[PATCH v16 4/6] Add fff-hoods
Christian Dresel
fff at chrisi01.de
Di Okt 10 15:05:49 CEST 2017
Im jetztigen Zustand ist vermutlich auch folgendes sehr interessant:
root at c25testknoten:/tmp# wifi
Command failed: Request timed out
root at c25testknoten:/tmp#
mfg
Christian
On 10.10.2017 15:02, Christian Dresel wrote:
> hi
>
> On 06.10.2017 15:45, Christian Dresel wrote:
>> hi
>>
>> On 05.10.2017 15:37, Adrian Schmutzler wrote:
>>> From: Christian Dresel <fff at chrisi01.de>
>>>
>>> This package connects to keyxchangev2
>>>
>>> Signed-off-by: Christian Dresel <fff at chrisi01.de>
>>> Signed-off-by: Jan Kraus <mayosemmel at gmail.com>
>>> Signed-off-by: Adrian Schmutzler <freifunk at adrianschmutzler.de>
>>>
>>> Update in v2:
>>> - clean tabstops
>>> - move the json vpn out of the if because we need this after reboot
>>>
>>> Update in v5:
>>> !!UNTESTED!!
>>> - change hidden AP ip to locallink
>>> - Open hidden AP after more checks
>>> - Load json File from Gateway if Gateway in Batman in Range
>>>
>>> Update in v6:
>>> !!UNTESTED!!
>>> - fix hidden station v6
>>> - fix -n to -f if
>>> - Add function to check for a gateway and use this
>>> - remove /etc/community.cfg and variables
>>> - send fewer infos to keyxchangev2
>>> - add a check if /tmp/keyxchangev2 not downloadable and edit a bit on the wgets
>>> - change the position from json_load and do this only 1 times
>>>
>>> Update in v7:
>>> !!UNTESTED!!
>>> - delete keyxchangev2data at start of the script
>>> - do only things with keyxchangev2data if available
>>> - change keyxchangev2 url
>>>
>>> Update in v8/v9:
>>> - rebase onto 20170918-beta
>>>
>>> Update in v10:
>>> - Minor code fixes
>>> - Added fff-hoods to fff-base Makefile
>>> - Removed trailing whitespaces and harmonized tabs
>>> - Fixed some comments spelling
>>> - Added mac for hostname rewrite
>>> - Removed redundant check for /tmp/keyxchangev2data
>>>
>>> Update in v11:
>>> - Changed isGatewayAvailable to return integers (bool is
>>> not valid) and removed brackets for evaluations
>>> - Added variables for channels as they are used twice
>>> - Fixed $radio not set at the beginning (WORKAROUND!)
>>> - Changed OpenWRT to LEDE
>>> - Correctly reset json_select before reuse
>>> - Some tidying-up of comments and quotes
>>> - Fixed vpn loop so it works for more than one host (TESTED)
>>> - Fixed "else" if no file received
>>>
>>> Changes in v12:
>>> - Removed obsolete hostname
>>>
>>> Changes in v14 (Tested, working Inet+mesh):
>>> - Fixed stderr redirect
>>> - Added call of configurehood to rc.local, so it is triggered
>>> if wan does not come up. To prevent race condition,
>>> hotplug.d is removed.
