root / hooks / group-modify-post.d / snf-network @ 7d163a24
History | View | Annotate | Download (2.7 kB)
1 |
#!/bin/bash |
---|---|
2 |
|
3 |
source /etc/default/snf-network |
4 |
|
5 |
GROUP=$GANETI_GROUP_NAME |
6 |
|
7 |
ACTION=$GANETI_GROUP_NETWORK_ACTION |
8 |
NETWORK=$GANETI_GROUP_NETWORK_NAME |
9 |
MODE=$GANETI_GROUP_NETWORK_MODE |
10 |
LINK=$GANETI_GROUP_NETWORK_LINK |
11 |
|
12 |
|
13 |
|
14 |
if [ -z $ACTION ]; then |
15 |
exit 0 |
16 |
fi |
17 |
|
18 |
NETFILE=$SHAREDDIR/networks/$NETWORK |
19 |
|
20 |
MAPFILE=$SHAREDDIR/mappings/$NETWORK-$GROUP |
21 |
|
22 |
function set_rt_table { |
23 |
ID=$(sed -n '/^$/ { =; q}' /etc/iproute2/rt_tables) |
24 |
if [ -z $ID ]; then |
25 |
ID=$(wc -l /etc/iproute2/rt_tables) |
26 |
echo $((ID+1)) rt_$NETWORK > /etc/iproute2/rt_tables |
27 |
else |
28 |
sed -i '1,/^$/ s/^$/'"$ID"' rt_'"$NETWORK"'/' /etc/iproute2/rt_tables |
29 |
fi |
30 |
} |
31 |
|
32 |
|
33 |
|
34 |
if [ $ACTION == "add" ]; then |
35 |
if [ $MODE == "routed" ]; then |
36 |
VLAN=$LINK |
37 |
if [ $TYPE == "public" ]; then |
38 |
ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}') |
39 |
|
40 |
ip link set $VLAN up |
41 |
|
42 |
echo 1 > "/proc/sys/net/ipv4/conf/$VLAN/proxy_arp" |
43 |
|
44 |
set_rt_table |
45 |
|
46 |
ip rule add iif $VLAN table rt_$NETWORK |
47 |
|
48 |
ip route add $SUBNET dev $VLAN table main |
49 |
|
50 |
ip route add $SUBNET dev $VLAN table rt_$NETWORK |
51 |
ip route add default via $GATEWAY dev $VLAN table rt_$NETWORK |
52 |
|
53 |
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding |
54 |
|
55 |
arptables -A OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP |
56 |
fi |
57 |
fi |
58 |
|
59 |
|
60 |
|
61 |
if [ $MODE == "bridged" ]; then |
62 |
BRIDGE=$LINK |
63 |
if [ ! -z $GATEWAY ]; then |
64 |
if [ $TYPE == "private" ]; then |
65 |
if [ $(hostname) == $ROUTER ]; then |
66 |
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}') |
67 |
ip addr add $GATEWAY/$NETMASK dev $BRIDGE |
68 |
iptables -t nat -A POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE |
69 |
fi |
70 |
fi |
71 |
fi |
72 |
fi |
73 |
|
74 |
cat > $MAPFILE <<EOF |
75 |
MODE=$MODE |
76 |
LINK=$LINK |
77 |
EOF |
78 |
|
79 |
else |
80 |
|
81 |
source $MAPFILE |
82 |
|
83 |
if [ "$MODE" == "routed" ]; then |
84 |
VLAN=$LINK |
85 |
TABLE=rt_$NETWORK |
86 |
if [ $TYPE == "public" ]; then |
87 |
ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}') |
88 |
|
89 |
arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP |
90 |
|
91 |
ip route del default via $GATEWAY dev $VLAN table $TABLE |
92 |
ip route del $SUBNET dev $VLAN table $TABLE |
93 |
|
94 |
ip route del $SUBNET dev $VLAN table main |
95 |
|
96 |
ip rule del iif $VLAN table $TABLE |
97 |
sed -i 's/.*'"$TABLE"'$//' /etc/iproute2/rt_tables |
98 |
fi |
99 |
fi |
100 |
|
101 |
|
102 |
|
103 |
if [ "$MODE" == "bridged" ]; then |
104 |
BRIDGE=$LINK |
105 |
if [ ! -z $GATEWAY ]; then |
106 |
if [ $TYPE == "private" ]; then |
107 |
if [ $(hostname) == $ROUTER ]; then |
108 |
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}') |
109 |
ip addr del $GATEWAY/$NETMASK dev $BRIDGE |
110 |
iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE |
111 |
fi |
112 |
fi |
113 |
fi |
114 |
fi |
115 |
|
116 |
rm $MAPFILE |
117 |
|
118 |
fi |