YunoHost-Apps/hotspot_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/hotspot_ynh.git synced 2024-09-03 19:25:53 +02:00
Code Issues Activity Actions

Try to simplify code readability by merging set/unset ipv4/6 together

Browse source
This commit is contained in:
Alexandre Aubin 2021-11-16 00:46:09 +01:00
parent e19af5f6b9
commit 19d25d4e8b
1 changed files with 83 additions and 112 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

195
conf/ynh-hotspot
View file

@ -44,21 +44,21 @@ is_nat_set() {
is_ip4nataddr_set() { is_ip4nataddr_set() {
local i=${1} local i=${1}
dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
ip address show dev "${dev}" 2>/dev/null | grep -q "${ip4_nat_prefix[${i}]}.1/24" ip address show dev "${dev}" 2>/dev/null | grep -q "${ip4_nat_prefix[${i}]}.1/24"
} }
is_ip6addr_set() { is_ip6addr_set() {
local i=${1} local i=${1}
dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
ip address show dev "${dev}" 2>/dev/null | grep -q "$(ip6addrfromdelegatedprefix $i)/64" ip address show dev "${dev}" 2>/dev/null | grep -q "$(ip6addrfromdelegatedprefix $i)/64"
} }
is_ip6firewall_set() { is_ip6firewall_set() {
local i=${1} local i=${1}
dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
ip6tables -w -nvL FORWARD | grep DROP | grep -q "${dev}" ip6tables -w -nvL FORWARD | grep DROP | grep -q "${dev}"
} }
@ -109,28 +109,34 @@ set_nat() {
iptables -w -t nat -A POSTROUTING -o "${gateway_interface}" -j MASQUERADE iptables -w -t nat -A POSTROUTING -o "${gateway_interface}" -j MASQUERADE
} }
set_ip4nataddr() { set_ipaddr() {
local i=${1} local i=${1}
local dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
ip address add "${ip4_nat_prefix[${i}]}.1/24" dev "${dev}" if ! is_ip4nataddr_set ${i}; then
echo "hotspot${i}: Set IPv4 NAT address"
ip address add "${ip4_nat_prefix[${i}]}.1/24" dev "${dev}"
fi
if has_ip6delegatedprefix ${i} && ! is_ip6addr_set ${i}; then
echo "hotspot${i}: Set IPv6 address"
ip address delete "$(ip6addrfromdelegatedprefix $i)/64" dev tun0 &>/dev/null
ip address add "$(ip6addrfromdelegatedprefix $i)/64" dev "${dev}"
fi
} }
set_ip6addr() { set_ipfirewall() {
local i=${1} local i=${1}
local dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
ip address delete "$(ip6addrfromdelegatedprefix $i)/64" dev tun0 &>/dev/null # Set ipv6 firewalling
ip address add "$(ip6addrfromdelegatedprefix $i)/64" dev "${dev}" if has_ip6delegatedprefix ${i} && [ "${ip6_firewall[${i}]}" -eq 1 ] && ! is_ip6firewall_set ${i}; then
} echo "hotspot${i}: Set IPv6 firewalling"
ip6tables -w -A FORWARD -i "${dev}" -j ACCEPT
ip6tables -w -A FORWARD -o "${dev}" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -w -A FORWARD -o "${dev}" -j DROP
fi
set_ip6firewall() {
local i=${1}
local dev=$(devfromid "${i}")
ip6tables -w -A FORWARD -i "${dev}" -j ACCEPT
ip6tables -w -A FORWARD -o "${dev}" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -w -A FORWARD -o "${dev}" -j DROP
} }
set_forwarding() { set_forwarding() {
@ -138,30 +144,35 @@ set_forwarding() {
sysctl -w net.ipv4.conf.all.forwarding=1 >/dev/null sysctl -w net.ipv4.conf.all.forwarding=1 >/dev/null
} }
start_dhcpd6() { start_dhcpd() {
local i=${1} local i=${1}
local dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
cp /etc/dnsmasq.dhcpd/dhcpdv6{.conf.tpl,-ssid${i}.conf} # Run DHCPv4 server
