summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2018-11-04 11:47:51 +0100
committerChristian Poessinger <christian@poessinger.com>2018-11-04 11:47:51 +0100
commit698c5a40b2ece2f3eb41ad932660f7ceb1f80092 (patch)
treec74926efcae3b5db9c8f861ab7d1d09c755e68f0 /src
parent13a92825afc0d96773d4d510bd26e4fab5b77c3d (diff)
downloadvyos-1x-698c5a40b2ece2f3eb41ad932660f7ceb1f80092.tar.gz
vyos-1x-698c5a40b2ece2f3eb41ad932660f7ceb1f80092.zip
T959: XML/Python rewrite of "protocol igmp-proxy" and op-mode commands
Examples: ========= CFG commands: vyos@vyos# set protocols igmp-proxy disable-quickleave vyos@vyos# set protocols igmp-proxy interface eth0 alt-subnet '172.16.35.0/24' vyos@vyos# set protocols igmp-proxy interface eth0 alt-subnet '172.31.0.0/24' vyos@vyos# set protocols igmp-proxy interface eth0 role 'upstream' vyos@vyos# set protocols igmp-proxy interface eth1 role 'downstream' vyos@vyos# show protocols igmp-proxy { disable-quickleave interface eth0 { alt-subnet 172.16.35.0/24 alt-subnet 172.31.0.0/24 role upstream } interface eth1 { role downstream } } OP mode commands: ----------------- vyos@vyos:~$ show ip multicast interface Interface BytesIn PktsIn BytesOut PktsOut Local eth0 0.0b 0 0.0b 0 xxx.xxx.xxx.65 eth1 0.0b 0 0.0b 0 xxx.xxx.xx.201 vyos@vyos:~$ show ip multicast mfc Group Origin Pkts Bytes Wrong In Out xxx.x.xx.1 xxx.xx.0.1 10 9.81KB 0 eth0 eth1 xxx.x.xx.2 xxx.xx.0.1 --
Diffstat (limited to 'src')
-rwxr-xr-xsrc/conf_mode/igmp_proxy.py179
-rwxr-xr-xsrc/etc/init.d/igmpproxy166
-rwxr-xr-xsrc/op_mode/show-igmpproxy.py241
3 files changed, 586 insertions, 0 deletions
diff --git a/src/conf_mode/igmp_proxy.py b/src/conf_mode/igmp_proxy.py
new file mode 100755
index 000000000..b994369af
--- /dev/null
+++ b/src/conf_mode/igmp_proxy.py
@@ -0,0 +1,179 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2018 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+#
+
+import sys
+import os
+import jinja2
+
+from vyos.config import Config
+from vyos import ConfigError
+
+config_file = r'/etc/igmpproxy.conf'
+
+# Please be careful if you edit the template.
+config_tmpl = """
+########################################################
+#
+# autogenerated by igmp_proxy.py
+#
+# The configuration file must define one upstream
+# interface, and one or more downstream interfaces.
+#
+# If multicast traffic originates outside the
+# upstream subnet, the "altnet" option can be
+# used in order to define legal multicast sources.
+# (Se example...)
+#
+# The "quickleave" should be used to avoid saturation
+# of the upstream link. The option should only
+# be used if it's absolutely nessecary to
+# accurately imitate just one Client.
