Statistics
| Branch: | Tag: | Revision:

root / hooks / group-modify-post.d / snf-network @ ed7f0f2a

History | View | Annotate | Download (2.7 kB)

1 7d163a24 Dimitris Aragiorgis
#!/bin/bash
2 7d163a24 Dimitris Aragiorgis
3 7d163a24 Dimitris Aragiorgis
source /etc/default/snf-network
4 7d163a24 Dimitris Aragiorgis
5 7d163a24 Dimitris Aragiorgis
GROUP=$GANETI_GROUP_NAME
6 7d163a24 Dimitris Aragiorgis
7 7d163a24 Dimitris Aragiorgis
ACTION=$GANETI_GROUP_NETWORK_ACTION
8 7d163a24 Dimitris Aragiorgis
NETWORK=$GANETI_GROUP_NETWORK_NAME
9 7d163a24 Dimitris Aragiorgis
MODE=$GANETI_GROUP_NETWORK_MODE
10 7d163a24 Dimitris Aragiorgis
LINK=$GANETI_GROUP_NETWORK_LINK
11 7d163a24 Dimitris Aragiorgis
12 7d163a24 Dimitris Aragiorgis
13 7d163a24 Dimitris Aragiorgis
14 7d163a24 Dimitris Aragiorgis
if [ -z $ACTION ]; then
15 7d163a24 Dimitris Aragiorgis
  exit 0
16 7d163a24 Dimitris Aragiorgis
fi
17 7d163a24 Dimitris Aragiorgis
18 7d163a24 Dimitris Aragiorgis
NETFILE=$SHAREDDIR/networks/$NETWORK
19 7d163a24 Dimitris Aragiorgis
20 7d163a24 Dimitris Aragiorgis
MAPFILE=$SHAREDDIR/mappings/$NETWORK-$GROUP
21 7d163a24 Dimitris Aragiorgis
22 7d163a24 Dimitris Aragiorgis
function set_rt_table {
23 7d163a24 Dimitris Aragiorgis
  ID=$(sed  -n '/^$/ { =; q}' /etc/iproute2/rt_tables)
24 7d163a24 Dimitris Aragiorgis
  if [ -z $ID ]; then
25 7d163a24 Dimitris Aragiorgis
    ID=$(wc -l /etc/iproute2/rt_tables)
26 7d163a24 Dimitris Aragiorgis
    echo $((ID+1)) rt_$NETWORK > /etc/iproute2/rt_tables
27 7d163a24 Dimitris Aragiorgis
  else
28 7d163a24 Dimitris Aragiorgis
    sed -i '1,/^$/ s/^$/'"$ID"' rt_'"$NETWORK"'/' /etc/iproute2/rt_tables
29 7d163a24 Dimitris Aragiorgis
  fi
30 7d163a24 Dimitris Aragiorgis
}
31 7d163a24 Dimitris Aragiorgis
32 7d163a24 Dimitris Aragiorgis
33 7d163a24 Dimitris Aragiorgis
34 7d163a24 Dimitris Aragiorgis
if [ $ACTION == "add" ]; then
35 7d163a24 Dimitris Aragiorgis
  if [ $MODE == "routed" ]; then 
36 7d163a24 Dimitris Aragiorgis
    VLAN=$LINK
37 7d163a24 Dimitris Aragiorgis
    if [ $TYPE == "public" ]; then
38 7d163a24 Dimitris Aragiorgis
      ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
39 7d163a24 Dimitris Aragiorgis
      
40 7d163a24 Dimitris Aragiorgis
      ip link set $VLAN up
41 7d163a24 Dimitris Aragiorgis
42 7d163a24 Dimitris Aragiorgis
      echo 1 > "/proc/sys/net/ipv4/conf/$VLAN/proxy_arp"
43 7d163a24 Dimitris Aragiorgis
44 7d163a24 Dimitris Aragiorgis
      set_rt_table
45 7d163a24 Dimitris Aragiorgis
46 7d163a24 Dimitris Aragiorgis
      ip rule add iif $VLAN table rt_$NETWORK
47 7d163a24 Dimitris Aragiorgis
48 7d163a24 Dimitris Aragiorgis
      ip route add $SUBNET dev $VLAN table main 
49 7d163a24 Dimitris Aragiorgis
50 7d163a24 Dimitris Aragiorgis
      ip route add $SUBNET dev $VLAN table rt_$NETWORK
51 7d163a24 Dimitris Aragiorgis
      ip route add default via $GATEWAY dev $VLAN table rt_$NETWORK
52 7d163a24 Dimitris Aragiorgis
      
