mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-01 00:18:15 +01:00
Fix more typos to be a good example.
Found by: codespell
This commit is contained in:
parent
bf2fe08eea
commit
5665fe6b21
@ -136,7 +136,7 @@ be useful to set up clients and server for diskless boot.
|
|||||||
should never be overwritten by the templating copy.
|
should never be overwritten by the templating copy.
|
||||||
|
|
||||||
|
|
||||||
TYPICAL CUSTOMIZED CONFIGRATION SOFTLINKS
|
TYPICAL CUSTOMIZED CONFIGURATION SOFTLINKS
|
||||||
|
|
||||||
The following files typically need to be turned into softlinks
|
The following files typically need to be turned into softlinks
|
||||||
to /conf/ME/<filename>:
|
to /conf/ME/<filename>:
|
||||||
@ -261,9 +261,9 @@ be useful to set up clients and server for diskless boot.
|
|||||||
identity.pub
|
identity.pub
|
||||||
|
|
||||||
WHEN INITIALLY CONVERTING A TARGET MACHINE TO USE TEMPLATING, ALWAYS
|
WHEN INITIALLY CONVERTING A TARGET MACHINE TO USE TEMPLATING, ALWAYS
|
||||||
MAKE A FULL BACKUP OF THE TARGET MACHINE FIRST! You may accidently delete
|
MAKE A FULL BACKUP OF THE TARGET MACHINE FIRST! You may accidentally
|
||||||
files on the target during the conversion due to forgetting to enter
|
delete files on the target during the conversion due to forgetting to
|
||||||
items into appropriate .cpignore files on the source.
|
enter items into appropriate .cpignore files on the source.
|
||||||
|
|
||||||
SECURITY CONSIDERATIONS WITH NFS ROOT EXPORT FROM TEMPLATE MACHINE
|
SECURITY CONSIDERATIONS WITH NFS ROOT EXPORT FROM TEMPLATE MACHINE
|
||||||
SECURITY CONSIDERATIONS WITH NFS USR EXPORT FROM TEMPLATE MACHINE
|
SECURITY CONSIDERATIONS WITH NFS USR EXPORT FROM TEMPLATE MACHINE
|
||||||
|
@ -485,7 +485,7 @@ ${1}_isa_probe (device_t device)
|
|||||||
/*rid*/0, membase, memsize);
|
/*rid*/0, membase, memsize);
|
||||||
/*
|
/*
|
||||||
* We found one, return non-positive numbers..
|
* We found one, return non-positive numbers..
|
||||||
* Return -N if we cant handle it, but not well.
|
* Return -N if we can't handle it, but not well.
|
||||||
* Return -2 if we would LIKE the device.
|
* Return -2 if we would LIKE the device.
|
||||||
* Return -1 if we want it a lot.
|
* Return -1 if we want it a lot.
|
||||||
* Return 0 if we MUST get the device.
|
* Return 0 if we MUST get the device.
|
||||||
|
@ -40,7 +40,7 @@ BRIDGE_NAME="bnet0"
|
|||||||
# machine as well then set ${LOCAL_IFACES} as well (they may also be
|
# machine as well then set ${LOCAL_IFACES} as well (they may also be
|
||||||
# listed in ${BRIDGE_IFACES}). Of course, any ${LOCAL_IFACE} must
|
# listed in ${BRIDGE_IFACES}). Of course, any ${LOCAL_IFACE} must
|
||||||
# be ifconfig(8)ured separately. If you don't want a ${LOCAL_IFACE}
|
# be ifconfig(8)ured separately. If you don't want a ${LOCAL_IFACE}
|
||||||
# then assign it the emtpy string.
|
# then assign it the empty string.
|
||||||
|
|
||||||
BRIDGE_IFACES="de0 fxp0 fxp1"
|
BRIDGE_IFACES="de0 fxp0 fxp1"
|
||||||
LOCAL_IFACES="fxp0 fxp1"
|
LOCAL_IFACES="fxp0 fxp1"