>>> - Added wifi call to configAP setup
>>> - Remove hiddenap flag after successful setup
>>> - Added -q to uci calls
>>> - Added network interface configSta
>>> - Substitute timestamp to enable SHA comparison
>>> - Removed started-check from vpn-select
>>>
>>> Changes in v15:
>>> - Fixed 5 GHz channel
>>> - Only start vpn-select if router has internet
>>> - Put ping into function since it is used twice
>>> - Check for started in micrond to prevent race condition
>>> - Moved copy of keyxchangev2data to the end
>>>
>>> Changes in v16:
>>> - Open configap for both 2.4 and 5 GHz
>>> ---
>>> bsp/default/root_file_system/etc/rc.local | 4 +
>>> src/packages/fff/fff-hoods/Makefile | 39 ++++
>>> .../fff/fff-hoods/files/usr/lib/micron.d/fff-hoods | 1 +
>>> .../fff/fff-hoods/files/usr/sbin/configurehood | 230 +++++++++++++++++++++
>>> .../fff/fff-vpn-select/files/usr/sbin/vpn-select | 2 -
>>> src/packages/fff/fff/Makefile | 3 +-
>>> 6 files changed, 276 insertions(+), 3 deletions(-)
>>> create mode 100644 src/packages/fff/fff-hoods/Makefile
>>> create mode 100644 src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>>> create mode 100755 src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>>>
>>> diff --git a/bsp/default/root_file_system/etc/rc.local b/bsp/default/root_file_system/etc/rc.local
>>> index bd972fb..59042c3 100755
>>> --- a/bsp/default/root_file_system/etc/rc.local
>>> +++ b/bsp/default/root_file_system/etc/rc.local
>>> @@ -4,6 +4,10 @@
>>>
>>> /usr/sbin/configurenetwork
>>>
>>> +sleep 3
>>> +
>>> +/usr/sbin/configurehood
>>> +
>>> touch /tmp/started
>>>
>>> exit 0
>>> diff --git a/src/packages/fff/fff-hoods/Makefile b/src/packages/fff/fff-hoods/Makefile
>>> new file mode 100644
>>> index 0000000..f85178d
>>> --- /dev/null
>>> +++ b/src/packages/fff/fff-hoods/Makefile
>>> @@ -0,0 +1,39 @@
>>> +include $(TOPDIR)/rules.mk
>>> +
>>> +PKG_NAME:=fff-hoods
>>> +PKG_VERSION:=0.0.1
>>> +PKG_RELEASE:=1
>>> +
>>> +PKG_BUILD_DIR:=$(BUILD_DIR)/fff-hoods
>>> +
>>> +include $(INCLUDE_DIR)/package.mk
>>> +
>>> +define Package/fff-hoods
>>> + SECTION:=base
>>> + CATEGORY:=Freifunk
>>> + TITLE:= Freifunk-Franken hoods
>>> + URL:=http://www.freifunk-franken.de
>>> + DEPENDS:=+fff-network
>>> +endef
>>> +
>>> +define Package/fff-hoods/description
>>> + This package load and configures the current hood
>>> +endef
>>> +
>>> +define Build/Prepare
>>> + echo "all: " > $(PKG_BUILD_DIR)/Makefile
>>> +endef
>>> +
>>> +define Build/Configure
>>> + # nothing
>>> +endef
>>> +
>>> +define Build/Compile
>>> + # nothing
>>> +endef
>>> +
>>> +define Package/fff-hoods/install
>>> + $(CP) ./files/* $(1)/
>>> +endef
>>> +
>>> +$(eval $(call BuildPackage,fff-hoods))
>>> diff --git a/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods b/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>>> new file mode 100644
>>> index 0000000..39e800e
>>> --- /dev/null
>>> +++ b/src/packages/fff/fff-hoods/files/usr/lib/micron.d/fff-hoods
>>> @@ -0,0 +1 @@
>>> +*/5 * * * * [ -f /tmp/started ] && /usr/sbin/configurehood
>>> diff --git a/src/packages/fff/fff-hoods/files/usr/sbin/configurehood b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>>> new file mode 100755
>>> index 0000000..ab6bd53
>>> --- /dev/null
>>> +++ b/src/packages/fff/fff-hoods/files/usr/sbin/configurehood
>>> @@ -0,0 +1,230 @@
>>> +#!/bin/sh
>>> +
>>> +. /usr/share/libubox/jshn.sh
>>> +. /lib/functions/fff/wireless
>>> +
>>> +rm /tmp/keyxchangev2data
>>> +
>>> +# Gatewaycheck function
>>> +isGatewayAvailable() {
>>> + if [ "$(batctl gwl | wc -l)" -gt 2 ]; then
>>> + return 0
>>> + else
>>> + return 1
>>> + fi
>>> +}
>>> +
>>> +# Ping test
>>> +hasInternet() {
>>> + test_ipv4_host1="keyserver.freifunk-franken.de" # Freifunk-Franken keyserver
>>> + test_ipv4_host2="8.8.8.8" # Google DNS
>>> + test_ipv6_host1="heise.de" # heise Zeitschriftenverlag
>>> + if ping -w5 -c3 "$test_ipv4_host1" &>/dev/null ||
>>> + ping -w5 -c3 "$test_ipv4_host2" &>/dev/null ||
>>> + ping6 -w5 -c3 "$test_ipv6_host1" &>/dev/null ; then
>>> + return 0
>>> + fi
>>> + return 1
>>> +}
>>> +
>>> +chan2ghz="1"
>>> +chan5ghz="36"
>>> +
>>> +# Hidden AP check
>>> +
>>> +if [ -f /tmp/hiddenapflag ]; then
>>> + if isGatewayAvailable ; then
>>> +
>>> + uci set network.configap=interface
>>> + uci set network.configap.proto='static'
>>> + uci set network.configap.ip6addr='fe80::1/64'
>>> + uci commit network
>>> +
>>> + for radio in $(uci show wireless | sed -n 's,.*\.\([a-z0-9]*\)=wifi-device,\1,p'); do
>>> + if ! wifiAddAP "$radio" "config.franken.freifunk.net" "configap" "configap" "1"; then
>>> + echo "Can't add Config interface on $radio."
