names. All bridges, interfaces and jails
# are written to file while created. In clean-up process written # are written to file while created. In clean-up process written
# objects are cleaned (i.e removed) from system. # objects are cleaned (i.e. removed) from system.
if [ -e ${TEMP_FILE} ]; then if [ -e ${TEMP_FILE} ]; then
touch ${TEMP_FILE} touch ${TEMP_FILE}
fi fi
@ -144,40 +143,40 @@ virtual_chain_start() {
# Attach other interfaces as well. # Attach other interfaces as well.
for CONNECTION in ${TARGET_TOPOLOGY}; do for CONNECTION in ${TARGET_TOPOLOGY}; do
# Virtual connections are defined in TARGET_TOPOLOGY variable. # Virtual connections are defined in TARGET_TOPOLOGY variable.
# They have the form of 'nodeName|IPaddr'. Below two lines split # They have the form of 'nodeName|IPaddr'. Below two lines split
PEER1=`echo ${CONNECTION} | awk -F"<->" '{print $1}'` PEER1=`echo ${CONNECTION} | awk -F"<->" '{print $1}'`
PEER1_NAME=`echo ${PEER1} | awk -F"|" '{print $1}'` PEER1_NAME=`echo ${PEER1} | awk -F"|" '{print $1}'`
PEER1_IP=`echo ${PEER1} | awk -F"|" '{print $2}'` PEER1_IP=`echo ${PEER1} | awk -F"|" '{print $2}'`
PEER2=`echo ${CONNECTION} | awk -F"<->" '{print $2}'` PEER2=`echo ${CONNECTION} | awk -F"<->" '{print $2}'`
PEER2_NAME=`echo ${PEER2} | awk -F"|" '{print $1}'` PEER2_NAME=`echo ${PEER2} | awk -F"|" '{print $1}'`
PEER2_IP=`echo ${PEER2} | awk -F"|" '{print $2}'` PEER2_IP=`echo ${PEER2} | awk -F"|" '{print $2}'`
# !!! if not created already.. # !!! if not created already..
# Create virtual node (jail) with given name and using # Create virtual node (jail) with given name and using
# JAIL_PATH as root directory for jail. # JAIL_PATH as root directory for jail.
virtual_chain_create_peer_if_necessary ${PEER1_NAME} virtual_chain_create_peer_if_necessary ${PEER1_NAME}
virtual_chain_create_peer_if_necessary ${PEER2_NAME} virtual_chain_create_peer_if_necessary ${PEER2_NAME}
# create an interface for peer with the given peer IP. Get interface # create an interface for peer with the given peer IP. Get interface
# for future use; you will connect this interface to the other # for future use; you will connect this interface to the other
# peers' (PEER2) interface. # peers' (PEER2) interface.
virtual_chain_create_interface_with_ip ${PEER1_NAME} ${PEER1_IP} virtual_chain_create_interface_with_ip ${PEER1_NAME} ${PEER1_IP}
PEER1_INTERFACE=${RET_INTERFACE} PEER1_INTERFACE=${RET_INTERFACE}
# create an interface for peer with the given peer IP. Get interface # create an interface for peer with the given peer IP. Get interface
# for future use; you will connect this interface to the other # for future use; you will connect this interface to the other
# peers' (PEER2) interface. # peers' (PEER2) interface.
virtual_chain_create_interface_with_ip ${PEER2_NAME} ${PEER2_IP} virtual_chain_create_interface_with_ip ${PEER2_NAME} ${PEER2_IP}
PEER2_INTERFACE=${RET_INTERFACE} PEER2_INTERFACE=${RET_INTERFACE}
# Connect virtual interface to other interface. Syntax is : # Connect virtual interface to other interface. Syntax is :
# ngctl connect INTERFACE1: INTERFACE2: ether ether. # ngctl connect INTERFACE1: INTERFACE2: ether ether.
echo -n "Connecting ${PEER1_INTERFACE}:ether to ${PEER2_INTERFACE}:ether..." echo -n "Connecting ${PEER1_INTERFACE}:ether to ${PEER2_INTERFACE}:ether..."
ngctl connect ${PEER1_INTERFACE}: ${PEER2_INTERFACE}: ether ether \ ngctl connect ${PEER1_INTERFACE}: ${PEER2_INTERFACE}: ether ether \
|| exit 1 || exit 1
@ -193,7 +192,7 @@ virtual_chain_start() {
i=`expr $i + 1` i=`expr $i + 1`
done done
echo "Virtual WAN established succesfully!" echo "Virtual WAN established successfully!"
