ia64/xen-unstable

changeset 7468:19af31a59537

Break common network code in xen-network-common.sh, and common vif hotplugging
code into vif-common.sh.

Fix the antispoofing in network-bridge to allow forwarding from physical
device to bridge, and vif0.0 to eth0.

Change the interface between netback driver and vif hotplugging scripts. The
mac address and bridge details are read from the store directly by the script,
so that the kernel driver does not need to get involved.

Remove an awful lot of cruft from vif-bridge. Move the iptables handling into
vif-common.sh, and fix it so that the new vif can get past the antispoofing
entries. Merge vif-nat and vif-route into this structure too.

Use ip instead of ifconfig to get necessary details.

Signed-off-by: Ewan Mellor <ewan@xensource.com>
author emellor@leeni.uk.xensource.com
date Fri Oct 21 12:06:17 2005 +0100 (2005-10-21)
parents cefe36be8592
children f31494465fb0
files linux-2.6-xen-sparse/drivers/xen/netback/xenbus.c tools/examples/Makefile tools/examples/network-bridge tools/examples/vif-bridge tools/examples/vif-common.sh tools/examples/vif-nat tools/examples/vif-route tools/examples/xen-hotplug-common.sh tools/examples/xen-network-common.sh
line diff
     1.1 --- a/linux-2.6-xen-sparse/drivers/xen/netback/xenbus.c	Fri Oct 21 12:04:30 2005 +0100
     1.2 +++ b/linux-2.6-xen-sparse/drivers/xen/netback/xenbus.c	Fri Oct 21 12:06:17 2005 +0100
     1.3 @@ -161,34 +161,27 @@ static void backend_changed(struct xenbu
     1.4  static int netback_hotplug(struct xenbus_device *xdev, char **envp,
     1.5  			   int num_envp, char *buffer, int buffer_size)
     1.6  {
     1.7 -	struct backend_info *be;
     1.8 -	netif_t *netif;
     1.9 -	char **key, *val;
    1.10 +	struct backend_info *be = xdev->data;
    1.11 +	netif_t *netif = be->netif;
    1.12  	int i = 0, length = 0;
    1.13 -	static char *env_vars[] = { "script", "domain", "mac", "bridge", "ip",
    1.14 -				    NULL };
    1.15  
    1.16 -	be = xdev->data;
    1.17 -	netif = be->netif;
    1.18 +	char *val = xenbus_read(NULL, xdev->nodename, "script", NULL);
    1.19 +	if (IS_ERR(val)) {
    1.20 +		int err = PTR_ERR(val);
    1.21 +		xenbus_dev_error(xdev, err, "reading script");
    1.22 +		return err;
    1.23 +	}
    1.24 +	else {
    1.25 +		add_hotplug_env_var(envp, num_envp, &i,
    1.26 +				    buffer, buffer_size, &length,
    1.27 +				    "script=%s", val);
    1.28 +		kfree(val);
    1.29 +	}
    1.30  
    1.31  	add_hotplug_env_var(envp, num_envp, &i,
    1.32  			    buffer, buffer_size, &length,
    1.33  			    "vif=%s", netif->dev->name);
    1.34  
    1.35 -	key = env_vars;
    1.36 -	while (*key != NULL) {
    1.37 -		val = xenbus_read(NULL, xdev->nodename, *key, NULL);
    1.38 -		if (!IS_ERR(val)) {
    1.39 -			char buf[strlen(*key) + 4];
    1.40 -			sprintf(buf, "%s=%%s", *key);
    1.41 -			add_hotplug_env_var(envp, num_envp, &i,
    1.42 -					    buffer, buffer_size, &length,
    1.43 -					    buf, val);
    1.44 -			kfree(val);
    1.45 -		}
    1.46 -		key++;
    1.47 -	}
    1.48 -
    1.49  	envp[i] = NULL;
    1.50  
    1.51  	return 0;
     2.1 --- a/tools/examples/Makefile	Fri Oct 21 12:04:30 2005 +0100
     2.2 +++ b/tools/examples/Makefile	Fri Oct 21 12:06:17 2005 +0100
     2.3 @@ -24,7 +24,7 @@ XEN_SCRIPTS += network-route vif-route
     2.4  XEN_SCRIPTS += network-nat vif-nat
     2.5  XEN_SCRIPTS += block
     2.6  XEN_SCRIPTS += block-enbd
     2.7 -XEN_SCRIPTS += xen-hotplug-common.sh
     2.8 +XEN_SCRIPTS += xen-hotplug-common.sh xen-network-common.sh vif-common.sh
     2.9  
    2.10  XEN_HOTPLUG_DIR = /etc/hotplug
    2.11  XEN_HOTPLUG_SCRIPTS = xen-backend.agent
     3.1 --- a/tools/examples/network-bridge	Fri Oct 21 12:04:30 2005 +0100
     3.2 +++ b/tools/examples/network-bridge	Fri Oct 21 12:06:17 2005 +0100
     3.3 @@ -25,7 +25,7 @@
     3.4  #            higher value than its default of 1.
