[RFC 4/4] add package fff-tunneldigger-testing
Robert Langhammer
rlanghammer at web.de
Di Apr 5 14:31:05 CEST 2016
Signed-off-by: Robert Langhammer <rlanghammer at web.de>
---
src/packages/fff/fff-tunneldigger-testing/Makefile | 42 ++++++
.../files/etc/hotplug.d/iface/60-tunnelstart | 6 +
.../files/usr/lib/micron.d/fff-tunnelstart | 1 +
.../files/usr/sbin/tunnelstart | 156 +++++++++++++++++++++
src/packages/fff/fff/Makefile | 3 +-
5 files changed, 207 insertions(+), 1 deletion(-)
create mode 100644 src/packages/fff/fff-tunneldigger-testing/Makefile
create mode 100644 src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart
create mode 100644 src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart
create mode 100755 src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart
diff --git a/src/packages/fff/fff-tunneldigger-testing/Makefile b/src/packages/fff/fff-tunneldigger-testing/Makefile
new file mode 100644
index 0000000..55212d3
--- /dev/null
+++ b/src/packages/fff/fff-tunneldigger-testing/Makefile
@@ -0,0 +1,42 @@
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=fff-tunneldigger-testing
+PKG_VERSION:=1
+PKG_RELEASE:=1
+
+PKG_BUILD_DIR:=$(BUILD_DIR)/fff-tunneldigger-testing
+
+include $(INCLUDE_DIR)/package.mk
+
+define Package/fff-tunneldigger-testing
+ SECTION:=base
+ CATEGORY:=Freifunk
+ TITLE:= Freifunk-Franken tunneldigger
+ URL:=http://www.freifunk-franken.de
+ DEPENDS:=+tunneldigger +fff-tunneldigger
+endef
+
+define Package/fff-tunneldigger-testing/description
+ This is a temporarily package and will be removed
+ after testing stage.
+endef
+
+define Build/Prepare
+ echo "all: " > $(PKG_BUILD_DIR)/Makefile
+endef
+
+define Build/Configure
+ # nothing
+endef
+
+define Build/Compile
+ # nothing
+endef
+
+define Package/fff-tunneldigger-testing/install
+ # nothing
+endef
+
+$(eval $(call BuildPackage,fff-tunneldigger-testing))
+
+
diff --git a/src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart b/src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart
new file mode 100644
index 0000000..460ca32
--- /dev/null
+++ b/src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart
@@ -0,0 +1,6 @@
+#!/bin/sh
+[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
+ sleep 3
+ sh /usr/sbin/tunnelstart
+}
+
diff --git a/src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart b/src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart
new file mode 100644
index 0000000..44c7acc
--- /dev/null
+++ b/src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart
@@ -0,0 +1 @@
+*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/tunnelstart
diff --git a/src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart b/src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart
new file mode 100755
index 0000000..4c15cb5
--- /dev/null
+++ b/src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart
@@ -0,0 +1,156 @@
+#!/bin/sh
+
+SERVER="no"
+#SERVERNAME="--servername--"
+
+project="fff"
+
+test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
+test_ipv4_host2="8.8.8.8" # Google DNS
+test_ipv6_host1="heise.de" # heise Zeitschriftenverlag
+
+if [ "$SERVER" = "no" ]; then
+ test -f /tmp/started || exit
+fi
+
+# Only do something with fastd when the router has internet connection
+if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
+ ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
+ ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
+ mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
+ if [ "$SERVER" = "no" ]; then
+ hostname=$(cat /proc/sys/kernel/hostname)
+
+ if [ "$hostname" = "OpenWrt" ]; then
+ hostname=""
+ fi
+
+ if [ "$hostname" = "" ]; then
+ hostname=$mac
+ fi
+ else
+ hostname=$SERVERNAME
+ fi
+
+
+ if [ ! -d /etc/fastd ]; then
+ mkdir /etc/fastd
+ fi
+
+ if [ ! -d /etc/fastd/$project ]; then
+ mkdir /etc/fastd/$project
+ mkdir /tmp/fastd_${project}_peers
+ ln -s /tmp/fastd_${project}_peers /etc/fastd/$project/peers
+ echo "#!/bin/sh" > /etc/fastd/$project/up.sh
+ echo "ip link set up dev ${project}VPN" >> /etc/fastd/$project/up.sh
+ echo "echo enable > /sys/devices/virtual/net/${project}VPN/batman_adv/no_rebroadcast" >> /etc/fastd/$project/up.sh
+ echo "batctl if add ${project}VPN" >> /etc/fastd/$project/up.sh
