From 6d87be16190a658ac324488024a82961774f0ece Mon Sep 17 00:00:00 2001 From: Mohit Mehta Date: Wed, 19 Nov 2008 18:18:30 -0800 Subject: Fix Bug 3917 dhcp brings interface up for lease acquire/renew even though interface has been disabled in CLI --- scripts/vyatta-interfaces.pl | 58 ++++++++++++++++++---- .../interfaces/ethernet/node.tag/address/node.def | 6 ++- .../interfaces/ethernet/node.tag/disable/node.def | 12 ++++- .../node.tag/vif/node.tag/address/node.def | 6 ++- .../node.tag/vif/node.tag/disable/node.def | 12 ++++- 5 files changed, 77 insertions(+), 17 deletions(-) diff --git a/scripts/vyatta-interfaces.pl b/scripts/vyatta-interfaces.pl index 2a47bce..6453717 100644 --- a/scripts/vyatta-interfaces.pl +++ b/scripts/vyatta-interfaces.pl @@ -44,7 +44,7 @@ use warnings; my $dhcp_daemon = '/sbin/dhclient'; -my ($eth_update, $eth_delete, $addr, $dev, $mac, $mac_update, $op_dhclient); +my ($eth_update, $eth_delete, $addr, $dev, $mac, $mac_update, $op_dhclient, $intf_cli_path); GetOptions("eth-addr-update=s" => \$eth_update, "eth-addr-delete=s" => \$eth_delete, @@ -53,6 +53,7 @@ GetOptions("eth-addr-update=s" => \$eth_update, "valid-mac=s" => \$mac, "set-mac=s" => \$mac_update, "op-command=s" => \$op_dhclient, + "intf-cli-path=s" => \$intf_cli_path ); if (defined $eth_update) { update_eth_addrs($eth_update, $dev); } @@ -212,25 +213,56 @@ sub dhcp_update_config { dhcp_write_file($conf_file, $output); } +sub is_intf_disabled { + my $intf = shift; + + # only do this if script run from config mode + if (!defined $op_dhclient) { + + if (!defined $intf_cli_path) { + print "unable to check if interface is disabled without cli path\n"; + exit 1; + } + + my $config = new VyattaConfig; + $config->setLevel("$intf_cli_path"); + + if ($intf =~ m/^br/) { + if ($config->returnValue("disable") eq "true") { + return 1; + } + } else { + if ($config->exists("disable")) { + return 1; + } + } + + } + return 0; +} + + sub run_dhclient { my $intf = shift; my ($intf_config_file, $intf_process_id_file, $intf_leases_file) = VyattaMisc::generate_dhclient_intf_files($intf); dhcp_update_config($intf_config_file, $intf); - my $cmd = "$dhcp_daemon -q -nw -cf $intf_config_file -pf $intf_process_id_file -lf $intf_leases_file $intf 2> /dev/null &"; - # adding & at the end to make the process into a daemon immediately - system ($cmd) == 0 + if (!(is_intf_disabled($intf))) { + my $cmd = "$dhcp_daemon -q -nw -cf $intf_config_file -pf $intf_process_id_file -lf $intf_leases_file $intf 2> /dev/null &"; + # adding & at the end to make the process into a daemon immediately + system ($cmd) == 0 or warn "start $dhcp_daemon failed: $?\n"; + } } sub stop_dhclient { my $intf = shift; - - my ($intf_config_file, $intf_process_id_file, $intf_leases_file) = VyattaMisc::generate_dhclient_intf_files($intf); - my $release_cmd = "$dhcp_daemon -q -cf $intf_config_file -pf $intf_process_id_file -lf $intf_leases_file -r $intf 2> /dev/null"; - system ($release_cmd) == 0 + if (!(is_intf_disabled($intf))) { + my ($intf_config_file, $intf_process_id_file, $intf_leases_file) = VyattaMisc::generate_dhclient_intf_files($intf); + my $release_cmd = "$dhcp_daemon -q -cf $intf_config_file -pf $intf_process_id_file -lf $intf_leases_file -r $intf 2> /dev/null"; + system ($release_cmd) == 0 or warn "stop $dhcp_daemon failed: $?\n"; - unlink ($intf_config_file); + } } sub update_eth_addrs { @@ -287,6 +319,7 @@ sub delete_eth_addrs { unlink("/var/lib/dhcp3/dhclient_$intf\_lease"); unlink("/var/lib/dhcp3/$intf"); unlink("/var/run/vyatta/dhclient/dhclient_release_$intf"); + unlink("/var/lib/dhcp3/dhclient_$intf\.conf"); exit 0; } my $version = is_ip_v4_or_v6($addr); @@ -430,6 +463,13 @@ sub op_dhcp_command { print "$intf is not using DHCP to get an IP address\n"; exit 1; } + + my $flags = VyattaMisc::get_sysfs_value($intf, 'flags'); + my $hex_flags = hex($flags); + if (!($hex_flags & 0x1)) { + print "$intf is disabled. Unable to release/renew lease\n"; + exit 1; + } my $tmp_dhclient_dir = '/var/run/vyatta/dhclient/'; my $release_file = $tmp_dhclient_dir . 