Cross Reference: /freebsd-11.0-release/share/examples/jails/jng

Deleted Added

sdiff udiff text old ( 295400 ) new ( 295401 )

full compact

jng (295400)	jng (295401)
1#!/bin/sh 2#- 3# Copyright (c) 2016 Devin Teske 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26#	1#!/bin/sh 2#- 3# Copyright (c) 2016 Devin Teske 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26#
27# $FreeBSD: head/share/examples/jails/jng 295400 2016-02-08 17:36:46Z dteske $	27# $FreeBSD: head/share/examples/jails/jng 295401 2016-02-08 17:47:36Z dteske $
28# 29############################################################ IDENT(1) 30# 31# $Title: netgraph(4) management script for vnet jails $ 32# 33############################################################ INFORMATION 34# 35# Use this tool with jail.conf(5) (or rc.conf(5) ``legacy'' configuration) to 36# manage `vnet' interfaces for jails. Designed to automate the creation of vnet 37# interface(s) during jail `prestart' and destroy said interface(s) during jail 38# `poststop'. 39# 40# In jail.conf(5) format: 41# 42# ### BEGIN EXCERPT ### 43# 44# xxx { 45# host.hostname = "xxx.yyy"; 46# path = "/vm/xxx"; 47# 48# # 49# # NB: Below 2-lines required 50# # NB: The number of ngN_xxx interfaces should match the number of 51# # arguments given to `jng bridge xxx' in exec.prestart value. 52# # 53# vnet; 54# vnet.interface = "ng0_xxx ng1_xxx ..."; 55# 56# exec.clean; 57# exec.system_user = "root"; 58# exec.jail_user = "root"; 59# 60# # 61# # NB: Below 2-lines required 62# # NB: The number of arguments after `jng bridge xxx' should match 63# # the number of ngN_xxx arguments in vnet.interface value. 64# # 65# exec.prestart += "jng bridge xxx em0 em1 ..."; 66# exec.poststop += "jng shutdown xxx"; 67# 68# # Standard recipe 69# exec.start += "/bin/sh /etc/rc"; 70# exec.stop = "/bin/sh /etc/rc.shutdown"; 71# exec.consolelog = "/var/log/jail_xxx_console.log"; 72# mount.devfs; 73# 74# # Optional (default off) 75# #allow.mount; 76# #allow.set_hostname = 1; 77# #allow.sysvipc = 1; 78# #devfs_ruleset = "11"; # rule to unhide bpf for DHCP 79# } 80# 81# ### END EXCERPT ### 82# 83# In rc.conf(5) ``legacy'' format (used when /etc/jail.conf does not exist): 84# 85# ### BEGIN EXCERPT ### 86# 87# jail_enable="YES" 88# jail_list="xxx" 89# 90# # 91# # Global presets for all jails 92# # 93# jail_devfs_enable="YES" # mount devfs 94# 95# # 96# # Global options (default off) 97# # 98# #jail_mount_enable="YES" # mount /etc/fstab.{name} 99# #jail_set_hostname_allow="YES" # Allow hostname to change 100# #jail_sysvipc_allow="YES" # Allow SysV Interprocess Comm. 101# 102# # xxx 103# jail_xxx_hostname="xxx.shxd.cx" # hostname 104# jail_xxx_rootdir="/vm/xxx" # root directory 105# jail_xxx_vnet_interfaces="ng0_xxx ng1xxx ..." # vnet interface(s) 106# jail_xxx_exec_prestart0="jng bridge xxx em0 em1 ..." # bridge interface(s) 107# jail_xxx_exec_poststop0="jng shutdown xxx" # destroy interface(s) 108# #jail_xxx_mount_enable="YES" # mount /etc/fstab.xxx 109# #jail_xxx_devfs_ruleset="11" # rule to unhide bpf for DHCP 110# 111# ### END EXCERPT ### 112# 113# Note that the legacy rc.conf(5) format is converted to 114# /var/run/jail.{name}.conf by /etc/rc.d/jail if jail.conf(5) is missing. 