/common.sh - Annotate - snf-network - Greek Research and Technology Network's projects

root / common.sh @ 859d4ba0

History | View | Annotate | Download (8.4 kB)

1	38305e4c	Dimitris Aragiorgis	#!/bin/bash
2	38305e4c	Dimitris Aragiorgis
3	38305e4c	Dimitris Aragiorgis	function try {
4	38305e4c	Dimitris Aragiorgis
5	38305e4c	Dimitris Aragiorgis	$1 &>/dev/null \|\| true
6	38305e4c	Dimitris Aragiorgis
7	38305e4c	Dimitris Aragiorgis	}
8	38305e4c	Dimitris Aragiorgis
9	38305e4c	Dimitris Aragiorgis	function clear_routed_setup_ipv4 {
10	38305e4c	Dimitris Aragiorgis
11	38305e4c	Dimitris Aragiorgis	arptables -D OUTPUT -o $INTERFACE --opcode request -j mangle
12	38305e4c	Dimitris Aragiorgis	while ip rule del dev $INTERFACE; do :; done
13	38305e4c	Dimitris Aragiorgis	iptables -D FORWARD -i $INTERFACE -p udp --dport 67 -j DROP
14	38305e4c	Dimitris Aragiorgis
15	38305e4c	Dimitris Aragiorgis	}
16	38305e4c	Dimitris Aragiorgis
17	38305e4c	Dimitris Aragiorgis	function clear_routed_setup_ipv6 {
18	38305e4c	Dimitris Aragiorgis
19	38305e4c	Dimitris Aragiorgis	while ip -6 rule del dev $INTERFACE; do :; done
20	38305e4c	Dimitris Aragiorgis
21	38305e4c	Dimitris Aragiorgis	}
22	38305e4c	Dimitris Aragiorgis
23	38305e4c	Dimitris Aragiorgis
24	38305e4c	Dimitris Aragiorgis	function clear_routed_setup_firewall {
25	38305e4c	Dimitris Aragiorgis
26	38305e4c	Dimitris Aragiorgis	for oldchain in protected unprotected limited; do
27	38305e4c	Dimitris Aragiorgis	iptables -D FORWARD -o $INTERFACE -j $oldchain
28	38305e4c	Dimitris Aragiorgis	ip6tables -D FORWARD -o $INTERFACE -j $oldchain
29	38305e4c	Dimitris Aragiorgis	done
30	38305e4c	Dimitris Aragiorgis
31	38305e4c	Dimitris Aragiorgis	}
32	38305e4c	Dimitris Aragiorgis
33	38305e4c	Dimitris Aragiorgis	function clear_ebtables {
34	38305e4c	Dimitris Aragiorgis
35	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -D FORWARD -i $INTERFACE -j $FROM
36	a67910c4	Dimitris Aragiorgis	runlocked $RUNLOCKED_OPTS ebtables -D INPUT -i $INTERFACE -j $FROM
37	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -D FORWARD -o $INTERFACE -j $TO
38	a67910c4	Dimitris Aragiorgis	runlocked $RUNLOCKED_OPTS ebtables -D OUTPUT -o $INTERFACE -j $TO
39	38305e4c	Dimitris Aragiorgis
40	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -X $FROM
41	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -X $TO
42	38305e4c	Dimitris Aragiorgis	}
43	38305e4c	Dimitris Aragiorgis
44	38305e4c	Dimitris Aragiorgis
45	38305e4c	Dimitris Aragiorgis	function clear_nfdhcpd {
46	38305e4c	Dimitris Aragiorgis
47	38305e4c	Dimitris Aragiorgis	rm $NFDHCPD_STATE_DIR/$INTERFACE
48	38305e4c	Dimitris Aragiorgis
49	38305e4c	Dimitris Aragiorgis	}
50	38305e4c	Dimitris Aragiorgis
51	38305e4c	Dimitris Aragiorgis
52	38305e4c	Dimitris Aragiorgis	function routed_setup_ipv4 {
