root / hooks / group-modify-post.d / snf-network @ d2b16e51
History | View | Annotate | Download (2.8 kB)
1 |
#!/bin/bash |
---|---|
2 |
|
3 |
source /etc/default/snf-network |
4 |
|
5 |
source $CONF |
6 |
|
7 |
GROUP=$GANETI_GROUP_NAME |
8 |
ACTION=$GANETI_GROUP_NETWORK_ACTION |
9 |
NETWORK=$GANETI_GROUP_NETWORK_NAME |
10 |
MODE=$GANETI_GROUP_NETWORK_MODE |
11 |
LINK=$GANETI_GROUP_NETWORK_LINK |
12 |
|
13 |
HOSTNAME=$(hostname) |
14 |
|
15 |
NETFILE=$SHAREDDIR/networks/$NETWORK |
16 |
GROUPMAPFILE=$SHAREDDIR/mappings/$NETWORK-$GROUP |
17 |
NODEMAPFILE=$SHAREDDIR/mappings/$NETWORK-$HOSTNAME |
18 |
NODEINFRAFILE=$SHAREDDIR/infra/$HOSTNAME |
19 |
|
20 |
RT_TABLES=/etc/iproute2/rt_tables |
21 |
|
22 |
source $NODEINFRAFILE |
23 |
source $NETFILE |
24 |
|
25 |
if [ -z "$ACTION" ]; then |
26 |
exit 0 |
27 |
fi |
28 |
|
29 |
|
30 |
if [ "$ACTION" == "add" ]; then |
31 |
if [ "$MODE" == "routed" ]; then |
32 |
VLAN=$LINK |
33 |
TABLE=rt_$NETWORK |
34 |
if [ "$TYPE" == "public" ]; then |
35 |
ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}') |
36 |
|
37 |
ip link set $VLAN up |
38 |
|
39 |
echo 1 > "/proc/sys/net/ipv4/conf/$VLAN/proxy_arp" |
40 |
|
41 |
ID=$(wc -l < $RT_TABLES) |
42 |
echo $((ID+1)) $TABLE >> $RT_TABLES |
43 |
|
44 |
ip rule add iif $VLAN table $TABLE |
45 |
|
46 |
ip route add $SUBNET dev $VLAN table main |
47 |
|
48 |
ip route add $SUBNET dev $VLAN table $TABLE |
49 |
ip route add default via $GATEWAY dev $VLAN table $TABLE |
50 |
|
51 |
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding |
52 |
|
53 |
arptables -A OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP |
54 |
fi |
55 |
fi |
56 |
|
57 |
|
58 |
|
59 |
if [ "$MODE" == "bridged" ]; then |
60 |
BRIDGE=$LINK |
61 |
if [ ! -z "$GATEWAY" ]; then |
62 |
if [ "$TYPE" == "private" ]; then |
63 |
if [ "$HOSTNAME" == "$ROUTER" ]; then |
64 |
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}') |
65 |
ip addr add $GATEWAY/$NETMASK dev $BRIDGE |
66 |
iptables -t nat -A POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE |
67 |
fi |
68 |
fi |
69 |
fi |
70 |
fi |
71 |
|
72 |
ln -sf $GROUPMAPFILE $NODEMAPFILE |
73 |
|
74 |
elif [ "$ACTION" == "remove" ]; then |
75 |
if [ ! -e "$NODEMAPFILE" ]; then |
76 |
exit 0; |
77 |
fi |
78 |
|
79 |
source $NODEMAPFILE |
80 |
|
81 |
if [ "$MODE" == "routed" ]; then |
82 |
VLAN=$LINK |
83 |
TABLE=rt_$NETWORK |
84 |
if [ "$TYPE" == "public" ]; then |
85 |
ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}') |
86 |
|
87 |
arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s $ARP_IP |
88 |
|
89 |
ip route del default via $GATEWAY dev $VLAN table $TABLE |
90 |
ip route del $SUBNET dev $VLAN table $TABLE |
91 |
|
92 |
ip route del $SUBNET dev $VLAN table main |
93 |
|
94 |
ip rule del iif $VLAN table $TABLE |
95 |
|
96 |
sed -i 's/.*'"$TABLE"'$//' $RT_TABLES |
97 |
fi |
98 |
fi |
99 |
|
100 |
|
101 |
|
102 |
if [ "$MODE" == "bridged" ]; then |
103 |
BRIDGE=$LINK |
104 |
if [ ! -z "$GATEWAY" ]; then |
105 |
if [ "$TYPE" == "private" ]; then |
106 |
if [ "$HOSTNAME" == "$ROUTER" ]; then |
107 |
NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}') |
108 |
ip addr del $GATEWAY/$NETMASK dev $BRIDGE |
109 |
iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE |
110 |
fi |
111 |
fi |
112 |
fi |
113 |
fi |
114 |
|
115 |
rm $NODEMAPFILE |
116 |
|
117 |
fi |