fwbuilder-common 5.1.0-4 / usr / share / fwbuilder-5.1.0.3599 / configlets / linux24 / update_bridge

This file is indexed.

/usr/share/fwbuilder-5.1.0.3599/configlets/linux24/update_bridge is in fwbuilder-common 5.1.0-4.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
## -*- mode: shell-script; -*- 
##
## To be able to make changes to the part of configuration created
## from this configlet you need to copy this file to the directory
## fwbuilder/configlets/linux24/ in your home directory and modify it.
## Double "##" comments are removed during processing but single "#"
## comments are be retained and appear in the generated script. Empty
## lines are removed as well.  
##
## Configlets support simple macro language with these constructs:
## {{$var}} is variable expansion
## {{if var}} is conditional operator.
##
############ bridge ############################################
## brctl  show
## bridge name   bridge id               STP enabled     interfaces
## br0           8000.000c29f6bebe       no              eth4.102
##                                                       eth5
##

missing_port() {
    intf=$1
    cmd=$2

    oldIFS=$IFS
    IFS="@"
    set $intf
    port=$1
    bridge_interface=$2
    IFS=$oldIFS

    echo "# Updating bridge configuration: $cmd $bridge_interface $port"
    $FWBDEBUG $BRCTL $cmd $bridge_interface $port
    test "$cmd" = "addif" && $FWBDEBUG $IP link set $port up
}

# update_bridge br0 "eth2 eth3"
update_bridge() {
    bridge_interface=$1
    shift

    FWB_PORTS=""
    CURRENT_PORTS=""

    FWB_PORTS=$(
        for subint in $*; do
          echo "${subint}@$bridge_interface"
        done | sort
    )

    # this is really redundant because we create missing bridge
    # interfaces in sync_bridge_interfaces. However will leave this
    # here so that function update_bridge can be used without prior
    # call to sync_bridge_interfaces The difference is that
    # sync_bridge_interfaces also deletes bridge interfaces that exist
    # on the machine but are missing in fwbuilder confgiuration. The
    # update_bridge function can only add bridge interfaces.
    $BRCTL showmacs $bridge_interface >/dev/null 2>&1 || {
        echo "# Creating bridge interface $bridge_interface"
        $FWBDEBUG $BRCTL addbr $bridge_interface
        $FWBDEBUG $IP link set $bridge_interface up
    }

    PORTS=$(
        $BRCTL show | \
            awk '($1~/^br/) { printf "\n"; }
                 (!/bridge name/ && NF>3) {printf "%s %s ", $1,$NF;}
                 (NF==1) {printf "%s ",$1;}' | grep $bridge_interface
    )

    test -n "$PORTS" && {
        set $PORTS
        shift
        CURRENT_PORTS=$(
            for subint in $*; do
                echo "${subint}@$bridge_interface"
            done | sort
        )
    }

    # first delete bridge ports, then add. This way, if an interface
    # moves from one bridge to another, we remove it first and then
    # add. It would not work if we tried to add it first, brctl issues
    # an error:
    # device eth2 is already a member of a bridge; can't enslave it to bridge br1.
    #
    diff_intf missing_port "$CURRENT_PORTS" "$FWB_PORTS" delif
    diff_intf missing_port "$FWB_PORTS" "$CURRENT_PORTS" addif
}

## This function synchronizes bridge interfaces between fwbuilder objects
## and actual configuration of the firewall machine. Birgde interfaces not
## listed as arguments will be deleted and those in the arguments will be
## created if missing.
##
## NOTE: we have to delete and create bridge interfaces before we add
## bridge ports to them because if a bridge interface that was not
## configured in fwbuilder existed before this script ran, its bridge
## ports could not be added to other bridges. This bridge interface
## should be deleted first.
##
## sync_bridge_interfaces br0 br1

sync_bridge_interfaces() {
    $BRCTL show | awk -v IGNORED="$*" \
        'BEGIN {
           split(IGNORED,ignored_arr);
           for (a in ignored_arr) {ignored_dict[ignored_arr[a]]=1;}
         }
         ($1 ~ /^br[0-9]/ && !($1 in ignored_dict)) {print $1;}' | \
         while read brintf; do
            echo "# Deleting bridge interface $brintf"
             $FWBDEBUG $IP link set $brintf down
             $FWBDEBUG $BRCTL delbr $brintf
         done

    for brint in $*; do
        $BRCTL showmacs $brint >/dev/null 2>&1 || {
            echo "# Creating bridge interface $brintf"
            $FWBDEBUG $BRCTL addbr $brint
            $FWBDEBUG $IP link set $brint up
        }
    done
}

APT Browse - Built by Thomas Orozco.