+#
+########################################################
+
+{% if not disable_quickleave -%}
+quickleave
+{% endif -%}
+
+{% for i in interface %}
+# Configuration for {{ i.interface }} ({{ i.role }} interface)
+{% if i.role == 'disabled' -%}
+phyint {{ i.interface }} disabled
+{%- else -%}
+phyint {{ i.interface }} {{ i.role }} ratelimit 0 threshold {{ i.threshold }}
+{%- endif -%}
+{%- for subnet in i.alt_subnet %}
+ altnet {{ subnet }}
+{%- endfor %}
+{%- for subnet in i.whitelist %}
+ whitelist {{ subnet }}
+{%- endfor %}
+{% endfor %}
+"""
+
+default_config_data = {
+ 'disable': False,
+ 'disable_quickleave': False,
+ 'interface': [],
+}
+
+def get_config():
+ igmp_proxy = default_config_data
+ conf = Config()
+ if not conf.exists('protocols igmp-proxy'):
+ return None
+ else:
+ conf.set_level('protocols igmp-proxy')
+
+ # Network interfaces to listen on
+ if conf.exists('disable'):
+ igmp_proxy['disable'] = True
+
+ # Option to disable "quickleave"
+ if conf.exists('disable-quickleave'):
+ igmp_proxy['disable_quickleave'] = True
+
+ for intf in conf.list_nodes('interface'):
+ conf.set_level('protocols igmp-proxy interface {0}'.format(intf))
+ interface = {
+ 'interface': intf,
+ 'alt_subnet': [],
+ 'role': 'downstream',
+ 'threshold': '1',
+ 'whitelist': []
+ }
+
+ if conf.exists('alt-subnet'):
+ interface['alt_subnet'] = conf.return_values('alt-subnet')
+
+ if conf.exists('role'):
+ interface['role'] = conf.return_value('role')
+
+ if conf.exists('threshold'):
+ interface['threshold'] = conf.return_value('threshold')
+
+ if conf.exists('whitelist'):
+ interface['whitelist'] = conf.return_values('whitelist')
+
+ # Append interface configuration to global configuration list
+ igmp_proxy['interface'].append(interface)
+
+ return igmp_proxy
+
+def verify(igmp_proxy):
+ # bail out early - looks like removal from running config
+ if igmp_proxy is None:
+ return None
+
+ # bail out early - service is disabled
+ if igmp_proxy['disable']:
+ return None
+
+ # at least two interfaces are required, one upstream and one downstream
+ if len(igmp_proxy['interface']) < 2:
+ raise ConfigError('Must define an upstream and at least 1 downstream interface!')
+
+ upstream = 0
+ for i in igmp_proxy['interface']:
+ if "upstream" == i['role']:
+ upstream += 1
+
+ if upstream == 0:
+ raise ConfigError('At least 1 upstream interface is required!')
+ elif upstream > 1:
+ raise ConfigError('Only 1 upstream interface allowed!')
+
+ return None
+
+def generate(igmp_proxy):
+ # bail out early - looks like removal from running config
+ if igmp_proxy is None:
+ return None
+
+ # bail out early - service is disabled, but inform user
+ if igmp_proxy['disable']:
+ print('Warning: IGMP Proxy will be deactivated because it is disabled')
+ return None
+
+ tmpl = jinja2.Template(config_tmpl)
+ config_text = tmpl.render(igmp_proxy)
+ with open(config_file, 'w') as f:
+ f.write(config_text)
+
+ return None
+
+def apply(igmp_proxy):
+ if igmp_proxy is None or igmp_proxy['disable']:
+ # IGMP Proxy support is removed in the commit
+ os.system('sudo systemctl stop igmpproxy.service')
+ if os.path.exists(config_file):
+ os.unlink(config_file)
+ else:
+ os.system('sudo systemctl restart igmpproxy.service')
+
+ return None
+
+if __name__ == '__main__':
+ try:
+ c = get_config()
+ verify(c)
+ generate(c)
+ apply(c)
+ except ConfigError as e:
+ print(e)
+ sys.exit(1)
diff --git a/src/etc/init.d/igmpproxy b/src/etc/init.d/igmpproxy
new file mode 100755
index 000000000..4a2c94a4d
--- /dev/null
+++ b/src/etc/init.d/igmpproxy
@@ -0,0 +1,166 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides: igmpproxy
+# Required-Start: $local_fs $network $remote_fs $syslog
+# Required-Stop: $local_fs $network $remote_fs $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: IGMP multicast routing daemon
+# Description: IGMPproxy is a simple dynamic Multicast Routing Daemon
+# using only IGMP signalling. It's intended for simple
+# forwarding of Multicast traffic between networks.
+### END INIT INFO
+
+# Author: Pali Rohár <pali.rohar@gmail.com>
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="igmpproxy"
+NAME=igmpproxy
+DAEMON=/sbin/igmpproxy
+DAEMON_ARGS="/etc/igmpproxy.conf"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -b -m -- \
+ $DAEMON_OPTS $DAEMON_ARGS \
+ || return 2
+ # The above code will not work for interpreted scripts, use the next
+ # six lines below instead (Ref: #643337, start-stop-daemon(8) )
+ #start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON \
+ # --name $NAME --test > /dev/null \
+ # || return 1
+ #start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON \
+ # --name $NAME -- $DAEMON_ARGS \
+ # || return 2
+
+ # Add code here, if necessary, that waits for the process to be ready
+ # to handle requests from services started subsequently which depend
+ # on this one. As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ # Wait for children to finish too if this is a daemon that forks
+ # and if the daemon is only ever run from this initscript.
+ # If the above conditions are not satisfied then add some other code
+ # that waits for the process to drop all resources that could be
+ # needed by services started subsequently. A last resort is to
+ # sleep for some time.