|
||||||
|
@ -13,13 +13,13 @@ ngctl mkpeer ${CARD}: frame_relay rawdata downstream
|
|||||||
# Link management protocol node.
|
# Link management protocol node.
|
||||||
ngctl mkpeer ${CARD}:rawdata lmi dlci0 auto0
|
ngctl mkpeer ${CARD}:rawdata lmi dlci0 auto0
|
||||||
|
|
||||||
# Also attach dlci 1023, as it needs both to try autoconfiguring.
|
# Also attach dlci 1023, as it needs both to try auto-configuring.
|
||||||
# The Link management protocol is now alive and probing..
|
# The Link management protocol is now alive and probing..
|
||||||
ngctl connect ${CARD}:rawdata ${CARD}:rawdata.dlci0 dlci1023 auto1023
|
ngctl connect ${CARD}:rawdata ${CARD}:rawdata.dlci0 dlci1023 auto1023
|
||||||
|
|
||||||
# Attach the DLCI(channel) the Telco has assigned you to
|
# Attach the DLCI(channel) the Telco has assigned you to
|
||||||
# a node to hadle whatever protocol encapsulation your peer
|
# a node to handle whatever protocol encapsulation your peer
|
||||||
# is using. In this case rfc1490 encapsulation.
|
# is using. In this case RFC1490 encapsulation.
|
||||||
ngctl mkpeer ${CARD}:rawdata rfc1490 dlci${DLCI} downstream
|
ngctl mkpeer ${CARD}:rawdata rfc1490 dlci${DLCI} downstream
|
||||||
|
|
||||||
|
|
||||||
@ -34,8 +34,8 @@ ngctl mkpeer ${CARD}:rawdata.dlci${DLCI} iface inet inet
|
|||||||
# Then use ifconfig on interface ng0 as usual
|
# Then use ifconfig on interface ng0 as usual
|
||||||
|
|
||||||
# A variant on this whole set might use the 'name' command to make it more
|
# A variant on this whole set might use the 'name' command to make it more
|
||||||
# readable. but it doesn't work if you have multiple lines or dlcis
|
# readable. But it doesn't work if you have multiple lines or dlcis
|
||||||
# e.g.
|
# e.g.
|
||||||
# ngctl mkpeer ${CARD}: frame_relay rawdata downstream
|
# ngctl mkpeer ${CARD}: frame_relay rawdata downstream
|
||||||
# ngctl name ${CARD}:rawdata mux
|
# ngctl name ${CARD}:rawdata mux
|
||||||
# ngctl mkpeer mux: lmi dlci0 auto0
|
# ngctl mkpeer mux: lmi dlci0 auto0
|
||||||
|
@ -46,7 +46,7 @@
|
|||||||
|
|
||||||
# Note that we used ngctl's ``name'' command to do this. However,
|
# Note that we used ngctl's ``name'' command to do this. However,
|
||||||
# the following manually constructed netgraph message would have
|
# the following manually constructed netgraph message would have
|
||||||
# acomplished the exact same thing:
|
# accomplished the exact same thing:
|
||||||
|
|
||||||
+ msg foo name { name="fred" }
|
+ msg foo name { name="fred" }
|
||||||
|
|
||||||
@ -85,7 +85,7 @@
|
|||||||
|
|
||||||
# As soon as we sent the message, we got back a response. Here
|
# As soon as we sent the message, we got back a response. Here
|
||||||
# ngctl is telling us that it received a control message with the
|
# ngctl is telling us that it received a control message with the
|
||||||
# NGF_RESP (response) flag set, the reponse was to a prior ``getname''
|
# NGF_RESP (response) flag set, the response was to a prior ``getname''
|
||||||
# control message, that the originator was the node addressable
|
# control message, that the originator was the node addressable
|
||||||
# as ``fred:''. The message arguments field is then displayed to
|
# as ``fred:''. The message arguments field is then displayed to
|
||||||
# us in its ASCII form. In this case, what we get back is a struct
|
# us in its ASCII form. In this case, what we get back is a struct
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
CARD=sr0
|
CARD=sr0
|
||||||
|
|
||||||
# create an interface "ng0" and attach it to the sync port.
|
# create an interface "ng0" and attach it to the sync port.
|
||||||
# The packets had jolly well better be ip because we are not discriminating.
|
# The packets had jolly well better be IP because we are not discriminating.
|
||||||
ngctl mkpeer ${CARD}: iface rawdata inet
|
ngctl mkpeer ${CARD}: iface rawdata inet
|
||||||
|
|
||||||
# if ng0 already exists, use a CONNECT command instead of a mkpeer. e.g.
|
# if ng0 already exists, use a CONNECT command instead of a mkpeer. e.g.
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
#
|
#
|
||||||
# Copyright (c) 2010, Yavuz Gokirmak
|
# Copyright (c) 2010, Yavuz Gokirmak
|
||||||
#
|
#
|
||||||
# All rights reserved.
|
# All rights reserved.
|
||||||
#
|
#
|
||||||
@ -14,7 +14,6 @@
|
|||||||
#
|
#
|
||||||
# $FreeBSD$
|
# $FreeBSD$
|
||||||
#
|
#
|
||||||
#
|
|
||||||
# This script creates and connects n router like nodes. Complex wide
|
# This script creates and connects n router like nodes. Complex wide
|
||||||
# area topologies can be created with the help of script.
|
# area topologies can be created with the help of script.
|
||||||
#
|
#
|
||||||
@ -25,9 +24,9 @@
|
|||||||
#
|
#
|
||||||
# 0. Make your own copy of this example script.
|
# 0. Make your own copy of this example script.
|
||||||
#
|
#
|
||||||
# 1. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual
|
# 1. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual
|
||||||
# nodes. Virtual topology definition includes node names and their
|
# nodes. Virtual topology definition includes node names and their
|
||||||
# IP address. Target top. sytax: ( name|ip<->name|ip ... )
|
# IP address. Target top. syntax: ( name|ip<->name|ip ... )
|
||||||
# Example 1: ( n1|10.0.2.1/30<->n2|10.0.2.2/30 ...)
|
# Example 1: ( n1|10.0.2.1/30<->n2|10.0.2.2/30 ...)
|