if ! is_dhcpd4_running ${i}; then
echo "hotspot${i}: Start the DHCPv4 server (dnsmasq)"
sed "s|__WIFI_DEVICE__|${dev}|g" -i /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf cp /etc/dnsmasq.dhcpd/dhcpdv4{.conf.tpl,-ssid${i}.conf}
sed "s|__IP6_DNS__|${ip6_dns[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf
sed "s|__IP6_NET__|${ip6_net[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf
dnsmasq -C /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf -p0 sed "s|__WIFI_DEVICE__|${dev}|g" -i /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf
} sed "s|__IP4_DNS__|${ip4_dns[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf
sed "s|__IP4_NAT_PREFIX__|${ip4_nat_prefix[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf
start_dhcpd4() { dnsmasq -C /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf -p0
local i=${1} fi
local dev=$(devfromid "${i}")
cp /etc/dnsmasq.dhcpd/dhcpdv4{.conf.tpl,-ssid${i}.conf} # Run DHCPv6 server
if has_ip6delegatedprefix ${i} && ! is_dhcpd6_running ${i}; then
echo "hotspot${i}: Start the NDP and DHCPv6 server (dnsmasq)"
sed "s|__WIFI_DEVICE__|${dev}|g" -i /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf cp /etc/dnsmasq.dhcpd/dhcpdv6{.conf.tpl,-ssid${i}.conf}
sed "s|__IP4_DNS__|${ip4_dns[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf
sed "s|__IP4_NAT_PREFIX__|${ip4_nat_prefix[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf
dnsmasq -C /etc/dnsmasq.dhcpd/dhcpdv4-ssid${i}.conf -p0 sed "s|__WIFI_DEVICE__|${dev}|g" -i /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf
sed "s|__IP6_DNS__|${ip6_dns[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf
sed "s|__IP6_NET__|${ip6_net[${i}]}|g" -i /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf
dnsmasq -C /etc/dnsmasq.dhcpd/dhcpdv6-ssid${i}.conf -p0
fi
} }
configure_hostapd() { configure_hostapd() {
@ -200,27 +211,31 @@ unset_nat() {
iptables -w -t nat -D POSTROUTING -o "${gateway_interface}" -j MASQUERADE iptables -w -t nat -D POSTROUTING -o "${gateway_interface}" -j MASQUERADE
} }
unset_ip4nataddr() { unset_ipaddr() {
local i=${1} local i=${1}
local dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
ip address delete "${ip4_nat_prefix[${i}]}.1/24" dev "${dev}" if is_ip4nataddr_set ${i}; then
echo "hotspot${i}: Unset IPv4 NAT address"
ip address delete "${ip4_nat_prefix[${i}]}.1/24" dev "${dev}"
fi
if has_ip6delegatedprefix ${i} && is_ip6addr_set ${i}; then
echo "hotspot${i}: Unset IPv6 address"
ip address delete "$(ip6addrfromdelegatedprefix $i)/64" dev "${dev}"
fi
} }
unset_ip6addr() { unset_ipfirewall() {
local i=${1} local i=${1}
local dev=$(devfromid "${i}") local dev=$(devfromid "${i}")
ip address delete "$(ip6addrfromdelegatedprefix $i)/64" dev "${dev}" if has_ip6delegatedprefix ${i} && [ "${ip6_firewall[${i}]}" -eq 1 ] && is_ip6firewall_set ${i}; then
} echo "hotspot${i}: Unset IPv6 firewalling"
ip6tables -w -D FORWARD -i "${dev}" -j ACCEPT
unset_ip6firewall() { ip6tables -w -D FORWARD -o "${dev}" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
local i=${1} ip6tables -w -D FORWARD -o "${dev}" -j DROP
local dev=$(devfromid "${i}") fi
ip6tables -w -D FORWARD -i "${dev}" -j ACCEPT
ip6tables -w -D FORWARD -o "${dev}" -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
ip6tables -w -D FORWARD -o "${dev}" -j DROP