>>> + exit 1
>>> + fi
>>> + done
>
> ich bekomm die fe80::1 nicht ans wXconfigap gehangen:
>
> w2configap Link encap:Ethernet HWaddr 56:C7:BF:3B:3C:3E
> inet6 addr: fe80::54c7:bfff:fe3b:3c3e/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:0 (0.0 B) TX bytes:432 (432.0 B)
>
> [...]
>
> w5configap Link encap:Ethernet HWaddr 56:C7:BF:3B:3C:3D
> inet6 addr: fe80::54c7:bfff:fe3b:3c3d/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
> TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:0 (0.0 B) TX bytes:728 (728.0 B)
>
> root at c25testknoten:/tmp# uci show etwork.configap.ip6addr
> uci: Entry not found
> root at c25testknoten:/tmp# uci show network.configap.ip6addr
> network.configap.ip6addr='fe80::1/64'
> root at c25testknoten:/tmp# cat /etc/config/wireless
>
> [...]
>
> config wifi-iface 'w2configap'
> option device 'radio1'
> option network 'configap'
> option ifname 'w2configap'
> option mode 'ap'
> option ssid 'config.franken.freifunk.net'
> option encryption 'none'
> option hidden '1'
>
> config wifi-iface 'w5configap'
> option device 'radio0'
> option network 'configap'
> option ifname 'w5configap'
> option mode 'ap'
> option ssid 'config.franken.freifunk.net'
> option encryption 'none'
> option hidden '1'
>
>
> weiß gerade nicht warum aber irgendwas hakt da noch. Eingespielt ist
> folgende Patchreihe:
>
> 527 523 528 525 524 526 531 532 535 545 546 550 551 555 556
>
> mfg
>
> Christian
>
>
>>> +
>>> + wifi
>>> + fi
>>> + rm /tmp/hiddenapflag
>>> +fi
>>> +
>>> +lat=$(uci -q get system. at system[0].latitude)
>>> +long=$(uci -q get system. at system[0].longitude)
>>> +
>>> +# if we have Internet, we download the Hoodfile from the keyxchangev2
>>> +if hasInternet ; then
>>> + wget -T15 -t5 "http://keyserver.freifunk-franken.de/v2/?lat=$lat&long=$long" -O /tmp/keyxchangev2data
>>> + #if no Internet, we connect to the hidden AP and download the file from another Node in range
>>> +else
>>> + # connect to wireless hidden ap here and download the json File from the nearest router
>>> + # Only do that, when we have no gateway in range. If the Uplinkrouter changed the hood, we lost the GW and do this automatically again, I think! Nice idea?
>>> + if ! isGatewayAvailable ; then
>>> + #now we haven't a gateway in Range, we search for a hidden AP to get a keyxchangev2data file!
>>> + #first we delete all wifi settings
>>> + if ! wifiDelAll; then
>>> + echo "Can't delete current wifi setup"
>>> + exit 1
>>> + fi
>>> + #now we look for phy and add this
>>> + for phy in $(iw phy | awk '/^Wiphy/{ print $2 }'); do
>>> + if iw phy "$phy" info | grep -q -m1 "2... MHz"; then
>>> + echo "$phy is 2.4 GHz"
>>> + radio="$(wifiAddPhy "$phy" "$chan2ghz")"
>>> + if [ -z "$radio" ]; then
>>> + echo "Can't create radio for $phy"
>>> + exit 1
>>> + fi
>>> + fi
>>> + if iw phy "$phy" info | grep -q -m1 "5... MHz"; then
>>> + echo "$phy is 5 GHz"
>>> + radio="$(wifiAddPhy "$phy" "$chan5ghz")"
>>> + if [ -z "$radio" ]; then
>>> + echo "Can't create radio for $phy"
>>> + exit 1
>>> + fi
>>> + fi
>>> + #and here we add the station
>>> + if ! wifiAddSta "$radio" "config.franken.freifunk.net" "configSta"; then
>>> + echo "Can't add Sta interface on $radio."