115# 116# ASIDE: dhclient(8) inside a vnet jail... 117# 118# To allow dhclient(8) to work inside a vnet jail, make sure the following 119# appears in /etc/devfs.rules (which should be created if it doesn't exist): 120# 121# [devfsrules_jail=11] 122# add include $devfsrules_hide_all 123# add include $devfsrules_unhide_basic 124# add include $devfsrules_unhide_login 125# add include $devfsrules_unhide_bpf 126# 127# And set ether devfs.ruleset="11" (jail.conf(5)) or 128# jail_{name}_devfs_ruleset="11" (rc.conf(5)). 129# 130# NB: While this tool can't create every type of desirable topology, it should 131# handle most setups, minus some which considered exotic or purpose-built. 132# 133############################################################ GLOBALS 134 135pgm="${0##/}" # Program basename 136* 137# 138# Global exit status 139# 140SUCCESS=0 141FAILURE=1 142 143############################################################ FUNCTIONS 144 145usage() 146{ 147 local action usage descr 148 exec >&2 149 echo "Usage: $pgm action [arguments]" 150 echo "Actions:" 151 for action in \ 152 bridge \ 153 graph \ 154 show \ 155 show1 \ 156 shutdown \ 157 ; do 158 eval usage=\"\$jng_${action}_usage\" 159 [ "$usage" ] \|\| continue 160 eval descr=\"\$jng_${action}_descr\" 161 printf "\t%s\n\t\t%s\n" "$usage" "$descr" 162 done 163 exit $FAILURE 164} 165 166action_usage() 167{ 168 local usage action="$1" 169 eval usage=\"\$jng_${action}_usage\" 170 echo "Usage: $pgm $usage" >&2 171 exit $FAILURE 172} 173 174mustberoot_to_continue() 175{ 176 if [ "$( id -u )" -ne 0 ]; then 177 echo "Must run as root!" >&2 178 exit $FAILURE 179 fi 180} 181 182jng_bridge_usage="bridge [-b BRIDGE_NAME] NAME interface0 [interface1 ...]" 183jng_bridge_descr="Create ng0_NAME [ng1_NAME ...]" 184jng_bridge() 185{ 186 local OPTIND=1 OPTARG flag bridge=bridge 187 while getopts b: flag; do 188 case "$flag" in 189 b) bridge="$OPTARG" 190 [ "$bridge" ] \|\| action_usage bridge ;; # NOTREACHED 191 ) action_usage bridge # NOTREACHED 192* esac 193 done 194 shift $(( $OPTIND - 1 )) 195 196 local name="$1" 197 [ "${name:-x}" = "${name#[!0-9a-zA-Z_]}" -a $# -gt 1 ] \|\| 198* action_usage bridge # NOTREACHED 199 shift 1 # name 200 201 mustberoot_to_continue 202 203 local iface iface_devid eiface eiface_devid 204 local new num quad i=0 205 for iface in $; do 206* 207 # 0. Make sure the interface doesn't exist already 208 eiface=ng${i}_$name 209 ngctl msg "$eiface:" getifname > /dev/null 2>&1 && continue 210 211 # 1. Bring the interface up 212 ifconfig $iface up \|\| return 213 214 # 2. Set promiscuous mode and don't overwrite src addr 215 ngctl msg $iface: setpromisc 1 \|\| return 216 ngctl msg $iface: setautosrc 0 \|\| return 217 218 # 3. Make sure the interface has been bridged 219 if ! ngctl info ${iface}bridge: > /dev/null 2>&1; then 220 ngctl mkpeer $iface: bridge lower link0 \|\| return 221 ngctl connect $iface: $iface:lower upper link1 \|\| 222 return 223 ngctl name $iface:lower ${iface}bridge \|\| return 224 fi 225 226 # 3.5. Optionally create a secondary bridge 227 if [ "$bridge" != "bridge" ] && 228 ! ngctl info "$iface$bridge:" > /dev/null 2>&1 229 then 230 num=2 231 while ngctl msg ${iface}bridge: getstats $num \ 232 > /dev/null 2>&1 233 do 234 num=$(( $num + 1 )) 235 done 236 ngctl mkpeer $iface:lower bridge link$num link1 \|\| 237 return 238 ngctl name ${iface}bridge:link$num "$iface$bridge" \|\| 239 return 240 fi 241 242 # 4. Create a new interface to the bridge 243 num=2 244 while ngctl msg "$iface$bridge:" getstats $num > /dev/null 2>&1 245 do 246 num=$(( $num + 1 )) 247 done 248 ngctl mkpeer "$iface$bridge:" eiface link$num ether \|\| return 249 250 # 5. Rename the new interface 251 while [ ${#eiface} -gt 15 ]; do # OS limitation 252 eiface=${eiface%?