} }
unset_forwarding() { unset_forwarding() {
@ -228,14 +243,23 @@ unset_forwarding() {
sysctl -w net.ipv4.conf.all.forwarding=0 >/dev/null sysctl -w net.ipv4.conf.all.forwarding=0 >/dev/null
} }
stop_dhcpd6() { stop_dhcpd() {
kill $(ps aux | grep 'dhcpdv6-ssid' | grep -v grep | awk '{ print $2 }') local i=${1}
rm -f /etc/dnsmasq.d/dhcpdv6-ssid*.conf
if is_dhcpd6_running ${i}; then
echo "hotspot${i}: Stop the NDP and DHCPv6 server (dnsmasq)"
kill $(ps aux | grep 'dhcpdv6-ssid' | grep -v grep | awk '{ print $2 }')
rm -f /etc/dnsmasq.d/dhcpdv6-ssid*.conf
fi
if is_dhcpd4_running ${i}; then
echo "hotspot${i}: Stop the DHCPv4 server (dnsmasq)"
kill $(ps aux | grep 'dhcpdv4-ssid' | grep -v grep | awk '{ print $2 }')
rm -f /etc/dnsmasq.d/dhcpdv4-ssid*.conf
fi
} }
stop_dhcpd4() { stop_dhcpd4() {
kill $(ps aux | grep 'dhcpdv4-ssid' | grep -v grep | awk '{ print $2 }')
rm -f /etc/dnsmasq.d/dhcpdv4-ssid*.conf
} }
stop_hostapd() { stop_hostapd() {
@ -370,10 +394,8 @@ start)
fi fi
# Set forwarding for ipv6 and ipv4 # Set forwarding for ipv6 and ipv4
if ! is_forwarding_set; then echo "Set forwarding"
echo "Set forwarding" set_forwarding
set_forwarding
fi
# Run hostapd # Run hostapd
if ! is_hostapd_running; then if ! is_hostapd_running; then
@ -402,37 +424,9 @@ start)
# For each registred ssid # For each registred ssid
for i in $(seq 0 $((${multissid} - 1))); do for i in $(seq 0 $((${multissid} - 1))); do
set_ipaddr ${i}
# Set ipv4 NAT address set_ipfirewall ${i}
if ! is_ip4nataddr_set ${i}; then start_dhcpd ${i}
echo "hotspot${i}: Set IPv4 NAT address"
set_ip4nataddr ${i}
fi
# Set the ipv6 address
if has_ip6delegatedprefix ${i} && ! is_ip6addr_set ${i}; then
echo "hotspot${i}: Set IPv6 address"
set_ip6addr ${i}
fi
# Set ipv6 firewalling
if has_ip6delegatedprefix ${i} && [ "${ip6_firewall[${i}]}" -eq 1 ] && ! is_ip6firewall_set ${i}; then
echo "hotspot${i}: Set IPv6 firewalling"
set_ip6firewall ${i}
fi
# Run DHCPv6 server
if has_ip6delegatedprefix ${i} && ! is_dhcpd6_running ${i}; then
echo "hotspot${i}: Start the NDP and DHCPv6 server (dnsmasq)"
start_dhcpd6 ${i}
fi
# Run DHCPv4 server
if ! is_dhcpd4_running ${i}; then
echo "hotspot${i}: Start the DHCPv4 server (dnsmasq)"
start_dhcpd4 ${i}
fi
done done
# Update dynamic settings # Update dynamic settings
@ -447,36 +441,13 @@ stop)
unset_nat "${old_gateway_interface}" unset_nat "${old_gateway_interface}"
fi fi
if is_forwarding_set; then echo "Unset forwarding"
echo "Unset forwarding" unset_forwarding
unset_forwarding
fi
for i in $(seq 0 $((${multissid} - 1))); do for i in $(seq 0 $((${multissid} - 1))); do
if is_ip4nataddr_set ${i}; then unset_ipaddr ${i}
echo "hotspot${i}: Unset IPv4 NAT address" unset_ipfirewall ${i}
unset_ip4nataddr ${i} stop_dhcpd ${i}
fi
if has_ip6delegatedprefix ${i} && is_ip6addr_set ${i}; then
echo "hotspot${i}: Unset IPv6 address"
unset_ip6addr ${i}
fi
if has_ip6delegatedprefix ${i} && [ "${ip6_firewall[${i}]}" -eq 1 ] && is_ip6firewall_set ${i}; then
echo "hotspot${i}: Unset IPv6 firewalling"
unset_ip6firewall ${i}
fi
if is_dhcpd6_running ${i}; then
echo "hotspot${i}: Stop the NDP and DHCPv6 server (dnsmasq)"
stop_dhcpd6 ${i}
fi
if is_dhcpd4_running ${i}; then
echo "hotspot${i}: Stop the DHCPv4 server (dnsmasq)"
stop_dhcpd4 ${i}
fi
done done
if is_hostapd_running; then if is_hostapd_running; then