ia64/xen-unstable

view tools/examples/network @ 2089:ba8727dce7d7

bitkeeper revision 1.1152 (4112369d1lg2gEGMDNU2UJuqjHAshQ)

Merge freefall.cl.cam.ac.uk:/auto/groups/xeno/BK/xeno.bk
into freefall.cl.cam.ac.uk:/auto/groups/xeno/users/cl349/BK/xeno.bk-26dom0
author cl349@freefall.cl.cam.ac.uk
date Thu Aug 05 13:31:09 2004 +0000 (2004-08-05)
parents bfc886b99735 78ef630c782c
children 04a0d90a1547 0a4b76b6b5a0
line source
1 #!/bin/sh
2 #============================================================================
3 # Example Xen network start/stop script.
4 # Xend calls a network script when it starts.
5 # This is the default script.
6 #
7 # /etc/xen/network (start|stop|status) {VAR=VAL}*
8 #
9 # Vars:
10 #
11 # bridge The bridge to use (default xen-br0).
12 # netdev The interface to add to the bridge (default eth0).
13 # antispoof Whether to use iptables to prevent spoofing (default yes).
14 #
15 # start:
16 # Creates the bridge and enslaves netdev to it.
17 # Copies the IP addresses from netdev to the bridge.
18 # Deletes the routes to netdev and adds them on bridge.
19 #
20 # stop:
21 # Removes netdev from the bridge.
22 # Deletes the routes to bridge and adds them to netdev.
23 #
24 # status:
25 # Print ifconfig for netdev and bridge.
26 # Print routes.
27 #
28 #============================================================================
30 # Exit if anything goes wrong.
31 set -e
33 # First arg is the operation.
34 OP=$1
35 shift
37 # Pull variables in args in to environment.
38 for arg ; do export "${arg}" ; done
40 bridge=${bridge:-xen-br0}
41 netdev=${netdev:-eth0}
42 antispoof=${antispoof:-yes}
44 echo "network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof"
46 # Usage: transfer_addrs src dst
47 # Copy all IP addresses (including aliases) from device $src to device $dst.
48 transfer_addrs () {
49 local src=$1
50 local dst=$2
51 # Don't bother if $dst already has IP addresses.
52 if ip addr show dev ${dst} | egrep -q '^ *inet' ; then
53 return
54 fi
55 # Address lines start with 'inet' and have the device in them.
56 # Replace 'inet' with 'ip addr add' and change the device name $src
57 # to 'dev $src'. Remove netmask as we'll add routes later.
58 ip addr show dev ${src} | egrep '^ *inet' | sed -e "
59 s/inet/ip addr add/
60 s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+\)/[0-9]\+@\1@
61 s/${src}/dev ${dst}/
62 " | sh -e
63 }
65 # Usage: transfer_routes src dst
66 # Get all IP routes to device $src, delete them, and
67 # add the same routes to device $dst.
68 # The original routes have to be deleted, otherwise adding them
69 # for $dst fails (duplicate routes).
70 transfer_routes () {
71 local src=$1
72 local dst=$2
73 # List all routes and grep the ones with $src in.
74 # Stick 'ip route del' on the front to delete.
75 # Change $src to $dst and use 'ip route add' to add.
76 ip route list | grep ${src} | sed -e "
77 h
78 s/^/ip route del /
79 P
80 g
81 s/${src}/${dst}/
82 s/^/ip route add /
83 P
84 d
85 " | sh -e
86 }
88 # Usage: create_bridge dev bridge
89 # Create bridge $bridge and add device $dev to it.
90 create_bridge () {
91 local dev=$1
92 local bridge=$2
94 # Don't create the bridge if it already exists.
95 if ! brctl show | grep -q ${bridge} ; then
96 brctl addbr ${bridge}
97 brctl stp ${bridge} off
98 brctl setfd ${bridge} 0
99 fi
100 ifconfig ${bridge} up
101 }
103 # Usage: antispoofing dev bridge
104 # Set the default forwarding policy for $dev to drop.
105 # Allow forwarding to the bridge.
106 antispoofing () {
107 local dev=$1
108 local bridge=$2
110 iptables -P FORWARD DROP
111 iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
112 }
114 # Usage: show_status dev bridge
115 # Print ifconfig and routes.
116 show_status () {
117 local dev=$1
118 local bridge=$2
120 echo '============================================================'
121 ifconfig ${dev}
122 ifconfig ${bridge}
123 echo ' '
124 ip route list
125 echo ' '
126 route -n
127 echo '============================================================'
128 }
130 case ${OP} in
131 start)
132 # Create the bridge and give it the interface IP addresses.
133 # Move the interface routes onto the bridge.
134 create_bridge ${netdev} ${bridge}
135 transfer_addrs ${netdev} ${bridge}
136 transfer_routes ${netdev} ${bridge}
137 # Don't add $dev to $bridge if it's already on a bridge.
138 if ! brctl show | grep -q ${netdev} ; then
139 brctl addif ${bridge} ${netdev}
140 fi
142 if [ ${antispoof} == 'yes' ] ; then
143 antispoofing ${netdev} ${bridge}
144 fi
146 ;;
148 stop)
149 # Remove the interface from the bridge.
150 # Move the routes back to the interface.
151 brctl delif ${bridge} ${netdev}
152 transfer_routes ${bridge} ${netdev}
154 # It's not our place to be enabling forwarding...
155 ;;
157 status)
158 show_status ${netdev} ${bridge}
159 ;;
161 *)
162 echo 'Unknown command: ' ${OP}
163 echo 'Valid commands are: start, stop, status'
164 exit 1
165 esac