Exemplo n.º 1
0
int start_shorewall(void)
{

	if (!nvram_invmatch("shorewall_enable", "0"))
		return 0;

	stop_firewall();
	stop_shorewall();

	mkdir("/var/shorewall", 0700);

	nvram2file("sh_interfaces", "/var/shorewall/interfaces");
	nvram2file("sh_masq", "/var/shorewall/masq");
	nvram2file("sh_policy", "/var/shorewall/policy");
	nvram2file("sh_routestopped", "/var/shorewall/route_stopped");
	nvram2file("sh_rules", "/var/shorewall/rules");
	nvram2file("sh_zones", "/var/shorewall/zones");
	symlink("/usr/sbin/shorewall", "/var/shorewall/shorewall");
	symlink("/usr/sbin/shorewall.conf", "/var/shorewall/shorewall.conf");
	symlink("/usr/sbin/firewall", "/var/shorewall/firewall");
	symlink("/usr/sbin/functions", "/var/shorewall/functions");
	symlink("/usr/sbin/common.def", "/var/shorewall/common.def");
	symlink("/usr/sbin/version", "/var/shorewall/version");

	system("/var/shorewall/shorewall start");

	return 0;
}
Exemplo n.º 2
0
static int bound(void)
{
	nvram_unset("dhcpc_done");
	char *wan_ifname = safe_getenv("interface");
	char *value;
	static char temp_wan_ipaddr[16], temp_wan_netmask[16],
	    temp_wan_gateway[16];
	int changed = 0;
	static char *cidr;
	if (nvram_match("wan_proto", "iphone"))
		stop_process("ipheth-loop", "IPhone Pairing Daemon");

	cidr = getenv("cidrroute");
	if (cidr && wan_ifname) {
		char *callbuffer = malloc(strlen(cidr) + 128);
		sprintf(callbuffer,
			"export cidrroute=\"%s\";export interface=\"%s\";/etc/cidrroute.sh",
			cidr, wan_ifname);
		system(callbuffer);
		free(callbuffer);
	}

	if ((value = getenv("ip"))) {
		chomp(value);
		if (nvram_match("wan_proto", "pptp")
		    && nvram_match("pptp_use_dhcp", "1"))
			strcpy(temp_wan_ipaddr, value);
		else {
			if (nvram_invmatch("wan_ipaddr", value))
				changed = 1;
		}
		nvram_set("wan_ipaddr", value);
	}
	if ((value = getenv("subnet"))) {
		chomp(value);
		if (nvram_match("wan_proto", "pptp")
		    && nvram_match("pptp_use_dhcp", "1"))
			strcpy(temp_wan_netmask, value);
		else {
			if (nvram_invmatch("wan_netmask", value))
				changed = 1;
			nvram_set("wan_netmask", value);
		}
	}
	if ((value = getenv("router"))) {
		chomp(value);
		if (nvram_invmatch("wan_gateway", value))
			changed = 1;
		nvram_set("wan_gateway", value);
	}
	if ((value = getenv("dns"))) {
		chomp(value);
		// if (nvram_invmatch("wan_get_dns",value))
		// changed=1; 
		nvram_set("wan_get_dns", value);
	}
	/*
	 * Don't care for linksys spec if ((value = getenv("wins")))
	 * nvram_set("wan_wins", value); if ((value = getenv("hostname")))
	 * sethostname(value, strlen(value) + 1); 
	 */
	if ((value = getenv("domain"))) {
		chomp(value);
		if (nvram_invmatch("wan_get_domain", value))
			changed = 1;
		nvram_set("wan_get_domain", value);	// HeartBeat need to use
	}
	if ((value = getenv("lease"))) {
		chomp(value);
		nvram_set("wan_lease", value);
		expires(atoi(value));
	}
	if (!changed) {
		cprintf("interface hasnt changed, do nothing\n");
		return 0;
	}
	stop_firewall();
	cprintf("configure to IF[%s] , IP[%s], MASK[%s]\n", wan_ifname,
		nvram_safe_get("wan_ipaddr"), nvram_safe_get("wan_netmask"));

	if (nvram_match("wan_proto", "pptp")
	    && nvram_match("pptp_use_dhcp", "1"))
		eval("ifconfig", wan_ifname, temp_wan_ipaddr, "netmask",
		     temp_wan_netmask, "up");
	else
		eval("ifconfig", wan_ifname, nvram_safe_get("wan_ipaddr"),
		     "netmask", nvram_safe_get("wan_netmask"), "up");

