[PATCH v16 4/6] Add fff-hoods

Christian Dresel fff at chrisi01.de
Di Okt 10 15:05:49 CEST 2017


Im jetztigen Zustand ist vermutlich auch folgendes sehr interessant:

root at c25testknoten:/tmp# wifi
Command failed: Request timed out
root at c25testknoten:/tmp#


mfg

Christian

On 10.10.2017 15:02, Christian Dresel wrote:
> hi
> 
> On 06.10.2017 15:45, Christian Dresel wrote:
>> hi
>>
>> On 05.10.2017 15:37, Adrian Schmutzler wrote:
>>> From: Christian Dresel <fff at chrisi01.de>
>>>
>>> This package connects to keyxchangev2
>>>
>>> Signed-off-by: Christian Dresel <fff at chrisi01.de>
>>> Signed-off-by: Jan Kraus <mayosemmel at gmail.com>
>>> Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
>>>
>>> Update in v2:
>>>  - clean tabstops
>>>  - move the json vpn out of the if because we need this after reboot
>>>
>>> Update in v5:
>>> 	!!UNTESTED!!
>>>  - change hidden AP ip to locallink
>>>  - Open hidden AP after more checks
>>>  - Load json File from Gateway if Gateway in Batman in Range
>>>
>>> Update in v6:
>>> 	!!UNTESTED!!
>>>  - fix hidden station v6
>>>  - fix -n to -f if
>>>  - Add function to check for a gateway and use this
>>>  - remove /etc/community.cfg and variables
>>>  - send fewer infos to keyxchangev2
>>>  - add a check if /tmp/keyxchangev2 not downloadable and edit a bit  on the wgets
>>>  - change the position from json_load and do this only 1 times
>>>
>>> Update in v7:
>>> 	!!UNTESTED!!
>>>  - delete keyxchangev2data at start of the script
>>>  - do only things with keyxchangev2data if available
>>>  - change keyxchangev2 url
>>>
>>> Update in v8/v9:
>>>  - rebase onto 20170918-beta
>>>
>>> Update in v10:
>>>  - Minor code fixes
>>>  - Added fff-hoods to fff-base Makefile
>>>  - Removed trailing whitespaces and harmonized tabs
>>>  - Fixed some comments spelling
>>>  - Added mac for hostname rewrite
>>>  - Removed redundant check for /tmp/keyxchangev2data
>>>
>>> Update in v11:
>>>  - Changed isGatewayAvailable to return integers (bool is
>>>    not valid) and removed brackets for evaluations
>>>  - Added variables for channels as they are used twice
>>>  - Fixed $radio not set at the beginning (WORKAROUND!)
>>>  - Changed OpenWRT to LEDE
>>>  - Correctly reset json_select before reuse
>>>  - Some tidying-up of comments and quotes
>>>  - Fixed vpn loop so it works for more than one host (TESTED)
>>>  - Fixed "else" if no file received
>>>
>>> Changes in v12:
>>>  - Removed obsolete hostname
>>>
>>> Changes in v14 (Tested, working Inet+mesh):
>>>  - Fixed stderr redirect
>>>  - Added call of configurehood to rc.local, so it is triggered
>>>    if wan does not come up. To prevent race condition,
>>>    hotplug.d is removed.
>>>  - Added wifi call to configAP setup
>>>  - Remove hiddenap flag after successful setup
>>>  - Added -q to uci calls
>>>  - Added network interface configSta
>>>  - Substitute timestamp to enable SHA comparison
>>>  - Removed started-check from vpn-select
>>>
>>> Changes in v15:
>>>  - Fixed 5 GHz channel
>>>  - Only start vpn-select if router has internet
>>>  - Put ping into function since it is used twice
>>>  - Check for started in micrond to prevent race condition
>>>  - Moved copy of keyxchangev2data to the end
>>>
>>> Changes in v16:
>>>  - Open configap for both 2.4 and 5 GHz
>>> ---
>>>  bsp/default/root_file_system/etc/rc.local          |   4 +
>>>  src/packages/fff/fff-hoods/Makefile                |  39 ++++
>>>  .../fff/fff-hoods/files/usr/lib/micron.d/fff-hoods |   1 +
>>>  .../fff/fff-hoods/files/usr/sbin/configurehood     | 230 +++++++++++++++++++++
>>>  .../fff/fff-vpn-select/files/usr/sbin/vpn-select   |   2 -
>>>  src/packages/fff/fff/Makefile                      |   3 +-
>>>  6 files changed, 276 insertions(+), 3 deletions(-)
>>>  create mode 100644 src/packages/fff/fff-hoods/Makefile
>>>  create mode 100644 src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>>>  create mode 100755 src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>>>
>>> diff --git a/bsp/default/root_file_system/etc/rc.local b/bsp/default/root_file_system/etc/rc.local
>>> index bd972fb..59042c3 100755
>>> --- a/bsp/default/root_file_system/etc/rc.local
>>> +++ b/bsp/default/root_file_system/etc/rc.local
>>> @@ -4,6 +4,10 @@
>>>  
>>>  /usr/sbin/configurenetwork
>>>  
>>> +sleep 3
>>> +
>>> +/usr/sbin/configurehood
>>> +
>>>  touch /tmp/started
>>>  
>>>  exit 0
>>> diff --git a/src/packages/fff/fff-hoods/Makefile b/src/packages/fff/fff-hoods/Makefile
>>> new file mode 100644
>>> index 0000000..f85178d
>>> --- /dev/null
>>> +++ b/src/packages/fff/fff-hoods/Makefile
>>> @@ -0,0 +1,39 @@
>>> +include $(TOPDIR)/rules.mk
>>> +
>>> +PKG_NAME:=fff-hoods
>>> +PKG_VERSION:=0.0.1
>>> +PKG_RELEASE:=1
>>> +
>>> +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoods
>>> +
>>> +include $(INCLUDE_DIR)/package.mk
>>> +
>>> +define Package/fff-hoods
>>> +    SECTION:=base
>>> +    CATEGORY:=Freifunk
>>> +    TITLE:= Freifunk-Franken hoods
>>> +    URL:=http://www.freifunk-franken.de
>>> +    DEPENDS:=+fff-network
>>> +endef
>>> +
>>> +define Package/fff-hoods/description
>>> +    This package load and configures the current hood
>>> +endef
>>> +
>>> +define Build/Prepare
>>> +	echo "all: " > $(PKG_BUILD_DIR)/Makefile
>>> +endef
>>> +
>>> +define Build/Configure
>>> +	# nothing
>>> +endef
>>> +
>>> +define Build/Compile
>>> +	# nothing
>>> +endef
>>> +
>>> +define Package/fff-hoods/install
>>> +	$(CP) ./files/* $(1)/
>>> +endef
>>> +
>>> +$(eval $(call BuildPackage,fff-hoods))
>>> diff --git a/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods b/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>>> new file mode 100644
>>> index 0000000..39e800e
>>> --- /dev/null
>>> +++ b/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>>> @@ -0,0 +1 @@
>>> +*/5 * * * * [ -f /tmp/started ] && /usr/sbin/configurehood
>>> diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>>> new file mode 100755
>>> index 0000000..ab6bd53
>>> --- /dev/null
>>> +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>>> @@ -0,0 +1,230 @@
>>> +#!/bin/sh
>>> +
>>> +. /usr/share/libubox/jshn.sh
>>> +. /lib/functions/fff/wireless
>>> +
>>> +rm /tmp/keyxchangev2data
>>> +
>>> +# Gatewaycheck function
>>> +isGatewayAvailable() {
>>> +	if [ "$(batctl gwl | wc -l)" -gt 2 ]; then
>>> +		return 0
>>> +	else
>>> +		return 1
>>> +	fi
>>> +}
>>> +
>>> +# Ping test
>>> +hasInternet() {
>>> +	test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
>>> +	test_ipv4_host2="8.8.8.8"        # Google DNS
>>> +	test_ipv6_host1="heise.de"       # heise Zeitschriftenverlag
>>> +	if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
>>> +		ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
>>> +		ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null ; then
>>> +		return 0
>>> +	fi
>>> +	return 1
>>> +}
>>> +
>>> +chan2ghz="1"
>>> +chan5ghz="36"
>>> +
>>> +# Hidden AP check
>>> +
>>> +if [ -f /tmp/hiddenapflag ]; then
>>> +	if isGatewayAvailable ; then
>>> +
>>> +		uci set network.configap=interface
>>> +		uci set network.configap.proto='static'
>>> +		uci set network.configap.ip6addr='fe80::1/64'
>>> +		uci commit network
>>> +
>>> +		for radio in $(uci show wireless | sed -n 's,.*\.\([a-z0-9]*\)=wifi-device,\1,p'); do
>>> +			if ! wifiAddAP "$radio" "config.franken.freifunk.net" "configap" "configap" "1"; then
>>> +				echo "Can't add Config interface on $radio."