||||||
# Example 2: ( n1|2001:b90::14a/125<->n1|2001:b90::14b/125 ...)
|
# Example 2: ( n1|2001:b90::14a/125<->n1|2001:b90::14b/125 ...)
|
||||||
#
|
#
|
||||||
@ -35,21 +34,21 @@
|
|||||||
#
|
#
|
||||||
# 3. Add necessary static route commands for each virtual node. For
|
# 3. Add necessary static route commands for each virtual node. For
|
||||||
# example assume you have three virtual nodes connected each other
|
# example assume you have three virtual nodes connected each other
|
||||||
# llike a chain ( n1 is connected to n2, n2 is connecte to n3 ).
|
# like a chain (n1 is connected to n2, n2 is connected to n3).
|
||||||
# In order to estabklish connectivity among these virtual nodes,
|
# In order to establish connectivity among these virtual nodes,
|
||||||
# you have to add default routes to node n1 and node n3. Example
|
# you have to add default routes to node n1 and node n3. Example
|
||||||
# static route command is:
|
# static route command is:
|
||||||
# STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
|
# STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
|
||||||
# STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5"
|
# STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5"
|
||||||
# After defining default routes with above format you have to set
|
# After defining default routes with above format you have to set
|
||||||
# the total number of static route commands as:
|
# the total number of static route commands as:
|
||||||
# STATIC_ROUTE_CNT=2
|
# STATIC_ROUTE_CNT=2
|
||||||
#
|
#
|
||||||
# 4. Stop bridging by running this script with "stop" as the
|
# 4. Stop bridging by running this script with "stop" as the
|
||||||
# command line argument.
|
# command line argument.
|
||||||
#
|
#
|
||||||
# 5. This cript uses a template file in order to carry information
|
# 5. This script uses a template file in order to carry information
|
||||||
# between start and stop calls.
|
# between start and stop calls.
|
||||||
# In the start call, the netgraph interfaces and jails are created.
|
# In the start call, the netgraph interfaces and jails are created.
|
||||||
# At the stop phase, all created objects should be removed.
|
# At the stop phase, all created objects should be removed.
|
||||||
# DO NOT delete the temporary file between the start and stop phases.
|
# DO NOT delete the temporary file between the start and stop phases.
|
||||||
@ -84,8 +83,8 @@
|
|||||||
#
|
#
|
||||||
#
|
#
|
||||||
|
|
||||||
# List the names of virtual nodes and their IP addresses. Use ':'
|
# List the names of virtual nodes and their IP addresses. Use ':'
|
||||||
# character to seperate node name from node IP address and netmask.
|
# character to separate node name from node IP address and netmask.
|
||||||
|
|
||||||
TARGET_TOPOLOGY="n1|10.0.2.1/30<->n2|10.0.2.2/30 n2|10.0.2.5/30<->n3|10.0.2.6/30 n2|10.0.2.9/30<->n4|10.0.2.10/30"
|
TARGET_TOPOLOGY="n1|10.0.2.1/30<->n2|10.0.2.2/30 n2|10.0.2.5/30<->n3|10.0.2.6/30 n2|10.0.2.9/30<->n4|10.0.2.10/30"
|
||||||
STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
|
STATIC_ROUTE0="jexec n1 route add -inet default 10.0.2.2"
|
||||||
@ -93,10 +92,10 @@ STATIC_ROUTE1="jexec n3 route add -inet default 10.0.2.5"
|
|||||||
STATIC_ROUTE2="jexec n4 route add -inet default 10.0.2.9"
|
STATIC_ROUTE2="jexec n4 route add -inet default 10.0.2.9"
|
||||||
STATIC_ROUTE_CNT=3
|
STATIC_ROUTE_CNT=3
|
||||||
|
|
||||||
# MAC manifacturer prefix. This can be modified according to needs.
|
# MAC manufacturer prefix. This can be modified according to needs.
|
||||||
MAC_PREFIX="00:1d:92"
|
MAC_PREFIX="00:1d:92"
|
||||||
|
|
||||||
# Temporary file is important for proper execution of script.
|
# Temporary file is important for proper execution of script.
|
||||||
TEMP_FILE="/var/tmp/.virtual.chain.tmp"
|
TEMP_FILE="/var/tmp/.virtual.chain.tmp"
|
||||||
|
|
||||||
# Set root directory for jails to be created.
|
# Set root directory for jails to be created.
|
||||||
@ -112,7 +111,7 @@ JAIL_PATH="/usr/jails/router"
|
|||||||
virtual_chain_start() {
|
virtual_chain_start() {
|
||||||
|
|
||||||
# Load netgraph KLD's as necessary.
|
# Load netgraph KLD's as necessary.
|
||||||
|
|
||||||
for KLD in ng_ether ng_bridge ng_eiface; do
|
for KLD in ng_ether ng_bridge ng_eiface; do
|
||||||
if ! kldstat -v | grep -qw ${KLD}; then
|
if ! kldstat -v | grep -qw ${KLD}; then
|
||||||
echo -n "Loading ${KLD}.ko... "
|
echo -n "Loading ${KLD}.ko... "
|
||||||
@ -122,21 +121,21 @@ virtual_chain_start() {
|
|||||||
done
|
done
|
||||||
|
|
||||||
# Reset all interfaces and jails. If temporary file can not be found
|
# Reset all interfaces and jails. If temporary file can not be found
|
||||||
# script assumes that there is no previous configuration.
|
# script assumes that there is no previous configuration.
|
||||||
|
|
||||||
if [ ! -e ${TEMP_FILE} ]; then
|
if [ ! -e ${TEMP_FILE} ]; then
|
||||||
echo "No previous configuration(${TEMP_FILE}) found to clean-up."
|
echo "No previous configuration(${TEMP_FILE}) found to clean-up."
|
||||||
else
|
else
|
||||||
echo -n "Cleaning previous configuration..."
|
echo -n "Cleaning previous configuration..."
|
||||||
virtual_chain_stop
|
virtual_chain_stop
|
||||||
echo "done"
|
echo "done"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create temporary file for usage. This file includes generated
