[PATCH v10 4/4] Add fff-hoods

Christian Dresel fff at chrisi01.de
So Okt 1 19:57:00 CEST 2017


hi

hab grad recht wenig Zeit aber hier wird grad $Kram diskutiert daher bin
ich die Mail mal eben überflogen und paar Kommentare Inline.

On 01.10.2017 16:05, mail at adrianschmutzler.de wrote:
> Hallo,
>
> eine Fragen und Anmerkungen inline, die mir beim Ändern/Lesen aufgefallen
> sind.
>
>> -----Original Message-----
>> From: franken-dev [mailto:franken-dev-bounces at freifunk.net] On Behalf
>> Of Adrian Schmutzler
>> Sent: Sonntag, 1. Oktober 2017 15:49
>> To: franken-dev at freifunk.net
>> Cc: Jan Kraus <mayosemmel at gmail.com>
>> Subject: [PATCH v10 4/4] Add fff-hoods
>>
>> From: Christian Dresel <fff at chrisi01.de>
>>
>> this packages connect to keyxchangev2
>> after review we must change the serveradress! This is only a example
>>
>> Signed-off-by: Christian Dresel <fff at chrisi01.de>
>> Signed-off-by: Jan Kraus <mayosemmel at gmail.com>
>> Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
>>
>> Update in v2:
>>  - clean tabstops
>>  - move the json vpn out of the if because we need this after reboot
>>
>> Update in v5:
>> 	!!UNTESTED!!
>>  - change hidden AP ip to locallink
>>  - Open hidden AP after more checks
>>  - Load json File from Gateway if Gateway in Batman in Range
>>
>> Update in v6:
>> 	!!UNTESTED!!
>>  - fix hidden station v6
>>  - fix -n to -f if
>>  - Add function to check for a gateway and use this
>>  - remove /etc/community.cfg and variables
>>  - send fewer infos to keyxchangev2
>>  - add a check if /tmp/keyxchangev2 not downloadable and edit a bit  on
> the
>> wgets
>>  - change the position from json_load and do this only 1 times
>>
>> Update in v7:
>> 	!!UNTESTED!!
>>  - delete keyxchangev2data at start of the script
>>  - do only things with keyxchangev2data if available
>>  - change keyxchangev2 url
>>
>> Update in v8/v9:
>>  - rebase onto 20170918-beta
>>
>> Update in v10:
>>  - Minor code fixes
>>  - Added fff-hoods to fff-base Makefile
>>  - Removed trailing whitespaces and harmonized tabs
>>  - Fixed some comments spelling
>>  - Added mac for hostname rewrite
>>  - Removed redundant check for /tmp/keyxchangev2data
>> ---
>>  src/packages/fff/fff-hoods/Makefile                |  39 ++++
>>  .../files/etc/hotplug.d/iface/50-fff-hoods         |   5 +
>>  .../fff/fff-hoods/files/usr/lib/micron.d/fff-hoods |   1 +
>>  .../fff/fff-hoods/files/usr/sbin/configurehood     | 206
>> +++++++++++++++++++++
>>  src/packages/fff/fff/Makefile                      |   3 +-
>>  5 files changed, 253 insertions(+), 1 deletion(-)  create mode 100644
>> src/packages/fff/fff-hoods/Makefile
>>  create mode 100644 src/packages/fff/fff-
>> hoods/files/etc/hotplug.d/iface/50-fff-hoods
>>  create mode 100644 src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-
>> hoods
>>  create mode 100755 src/packages/fff/fff-
>> hoods/files/usr/sbin/configurehood
>>
>> diff --git a/src/packages/fff/fff-hoods/Makefile b/src/packages/fff/fff-
>> hoods/Makefile
>> new file mode 100644
>> index 0000000..f85178d
>> --- /dev/null
>> +++ b/src/packages/fff/fff-hoods/Makefile
>> @@ -0,0 +1,39 @@
>> +include $(TOPDIR)/rules.mk
>> +
>> +PKG_NAME:=fff-hoods
>> +PKG_VERSION:=0.0.1
>> +PKG_RELEASE:=1
>> +
>> +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoods
>> +
>> +include $(INCLUDE_DIR)/package.mk
>> +
>> +define Package/fff-hoods
>> +    SECTION:=base
>> +    CATEGORY:=Freifunk
>> +    TITLE:= Freifunk-Franken hoods
>> +    URL:=http://www.freifunk-franken.de
>> +    DEPENDS:=+fff-network
>> +endef
>> +
>> +define Package/fff-hoods/description
>> +    This package load and configures the current hood endef
>> +
>> +define Build/Prepare
>> +	echo "all: " > $(PKG_BUILD_DIR)/Makefile endef
>> +
>> +define Build/Configure
>> +	# nothing
>> +endef
>> +
>> +define Build/Compile
>> +	# nothing
>> +endef
>> +
>> +define Package/fff-hoods/install
>> +	$(CP) ./files/* $(1)/
>> +endef
>> +
>> +$(eval $(call BuildPackage,fff-hoods))
>> diff --git
> a/src/packages/fff/fff-hoods/files/etc/hotplug.d/iface/50-fff-hoods
>> b/src/packages/fff/fff-hoods/files/etc/hotplug.d/iface/50-fff-hoods
>> new file mode 100644
>> index 0000000..49f53e3
>> --- /dev/null
>> +++ b/src/packages/fff/fff-hoods/files/etc/hotplug.d/iface/50-fff-hoods
>> @@ -0,0 +1,5 @@
>> +#!/bin/sh
>> +[ "$ACTION" = "ifup" -a "$INTERFACE" = "wan" ] && {
>> +       sleep 3
>> +       /usr/sbin/configurehood
>> +}
>> diff --git a/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>> b/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>> new file mode 100644
>> index 0000000..ca8d798
>> --- /dev/null
>> +++ b/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>> @@ -0,0 +1 @@
>> +*/5 * * * * /usr/sbin/configurehood
>> diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>> b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>> new file mode 100755
>> index 0000000..ad316f8
>> --- /dev/null
>> +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>> @@ -0,0 +1,206 @@
>> +#!/bin/sh
>> +
>> +. /usr/share/libubox/jshn.sh
>> +. /lib/functions/fff/wireless
>> +
>> +rm /tmp/keyxchangev2data
>> +
>> +# Gatewaycheck function
>> +isGatewayAvailable() {
>> +	if [ "$(batctl gwl | wc -l)" -gt 2 ]; then
>> +		return true;
>> +	else
>> +		return false;
>> +	fi
>> +}
>> +
>> +
>> +# Hidden AP check
>> +
>> +if [ -f /tmp/hiddenapflag ]; then
>> +	if [ isGatewayAvailable ]; then
>> +		if ! wifiAddAP "$radio" "config.franken.freifunk.net"
>> "configap" "configap" "1"; then
>> +			echo "Can't add AP interface on $radio."
>> +			exit 1
>> +		else
>> +			# We must set a fixed ip address here
>> +			uci set network.configap=interface
>> +			uci set network.configap.proto='static'
>> +			uci set network.configap.ip6addr='fe80::1/64'
>> +			uci commit network
>> +		fi
>> +	else
>> +		rm /tmp/hiddenapflag
>> +	fi
>> +fi
> Warum steht dieser ganze Block am Anfang und nicht am Schluss des Skripts?
> Hat das einen Grund, dass der immer einen Zyklus warten soll?
genau, Batman hat ein Timeout das wollen wir damit abfangen damit erst
im 2. Zyklus wirklich der hidden AP geöffnet wird. Es muss also 5min
eine Verbindung zum GW bestehen.
>
>
>
>> +
>> +
>> +lat=$(uci get system. at system[0].latitude) long=$(uci get
>> +system. at system[0].longitude) hostname=$(cat
>> /proc/sys/kernel/hostname)
>> +mac=$(awk '{ mac=toupper($1); gsub(":", "", mac); print mac }'
> Hier hab ich die Mac ergänzt.
das war einfach nur C&P
>
>> +/sys/class/net/br-mesh/address 2>/dev/null) [ "$hostname" = "OpenWrt" ]
>> && hostname=""
>> +[ "$hostname" = "" ] &&  hostname="$mac"
> Wozu ist das gut? Sollte man das auf LEDE ändern?
hab ich einfach nur C&P aus den fff-vpn. Bin mir grad recht unsicher
wofür es nötig ist.
>
>> +
>> +test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken
>> keyserver
>> +test_ipv4_host2="8.8.8.8"        # Google DNS
>> +test_ipv6_host1="heise.de"       # heise Zeitschriftenverlag
>> +
>> +# if we have Internet, we download the Hoodfile from the keyxchangev2
>> +if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
>> +	ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
>> +	ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null; then
>> +	wget -T15 -t5 "http://keyserver.freifunk-
>> franken.de/v2/?lat=$lat&long=$long" -O /tmp/keyxchangev2data
>> +	#if no Internet, we connect to the hidden AP and download the file
>> +from another Node in range else
>> +	# connect to wireless hidden ap here and download the json File
