mirror of
https://dev.iopsys.eu/feed/iopsys.git
synced 2025-12-10 07:44:50 +01:00
map-agent: verD: files traffic_separation
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@iopsys.eu>
This commit is contained in:
Janusz Dziedzic
parent
245dbaacda
commit
e6427ae2f8
1 changed files with 19 additions and 136 deletions
|
|
@ -24,121 +24,32 @@ EOF
|
|||
|
||||
ts_create() {
|
||||
_net_setup() {
|
||||
local name=$1
|
||||
local vid=$2
|
||||
local proto=$3
|
||||
local dev=$4
|
||||
local port_dev=$5
|
||||
local vid=$1
|
||||
local name="vlan${vid}"
|
||||
local br_dev="${AL_BRIDGE/-/_}"
|
||||
local tag=":t"
|
||||
local self_flags="untagged"
|
||||
|
||||
[ -z "$(uci -q get network.${name})" ] || return
|
||||
|
||||
local ip_addr="192.168.${vid}.1"
|
||||
local br_dev="${AL_BRIDGE/-/_}"
|
||||
local tag=":t"
|
||||
uci -q set network.${name}="bridge-vlan"
|
||||
uci -q set network.${name}.name="${name}"
|
||||
uci -q set network.${name}.device="$AL_BRIDGE"
|
||||
uci -q set network.${name}.vlan="$vid"
|
||||
|
||||
[ "${vid}" = "${PRIMARY_VID}" ] && {
|
||||
tag=""
|
||||
|
||||
# Global options
|
||||
[ -z "$(uci -q get network.${br_dev}.vlan_filtering)" ] && {
|
||||
uci -q set network.${br_dev}.vlan_filtering=1;
|
||||
}
|
||||
|
||||
uci -q delete network.lan.proto
|
||||
uci -q delete network.lan.ipaddr
|
||||
uci -q delete network.lan.netmask
|
||||
uci -q delete network.lan.ip6assign
|
||||
}
|
||||
|
||||
uci -q set network.${name}="interface"
|
||||
uci -q set network.${name}.device="$dev"
|
||||
uci -q set network.${name}.is_lan="1"
|
||||
|
||||
if [ "$proto" = "static" ] ; then
|
||||
uci -q set network.${name}.proto="static"
|
||||
# TODO vid > 255
|
||||
uci -q set network.${name}.ipaddr="${ip_addr}"
|
||||
uci -q set network.${name}.netmask="255.255.255.0"
|
||||
uci -q set network.${name}.ip6assign '60'
|
||||
else
|
||||
uci -q set network.${name}.proto="dhcp"
|
||||
fi
|
||||
|
||||
uci -q add network bridge-vlan
|
||||
uci -q set network.@bridge-vlan[-1].device="$AL_BRIDGE"
|
||||
uci -q set network.@bridge-vlan[-1].vlan="$vid"
|
||||
[ "${vid}" = "${PRIMARY_VID}" ] && self_flags="untagged pvid"
|
||||
uci -q set network.${name}.flags="${self_flags}"
|
||||
uci -q set network.${name}.local='1'
|
||||
|
||||
for port in $(uci -q get network.${br_dev}.ports) ; do
|
||||
echo $port | grep -q eth || continue
|
||||
uci -q add_list network.@bridge-vlan[-1].ports="${port}${tag}"
|
||||
uci -q get network.${name}.ports | grep -q "${port}${tag}" && continue
|
||||
uci -q add_list network.${name}.ports="${port}${tag}"
|
||||
done
|
||||
|
||||
uci -q add_list network.${br_dev}.ports="$port_dev"
|
||||
uci -q add_list network.@bridge-vlan[-1].ports="$port_dev"
|
||||
|
||||
uci -q commit network
|
||||
}
|
||||
|
||||
_dhcp_setup() {
|
||||
local name=$1
|
||||
|
||||
[ -n "$(uci -q get dhcp.${name})" ] && return
|
||||
|
||||
uci -q set dhcp.${name}=dhcp
|
||||
uci -q set dhcp.${name}.interface="${name}"
|
||||
uci -q set dhcp.${name}.start="100"
|
||||