     3.5  # bridge     The bridge to use (default xenbr${vifnum}).
     3.6  # netdev     The interface to add to the bridge (default eth${vifnum}).
     3.7 -# antispoof  Whether to use iptables to prevent spoofing (default yes).
     3.8 +# antispoof  Whether to use iptables to prevent spoofing (default no).
     3.9  #
    3.10  # start:
    3.11  # Creates the bridge and enslaves netdev to it.
    3.12 @@ -42,16 +42,8 @@
    3.13  #
    3.14  #============================================================================
    3.15  
    3.16 -# Gentoo doesn't have ifup/ifdown: define appropriate alternatives
    3.17 -which ifup >& /dev/null
    3.18 -if [ "$?" != 0 -a -e /etc/conf.d/net ]; then
    3.19 -    ifup() {
    3.20 -        /etc/init.d/net.$1 start
    3.21 -    }
    3.22 -    ifdown() {
    3.23 -        /etc/init.d/net.$1 stop
    3.24 -    }
    3.25 -fi
    3.26 +dir=$(dirname "$0")
    3.27 +. "$dir/xen-network-common.sh"
    3.28  
    3.29  # Exit if anything goes wrong.
    3.30  set -e 
    3.31 @@ -66,14 +58,12 @@ for arg ; do export "${arg}" ; done
    3.32  vifnum=${vifnum:-0}
    3.33  bridge=${bridge:-xenbr${vifnum}}
    3.34  netdev=${netdev:-eth${vifnum}}
    3.35 -antispoof=${antispoof:-yes}
    3.36 +antispoof=${antispoof:-no}
    3.37  
    3.38  pdev="p${netdev}"
    3.39  vdev="veth${vifnum}"
    3.40  vif0="vif0.${vifnum}"
    3.41  
    3.42 -echo "*network $OP bridge=$bridge netdev=$netdev antispoof=$antispoof vifnum=$vifnum" >&2
    3.43 -
    3.44  legacy_mask_to_prefix() {
    3.45      mask=$1
    3.46      first=${mask%%.*}
    3.47 @@ -178,15 +168,13 @@ add_to_bridge () {
    3.48      fi
    3.49  }
    3.50  
    3.51 -# Usage: antispoofing dev bridge
    3.52  # Set the default forwarding policy for $dev to drop.
    3.53  # Allow forwarding to the bridge.
    3.54  antispoofing () {
    3.55 -    local dev=$1
    3.56 -    local bridge=$2
    3.57 -
    3.58      iptables -P FORWARD DROP
    3.59 -    iptables -A FORWARD -m physdev --physdev-in ${dev} -j ACCEPT
    3.60 +    iptables -F FORWARD
    3.61 +    iptables -A FORWARD -m physdev --physdev-in ${pdev} -j ACCEPT
    3.62 +    iptables -A FORWARD -m physdev --physdev-in ${vif0} -j ACCEPT
    3.63  }
    3.64  
    3.65  # Usage: show_status dev bridge
    3.66 @@ -263,7 +251,7 @@ op_start () {
    3.67      fi
    3.68  
    3.69      if [ ${antispoof} == 'yes' ] ; then
    3.70 -	antispoofing ${netdev} ${bridge}
    3.71 +	antispoofing
    3.72      fi
    3.73  }
    3.74  
     4.1 --- a/tools/examples/vif-bridge	Fri Oct 21 12:04:30 2005 +0100
     4.2 +++ b/tools/examples/vif-bridge	Fri Oct 21 12:06:17 2005 +0100
     4.3 @@ -3,22 +3,19 @@
     4.4  # /etc/xen/vif-bridge
     4.5  #
     4.6  # Script for configuring a vif in bridged mode.
