Rx3/network_tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

- Move from veth to bridge to support docker networking,

Browse Source 
- Move default config to darkstar example,
- Add cerber config example,
- Add NETWORK_DST_NAME & NETWORK_SRC_DEVICE config variables.
This commit is contained in:
Arnaud G. GIBERT
2025-07-05 19:30:34 +02:00
parent 41ad7590d9
commit 3366399b37
3 changed files with 126 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
usr/local/lib/dns.bash
View File

@@ -169,12 +169,17 @@ dns_tab_put()
dtp_value="$3" dtp_value="$3"
${LOG} 1>&2 "DNS: Update cache entry: Type: [${dtp_type}] Key: [${dtp_key}] Value: [${dtp_value}]" if [[ "${dtp_value}" == "" ]]
then
${LOG} 1>&2 "DNS: Skiping cache entry: Type: [${dtp_type}] Key: [${dtp_key}] Value: [${dtp_value}]"
else
${LOG} 1>&2 "DNS: Update cache entry: Type: [${dtp_type}] Key: [${dtp_key}] Value: [${dtp_value}]"
var_assign DNS_${dtp_type}_ID_LIST "${dtp_key}" INC var_assign DNS_${dtp_type}_ID_LIST "${dtp_key}" INC
tab_assign DNS_${dtp_type}_TAB "${dtp_key}" "${dtp_value}" tab_assign DNS_${dtp_type}_TAB "${dtp_key}" "${dtp_value}"
DNS_CACHE_UPDATED=1 DNS_CACHE_UPDATED=1
fi
} }