|
# Create temporary file for usage. This file includes generated
|
||||||
# interface names and jail names. All bridges, interfaces and jails
|
# interface names and jail names. All bridges, interfaces and jails
|
||||||
# are written to file while created. In clean-up process written
|
# are written to file while created. In clean-up process written
|
||||||
# objects are cleaned (i.e removed) from system.
|
# objects are cleaned (i.e. removed) from system.
|
||||||
|
|
||||||
if [ -e ${TEMP_FILE} ]; then
|
if [ -e ${TEMP_FILE} ]; then
|
||||||
touch ${TEMP_FILE}
|
touch ${TEMP_FILE}
|
||||||
fi
|
fi
|
||||||
@ -144,40 +143,40 @@ virtual_chain_start() {
|
|||||||
|
|
||||||
# Attach other interfaces as well.
|
# Attach other interfaces as well.
|
||||||
for CONNECTION in ${TARGET_TOPOLOGY}; do
|
for CONNECTION in ${TARGET_TOPOLOGY}; do
|
||||||
|
|
||||||
# Virtual connections are defined in TARGET_TOPOLOGY variable.
|
# Virtual connections are defined in TARGET_TOPOLOGY variable.
|
||||||
# They have the form of 'nodeName|IPaddr'. Below two lines split
|
# They have the form of 'nodeName|IPaddr'. Below two lines split
|
||||||
|
|
||||||
PEER1=`echo ${CONNECTION} | awk -F"<->" '{print $1}'`
|
PEER1=`echo ${CONNECTION} | awk -F"<->" '{print $1}'`
|
||||||
PEER1_NAME=`echo ${PEER1} | awk -F"|" '{print $1}'`
|
PEER1_NAME=`echo ${PEER1} | awk -F"|" '{print $1}'`
|
||||||
PEER1_IP=`echo ${PEER1} | awk -F"|" '{print $2}'`
|
PEER1_IP=`echo ${PEER1} | awk -F"|" '{print $2}'`
|
||||||
|
|
||||||
PEER2=`echo ${CONNECTION} | awk -F"<->" '{print $2}'`
|
PEER2=`echo ${CONNECTION} | awk -F"<->" '{print $2}'`
|
||||||
PEER2_NAME=`echo ${PEER2} | awk -F"|" '{print $1}'`
|
PEER2_NAME=`echo ${PEER2} | awk -F"|" '{print $1}'`
|
||||||
PEER2_IP=`echo ${PEER2} | awk -F"|" '{print $2}'`
|
PEER2_IP=`echo ${PEER2} | awk -F"|" '{print $2}'`
|
||||||
|
|
||||||
# !!! if not created already..
|
# !!! if not created already..
|
||||||
# Create virtual node (jail) with given name and using
|
# Create virtual node (jail) with given name and using
|
||||||
# JAIL_PATH as root directory for jail.
|
# JAIL_PATH as root directory for jail.
|
||||||
|
|
||||||
virtual_chain_create_peer_if_necessary ${PEER1_NAME}
|
virtual_chain_create_peer_if_necessary ${PEER1_NAME}
|
||||||
virtual_chain_create_peer_if_necessary ${PEER2_NAME}
|
virtual_chain_create_peer_if_necessary ${PEER2_NAME}
|
||||||
|
|
||||||
# create an interface for peer with the given peer IP. Get interface
|
# create an interface for peer with the given peer IP. Get interface
|
||||||
# for future use; you will connect this interface to the other
|
# for future use; you will connect this interface to the other
|
||||||
# peers' (PEER2) interface.
|
# peers' (PEER2) interface.
|
||||||
virtual_chain_create_interface_with_ip ${PEER1_NAME} ${PEER1_IP}
|
virtual_chain_create_interface_with_ip ${PEER1_NAME} ${PEER1_IP}
|
||||||
PEER1_INTERFACE=${RET_INTERFACE}
|
PEER1_INTERFACE=${RET_INTERFACE}
|
||||||
|
|
||||||
# create an interface for peer with the given peer IP. Get interface
|
# create an interface for peer with the given peer IP. Get interface
|
||||||
# for future use; you will connect this interface to the other
|
# for future use; you will connect this interface to the other
|
||||||
# peers' (PEER2) interface.
|
# peers' (PEER2) interface.
|
||||||
virtual_chain_create_interface_with_ip ${PEER2_NAME} ${PEER2_IP}
|
virtual_chain_create_interface_with_ip ${PEER2_NAME} ${PEER2_IP}
|
||||||
PEER2_INTERFACE=${RET_INTERFACE}
|
PEER2_INTERFACE=${RET_INTERFACE}
|
||||||
|
|
||||||
# Connect virtual interface to other interface. Syntax is :
|
# Connect virtual interface to other interface. Syntax is :
|
||||||
# ngctl connect INTERFACE1: INTERFACE2: ether ether.
|
# ngctl connect INTERFACE1: INTERFACE2: ether ether.
|
||||||
|
|
||||||
echo -n "Connecting ${PEER1_INTERFACE}:ether to ${PEER2_INTERFACE}:ether..."
|
echo -n "Connecting ${PEER1_INTERFACE}:ether to ${PEER2_INTERFACE}:ether..."
|
||||||
ngctl connect ${PEER1_INTERFACE}: ${PEER2_INTERFACE}: ether ether \
|
ngctl connect ${PEER1_INTERFACE}: ${PEER2_INTERFACE}: ether ether \
|
||||||
|| exit 1
|
|| exit 1
|
||||||
@ -193,7 +192,7 @@ virtual_chain_start() {
|
|||||||
i=`expr $i + 1`
|
i=`expr $i + 1`
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "Virtual WAN established succesfully!"
|
echo "Virtual WAN established successfully!"
|
||||||
}
|
}
|
||||||
|
|
||||||
virtual_chain_create_interface_with_ip() {
|
virtual_chain_create_interface_with_ip() {
|
||||||
@ -201,35 +200,35 @@ virtual_chain_create_interface_with_ip() {
|
|||||||
NODE_NAME=$1
|
NODE_NAME=$1
|
||||||
NODE_IP=$2
|
NODE_IP=$2
|
||||||
|
|
||||||
# Create a ng_eiface object for virtual node. ng_eiface
|
# Create a ng_eiface object for virtual node. ng_eiface
|
||||||
# object has a hook that can be connected to one of bridge
|
# object has a hook that can be connected to one of bridge
|
||||||
# links. After creating interface get its automatically
|
# links. After creating interface get its automatically
|
||||||
# generated name for further usage.
|
# generated name for further usage.
|
||||||
|
|
||||||
echo "Creating eiface interface for virtual node ${NODE_NAME}."
|
echo "Creating eiface interface for virtual node ${NODE_NAME}."
|
||||||
ngctl mkpeer eiface ether ether
|
ngctl mkpeer eiface ether ether
|
||||||
EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'`
|
EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'`
|
||||||
echo "Interface ${EIFACE} is created."
|
echo "Interface ${EIFACE} is created."
|
||||||
|
|
||||||
# Write name of the interface to temp file. Clean-up procedure
|
# Write name of the interface to temp file. Clean-up procedure
|
||||||
# will use this name to shutdown interface.
|
# will use this name to shutdown interface.
|
||||||
|
|
||||||
echo "interface ${EIFACE}" >> ${TEMP_FILE}
|
echo "interface ${EIFACE}" >> ${TEMP_FILE}
|
||||||
|
|
||||||
# Move virtual interface to virtual node. Note that Interface
|
# Move virtual interface to virtual node. Note that Interface
|
||||||
# name will not be changed at the end of this movement. Moved
|
# name will not be changed at the end of this movement. Moved
|
||||||
# interface can be seen at the output of ifconfig command in
|
# interface can be seen at the output of ifconfig command in
|
||||||
# jail: 'jexec jailname ifconfig'
|
# jail: 'jexec jailname ifconfig'
|
||||||
|
|
||||||
echo "Moving ${EIFACE} to ${NODE_NAME}"
|
echo "Moving ${EIFACE} to ${NODE_NAME}"
|
||||||
ifconfig ${EIFACE} vnet ${NODE_NAME}
|
ifconfig ${EIFACE} vnet ${NODE_NAME}
|
||||||
|
|
||||||
# Make lo0 interface localhost.
|
# Make lo0 interface localhost.
|
||||||
jexec ${NODE_NAME} ifconfig lo0 localhost
|
jexec ${NODE_NAME} ifconfig lo0 localhost
|
||||||
|
|
||||||
# Generate a random mac address for virtual interface. First
|
# Generate a random mac address for virtual interface. First
|
||||||
# three octets can be changed by user. Last three octets are
|
# three octets can be changed by user. Last three octets are
|
||||||
# generated randomly.
|
# generated randomly.
|
||||||
M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
||||||
awk '{ print $1 % 256 }'`
|
awk '{ print $1 % 256 }'`
|
||||||
M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
||||||
@ -244,16 +243,16 @@ virtual_chain_create_interface_with_ip() {
|
|||||||
echo "Setting MAC address of ${EIFACE} to '${MAC}'"
|
echo "Setting MAC address of ${EIFACE} to '${MAC}'"
|
||||||
jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC
|
jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC
|
||||||
|
|
||||||
# Either IPv4 or IPv6 can be used in this script. Ifconfig
|
# Either IPv4 or IPv6 can be used in this script. Ifconfig
|
||||||
# IP setting syntax differs slightly for two IP versions.
|
# IP setting syntax differs slightly for two IP versions.
|
||||||
# For version 4 'inet' keyword is used whereas for version 6
|
# For version 4 'inet' keyword is used whereas for version 6
|
||||||
# 'inet6' is used. Below line tries to decide which IP version
|
# 'inet6' is used. Below line tries to decide which IP version
|
||||||
# is given and sets IPVER to 'inet' or 'inet6'.
|
# is given and sets IPVER to 'inet' or 'inet6'.
|
||||||
|
|
||||||
IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \
|
IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \
|
||||||
if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \
|
if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \
|
||||||
last[1]<256) print "inet"; else print "inet6"}'`
|
last[1]<256) print "inet"; else print "inet6"}'`
|
||||||
|
|
||||||
# Set IP address of virtual interface in virtual node.
|
# Set IP address of virtual interface in virtual node.
|
||||||
echo "Setting IP address of ${EIFACE} to '${NODE_IP}'"
|
echo "Setting IP address of ${EIFACE} to '${NODE_IP}'"
|
||||||
jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP}
|
jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP}
|
||||||
@ -264,23 +263,22 @@ virtual_chain_create_interface_with_ip() {
|
|||||||
virtual_chain_create_peer_if_necessary() {
|
virtual_chain_create_peer_if_necessary() {
|
||||||
|
|
||||||
if ! grep -q $1 ${TEMP_FILE} ; then
|
if ! grep -q $1 ${TEMP_FILE} ; then
|
||||||
|
|
||||||
echo -n "Creating virtual node (jail) ${1}..."