     4.7 -# Xend calls a vif script when bringing a vif up or down.
     4.8 -# This script is the default - but it can be configured for each vif.
     4.9 -#
    4.10 -# Example invocation:
    4.11 -#
    4.12 -# vif-bridge up domain=VM1 vif=vif1.0 bridge=xenbr0 ip="128.232.38.45/28 10.10.10.55/24"
    4.13 -#
    4.14 +# The hotplugging system will call this script if it is specified either in
    4.15 +# the device configuration given to Xend, or the default Xend configuration
    4.16 +# in /etc/xen/xend-config.sxp.  If the script is specified in neither of those
    4.17 +# places, then this script is the default.
    4.18  #
    4.19  # Usage:
    4.20 -# vif-bridge (up|down) {VAR=VAL}*
    4.21 -#
    4.22 -# Vars:
    4.23 +# vif-bridge (up|down)
    4.24  #
    4.25 -# domain  name of the domain the interface is on (required).
    4.26 -# vif     vif interface name (required).
    4.27 -# mac     vif MAC address (required).
    4.28 +# Environment vars:
    4.29 +# vif         vif interface name (required).
    4.30 +# XENBUS_PATH path to this device's details in the XenStore (required).
    4.31 +#
    4.32 +# Read from the store:
    4.33  # bridge  bridge to add the vif to (required).
    4.34  # ip      list of IP networks for the vif, space-separated (optional).
    4.35  #
    4.36 @@ -32,60 +29,29 @@
    4.37  #============================================================================
    4.38  
    4.39  dir=$(dirname "$0")
    4.40 -. "$dir/xen-hotplug-common.sh"
    4.41 +. "$dir/vif-common.sh"
    4.42  
    4.43 -# Operation name.
    4.44 -OP=$1
    4.45 -shift
    4.46 -
    4.47 -# Pull variables in args into environment
    4.48 -for arg ; do export "${arg}" ; done
    4.49 +bridge=$(xenstore_read "$XENBUS_PATH/bridge")
    4.50  
    4.51 -# Required parameters. Fail if not set.
    4.52 -domain=${domain:?}
    4.53 -vif=${vif:?}
    4.54 -mac=${mac:?}
    4.55 -bridge=${bridge:?}
    4.56 +case "$command" in
    4.57 +    up)
    4.58 +        if brctl show "$bridge" | grep "$vif" >&/dev/null
    4.59 +        then
    4.60 +          log debug "$vif already attached to $bridge"
    4.61 +          exit 0
    4.62 +        fi
    4.63  
    4.64 -# Optional parameters. Set defaults.
    4.65 -ip=${ip:-''}   # default to null (do nothing)
    4.66 +        brctl addif "$bridge" "$vif" ||
    4.67 +          fatal "brctl addif $bridge $vif failed"
    4.68  
    4.69 -# Are we going up or down?
    4.70 -case $OP in
    4.71 -    up)
    4.72 -        brcmd='addif'
    4.73 -        iptcmd='-A'
    4.74 +        ifconfig "$vif" up || fatal "ifconfig $vif up failed"
    4.75          ;;
    4.76      down)
    4.77 -        brcmd='delif'
    4.78 -        iptcmd='-D'
    4.79 -        ;;
    4.80 -    *)
    4.81 -        echo 'Invalid command: ' $OP >&2
    4.82 -        echo 'Valid commands are: up, down' >&2
    4.83 -        exit 1
    4.84 +        # vifs are auto-removed from bridge.
    4.85 +        ifconfig "$vif" down || fatal "ifconfig $vif down failed"
    4.86          ;;
    4.87  esac
    4.88  
    4.89 -# Don't do anything if the bridge is "null".