>>> + exit 1
>>> + else
>>> + uci -q set network.configSta=interface
>>> + uci -q set network.configSta.proto='static'
>>> + uci -q commit network
>>> + fi
>>> + done
>>> +
>>> + wifi
>>> + # wait a moment to start the interface
>>> + sleep 10;
>>> + # and here we can download the Hoodfile from the other node
>>> + wget -T15 -t5 "http://[fe80::1%w2sta]/keyxchangev2data" -O /tmp/keyxchangev2data
>>> + else
>>> + echo "We have a Gateway in Range, we load the keyxchangev2data from fe80::1"
>>> + wget -T15 -t5 "http://[fe80::1%br-mesh]/keyxchangev2data" -O /tmp/keyxchangev2data
>>> + fi
>>> +fi
>>> +
>>> +if [ -s /tmp/keyxchangev2data ]; then
>>> +
>>> + # we get a json file in this format:
>>> + # https://pw.freifunk-franken.de/patch/205/
>>> + # but without signature, every hood file we get is valid!
>>> +
>>> + catnew="$(cat /tmp/keyxchangev2data | sed 's/"timestamp":[0-9]*/"timestamp":0/')"
>>> + catold="$(cat /www/public/keyxchangev2data 2>/dev/null | sed 's/"timestamp":[0-9]*/"timestamp":0/')"
>>> + sumnew=$(echo "$catnew" | sha256sum | cut -f1 -d " ")
>>> + sumold=$(echo "$catold" | sha256sum | cut -f1 -d " ")
>>> +
>>> + json_load "$(cat /tmp/keyxchangev2data)"
>>> +
>>> + if [ "$sumnew" != "$sumold" ]; then
>>> + echo "New file detect, we reconfigure the Node";
>>> +
>>> + json_select hood
>>> +
>>> + json_get_var hood name
>>> + json_get_var mesh_bssid mesh_bssid
>>> + json_get_var mesh_essid mesh_essid
>>> + json_get_var essid essid
>>> + # i think the next things we don't active this in the first version! we can do it later
>>> + #json_get_var channel2 channel2
>>> + #json_get_var mode2 mode2
>>> + #json_get_var type2 type2
>>> + #json_get_var channel5 channel5
>>> + #json_get_var mode5 mode5
>>> + #json_get_var type5 type5
>>> + #json_get_var protocol protocol
>>> +
>>> + json_select ".." # back to root
>>> +
>>> + echo "Setting hood name: $hood"
>>> + uci set "system. at system[0].hood=$hood"
>>> +
>>> + if ! wifiDelAll; then
>>> + echo "Can't delete current wifi setup"
>>> + exit 1
>>> + fi
>>> +
>>> + for phy in $(iw phy | awk '/^Wiphy/{ print $2 }'); do
>>> + if iw phy "$phy" info | grep -q -m1 "2... MHz"; then
>>> + echo "$phy is 2.4 GHz"
>>> + radio="$(wifiAddPhy "$phy" "$chan2ghz")"
>>> + if [ -z "$radio" ]; then
>>> + echo "Can't create radio for $phy"
>>> + exit 1
>>> + fi
>>> + fi
>>> + if iw phy "$phy" info | grep -q -m1 "5... MHz"; then
>>> + echo "$phy is 5 GHz"
>>> + radio="$(wifiAddPhy "$phy" "$chan5ghz")"
>>> + if [ -z "$radio" ]; then
>>> + echo "Can't create radio for $phy"
>>> + exit 1
>>> + fi
>>> + fi
>>> +
>>> + if ! wifiAddAP "$radio" "$essid" "mesh" "ap" "0"; then
>>> + echo "Can't add AP interface on $radio."
>>> + exit 1
>>> + fi
>>> +
>>> + # here we set a bit for add hidden AP
>>> + touch /tmp/hiddenapflag
>>> +
>>> + if ! wifiAddAdHocMesh "$radio" "$mesh_essid" "$mesh_bssid"; then
>>> + echo "Can't add AP interface on $radio."