} }
virtual_chain_create_interface_with_ip() { virtual_chain_create_interface_with_ip() {
@ -201,35 +200,35 @@ virtual_chain_create_interface_with_ip() {
NODE_NAME=$1 NODE_NAME=$1
NODE_IP=$2 NODE_IP=$2
# Create a ng_eiface object for virtual node. ng_eiface # Create a ng_eiface object for virtual node. ng_eiface
# object has a hook that can be connected to one of bridge # object has a hook that can be connected to one of bridge
# links. After creating interface get its automatically # links. After creating interface get its automatically
# generated name for further usage. # generated name for further usage.
echo "Creating eiface interface for virtual node ${NODE_NAME}." echo "Creating eiface interface for virtual node ${NODE_NAME}."
ngctl mkpeer eiface ether ether ngctl mkpeer eiface ether ether
EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'` EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'`
echo "Interface ${EIFACE} is created." echo "Interface ${EIFACE} is created."
# Write name of the interface to temp file. Clean-up procedure # Write name of the interface to temp file. Clean-up procedure
# will use this name to shutdown interface. # will use this name to shutdown interface.
echo "interface ${EIFACE}" >> ${TEMP_FILE} echo "interface ${EIFACE}" >> ${TEMP_FILE}
# Move virtual interface to virtual node. Note that Interface # Move virtual interface to virtual node. Note that Interface
# name will not be changed at the end of this movement. Moved # name will not be changed at the end of this movement. Moved
# interface can be seen at the output of ifconfig command in # interface can be seen at the output of ifconfig command in
# jail: 'jexec jailname ifconfig' # jail: 'jexec jailname ifconfig'
echo "Moving ${EIFACE} to ${NODE_NAME}" echo "Moving ${EIFACE} to ${NODE_NAME}"
ifconfig ${EIFACE} vnet ${NODE_NAME} ifconfig ${EIFACE} vnet ${NODE_NAME}
# Make lo0 interface localhost. # Make lo0 interface localhost.
jexec ${NODE_NAME} ifconfig lo0 localhost jexec ${NODE_NAME} ifconfig lo0 localhost
# Generate a random mac address for virtual interface. First # Generate a random mac address for virtual interface. First
# three octets can be changed by user. Last three octets are # three octets can be changed by user. Last three octets are
# generated randomly. # generated randomly.
M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \ M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
awk '{ print $1 % 256 }'` awk '{ print $1 % 256 }'`
M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \ M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
@ -244,16 +243,16 @@ virtual_chain_create_interface_with_ip() {
echo "Setting MAC address of ${EIFACE} to '${MAC}'" echo "Setting MAC address of ${EIFACE} to '${MAC}'"
jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC
# Either IPv4 or IPv6 can be used in this script. Ifconfig # Either IPv4 or IPv6 can be used in this script. Ifconfig
# IP setting syntax differs slightly for two IP versions. # IP setting syntax differs slightly for two IP versions.
# For version 4 'inet' keyword is used whereas for version 6 # For version 4 'inet' keyword is used whereas for version 6
# 'inet6' is used. Below line tries to decide which IP version # 'inet6' is used. Below line tries to decide which IP version