53	38305e4c	Dimitris Aragiorgis
54	0363b080	Dimitris Aragiorgis	if [ -z "$INTERFACE" -o -z "$NETWORK_GATEWAY" -o -z "$IP" -o -z "$TABLE" ]
55	0363b080	Dimitris Aragiorgis	then
56	0363b080	Dimitris Aragiorgis	return
57	0363b080	Dimitris Aragiorgis	fi
58	0363b080	Dimitris Aragiorgis
59	38305e4c	Dimitris Aragiorgis	# mangle ARPs to come from the gw's IP
60	38305e4c	Dimitris Aragiorgis	arptables -A OUTPUT -o $INTERFACE --opcode request -j mangle --mangle-ip-s "$NETWORK_GATEWAY"
61	38305e4c	Dimitris Aragiorgis
62	38305e4c	Dimitris Aragiorgis	# route interface to the proper routing table
63	38305e4c	Dimitris Aragiorgis	ip rule add dev $INTERFACE table $TABLE
64	38305e4c	Dimitris Aragiorgis
65	38305e4c	Dimitris Aragiorgis	# static route mapping IP -> INTERFACE
66	38305e4c	Dimitris Aragiorgis	ip route replace $IP proto static dev $INTERFACE table $TABLE
67	38305e4c	Dimitris Aragiorgis
68	38305e4c	Dimitris Aragiorgis	# Enable proxy ARP
69	38305e4c	Dimitris Aragiorgis	echo 1 > /proc/sys/net/ipv4/conf/$INTERFACE/proxy_arp
70	1bdc9427	Dimitris Aragiorgis
71	1bdc9427	Dimitris Aragiorgis	# Send GARP from host to upstream router
72	1bdc9427	Dimitris Aragiorgis	get_uplink $TABLE
73	1bdc9427	Dimitris Aragiorgis	echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind
74	859d4ba0	Dimitris Aragiorgis	$SNF_NETWORK_LOG $0 "arping -c3 -I $UPLINK -U $IP"
75	1bdc9427	Dimitris Aragiorgis	arping -c3 -I $UPLINK -U $IP
76	1bdc9427	Dimitris Aragiorgis	echo 0 > /proc/sys/net/ipv4/ip_nonlocal_bind
77	1bdc9427	Dimitris Aragiorgis
78	38305e4c	Dimitris Aragiorgis	}
79	38305e4c	Dimitris Aragiorgis
80	38305e4c	Dimitris Aragiorgis	function routed_setup_ipv6 {
81	38305e4c	Dimitris Aragiorgis	# Add a routing entry for the eui-64
82	1bdc9427	Dimitris Aragiorgis	get_uplink $TABLE "-6"
83	1bdc9427	Dimitris Aragiorgis	get_eui64 $MAC $NETWORK_SUBNET6
84	38305e4c	Dimitris Aragiorgis
85	1bdc9427	Dimitris Aragiorgis	if [ -z "$EUI64" -o -z "$TABLE" -o -z "$INTERFACE" -o -z "$UPLINK" ]
86	0363b080	Dimitris Aragiorgis	then
87	0363b080	Dimitris Aragiorgis	return
88	0363b080	Dimitris Aragiorgis	fi
89	38305e4c	Dimitris Aragiorgis
90	38305e4c	Dimitris Aragiorgis	ip -6 rule add dev $INTERFACE table $TABLE
91	1bdc9427	Dimitris Aragiorgis	ip -6 ro replace $EUI64/128 dev $INTERFACE table $TABLE
92	1bdc9427	Dimitris Aragiorgis	ip -6 neigh add proxy $EUI64 dev $UPLINK
93	38305e4c	Dimitris Aragiorgis
94	38305e4c	Dimitris Aragiorgis	# disable proxy NDP since we're handling this on userspace
95	38305e4c	Dimitris Aragiorgis	# this should be the default, but better safe than sorry
96	38305e4c	Dimitris Aragiorgis	echo 0 > /proc/sys/net/ipv6/conf/$INTERFACE/proxy_ndp
97	1bdc9427	Dimitris Aragiorgis
98	1bdc9427	Dimitris Aragiorgis	# Send Unsolicited Neighbor Advertisement