} 253 done 254 new=$( set -- `ngctl show -n "$iface$bridge:link$num"` && 255 echo $2 ) \|\| return 256 ngctl name "$iface$bridge:link$num" $eiface \|\| return 257 ifconfig $new name $eiface \|\| return 258 259 # 260 # 6. Set the MAC address of the new interface using a sensible 261 # algorithm to prevent conflicts on the network. 262 # 263 # The formula I'm using is ``SP:SS:SI:II:II:II'' where: 264 # + S denotes 16 bits of sum(1) data, split because P (below). 265 # + P denotes the special nibble whose value, if one of 266 # 2, 6, A, or E (but usually 2) denotes a privately 267 # administered MAC address (while remaining routable). 268 # + I denotes bits that are inherited from parent interface. 269 # 270 # The S bits are a CRC-16 checksum of NAME, allowing the jail 271 # to change link numbers in ng_bridge(4) without affecting the 272 # MAC address. Meanwhile, if the jail NAME changes (e.g., it 273 # was duplicated and given a new name with no other changes), 274 # the underlying network interface changes, or the jail is 275 # moved to another host, the MAC address will be recalculated 276 # to a new, similarly unique value preventing conflict. 277 # 278 iface_devid=$( ifconfig $iface ether \| awk '/ether/,$0=$2' ) 279 eiface_devid=${iface_devid#??:??:?} 280 num=$( set -- `echo -n $name \| sum` && echo $1 ) 281 quad=$(( $num & 15 )) 282 case "$quad" in 283 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 284 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 285 esac 286 eiface_devid=:$quad$eiface_devid 287 num=$(( $num >> 4 )) 288 quad=$(( $num & 15 )) 289 case "$quad" in 290 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 291 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 292 esac 293 eiface_devid=$quad$eiface_devid 294 num=$(( $num >> 4 )) 295 quad=$(( $num & 15 )) 296 case "$quad" in 297 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 298 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 299 esac	28# 29############################################################ IDENT(1) 30# 31# $Title: netgraph(4) management script for vnet jails $ 32# 33############################################################ INFORMATION 34# 35# Use this tool with jail.conf(5) (or rc.conf(5) ``legacy'' configuration) to 36# manage `vnet' interfaces for jails. Designed to automate the creation of vnet 37# interface(s) during jail `prestart' and destroy said interface(s) during jail 38# `poststop'. 39# 40# In jail.conf(5) format: 41# 42# ### BEGIN EXCERPT ### 43# 44# xxx { 45# host.hostname = "xxx.yyy"; 46# path = "/vm/xxx"; 47# 48# # 49# # NB: Below 2-lines required 50# # NB: The number of ngN_xxx interfaces should match the number of 51# # arguments given to `jng bridge xxx' in exec.prestart value. 52# # 53# vnet; 54# vnet.interface = "ng0_xxx ng1_xxx ..."; 55# 56# exec.clean; 57# exec.system_user = "root"; 58# exec.jail_user = "root"; 59# 60# # 61# # NB: Below 2-lines required 62# # NB: The number of arguments after `jng bridge xxx' should match 63# # the number of ngN_xxx arguments in vnet.interface value. 