# is given and sets IPVER to 'inet' or 'inet6'. # is given and sets IPVER to 'inet' or 'inet6'.
IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \ IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \
if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \ if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \
last[1]<256) print "inet"; else print "inet6"}'` last[1]<256) print "inet"; else print "inet6"}'`
# Set IP address of virtual interface in virtual node. # Set IP address of virtual interface in virtual node.
echo "Setting IP address of ${EIFACE} to '${NODE_IP}'" echo "Setting IP address of ${EIFACE} to '${NODE_IP}'"
jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP} jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP}
@ -264,23 +263,22 @@ virtual_chain_create_interface_with_ip() {
virtual_chain_create_peer_if_necessary() { virtual_chain_create_peer_if_necessary() {
if ! grep -q $1 ${TEMP_FILE} ; then if ! grep -q $1 ${TEMP_FILE} ; then
echo -n "Creating virtual node (jail) ${1}..." echo -n "Creating virtual node (jail) ${1}..."
jail -c vnet name=${1} host.hostname=${1} \ jail -c vnet name=${1} host.hostname=${1} \
path=${JAIL_PATH} persist path=${JAIL_PATH} persist
jexec ${1} sysctl -w net.inet.ip.forwarding=1 jexec ${1} sysctl -w net.inet.ip.forwarding=1
jexec ${1} sysctl -w net.inet6.ip6.forwarding=1 jexec ${1} sysctl -w net.inet6.ip6.forwarding=1
echo "done" echo "done"
# Write name of the jail to temp file. Clean-up # Write name of the jail to temp file. Clean-up
# procedure will use this name to remove jail. # procedure will use this name to remove jail.
echo "node ${1}" >> ${TEMP_FILE} echo "node ${1}" >> ${TEMP_FILE}
fi fi
} }
# Stop routine. # Stop routine.
virtual_chain_stop() { virtual_chain_stop() {
@ -288,31 +286,31 @@ virtual_chain_stop() {
echo "Nothing to stop! ${TEMP_FILE}: temp file not found" echo "Nothing to stop! ${TEMP_FILE}: temp file not found"
else else
echo -n "Shutdown bridge interface.." echo -n "Shutdown bridge interface.."
OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'` OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'`
for BRIDGE in ${OBJECTS}; do for BRIDGE in ${OBJECTS}; do
ngctl shutdown ${BRIDGE}: >/dev/null 2>&1 ngctl shutdown ${BRIDGE}: >/dev/null 2>&1
done done
echo "done" echo "done"
echo -n "Shutdown all eiface interfaces..." echo -n "Shutdown all eiface interfaces..."
OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'` OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'`
for INTERFACE in ${OBJECTS}; do for INTERFACE in ${OBJECTS}; do
ngctl shutdown ${INTERFACE}: >/dev/null 2>&1 ngctl shutdown ${INTERFACE}: >/dev/null 2>&1
done done
echo "done" echo "done"
echo -n "Removing all jails..." echo -n "Removing all jails..."
OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'` OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'`
for NODE in ${OBJECTS}; do for NODE in ${OBJECTS}; do
jail -r ${NODE} jail -r ${NODE}
done done
echo "done" echo "done"
echo "Removing tempfile ${TEMP_FILE}" echo "Removing tempfile ${TEMP_FILE}"
rm ${TEMP_FILE} rm ${TEMP_FILE}
fi fi
echo "Virtual LAN objects removed succesfully!" echo "Virtual LAN objects removed successfully!"
} }
@ -324,7 +322,6 @@ virtual_chain_usage() {
# Main entry point. # Main entry point.
case $# in case $# in
1) 1)
case $1 in case $1 in
@ -340,7 +337,7 @@ case $# in
echo " temp file not found" echo " temp file not found"
else else
virtual_chain_stop virtual_chain_stop
fi fi
;; ;;
help) help)
virtual_chain_usage virtual_chain_usage

View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# Copyright (c) 2010, Yavuz Gokirmak # Copyright (c) 2010, Yavuz Gokirmak
# #
# All rights reserved. # All rights reserved.
# #
@ -13,13 +13,12 @@
# its use. # its use.
# #
# $FreeBSD$ # $FreeBSD$
# #
# This script adds virtual nodes to one of the physical interfaces # This script adds virtual nodes to one of the physical interfaces
# visible on your local area network (LAN). Virtual nodes seems real # visible on your local area network (LAN). Virtual nodes seems real
# to external observers. # to external observers.
# If traceroute is executed to one of virtual nodes, the IP # If traceroute is executed to one of virtual nodes, the IP
# address of the physical interface will not be seen in the output. # address of the physical interface will not be seen in the output.