>> from the nearest router
>> +	# Only do that, when we have no gateway in range. If the
>> Uplinkrouter changed the hood, we lost the GW and do this automatically
>> again, I think! Nice idea?
>> +	if [ ! isGatewayAvailable ]; then
>> +		#now we haven't a gateway in Range, we search for a hidden
>> AP to get a keyxchangev2data file!
>> +		#first we delete all wifi settings
>> +		if ! wifiDelAll; then
>> +			echo "Can't delete current wifi setup"
>> +			exit 1
>> +		fi
>> +		#now we look for phy and add this
>> +		for phy in $(iw phy | awk '/^Wiphy/{ print $2 }'); do
>> +			if iw phy "$phy" info | grep -q -m1 "2... MHz"; then
>> +				echo "$phy is 2.4 GHz"
>> +				radio=$(wifiAddPhy "$phy"
>> "$BATMAN_CHANNEL")
>> +				if [ -z "$radio" ]; then
>> +					echo "Can't create radio for $phy"
>> +					exit 1
>> +				fi
>> +			fi
>> +			if iw phy "$phy" info | grep -q -m1 "5... MHz"; then
>> +				echo "$phy is 5 GHz"
>> +				radio=$(wifiAddPhy "$phy"
>> "$BATMAN_CHANNEL_5GHZ")
>> +				if [ -z "$radio" ]; then
>> +					echo "Can't create radio for $phy"
>> +					exit 1
>> +				fi
>> +			fi
> Hier werden Variablen aus der community.cfg verwendet ($BATMAN...), unten
> ist hardgecodet. Das hier auch hardcoden?
macht vermutlich Sinn, weil wir die /etc/community.cfg eh abschaffen wollen.
>
>
>> +			#and here we add the station
>> +			if ! wifiAddSta "$radio"
> "config.franken.freifunk.net"
>> "configSta"; then
>> +				echo "Can't add Sta interface on $radio."
>> +				exit 1
>> +			fi
>> +
>> +		done
>> +
>> +		wifi
>> +		# wait a moment to start the interface
>> +		sleep 10;
>> +		# and here we can download the Hoodfile from the other
>> node
>> +		wget -T15 -t5 "http://[fe80::1%w2sta]/keyxchangev2data" -O
>> /tmp/keyxchangev2data
>> +	else
>> +		echo "We have a Gateway in Range, we load the
>> keyxchangev2data from fe80::1"
>> +		wget -T15 -t5 "http://[fe80::1%br-mesh]/keyxchangev2data"
>> -O /tmp/keyxchangev2data
>> +	fi
>> +
>> +fi
>> +
>> +if [ -s /tmp/keyxchangev2data ]; then
>> +
>> +	# we get a json file in this format:
>> +	# https://pw.freifunk-franken.de/patch/205/
>> +	# but without signature, every hood file we get is valid!
>> +
>> +	json_load "$(cat /tmp/keyxchangev2data)"
>> +	sumnew=$(sha256sum /tmp/keyxchangev2data | cut -f1 -d " ")
>> +	sumold=$(sha256sum /www/public/keyxchangev2data &>/dev/null
>> | cut -f1 -d " ")
>> +	if [ "$sumnew" != "$sumold" ]; then
> Die zweite Abfrage mit [ ! -f /tmp/keyxchangev2data] macht irgendwie keinen
> Sinn, da wir ja oben [ -s /tmp/keyxchangev2data ] schon geprüft haben?!
das muss ich mir in Ruhe angucken, grad nicht viel Zeit stell ich mal
zurück.
>
>
>> +		echo "New file detect, we reconfigure the Node";
>> +
>> +		# copy the file to webroot so that other Meshrouter can
>> download it
>> +		cp /tmp/keyxchangev2data /www/public/
>> +
>> +		json_select hood
>> +
>> +		json_get_var hood name
>> +		json_get_var mesh_bssid mesh_bssid
>> +		json_get_var mesh_essid mesh_essid
>> +		json_get_var essid essid
>> +		# i think the next things we don't active this in the first
>> version! we can do it later
>> +		#json_get_var channel2 channel2
>> +		#json_get_var mode2 mode2
>> +		#json_get_var type2 type2
>> +		#json_get_var channel5 channel5
>> +		#json_get_var mode5 mode5
>> +		#json_get_var type5 type5
>> +		#json_get_var protocol protocol
>> +
>> +		echo "Setting hood name: $hood"
>> +		uci set "system. at system[0].hood=$hood"
>> +
>> +		if ! wifiDelAll; then
>> +			echo "Can't delete current wifi setup"
>> +			exit 1
>> +		fi
>> +
>> +		for phy in $(iw phy | awk '/^Wiphy/{ print $2 }'); do
>> +			if iw phy "$phy" info | grep -q -m1 "2... MHz"; then
>> +				echo "$phy is 2.4 GHz"
>> +				radio=$(wifiAddPhy "$phy" "1")
