From patchwork Mon Mar 5 05:24:55 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonatan Schlag X-Patchwork-Id: 1685 Return-Path: Received: from mail01.ipfire.org (mail01.ipfire.org [IPv6:2001:470:7183:25::1]) by web02.i.ipfire.org (Postfix) with ESMTP id 52F066095C for ; Sun, 4 Mar 2018 19:25:13 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 9D1A1111C4E7; Sun, 4 Mar 2018 18:25:11 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187911; x=1522779911; bh=vk8T44O+2tyeftOhecGS5EHNyzjzaLy8t4R2gfBeazw=; h=From:To:Subject:Date:Message-Id:Sender:From:To:Cc:Date: Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=pit/7oz7LOKvVzo3nt199Zb5uAMuDzoyAn56F43KfwAA2slXGk+Ld3SSsxfifUm6I OCrnV2tfsD7X//VlS1MXxaiZyrDpqDL0OGxrAYM1qlFPZBlCUdMH73YwHh0HUyhKV1 qfdp58USCF7srprp8w35xF9XI3BIdKY5lFiqr/z/y/dOt3430bmyiOtD369eCdY4o4 dXPQ7wY2Ko7rEjCqfenkJdmJe13VPlxE//aOWCiCgd8d9viP+mgINymo5fx/Ns50yj qgZY0sk1ycAkWAmDf/FMoQNGD2ZYtmSxUy33mGAyu8JkJfP7oyclg/yUcaghwSZ38S +/FPjy4Qir99g== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from localhost.localdomain (unknown [46.183.103.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 3A138111C4E7; Sun, 4 Mar 2018 18:25:09 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187909; x=1522779909; bh=vk8T44O+2tyeftOhecGS5EHNyzjzaLy8t4R2gfBeazw=; h=From:To:Cc:Subject:Date:Message-Id:From:To:Cc:Date:Content-Type: Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=DB5h2Do+ANGR2ONq1eMIAaX87b/hR601KBQnaM/vt9kd0yhmHXh5If3Lg20wOuVTJ OF3x4yrqA8olQTf+PGvqMBS5BtCdfb/Ukol9AgUOCTyGamHP2RgkncDM3azzs5B3RA dhjnPmaD3ugU7sD+MwQ20DPF5yxgLRzBLbZGnfDk1oGiAE6RKDu/8LGDimeA3KOYd0 r8rAXG0yXSYfhGk7y5dXDgOx0lY4xJB625t67XOsEOB1wLzX5+2rcwKBVGXzQKtFTt 3JlUKd/bLS1CzwSWPtVu3iRaZ36e33vIlDoHLWO4pzGSRwS3m7/7hMQcek/4A4g37g ubg5A+AJJJVfw== From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH 1/5] ip-tunnel: add new function Date: Sun, 4 Mar 2018 18:24:55 +0000 Message-Id: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List for the network package List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: network-bounces@lists.ipfire.org Sender: "network" To be undependent from the IP protocol we use, when we use tunnel modes in our code, this function converts the modes to the modes the iproute2 tool uses which often depend on the IP protocol version. Signed-off-by: Jonatan Schlag --- src/functions/functions.ip-tunnel | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/src/functions/functions.ip-tunnel b/src/functions/functions.ip-tunnel index 7bb4e3f..550b0b3 100644 --- a/src/functions/functions.ip-tunnel +++ b/src/functions/functions.ip-tunnel @@ -21,6 +21,34 @@ IP_TUNNEL_MODES="gre sit vti" +# This function converts our modes into the type +# the iproute2 tool uses +ip_tunnel_convert_mode_to_iproute2_mode() { + local mode=${1} + local protocol=${2} + + if ! isset mode || ! isset protocol; then + log ERROR "Did not get mode and/or protocol" + return ${EXIT_ERROR} + fi + + if [[ "${protocol}" = "ipv4" ]]; then + # When we use IPv4 we can use our modes + echo "${mode}" + fi + + if [[ "${protocol}" = "ipv6" ]]; then + # When we use IPv6 we have to convert + case "${mode}" in + "vti") + echo "vti6" + ;; + "gre") + echo "ip6gre" + esac + fi +} + ip_tunnel_add() { local device=${1} shift From patchwork Mon Mar 5 05:24:56 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonatan Schlag X-Patchwork-Id: 1686 Return-Path: Received: from mail01.ipfire.org (unknown [172.28.1.200]) by web02.i.ipfire.org (Postfix) with ESMTP id A3B776095C for ; Sun, 4 Mar 2018 19:25:35 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org X-Spam-Flag: NO X-Spam-Score: -0.599 X-Spam-Level: X-Spam-Status: No, score=-0.599 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, KAM_NUMSUBJECT=0.5, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id E1D20111C4E7; Sun, 4 Mar 2018 18:25:34 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187934; x=1522779934; bh=po8phWDVZMCLFzer5IYi64rdxfQRdHzqClQgW2huh1o=; h=From:To:Subject:Date:Message-Id:In-Reply-To:Sender:From:To:Cc: Date:Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=L8/naNOzSHao0Sow4m6KiCmBv+JPhZR3iNIxxCJK1bBL2omK8hKc6DYkOQ9+ijams 6mDSXWPNWOb2sdSVREYo7BeebVrz76iM3YK/Wdx38oSHmXH2MMi0wb9/U+c/hUdb6+ aL3s8wi8qPK0eHknIfuTgFWmRMm2E4Ecv8J2fgsgEzq4Y6bBIREpDmg4Ajv3pUNpFE WH6DtcasQR638YVEsh/jHSXAA65fuosj3oOZSEqdGnjF6+G0QdXbxCc8PaRxghU7Gx wCnSW9AoZM8B/uNtuYtiHr6yjJjK4vooeQENYLSVWKaqD/5+3PWiq+Dy8QWuaye1TK dbv8fLIBl41GQ== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from localhost.localdomain (unknown [46.183.103.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 0AE74111C4E7; Sun, 4 Mar 2018 18:25:14 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187933; x=1522779933; bh=po8phWDVZMCLFzer5IYi64rdxfQRdHzqClQgW2huh1o=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:From:To:Cc:Date: Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=PD/fMa+5V8gnji3PZ9q+KJyz8jWiRmeZrRnNP2fBk9qmKek8JcC9y7qJbxspTMn3A luxrN+6MU/Kq6zV9QFLgZFENgVwLW4HTYO/KciM3HWbSc5BiBDUESvXciGFRomBwzz j9Nlk0mhj3JZFF+Br+B4LD2OdkDp4icc3jkUQkXzJdaYls0JoheLnlMRuPDsCZiFU2 MD4ik875MJ/8molH9I/oODEFxu4Acw7J+CKZmNrsMs1PvboLAIFQEfDAM4C424uPsj 5SdMVBx4l18rjLUtf/9TE5R6zKMKNIvckyPFQKoMA/TAX7nl+a1GdMZj7wCW48FosU 22sbQj6kidgNQ== From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH 2/5] device: add new function device_is_vti6 Date: Sun, 4 Mar 2018 18:24:56 +0000 Message-Id: <1520187899-5759-2-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 In-Reply-To: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> References: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List for the network package List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: network-bounces@lists.ipfire.org Sender: "network" This functions checks if a device is a vti6 device. Signed-off-by: Jonatan Schlag --- src/functions/functions.device | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/functions/functions.device b/src/functions/functions.device index 2de1ad9..a04111e 100644 --- a/src/functions/functions.device +++ b/src/functions/functions.device @@ -286,6 +286,14 @@ device_is_vti() { [ "${type}" = "768" ] && return ${EXIT_OK} || return ${EXIT_ERROR} } +device_is_vti6() { + local device=${1} + + local type=$(__device_get_file ${device} type) + + [ "${type}" = "769" ] && return ${EXIT_OK} || return ${EXIT_ERROR} +} + device_get_phy() { local device="${1}" From patchwork Mon Mar 5 05:24:57 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonatan Schlag X-Patchwork-Id: 1687 Return-Path: Received: from mail01.ipfire.org (mail01.ipfire.org [IPv6:2001:470:7183:25::1]) by web02.i.ipfire.org (Postfix) with ESMTP id 285A76095C for ; Sun, 4 Mar 2018 19:25:50 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id 25D89111C4FE; Sun, 4 Mar 2018 18:25:49 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187949; x=1522779949; bh=JDNNcNTw29j0zwkLzAMLexUh/6J+hlJ6RoYIPFNznE0=; h=From:To:Subject:Date:Message-Id:In-Reply-To:Sender:From:To:Cc: Date:Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=H0tlgnSzUY3irVMp/DGvc7b/0c41pe5ZNrJRKR07sVp/skq9Fu7h2n2ne/ThK2qJQ GJnf6MJ/EHFBnXhc2KZhOsa1tDH9Bio3OS8OHYZwQI0cuF3NpHcSRyy//YOKOi+vcg s9DcsGpu+BOfOcUO2V/VIL5fUCxvGnA2ggnGU9eDhRk5AdxvOONKtU263yO2GmADXZ tBsX4vSl6CekFvnTm1ZD3TOlmw9jQ/1HR5wFUioCXE8mvkeUgQd9sK9sdUb71ZXT6q 9FsrDMWhJPHAMpEGBbIHtB5G3shLzZwfQL3xKR8uyR3+Y0tihzAX6G+NGg7Ht0TaXg 9tRmpficuoyWQ== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from localhost.localdomain (unknown [46.183.103.