var_service/fw: optionally flush all netdevs; optionally prefer one 0/0 routing

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
This commit is contained in:
Denys Vlasenko 2016-07-25 16:28:57 +02:00
parent f8ddbe1ccc
commit 3191ec7cce

View File

@ -1,18 +1,20 @@
#!/bin/bash #!/bin/bash
# (using bashism: arrays) # (using bashism: arrays)
service="${PWD##*/}" user="root"
rundir="/var/run/service/$service" reset_all_netdevs=true
preferred_default_route_iface="if"
user=root extif="if"
extif=if ext_open_tcp="22 80 88" # space-separated
ext_open_tcp="21 22 80" # space-separated
# Make ourself one-shot # Make ourself one-shot
sv o . sv o .
# Debug # Debug
#date '+%Y-%m-%d %H:%M:%S' >>"$0.log" #date '+%Y-%m-%d %H:%M:%S' >>"$0.log"
service=`basename $PWD`
rundir="/var/run/service/$service"
### filter This is the default table (if no -t option is passed). It contains ### filter This is the default table (if no -t option is passed). It contains
### the built-in chains INPUT (for packets coming into the box itself), ### the built-in chains INPUT (for packets coming into the box itself),
### FORWARD (for packets being routed through the box), and OUTPUT (for ### FORWARD (for packets being routed through the box), and OUTPUT (for
@ -70,7 +72,6 @@ ln -s "$rundir" rundir
# Timestamping # Timestamping
date '+%Y-%m-%d %H:%M:%S' date '+%Y-%m-%d %H:%M:%S'
echo; echo "* Reading IP config" echo; echo "* Reading IP config"
cfg=-1 cfg=-1
# static cfg dhcp,zeroconf etc # static cfg dhcp,zeroconf etc
@ -86,11 +87,19 @@ echo; echo "* Configuring hardware"
#doit ethtool -K if rx off tx off sg off tso off #doit ethtool -K if rx off tx off sg off tso off
echo; echo "* Resetting address and routing info" echo; echo "* Resetting address and routing info"
if $reset_all_netdevs; then
devs=`sed -n 's/ //g;s/:.*$//p' </proc/net/dev`
for if in $devs; do
doit ip a f dev "$if"
doit ip r f dev "$if" root 0/0
done
else
doit ip a f dev lo doit ip a f dev lo
i=0; while test "${if[$i]}"; do i=0; while test "${if[$i]}"; do
doit ip a f dev "${if[$i]}" doit ip a f dev "${if[$i]}"
doit ip r f dev "${if[$i]}" root 0/0 doit ip r f dev "${if[$i]}" root 0/0
let i++; done let i++; done
fi
echo; echo "* Configuring addresses" echo; echo "* Configuring addresses"
doit ip a a dev lo 127.0.0.1/8 scope host doit ip a a dev lo 127.0.0.1/8 scope host
@ -103,7 +112,22 @@ i=0; while test "${if[$i]}"; do
let i++; done let i++; done
echo; echo "* Configuring routes" echo; echo "* Configuring routes"
# If several ifaces are configured via DHCP, they often both have 0/0 route.
# They have no way of knowing that this route is offered on more than one iface.
# Often, it's desirable to prefer one iface: say, wired eth over wireless.
# if preferred_default_route_iface is not set, 0/0 route will be assigned randomly.
if test "$preferred_default_route_iface"; then
i=0; while test "${if[$i]}"; do i=0; while test "${if[$i]}"; do
if test "${if[$i]}" = "$preferred_default_route_iface" \
&& test "${net[$i]}" = "0/0" \
&& test "${gw[$i]}"; then
echo "+ default route through ${if[$i]}, ${gw[$i]}:"
doit ip r a "${net[$i]}" via "${gw[$i]}"
fi
let i++; done
fi
i=0; while test "${if[$i]}"; do
#echo $i:"${if[$i]}"
if test "${net[$i]}" && test "${gw[$i]}"; then if test "${net[$i]}" && test "${gw[$i]}"; then
doit ip r a "${net[$i]}" via "${gw[$i]}" doit ip r a "${net[$i]}" via "${gw[$i]}"
fi fi