# Virtual nodes are generated via jails and network connections are # Virtual nodes are generated via jails and network connections are
# established using ng_bridge(4) and ng_eiface(4) node types. # established using ng_bridge(4) and ng_eiface(4) node types.
# #
@ -29,11 +28,11 @@
# #
# 1. Edit the definition of ${ETHER_INTF} as described below # 1. Edit the definition of ${ETHER_INTF} as described below
# to define your real interface connected to the LAN. Virtual nodes # to define your real interface connected to the LAN. Virtual nodes
# will placed on the same physical network as this interface. # will placed on the same physical network as this interface.
# #
# 2. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual # 2. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual
# nodes. Virtual topology definition includes node names and their # nodes. Virtual topology definition includes node names and their
# IP address. Target top. sytax: ( node1|ip1/24 node2|ip2/24 ... ) # IP address. Target top. syntax: ( node1|ip1/24 node2|ip2/24 ... )
# Example 1: ( n1|122.122.122.12/24, n2|122.122.122.13/24 ...) # Example 1: ( n1|122.122.122.12/24, n2|122.122.122.13/24 ...)
# Example 2: ( n1|2001:b90::14a/125, n1|2001:b90::14b/125 ...) # Example 2: ( n1|2001:b90::14a/125, n1|2001:b90::14b/125 ...)
# #
@ -41,9 +40,9 @@
# #
# 4. Stop bridging by running this script with "stop" as the # 4. Stop bridging by running this script with "stop" as the
# command line argument. # command line argument.
# #
# 5. This cript uses a template file in order to carry information # 5. This script uses a template file in order to carry information
# between start and stop calls. # between start and stop calls.
# In the start call, the netgraph interfaces and jails are created. # In the start call, the netgraph interfaces and jails are created.
# At the stop phase, all created objects should be removed. # At the stop phase, all created objects should be removed.
# DO NOT delete the temporary file between the start and stop phases. # DO NOT delete the temporary file between the start and stop phases.
@ -80,19 +79,19 @@
# #
# Give the name of ethernet interface. Virtual nodes will be seen as # Give the name of ethernet interface. Virtual nodes will be seen as
# local neighbours of this interface. # local neighbours of this interface.
ETHER_INTF="em0" ETHER_INTF="em0"
# List the names of virtual nodes and their IP addresses. Use ':' # List the names of virtual nodes and their IP addresses. Use ':'
# character to seperate node name from node IP address and netmask. # character to separate node name from node IP address and netmask.
TARGET_TOPOLOGY="c1|10.0.2.20/24 c2|10.0.2.21/24 c3|10.0.2.22/24" TARGET_TOPOLOGY="c1|10.0.2.20/24 c2|10.0.2.21/24 c3|10.0.2.22/24"
# MAC manifacturer prefix. This can be modified according to needs. # MAC manufacturer prefix. This can be modified according to needs.
MAC_PREFIX="00:1d:92" MAC_PREFIX="00:1d:92"
# Temporary file is important for proper execution of script. # Temporary file is important for proper execution of script.
TEMP_FILE="/var/tmp/.virtual.lan.tmp" TEMP_FILE="/var/tmp/.virtual.lan.tmp"
# Set root directory for jails to be created. # Set root directory for jails to be created.
@ -108,7 +107,7 @@ JAIL_PATH="/usr/jails/node"
virtual_lan_start() { virtual_lan_start() {
# Load netgraph KLD's as necessary. # Load netgraph KLD's as necessary.
for KLD in ng_ether ng_bridge ng_eiface; do for KLD in ng_ether ng_bridge ng_eiface; do
if ! kldstat -v | grep -qw ${KLD}; then if ! kldstat -v | grep -qw ${KLD}; then
echo -n "Loading ${KLD}.ko... " echo -n "Loading ${KLD}.ko... "
@ -118,21 +117,21 @@ virtual_lan_start() {
done done
# Reset all interfaces and jails. If temporary file can not be found # Reset all interfaces and jails. If temporary file can not be found
# script assumes that there is no previous configuration. # script assumes that there is no previous configuration.
if [ ! -e ${TEMP_FILE} ]; then if [ ! -e ${TEMP_FILE} ]; then
echo "No previous configuration(${TEMP_FILE}) found to clean-up." echo "No previous configuration(${TEMP_FILE}) found to clean-up."