'dhclient_release_' . $intf; diff --git a/templates/interfaces/ethernet/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/address/node.def index d523793..5277263 100644 --- a/templates/interfaces/ethernet/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/address/node.def @@ -2,8 +2,10 @@ multi: type: txt help: Set an IP address for this interface syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../@)"; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../@)" -update:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@)"; "Error setting address $VAR(@) on interface $VAR(../@)" -delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@)"; "Error deleting address $VAR(@) on interface $VAR(../@)" +update:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../@) \ +--intf-cli-path \"interfaces ethernet $VAR(../@)\""; "Error setting address $VAR(@) on interface $VAR(../@)" +delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../@) \ +--intf-cli-path \"interfaces ethernet $VAR(../@)\""; "Error deleting address $VAR(@) on interface $VAR(../@)" allowed: echo "dhcp <>" comp_help:Possible completions: Set the IP address and prefix length diff --git a/templates/interfaces/ethernet/node.tag/disable/node.def b/templates/interfaces/ethernet/node.tag/disable/node.def index 54090cc..90dd582 100644 --- a/templates/interfaces/ethernet/node.tag/disable/node.def +++ b/templates/interfaces/ethernet/node.tag/disable/node.def @@ -1,3 +1,11 @@ help: Set interface disabled -update:expression: "sudo ip link set $VAR(../@) down"; "Error disabling dev $VAR(../@)" -delete:expression: "sudo ip link set $VAR(../@) up"; "Error enabling dev $VAR(../@)" +update: /etc/netplug/linkdown.d/dhclient $VAR(../@) + if ! sudo ip link set $VAR(../@) down 2>/dev/null; then + echo "Error disabling dev $VAR(../@)" + /etc/netplug/linkup.d/dhclient $VAR(../@) + exit 1 + fi +delete: if ! sudo ip link set $VAR(../@) up; then + echo "Error enabling dev $VAR(../@)" + exit 1 + fi diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def index 625130a..0ef5583 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/address/node.def @@ -2,8 +2,10 @@ multi: type: txt help: Set an IP address for this interface syntax:expression: exec "/opt/vyatta/sbin/vyatta-interfaces.pl --valid-addr $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Invalid IP address/prefix [$VAR(@)] for interface $VAR(../../@).$VAR(../@)" -create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Error setting address $VAR(@) on dev $VAR(../../@).$VAR(../@) " -delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) "; "Error deleting address $VAR(@) on dev $VAR(../../@).$VAR(../@) " +create:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-update $VAR(@) --dev $VAR(../../@).$VAR(../@) \ +--intf-cli-path \"interfaces ethernet $VAR(../../@) vif $VAR(../@)\""; "Error setting address $VAR(@) on dev $VAR(../../@).$VAR(../@) " +delete:expression: "sudo /opt/vyatta/sbin/vyatta-interfaces.pl --eth-addr-delete $VAR(@) --dev $VAR(../../@).$VAR(../@) \ +--intf-cli-path \"interfaces ethernet $VAR(../../@) vif $VAR(../@)\""; "Error deleting address $VAR(@) on dev $VAR(../../@).$VAR(../@) " allowed: echo "dhcp <>" comp_help:Possible completions: Set the IP address and prefix length diff --git a/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def b/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def index 9599de3..78b2487 100644 --- a/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def +++ b/templates/interfaces/ethernet/node.tag/vif/node.tag/disable/node.def @@ -1,3 +1,11 @@ help: Set interface disabled -update:expression: "sudo ip link set $VAR(../../@).$VAR(../@) down"; "Error disabling dev $VAR(../../@).$VAR(../@)" -delete:expression: "sudo ip link set $VAR(../../@).$VAR(../@) up"; "Error enabling dev $VAR(../../@).$VAR(../@)" +update: /etc/netplug/linkdown.d/dhclient $VAR(../../@).$VAR(../@) + if ! sudo ip link set $VAR(../../@).$VAR(../@) down 2>/dev/null; then + echo "Error disabling dev $VAR(../../@).$VAR(../@)" + /etc/netplug/linkup.d/dhclient $VAR(../../@).$VAR(../@) + exit 1 + fi +delete: if ! sudo ip link set $VAR(../../@).$VAR(../@) up; then + echo "Error enabling dev $VAR(../../@).$VAR(../@)" + exit 1 + fi -- cgit v1.2.3