[PATCH v4] configurehood: Prevent connecting two hoods

Tim Niemeyer tim at tn-x.org
Sa Dez 23 14:31:40 CET 2017 

Hi

Und applied.

Danke
Tim

Am Samstag, den 23.12.2017, 14:24 +0100 schrieb Tim Niemeyer:
> Hi
> 
> Der Patch ist erstmal ganz gut und hilft weiter. Wirkt auch sehr gut
> durchdacht.
> 
> Reviewed-by: Tim Niemeyer <tim at tn-x.org>
> 
> Dennoch loest er das Problem nicht ganz korrekt, denn im Fall der
> Kollision bleibt die kaputte Verbindung bis zu 5 Minuten erhalten.
> Langfristig müssen wir also trotzdem noch weiter entwickeln.
> 
> Tim
> 
> 
> Am 18. Dezember 2017 15:03:34 MEZ schrieb Adrian Schmutzler <freifunk
> @adrianschmutzler.de>:
> > To prevent connecting hoods, this patch loads keyxchange files
> > from the local network (eth0.3/eth0) before it uses the gateway.
> > 
> > Thus, if other files are provided via wXconfigap, they are just
> > ignored. If a router is connected to two hoods by cable, it will
> > just disable the interfaces where a second hood file is detected
> > and wait until the next call of configurehood.
> > 
> > If cable and wXmesh are different, the cable has precedence.
> > 
> > If two hoods are present via cable on the same eth, wXmesh has
> > precedence.
> > 
> > If two hoods are present via cable on different eth, the first
> > eth has precedence and all others are disabled.
> > 
> > If cable has precedence, wXmesh is configured with the hood
> > file from cable.
> > 
> > Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
> > 
> > ---
> > 
> > Changes in v2:
> > - ifconfig eth down instead of ifconfig br-mesh down
> > - networking restart to get up interfaces again
> > - Cycle over eths instead of assuming just one
> > 
> > Changes in v3:
> > - Replace eth by $eth in inner for loop
> > - Use continue 2 instead of exit to go through all eths
> > - Only set oldhood once
> > - Use separate ethfile first, because otherwise a second eth
> >  would overwrite the file although disabled
> > 
> > Changes in v4:
> > - Reduced timeout and number of tries for wget
> > ---
> > .../fff/fff-hoods/files/usr/sbin/configurehood     | 37
> > +++++++++++++++++++++-
> > 1 file changed, 36 insertions(+), 1 deletion(-)
> > 
> > diff --git a/src/packages/fff/fff-
> > hoods/files/usr/sbin/configurehood
> > b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
> > index 822e5fc..e6a47df 100755
> > --- a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
> > +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
> > @@ -10,6 +10,7 @@ sectorlocal=/etc/sectorfile
> > sectortmp=/tmp/sectorfile
> > sectorcopy=/www/hood/sectorfile
> > hiddenapfile=/tmp/hiddenapflag
> > +resetnetworkfile=/tmp/resetnetwork
> > 
> > rm -f "$hoodfile"
> > 
> > @@ -65,6 +66,12 @@ fi
> > lat=$(uci -q get fff.system.latitude)
> > long=$(uci -q get fff.system.longitude)
> > 
> > +# reenable network interfaces in case we disabled them earlier
> > +if [ -f "$resetnetworkfile" ]; then
> > +	/etc/init.d/network restart
> > +	rm "$resetnetworkfile"
> > +fi
> > +
> > # if we have Internet, we download the Hoodfile from the
> > keyxchangev2
> > if hasInternet ; then
> > 	wget -T15 -t5
> > "http://keyserver.freifunk-franken.de/v2/?lat=$lat&long=$long" -O
> > "$hoodfile"
> > @@ -119,7 +126,35 @@ else
> > 		fi
> > 	else
> > 		echo "We have a Gateway in Range, we load the
> > keyxchangev2data from
> > fe80::1"
> > -		wget -T15 -t5 "http://[fe80::1%br-mesh]:2342/keyxc
> > hangev2data" -O
> > "$hoodfile"
> > +		# check eth first
> > +		oldhood=""
> > +		ethfile="${hoodfile}eth"
> > +		for eth in $(batctl if | grep "eth" | sed -nE
> > 's/.*(eth[^:]+):.*/\1/p'); do
> > +			for mac in $(batctl n | grep "$eth" | sed
> > -nE
> > 's/.*eth[0-9.]+\s+([^\s]+)\s.*/\1/p'); do
> > +				EUI="$(echo "$mac" | awk -F: '{
> > printf("%02x%s:%sff:fe%s:%s%s\n",
> > xor(("0x"$1),2), $2, $3, $4, $5, $6) }')"
> > +				wget -T2 -t3 "http://[fe80::${EUI}
> > %${eth}]:2342/keyxchangev2data"
> > -O "$ethfile"
> > +				if [ -s "$ethfile" ]; then
> > +					json_load "$(cat
> > "$ethfile")"
> > +					json_select hood
> > +					json_get_var newhood name
> > +					if [ -n "$oldhood" ] && [
> > -n "$newhood" ] && ( ! [ "$newhood" =
> > "$oldhood" ] ) ; then
> > +						# 2nd hood found,
> > kill interface and go on (next try in 5 min.)
> > +						echo "Two hoods
> > detected. Remove cables to stay in just one."
> > +						ifconfig "$eth"
> > down
> > +						touch
> > "$resetnetworkfile"
> > +						continue 2 # go to
> > the next interface
> > +					fi
> > +					mv "$ethfile" "$hoodfile"
> > # Only use hoodfile if sane
> > +					[ -n "$oldhood" ] ||
> > oldhood="$newhood" # only set oldhood once
> > +				fi
> > +			done
> > +		done
> > +		if [ ! -s "$hoodfile" ]; then
> > +			# Only load hoodfile from gateway if not
> > already present from local
> > network
> > +			# - This gives local network a precedence
> > (take the hood from local
> > network)
> > +			# - This prevents file insertion from a
> > third person, as I will
> > only connect via LAN to who I trust
> > +			wget -T15 -t5 "http://[fe80::1%br-mesh]:23
> > 42/keyxchangev2data" -O
> > "$hoodfile"
> > +		fi
> > 		#UPLINK: Do nothing
> > 	fi
> > fi
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : signature.asc
Dateityp    : application/pgp-signature
Dateigröße  : 488 bytes
Beschreibung: This is a digitally signed message part
URL         : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20171223/99f7ff31/attachment.sig>

Mehr Informationen über die Mailingliste franken-dev