+ chmod +x /etc/fastd/$project/up.sh
+ secret=$(fastd --generate-key 2>&1 | grep -i secret | awk '{ print $2 }')
+ echo "include peers from \"/etc/fastd/$project/peers\";" >> /etc/fastd/${project}/${project}.conf
+ echo "log to syslog level warn;" >> /etc/fastd/${project}/${project}.conf
+ echo "method \"null\";" >> /etc/fastd/${project}/${project}.conf
+# http://lists.nord-west.net/pipermail/freifunk-ol-dev/2013-July/000322.html
+# echo "bind 0.0.0.0:10000;" >> /etc/fastd/${project}/${project}.conf
+ echo "interface \"${project}VPN\";" >> /etc/fastd/${project}/${project}.conf
+ echo "mtu 1426;" >> /etc/fastd/${project}/${project}.conf
+ echo "secret \"$secret\";" >> /etc/fastd/${project}/${project}.conf
+ echo "on up \"/etc/fastd/${project}/up.sh\";" >> /etc/fastd/${project}/${project}.conf
+ echo "secure handshakes no;" >> /etc/fastd/${project}/${project}.conf
+ fi
+
+ if [ ! -d /tmp/fastd_${project}_peers ]; then
+ mkdir /tmp/fastd_${project}_peers
+ fi
+
+ pubkey=$(fastd -c /etc/fastd/$project/$project.conf --show-key --machine-readable)
+ lat=$(uci get system. at system[0].latitude)
+ long=$(uci get system. at system[0].longitude)
+
+# register
+ wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
+
+ filenames=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
+ for file in $filenames; do
+ awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
+ echo 'float yes;' >> /etc/fastd/$project/peers/$file
+ done
+
+ # Wir holen uns die Conf fuer l2tp us den peers des fastd
+ # Dort finden wir die IPs unserer GWs
+ # Die Ports rechnen wir aus den Fastd-ports aus +10000
+
+ CONF="/etc/config/tunneldigger"
+ CONFTMP="/tmp/tunneldigger.conf.tmp"
+ >$CONFTMP
+ count=1
+ PEERS=$(ls /etc/fastd/fff/peers)
+
+ for peer in $PEERS
+ do
+ NAME=$(cat /etc/fastd/fff/peers/$peer | grep name | cut -f2 -d "\"")
+ IP=$(cat /etc/fastd/fff/peers/$peer | grep ipv4 | cut -f2 -d "\"")
+ PORT=$(cat /etc/fastd/fff/peers/$peer | grep ipv4 | cut -f5 -d " " | tr -dc 0-9)
+ PORT=$((PORT + 10000))
+ MAC=$(uci get network.mesh.macaddr)
+ UUID=_$(cat /proc/sys/kernel/hostname)@$MAC
+ echo "config broker
+ list address '$IP:$PORT'
+ option uuid '$UUID'
+ option interface 'l2tp$count'
+ option enabled '1'
+ option hook_script '/etc/tunneldigger.hook'
+ " >> $CONFTMP
+ count=$((count + 1))
+ done
+
+ # Hat sich was geaendert?
+ if [diff $CONFTMP $CONF &>/dev/null ]; then
+ #die Broker haben sich geaendert
+ /etc/init.d/tunneldigger stop
+ # pid-files aufräumen
+ rm /var/run/tunneldigger* 2>/dev/null
+ cp $CONFTMP $CONF
+ fi
+
+
+# Jetzt haben wir alle noetigeb Infos eingesammelt
+ # Wir starten den tunneldigger, wenn er schon läuft machts nichts
+ /etc/init.d/tunneldigger start
+ # Startlink anlegen
+ [ -f /etc/rc.d/S90tunneldigger ] || ln -s ../init.d/tunneldigger /etc/rc.d/S90tunneldigger
+
+ # tunneldigger bekommt 15s Zeit die Tunnel auf zu bauen
+ sleep 15
+
+ if [ "ls -d /sys/devices/virtual/net/l2tp* &>/dev/null" ]; then
+
+ # l2tunnel sind an, fastd stoppen falls er läuft
+ [ -d /sys/devices/virtual/net/fffVPN ] && kill -SIGTERM $(cat /var/run/fastd.$project.pid)
+ else
+ #die l2tunnel sind nicht an gegangen -> fallback to fastd
+
+# fire up fastd
+ if [ "$(/sbin/ifconfig -a | grep -i ethernet | grep $project)" = "" ]; then
+ /bin/rm /var/run/fastd.$project.pid 2>/dev/null
+ fastd -c /etc/fastd/$project/$project.conf -d --pid-file /var/run/fastd.$project.pid
+ fi
+
+ #reload
+ kill -HUP $(cat /var/run/fastd.$project.pid)
+
+ # tunneldigger ausschalten
+ /etc/init.d/tunneldigger stop
+ # pid-files aufraumen
+ rm /var/run/tunneldigger* 2>/dev/null
+ # Startlink loeschen
+ [ -f /etc/rc.d/S90tunneldigger ] && rm /etc/rc.d/S90tunneldigger
+ fi
+
+else
+ echo "Der Router kann keine Verbindung zum Fastdserver aufbauen"
+ echo "$0 macht nichts!"
+fi
+
+exit 0
+# vim: noexpandtab
diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile
index d914872..4fbcf30 100644
--- a/src/packages/fff/fff/Makefile
+++ b/src/packages/fff/fff/Makefile
@@ -20,7 +20,8 @@ define Package/fff-base
+fff-uradvd \
+fff-batman-adv-legacy \
+fff-firewall\
- +fff-tunneldigger
+ +fff-tunneldigger\
+ +fff-tunneldigger-testing
endef
define Package/fff-base/description
--
2.8.0.rc3
Mehr Informationen über die Mailingliste franken-dev