    4.90 -if [ "${bridge}" == "null" ] ; then
    4.91 -    exit
    4.92 -fi
    4.93 -
    4.94 -# Add vif to bridge. vifs are auto-removed from bridge.
    4.95 -if [ "${brcmd}" == "addif" ] ; then
    4.96 -    brctl ${brcmd} ${bridge} ${vif}
    4.97 -fi
    4.98 -ifconfig ${vif} $OP
    4.99 +handle_iptable
   4.100  
   4.101 -if [ "${ip}" ] ; then
   4.102 -
   4.103 -    # If we've been given a list of IP networks, allow pkts with these src addrs.
   4.104 -    for addr in ${ip} ; do
   4.105 -        iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -s ${addr} -j ACCEPT
   4.106 -    done 
   4.107 -
   4.108 -    # Always allow us to talk to a DHCP server anyhow.
   4.109 -    iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -p udp --sport 68 --dport 67 -j ACCEPT
   4.110 -fi
   4.111 -
   4.112 +log debug "vif-bridge operation for $vif successful."
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/tools/examples/vif-common.sh	Fri Oct 21 12:06:17 2005 +0100
     5.3 @@ -0,0 +1,74 @@
     5.4 +#
     5.5 +# Copyright (c) 2005 XenSource Ltd.
     5.6 +#
     5.7 +# This library is free software; you can redistribute it and/or
     5.8 +# modify it under the terms of version 2.1 of the GNU Lesser General Public
     5.9 +# License as published by the Free Software Foundation.
    5.10 +#
    5.11 +# This library is distributed in the hope that it will be useful,
    5.12 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
    5.13 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    5.14 +# Lesser General Public License for more details.
    5.15 +#
    5.16 +# You should have received a copy of the GNU Lesser General Public
    5.17 +# License along with this library; if not, write to the Free Software
    5.18 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    5.19 +#
    5.20 +
    5.21 +
    5.22 +dir=$(dirname "$0")
    5.23 +. "$dir/xen-hotplug-common.sh"
    5.24 +. "$dir/xen-network-common.sh"
    5.25 +
    5.26 +command="$1"
    5.27 +
    5.28 +if [ "$command" != "up" ] && [ "$command" != "down" ]
    5.29 +then
    5.30 +  log err "Invalid command: $command"
    5.31 +  exit 1
    5.32 +fi
    5.33 +
    5.34 +
    5.35 +XENBUS_PATH="${XENBUS_PATH:?}"
    5.36 +vif="${vif:?}"
    5.37 +
    5.38 +ip=$(xenstore-read "$XENBUS_PATH/ip" >&/dev/null || true)
    5.39 +
    5.40 +
    5.41 +function frob_iptable()
    5.42 +{
    5.43 +  if [ "$command" == "up" ]
    5.44 +  then
    5.45 +    local c="-A"
    5.46 +  else
    5.47 +    local c="-D"
    5.48 +  fi
    5.49 +
    5.50 +  iptables "$c" FORWARD -m physdev --physdev-in "$vif" "$@" -j ACCEPT
    5.51 +}
    5.52 +
    5.53 +
    5.54 +##
    5.55 +# Add or remove the appropriate entries in the iptables.  With antispoofing
    5.56 +# turned on, we have to explicitly allow packets to the interface, regardless
    5.57 +# of the ip setting.  If ip is set, then we additionally restrict the packets
    5.58 +# to those coming from the specified networks, though we allow DHCP requests
    5.59 +# as well.
    5.60 +#
    5.61 +function handle_iptable()
    5.62 +{
    5.63 +  if [ "$ip" != "" ]
    5.64 +  then
    5.65 +      local addr
    5.66 +      for addr in "$ip"
    5.67 +      do
    5.68 +        frob_iptable -s "$addr"
    5.69 +      done
    5.70 +
    5.71 +      # Always allow the domain to talk to a DHCP server.
    5.72 +      frob_iptable -p udp --sport 68 --dport 67
    5.73 +  else
    5.74 +      # No IP addresses have been specified, so allow anything.