>>> + exit 1
>>> + fi
>>> + done
>>> +
>>> + echo "Loading wifi"
>>> + wifi
>>> +
>>> + # copy the file to webroot so that other Meshrouter can download it;
>>> + # copy only after all other steps so IF can be reentered if something goes wrong
>>> + cp /tmp/keyxchangev2data /www/public/
>>> +
>>> + else
>>> + echo "We have no new file. We do nothing. We try it again in 5 minutes...";
>>> + exit 0
>>
>> warum dieses exit? Ich hatte eben den Fall das ich hier gelandet bin
>> aber noch kein VPN aufgebaut war. Dadurch kam ich dann weiter unten
>> nicht mehr dazu die /usr/sbin/vpn-select aufzurufen und dadurch blieb
>> der Router ohne VPN (es handelt sich um einen Uplinkrouter)
>>
>> nachdem ich dieses exit 0 rausgenommen habe tut es...
>>
>> Wie ich genau in diese Situation gekommen bin weiß ich nicht, vermute
>> aber durch einen einfachen reboot oder evtl. auch durch ein
>> Gatewayneustart das ich zur gleichen Zeit durchgeführt habe.
>>
>> mfg
>>
>> Christian
>>
>>> + fi
>>> +
>>> + # and now we read the VPN Data and give this data to fff-vpn
>>> + json_select vpn
>>> + Index=1
>>> + rm /tmp/fastd_fff_output
>>> + touch /tmp/fastd_fff_output
>>> + while json_select "$Index" > /dev/null
>>> + do
>>> + json_get_var protocol protocol
>>> + if [ "$protocol" == "fastd" ]; then
>>> + json_get_var servername name
>>> + echo "####${servername}.conf" >> /tmp/fastd_fff_output
>>> + echo "#name \"${servername}\";" >> /tmp/fastd_fff_output
>>> + json_get_var key key
>>> + echo "key \"${key}\";" >> /tmp/fastd_fff_output
>>> + json_get_var address address
>>> + json_get_var port port
>>> + echo "remote ipv4 \"${address}\" port $port float;" >> /tmp/fastd_fff_output
>>> + fi
>>> + echo "" >> /tmp/fastd_fff_output
>>> + json_select ".." # back to vpn
>>> + Index=$(( Index + 1 ))
>>> + done
>>> + echo "###" >> /tmp/fastd_fff_output
>>> + json_select ".." # back to root
>>> + #this we do every 5 minutes, because it can change the VPN Protocol
>>> + #and now we get to vpn-select Script and load VPNs
>>> +
>>> + if hasInternet ; then
>>> + sh /usr/sbin/vpn-select
>>> + fi
>>> +else
>>> + echo "We haven't got a file. We do nothing. We try it again in 5 minutes...";
>>> + exit 0
>>> +fi
>>> diff --git a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
>>> index bb4c933..bbc87cc 100755
>>> --- a/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
>>> +++ b/src/packages/fff/fff-vpn-select/files/usr/sbin/vpn-select
>>> @@ -1,7 +1,5 @@
>>> #!/bin/sh
>>>
>>> -test -f /tmp/started || exit
>>> -
>>> make_config() {
>>> # remove old config
>>> >/etc/config/tunneldigger
>>> diff --git a/src/packages/fff/fff/Makefile b/src/packages/fff/fff/Makefile
>>> index 166d423..305ab8d 100644
>>> --- a/src/packages/fff/fff/Makefile
>>> +++ b/src/packages/fff/fff/Makefile
>>> @@ -29,7 +29,8 @@ define Package/fff-base
>>> +fff-wireless \
>>> +fff-timeserver \
>>> +fff-vpn-select \
>>> - +simple-tc
>>> + +simple-tc \
>>> + +fff-hoods
>>> endef
>>>
>>> define Package/fff-base/description
>>>
>
>
>
-------------- nächster Teil --------------
Ein Dateianhang mit Binärdaten wurde abgetrennt...
Dateiname : signature.asc
Dateityp : application/pgp-signature
Dateigröße : 833 bytes
Beschreibung: OpenPGP digital signature
URL : <http://lists.freifunk.net/pipermail/franken-dev-freifunk.net/attachments/20171010/a1c1664e/attachment.sig>
Mehr Informationen über die Mailingliste franken-dev