99	859d4ba0	Dimitris Aragiorgis	$SNF_NETWORK_LOG $0 "ndsend $EUI64 $UPLINK"
100	1bdc9427	Dimitris Aragiorgis	ndsend $EUI64 $UPLINK
101	1bdc9427	Dimitris Aragiorgis
102	38305e4c	Dimitris Aragiorgis	}
103	38305e4c	Dimitris Aragiorgis
104	38305e4c	Dimitris Aragiorgis	# pick a firewall profile per NIC, based on tags (and apply it)
105	38305e4c	Dimitris Aragiorgis	function routed_setup_firewall {
106	a336b166	Dimitris Aragiorgis	# for latest ganeti there is no need to check other but uuid
107	a336b166	Dimitris Aragiorgis	ifprefixindex="synnefo:network:$INTERFACE_INDEX:"
108	a336b166	Dimitris Aragiorgis	ifprefixname="synnefo:network:$INTERFACE_NAME:"
109	a336b166	Dimitris Aragiorgis	ifprefixuuid="synnefo:network:$INTERFACE_UUID:"
110	38305e4c	Dimitris Aragiorgis	for tag in $TAGS; do
111	a336b166	Dimitris Aragiorgis	tag=${tag#$ifprefixindex}
112	a336b166	Dimitris Aragiorgis	tag=${tag#$ifprefixname}
113	a336b166	Dimitris Aragiorgis	tag=${tag#$ifprefixuuid}
114	a336b166	Dimitris Aragiorgis	case $tag in
115	38305e4c	Dimitris Aragiorgis	protected)
116	38305e4c	Dimitris Aragiorgis	chain=protected
117	38305e4c	Dimitris Aragiorgis	;;
118	38305e4c	Dimitris Aragiorgis	unprotected)
119	38305e4c	Dimitris Aragiorgis	chain=unprotected
120	38305e4c	Dimitris Aragiorgis	;;
121	38305e4c	Dimitris Aragiorgis	limited)
122	38305e4c	Dimitris Aragiorgis	chain=limited
123	38305e4c	Dimitris Aragiorgis	;;
124	38305e4c	Dimitris Aragiorgis	esac
125	38305e4c	Dimitris Aragiorgis	done
126	38305e4c	Dimitris Aragiorgis
127	38305e4c	Dimitris Aragiorgis	if [ "x$chain" != "x" ]; then
128	38305e4c	Dimitris Aragiorgis	iptables -A FORWARD -o $INTERFACE -j $chain
129	38305e4c	Dimitris Aragiorgis	ip6tables -A FORWARD -o $INTERFACE -j $chain
130	38305e4c	Dimitris Aragiorgis	fi
131	38305e4c	Dimitris Aragiorgis	}
132	38305e4c	Dimitris Aragiorgis
133	38305e4c	Dimitris Aragiorgis	function init_ebtables {
134	38305e4c	Dimitris Aragiorgis
135	74ab2e3c	Dimitris Aragiorgis	runlocked $RUNLOCKED_OPTS ebtables -N $FROM -P RETURN
136	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -A FORWARD -i $INTERFACE -j $FROM
137	a67910c4	Dimitris Aragiorgis	# This is needed for multicast packets
138	a67910c4	Dimitris Aragiorgis	runlocked $RUNLOCKED_OPTS ebtables -A INPUT -i $INTERFACE -j $FROM
139	a67910c4	Dimitris Aragiorgis
140	74ab2e3c	Dimitris Aragiorgis	runlocked $RUNLOCKED_OPTS ebtables -N $TO -P RETURN
141	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -A FORWARD -o $INTERFACE -j $TO
142	a67910c4	Dimitris Aragiorgis	# This is needed for multicast packets
143	a67910c4	Dimitris Aragiorgis	runlocked $RUNLOCKED_OPTS ebtables -A OUTPUT -o $INTERFACE -j $TO
144	38305e4c	Dimitris Aragiorgis
145	38305e4c	Dimitris Aragiorgis	}
146	38305e4c	Dimitris Aragiorgis
147	38305e4c	Dimitris Aragiorgis
148	38305e4c	Dimitris Aragiorgis	function setup_ebtables {