64# # 65# exec.prestart += "jng bridge xxx em0 em1 ..."; 66# exec.poststop += "jng shutdown xxx"; 67# 68# # Standard recipe 69# exec.start += "/bin/sh /etc/rc"; 70# exec.stop = "/bin/sh /etc/rc.shutdown"; 71# exec.consolelog = "/var/log/jail_xxx_console.log"; 72# mount.devfs; 73# 74# # Optional (default off) 75# #allow.mount; 76# #allow.set_hostname = 1; 77# #allow.sysvipc = 1; 78# #devfs_ruleset = "11"; # rule to unhide bpf for DHCP 79# } 80# 81# ### END EXCERPT ### 82# 83# In rc.conf(5) ``legacy'' format (used when /etc/jail.conf does not exist): 84# 85# ### BEGIN EXCERPT ### 86# 87# jail_enable="YES" 88# jail_list="xxx" 89# 90# # 91# # Global presets for all jails 92# # 93# jail_devfs_enable="YES" # mount devfs 94# 95# # 96# # Global options (default off) 97# # 98# #jail_mount_enable="YES" # mount /etc/fstab.{name} 99# #jail_set_hostname_allow="YES" # Allow hostname to change 100# #jail_sysvipc_allow="YES" # Allow SysV Interprocess Comm. 101# 102# # xxx 103# jail_xxx_hostname="xxx.shxd.cx" # hostname 104# jail_xxx_rootdir="/vm/xxx" # root directory 105# jail_xxx_vnet_interfaces="ng0_xxx ng1xxx ..." # vnet interface(s) 106# jail_xxx_exec_prestart0="jng bridge xxx em0 em1 ..." # bridge interface(s) 107# jail_xxx_exec_poststop0="jng shutdown xxx" # destroy interface(s) 108# #jail_xxx_mount_enable="YES" # mount /etc/fstab.xxx 109# #jail_xxx_devfs_ruleset="11" # rule to unhide bpf for DHCP 110# 111# ### END EXCERPT ### 112# 113# Note that the legacy rc.conf(5) format is converted to 114# /var/run/jail.{name}.conf by /etc/rc.d/jail if jail.conf(5) is missing. 115# 116# ASIDE: dhclient(8) inside a vnet jail... 117# 118# To allow dhclient(8) to work inside a vnet jail, make sure the following 119# appears in /etc/devfs.rules (which should be created if it doesn't exist): 120# 121# [devfsrules_jail=11] 122# add include $devfsrules_hide_all 123# add include $devfsrules_unhide_basic 124# add include $devfsrules_unhide_login 125# add include $devfsrules_unhide_bpf 126# 127# And set ether devfs.ruleset="11" (jail.conf(5)) or 128# jail_{name}_devfs_ruleset="11" (rc.conf(5)). 129# 130# NB: While this tool can't create every type of desirable topology, it should 131# handle most setups, minus some which considered exotic or purpose-built. 132# 133############################################################ GLOBALS 134 135pgm="${0##/}" # Program basename 136* 137# 138# Global exit status 139# 140SUCCESS=0 141FAILURE=1 142 143############################################################ FUNCTIONS 144 145usage() 146{ 147 local action usage descr 148 exec >&2 149 echo "Usage: $pgm action [arguments]" 150 echo "Actions:" 151 for action in \ 152 bridge \ 153 graph \ 154 show \ 155 show1 \ 156 shutdown \ 157 ; do 158 eval usage=\"\$jng_${action}_usage\" 159 [ "$usage" ] \|\| continue 160 eval descr=\"\$jng_${action}_descr\" 161 printf "\t%s\n\t\t%s\n" "$usage" "$descr" 162 done 163 exit $FAILURE 164} 165 166action_usage() 167{ 168 local usage action="$1" 169 eval usage=\"\$jng_${action}_usage\" 170 echo "Usage: $pgm $usage" >&2 171 exit $FAILURE 172} 173 174mustberoot_to_continue() 175{ 176 if [ "$( id -u )" -ne 0 ]; then 177 echo "Must run as root!" >&2 178 exit $FAILURE 179 fi 180} 181 182jng_bridge_usage="bridge [-b BRIDGE_NAME] NAME interface0 [interface1 ...]" 183jng_bridge_descr="Create ng0_NAME [ng1_NAME ...]" 