|
echo -n "Creating virtual node (jail) ${1}..."
|
||||||
jail -c vnet name=${1} host.hostname=${1} \
|
jail -c vnet name=${1} host.hostname=${1} \
|
||||||
path=${JAIL_PATH} persist
|
path=${JAIL_PATH} persist
|
||||||
jexec ${1} sysctl -w net.inet.ip.forwarding=1
|
jexec ${1} sysctl -w net.inet.ip.forwarding=1
|
||||||
jexec ${1} sysctl -w net.inet6.ip6.forwarding=1
|
jexec ${1} sysctl -w net.inet6.ip6.forwarding=1
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
# Write name of the jail to temp file. Clean-up
|
# Write name of the jail to temp file. Clean-up
|
||||||
# procedure will use this name to remove jail.
|
# procedure will use this name to remove jail.
|
||||||
|
|
||||||
echo "node ${1}" >> ${TEMP_FILE}
|
echo "node ${1}" >> ${TEMP_FILE}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
# Stop routine.
|
# Stop routine.
|
||||||
virtual_chain_stop() {
|
virtual_chain_stop() {
|
||||||
|
|
||||||
@ -288,31 +286,31 @@ virtual_chain_stop() {
|
|||||||
echo "Nothing to stop! ${TEMP_FILE}: temp file not found"
|
echo "Nothing to stop! ${TEMP_FILE}: temp file not found"
|
||||||
else
|
else
|
||||||
|
|
||||||
echo -n "Shutdown bridge interface.."
|
echo -n "Shutdown bridge interface.."
|
||||||
OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'`
|
OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'`
|
||||||
for BRIDGE in ${OBJECTS}; do
|
for BRIDGE in ${OBJECTS}; do
|
||||||
ngctl shutdown ${BRIDGE}: >/dev/null 2>&1
|
ngctl shutdown ${BRIDGE}: >/dev/null 2>&1
|
||||||
done
|
done
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
echo -n "Shutdown all eiface interfaces..."
|
echo -n "Shutdown all eiface interfaces..."
|
||||||
OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'`
|
OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'`
|
||||||
for INTERFACE in ${OBJECTS}; do
|
for INTERFACE in ${OBJECTS}; do
|
||||||
ngctl shutdown ${INTERFACE}: >/dev/null 2>&1
|
ngctl shutdown ${INTERFACE}: >/dev/null 2>&1
|
||||||
done
|
done
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
echo -n "Removing all jails..."
|
echo -n "Removing all jails..."
|
||||||
OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'`
|
OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'`
|
||||||
for NODE in ${OBJECTS}; do
|
for NODE in ${OBJECTS}; do
|
||||||
jail -r ${NODE}
|
jail -r ${NODE}
|
||||||
done
|
done
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
echo "Removing tempfile ${TEMP_FILE}"
|
echo "Removing tempfile ${TEMP_FILE}"
|
||||||
rm ${TEMP_FILE}
|
rm ${TEMP_FILE}
|
||||||
fi
|
fi
|
||||||
echo "Virtual LAN objects removed succesfully!"
|
echo "Virtual LAN objects removed successfully!"
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -324,7 +322,6 @@ virtual_chain_usage() {
|
|||||||
|
|
||||||
# Main entry point.
|
# Main entry point.
|
||||||
|
|
||||||
|
|
||||||
case $# in
|
case $# in
|
||||||
1)
|
1)
|
||||||
case $1 in
|
case $1 in
|
||||||
@ -340,7 +337,7 @@ case $# in
|
|||||||
echo " temp file not found"
|
echo " temp file not found"
|
||||||
else
|
else
|
||||||
virtual_chain_stop
|
virtual_chain_stop
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
help)
|
help)