uci -q set dhcp.${name}.limit="150"
|
||||
uci -q set dhcp.${name}.leasetime="1h"
|
||||
uci -q set dhcp.${name}.dhcpv4="server"
|
||||
uci -q set dhcp.${name}.dhcpv6="server"
|
||||
uci -q set dhcp.${name}.ra="server"
|
||||
uci -q set dhcp.${name}.ra_slaac="1"
|
||||
uci -q add_list dhcp.${name}.ra_flags="managed-config"
|
||||
uci -q add_list dhcp.${name}.ra_flags="other-config"
|
||||
|
||||
uci -q commit dhcp
|
||||
}
|
||||
|
||||
_firewall_setup() {
|
||||
local name=$1
|
||||
local network=$1
|
||||
local vid=$2
|
||||
local zone_exist=0
|
||||
|
||||
config_load firewall
|
||||
|
||||
_process_zone() {
|
||||
local section=$1
|
||||
local new_name=$2
|
||||
local name
|
||||
|
||||
config_get name $section name
|
||||
|
||||
[ "$name" == "$new_name" ] && zone_exist=1
|
||||
}
|
||||
|
||||
config_foreach _process_zone zone $name
|
||||
|
||||
[ "$zone_exist" != "0" ] && return
|
||||
|
||||
[ "${vid}" = "${PRIMARY_VID}" ] && {
|
||||
uci -q delete firewall.lan
|
||||
}
|
||||
|
||||
uci -q add firewall zone
|
||||
uci -q set firewall.@zone[-1].name="$name"
|
||||
uci -q add_list firewall.@zone[-1].network="$network"
|
||||
uci -q set firewall.@zone[-1].input='ACCEPT'
|
||||
uci -q set firewall.@zone[-1].output='ACCEPT'
|
||||
uci -q set firewall.@zone[-1].forward='ACCEPT'
|
||||
|
||||
uci -q add firewall forwarding
|
||||
uci -q set firewall.@forwarding[-1].src="$name"
|
||||
uci -q set firewall.@forwarding[-1].dest="wan"
|
||||
|
||||
uci -q commit firewall
|
||||
}
|
||||
|
||||
vid=$1
|
||||
|
||||
[ -n "$vid" ] || {
|
||||
|
|
@ -148,45 +59,17 @@ EOF
|
|||
exit 1
|
||||
}
|
||||
|
||||
ip link show sink${vid} 2> /dev/null || {
|
||||
ip link add sink${vid} type veth peer name sink_peer${vid}
|
||||
}
|
||||
logger -t vlan "setup ts vid $vid"
|
||||
_net_setup ${vid}
|
||||
|
||||
ip link set sink${vid} up
|
||||
ip link set sink_peer${vid} up
|
||||
|
||||
proto="dhcp"
|
||||
[ -x "/usr/sbin/mapcontroller" ] && proto="static" ;
|
||||
_net_setup "vlan${vid}" ${vid} ${proto} "sink${vid}" "sink_peer${vid}"
|
||||
|
||||
[ -x "/usr/sbin/mapcontroller" ] && {
|
||||
_dhcp_setup vlan${vid}
|
||||
_firewall_setup vlan${vid} ${vid}
|
||||
}
|
||||
echo 0 > /proc/pktfwd_dhd/enable
|
||||
echo 0 > /proc/pktfwd_wl/enable
|
||||
}
|
||||
|
||||
ts_reload() {
|
||||
# TODO check it again
|
||||
local dhcp_reload=$1
|
||||
restart=""
|
||||
# workaround for missing backhaul wifi.ap.* ubus obj's:
|
||||
# iterate in config and setup bh
|
||||
# config_load wireless
|
||||
|
||||
# _setup_bh_iface() {
|
||||
# local sec=$1
|
||||
# local iface=$2
|
||||
# local bridge=$3
|
||||
|
||||
# config_get ifname $sec ifname
|
||||
|
||||
# config_get mode $sec mode
|
||||
# config_get multi_ap $sec multi_ap "0"
|
||||
# [ "$mode" = "ap" -a "$multi_ap" = "1" ] && {
|
||||
# ts_create bh $ifname 1 2 br-map
|
||||
# }
|
||||
#}
|
||||
|
||||
# config_foreach _setup_bh_iface wifi-iface
|
||||
|
||||
bridge_verify_vid_mapping() {
|
||||
local section=$1
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue