Gitiles
Code Review Sign In
192.168.1.100 / T108 / c2023d5d03be91dbb983606f0ec5e9e4ea36c8c2 / . / external / subpack / net / fwknop / files / fwknopd.init
blob: 4c07d15d8c5984e24625775997d565ce7e6a93aa [file] [log] [blame]
b.liue9582032025-04-17 19:18:16 +0800[diff] [blame]1#!/bin/sh /etc/rc.common
2#
3# Fwknop is developed primarily by the people listed in the file 'AUTHORS'.
4# Copyright (C) 2009-2014 fwknop developers and contributors. For a full
5# list of contributors, see the file 'CREDITS'.
6#
7
8USE_PROCD=1
9START=95
10
11. "${IPKG_INSTROOT}/lib/functions/network.sh"
12
13FWKNOPD_BIN=/usr/sbin/fwknopd
14FWKNOPD_CFGDIR=/var/etc/fwknop
15
16start_service()
17{
18 generate_configuration
19
20 if [ -n "${DEPEND_IFNAME}" ] ; then
21 # We know the interface, so we can start
22 procd_open_instance
23 procd_set_param command "${FWKNOPD_BIN}" --foreground --syslog-enable
24 procd_set_param respawn
25 if [ "${UCI_ENABLED}" -eq 1 ]; then
26 procd_append_param command -c "${FWKNOPD_CFGDIR}/fwknopd.conf"
27 procd_append_param command -a "${FWKNOPD_CFGDIR}/access.conf"
28 fi
29 procd_append_param command -i "${DEPEND_IFNAME}"
30 procd_set_param netdev "${DEPEND_IFNAME}"
31 procd_close_instance
32 else
33 logger -p daemon.info -t "fwknopd[$$]" "Postponing start-up of fwknopd, network ${NETWORK} is not up"
34 fi
35}
36
37service_triggers()
38{
39 procd_add_reload_trigger "fwknopd"
40
41 if [ -n "${NETWORK}" ] ; then
42 logger -p daemon.info -t "fwknopd[$$]" "Listening for changes on network ${NETWORK}"
43 procd_add_reload_interface_trigger "${NETWORK}"
44 fi
45}
46
47get_bool()
48{
49 local _tmp="${1}"
50 case "${_tmp}" in
51 1|on|true|yes|enabled) _tmp=1;;
52 0|off|false|no|disabled) _tmp=0;;
53 *) _tmp="${2}";;
54 esac
55 echo -n "${_tmp}"
56}
57
58generate_configuration()
59{
60 [ -f /tmp/access.conf.tmp ] && rm /tmp/access.conf.tmp
61
62 UCI_ENABLED=0
63 DEPEND_IFNAME=
64 NETWORK=
65 local PCAP_INTF=
66 local USER_CONFIG_PATH=/etc/fwknop/fwknopd.conf
67 local DEFAULT_UCI_NETWORK=wan
68 local DEFAULT_FWKNOPD_IFNAME=
69
70 network_get_device DEFAULT_FWKNOPD_IFNAME "${DEFAULT_UCI_NETWORK}"
71
72 config_cb() {
73 local type="${1}"
74 local name="${2}"
75 if [ "${type}" = "global" ]; then
76 option_cb() {
77 local option="${1}"
78 local value="${2}"
79 if [ "${option}" = "uci_enabled" ] && [ "$(get_bool "${value}" 0)" -eq 1 ] ; then
80 mkdir -p "${FWKNOPD_CFGDIR}"
81 > "${FWKNOPD_CFGDIR}/fwknopd.conf"
82 > "${FWKNOPD_CFGDIR}/access.conf"
83 chmod 600 "${FWKNOPD_CFGDIR}/fwknopd.conf"
84 chmod 600 "${FWKNOPD_CFGDIR}/access.conf"
85 UCI_ENABLED=1
86 fi
87 }
88 elif [ "${type}" = "network" ]; then
89 option_cb() {
90 local option="${1}"
91 local value="${2}"
92 if [ "${UCI_ENABLED}" -eq 1 ] && [ "${option}" = "network" ]; then
93 NETWORK="${value}"
94 fi
95 }
96 elif [ "${type}" = "config" ]; then
97 option_cb() {
98 local option="${1}"
99 local value="${2}"
100 if [ "${UCI_ENABLED}" -eq 1 ]; then