|
||||||
virtual_chain_usage
|
virtual_chain_usage
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
#
|
#
|
||||||
# Copyright (c) 2010, Yavuz Gokirmak
|
# Copyright (c) 2010, Yavuz Gokirmak
|
||||||
#
|
#
|
||||||
# All rights reserved.
|
# All rights reserved.
|
||||||
#
|
#
|
||||||
@ -13,13 +13,12 @@
|
|||||||
# its use.
|
# its use.
|
||||||
#
|
#
|
||||||
# $FreeBSD$
|
# $FreeBSD$
|
||||||
|
|
||||||
#
|
#
|
||||||
# This script adds virtual nodes to one of the physical interfaces
|
# This script adds virtual nodes to one of the physical interfaces
|
||||||
# visible on your local area network (LAN). Virtual nodes seems real
|
# visible on your local area network (LAN). Virtual nodes seems real
|
||||||
# to external observers.
|
# to external observers.
|
||||||
# If traceroute is executed to one of virtual nodes, the IP
|
# If traceroute is executed to one of virtual nodes, the IP
|
||||||
# address of the physical interface will not be seen in the output.
|
# address of the physical interface will not be seen in the output.
|
||||||
# Virtual nodes are generated via jails and network connections are
|
# Virtual nodes are generated via jails and network connections are
|
||||||
# established using ng_bridge(4) and ng_eiface(4) node types.
|
# established using ng_bridge(4) and ng_eiface(4) node types.
|
||||||
#
|
#
|
||||||
@ -29,11 +28,11 @@
|
|||||||
#
|
#
|
||||||
# 1. Edit the definition of ${ETHER_INTF} as described below
|
# 1. Edit the definition of ${ETHER_INTF} as described below
|
||||||
# to define your real interface connected to the LAN. Virtual nodes
|
# to define your real interface connected to the LAN. Virtual nodes
|
||||||
# will placed on the same physical network as this interface.
|
# will placed on the same physical network as this interface.
|
||||||
#
|
#
|
||||||
# 2. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual
|
# 2. Edit the definition of ${TARGET_TOPOLOGY} to define your virtual
|
||||||
# nodes. Virtual topology definition includes node names and their
|
# nodes. Virtual topology definition includes node names and their
|
||||||
# IP address. Target top. sytax: ( node1|ip1/24 node2|ip2/24 ... )
|
# IP address. Target top. syntax: ( node1|ip1/24 node2|ip2/24 ... )
|
||||||
# Example 1: ( n1|122.122.122.12/24, n2|122.122.122.13/24 ...)
|
# Example 1: ( n1|122.122.122.12/24, n2|122.122.122.13/24 ...)
|
||||||
# Example 2: ( n1|2001:b90::14a/125, n1|2001:b90::14b/125 ...)
|
# Example 2: ( n1|2001:b90::14a/125, n1|2001:b90::14b/125 ...)
|
||||||
#
|
#
|
||||||
@ -41,9 +40,9 @@
|
|||||||
#
|
#
|
||||||
# 4. Stop bridging by running this script with "stop" as the
|
# 4. Stop bridging by running this script with "stop" as the
|
||||||
# command line argument.
|
# command line argument.
|
||||||
#
|
#
|
||||||
# 5. This cript uses a template file in order to carry information
|
# 5. This script uses a template file in order to carry information
|
||||||
# between start and stop calls.
|
# between start and stop calls.
|
||||||
# In the start call, the netgraph interfaces and jails are created.
|
# In the start call, the netgraph interfaces and jails are created.
|
||||||
# At the stop phase, all created objects should be removed.
|
# At the stop phase, all created objects should be removed.
|
||||||
# DO NOT delete the temporary file between the start and stop phases.
|
# DO NOT delete the temporary file between the start and stop phases.
|
||||||
@ -80,19 +79,19 @@
|
|||||||
#
|
#
|
||||||
|
|
||||||
# Give the name of ethernet interface. Virtual nodes will be seen as
|
# Give the name of ethernet interface. Virtual nodes will be seen as
|
||||||
# local neighbours of this interface.
|
# local neighbours of this interface.
|
||||||
|
|
||||||
ETHER_INTF="em0"
|
ETHER_INTF="em0"
|
||||||
|
|
||||||
# List the names of virtual nodes and their IP addresses. Use ':'
|
# List the names of virtual nodes and their IP addresses. Use ':'
|
||||||
# character to seperate node name from node IP address and netmask.
|
# character to separate node name from node IP address and netmask.
|
||||||
|
|
||||||
TARGET_TOPOLOGY="c1|10.0.2.20/24 c2|10.0.2.21/24 c3|10.0.2.22/24"
|
TARGET_TOPOLOGY="c1|10.0.2.20/24 c2|10.0.2.21/24 c3|10.0.2.22/24"
|
||||||
|
|
||||||
# MAC manifacturer prefix. This can be modified according to needs.
|
# MAC manufacturer prefix. This can be modified according to needs.
|
||||||
MAC_PREFIX="00:1d:92"
|
MAC_PREFIX="00:1d:92"
|
||||||
|
|
||||||
# Temporary file is important for proper execution of script.
|
# Temporary file is important for proper execution of script.
|
||||||
TEMP_FILE="/var/tmp/.virtual.lan.tmp"
|
TEMP_FILE="/var/tmp/.virtual.lan.tmp"
|
||||||
|
|
||||||
# Set root directory for jails to be created.
|
# Set root directory for jails to be created.
|
||||||
@ -108,7 +107,7 @@ JAIL_PATH="/usr/jails/node"
|
|||||||
virtual_lan_start() {
|
virtual_lan_start() {
|
||||||
|
|
||||||
# Load netgraph KLD's as necessary.
|
# Load netgraph KLD's as necessary.
|
||||||
|
|
||||||
for KLD in ng_ether ng_bridge ng_eiface; do
|
for KLD in ng_ether ng_bridge ng_eiface; do
|
||||||
if ! kldstat -v | grep -qw ${KLD}; then
|
if ! kldstat -v | grep -qw ${KLD}; then
|
||||||
echo -n "Loading ${KLD}.ko... "
|
echo -n "Loading ${KLD}.ko... "
|
||||||
@ -118,21 +117,21 @@ virtual_lan_start() {
|
|||||||
done
|
done
|
||||||
|
|
||||||
# Reset all interfaces and jails. If temporary file can not be found
|
# Reset all interfaces and jails. If temporary file can not be found
|
||||||
# script assumes that there is no previous configuration.
|
# script assumes that there is no previous configuration.
|
||||||
|
|
||||||
if [ ! -e ${TEMP_FILE} ]; then
|
if [ ! -e ${TEMP_FILE} ]; then
|
||||||
echo "No previous configuration(${TEMP_FILE}) found to clean-up."
|
echo "No previous configuration(${TEMP_FILE}) found to clean-up."
|
||||||
else
|
else
|
||||||
echo -n "Cleaning previous configuration..."
|
echo -n "Cleaning previous configuration..."
|
||||||
virtual_lan_stop
|
virtual_lan_stop
|
||||||
echo "done"
|
echo "done"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Create temporary file for usage. This file includes generated
|
# Create temporary file for usage. This file includes generated
|
||||||
# interface names and jail names. All bridges, interfaces and jails
|
# interface names and jail names. All bridges, interfaces and jails
|
||||||
# are written to file while created. In clean-up process written
|
# are written to file while created. In clean-up process written
|
||||||
# objects are cleaned (i.e removed) from system.
|
# objects are cleaned (i.e. removed) from system.
|
||||||
|
|
||||||
if [ -e ${TEMP_FILE} ]; then
|
if [ -e ${TEMP_FILE} ]; then
|
||||||
touch ${TEMP_FILE}
|
touch ${TEMP_FILE}
|
||||||
fi
|
fi
|
||||||
@ -150,20 +149,20 @@ virtual_lan_start() {
|
|||||||
# is used to create a name for new bridge.
|
# is used to create a name for new bridge.
|
||||||
BRIDGE_COUNT=`ngctl l | grep bridge | wc -l | sed -e "s/ //g"`
|
BRIDGE_COUNT=`ngctl l | grep bridge | wc -l | sed -e "s/ //g"`
|
||||||
BRIDGE_NAME="bridge${BRIDGE_COUNT}"
|
BRIDGE_NAME="bridge${BRIDGE_COUNT}"
|
||||||
|
|
||||||
# Create new ng_bridge(4) node and attach it to the ethernet interface.
|
# Create new ng_bridge(4) node and attach it to the ethernet interface.
|
||||||
# Connect ng_ether:lower hook to bridge:link0 when creating bridge and
|
# Connect ng_ether:lower hook to bridge:link0 when creating bridge and
|
||||||
# connect ng_ether:upper hook to bridge:link1 after bridge name is set.
|
# connect ng_ether:upper hook to bridge:link1 after bridge name is set.
|
||||||
|
|
||||||
echo "Creating bridge interface: ${BRIDGE_NAME}..."
