| Line 24... |
Line 24... |
|
|
# ------------------------------------------------------------------------------
|
# ------------------------------------------------------------------------------
|
|
|
# Pre-requisites: bridge-utils must be installed.
|
# Pre-requisites: bridge-utils must be installed.
|
|
|
# Usage: ./brset.sh <bridge> <eth> <mac> <tap> [<tap> <tap> ...]
|
# Usage: ./brend.sh <bridge> <eth> <tap>
|
|
|
# - <bridge> is the bridge interface to use, e.g. br0
|
# - <bridge> is the bridge interface to use, e.g. br0
|
# - <eth> is the hardware ethernet interface to use, e.g. eth0
|
# - <eth> is the hardware ethernet interface to use, e.g. eth0
|
|
# - <tap> is the tap interface to use, e.g. tap0
|
|
|
# The tap interface can subsequently be deleted (so long as no one else is
|
# Check we have the right number of arguments
|
# using it) with
|
if [ "x$#" != "x3" ]
|
|
then
|
|
echo "Usage: ./brend.sh <bridge> <eth> <tap>"
|
|
exit 1
|
|
fi
|
|
|
|
# Check we are root
|
|
euid=`id -un`
|
|
if [ "x${euid}" != "xroot" ]
|
|
then
|
|
echo "Must run as root"
|
|
exit 1
|
|
fi
|
|
|
# openvpn --rmtun --dev tap<n>
|
# Break out the arguments
|
|
|
# Define Bridge Interface
|
|
br=$1
|
br=$1
|
shift
|
eth=$2
|
|
tap=$3
|
# Host ethernet interface to use
|
|
eth=$1
|
|
shift
|
|
|
|
# Determine the IP address, netmask and broadcast of the bridge.
|
# Determine the IP address, netmask and broadcast of the bridge.
|
eth_ip=`ifconfig $br | \
|
eth_ip=`ifconfig $br | \
|
grep "inet addr" | \
|
grep "inet addr" | \
|
head -1 | \
|
head -1 | \
|
| Line 56... |
Line 64... |
eth_broadcast=`ifconfig $br | \
|
eth_broadcast=`ifconfig $br | \
|
grep "Bcast" | \
|
grep "Bcast" | \
|
head -1 | \
|
head -1 | \
|
sed -e 's/^.*Bcast:\([^ \t]*\).*$/\1/'`
|
sed -e 's/^.*Bcast:\([^ \t]*\).*$/\1/'`
|
|
|
# Define list of TAP interfaces to be bridged,
|
# Close the firewall to the tap and bridge
|
tap=$*
|
iptables -D INPUT -i ${tap} -j ACCEPT
|
|
iptables -D INPUT -i ${br} -j ACCEPT
|
echo "Deleting bridge $br"
|
iptables -D FORWARD -i ${br} -j ACCEPT
|
echo " Host Ethernet device: $eth"
|
|
echo " Host IP address: $eth_ip"
|
# Take down the bridge and delete it
|
echo " Host netmask: $eth_netmask"
|
ifconfig ${br} down
|
echo " Host broadcast: $eth_broadcast"
|
|
|
if [ $? != 0 ]
|
# Delete the bridge
|
then
|
ifconfig $br down
|
echo "Failed to take down ${br}"
|
brctl delbr $br
|
exit 1
|
|
fi
|
|
|
|
brctl delbr ${br}
|
|
|
|
if [ $? != 0 ]
|
|
then
|
|
echo "Failed to take delete ${br}"
|
|
exit 1
|
|
fi
|
|
|
|
# Delete the TAP interface. Note we mustn't have anything using it. It's
|
|
# rather harsh, but we use fuser to ensure this (it will take out all users of
|
|
# any TAP/TUN interface).
|
|
fuser -k /dev/net/tun
|
|
openvpn --rmtun --dev ${tap}
|
|
|
|
if [ $? != 0 ]
|
|
then
|
|
echo "Failed to remove ${tap}"
|
|
exit 1
|
|
fi
|
|
|
|
# Restore the Ethernet interface. We could use ifconfig with the IP address,
|
|
# netmask and broadcast mask from earlier, but this does not seem to work in a
|
|
# DHCP world
|
|
# ifconfig ${eth} ${eth_ip} netmask ${eth_netmask} broadcast ${eth_broadcast}
|
|
# Instead we use a single shot dhcp configuration. In future the extant eth0
|
|
# dhclient will refresh the lease.
|
|
dhclient -1 -d ${eth0}
|
|
|
|
if [ $? != 0 ]
|
|
then
|
|
echo "Failed to get lease for ${eth}"
|
|
exit 1
|
|
fi
|
|
|
# Restore the Ethernet interface
|
# Kill the outstanding br0 DHCL client
|
ifconfig $eth $eth_ip netmask $eth_netmask broadcast $eth_broadcast
|
kill `ps ax | grep "dhclient.*${br}" | grep -v "grep" | cut -c 1-5`
|
|
|
No newline at end of file
|
No newline at end of file
|