    5.75 +      frob_iptable
    5.76 +  fi
    5.77 +}
     6.1 --- a/tools/examples/vif-nat	Fri Oct 21 12:04:30 2005 +0100
     6.2 +++ b/tools/examples/vif-nat	Fri Oct 21 12:06:17 2005 +0100
     6.3 @@ -3,40 +3,30 @@
     6.4  # /etc/xen/vif-nat
     6.5  #
     6.6  # Script for configuring a vif in routed-nat mode.
     6.7 -# Xend calls a vif script when bringing a vif up or down.
     6.8 -# This script is the default - but it can be configured for each vif.
     6.9 -#
    6.10 -# Example invocation:
    6.11 -#
    6.12 -# vif-nat up domain=VM1 vif=vif1.0 ip="192.168.0.10/31"
    6.13 +# The hotplugging system will call this script if it is specified either in
    6.14 +# the device configuration given to Xend, or the default Xend configuration
    6.15 +# in /etc/xen/xend-config.sxp.  If the script is specified in neither of those
    6.16 +# places, then vif-bridge is the default.
    6.17  #
    6.18  # Usage:
    6.19 -# vif-nat (up|down) {VAR=VAL}*
    6.20 -#
    6.21 -# Vars:
    6.22 +# vif-nat (up|down)
    6.23  #
    6.24 -# domain  name of the domain the interface is on (required).
    6.25 -# vif     vif interface name (required).
    6.26 -# ip      list of IP networks for the vif, space-separated (required).
    6.27 +# Environment vars:
    6.28 +# vif         vif interface name (required).
    6.29 +# XENBUS_PATH path to this device's details in the XenStore (required).
    6.30 +#
    6.31 +# Read from the store:
    6.32 +# ip      list of IP networks for the vif, space-separated (default given in
    6.33 +#         this script).
    6.34  #============================================================================
    6.35  
    6.36 -# Exit if anything goes wrong
    6.37 -set -e 
    6.38 -export PATH=/sbin:/bin:/usr/bin:/usr/sbin:$PATH
    6.39 -
    6.40 -# Operation name.
    6.41 -OP=$1
    6.42 -shift
    6.43 +dir=$(dirname "$0")
    6.44 +. "$dir/vif-common.sh"
    6.45  
    6.46 -# Pull variables in args into environment
    6.47 -for arg ; do export "${arg}" ; done
    6.48 -
    6.49 -# Required parameters. Fail if not set.
    6.50 -domain=${domain:?}
    6.51 -vif=${vif:?}
    6.52 -ip=${ip:-'169.254.1.1/24'}   #if not defined, give a default address 
    6.53 -
    6.54 -echo "*vif-nat $OP domain=$domain vif=$vif ip=$ip" >&2
    6.55 +if [ "$ip" == "" ]
    6.56 +then
    6.57 +  ip='169.254.1.1/24'
    6.58 +fi
    6.59  
    6.60  #determine ip address and netmask 
    6.61  vif_ip=`echo ${ip} | awk -F/ '{print $1}'`
    6.62 @@ -47,27 +37,20 @@ netmask=$netmask.$(( (($intmask & 0x00FF
    6.63  netmask=$netmask.$(( (($intmask & 0x0000FF00)) >> 8 ))
    6.64  netmask=$netmask.$(( $intmask & 0x000000FF ))
    6.65  
    6.66 -main_ip=`ifconfig eth0 | grep "inet addr:" | sed -e 's/.*inet addr:\(\w\w*\.\w\w*\.\w\w*\.\w\w*\).*/\1/'`
    6.67 +main_ip=$(ip addr show eth0 | sed -e '/inet /!d;s/^.*inet \([^\s*]\)\s.*$/\1/')
    6.68  
    6.69 -# Are we going up or down?