|
echo "Creating bridge interface: ${BRIDGE_NAME}..."
|
||||||
ngctl mkpeer ${ETHER_INTF}: bridge lower link0 || exit 1
|
ngctl mkpeer ${ETHER_INTF}: bridge lower link0 || exit 1
|
||||||
ngctl name ${ETHER_INTF}:lower ${BRIDGE_NAME} || exit 1
|
ngctl name ${ETHER_INTF}:lower ${BRIDGE_NAME} || exit 1
|
||||||
ngctl connect ${ETHER_INTF}: ${BRIDGE_NAME}: upper link1 || exit 1
|
ngctl connect ${ETHER_INTF}: ${BRIDGE_NAME}: upper link1 || exit 1
|
||||||
echo "Bridge ${BRIDGE_NAME} is created and ${ETHER_INTF} is connected."
|
echo "Bridge ${BRIDGE_NAME} is created and ${ETHER_INTF} is connected."
|
||||||
|
|
||||||
# In the above code block two hooks are connected to bridge interface,
|
# In the above code block two hooks are connected to bridge interface,
|
||||||
# therefore LINKNUM is set to 2 indicating total number of connected
|
# therefore LINKNUM is set to 2 indicating total number of connected
|
||||||
# hooks on the bridge interface.
|
# hooks on the bridge interface.
|
||||||
LINKNUM=2
|
LINKNUM=2
|
||||||
|
|
||||||
# Write name of the bridge to temp file. Clean-up procedure will use
|
# Write name of the bridge to temp file. Clean-up procedure will use
|
||||||
@ -173,7 +172,7 @@ virtual_lan_start() {
|
|||||||
|
|
||||||
# Attach other interfaces as well.
|
# Attach other interfaces as well.
|
||||||
for NODE in ${TARGET_TOPOLOGY}; do
|
for NODE in ${TARGET_TOPOLOGY}; do
|
||||||
|
|
||||||
# Virtual nodes are defined in TARGET_TOPOLOGY variable. They
|
# Virtual nodes are defined in TARGET_TOPOLOGY variable. They
|
||||||
# have the form of 'nodeName|IPaddr'. Below two lines split
|
# have the form of 'nodeName|IPaddr'. Below two lines split
|
||||||
# node definition to get node name and node IP.
|
# node definition to get node name and node IP.
|
||||||
@ -181,48 +180,48 @@ virtual_lan_start() {
|
|||||||
NODE_NAME=`echo ${NODE} | awk -F"|" '{print $1}'`
|
NODE_NAME=`echo ${NODE} | awk -F"|" '{print $1}'`
|
||||||
NODE_IP=`echo ${NODE} | awk -F"|" '{print $2}'`
|
NODE_IP=`echo ${NODE} | awk -F"|" '{print $2}'`
|
||||||
|
|
||||||
# Create virtual node (jail) with given name and using
|
# Create virtual node (jail) with given name and using
|
||||||
# JAIL_PATH as root directory for jail.
|
# JAIL_PATH as root directory for jail.
|
||||||
|
|
||||||
echo -n "Creating virtual node (jail) ${NODE_NAME}..."
|
echo -n "Creating virtual node (jail) ${NODE_NAME}..."
|
||||||
jail -c vnet name=${NODE_NAME} host.hostname=${NODE_NAME} \
|
jail -c vnet name=${NODE_NAME} host.hostname=${NODE_NAME} \
|
||||||
path=${JAIL_PATH} persist
|
path=${JAIL_PATH} persist
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
# Write name of the jail to temp file. Clean-up procedure will
|
# Write name of the jail to temp file. Clean-up procedure will
|
||||||
# use this name to remove jail.
|
# use this name to remove jail.
|
||||||
|
|
||||||
echo "node ${NODE_NAME}" >> ${TEMP_FILE}
|
echo "node ${NODE_NAME}" >> ${TEMP_FILE}
|
||||||
|
|
||||||
# Create a ng_eiface object for virtual node. ng_eiface
|
# Create a ng_eiface object for virtual node. ng_eiface
|
||||||
# object has a hook that can be connected to one of bridge
|
# object has a hook that can be connected to one of bridge
|
||||||
# links. After creating interface get its automatically
|
# links. After creating interface get its automatically
|
||||||
# generated name for further usage.
|
# generated name for further usage.
|
||||||
|
|
||||||
echo "Creating eiface interface for virtual node ${NODE_NAME}."
|
echo "Creating eiface interface for virtual node ${NODE_NAME}."
|
||||||
ngctl mkpeer eiface ether ether
|
ngctl mkpeer eiface ether ether
|
||||||
EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'`
|
EIFACE=`ngctl l | grep ngeth | tail -n 1| awk '{print $2}'`
|
||||||
echo "Interface ${EIFACE} is created."
|
echo "Interface ${EIFACE} is created."
|
||||||
|
|
||||||
# Write name of the interface to temp file. Clean-up procedure
|
# Write name of the interface to temp file. Clean-up procedure
|
||||||
# will use this name to shutdown interface.
|
# will use this name to shutdown interface.
|
||||||
|
|
||||||
echo "interface ${EIFACE}" >> ${TEMP_FILE}
|
echo "interface ${EIFACE}" >> ${TEMP_FILE}
|
||||||
|
|
||||||
# Move virtual interface to virtual node. Note that Interface
|
# Move virtual interface to virtual node. Note that Interface
|
||||||
# name will not be changed at the end of this movement. Moved
|
# name will not be changed at the end of this movement. Moved
|
||||||
# interface can be seen at the output of ifconfig command in
|
# interface can be seen at the output of ifconfig command in
|
||||||
# jail: 'jexec jailname ifconfig'
|
# jail: 'jexec jailname ifconfig'
|
||||||
|
|
||||||
echo "Moving ${EIFACE} to ${NODE_NAME}"
|
echo "Moving ${EIFACE} to ${NODE_NAME}"