>>> +				exit 1
>>> +			fi
>>> +		done
> 
> ich bekomm die fe80::1 nicht ans wXconfigap gehangen:
> 
> w2configap Link encap:Ethernet  HWaddr 56:C7:BF:3B:3C:3E
>           inet6 addr: fe80::54c7:bfff:fe3b:3c3e/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:0 (0.0 B)  TX bytes:432 (432.0 B)
> 
> [...]
> 
> w5configap Link encap:Ethernet  HWaddr 56:C7:BF:3B:3C:3D
>           inet6 addr: fe80::54c7:bfff:fe3b:3c3d/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:0 (0.0 B)  TX bytes:728 (728.0 B)
> 
> root at c25testknoten:/tmp# uci show etwork.configap.ip6addr
> uci: Entry not found
> root at c25testknoten:/tmp# uci show network.configap.ip6addr
> network.configap.ip6addr='fe80::1/64'
> root at c25testknoten:/tmp# cat /etc/config/wireless
> 
> [...]
> 
> config wifi-iface 'w2configap'
> 	option device 'radio1'
> 	option network 'configap'
> 	option ifname 'w2configap'
> 	option mode 'ap'
> 	option ssid 'config.franken.freifunk.net'
> 	option encryption 'none'
> 	option hidden '1'
> 
> config wifi-iface 'w5configap'
> 	option device 'radio0'
> 	option network 'configap'
> 	option ifname 'w5configap'
> 	option mode 'ap'
> 	option ssid 'config.franken.freifunk.net'
> 	option encryption 'none'
> 	option hidden '1'
> 
> 
> weiß gerade nicht warum aber irgendwas hakt da noch. Eingespielt ist
> folgende Patchreihe:
> 
> 527 523 528 525 524 526 531 532 535 545 546 550 551 555 556
> 
> mfg
> 
> Christian
> 
> 
>>> +
>>> +		wifi
>>> +	fi
>>> +	rm /tmp/hiddenapflag
>>> +fi
>>> +
>>> +lat=$(uci -q get system. at system[0].latitude)
>>> +long=$(uci -q get system. at system[0].longitude)
>>> +
>>> +# if we have Internet, we download the Hoodfile from the keyxchangev2
>>> +if hasInternet ; then
>>> +	wget -T15 -t5 "http://keyserver.freifunk-franken.de/v2/?lat=$lat&long=$long" -O /tmp/keyxchangev2data
>>> +	#if no Internet, we connect to the hidden AP and download the file from another Node in range
>>> +else
>>> +	# connect to wireless hidden ap here and download the json File from the nearest router
>>> +	# Only do that, when we have no gateway in range. If the Uplinkrouter changed the hood, we lost the GW and do this automatically again, I think! Nice idea?
>>> +	if ! isGatewayAvailable ; then
>>> +		#now we haven't a gateway in Range, we search for a hidden AP to get a keyxchangev2data file!
>>> +		#first we delete all wifi settings
>>> +		if ! wifiDelAll; then
>>> +			echo "Can't delete current wifi setup"
>>> +			exit 1
>>> +		fi
>>> +		#now we look for phy and add this
>>> +		for phy in $(iw phy | awk '/^Wiphy/{ print $2 }'); do
>>> +			if iw phy "$phy" info | grep -q -m1 "2... MHz"; then
>>> +				echo "$phy is 2.4 GHz"
>>> +				radio="$(wifiAddPhy "$phy" "$chan2ghz")"
>>> +				if [ -z "$radio" ]; then
>>> +					echo "Can't create radio for $phy"
>>> +					exit 1
>>> +				fi
>>> +			fi
>>> +			if iw phy "$phy" info | grep -q -m1 "5... MHz"; then
>>> +				echo "$phy is 5 GHz"
>>> +				radio="$(wifiAddPhy "$phy" "$chan5ghz")"
>>> +				if [ -z "$radio" ]; then
>>> +					echo "Can't create radio for $phy"
>>> +					exit 1
>>> +				fi
>>> +			fi
>>> +			#and here we add the station
>>> +			if ! wifiAddSta "$radio" "config.franken.freifunk.net" "configSta"; then
>>> +				echo "Can't add Sta interface on $radio."
>>> +				exit 1
>>> +			else
>>> +				uci -q set network.configSta=interface
>>> +				uci -q set network.configSta.proto='static'
>>> +				uci -q commit network
>>> +			fi
>>> +		done
>>> +		
>>> +		wifi
>>> +		# wait a moment to start the interface
>>> +		sleep 10;
>>> +		# and here we can download the Hoodfile from the other node
>>> +		wget -T15 -t5 "http://[fe80::1%w2sta]/keyxchangev2data" -O /tmp/keyxchangev2data
>>> +	else
>>> +		echo "We have a Gateway in Range, we load the keyxchangev2data from fe80::1"
>>> +		wget -T15 -t5 "http://[fe80::1%br-mesh]/keyxchangev2data" -O /tmp/keyxchangev2data
>>> +	fi
>>> +fi
>>> +
>>> +if [ -s /tmp/keyxchangev2data ]; then
>>> +
>>> +	# we get a json file in this format: 
>>> +	# https://pw.freifunk-franken.de/patch/205/
>>> +	# but without signature, every hood file we get is valid!
>>> +
>>> +	catnew="$(cat /tmp/keyxchangev2data | sed 's/"timestamp":[0-9]*/"timestamp":0/')"
>>> +	catold="$(cat /www/public/keyxchangev2data 2>/dev/null | sed 's/"timestamp":[0-9]*/"timestamp":0/')"
>>> +	sumnew=$(echo "$catnew" | sha256sum | cut -f1 -d " ")
>>> +	sumold=$(echo "$catold" | sha256sum | cut -f1 -d " ")
>>> +
>>> +	json_load "$(cat /tmp/keyxchangev2data)"
>>> +
>>> +	if [ "$sumnew" != "$sumold" ]; then
>>> +		echo "New file detect, we reconfigure the Node";
>>> +
>>> +		json_select hood
>>> +
>>> +		json_get_var hood name
>>> +		json_get_var mesh_bssid mesh_bssid
>>> +		json_get_var mesh_essid mesh_essid
>>> +		json_get_var essid essid
>>> +		# i think the next things we don't active this in the first version! we can do it later
>>> +		#json_get_var channel2 channel2
>>> +		#json_get_var mode2 mode2
>>> +		#json_get_var type2 type2
>>> +		#json_get_var channel5 channel5
>>> +		#json_get_var mode5 mode5
>>> +		#json_get_var type5 type5
>>> +		#json_get_var protocol protocol
>>> +		
>>> +		json_select ".." # back to root
>>> +
>>> +		echo "Setting hood name: $hood"
>>> +		uci set "system. at system[0].hood=$hood"
>>> +
>>> +		if ! wifiDelAll; then
>>> +			echo "Can't delete current wifi setup"
>>> +			exit 1
>>> +		fi
>>> +
>>> +		for phy in $(iw phy | awk '/^Wiphy/{ print $2 }'); do
>>> +			if iw phy "$phy" info | grep -q -m1 "2... MHz"; then
>>> +				echo "$phy is 2.4 GHz"
>>> +				radio="$(wifiAddPhy "$phy" "$chan2ghz")"
>>> +				if [ -z "$radio" ]; then
>>> +					echo "Can't create radio for $phy"
>>> +					exit 1
>>> +				fi
>>> +			fi
>>> +			if iw phy "$phy" info | grep -q -m1 "5... MHz"; then
>>> +				echo "$phy is 5 GHz"
>>> +				radio="$(wifiAddPhy "$phy" "$chan5ghz")"
>>> +				if [ -z "$radio" ]; then
>>> +					echo "Can't create radio for $phy"
>>> +					exit 1
>>> +				fi
>>> +			fi
>>> +
>>> +			if ! wifiAddAP "$radio" "$essid" "mesh" "ap" "0"; then
>>> +				echo "Can't add AP interface on $radio."
