- Move from veth to bridge to support docker networking,

- Move default config to darkstar example,
- Add cerber config example,
- Add NETWORK_DST_NAME & NETWORK_SRC_DEVICE config variables.

usr/local/lib/dns.bash

@@ -169,12 +169,17 @@ dns_tab_put()
     dtp_value="$3"
 
 
+    if [[ "${dtp_value}" == "" ]]
+    then
+	${LOG} 1>&2 "DNS: Skiping cache entry: Type: [${dtp_type}]   Key: [${dtp_key}]   Value: [${dtp_value}]"
+    else
 	${LOG} 1>&2 "DNS: Update cache entry: Type: [${dtp_type}]   Key: [${dtp_key}]   Value: [${dtp_value}]"
     
 	var_assign DNS_${dtp_type}_ID_LIST "${dtp_key}" INC
 	tab_assign DNS_${dtp_type}_TAB     "${dtp_key}" "${dtp_value}"
 
 	DNS_CACHE_UPDATED=1
+    fi
 }
 
 

usr/local/lib/network.bash

@@ -121,7 +121,7 @@ network_dst_tab_load()
             
             tab_assign NETWORK_DST_TAB     "${ndtl_id},Status"          "$( ip link show dev ${ndtl_device} 2>/dev/null | grep -q ",UP," && echo 1 || echo 0)"
 
-            ndtl_host_name="vpn${ndtl_id}.vpn.rx3"
+            ndtl_host_name="vpn${ndtl_id}.${NETWORK_DST_NAME}"
             
             tab_assign NETWORK_DST_TAB     "${ndtl_id},Host_Name"       "${ndtl_host_name}"
             dns_lookup                     "A"                          "${ndtl_host_name}" "NOCACHE"
@@ -251,6 +251,7 @@ network_dst_tab_dev_lookup()
 network_src_tab_load()
 {
               nstl_id=0
+        nstl_local_id=0
     nstl_port_default=3000
 
 
@@ -278,8 +279,18 @@ network_src_tab_load()
             
             case "${nstl_type}"
             in
-                "0"|"1") # Local + Routed
+                "0") # Local
+#                    nstl_device="${NETWORK_SRC_DEVICE}-${nstl_local_id}"
+#		    ((nstl_local_id++))
+		    [[ $nstl_host_name =~ ([0-9]+) ]]
+		    nstl_device="${NETWORK_SRC_DEVICE}-${BASH_REMATCH[1]}"
+		;;&
+		
+                "1") # Routed
                     nstl_device=""
+		;;&
+		
+                "0"|"1") # Local + Routed
                             nstl_status="2"
                     
                     nstl_bytes_received=""
@@ -369,6 +380,7 @@ network_src_tab_get()
     src_port_start=${NETWORK_SRC_TAB["${src_id},Port_Start"]}
     src_port_range=${NETWORK_SRC_TAB["${src_id},Port_Range"]}
 
+    
     if [[ "${src_port_range}" != "0" ]]
     then
 	src_port_end=$(( ${src_port_start} + ${src_port_range} - 1))
@@ -481,23 +493,34 @@ network_tab_dump()
 
 network_table_init()
 {
-    ${LOG} "Add Rx3 routes in VPN tables"
-    
-    for table in ${NETWORK_TABLE_LIST}
+    for dst_id in ${NETWORK_DST_ID_LIST}
     do
-      for route in ${IP_ROUTE}
-      do
-	${DEBUG} ip route add ${route/:*/} table ${table} dev ${route/*:/}
-      done
-    done
+	network_dst_tab_get ${dst_id}
 
-    
-    ${LOG} "Copy main default rule into table 3 (VPN Local routing table)"
+	if [[ ${dst_type} == "0" ]]
+	then
+	    ${LOG} "Copy main default route into table 3 (VPN Local routing table)"
 	    
 	    if [[ "$(ip route list match 0.0.0.0 table main)" != "" ]]
 	    then
 		${DEBUG} ip route add $(ip route list match 0.0.0.0 table main) table 3
 	    fi
+	else
+	    ${LOG} "Define default route to device: [${dst_device}] into table: [${dst_table}]"
+	    
+	    if [[ "$(ip link show ${dst_device})" != "" ]]
+	    then
+		${DEBUG} ip route add default dev ${dst_device} table ${dst_table}
+	    fi
+	fi
+	
+	${LOG} "Add Rx3 routes in VPN tables"
+	
+	for route in ${IP_ROUTE}
+	do
+	    ${DEBUG} ip route add ${route/:*/} table ${dst_table} dev ${route/*:/}
+	done
+    done
 }
 