else else
echo -n "Cleaning previous configuration..." echo -n "Cleaning previous configuration..."
virtual_lan_stop virtual_lan_stop
echo "done" echo "done"
fi fi
# Create temporary file for usage. This file includes generated # Create temporary file for usage. This file includes generated
# interface names and jail names. All bridges, interfaces and jails # interface names and jail names. All bridges, interfaces and jails
# are written to file while created. In clean-up process written # are written to file while created. In clean-up process written
# objects are cleaned (i.e removed) from system. # objects are cleaned (i.e. removed) from system.
if [ -e ${TEMP_FILE} ]; then if [ -e ${TEMP_FILE} ]; then
touch ${TEMP_FILE} touch ${TEMP_FILE}
fi fi
@ -150,20 +149,20 @@ virtual_lan_start() {
# is used to create a name for new bridge. # is used to create a name for new bridge.
BRIDGE_COUNT=`ngctl l | grep bridge | wc -l | sed -e "s/ //g"` BRIDGE_COUNT=`ngctl l | grep bridge | wc -l | sed -e "s/ //g"`
BRIDGE_NAME="bridge${BRIDGE_COUNT}" BRIDGE_NAME="bridge${BRIDGE_COUNT}"
# Create new ng_bridge(4) node and attach it to the ethernet interface. # Create new ng_bridge(4) node and attach it to the ethernet interface.
# Connect ng_ether:lower hook to bridge:link0 when creating bridge and # Connect ng_ether:lower hook to bridge:link0 when creating bridge and
# connect ng_ether:upper hook to bridge:link1 after bridge name is set. # connect ng_ether:upper hook to bridge:link1 after bridge name is set.
echo "Creating bridge interface: ${BRIDGE_NAME}..." echo "Creating bridge interface: ${BRIDGE_NAME}..."
ngctl mkpeer ${ETHER_INTF}: bridge lower link0 || exit 1 ngctl mkpeer ${ETHER_INTF}: bridge lower link0 || exit 1
ngctl name ${ETHER_INTF}:lower ${BRIDGE_NAME} || exit 1 ngctl name ${ETHER_INTF}:lower ${BRIDGE_NAME} || exit 1
ngctl connect ${ETHER_INTF}: ${BRIDGE_NAME}: upper link1 || exit 1 ngctl connect ${ETHER_INTF}: ${BRIDGE_NAME}: upper link1 || exit 1
echo "Bridge ${BRIDGE_NAME} is created and ${ETHER_INTF} is connected." echo "Bridge ${BRIDGE_NAME} is created and ${ETHER_INTF} is connected."
# In the above code block two hooks are connected to bridge interface, # In the above code block two hooks are connected to bridge interface,
# therefore LINKNUM is set to 2 indicating total number of connected # therefore LINKNUM is set to 2 indicating total number of connected
# hooks on the bridge interface. # hooks on the bridge interface.
LINKNUM=2 LINKNUM=2
# Write name of the bridge to temp file. Clean-up procedure will use # Write name of the bridge to temp file. Clean-up procedure will use
@ -173,7 +172,7 @@ virtual_lan_start() {
# Attach other interfaces as well. # Attach other interfaces as well.
for NODE in ${TARGET_TOPOLOGY}; do for NODE in ${TARGET_TOPOLOGY}; do
# Virtual nodes are defined in TARGET_TOPOLOGY variable. They # Virtual nodes are defined in TARGET_TOPOLOGY variable. They