    6.70 -case $OP in
    6.71 +case "$command" in
    6.72      up)
    6.73          ifconfig ${vif} ${vif_ip} netmask ${netmask} up
    6.74          echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp
    6.75 -        iptcmd='-A'
    6.76          ipcmd='a'
    6.77          ;;
    6.78      down)
    6.79          ifconfig ${vif} down
    6.80 -        iptcmd='-D'
    6.81          ipcmd='d'
    6.82          ;;
    6.83 -    *)
    6.84 -        echo 'Invalid command: ' $OP >&2
    6.85 -        echo 'Valid commands are: up, down' >&2
    6.86 -        exit 1
    6.87 -        ;;
    6.88  esac
    6.89  
    6.90  ip r ${ipcmd} ${ip} dev ${vif} src ${main_ip}
    6.91 -#    iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -p udp --sport 68 --dport 67 -j ACCEPT
    6.92 +
    6.93 +handle_iptable()
     7.1 --- a/tools/examples/vif-route	Fri Oct 21 12:04:30 2005 +0100
     7.2 +++ b/tools/examples/vif-route	Fri Oct 21 12:06:17 2005 +0100
     7.3 @@ -3,74 +3,46 @@
     7.4  # /etc/xen/vif-route
     7.5  #
     7.6  # Script for configuring a vif in routed mode.
     7.7 -# Xend calls a vif script when bringing a vif up or down.
     7.8 -# This script is the default - but it can be configured for each vif.
     7.9 -#
    7.10 -# Example invocation:
    7.11 -#
    7.12 -# vif-route up domain=VM1 vif=vif1.0 ip="128.232.38.45/28 10.10.10.55/24"
    7.13 +# The hotplugging system will call this script if it is specified either in
    7.14 +# the device configuration given to Xend, or the default Xend configuration
    7.15 +# in /etc/xen/xend-config.sxp.  If the script is specified in neither of those
    7.16 +# places, then vif-bridge is the default.
    7.17  #
    7.18  # Usage:
    7.19 -# vif-route (up|down) {VAR=VAL}*
    7.20 -#
    7.21 -# Vars:
    7.22 +# vif-route (up|down)
    7.23  #
    7.24 -# domain  name of the domain the interface is on (required).
    7.25 -# vif     vif interface name (required).
    7.26 -# mac     vif MAC address (required).
    7.27 -# ip      list of IP networks for the vif, space-separated (optional).
    7.28 +# Environment vars:
    7.29 +# vif         vif interface name (required).
    7.30 +# XENBUS_PATH path to this device's details in the XenStore (required).
    7.31 +#
    7.32 +# Read from the store:
    7.33 +# ip      list of IP networks for the vif, space-separated (default given in
    7.34 +#         this script).
    7.35  #============================================================================
    7.36  
    7.37 -# Exit if anything goes wrong
    7.38 -set -e 
    7.39 -export PATH=/sbin:/bin:/usr/bin:/usr/sbin:$PATH
    7.40 -echo "*vif-route $*" >&2
    7.41 +dir=$(dirname "$0")
    7.42 +. "$dir/vif-common.sh"
    7.43  
    7.44 -# Operation name.
    7.45 -OP=$1
    7.46 -shift
    7.47 -
    7.48 -# Pull variables in args into environment
    7.49 -for arg ; do export "${arg}" ; done
    7.50 +main_ip=$(ip addr show eth0 | sed -e '/inet /!d;s/^.*inet \([^\s*]\)\s.*$/\1/')
    7.51  
    7.52 -# Required parameters. Fail if not set.
    7.53 -domain=${domain:?}
    7.54 -vif=${vif:?}
    7.55 -mac=${mac:?}
    7.56 -
    7.57 -# Optional parameters. Set defaults.
    7.58 -ip=${ip:-''}   # default to null (do nothing)
    7.59 -
    7.60 -main_ip=`ifconfig eth0 | grep "inet addr:" | sed -e 's/.*inet addr:\(\w\w*\.\w\w*\.\w\w*\.\w\w*\).*/\1/'`
    7.61 -
    7.62 -# Are we going up or down?
    7.63 -case $OP in
    7.64 +case "$command" in
    7.65      up)
    7.66 -        ifconfig ${vif} 169.254.1.0 netmask 255.255.255.255 up
    7.67 +        ifconfig ${vif} ${main_ip} netmask 255.255.255.255 up
    7.68          echo 1 >/proc/sys/net/ipv4/conf/${vif}/proxy_arp
    7.69 -        iptcmd='-A'
    7.70          ipcmd='a'
    7.71          ;;
    7.72      down)
    7.73 -        ifconfig ${vif} down
    7.74 -        iptcmd='-D'
    7.75 +        ifdown ${vif}
    7.76          ipcmd='d'
    7.77          ;;
    7.78 -    *)
    7.79 -        echo 'Invalid command: ' $OP >&2
    7.80 -        echo 'Valid commands are: up, down' >&2
    7.81 -        exit 1
    7.82 -        ;;
    7.83  esac
    7.84  
    7.85  if [ "${ip}" ] ; then
    7.86 -
    7.87 -    # If we've been given a list of IP networks, allow pkts with these src addrs.
