[RFC 4/4] add package fff-tunneldigger-testing
Tim Niemeyer
tim at tn-x.org
Di Apr 5 22:19:44 CEST 2016
Hi
Am Dienstag, den 05.04.2016, 14:31 +0200 schrieb Robert Langhammer:
> Signed-off-by: Robert Langhammer <rlanghammer at web.de>
> ---
> src/packages/fff/fff-tunneldigger-testing/Makefile | 42 ++++++
> .../files/etc/hotplug.d/iface/60-tunnelstart | 6 +
> .../files/usr/lib/micron.d/fff-tunnelstart | 1 +
> .../files/usr/sbin/tunnelstart | 156 +++++++++++++++++++++
> src/packages/fff/fff/Makefile | 3 +-
> 5 files changed, 207 insertions(+), 1 deletion(-)
> create mode 100644 src/packages/fff/fff-tunneldigger-testing/Makefile
> create mode 100644 src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart
> create mode 100644 src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart
> create mode 100755 src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart
>
> diff --git a/src/packages/fff/fff-tunneldigger-testing/Makefile b/src/packages/fff/fff-tunneldigger-testing/Makefile
> new file mode 100644
> index 0000000..55212d3
> --- /dev/null
> +++ b/src/packages/fff/fff-tunneldigger-testing/Makefile
> @@ -0,0 +1,42 @@
> +include $(TOPDIR)/rules.mk
> +
> +PKG_NAME:=fff-tunneldigger-testing
> +PKG_VERSION:=1
> +PKG_RELEASE:=1
> +
> +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-tunneldigger-testing
> +
> +include $(INCLUDE_DIR)/package.mk
> +
> +define Package/fff-tunneldigger-testing
> + SECTION:=base
> + CATEGORY:=Freifunk
> + TITLE:= Freifunk-Franken tunneldigger
> + URL:=http://www.freifunk-franken.de
> + DEPENDS:=+tunneldigger +fff-tunneldigger
Hier stimmt was nicht.
fff-tunneldigger-testing hängt von tunneldigger und fff-tunneldigger ab.
Klingt logisch. Aber fff hängt von fff-tunneldigger ab, welches von
tunneldigger abhängt.
Letztlich wird aber fff-tunneldigger-testing nicht gewählt.
> +endef
> +
> +define Package/fff-tunneldigger-testing/description
> + This is a temporarily package and will be removed
> + after testing stage.
Wenn das nur temporär ist, wo soll die Funktionalität dann später mal
hin? Weiter: Warum entfernst du fastd, wenn dieses nur testing ist?
Ich würde vorschlagen, dass der Inhalt dieses Packages mit in das
fff-tunneldigger kommt. Ich vermute mal, da soll es auch langfristig
hin.
Dann bauen wir fff-tunneldigger und fff-fastd so, dass sie beide
parallel im Image sein können und beide nicht die Vorherschaft
übernehmen.
Ein neues Package "fff-vpn" hängt dann von fff-tunneldigger und
fff-fastd ab. Als Config-Option kann man da drin die default VPN Technik
wählen. fff-vpn aktiviert dann beim firstboot entweder tunneldigger oder
fastd und kann idealerweise mit einem kleinen Befehl zwischen den VPNs
umschalten oder vllt sogar beides gleichzeitig aktivieren?