+ start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+ [ "$?" = 2 ] && return 2
+ # Many daemons don't delete their pidfiles when they exit.
+ rm -f $PIDFILE
+ return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+ #
+ # If the daemon can reload its configuration without
+ # restarting (for example, when it is sent a SIGHUP),
+ # then implement that here.
+ #
+ start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+ return 0
+}
+
+case "$1" in
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC " "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ status)
+ status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
+ #reload|force-reload)
+ #
+ # If do_reload() is not implemented then leave this commented out
+ # and leave 'force-reload' as an alias for 'restart'.
+ #
+ #log_daemon_msg "Reloading $DESC" "$NAME"
+ #do_reload
+ #log_end_msg $?
+ #;;
+ restart|force-reload)
+ #
+ # If the "reload" option is implemented then remove the
+ # 'force-reload' alias
+ #
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+ exit 3
+ ;;
+esac
+
+:
diff --git a/src/op_mode/show-igmpproxy.py b/src/op_mode/show-igmpproxy.py
new file mode 100755
index 000000000..a021fcdde
--- /dev/null
+++ b/src/op_mode/show-igmpproxy.py
@@ -0,0 +1,241 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2018 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+# File: show-igmpproxy
+# Purpose:
+# Display istatistics from IPv4 IGMP proxy.
+# Used by the "run show ip multicast" command tree.
+
+import sys
+import jinja2
+import argparse
+import ipaddress
+import socket
+
+import vyos.config
+
+# Output Template for "show ip multicast interface" command
+#
+# Example:
+# Interface BytesIn PktsIn BytesOut PktsOut Local
+# eth0 0.0b 0 0.0b 0 xxx.xxx.xxx.65
+# eth1 0.0b 0 0.0b 0 xxx.xxx.xx.201
+# eth0.3 0.0b 0 0.0b 0 xxx.xxx.x.7
+# tun1 0.0b 0 0.0b 0 xxx.xxx.xxx.2
+vif_out_tmpl = """
+{%- for r in data %}
+{{ "%-10s"|format(r.interface) }} {{ "%-12s"|format(r.bytes_in) }} {{ "%-12s"|format(r.pkts_in) }} {{ "%-12s"|format(r.bytes_out) }} {{ "%-12s"|format(r.pkts_out) }} {{ "%-15s"|format(r.loc) }}
+{%- endfor %}
+"""
+
+# Output Template for "show ip multicast mfc" command
+#
+# Example:
+# Group Origin In Out Pkts Bytes Wrong
+# xxx.xxx.xxx.250 xxx.xx.xxx.75 --
+# xxx.xxx.xx.124 xx.xxx.xxx.26 --
+mfc_out_tmpl = """
+{%- for r in data %}
+{{ "%-15s"|format(r.group) }} {{ "%-15s"|format(r.origin) }} {{ "%-12s"|format(r.pkts) }} {{ "%-12s"|format(r.bytes) }} {{ "%-12s"|format(r.wrong) }} {{ "%-10s"|format(r.iif) }} {{ "%-20s"|format(r.oifs|join(', ')) }}
+{%- endfor %}
+"""
+
+parser = argparse.ArgumentParser()
+parser.add_argument("--interface", action="store_true", help="Interface Statistics")
+parser.add_argument("--mfc", action="store_true", help="Multicast Forwarding Cache")
+
+def byte_string(size):
+ # convert size to integer
+ size = int(size)
+
+ # One Terrabyte
+ s_TB = 1024 * 1024 * 1024 * 1024
+ # One Gigabyte
+ s_GB = 1024 * 1024 * 1024
+ # One Megabyte
+ s_MB = 1024 * 1024
+ # One Kilobyte
+ s_KB = 1024
+ # One Byte
+ s_B = 1
+
+ if size > s_TB:
+ return str(round((size/s_TB), 2)) + 'TB'
+ elif size > s_GB:
+ return str(round((size/s_GB), 2)) + 'GB'
+ elif size > s_MB:
+ return str(round((size/s_MB), 2)) + 'MB'
+ elif size > s_KB:
+ return str(round((size/s_KB), 2)) + 'KB'
+ else:
+ return str(round((size/s_B), 2)) + 'b'
+
+ return None
+
+def kernel2ip(addr):
+ """
+ Convert any given addr from Linux Kernel to a proper, IPv4 address
+ using the correct host byte order.