228
usr/local/lib/network.bash
View File

@@ -121,7 +121,7 @@ network_dst_tab_load()
tab_assign NETWORK_DST_TAB "${ndtl_id},Status" "$( ip link show dev ${ndtl_device} 2>/dev/null | grep -q ",UP," && echo 1 || echo 0)" tab_assign NETWORK_DST_TAB "${ndtl_id},Status" "$( ip link show dev ${ndtl_device} 2>/dev/null | grep -q ",UP," && echo 1 || echo 0)"
ndtl_host_name="vpn${ndtl_id}.vpn.rx3" ndtl_host_name="vpn${ndtl_id}.${NETWORK_DST_NAME}"
tab_assign NETWORK_DST_TAB "${ndtl_id},Host_Name" "${ndtl_host_name}" tab_assign NETWORK_DST_TAB "${ndtl_id},Host_Name" "${ndtl_host_name}"
dns_lookup "A" "${ndtl_host_name}" "NOCACHE" dns_lookup "A" "${ndtl_host_name}" "NOCACHE"
@@ -251,6 +251,7 @@ network_dst_tab_dev_lookup()
network_src_tab_load() network_src_tab_load()
{ {
nstl_id=0 nstl_id=0
nstl_local_id=0
nstl_port_default=3000 nstl_port_default=3000
@@ -278,8 +279,18 @@ network_src_tab_load()
case "${nstl_type}" case "${nstl_type}"
in in
"0") # Local
# nstl_device="${NETWORK_SRC_DEVICE}-${nstl_local_id}"
# ((nstl_local_id++))
[[ $nstl_host_name =~ ([0-9]+) ]]
nstl_device="${NETWORK_SRC_DEVICE}-${BASH_REMATCH[1]}"
;;&
"1") # Routed
nstl_device=""
;;&
"0"|"1") # Local + Routed "0"|"1") # Local + Routed
nstl_device=""
nstl_status="2" nstl_status="2"
nstl_bytes_received="" nstl_bytes_received=""
@@ -369,6 +380,7 @@ network_src_tab_get()
src_port_start=${NETWORK_SRC_TAB["${src_id},Port_Start"]} src_port_start=${NETWORK_SRC_TAB["${src_id},Port_Start"]}
src_port_range=${NETWORK_SRC_TAB["${src_id},Port_Range"]} src_port_range=${NETWORK_SRC_TAB["${src_id},Port_Range"]}
if [[ "${src_port_range}" != "0" ]] if [[ "${src_port_range}" != "0" ]]
then then
src_port_end=$(( ${src_port_start} + ${src_port_range} - 1)) src_port_end=$(( ${src_port_start} + ${src_port_range} - 1))
@@ -481,23 +493,34 @@ network_tab_dump()
network_table_init() network_table_init()
{ {
${LOG} "Add Rx3 routes in VPN tables" for dst_id in ${NETWORK_DST_ID_LIST}
for table in ${NETWORK_TABLE_LIST}
do do
for route in ${IP_ROUTE} network_dst_tab_get ${dst_id}
do
${DEBUG} ip route add ${route/:*/} table ${table} dev ${route/*:/} if [[ ${dst_type} == "0" ]]
done then
${LOG} "Copy main default route into table 3 (VPN Local routing table)"
if [[ "$(ip route list match 0.0.0.0 table main)" != "" ]]
then
${DEBUG} ip route add $(ip route list match 0.0.0.0 table main) table 3
fi
else
${LOG} "Define default route to device: [${dst_device}] into table: [${dst_table}]"
if [[ "$(ip link show ${dst_device})" != "" ]]
then
${DEBUG} ip route add default dev ${dst_device} table ${dst_table}
fi
fi
${LOG} "Add Rx3 routes in VPN tables"
for route in ${IP_ROUTE}
do
${DEBUG} ip route add ${route/:*/} table ${dst_table} dev ${route/*:/}
done
done done
${LOG} "Copy main default rule into table 3 (VPN Local routing table)"
if [[ "$(ip route list match 0.0.0.0 table main)" != "" ]]
then
${DEBUG} ip route add $(ip route list match 0.0.0.0 table main) table 3
fi
} }
@@ -568,41 +591,101 @@ network_table_set()
#-------------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------------
# veth_up # bridge_up
#-------------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------------
function veth_up function bridge_up
{ {
vu_eth_dev_eth=$1 # set -x
vu_peer_dev=$2 bu_bridge_device=$1
vu_eth_addr=$3 bu_bridge_network=$2
vu_eth_mask=$4 bu_bridge_mask=$3
vu_peer_addr=$5 bu_bridge_address=$4
vu_table=$6 bu_peer_address=$5
bu_table=$6
${LOG} "Create veth pair [${vu_eth_dev}]/[${vu_peer_dev}]..." ${LOG} "Create bridge [${bu_bridge_device}]..."
${DEBUG} ip link add ${vu_eth_dev} type veth peer name ${vu_peer_dev} ${DEBUG} ip link add name ${bu_bridge_device} type bridge
${LOG} "Configure host side [${vu_eth_dev}:${vu_eth_addr}/${vu_eth_mask}]..." ${LOG} "Configure host side [${bu_bridge_device}:${bu_bridge_address}/${bu_bridge_mask}]..."
${DEBUG} ip link set ${vu_eth_dev} up ${DEBUG} ip link set ${bu_bridge_device} up
${DEBUG} ip addr add ${vu_eth_addr}/${vu_eth_mask} dev ${vu_eth_dev} ${DEBUG} ip addr add ${bu_bridge_address}/${bu_bridge_mask} dev ${bu_bridge_device}
${LOG} "Configure IP rule and routing..." ${LOG} "Configure IP rule and routing [${bu_bridge_device}]..."
${DEBUG} ip rule add from ${vu_peer_addr} table ${vu_table} ${DEBUG} ip rule add from ${bu_peer_address} table ${bu_table}
for bu_tab in ${NETWORK_TABLE_LIST}
TABLE_LIST=${vu_table}
vu_route="$(ip route list table main | grep -e ${vu_eth_dev} | grep -e ${vu_eth_addr} | sed 's/ proto.*//')"