149	38305e4c	Dimitris Aragiorgis
150	38305e4c	Dimitris Aragiorgis	# do not allow changes in ip-mac pair
151	c9d2a566	Dimitris Aragiorgis	if [ -n "$IP" ]; then
152	c9d2a566	Dimitris Aragiorgis	:; # runlocked $RUNLOCKED_OPTS ebtables -A $FROM --ip-source \! $IP -p ipv4 -j DROP
153	38305e4c	Dimitris Aragiorgis	fi
154	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -A $FROM -s \! $MAC -j DROP
155	c3d3d121	Dimitris Aragiorgis	# accept dhcp responses from host (nfdhcpd)
156	c3d3d121	Dimitris Aragiorgis	# this is actually not needed because nfdhcpd opens a socket and binds is with
157	c3d3d121	Dimitris Aragiorgis	# tap interface so dhcp response does not go through bridge
158	c3d3d121	Dimitris Aragiorgis	# runlocked $RUNLOCKED_OPTS ebtables -A $TO -s $INDEV_MAC -p ipv4 --ip-protocol=udp --ip-destination-port=68 -j ACCEPT
159	38305e4c	Dimitris Aragiorgis	# allow only packets from the same mac prefix
160	1409faba	Stratos Psomadakis	runlocked $RUNLOCKED_OPTS ebtables -A $TO -s \! $MAC/$MAC_MASK -j DROP
161	38305e4c	Dimitris Aragiorgis	}
162	38305e4c	Dimitris Aragiorgis
163	38305e4c	Dimitris Aragiorgis	function setup_masq {
164	38305e4c	Dimitris Aragiorgis
165	38305e4c	Dimitris Aragiorgis	# allow packets from/to router (for masquerading)
166	1409faba	Stratos Psomadakis	# runlocked $RUNLOCKED_OPTS ebtables -A $TO -s $NODE_MAC -j ACCEPT
167	1409faba	Stratos Psomadakis	# runlocked $RUNLOCKED_OPTS ebtables -A INPUT -i $INTERFACE -j $FROM
168	1409faba	Stratos Psomadakis	# runlocked $RUNLOCKED_OPTS ebtables -A OUTPUT -o $INTERFACE -j $TO
169	38305e4c	Dimitris Aragiorgis	return
170	38305e4c	Dimitris Aragiorgis
171	38305e4c	Dimitris Aragiorgis	}
172	38305e4c	Dimitris Aragiorgis
173	38305e4c	Dimitris Aragiorgis	function setup_nfdhcpd {
174	38305e4c	Dimitris Aragiorgis	umask 022
175	38305e4c	Dimitris Aragiorgis	FILE=$NFDHCPD_STATE_DIR/$INTERFACE
176	38305e4c	Dimitris Aragiorgis	#IFACE is the interface from which the packet seems to arrive
177	38305e4c	Dimitris Aragiorgis	#needed in bridged mode where the packets seems to arrive from the
178	38305e4c	Dimitris Aragiorgis	#bridge and not from the tap
179	38305e4c	Dimitris Aragiorgis	cat >$FILE <<EOF
180	38305e4c	Dimitris Aragiorgis	INDEV=$INDEV
181	38305e4c	Dimitris Aragiorgis	IP=$IP
182	38305e4c	Dimitris Aragiorgis	MAC=$MAC
183	38305e4c	Dimitris Aragiorgis	HOSTNAME=$INSTANCE
184	38305e4c	Dimitris Aragiorgis	TAGS="$TAGS"
185	38305e4c	Dimitris Aragiorgis	GATEWAY=$NETWORK_GATEWAY
186	38305e4c	Dimitris Aragiorgis	SUBNET=$NETWORK_SUBNET
187	38305e4c	Dimitris Aragiorgis	GATEWAY6=$NETWORK_GATEWAY6
188	38305e4c	Dimitris Aragiorgis	SUBNET6=$NETWORK_SUBNET6
189	38305e4c	Dimitris Aragiorgis	EUI64=$($MAC2EUI64 $MAC $NETWORK_SUBNET6 2>/dev/null)
190	38305e4c	Dimitris Aragiorgis	EOF
191	38305e4c	Dimitris Aragiorgis