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 4D4D0108C3BF; Sun, 4 Mar 2018 18:25:41 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187946; x=1522779946; bh=JDNNcNTw29j0zwkLzAMLexUh/6J+hlJ6RoYIPFNznE0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:From:To:Cc:Date: Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=qmVlq2h9ydc8Nm/C4xZgQzyZ2AsQbjdi0kb8IhT7JmCvvwgjqFdWIaTZVNC1/O6+D NpAfNh7Hen7Pcq4bZeu5jLHT8C2eW+Z3o609Sto1TJ6dEwUzTL4DToLVJzXsx77eef +IAoo3P7xp+r+9OFiCDLnHX28vIzdcTOkVs/BWZ45B9tLZnX4LNiOI9UTgazakaxYL g8ShhSmc59ozI7u7f+BXd+KDkvveRZ7ZfbObW+qFxfwdns39Q1aY6oDFaeSRUI31+V TKkGmvH2QoSMPHg7NhtYgkIGPOerjt/KhsDikYFjCXUD6xatkt6RVUrip/RFIcPdLy Of1bW0PI1Bxog== From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH 3/5] device: add new function device_tunnel_get_type() Date: Sun, 4 Mar 2018 18:24:57 +0000 Message-Id: <1520187899-5759-3-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 In-Reply-To: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> References: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List for the network package List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: network-bounces@lists.ipfire.org Sender: "network" If we already know that the device must be a ip-tunnel device we can save time when we check just for the types a ip-tunnel device can have. To avoid code duplication we call this function from device_get_type() Signed-off-by: Jonatan Schlag --- src/functions/functions.device | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/functions/functions.device b/src/functions/functions.device index a04111e..0cd6e4e 100644 --- a/src/functions/functions.device +++ b/src/functions/functions.device @@ -396,9 +396,27 @@ device_get_type() { elif device_is_phy ${device}; then echo "phy" + else + echo "$(device_tunnel_get_type "${device}")" + fi +} + +# This function just checks the types a ip-tunnel device usually have +# so when we know that the device is an ip-tunnel device we save time +device_tunnel_get_type() { + local device=${1} + + # If the device does not exist (happens on udev remove events), + # we do not bother to run all checks. + if ! device_exists "${device}"; then + echo "unknown" + elif device_is_vti ${device}; then echo "vti" + elif device_is_vti6 ${device}; then + echo "vti6" + else echo "unknown" fi From patchwork Mon Mar 5 05:24:58 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonatan Schlag X-Patchwork-Id: 1688 Return-Path: Received: from mail01.ipfire.org (mail01.ipfire.org [IPv6:2001:470:7183:25::1]) by web02.i.ipfire.org (Postfix) with ESMTP id 2825E6095C for ; Sun, 4 Mar 2018 19:26:41 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id E3CFF111C4FE; Sun, 4 Mar 2018 18:26:39 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187999; x=1522779999; bh=8MY1uBT5iuwbhiOFc+xCBPCHscMt/bOnvBfiwXI/Yko=; h=From:To:Subject:Date:Message-Id:In-Reply-To:Sender:From:To:Cc: Date:Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=Tx/8lBrEL+7EY3ed35Ns7Ah12a5NB9zj9C3N7EHKkOV8wnFXx7gjL27s6PuFSBd6l qTveQFo6vddOpy9sGe+25Qkiq4HsLmnVgO7CKT9Fo4V+ji/5LCsHUXPrrDlgdBmFz+ bPevw+DGqDoOTgDE4s96pyqX8RhDS9rbpV2xVkTt/fSlYh+8pokFSLhIcBnpm5igDE w5qNRKBqm3d11D2M6OlvCdsBtRanzAIw6YYRpEy+ybJocXBT4fGPQOwaglv2xsBYrt MihiGGqsdb2kET6P3kWQNTCE5dyfM5Se/M/rZKx2hy2Z1y+w6NimO+QcvC/KAksxHV K5TRu0kFz5P5g== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from localhost.localdomain (unknown [46.183.103.