for vu_tab in ${TABLE_LIST}
do do
${DEBUG} ip route add ${vu_route} table ${vu_tab} ${DEBUG} ip route add ${bu_bridge_network}/${bu_bridge_mask} dev ${bu_bridge_device} table ${bu_tab}
done
# set +x
}
#--------------------------------------------------------------------------------------------------------------------------
# bridge_down
#--------------------------------------------------------------------------------------------------------------------------
function bridge_down
{
bd_bridge_device=$1
bd_bridge_network=$2
bd_bridge_mask=$3
bd_bridge_address=$4
bd_peer_address=$5
bd_table=$6
${LOG} "Remove IP routing and rule [${bd_bridge_device}]..."
for bd_tab in ${NETWORK_TABLE_LIST}
do
${DEBUG} ip route del ${bd_bridge_network}/${bd_bridge_mask} dev ${bd_bridge_device} table ${bd_tab} || true
done
${DEBUG} ip rule del from ${bd_peer_address} table ${bd_table}
${LOG} "Remove bridge [${bd_bridge_device}]..."
${DEBUG} ip link show ${bd_bridge_device} && ${DEBUG} ip link del ${bd_bridge_device}
}
#--------------------------------------------------------------------------------------------------------------------------
# network_bridge_init
#--------------------------------------------------------------------------------------------------------------------------
network_bridge_init()
{
${LOG} "Add all Bridges"
for src_id in ${NETWORK_SRC_ID_LIST}
do
network_src_tab_get ${src_id}
if [[ "${src_type}" == "0" ]]
then
nbi_bridge_device="${src_device}"
nbi_bridge_network="${src_ip%.*}.$(( ${src_ip/*./} - 1))"
nbi_bridge_mask="30"
nbi_bridge_address="${src_ip%.*}.$(( ${src_ip/*./} + 1))"
nbi_peer_address="${src_ip}"
bridge_up "${nbi_bridge_device}" "${nbi_bridge_network}" "${nbi_bridge_mask}" "${nbi_bridge_address}" "${nbi_peer_address}" "${src_table}"
fi
done done
} }
@@ -611,61 +694,28 @@ function veth_up
#-------------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------------
# veth_down # network_bridge_deinit
#-------------------------------------------------------------------------------------------------------------------------- #--------------------------------------------------------------------------------------------------------------------------
function veth_down network_bridge_deinit()
{ {
vd_eth_dev_eth=$1 ${LOG} "Remove all Bridge"
vd_peer_dev=$2
vd_eth_addr=$3
vd_eth_mask=$4
vd_peer_addr=$5
vd_table=$6
for src_id in ${NETWORK_SRC_ID_LIST}
${LOG} "Remove IP routing and rule..."
TABLE_LIST=${vd_table}
vd_route="$(ip route list table main | grep -e ${vd_eth_dev} | grep -e ${vd_eth_addr} | sed 's/ proto.*//')"
for tab in ${TABLE_LIST}
do do
${DEBUG} ip route show ${vd_route} table ${tab} &> /dev/null && ${DEBUG} ip route del ${route} table ${tab} &> /dev/null || true network_src_tab_get ${src_id}
if [[ "${src_type}" == "0" ]]
then
nbi_bridge_device="${src_device}"
nbi_bridge_network="${src_ip%.*}.$(( ${src_ip/*./} - 1))"
nbi_bridge_mask="30"
nbi_bridge_address="${src_ip%.*}.$(( ${src_ip/*./} + 1))"
nbi_peer_address="${src_ip}"
bridge_down "${nbi_bridge_device}" "${nbi_bridge_network}" "${nbi_bridge_mask}" "${nbi_bridge_address}" "${nbi_peer_address}" "${src_table}"
fi
done done
${DEBUG} ip rule del from ${vd_peer_addr} &> /dev/null || true
${LOG} "Remove veth pair..."
${DEBUG} ip link show ${vd_eth_dev} &> /dev/null && ${DEBUG} ip link del ${vd_eth_dev} &> /dev/null
}
#--------------------------------------------------------------------------------------------------------------------------
# network_veth_init
#--------------------------------------------------------------------------------------------------------------------------
network_veth_init()
{
${LOG} "Add VEth"
}
#--------------------------------------------------------------------------------------------------------------------------
# network_veth_deinit
#--------------------------------------------------------------------------------------------------------------------------
network_veth_deinit()
{
${LOG} "Remove VEth"
} }
@@ -803,7 +853,7 @@ network_start()
{ {
network_table_init network_table_init
network_veth_init network_bridge_init
network_forward_start network_forward_start
} }
@@ -820,7 +870,7 @@ network_stop()
{ {
network_forward_stop network_forward_stop
network_veth_deinit network_bridge_deinit
network_table_deinit network_table_deinit
} }

2
usr/local/sbin/rx3_net_adm
View File

@@ -7,7 +7,7 @@ prog="rx3-net"
DEBUG="echo" DEBUG="echo"
#DEBUG=":" #DEBUG=":"
LOG=":" #LOG=":"
#LOG="echo" #LOG="echo"