    7.88 +    # If we've been given a list of IP addresses, then add routes from dom0 to
    7.89 +    # the guest using those addresses.
    7.90      for addr in ${ip} ; do
    7.91        ip r ${ipcmd} ${addr} dev ${vif} src ${main_ip}
    7.92 -#      iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -s ${addr} -j ACCEPT
    7.93      done 
    7.94 +fi
    7.95  
    7.96 -    # Always allow us to talk to a DHCP server anyhow.
    7.97 -#    iptables ${iptcmd} FORWARD -m physdev --physdev-in ${vif} -p udp --sport 68 --dport 67 -j ACCEPT
    7.98 -fi
    7.99 +handle_iptable()
     8.1 --- a/tools/examples/xen-hotplug-common.sh	Fri Oct 21 12:04:30 2005 +0100
     8.2 +++ b/tools/examples/xen-hotplug-common.sh	Fri Oct 21 12:06:17 2005 +0100
     8.3 @@ -10,19 +10,20 @@ log() {
     8.4    logger -p "daemon.$level" -- "$0:" "$@" || echo "$0 $@" >&2
     8.5  }
     8.6  
     8.7 +fatal() {
     8.8 +  log err "$@"
     8.9 +  exit 1
    8.10 +}
    8.11 +
    8.12  xenstore_read() {
    8.13    local v=$(xenstore-read "$@" || true)
    8.14 -  if [ "$v" == "" ]
    8.15 -  then
    8.16 -    log error "xenstore-read $@ failed."
    8.17 -    exit 1
    8.18 -  fi
    8.19 +  [ "$v" != "" ] || fatal "xenstore-read $@ failed."
    8.20    echo "$v"
    8.21  }
    8.22  
    8.23  xenstore_write() {
    8.24    log debug "Writing $@ to xenstore."
    8.25 -  xenstore-write "$@" || log error "Writing $@ to xenstore failed."
    8.26 +  xenstore-write "$@" || log err "Writing $@ to xenstore failed."
    8.27  }
    8.28  
    8.29  log debug "$@" "XENBUS_PATH=$XENBUS_PATH"
     9.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.2 +++ b/tools/examples/xen-network-common.sh	Fri Oct 21 12:06:17 2005 +0100
     9.3 @@ -0,0 +1,37 @@
     9.4 +#
     9.5 +# Copyright (c) 2005 XenSource Ltd.
     9.6 +#
     9.7 +# This library is free software; you can redistribute it and/or
     9.8 +# modify it under the terms of version 2.1 of the GNU Lesser General Public
     9.9 +# License as published by the Free Software Foundation.
    9.10 +#
    9.11 +# This library is distributed in the hope that it will be useful,
    9.12 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
    9.13 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    9.14 +# Lesser General Public License for more details.
    9.15 +#
    9.16 +# You should have received a copy of the GNU Lesser General Public
    9.17 +# License along with this library; if not, write to the Free Software
    9.18 +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
    9.19 +#
    9.20 +
    9.21 +
    9.22 +# Gentoo doesn't have ifup/ifdown: define appropriate alternatives
    9.23 +if ! which ifup >&/dev/null
    9.24 +then
    9.25 +  if [ -e /etc/conf.d/net ]
    9.26 +  then
    9.27 +    ifup()
    9.28 +    {
    9.29 +      /etc/init.d/net.$1 start
    9.30 +    }
    9.31 +    ifdown()
    9.32 +    {
    9.33 +      /etc/init.d/net.$1 stop
    9.34 +    }
    9.35 +  else
    9.36 +    logger -p "daemon.crit" -- \
    9.37 +      "You don't have ifup and don't seem to be running Gentoo either!"
    9.38 +    exit 1
    9.39 +  fi
    9.40 +fi