	/*
	 * We only want to exec bellow functions after dhcp get ip if the
	 * wan_proto is heartbeat 
	 */
#ifdef HAVE_HEARTBEAT
	if (nvram_match("wan_proto", "heartbeat")) {
		int i = 0;

		/*
		 * Delete all default routes 
		 */
		while (route_del(wan_ifname, 0, NULL, NULL, NULL) == 0
		       || i++ < 10) ;

		/*
		 * Set default route to gateway if specified 
		 */
		route_add(wan_ifname, 0, "0.0.0.0",
			  nvram_safe_get("wan_gateway"), "0.0.0.0");

		/*
		 * save dns to resolv.conf 
		 */
		dns_to_resolv();
		stop_udhcpd();
		start_udhcpd();
		start_firewall();
		stop_wland();
		start_wshaper();
		start_wland();
		start_heartbeat_boot();
	}
#else
	if (0) {
		// nothing
	}
#endif
#ifdef HAVE_PPTP
	else if (nvram_match("wan_proto", "pptp")
		 && nvram_match("pptp_use_dhcp", "1")) {
		char pptpip[64];
		struct dns_lists *dns_list = NULL;

		dns_to_resolv();

		dns_list = get_dns_list();
		int i = 0;

		if (dns_list) {
			for (i = 0; i < dns_list->num_servers; i++)
				route_add(wan_ifname, 0,
					  dns_list->dns_server[i],
					  nvram_safe_get("wan_gateway"),
					  "255.255.255.255");
			free(dns_list);
		}
		route_add(wan_ifname, 0, "0.0.0.0",
			  nvram_safe_get("wan_gateway"), "0.0.0.0");

		nvram_set("wan_gateway_buf", nvram_get("wan_gateway"));

		getIPFromName(nvram_safe_get("pptp_server_name"), pptpip);
		nvram_set("pptp_server_ip", pptpip);

		// Add the route to the PPTP server on the wan interface for pptp
		// client to reach it
		if (nvram_match("wan_gateway", "0.0.0.0")
		    || nvram_match("wan_netmask", "0.0.0.0"))
			route_add(wan_ifname, 0,
				  nvram_safe_get("pptp_server_ip"),
				  nvram_safe_get("wan_gateway"),
				  "255.255.255.255");
		else
			route_add(wan_ifname, 0,
				  nvram_safe_get("pptp_server_ip"),
				  nvram_safe_get("wan_gateway"),
				  nvram_safe_get("wan_netmask"));

	}
#endif
#ifdef HAVE_L2TP
	else if (nvram_match("wan_proto", "l2tp")) {
		char l2tpip[64];
		struct dns_lists *dns_list = NULL;

		dns_to_resolv();

		dns_list = get_dns_list();

		int i = 0;

		if (dns_list) {
			for (i = 0; i < dns_list->num_servers; i++)
				route_add(wan_ifname, 0,
					  dns_list->dns_server[i],
					  nvram_safe_get("wan_gateway"),
					  "255.255.255.255");
			free(dns_list);
		}

		/*
		 * Backup the default gateway. It should be used if L2TP connection
		 * is broken 
		 */
		nvram_set("wan_gateway_buf", nvram_get("wan_gateway"));

		getIPFromName(nvram_safe_get("l2tp_server_name"), l2tpip);

		nvram_set("l2tp_server_ip", l2tpip);

		route_add(wan_ifname, 0,
			  nvram_safe_get("l2tp_server_ip"),
			  nvram_safe_get("wan_gateway"), "255.255.255.255");

		start_firewall();
		start_l2tp_boot();
	}
#endif
	else {
		cprintf("start wan done\n");
		start_wan_done(wan_ifname);
	}
	nvram_set("dhcpc_done", "1");
	cprintf("done\n");
	return 0;
}