Synnefo » snf-network

#!/bin/bash

dir=$(dirname "$0")

. "$dir"/vif-common.sh

# taken from older vif-common.sh

dev=$vif

dev_=${dev#vif}

domid=${dev_%.*}

devid=${dev_#*.}

domname=$(xm domname $domid)

source /etc/default/snf-network

source /usr/lib/snf-network/common.sh

source $GANETI_NIC_DIR/$domname/$devid

INTERFACE=$dev

INSTANCE=$domname

GANETI_INSTANCE_NAME=$INSTANCE

FROM=FROM${INTERFACE^^}

TO=TO${INTERFACE^^}

try clear_routed_setup_ipv4

try clear_routed_setup_ipv6

try clear_routed_setup_firewall

try clear_ebtables

try clear_nfdhcpd

if [ "$MODE" = "routed" ]; then

  TABLE=$LINK

  ip link set $INTERFACE up

  success

  INDEV=$INTERFACE

  DROPDHCPREQCMD="iptables -A FORWARD -i $INTERFACE -p udp --dport 67 -j DROP"

elif [ "$MODE" = "bridged" ]; then

  ip link set $INTERFACE up

  BRIDGE=$(xenstore_read_default "$XENBUS_PATH/bridge" "$LINK")

  brctl addif $BRIDGE $INTERFACE

  success

  INDEV=$BRIDGE

  try init_ebtables

  DROPDHCPREQCMD="runlocked $RUNLOCKED_OPTS ebtables -A $FROM -p ipv4 --ip-protocol udp --ip-destination-port 67 -j DROP"

fi

for tag in $NETWORK_TAGS; do

  case $tag in

  $IP_LESS_ROUTED_TAG)

    try routed_setup_ipv4

    try routed_setup_ipv6

    try routed_setup_firewall

  ;;

  $NFDHCPD_TAG)

    # Drop unicast BOOTP/DHCP packets

    $DROPDHCPREQCMD

    try setup_nfdhcpd

  ;;

  $MAC_FILTERED_TAG)

    try setup_ebtables

  ;;

  $MASQ_TAG)

    try setup_masq

  ;;

  $DNS_TAG)

    get_rev4_info "$IP"

    get_eui64 "$MAC" "$SUBNET6"

    get_rev6_info "$EUI64"

    $SNF_NETWORK_LOG $0 "update dns for $GANETI_INSTANCE_NAME $IP $EUI64"

    update_all add

  ;;

  esac

done