Tim
> +endef
> +
> +define Build/Prepare
> + echo "all: " > $(PKG_BUILD_DIR)/Makefile
> +endef
> +
> +define Build/Configure
> + # nothing
> +endef
> +
> +define Build/Compile
> + # nothing
> +endef
> +
> +define Package/fff-tunneldigger-testing/install
> + # nothing
> +endef
> +
> +$(eval $(call BuildPackage,fff-tunneldigger-testing))
> +
> +
> diff --git a/src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart b/src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart
> new file mode 100644
> index 0000000..460ca32
> --- /dev/null
> +++ b/src/packages/fff/fff-tunneldigger-testing/files/etc/hotplug.d/iface/60-tunnelstart
> @@ -0,0 +1,6 @@
> +#!/bin/sh
> +[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
> + sleep 3
> + sh /usr/sbin/tunnelstart
> +}
> +
> diff --git a/src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart b/src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart
> new file mode 100644
> index 0000000..44c7acc
> --- /dev/null
> +++ b/src/packages/fff/fff-tunneldigger-testing/files/usr/lib/micron.d/fff-tunnelstart
> @@ -0,0 +1 @@
> +*/5 * * * * sleep $(/usr/bin/random 0 29); sh /usr/sbin/tunnelstart
> diff --git a/src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart b/src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart
> new file mode 100755
> index 0000000..4c15cb5
> --- /dev/null
> +++ b/src/packages/fff/fff-tunneldigger-testing/files/usr/sbin/tunnelstart
> @@ -0,0 +1,156 @@
> +#!/bin/sh
> +
> +SERVER="no"
> +#SERVERNAME="--servername--"
> +
> +project="fff"
> +
> +test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
> +test_ipv4_host2="8.8.8.8" # Google DNS
> +test_ipv6_host1="heise.de" # heise Zeitschriftenverlag
> +
> +if [ "$SERVER" = "no" ]; then
> + test -f /tmp/started || exit
> +fi
> +
> +# Only do something with fastd when the router has internet connection
> +if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
> + ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
> + ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
> + mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }' /sys/class/net/br-mesh/address 2>/dev/null)
> + if [ "$SERVER" = "no" ]; then
> + hostname=$(cat /proc/sys/kernel/hostname)
> +
> + if [ "$hostname" = "OpenWrt" ]; then
> + hostname=""
> + fi
> +
> + if [ "$hostname" = "" ]; then
> + hostname=$mac
> + fi
> + else
> + hostname=$SERVERNAME
> + fi
> +
> +
> + if [ ! -d /etc/fastd ]; then
> + mkdir /etc/fastd
> + fi
> +
> + if [ ! -d /etc/fastd/$project ]; then
> + mkdir /etc/fastd/$project
> + mkdir /tmp/fastd_${project}_peers
> + ln -s /tmp/fastd_${project}_peers /etc/fastd/$project/peers
> + echo "#!/bin/sh" > /etc/fastd/$project/up.sh
> + echo "ip link set up dev ${project}VPN" >> /etc/fastd/$project/up.sh
> + echo "echo enable > /sys/devices/virtual/net/${project}VPN/batman_adv/no_rebroadcast" >> /etc/fastd/$project/up.sh
> + echo "batctl if add ${project}VPN" >> /etc/fastd/$project/up.sh
> + chmod +x /etc/fastd/$project/up.sh
> + secret=$(fastd --generate-key 2>&1 | grep -i secret | awk '{ print $2 }')
> + echo "include peers from \"/etc/fastd/$project/peers\";" >> /etc/fastd/${project}/${project}.conf
> + echo "log to syslog level warn;" >> /etc/fastd/${project}/${project}.conf
> + echo "method \"null\";" >> /etc/fastd/${project}/${project}.conf
> +# http://lists.nord-west.net/pipermail/freifunk-ol-dev/2013-July/000322.html
> +# echo "bind 0.0.0.0:10000;" >> /etc/fastd/${project}/${project}.conf
> + echo "interface \"${project}VPN\";" >> /etc/fastd/${project}/${project}.conf
> + echo "mtu 1426;" >> /etc/fastd/${project}/${project}.conf
> + echo "secret \"$secret\";" >> /etc/fastd/${project}/${project}.conf
> + echo "on up \"/etc/fastd/${project}/up.sh\";" >> /etc/fastd/${project}/${project}.conf
> + echo "secure handshakes no;" >> /etc/fastd/${project}/${project}.conf
> + fi
> +
> + if [ ! -d /tmp/fastd_${project}_peers ]; then
> + mkdir /tmp/fastd_${project}_peers
> + fi
> +