192	38305e4c	Dimitris Aragiorgis	}
193	38305e4c	Dimitris Aragiorgis
194	1bdc9427	Dimitris Aragiorgis	function get_uplink {
195	1bdc9427	Dimitris Aragiorgis
196	1bdc9427	Dimitris Aragiorgis	local table=$1
197	1bdc9427	Dimitris Aragiorgis	local version=$2
198	1bdc9427	Dimitris Aragiorgis	UPLINK=$(ip "$version" route list table "$table" \| grep "default via" \| awk '{print $5}')
199	1bdc9427	Dimitris Aragiorgis
200	1bdc9427	Dimitris Aragiorgis	}
201	1bdc9427	Dimitris Aragiorgis
202	1bdc9427	Dimitris Aragiorgis	# Because we do not have IPv6 value in our environment
203	1bdc9427	Dimitris Aragiorgis	# we caclulate it based on the NIC's MAC and the IPv6 subnet (if any)
204	1bdc9427	Dimitris Aragiorgis	# first argument MAC second IPv6 subnet
205	1bdc9427	Dimitris Aragiorgis	# Changes global value EUI64
206	1bdc9427	Dimitris Aragiorgis	get_eui64 () {
207	1bdc9427	Dimitris Aragiorgis
208	1bdc9427	Dimitris Aragiorgis	local mac=$1
209	1bdc9427	Dimitris Aragiorgis	local prefix=$2
210	1bdc9427	Dimitris Aragiorgis
211	1bdc9427	Dimitris Aragiorgis	if [ -z "$prefix" ]; then
212	1bdc9427	Dimitris Aragiorgis	EUI64=
213	1bdc9427	Dimitris Aragiorgis	else
214	1bdc9427	Dimitris Aragiorgis	EUI64=$($MAC2EUI64 $mac $prefix)
215	1bdc9427	Dimitris Aragiorgis	fi
216	1bdc9427	Dimitris Aragiorgis
217	1bdc9427	Dimitris Aragiorgis	}
218	14697fe6	Dimitris Aragiorgis
219	14697fe6	Dimitris Aragiorgis
220	14697fe6	Dimitris Aragiorgis	# DDNS related functions
221	14697fe6	Dimitris Aragiorgis
222	14697fe6	Dimitris Aragiorgis	# ommit zone statement
223	14697fe6	Dimitris Aragiorgis	# nsupdate will attempt determine the correct zone to update based on the rest of the input
224	14697fe6	Dimitris Aragiorgis	send_command () {
225	14697fe6	Dimitris Aragiorgis
226	14697fe6	Dimitris Aragiorgis	local command="$1"
227	859d4ba0	Dimitris Aragiorgis	$SNF_NETWORK_LOG dnshook "$command"
228	14697fe6	Dimitris Aragiorgis	nsupdate -k $KEYFILE > /dev/null << EOF
229	14697fe6	Dimitris Aragiorgis	server $SERVER
230	14697fe6	Dimitris Aragiorgis	$command
231	14697fe6	Dimitris Aragiorgis	send
232	14697fe6	Dimitris Aragiorgis	EOF
233	14697fe6	Dimitris Aragiorgis
234	14697fe6	Dimitris Aragiorgis	}
235	14697fe6	Dimitris Aragiorgis
236	14697fe6	Dimitris Aragiorgis
237	14697fe6	Dimitris Aragiorgis	update_arecord () {
238	14697fe6	Dimitris Aragiorgis
239	14697fe6	Dimitris Aragiorgis	local action=$1
240	14697fe6	Dimitris Aragiorgis	local command=
241	14697fe6	Dimitris Aragiorgis	if [ -n "$IP" ]; then
242	14697fe6	Dimitris Aragiorgis	command="update $action $GANETI_INSTANCE_NAME.$FZONE $TTL A $IP"
243	14697fe6	Dimitris Aragiorgis	send_command "$command"
244	14697fe6	Dimitris Aragiorgis	fi
245	14697fe6	Dimitris Aragiorgis
246	14697fe6	Dimitris Aragiorgis	}
247	14697fe6	Dimitris Aragiorgis