184jng_bridge() 185{ 186 local OPTIND=1 OPTARG flag bridge=bridge 187 while getopts b: flag; do 188 case "$flag" in 189 b) bridge="$OPTARG" 190 [ "$bridge" ] \|\| action_usage bridge ;; # NOTREACHED 191 ) action_usage bridge # NOTREACHED 192* esac 193 done 194 shift $(( $OPTIND - 1 )) 195 196 local name="$1" 197 [ "${name:-x}" = "${name#[!0-9a-zA-Z_]}" -a $# -gt 1 ] \|\| 198* action_usage bridge # NOTREACHED 199 shift 1 # name 200 201 mustberoot_to_continue 202 203 local iface iface_devid eiface eiface_devid 204 local new num quad i=0 205 for iface in $; do 206* 207 # 0. Make sure the interface doesn't exist already 208 eiface=ng${i}_$name 209 ngctl msg "$eiface:" getifname > /dev/null 2>&1 && continue 210 211 # 1. Bring the interface up 212 ifconfig $iface up \|\| return 213 214 # 2. Set promiscuous mode and don't overwrite src addr 215 ngctl msg $iface: setpromisc 1 \|\| return 216 ngctl msg $iface: setautosrc 0 \|\| return 217 218 # 3. Make sure the interface has been bridged 219 if ! ngctl info ${iface}bridge: > /dev/null 2>&1; then 220 ngctl mkpeer $iface: bridge lower link0 \|\| return 221 ngctl connect $iface: $iface:lower upper link1 \|\| 222 return 223 ngctl name $iface:lower ${iface}bridge \|\| return 224 fi 225 226 # 3.5. Optionally create a secondary bridge 227 if [ "$bridge" != "bridge" ] && 228 ! ngctl info "$iface$bridge:" > /dev/null 2>&1 229 then 230 num=2 231 while ngctl msg ${iface}bridge: getstats $num \ 232 > /dev/null 2>&1 233 do 234 num=$(( $num + 1 )) 235 done 236 ngctl mkpeer $iface:lower bridge link$num link1 \|\| 237 return 238 ngctl name ${iface}bridge:link$num "$iface$bridge" \|\| 239 return 240 fi 241 242 # 4. Create a new interface to the bridge 243 num=2 244 while ngctl msg "$iface$bridge:" getstats $num > /dev/null 2>&1 245 do 246 num=$(( $num + 1 )) 247 done 248 ngctl mkpeer "$iface$bridge:" eiface link$num ether \|\| return 249 250 # 5. Rename the new interface 251 while [ ${#eiface} -gt 15 ]; do # OS limitation 252 eiface=${eiface%?} 253 done 254 new=$( set -- `ngctl show -n "$iface$bridge:link$num"` && 255 echo $2 ) \|\| return 256 ngctl name "$iface$bridge:link$num" $eiface \|\| return 257 ifconfig $new name $eiface \|\| return 258 259 # 260 # 6. Set the MAC address of the new interface using a sensible 261 # algorithm to prevent conflicts on the network. 262 # 263 # The formula I'm using is ``SP:SS:SI:II:II:II'' where: 264 # + S denotes 16 bits of sum(1) data, split because P (below). 265 # + P denotes the special nibble whose value, if one of 266 # 2, 6, A, or E (but usually 2) denotes a privately 267 # administered MAC address (while remaining routable). 268 # + I denotes bits that are inherited from parent interface. 269 # 270 # The S bits are a CRC-16 checksum of NAME, allowing the jail 271 # to change link numbers in ng_bridge(4) without affecting the 272 # MAC address. Meanwhile, if the jail NAME changes (e.g., it 273 # was duplicated and given a new name with no other changes), 274 # the underlying network interface changes, or the jail is 275 # moved to another host, the MAC address will be recalculated 276 # to a new, similarly unique value preventing conflict. 277 # 278 iface_devid=$( ifconfig $iface ether \| awk '/ether/,$0=$2' ) 279 eiface_devid=${iface_devid#??:??:?} 280 num=$( set -- `echo -n $name \| sum` && echo $1 ) 281 quad=$(( $num & 15 )) 282 case "$quad" in 283 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 284 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 285 esac 286 eiface_devid=:$quad$eiface_devid 287 num=$(( $num >> 4 )) 288 quad=$(( $num & 15 )) 289 case "$quad" in 290 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 291 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 292 esac 293 eiface_devid=$quad$eiface_devid 294 num=$(( $num >> 4 )) 295 quad=$(( $num & 15 )) 296 case "$quad" in 297 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 298 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 299 esac
