Add 'findgw' user exit

2025-01-26 07:29:05 +01:00 · 2009-05-11 14:35:20 -07:00 · 2009-05-11 14:35:20 -07:00 · f75f4158b3
commit f75f4158b3
parent 52ad3cbda3
4 changed files with 33 additions and 13 deletions
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@ -98,7 +98,7 @@ sub generate_script_1() {
 ################################################################################
 EOF

-    for my $exit qw/init isusable start tcclear started stop stopped clear refresh refreshed restored/ {
+    for my $exit qw/init isusable start tcclear started stop stopped clear refresh refreshed restored findgw/ {
 	emit "\nrun_${exit}_exit() {";
 	push_indent;
 	append_file $exit or emit 'true';
--- a/Shorewall/Perl/prog.header
+++ b/Shorewall/Perl/prog.header
@ -808,13 +808,13 @@ detect_dynamic_gateway() { # $1 = interface
    local GATEWAYS
    GATEWAYS=
    local gateway
-    #
-    # First assume that this is some sort of point-to-point interface
-    #
-    gateway=$( find_peer $($IP addr list $interface ) )
-    #
-    # If that didn't work, then try DHCP
-    #
+
+    gateway=$(run_findgw_exit $1);
+
+    if [ -n "$gateway" ]; then
+	gateway=$( find_peer $($IP addr list $interface ) )
+    fi
+
    if [ -z "$gateway" -a -f /var/lib/dhcpcd/dhcpcd-${1}.info ]; then
 	eval $(grep ^GATEWAYS=  /var/lib/dhcpcd/dhcpcd-${1}.info 2> /dev/null)
 	[ -n "$GATEWAYS" ] && GATEWAYS=${GATEWAYS%,*} && gateway=$GATEWAYS
@ -824,10 +824,6 @@ detect_dynamic_gateway() { # $1 = interface
 	gateway=$(grep 'option routers' /var/lib/dhcp/dhclient-${1}.lease | tail -n 1 | while read j1 j2 gateway; do echo $gateway; return 0; done)
    fi

-    if [ -z "$gateway" -a -f /var/lib/dhcp3/dhclient-${1}.leases ]; then
-	gateway=$(grep 'option routers' /var/lib/dhcp3/dhclient-${1}.leases | tail -n 1 | while read j1 j2 gateway; do echo $gateway; return 0; done)
-    fi
-
    [ -n "$gateway" ] && echo $gateway
 }

--- a/Shorewall/changelog.txt
+++ b/Shorewall/changelog.txt
@ -4,6 +4,8 @@ Changes in Shorewall 4.3.11

 2) Fix SCTP source port handling in tcfilters.

+3) Add 'findgw' user exit.
+
 Changes in Shorewall 4.3.10

 1) Fix handling of shared optional providers.
--- a/Shorewall/releasenotes.txt
+++ b/Shorewall/releasenotes.txt
@ -125,7 +125,29 @@ None.
 	local net			   flow=dst

    These will cause a 'flow' to consists of the traffic to/from each
-    internal system. 
+    internal system.
+
+2)  In order to generalize support for learning the gateway for dynamic
+    interfaces, a new 'findgw' extension script (user exit) has been
+    added.
+
+    The exit will be invoked in a function that has a single argument:
+
+    	$1 = <name of an interface>
+
+    If the function can determine the gateway for the passed interface,
+    it should write the gateway to standard out. Here is a sample
+    /etc/shorewall/findgw that works with dhclient (dhcp3) in Debian
+    Lenny:
+
+    if [ -f /var/lib/dhcp3/dhclient-${1}.leases ]; then
+       grep 'option routers' /var/lib/dhcp3/dhclient-${1}.leases |\
+          tail -n 1 |\
+	  while read j1 j2 gateway; do echo $gateway; return 0; done
+    fi
+
+    The same code works on Ubuntu Jaunty if you replace '.leases' with
+    '.lease' (don't you just love the consistency between distributions?).
   
 ----------------------------------------------------------------------------
                 N E W   F E A T U R E S   IN   4 . 3