> + pubkey=$(fastd -c /etc/fastd/$project/$project.conf --show-key --machine-readable)
> + lat=$(uci get system. at system[0].latitude)
> + long=$(uci get system. at system[0].longitude)
> +
> +# register
> + wget -T15 "http://keyserver.freifunk-franken.de/${project}/geo.php?mac=$mac&name=$hostname&port=$port&key=$pubkey&lat=$lat&long=$long" -O /tmp/fastd_${project}_output
> +
> + filenames=$(awk '/^####/ { gsub(/^####/, "", $0); gsub(/.conf/, "", $0); print $0; }' /tmp/fastd_${project}_output)
> + for file in $filenames; do
> + awk "{ if(a) print }; /^####$file.conf$/{a=1}; /^$/{a=0};" /tmp/fastd_${project}_output | sed 's/ float;/;/g' > /etc/fastd/$project/peers/$file
> + echo 'float yes;' >> /etc/fastd/$project/peers/$file
> + done
> +
> + # Wir holen uns die Conf fuer l2tp us den peers des fastd
> + # Dort finden wir die IPs unserer GWs
> + # Die Ports rechnen wir aus den Fastd-ports aus +10000
> +
> + CONF="/etc/config/tunneldigger"
> + CONFTMP="/tmp/tunneldigger.conf.tmp"
> + >$CONFTMP
> + count=1
> + PEERS=$(ls /etc/fastd/fff/peers)
> +
> + for peer in $PEERS
> + do
> + NAME=$(cat /etc/fastd/fff/peers/$peer | grep name | cut -f2 -d "\"")
> + IP=$(cat /etc/fastd/fff/peers/$peer | grep ipv4 | cut -f2 -d "\"")
> + PORT=$(cat /etc/fastd/fff/peers/$peer | grep ipv4 | cut -f5 -d " " | tr -dc 0-9)
> + PORT=$((PORT + 10000))
> + MAC=$(uci get network.mesh.macaddr)
> + UUID=_$(cat /proc/sys/kernel/hostname)@$MAC
> + echo "config broker
> + list address '$IP:$PORT'
> + option uuid '$UUID'
> + option interface 'l2tp$count'
> + option enabled '1'
> + option hook_script '/etc/tunneldigger.hook'
> + " >> $CONFTMP
> + count=$((count + 1))
> + done
> +
> + # Hat sich was geaendert?
> + if [diff $CONFTMP $CONF &>/dev/null ]; then
> + #die Broker haben sich geaendert
> + /etc/init.d/tunneldigger stop
> + # pid-files aufräumen
> + rm /var/run/tunneldigger* 2>/dev/null
> + cp $CONFTMP $CONF
> + fi
> +
> +
> +# Jetzt haben wir alle noetigeb Infos eingesammelt
> + # Wir starten den tunneldigger, wenn er schon läuft machts nichts
> + /etc/init.d/tunneldigger start
> + # Startlink anlegen
> + [ -f /etc/rc.d/S90tunneldigger ] || ln -s ../init.d/tunneldigger /etc/rc.d/S90tunneldigger
> +
> + # tunneldigger bekommt 15s Zeit die Tunnel auf zu bauen
> + sleep 15
> +
> + if [ "ls -d /sys/devices/virtual/net/l2tp* &>/dev/null" ]; then
> +
> + # l2tunnel sind an, fastd stoppen falls er läuft
> + [ -d /sys/devices/virtual/net/fffVPN ] && kill -SIGTERM $(cat /var/run/fastd.$project.pid)
> + else
> + #die l2tunnel sind nicht an gegangen -> fallback to fastd
> +
> +# fire up fastd
> + if [ "$(/sbin/ifconfig -a | grep -i ethernet | grep $project)" = "" ]; then
> + /bin/rm /var/run/fastd.$project.pid 2>/dev/null
> + fastd -c /etc/fastd/$project/$project.conf -d --pid-file /var/run/fastd.$project.pid
> + fi
> +
> + #reload
> + kill -HUP $(cat /var/run/fastd.$project.pid)
> +
> + # tunneldigger ausschalten
> + /etc/init.d/tunneldigger stop
> + # pid-files aufraumen
> + rm /var/run/tunneldigger* 2>/dev/null
> + # Startlink loeschen
> + [ -f /etc/rc.d/S90tunneldigger ] && rm /etc/rc.d/S90tunneldigger
> + fi
> +
> +else
> + echo "Der Router kann keine Verbindung zum Fastdserver aufbauen"
> + echo "$0 macht nichts!"
> +fi
> +
> +exit 0
> +# vim: noexpandtab
> diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile
> index d914872..4fbcf30 100644
> --- a/src/packages/fff/fff/Makefile
> +++ b/src/packages/fff/fff/Makefile
> @@ -20,7 +20,8 @@ define Package/fff-base
> +fff-uradvd \
> +fff-batman-adv-legacy \
> +fff-firewall\
> - +fff-tunneldigger
> + +fff-tunneldigger\
> + +fff-tunneldigger-testing
> endef
>
> define Package/fff-base/description
> --
> 2.8.0.rc3
>
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 473 bytes
Beschreibung: This is a digitally signed message part
URL : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20160405/3fab67e0/attachment-0002.sig>
Mehr Informationen über die Mailingliste franken-dev