248	14697fe6	Dimitris Aragiorgis
249	14697fe6	Dimitris Aragiorgis	update_aaaarecord () {
250	14697fe6	Dimitris Aragiorgis
251	14697fe6	Dimitris Aragiorgis	local action=$1
252	14697fe6	Dimitris Aragiorgis	local command=
253	14697fe6	Dimitris Aragiorgis	if [ -n "$EUI64" ]; then
254	14697fe6	Dimitris Aragiorgis	command="update $action $GANETI_INSTANCE_NAME.$FZONE $TTL AAAA $EUI64"
255	14697fe6	Dimitris Aragiorgis	send_command "$command"
256	14697fe6	Dimitris Aragiorgis	fi
257	14697fe6	Dimitris Aragiorgis
258	14697fe6	Dimitris Aragiorgis	}
259	14697fe6	Dimitris Aragiorgis
260	14697fe6	Dimitris Aragiorgis
261	14697fe6	Dimitris Aragiorgis	update_ptrrecord () {
262	14697fe6	Dimitris Aragiorgis
263	14697fe6	Dimitris Aragiorgis	local action=$1
264	14697fe6	Dimitris Aragiorgis	local command=
265	14697fe6	Dimitris Aragiorgis	if [ -n "$IP" ]; then
266	14697fe6	Dimitris Aragiorgis	command="update $action $RLPART.$RZONE. $TTL PTR $GANETI_INSTANCE_NAME.$FZONE"
267	14697fe6	Dimitris Aragiorgis	send_command "$command"
268	14697fe6	Dimitris Aragiorgis	fi
269	14697fe6	Dimitris Aragiorgis
270	14697fe6	Dimitris Aragiorgis	}
271	14697fe6	Dimitris Aragiorgis
272	14697fe6	Dimitris Aragiorgis	update_ptr6record () {
273	14697fe6	Dimitris Aragiorgis
274	14697fe6	Dimitris Aragiorgis	local action=$1
275	14697fe6	Dimitris Aragiorgis	local command=
276	14697fe6	Dimitris Aragiorgis	if [ -n "$EUI64" ]; then
277	14697fe6	Dimitris Aragiorgis	command="update $action $R6LPART$R6ZONE. $TTL PTR $GANETI_INSTANCE_NAME.$FZONE"
278	14697fe6	Dimitris Aragiorgis	send_command "$command"
279	14697fe6	Dimitris Aragiorgis	fi
280	14697fe6	Dimitris Aragiorgis
281	14697fe6	Dimitris Aragiorgis	}
282	14697fe6	Dimitris Aragiorgis
283	14697fe6	Dimitris Aragiorgis	update_all () {
284	14697fe6	Dimitris Aragiorgis
285	14697fe6	Dimitris Aragiorgis	local action=$1
286	14697fe6	Dimitris Aragiorgis	update_arecord $action
287	14697fe6	Dimitris Aragiorgis	update_aaaarecord $action
288	14697fe6	Dimitris Aragiorgis	update_ptrrecord $action
289	14697fe6	Dimitris Aragiorgis	update_ptr6record $action
290	14697fe6	Dimitris Aragiorgis
291	14697fe6	Dimitris Aragiorgis	}
292	14697fe6	Dimitris Aragiorgis
293	14697fe6	Dimitris Aragiorgis
294	14697fe6	Dimitris Aragiorgis	# first argument is an eui64 (IPv6)
295	14697fe6	Dimitris Aragiorgis	# sets GLOBAL args R6REC, R6ZONE, R6LPART
296	14697fe6	Dimitris Aragiorgis	# lets assume eui64=2001:648:2ffc:1::1
297	14697fe6	Dimitris Aragiorgis	# the following commands produce:
298	14697fe6	Dimitris Aragiorgis	# R6REC=1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.c.f.f.2.8.4.6.0.1.0.0.2.ip6.arpa
299	14697fe6	Dimitris Aragiorgis	# R6ZONE=1.0.0.0.c.f.f.2.8.4.6.0.1.0.0.2.ip6.arpa
300	14697fe6	Dimitris Aragiorgis	# R6LPART=1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.