 
@@ -568,41 +591,101 @@ network_table_set()
 
 
 #--------------------------------------------------------------------------------------------------------------------------
-# veth_up
+# bridge_up
 #--------------------------------------------------------------------------------------------------------------------------
 
-function veth_up
+function bridge_up
 {
-    vu_eth_dev_eth=$1
-       vu_peer_dev=$2
-       vu_eth_addr=$3
-       vu_eth_mask=$4
-      vu_peer_addr=$5
-          vu_table=$6
+#    set -x
+      bu_bridge_device=$1
+     bu_bridge_network=$2
+        bu_bridge_mask=$3
+     bu_bridge_address=$4
+       bu_peer_address=$5
+              bu_table=$6
 
     
-    ${LOG} "Create veth pair [${vu_eth_dev}]/[${vu_peer_dev}]..."
+    ${LOG} "Create bridge [${bu_bridge_device}]..."
     
-    ${DEBUG} ip link add  ${vu_eth_dev} type veth peer name ${vu_peer_dev}
+    ${DEBUG} ip link add name ${bu_bridge_device} type bridge
 
     
-    ${LOG} "Configure host side [${vu_eth_dev}:${vu_eth_addr}/${vu_eth_mask}]..."
+    ${LOG} "Configure host side [${bu_bridge_device}:${bu_bridge_address}/${bu_bridge_mask}]..."
     
-    ${DEBUG} ip link set ${vu_eth_dev} up
-    ${DEBUG} ip addr add ${vu_eth_addr}/${vu_eth_mask} dev ${vu_eth_dev}
+    ${DEBUG} ip link set ${bu_bridge_device} up
+    ${DEBUG} ip addr add ${bu_bridge_address}/${bu_bridge_mask} dev ${bu_bridge_device}
 
     
-    ${LOG} "Configure IP rule and routing..."
+    ${LOG} "Configure IP rule and routing [${bu_bridge_device}]..."
     
-    ${DEBUG} ip rule add  from ${vu_peer_addr} table ${vu_table}
+    ${DEBUG} ip rule add from ${bu_peer_address} table ${bu_table}
 
-
-    TABLE_LIST=${vu_table}
-
-    vu_route="$(ip route list table main | grep -e ${vu_eth_dev} | grep -e ${vu_eth_addr} | sed 's/ proto.*//')" 
-    for vu_tab in ${TABLE_LIST} 
+    for bu_tab in ${NETWORK_TABLE_LIST}
     do
-        ${DEBUG} ip route add  ${vu_route} table ${vu_tab}
+        ${DEBUG} ip route add ${bu_bridge_network}/${bu_bridge_mask} dev ${bu_bridge_device} table ${bu_tab}
+    done
+#    set +x
+}
+
+
+
+
+
+#--------------------------------------------------------------------------------------------------------------------------
+# bridge_down
+#--------------------------------------------------------------------------------------------------------------------------
+
+function bridge_down
+{  
+      bd_bridge_device=$1
+     bd_bridge_network=$2
+        bd_bridge_mask=$3
+     bd_bridge_address=$4
+       bd_peer_address=$5
+              bd_table=$6
+
+	      
+    ${LOG} "Remove IP routing and rule [${bd_bridge_device}]..."
+    
+    for bd_tab in ${NETWORK_TABLE_LIST}
+    do
+        ${DEBUG} ip route del ${bd_bridge_network}/${bd_bridge_mask} dev ${bd_bridge_device} table ${bd_tab} || true
+    done
+
+    ${DEBUG} ip rule del from ${bd_peer_address} table ${bd_table}
+    
+
+    ${LOG} "Remove bridge [${bd_bridge_device}]..."
+    
+    ${DEBUG} ip link show ${bd_bridge_device} && ${DEBUG} ip link del ${bd_bridge_device}
+}
+
+
+
+
+
+#--------------------------------------------------------------------------------------------------------------------------
+# network_bridge_init
+#--------------------------------------------------------------------------------------------------------------------------
+
+network_bridge_init()
+{
+    ${LOG} "Add all Bridges"
+
+    for src_id in ${NETWORK_SRC_ID_LIST}
+    do
+	network_src_tab_get ${src_id}
+
+	if [[ "${src_type}" == "0" ]]
+	then
+	    nbi_bridge_device="${src_device}"
+	    nbi_bridge_network="${src_ip%.*}.$(( ${src_ip/*./} - 1))"
+	    nbi_bridge_mask="30"
+	    nbi_bridge_address="${src_ip%.*}.$(( ${src_ip/*./} + 1))"
+	    nbi_peer_address="${src_ip}"
+	    
+	    bridge_up "${nbi_bridge_device}" "${nbi_bridge_network}" "${nbi_bridge_mask}" "${nbi_bridge_address}" "${nbi_peer_address}" "${src_table}"
+	fi
     done   
 }
 