300 eiface_devid=2:$quad$eiface_devid	300 case "$iface_devid" in 301 ?2:) eiface_devid=a:$quad$eiface_devid ;; 302* ) eiface_devid=2:$quad$eiface_devid 303* esac
301 num=$(( $num >> 4 )) 302 quad=$(( $num & 15 )) 303 case "$quad" in 304 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 305 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 306 esac 307 eiface_devid=$quad$eiface_devid 308 ifconfig $eiface ether $eiface_devid > /dev/null 2>&1 309 310 i=$(( $i + 1 )) # on to next ng{i}_name 311 done # for iface 312} 313 314jng_graph_usage="graph [-f] [-T type] [-o output]" 315jng_graph_descr="Generate network graph (default output is \`jng.svg')" 316jng_graph() 317{ 318 local OPTIND=1 OPTARG flag 319 local output=jng.svg output_type= force= 320 while getopts fo:T: flag; do 321 case "$flag" in 322 f) force=1 ;; 323 o) output="$OPTARG" ;; 324 T) output_type="$OPTARG" ;; 325 ) action_usage graph # NOTREACHED 326* esac 327 done 328 shift $(( $OPTIND - 1 )) 329 [ $# -eq 0 -a "$output" ] \|\| action_usage graph # NOTREACHED 330 mustberoot_to_continue 331 if [ -e "$output" -a ! "$force" ]; then 332 echo "$output: Already exists (use \`-f' to overwrite)" >&2 333 return $FAILURE 334 fi 335 if [ ! "$output_type" ]; then 336 local valid suffix 337 valid=$( dot -Txxx 2>&1 ) 338 for suffix in ${valid##:}; do 339* [ "$output" != "${output%.$suffix}" ] \|\| continue 340 output_type=$suffix 341 break 342 done 343 fi 344 ngctl dot \| dot ${output_type:+-T "$output_type"} -o "$output" 345} 346 347jng_show_usage="show" 348jng_show_descr="List possible NAME values for \`show NAME'" 349jng_show1_usage="show NAME" 350jng_show1_descr="Lists ng0_NAME [ng1_NAME ...]" 351jng_show2_usage="show [NAME]" 352jng_show() 353{ 354 local OPTIND=1 OPTARG flag 355 while getopts "" flag; do 356 case "$flag" in 357 ) action_usage show2 # NOTREACHED 358* esac 359 done 360 shift $(( $OPTIND - 1 )) 361 mustberoot_to_continue 362 if [ $# -eq 0 ]; then 363 ngctl ls \| awk '$4=="bridge",$0=$2' \| 364 xargs -rn1 -Ibridge ngctl show bridge: \| 365 awk 'sub(/^ng[[:digit:]]+_/, "", $2), $0 = $2' \| 366 sort -u 367 return 368 fi 369 ngctl ls \| awk -v name="$1" ' 370 match($2, /^ng[[:digit:]]+_/) && 371 substr($2, RSTART + RLENGTH) == name && 372 $4 == "eiface", $0 = $2 373 ' \| sort 374} 375 376jng_shutdown_usage="shutdown NAME" 377jng_shutdown_descr="Shutdown ng0_NAME [ng1_NAME ...]" 378jng_shutdown() 379{ 380 local OPTIND=1 OPTARG flag 381 while getopts "" flag; do 382 case "$flag" in 383 ) action_usage shutdown # NOTREACHED 384* esac 385 done 386 shift $(( $OPTIND -1 )) 387 local name="$1" 388 [ "${name:-x}" = "${name#[!0-9a-zA-Z_]}" -a $# -eq 1 ] \|\| 389* action_usage shutdown # NOTREACHED 390 mustberoot_to_continue 391 jng_show "$name" \| xargs -rn1 -I eiface ngctl shutdown eiface: 392} 393 394############################################################ MAIN 395 396# 397# Command-line arguments 398# 399action="$1" 400[ "$action" ] \|\| usage # NOTREACHED 401 402# 403# Validate action argument 404# 405if [ "$BASH_VERSION" ]; then 406 type="$( type -t "jng_$action" )" \|\| usage # NOTREACHED 407else 408 type="$( type "jng_$action" 2> /dev/null )" \|\| usage # NOTREACHED 409fi 410case "$type" in 411function) 412* shift 1 # action 413 eval "jng_$action" \"\$@\" 414 ;; 415) usage # NOTREACHED 416esac 417* 