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id A3118108C3BF; Sun, 4 Mar 2018 18:26:37 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520187998; x=1522779998; bh=8MY1uBT5iuwbhiOFc+xCBPCHscMt/bOnvBfiwXI/Yko=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:From:To:Cc:Date: Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=uOLCy3NtKLLMya1BXV7U9dkqDmDyLbnulA1j2vTYK/PXoRoD4U0MUdgSSYLGx3jZZ YWVKNtpsdSQSizfXq1c3DLQFJzA0X6DL8QRWP8tGLQypaVg0g/rGuarXP+erQYYtQ2 jsmam3Y1G0JKAQCsgDDVD+wmb03F6gkJvV0IiUyWvFzxwajH+oM+DzXyG2ewa/Kxhu sYeA88P7djJoLAgGLj8VadH5rSodo+P96HsdRVi30HFEcmPxxIC14H1POen99KEEl7 yofzCAbrhHHDW9S6kY4Jtxhvp3Ki5XJV654mQmZj0PFu/lnLF7fzZjE0AcyfGYBvuB iUrL9ZjNnN5jg== From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH 4/5] ip-tunnel: Improve checks Date: Sun, 4 Mar 2018 18:24:58 +0000 Message-Id: <1520187899-5759-4-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 In-Reply-To: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> References: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List for the network package List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: network-bounces@lists.ipfire.org Sender: "network" We cannot mix ipv6 and ipv4 and we also need to detect the IP protocol version to decide which mode we have to use. This is done in a seperated commit. Signed-off-by: Jonatan Schlag --- src/functions/functions.ip-tunnel | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/functions/functions.ip-tunnel b/src/functions/functions.ip-tunnel index 550b0b3..0a0c210 100644 --- a/src/functions/functions.ip-tunnel +++ b/src/functions/functions.ip-tunnel @@ -98,6 +98,24 @@ ip_tunnel_add() { return ${EXIT_ERROR} fi + # Detect the IP protocol, which is important to decide which mode we have to use + local remote_address_protocol="$(ip_detect_protocol "${remote_address}")" + + # If we could not detect the IP protocol something with + # ${remote_address} is wrong + if ! isset remote_address_protocol; then + log ERROR "Could not determine remote address IP protocol" + return ${EXIT_ERROR} + fi + + # We cannot mix IPv6 and IPv4 + if [[ "${remote_address_protocol}" != \ + "$(ip_detect_protocol "${local_address}")" ]] ; then + log ERROR "Local and remote address\ + are not from the same IP protocol" + return ${EXIT_ERROR} + fi + # ikey and okey must be set for VTI devices if [ "${mode}" = "vti" ] && (! isset ikey || ! isset okey); then error "--ikey= and --okey= must be set for VTI device" From patchwork Mon Mar 5 05:24:59 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jonatan Schlag X-Patchwork-Id: 1689 Return-Path: Received: from mail01.ipfire.org (mail01.ipfire.org [IPv6:2001:470:7183:25::1]) by web02.i.ipfire.org (Postfix) with ESMTP id E85166095C for ; Sun, 4 Mar 2018 19:26:44 +0100 (CET) X-Virus-Scanned: ClamAV at mail01.ipfire.org X-Spam-Flag: NO X-Spam-Score: -1.099 X-Spam-Level: X-Spam-Status: No, score=-1.099 tagged_above=-999 required=5 tests=[ALL_TRUSTED=-1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mail01.i.ipfire.org (localhost [IPv6:::1]) by mail01.ipfire.org (Postfix) with ESMTP id EEE3F111C4FE; Sun, 4 Mar 2018 18:26:43 