> Hier ist jetzt hardgecodet ... "1"
interessant, vermutlich hab ich es oben einfach vergessen und wollt es
wirklich überall hard coden weil eben /etc/community.cfg weg fällt.
>
>
>> +				if [ -z "$radio" ]; then
>> +					echo "Can't create radio for $phy"
>> +					exit 1
>> +				fi
>> +			fi
>> +			if iw phy "$phy" info | grep -q -m1 "5... MHz"; then
>> +				echo "$phy is 5 GHz"
>> +				radio=$(wifiAddPhy "$phy" "13")
>> +				if [ -z "$radio" ]; then
>> +					echo "Can't create radio for $phy"
>> +					exit 1
>> +				fi
>> +			fi
>> +
>> +			if ! wifiAddAP "$radio" "$essid" "mesh" "ap" "0";
> then
>> +				echo "Can't add AP interface on $radio."
>> +				exit 1
>> +			fi
>> +
>> +			# here we set a bit for add hidden AP
>> +			touch /tmp/hiddenapflag
>> +
>> +			if ! wifiAddAdHocMesh "$radio" "$mesh_essid"
>> "$mesh_bssid"; then
>> +				echo "Can't add AP interface on $radio."
>> +				exit 1
>> +			fi
>> +		done
>> +
>> +		echo "Loading wifi"
>> +		wifi
>> +
>> +	else
>> +		echo "We have no new file or we haven't got a file. We do
>> nothing. We try it again in 5 minutes...";
> Meines Erachtens ist hier nur "We have no new file" erfüllt. Der andere Fall
> wäre eine if weiter außen. Siehe [ ! -f /tmp/keyxchangev2data] ...
muss ich mir auch mal in Ruhe angucken...
>
>
>> +	fi
>> +
>> +	# and now we read the VPN Data and give this data to fff-vpn
>> +	json_load "$(cat /tmp/keyxchangev2data)"
>> +
>> +	json_select vpn
>> +	Index="1"
>> +	rm /tmp/fastd_fff_output
>> +	touch /tmp/fastd_fff_output
>> +	while json_select $Index > /dev/null
> Wieso while wenn nur ein Element "1"?
es kann auch 2 oder 3 Gateways geben, deshalb muss man alle mit einer
Schleife durchgehen oder?
>
>
>> +	do
>> +		json_get_var protocol protocol
>> +		if [ "$protocol" == "fastd" ]; then
>> +			json_get_var servername name
>> +			echo "####${servername}.conf" >>
>> /tmp/fastd_fff_output
>> +			echo "#name \"${servername}\";" >>
>> /tmp/fastd_fff_output
>> +			json_get_var key key
>> +			echo "key \"${key}\";" >> /tmp/fastd_fff_output
>> +			json_get_var address address
>> +			json_get_var port port
>> +			echo "remote ipv4 \"${address}\" port $port float;"
>>>> /tmp/fastd_fff_output
>> +		fi
>> +		echo "" >> /tmp/fastd_fff_output
>> +		echo "###" >> /tmp/fastd_fff_output
> Die beiden kommen ja nur einmal am Schluss, also müssen sie aus dem while
> raus, oder?
oh das muss ich mir auch nochmal in Ruhe angucken, mit 2 GWs hab ich das
ganze noch nicht getestet, RedDog wollte das aber eh relativ zügig
umbauen weil das Format einfach sh*t ist, besser ist wenn fff-vpn die
json direkt ausliest.

mfg

Christian
>
> Grüße
>
> Adrian
>
>
>> +	done
>> +	#this we do every 5 minutes, because it can change the VPN Protocol
>> +	#and now we get to vpn-select Script and load VPNs
>> +	sh /usr/sbin/vpn-select
>> +fi
>> diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile
>> index 166d423..305ab8d 100644
>> --- a/src/packages/fff/fff/Makefile
>> +++ b/src/packages/fff/fff/Makefile
>> @@ -29,7 +29,8 @@ define Package/fff-base
>>               +fff-wireless \
>>               +fff-timeserver \
>>               +fff-vpn-select \
>> -             +simple-tc
>> +             +simple-tc \
>> +             +fff-hoods
>>  endef
>>
>>  define Package/fff-base/description
>> --
>> 2.7.4
>>
>> --
>> franken-dev mailing list
>> franken-dev at freifunk.net
>> http://lists.freifunk.net/mailman/listinfo/franken-dev-freifunk.net


-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : signature.asc
Dateityp    : application/pgp-signature
Dateigröße  : 819 bytes
Beschreibung: OpenPGP digital signature
URL         : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20171001/ebe4392d/attachment.sig>


Mehr Informationen über die Mailingliste franken-dev