418################################################################################ 419# END 420################################################################################	304 num=$(( $num >> 4 )) 305 quad=$(( $num & 15 )) 306 case "$quad" in 307 10) quad=a ;; 11) quad=b ;; 12) quad=c ;; 308 13) quad=d ;; 14) quad=e ;; 15) quad=f ;; 309 esac 310 eiface_devid=$quad$eiface_devid 311 ifconfig $eiface ether $eiface_devid > /dev/null 2>&1 312 313 i=$(( $i + 1 )) # on to next ng{i}_name 314 done # for iface 315} 316 317jng_graph_usage="graph [-f] [-T type] [-o output]" 318jng_graph_descr="Generate network graph (default output is \`jng.svg')" 319jng_graph() 320{ 321 local OPTIND=1 OPTARG flag 322 local output=jng.svg output_type= force= 323 while getopts fo:T: flag; do 324 case "$flag" in 325 f) force=1 ;; 326 o) output="$OPTARG" ;; 327 T) output_type="$OPTARG" ;; 328 ) action_usage graph # NOTREACHED 329* esac 330 done 331 shift $(( $OPTIND - 1 )) 332 [ $# -eq 0 -a "$output" ] \|\| action_usage graph # NOTREACHED 333 mustberoot_to_continue 334 if [ -e "$output" -a ! "$force" ]; then 335 echo "$output: Already exists (use \`-f' to overwrite)" >&2 336 return $FAILURE 337 fi 338 if [ ! "$output_type" ]; then 339 local valid suffix 340 valid=$( dot -Txxx 2>&1 ) 341 for suffix in ${valid##:}; do 342* [ "$output" != "${output%.$suffix}" ] \|\| continue 343 output_type=$suffix 344 break 345 done 346 fi 347 ngctl dot \| dot ${output_type:+-T "$output_type"} -o "$output" 348} 349 350jng_show_usage="show" 351jng_show_descr="List possible NAME values for \`show NAME'" 352jng_show1_usage="show NAME" 353jng_show1_descr="Lists ng0_NAME [ng1_NAME ...]" 354jng_show2_usage="show [NAME]" 355jng_show() 356{ 357 local OPTIND=1 OPTARG flag 358 while getopts "" flag; do 359 case "$flag" in 360 ) action_usage show2 # NOTREACHED 361* esac 362 done 363 shift $(( $OPTIND - 1 )) 364 mustberoot_to_continue 365 if [ $# -eq 0 ]; then 366 ngctl ls \| awk '$4=="bridge",$0=$2' \| 367 xargs -rn1 -Ibridge ngctl show bridge: \| 368 awk 'sub(/^ng[[:digit:]]+_/, "", $2), $0 = $2' \| 369 sort -u 370 return 371 fi 372 ngctl ls \| awk -v name="$1" ' 373 match($2, /^ng[[:digit:]]+_/) && 374 substr($2, RSTART + RLENGTH) == name && 375 $4 == "eiface", $0 = $2 376 ' \| sort 377} 378 379jng_shutdown_usage="shutdown NAME" 380jng_shutdown_descr="Shutdown ng0_NAME [ng1_NAME ...]" 381jng_shutdown() 382{ 383 local OPTIND=1 OPTARG flag 384 while getopts "" flag; do 385 case "$flag" in 386 ) action_usage shutdown # NOTREACHED 387* esac 388 done 389 shift $(( $OPTIND -1 )) 390 local name="$1" 391 [ "${name:-x}" = "${name#[!0-9a-zA-Z_]}" -a $# -eq 1 ] \|\| 392* action_usage shutdown # NOTREACHED 393 mustberoot_to_continue 394 jng_show "$name" \| xargs -rn1 -I eiface ngctl shutdown eiface: 395} 396 397############################################################ MAIN 398 399# 400# Command-line arguments 401# 402action="$1" 403[ "$action" ] \|\| usage # NOTREACHED 404 405# 406# Validate action argument 407# 408if [ "$BASH_VERSION" ]; then 409 type="$( type -t "jng_$action" )" \|\| usage # NOTREACHED 410else 411 type="$( type "jng_$action" 2> /dev/null )" \|\| usage # NOTREACHED 412fi 413case "$type" in 414function) 415* shift 1 # action 416 eval "jng_$action" \"\$@\" 417 ;; 418) usage # NOTREACHED 419esac 420* 421################################################################################ 422# END 423################################################################################