@@ -611,61 +694,28 @@ function veth_up
 
 
 #--------------------------------------------------------------------------------------------------------------------------
-# veth_down
+# network_bridge_deinit
 #--------------------------------------------------------------------------------------------------------------------------
 
-function veth_down
+network_bridge_deinit()
 {
-    vd_eth_dev_eth=$1
-       vd_peer_dev=$2
-       vd_eth_addr=$3
-       vd_eth_mask=$4
-      vd_peer_addr=$5
-          vd_table=$6
+    ${LOG} "Remove all Bridge"
     
-    
-    ${LOG} "Remove IP routing and rule..."
-    
-    TABLE_LIST=${vd_table}
-
-    vd_route="$(ip route list table main | grep -e ${vd_eth_dev} | grep -e ${vd_eth_addr} | sed 's/ proto.*//')" 
-    for tab in ${TABLE_LIST} 
+    for src_id in ${NETWORK_SRC_ID_LIST}
     do
-        ${DEBUG} ip route show ${vd_route} table ${tab} &> /dev/null && ${DEBUG} ip route del  ${route} table ${tab} &> /dev/null || true
+	network_src_tab_get ${src_id}
+
+	if [[ "${src_type}" == "0" ]]
+	then
+	    nbi_bridge_device="${src_device}"
+	    nbi_bridge_network="${src_ip%.*}.$(( ${src_ip/*./} - 1))"
+	    nbi_bridge_mask="30"
+	    nbi_bridge_address="${src_ip%.*}.$(( ${src_ip/*./} + 1))"
+	    nbi_peer_address="${src_ip}"
+	    
+	    bridge_down "${nbi_bridge_device}" "${nbi_bridge_network}" "${nbi_bridge_mask}" "${nbi_bridge_address}" "${nbi_peer_address}" "${src_table}"
+	fi
     done
-    
-    ${DEBUG} ip rule del from ${vd_peer_addr} &> /dev/null || true
-
-
-    ${LOG} "Remove veth pair..."
-    
-    ${DEBUG} ip link show ${vd_eth_dev} &> /dev/null && ${DEBUG} ip link del ${vd_eth_dev} &> /dev/null
-}
-
-
-
-
-
-#--------------------------------------------------------------------------------------------------------------------------
-# network_veth_init
-#--------------------------------------------------------------------------------------------------------------------------
-
-network_veth_init()
-{
-    ${LOG} "Add VEth"
-}
-
-
-
-
-
-#--------------------------------------------------------------------------------------------------------------------------
-# network_veth_deinit
-#--------------------------------------------------------------------------------------------------------------------------
-
-network_veth_deinit()
-{
-    ${LOG} "Remove VEth"
 }
 
 
@@ -803,7 +853,7 @@ network_start()
 {
     network_table_init
 
-    network_veth_init
+    network_bridge_init
     
     network_forward_start
 }
@@ -820,7 +870,7 @@ network_stop()
 {
     network_forward_stop
     
-    network_veth_deinit
+    network_bridge_deinit
     
     network_table_deinit
 }

usr/local/sbin/rx3_net_adm

@@ -7,7 +7,7 @@ prog="rx3-net"
 DEBUG="echo"
 #DEBUG=":"
 
-LOG=":"
+#LOG=":"
 #LOG="echo"