+ """
+
+ # Convert from hex 'FE000A0A' to decimal '4261415434'
+ addr = int(addr, 16)
+ # Kernel ABI _always_ uses network byteorder
+ addr = socket.ntohl(addr)
+
+ return ipaddress.IPv4Address( addr )
+
+def do_mr_vif():
+ """
+ Read contents of file /proc/net/ip_mr_vif and print a more human
+ friendly version to the command line. IPv4 addresses present as
+ 32bit integers in hex format are converted to IPv4 notation, too.
+ """
+
+ with open('/proc/net/ip_mr_vif', 'r') as f:
+ lines = len(f.readlines())
+ if lines < 2:
+ return None
+
+ result = {
+ 'data': []
+ }
+
+ # Build up table format string
+ table_format = {
+ 'interface': 'Interface',
+ 'pkts_in' : 'PktsIn',
+ 'pkts_out' : 'PktsOut',
+ 'bytes_in' : 'BytesIn',
+ 'bytes_out': 'BytesOut',
+ 'loc' : 'Local'
+ }
+ result['data'].append(table_format)
+
+ # read and parse information from /proc filesystema
+ with open('/proc/net/ip_mr_vif', 'r') as f:
+ header_line = next(f)
+ for line in f:
+ data = {
+ 'interface': line.split()[1],
+ 'pkts_in' : line.split()[3],
+ 'pkts_out' : line.split()[5],
+
+ # convert raw byte number to something more human readable
+ # Note: could be replaced by Python3 hurry.filesize module
+ 'bytes_in' : byte_string( line.split()[2] ),
+ 'bytes_out': byte_string( line.split()[4] ),
+
+ # convert IP address from hex 'FE000A0A' to decimal '4261415434'
+ 'loc' : kernel2ip( line.split()[7] ),
+ }
+ result['data'].append(data)
+
+ return result
+
+def do_mr_mfc():
+ """
+ Read contents of file /proc/net/ip_mr_cache and print a more human
+ friendly version to the command line. IPv4 addresses present as
+ 32bit integers in hex format are converted to IPv4 notation, too.
+ """
+
+ with open('/proc/net/ip_mr_cache', 'r') as f:
+ lines = len(f.readlines())
+ if lines < 2:
+ return None
+
+ # We need this to convert from interface index to a real interface name
+ # Thus we also skip the format identifier on list index 0
+ vif = do_mr_vif()['data'][1:]
+
+ result = {
+ 'data': []
+ }
+
+ # Build up table format string
+ table_format = {
+ 'group' : 'Group',
+ 'origin': 'Origin',
+ 'iif' : 'In',
+ 'oifs' : ['Out'],
+ 'pkts' : 'Pkts',
+ 'bytes' : 'Bytes',
+ 'wrong' : 'Wrong'
+ }
+ result['data'].append(table_format)
+
+ # read and parse information from /proc filesystem
+ with open('/proc/net/ip_mr_cache', 'r') as f:
+ header_line = next(f)
+ for line in f:
+ data = {
+ # convert IP address from hex 'FE000A0A' to decimal '4261415434'
+ 'group' : kernel2ip( line.split()[0] ),
+ 'origin': kernel2ip( line.split()[1] ),
+
+ 'iif' : '--',
+ 'pkts' : '',
+ 'bytes' : '',
+ 'wrong' : '',
+ 'oifs' : []
+ }
+
+ iif = int( line.split()[2] )
+ if not ((iif == -1) or (iif == 65535)):
+ data['pkts'] = line.split()[3]
+ data['bytes'] = byte_string( line.split()[4] )
+ data['wrong'] = line.split()[5]
+
+ # convert index to real interface name
+ data['iif'] = vif[iif]['interface']
+
+ # convert each output interface index to a real interface name
+ for oif in line.split()[6:]:
+ idx = int( oif.split(':')[0] )
+ data['oifs'].append( vif[idx]['interface'] )
+
+ result['data'].append(data)
+
+ return result
+
+if __name__ == '__main__':
+ args = parser.parse_args()
+
+ # Do nothing if service is not configured
+ c = vyos.config.Config()
+ if not c.exists_effective('protocols igmp-proxy'):
+ print("IGMP proxy is not configured")
+ sys.exit(0)
+
+ if args.interface:
+ data = do_mr_vif()
+ if data:
+ tmpl = jinja2.Template(vif_out_tmpl)
+ print(tmpl.render(data))
+
+ sys.exit(0)
+ elif args.mfc:
+ data = do_mr_mfc()
+ if data:
+ tmpl = jinja2.Template(mfc_out_tmpl)
+ print(tmpl.render(data))
+
+ sys.exit(0)
+ else:
+ parser.print_help()
+ sys.exit(1)
+