301	14697fe6	Dimitris Aragiorgis	get_rev6_info () {
302	14697fe6	Dimitris Aragiorgis
303	14697fe6	Dimitris Aragiorgis	local eui64=$1
304	14697fe6	Dimitris Aragiorgis	if [ -z "$eui64" ]; then
305	14697fe6	Dimitris Aragiorgis	R6REC= ; R6ZONE= ; R6LPART= ;
306	14697fe6	Dimitris Aragiorgis	else
307	14697fe6	Dimitris Aragiorgis	R6REC=$(host $eui64 \| egrep -o '([[:alnum:]]\.){32}ip6.arpa' )
308	14697fe6	Dimitris Aragiorgis	R6ZONE=$(echo $R6REC \| awk -F. 'BEGIN{rpart="";} { for (i=32;i>16;i=i-1) rpart=$i "." rpart; } END{print rpart "ip6.arpa";}')
309	14697fe6	Dimitris Aragiorgis	R6LPART=$(echo $R6REC \| awk -F. 'BEGIN{lpart="";} { for (i=16;i>0;i=i-1) lpart=$i "." lpart; } END{print lpart;}')
310	14697fe6	Dimitris Aragiorgis	fi
311	14697fe6	Dimitris Aragiorgis
312	14697fe6	Dimitris Aragiorgis	}
313	14697fe6	Dimitris Aragiorgis
314	14697fe6	Dimitris Aragiorgis
315	14697fe6	Dimitris Aragiorgis	# first argument is an ipv4
316	14697fe6	Dimitris Aragiorgis	# sets args RZONE, RLPART
317	14697fe6	Dimitris Aragiorgis	# lets assume IP=203.0.113.1
318	14697fe6	Dimitris Aragiorgis	# RZONE="113.0.203.in-add.arpa"
319	14697fe6	Dimitris Aragiorgis	# RLPART="1"
320	14697fe6	Dimitris Aragiorgis	get_rev4_info () {
321	14697fe6	Dimitris Aragiorgis
322	14697fe6	Dimitris Aragiorgis	local ip=$1
323	14697fe6	Dimitris Aragiorgis	if [ -z "$ip" ]; then
324	14697fe6	Dimitris Aragiorgis	RZONE= ; RLPART= ;
325	14697fe6	Dimitris Aragiorgis	else
326	14697fe6	Dimitris Aragiorgis	OLDIFS=$IFS
327	14697fe6	Dimitris Aragiorgis	IFS=". "
328	14697fe6	Dimitris Aragiorgis	set -- $ip
329	14697fe6	Dimitris Aragiorgis	a=$1 ; b=$2; c=$3; d=$4;
330	14697fe6	Dimitris Aragiorgis	IFS=$OLDIFS
331	14697fe6	Dimitris Aragiorgis	RZONE="$c.$b.$a.in-addr.arpa"
332	14697fe6	Dimitris Aragiorgis	RLPART="$d"
333	14697fe6	Dimitris Aragiorgis	fi
334	14697fe6	Dimitris Aragiorgis
335	14697fe6	Dimitris Aragiorgis	}
336	14697fe6	Dimitris Aragiorgis
337	14697fe6	Dimitris Aragiorgis
338	14697fe6	Dimitris Aragiorgis	# Query nameserver for entries related to the specific instance
339	14697fe6	Dimitris Aragiorgis	# An example output is the following:
340	14697fe6	Dimitris Aragiorgis	# www.google.com has address 173.194.113.114
341	14697fe6	Dimitris Aragiorgis	# www.google.com has address 173.194.113.115
342	14697fe6	Dimitris Aragiorgis	# www.google.com has address 173.194.113.116
343	14697fe6	Dimitris Aragiorgis	# www.google.com has address 173.194.113.112
344	14697fe6	Dimitris Aragiorgis	# www.google.com has address 173.194.113.113
345	14697fe6	Dimitris Aragiorgis	# www.google.com has IPv6 address 2a00:1450:4001:80b::1012
346	14697fe6	Dimitris Aragiorgis	query_dns () {
347	14697fe6	Dimitris Aragiorgis
348	14697fe6	Dimitris Aragiorgis	HOSTQ="host -s -R 3 -W 3"
349	14697fe6	Dimitris Aragiorgis	HOST_IP_ALL=$($HOSTQ $GANETI_INSTANCE_NAME.$FZONE $SERVER \| sed -n 's/.*has address //p')
350	14697fe6	Dimitris Aragiorgis	HOST_IP6_ALL=$($HOSTQ $GANETI_INSTANCE_NAME.$FZONE $SERVER \| sed -n 's/.*has IPv6 address //p')
351	14697fe6	Dimitris Aragiorgis
352	14697fe6	Dimitris Aragiorgis	}

Synnefo » snf-network

root / common.sh @ 859d4ba0