53 7d163a24 Dimitris Aragiorgis
      echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
54 7d163a24 Dimitris Aragiorgis
55 7d163a24 Dimitris Aragiorgis
      arptables -A OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s  $ARP_IP 
56 7d163a24 Dimitris Aragiorgis
    fi
57 7d163a24 Dimitris Aragiorgis
  fi
58 7d163a24 Dimitris Aragiorgis
59 7d163a24 Dimitris Aragiorgis
60 7d163a24 Dimitris Aragiorgis
61 7d163a24 Dimitris Aragiorgis
  if [ $MODE == "bridged" ]; then
62 7d163a24 Dimitris Aragiorgis
    BRIDGE=$LINK
63 7d163a24 Dimitris Aragiorgis
    if [ ! -z $GATEWAY ]; then
64 7d163a24 Dimitris Aragiorgis
      if [ $TYPE == "private" ]; then 
65 7d163a24 Dimitris Aragiorgis
        if [ $(hostname) == $ROUTER ]; then
66 7d163a24 Dimitris Aragiorgis
          NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
67 7d163a24 Dimitris Aragiorgis
          ip addr add $GATEWAY/$NETMASK dev $BRIDGE
68 7d163a24 Dimitris Aragiorgis
          iptables -t nat -A POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
69 7d163a24 Dimitris Aragiorgis
        fi  
70 7d163a24 Dimitris Aragiorgis
      fi
71 7d163a24 Dimitris Aragiorgis
    fi
72 7d163a24 Dimitris Aragiorgis
  fi
73 7d163a24 Dimitris Aragiorgis
  
74 7d163a24 Dimitris Aragiorgis
  cat > $MAPFILE <<EOF
75 7d163a24 Dimitris Aragiorgis
MODE=$MODE
76 7d163a24 Dimitris Aragiorgis
LINK=$LINK
77 7d163a24 Dimitris Aragiorgis
EOF
78 7d163a24 Dimitris Aragiorgis
79 7d163a24 Dimitris Aragiorgis
else
80 7d163a24 Dimitris Aragiorgis
81 7d163a24 Dimitris Aragiorgis
  source $MAPFILE
82 7d163a24 Dimitris Aragiorgis
83 7d163a24 Dimitris Aragiorgis
  if [ "$MODE" == "routed" ]; then 
84 7d163a24 Dimitris Aragiorgis
    VLAN=$LINK
85 7d163a24 Dimitris Aragiorgis
    TABLE=rt_$NETWORK
86 7d163a24 Dimitris Aragiorgis
    if [ $TYPE == "public" ]; then
87 7d163a24 Dimitris Aragiorgis
      ARP_IP=$(ipcalc $SUBNET | grep HostMax | awk '{print $2}')
88 7d163a24 Dimitris Aragiorgis
    
89 7d163a24 Dimitris Aragiorgis
      arptables -D OUTPUT -o $VLAN --opcode request -j mangle --mangle-ip-s  $ARP_IP 
90 7d163a24 Dimitris Aragiorgis
91 7d163a24 Dimitris Aragiorgis
      ip route del default via $GATEWAY dev $VLAN table $TABLE
92 7d163a24 Dimitris Aragiorgis
      ip route del $SUBNET dev $VLAN table $TABLE
93 7d163a24 Dimitris Aragiorgis
94 7d163a24 Dimitris Aragiorgis
      ip route del $SUBNET dev $VLAN table main 
95 7d163a24 Dimitris Aragiorgis
96 7d163a24 Dimitris Aragiorgis
      ip rule del iif $VLAN table $TABLE
97 7d163a24 Dimitris Aragiorgis
      sed -i 's/.*'"$TABLE"'$//' /etc/iproute2/rt_tables
98 7d163a24 Dimitris Aragiorgis
    fi
99 7d163a24 Dimitris Aragiorgis
  fi
100 7d163a24 Dimitris Aragiorgis
101 7d163a24 Dimitris Aragiorgis
102 7d163a24 Dimitris Aragiorgis
103 7d163a24 Dimitris Aragiorgis
  if [ "$MODE" == "bridged" ]; then
104 7d163a24 Dimitris Aragiorgis
    BRIDGE=$LINK
105 7d163a24 Dimitris Aragiorgis
    if [ ! -z $GATEWAY ]; then
106 7d163a24 Dimitris Aragiorgis
      if [ $TYPE == "private" ]; then 
107 7d163a24 Dimitris Aragiorgis
        if [ $(hostname) == $ROUTER ]; then
108 7d163a24 Dimitris Aragiorgis
          NETMASK=$(ipcalc $SUBNET | grep Netmask | awk '{print $4}')
109 7d163a24 Dimitris Aragiorgis
          ip addr del $GATEWAY/$NETMASK dev $BRIDGE
110 7d163a24 Dimitris Aragiorgis
          iptables -t nat -D POSTROUTING -s $SUBNET \! -d 192.168.0.0/16 -j MASQUERADE
111 7d163a24 Dimitris Aragiorgis
        fi  
112 7d163a24 Dimitris Aragiorgis
      fi
113 7d163a24 Dimitris Aragiorgis
    fi
114 7d163a24 Dimitris Aragiorgis
  fi
115 7d163a24 Dimitris Aragiorgis
  
116 7d163a24 Dimitris Aragiorgis
  rm $MAPFILE
117 7d163a24 Dimitris Aragiorgis
118 7d163a24 Dimitris Aragiorgis
fi