>>> +				exit 1
>>> +			fi
>>> +
>>> +			# here we set a bit for add hidden AP
>>> +			touch /tmp/hiddenapflag
>>> +
>>> +			if ! wifiAddAdHocMesh "$radio" "$mesh_essid" "$mesh_bssid"; then
>>> +				echo "Can't add AP interface on $radio."
>>> +				exit 1
>>> +			fi
>>> +		done
>>> +
>>> +		echo "Loading wifi"
>>> +		wifi
>>> +
>>> +		# copy the file to webroot so that other Meshrouter can download it;
>>> +		# copy only after all other steps so IF can be reentered if something goes wrong
>>> +		cp /tmp/keyxchangev2data /www/public/
>>> +
>>> +	else
>>> +		echo "We have no new file. We do nothing. We try it again in 5 minutes...";
>>> +		exit 0
>>
>> warum dieses exit? Ich hatte eben den Fall das ich hier gelandet bin
>> aber noch kein VPN aufgebaut war. Dadurch kam ich dann weiter unten
>> nicht mehr dazu die /usr/sbin/vpn-select aufzurufen und dadurch blieb
>> der Router ohne VPN (es handelt sich um einen Uplinkrouter)
>>
>> nachdem ich dieses exit 0 rausgenommen habe tut es...
>>
>> Wie ich genau in diese Situation gekommen bin weiß ich nicht, vermute
>> aber durch einen einfachen reboot oder evtl. auch durch ein
>> Gatewayneustart das ich zur gleichen Zeit durchgeführt habe.
>>
>> mfg
>>
>> Christian
>>
>>> +	fi
>>> +	
>>> +	# and now we read the VPN Data and give this data to fff-vpn
>>> +	json_select vpn
>>> +	Index=1
>>> +	rm /tmp/fastd_fff_output
>>> +	touch /tmp/fastd_fff_output
>>> +	while json_select "$Index" > /dev/null
>>> +	do
>>> +		json_get_var protocol protocol
>>> +		if [ "$protocol" == "fastd" ]; then
>>> +			json_get_var servername name
>>> +			echo "####${servername}.conf" >> /tmp/fastd_fff_output
>>> +			echo "#name \"${servername}\";" >> /tmp/fastd_fff_output
>>> +			json_get_var key key
>>> +			echo "key \"${key}\";" >> /tmp/fastd_fff_output
>>> +			json_get_var address address
>>> +			json_get_var port port
>>> +			echo "remote ipv4 \"${address}\" port $port float;" >> /tmp/fastd_fff_output
>>> +		fi
>>> +		echo "" >> /tmp/fastd_fff_output
>>> +		json_select ".." # back to vpn
>>> +		Index=$(( Index + 1 ))
>>> +	done
>>> +	echo "###" >> /tmp/fastd_fff_output
>>> +	json_select ".." # back to root
>>> +	#this we do every 5 minutes, because it can change the VPN Protocol
>>> +	#and now we get to vpn-select Script and load VPNs
>>> +	
>>> +	if hasInternet ; then
>>> +		sh /usr/sbin/vpn-select
>>> +	fi
>>> +else
>>> +	echo "We haven't got a file. We do nothing. We try it again in 5 minutes...";
>>> +	exit 0
>>> +fi
>>> diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
>>> index bb4c933..bbc87cc 100755
>>> --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
>>> +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
>>> @@ -1,7 +1,5 @@
>>>  #!/bin/sh
>>>  
>>> -test -f /tmp/started || exit
>>> -
>>>  make_config() {
>>>  # remove old config
>>>  >/etc/config/tunneldigger
>>> diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile
>>> index 166d423..305ab8d 100644
>>> --- a/src/packages/fff/fff/Makefile
>>> +++ b/src/packages/fff/fff/Makefile
>>> @@ -29,7 +29,8 @@ define Package/fff-base
>>>               +fff-wireless \
>>>               +fff-timeserver \
>>>               +fff-vpn-select \
>>> -             +simple-tc
>>> +             +simple-tc \
>>> +             +fff-hoods
>>>  endef
>>>  
>>>  define Package/fff-base/description
>>>
> 
> 
> 

-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname   : signature.asc
Dateityp    : application/pgp-signature
Dateigröße  : 833 bytes
Beschreibung: OpenPGP digital signature
URL         : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20171010/a1c1664e/attachment.sig>


Mehr Informationen über die Mailingliste franken-dev