|
||||||
ifconfig ${EIFACE} vnet ${NODE_NAME}
|
ifconfig ${EIFACE} vnet ${NODE_NAME}
|
||||||
|
|
||||||
# Make lo0 interface localhost.
|
# Make lo0 interface localhost.
|
||||||
jexec ${NODE_NAME} ifconfig lo0 localhost
|
jexec ${NODE_NAME} ifconfig lo0 localhost
|
||||||
|
|
||||||
# Generate a random mac address for virtual interface. First
|
# Generate a random mac address for virtual interface. First
|
||||||
# three octets can be changed by user. Last three octets are
|
# three octets can be changed by user. Last three octets are
|
||||||
# generated randomly.
|
# generated randomly.
|
||||||
M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
M4=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
||||||
awk '{ print $1 % 256 }'`
|
awk '{ print $1 % 256 }'`
|
||||||
M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
M5=`od -An -N2 -i /dev/random | sed -e 's/ //g' | \
|
||||||
@ -237,35 +236,35 @@ virtual_lan_start() {
|
|||||||
echo "Setting MAC address of ${EIFACE} to '${MAC}'"
|
echo "Setting MAC address of ${EIFACE} to '${MAC}'"
|
||||||
jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC
|
jexec ${NODE_NAME} ifconfig ${EIFACE} link $MAC
|
||||||
|
|
||||||
# Either IPv4 or IPv6 can be used in this script. Ifconfig
|
# Either IPv4 or IPv6 can be used in this script. Ifconfig
|
||||||
# IP setting syntax differs slightly for two IP versions.
|
# IP setting syntax differs slightly for two IP versions.
|
||||||
# For version 4 'inet' keyword is used whereas for version 6
|
# For version 4 'inet' keyword is used whereas for version 6
|
||||||
# 'inet6' is used. Below line tries to decide which IP version
|
# 'inet6' is used. Below line tries to decide which IP version
|
||||||
# is given and sets IPVER to 'inet' or 'inet6'.
|
# is given and sets IPVER to 'inet' or 'inet6'.
|
||||||
|
|
||||||
IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \
|
IPVER=`echo ${NODE_IP} | awk -F"." '{ split($4,last,"/"); \
|
||||||
if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \
|
if( NF==4 && $1>0 && $1<256 && $2<256 && $3<256 && \
|
||||||
last[1]<256) print "inet"; else print "inet6"}'`
|
last[1]<256) print "inet"; else print "inet6"}'`
|
||||||
|
|
||||||
# Set IP address of virtual interface in virtual node.
|
# Set IP address of virtual interface in virtual node.
|
||||||
echo "Setting IP address of ${EIFACE} to '${NODE_IP}'"
|
echo "Setting IP address of ${EIFACE} to '${NODE_IP}'"
|
||||||
jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP}
|
jexec ${NODE_NAME} ifconfig ${EIFACE} ${IPVER} ${NODE_IP}
|
||||||
|
|
||||||
# Connect virtual interface to bridge interface. Syntax is :
|
# Connect virtual interface to bridge interface. Syntax is :
|
||||||
# ngctl connect INTERFACE: BRIDGE: INTERFACE_HOOK EMPTY_LINK.
|
# ngctl connect INTERFACE: BRIDGE: INTERFACE_HOOK EMPTY_LINK.
|
||||||
# Interface has one hook named 'ether' and below line connects
|
# Interface has one hook named 'ether' and below line connects
|
||||||
# ether hook to bridge's first unconnected link.
|
# ether hook to bridge's first unconnected link.
|
||||||
|
|
||||||
echo -n "Connecting ${EIFACE}:ether to ${BRIDGE_NAME}:link${LINKNUM}..."
|
echo -n "Connecting ${EIFACE}:ether to ${BRIDGE_NAME}:link${LINKNUM}..."
|
||||||
ngctl connect ${EIFACE}: ${BRIDGE_NAME}: ether link${LINKNUM} \
|
ngctl connect ${EIFACE}: ${BRIDGE_NAME}: ether link${LINKNUM} \
|
||||||
|| exit 1
|
|| exit 1
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
# Now, bridge has one more connected link thus link count is
|
# Now, bridge has one more connected link thus link count is
|
||||||
# incremented.
|
# incremented.
|
||||||
LINKNUM=`expr ${LINKNUM} + 1`
|
LINKNUM=`expr ${LINKNUM} + 1`
|
||||||
done
|
done
|
||||||
echo "Virtual LAN established succesfully!"
|
echo "Virtual LAN established successfully!"
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -276,31 +275,31 @@ virtual_lan_stop() {
|
|||||||
echo "Nothing to stop! ${TEMP_FILE}: temp file not found"
|
echo "Nothing to stop! ${TEMP_FILE}: temp file not found"
|
||||||
else
|
else
|
||||||
|
|
||||||
echo -n "Shutdown bridge interface.."
|
echo -n "Shutdown bridge interface.."
|
||||||
OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'`
|
OBJECTS=`cat ${TEMP_FILE} | grep bridge | awk '{print $2}'`
|
||||||
for BRIDGE in ${OBJECTS}; do
|
for BRIDGE in ${OBJECTS}; do
|
||||||
ngctl shutdown ${BRIDGE}: >/dev/null 2>&1
|
ngctl shutdown ${BRIDGE}: >/dev/null 2>&1
|
||||||
done
|
done
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
echo -n "Shutdown all eiface interfaces..."
|
echo -n "Shutdown all eiface interfaces..."
|
||||||
OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'`
|
OBJECTS=`cat ${TEMP_FILE} | grep interface | awk '{print $2}'`
|
||||||
for INTERFACE in ${OBJECTS}; do
|
for INTERFACE in ${OBJECTS}; do
|
||||||
ngctl shutdown ${INTERFACE}: >/dev/null 2>&1
|
ngctl shutdown ${INTERFACE}: >/dev/null 2>&1
|
||||||
done
|
done
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
echo -n "Removing all jails..."
|
echo -n "Removing all jails..."
|
||||||
OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'`
|
OBJECTS=`cat ${TEMP_FILE} | grep node | awk '{print $2}'`
|
||||||
for NODE in ${OBJECTS}; do
|
for NODE in ${OBJECTS}; do
|
||||||
jail -r ${NODE}
|
jail -r ${NODE}
|
||||||
done
|
done
|
||||||
echo "done"
|
echo "done"
|
||||||
|
|
||||||
echo "Removing tempfile ${TEMP_FILE}"
|
echo "Removing tempfile ${TEMP_FILE}"
|
||||||
rm ${TEMP_FILE}
|
rm ${TEMP_FILE}
|
||||||
fi
|
fi
|
||||||
echo "Virtual LAN objects removed succesfully!"
|
echo "Virtual LAN objects removed successfully!"
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -327,7 +326,7 @@ case $# in
|
|||||||
echo " temp file not found"
|
echo " temp file not found"
|
||||||
else
|
else
|
||||||
virtual_lan_stop
|
virtual_lan_stop
|
||||||
fi
|
fi
|
||||||
;;
|
;;
|
||||||
help)
|
help)
|
||||||
virtual_lan_usage
|
virtual_lan_usage
|
||||||
|
Loading…
Reference in New Issue
Block a user