101 if [ "${option}" = "PCAP_INTF" ]; then
102 PCAP_INTF="${value}"
103 fi
104 echo "${option} ${value}" >> "${FWKNOPD_CFGDIR}/fwknopd.conf" #writing each option to fwknopd.conf
105 fi
106 }
107 elif [ "${type}" = "access" ]; then
108 if [ -f /tmp/access.conf.tmp ] ; then
109 cat /tmp/access.conf.tmp >> "${FWKNOPD_CFGDIR}/access.conf"
110 rm /tmp/access.conf.tmp
111 fi
112 option_cb() {
113 local option="${1}"
114 local value="${2}"
115 if [ "${UCI_ENABLED}" -eq 1 ]; then
116 if [ "${option}" = "SOURCE" ]; then
117 echo "${option} ${value}" >> "${FWKNOPD_CFGDIR}/access.conf" #writing each option to access.conf
118 else
119 echo "${option} ${value}" >> /tmp/access.conf.tmp #writing each option to access.conf
120 fi
121 fi
122 }
123 else
124 reset_cb
125 if [ -z "${type}" ]; then
126 # Finalize reading
127 if [ -f /tmp/access.conf.tmp ] ; then
128 cat /tmp/access.conf.tmp >> "${FWKNOPD_CFGDIR}/access.conf"
129 rm /tmp/access.conf.tmp
130 fi
131 fi
132 fi
133 }
134
135 if [ -f /etc/config/fwknopd ]; then
136 config_load fwknopd
137 fi
138
139 if [ "${UCI_ENABLED}" -eq 0 ]; then
140 if [ -f "${USER_CONFIG_PATH}" ] ; then
141 # Scan user configuration for PCAP_INTF settings and fallback to fwknopd's default
142 DEPEND_IFNAME="$( sed -ne '/^\s*PCAP_INTF\s\+/ { s/^\s*PCAP_INTF\s\+//; s/\s\+$//; p; q; }' ${USER_CONFIG_PATH} )"
143 if [ -n "${DEPEND_IFNAME}" ]; then
144 logger -p daemon.debug -t "fwknopd[$$]" "Found fwknopd.conf configuration, using PCAP_INTF interface ${DEPEND_IFNAME}"
145 else
146 logger -p daemon.info -t "fwknopd[$$]" "No PCAP_INTF interface specified in fwknopd.conf, fwknopd's default ${DEFAULT_FWKNOPD_IFNAME} will be used"
147 DEPEND_IFNAME="${DEFAULT_FWKNOPD_IFNAME}"
148 fi
149 else
150 logger -p daemon.error -t "fwknopd[$$]" "No ${USER_CONFIG_PATH} found, not starting"
151 exit 1
152 fi
153 elif [ "${UCI_ENABLED}" -eq 1 ]; then
154 if [ -n "${NETWORK}" ] && [ -n "${PCAP_INTF}" ]; then
155 logger -p daemon.warn -t "fwknopd[$$]" "Specified both network and PCAP_INTF. Ignoring PCAP_INTF"
156 elif [ -z "${NETWORK}" ] && [ -z "${PCAP_INTF}" ]; then
157 # Fallback - compatibility with old script, which used wan interface by default
158 logger -p daemon.info -t "fwknopd[$$]" "Neither network, nor PCAP_INTF interface specified, trying network ${DEFAULT_UCI_NETWORK}"
159 NETWORK="${DEFAULT_UCI_NETWORK}"
160 fi
161
162 # Resolve network if possible
163 if [ -n "${NETWORK}" ]; then
164 network_get_device DEPEND_IFNAME "${NETWORK}"
165 if [ -n "${DEPEND_IFNAME}" ]; then
166 logger -p daemon.debug -t "fwknopd[$$]" "Resolved network ${NETWORK} as interface ${DEPEND_IFNAME}"
167 else
168 logger -p daemon.warn -t "fwknopd[$$]" "Cannot find interface for network ${NETWORK}, probably the network is not up"
169 fi
170 elif [ -n "${PCAP_INTF}" ]; then
171 DEPEND_IFNAME="${PCAP_INTF}"
172 logger -p daemon.debug -t "fwknopd[$$]" "Using configured PCAP_INTF interface ${DEPEND_IFNAME}"
173 fi
174 fi
175}