# have the form of 'nodeName|IPaddr'. Below two lines split # have the form of 'nodeName|IPaddr'. Below two lines split
# node definition to get node name and node IP. # node definition to get node name and node IP.
@ -181,48 +180,48 @@ virtual_lan_start() {
NODE_NAME=`echo ${NODE} | awk -F"|" '{print $1}'` NODE_NAME=`echo ${NODE} | awk -F"|" '{print $1}'`
NODE_IP=`echo ${NODE} | awk -F"|" '{print $2}'` NODE_IP=`echo ${NODE} | awk -F"|" '{print $2}'`
# Create virtual node (jail) with given name and using # Create virtual node (jail) with given name and using
# JAIL_PATH as root directory for jail. # JAIL_PATH as root directory for jail.
echo -n "Creating virtual node (jail) ${NODE_NAME}..." echo -n "Creating virtual node (jail) ${NODE_NAME}..."
jail -c vnet name=${NODE_NAME} host.hostname=${NODE_NAME} \ jail -c vnet name=${NODE_NAME} host.hostname=${NODE_NAME} \
path=${JAIL_PATH} persist path=${JAIL_PATH} persist
echo "done" echo "done"
# Write name of the jail to temp file. Clean-up procedure will # Write name of the jail to temp file. Clean-up procedure will
# use this name to remove jail. # use this name to remove jail.
echo "node ${NODE_NAME}" >> ${TEMP_FILE} echo "node ${NODE_NAME}" >> ${TEMP_FILE}
# Create a ng_eiface object for virtual node. ng_eiface # Create a ng_eiface object for virtual node. ng_eiface
# object has a hook that can be connected to one of bridge # object has a hook that can be connected to one of bridge
# links. After creating interface get its automatically # links. After creating interface get its automatically
# generated name for further usage. # generated name for further usage.
echo "Creating eiface interface for virtual node ${NODE_NAME}." echo "Creating eiface interface for virtual node ${NODE_NAME}."
ngctl mkpeer eiface ether ether ngctl mkpeer eiface ether ether
EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'` EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'`
echo "Interface ${EIFACE} is created." echo "Interface ${EIFACE} is created."
# Write name of the interface to temp file. Clean-up procedure # Write name of the interface to temp file. Clean-up procedure
# will use this name to shutdown interface. # will use this name to shutdown interface.
echo "interface ${EIFACE}" >> ${TEMP_FILE} echo "interface ${EIFACE}" >> ${TEMP_FILE}
# Move virtual interface to virtual node. Note that Interface # Move virtual interface to virtual node. Note that Interface
# name will not be changed at the end of this movement. Moved # name will not be changed at the end of this movement. Moved
# interface can be seen at the output of ifconfig command in # interface can be seen at the output of ifconfig command in
# jail: 'jexec jailname ifconfig' # jail: 'jexec jailname ifconfig'
echo "Moving ${EIFACE} to ${NODE_NAME}" echo "Moving ${EIFACE} to ${NODE_NAME}"
ifconfig ${EIFACE} vnet ${NODE_NAME} ifconfig ${EIFACE} vnet ${NODE_NAME}
# Make lo0 interface localhost. # Make lo0 interface localhost.
jexec ${NODE_NAME} ifconfig lo0 localhost jexec ${NODE_NAME} ifconfig lo0 localhost
# Generate a random mac address for virtual interface. First # Generate a random mac address for virtual interface. First
# three octets can be changed by user. Last three octets are # three octets can be changed by user. Last three octets are
# generated randomly. # generated randomly.
M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \ M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
awk '{ print $1 % 256 }'` awk '{ print $1 % 256 }'`
M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \ M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
@ -237,35 +236,35 @@ virtual_lan_start() {
echo "Setting MAC address of ${EIFACE} to '${MAC}'" echo "Setting MAC address of ${EIFACE} to '${MAC}'"
jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC
# Either IPv4 or IPv6 can be used in this script. Ifconfig # Either IPv4 or IPv6 can be used in this script. Ifconfig
# IP setting syntax differs slightly for two IP versions. # IP setting syntax differs slightly for two IP versions.
# For version 4 'inet' keyword is used whereas for version 6 # For version 4 'inet' keyword is used whereas for version 6
# 'inet6' is used. Below line tries to decide which IP version # 'inet6' is used. Below line tries to decide which IP version
# is given and sets IPVER to 'inet' or 'inet6'. # is given and sets IPVER to 'inet' or 'inet6'.
IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \ IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \
if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \ if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \
last[1]<256) print "inet"; else print "inet6"}'` last[1]<256) print "inet"; else print "inet6"}'`
# Set IP address of virtual interface in virtual node. # Set IP address of virtual interface in virtual node.
echo "Setting IP address of ${EIFACE} to '${NODE_IP}'" echo "Setting IP address of ${EIFACE} to '${NODE_IP}'"
jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP} jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP}
# Connect virtual interface to bridge interface. Syntax is : # Connect virtual interface to bridge interface. Syntax is :
# ngctl connect INTERFACE: BRIDGE: INTERFACE_HOOK EMPTY_LINK. # ngctl connect INTERFACE: BRIDGE: INTERFACE_HOOK EMPTY_LINK.
# Interface has one hook named 'ether' and below line connects # Interface has one hook named 'ether' and below line connects
# ether hook to bridge's first unconnected link. # ether hook to bridge's first unconnected link.
echo -n "Connecting ${EIFACE}:ether to ${BRIDGE_NAME}:link${LINKNUM}..." echo -n "Connecting ${EIFACE}:ether to ${BRIDGE_NAME}:link${LINKNUM}..."
ngctl connect ${EIFACE}: ${BRIDGE_NAME}: ether link${LINKNUM} \ ngctl connect ${EIFACE}: ${BRIDGE_NAME}: ether link${LINKNUM} \
|| exit 1 || exit 1
echo "done" echo "done"
# Now, bridge has one more connected link thus link count is # Now, bridge has one more connected link thus link count is
# incremented. # incremented.
LINKNUM=`expr ${LINKNUM} + 1` LINKNUM=`expr ${LINKNUM} + 1`
done done
echo "Virtual LAN established succesfully!" echo "Virtual LAN established successfully!"
} }
@ -276,31 +275,31 @@ virtual_lan_stop() {
echo "Nothing to stop! ${TEMP_FILE}: temp file not found" echo "Nothing to stop! ${TEMP_FILE}: temp file not found"
else else
echo -n "Shutdown bridge interface.." echo -n "Shutdown bridge interface.."
OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'` OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'`
for BRIDGE in ${OBJECTS}; do for BRIDGE in ${OBJECTS}; do
ngctl shutdown ${BRIDGE}: >/dev/null 2>&1 ngctl shutdown ${BRIDGE}: >/dev/null 2>&1
done done
echo "done" echo "done"
echo -n "Shutdown all eiface interfaces..." echo -n "Shutdown all eiface interfaces..."
OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'` OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'`
for INTERFACE in ${OBJECTS}; do for INTERFACE in ${OBJECTS}; do
ngctl shutdown ${INTERFACE}: >/dev/null 2>&1 ngctl shutdown ${INTERFACE}: >/dev/null 2>&1
done done
echo "done" echo "done"
echo -n "Removing all jails..." echo -n "Removing all jails..."
OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'` OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'`
for NODE in ${OBJECTS}; do for NODE in ${OBJECTS}; do
jail -r ${NODE} jail -r ${NODE}
done done
echo "done" echo "done"
echo "Removing tempfile ${TEMP_FILE}" echo "Removing tempfile ${TEMP_FILE}"
rm ${TEMP_FILE} rm ${TEMP_FILE}
fi fi
echo "Virtual LAN objects removed succesfully!" echo "Virtual LAN objects removed successfully!"
} }
@ -327,7 +326,7 @@ case $# in
echo " temp file not found" echo " temp file not found"
else else
virtual_lan_stop virtual_lan_stop
fi fi
;; ;;
help) help)
virtual_lan_usage virtual_lan_usage