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520188004; x=1522780004; bh=qnuGqMWIkhGLFufSUnAgQ7qv8HDk7/0HXwri1R7Qw/0=; h=From:To:Subject:Date:Message-Id:In-Reply-To:Sender:From:To:Cc: Date:Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=opstHtD/dGeEk61bdvsJmpCTgguBkzHSne5HKiKZBnXSxAlxItF40BIT78ydmb9eU NFr33HDOqgVpPKaYE7Nu7O4ZusdlYlevlo7ZyFVGsv9qTANktp2+dkiS3qF0b6MP4i 9sfcNv8OfHqJZw0IMNN5zTa5IGXns1GfivduCEkww/lR7LoK9pG1f2iEtkj0DUnvuh xtZ6MIieIrbTibVdE+2obW7R5dY4LeW538SYYYSXK1Mp3b/op4rdkT8QkWn0NRT7V/ YnbDk3qhqgmBhMJJb+eMlBsTdfcQi+iehdn0fJeVP2bYQGlL+7JJjn5WYitvlUIGxh U9O53GSGMudnQ== X-Virus-Scanned: ClamAV at mail01.ipfire.org Received: from localhost.localdomain (unknown [46.183.103.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client did not present a certificate) by mail01.ipfire.org (Postfix) with ESMTPSA id 3C361111C505; Sun, 4 Mar 2018 18:26:40 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ipfire.org; s=201801; t=1520188001; x=1522780001; bh=qnuGqMWIkhGLFufSUnAgQ7qv8HDk7/0HXwri1R7Qw/0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:From:To:Cc:Date: Content-Type:Message-ID:In-Reply-To:Subject:Reply-To:Sender; b=eBxWeJyLWXyHpVxl0iT6snZjictTvJi1XRTnWLGFFFFqaZF5U8aG0V4SpkdSEVX3b tJKTS0jMW9nmTsusT57CbV5B2Vvxbr6iN6SC9v9EqXxN9ySV+ksPBBwqSyPhChoDZ7 bijZvOIzM08cvbJgWFjaGxdKQeAB//Ebt9khgsiX4lpDAUAFKEwHSJq2gmo10psg4Y PaRDUHnQ9svu+IuULfnCBFmQbbnin9sehq8zfzYRTXvcJC3/htxbpqZPSRVFgMa6n2 oD6wehkGAto83qJ/u0agrMNMaFlNvRdouiqruIhSUsegsDK2Kr7SwNGw+C5oildfsN qotqbEFltAORg== From: Jonatan Schlag To: network@lists.ipfire.org Subject: [PATCH 5/5] ip-tunnel: choose the correct type based on the ip protocol Date: Sun, 4 Mar 2018 18:24:59 +0000 Message-Id: <1520187899-5759-5-git-send-email-jonatan.schlag@ipfire.org> X-Mailer: git-send-email 2.6.3 In-Reply-To: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> References: <1520187899-5759-1-git-send-email-jonatan.schlag@ipfire.org> X-BeenThere: network@lists.ipfire.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List for the network package List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: network-bounces@lists.ipfire.org Sender: "network" IPv4 and IPv6 need different types for iproute2. So in the _add function we have to determine the mode based on the IP protocol of the ${remote_address}. When we change ikey and okey we have to dertermine the mode the device have currently. Fixes: #11431 Signed-off-by: Jonatan Schlag --- src/functions/functions.ip-tunnel | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/functions/functions.ip-tunnel b/src/functions/functions.ip-tunnel index 0a0c210..3baf280 100644 --- a/src/functions/functions.ip-tunnel +++ b/src/functions/functions.ip-tunnel @@ -150,6 +150,9 @@ ip_tunnel_add() { cmd_args="${cmd_args} ikey ${ikey} okey ${okey}" fi + # Determine the mode based on the IP protocol + mode=$(ip_tunnel_convert_mode_to_iproute2_mode "${mode}" "${remote_address_protocol}") + log DEBUG "Creating tunnel device '${device}' (mode=${mode})..." # Create the device. @@ -208,8 +211,16 @@ ip_tunnel_change_keys() { return ${EXIT_ERROR} fi + # Determine the device type + local type="$(device_tunnel_get_type ${device})" + + if ! isoneof "type" vti vti6; then + log ERROR "Device type '${type}' is invalid" + return ${EXIT_ERROR} + fi + if ! cmd ip link change dev "${device}" \ - type vti ikey "${ikey}" okey "${okey}"; then + type "${type}" ikey "${ikey}" okey "${okey}"; then log ERROR "Could not change keys of device ${device}" return ${EXIT_ERROR} fi