Index: drbl-virt/conf/initrd_bin/network-bridge =================================================================== --- drbl-virt/conf/initrd_bin/network-bridge (revision 170) +++ drbl-virt/conf/initrd_bin/network-bridge (revision 170) @@ -0,0 +1,301 @@ +#!/bin/bash +#============================================================================ +# Default Xen network start/stop script. +# Xend calls a network script when it starts. +# The script name to use is defined in /etc/xen/xend-config.sxp +# in the network-script field. +# +# This script creates a bridge (default ${netdev}), adds a device +# (defaults to the device on the default gateway route) to it, copies +# the IP addresses from the device to the bridge and adjusts the routes +# accordingly. +# +# If all goes well, this should ensure that networking stays up. +# However, some configurations are upset by this, especially +# NFS roots. If the bridged setup does not meet your needs, +# configure a different script, for example using routing instead. +# +# Usage: +# +# network-bridge (start|stop|status) {VAR=VAL}* +# +# Vars: +# +# bridge The bridge to use (default ${netdev}). +# netdev The interface to add to the bridge (default gateway device). +# antispoof Whether to use iptables to prevent spoofing (default no). +# +# Internal Vars: +# pdev="p${netdev}" +# tdev=tmpbridge +# +# start: +# Creates the bridge as tdev +# Copies the IP and MAC addresses from pdev to bridge +# Renames netdev to be pdev +# Renames tdev to bridge +# Enslaves pdev to bridge +# +# stop: +# Removes pdev from the bridge +# Transfers addresses, routes from bridge to pdev +# Renames bridge to tdev +# Renames pdev to netdev +# Deletes tdev +# +# status: +# Print addresses, interfaces, routes +# +#============================================================================ + + +dir=/sbin +. "$dir/xen-script-common.sh" +. "$dir/xen-network-common.sh" + +findCommand "$@" +evalVariables "$@" + +modprobe netloop > /dev/null 2>&1 || true + +is_network_root () { + local rootfs=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $3; }}' /etc/mtab) + local rootopts=$(awk '{ if ($1 !~ /^[ \t]*#/ && $2 == "/") { print $4; }}' /etc/mtab) + + [[ "$rootfs" =~ "^nfs" ]] || [[ "$rootopts" =~ "_netdev" ]] && return 0 || return 1 +} + +find_alt_device () { + local interf=$1 + local prefix=${interf%[[:digit:]]} + local ifs=$(ip link show | grep " $prefix" |\ + gawk '{ printf ("%s",substr($2,1,length($2)-1)) }' |\ + sed s/$interf//) + echo "$ifs" +} + +netdev=${netdev:-$(ip route list 0.0.0.0/0 | \ + sed 's/.*dev \([a-z]\+[0-9]\+\).*$/\1/')} +if is_network_root ; then + altdevs=$(find_alt_device $netdev) + for netdev in $altdevs; do break; done + if [ -z "$netdev" ]; then + [ -x /usr/bin/logger ] && /usr/bin/logger "network-bridge: bridging not supported on network root; not starting" + exit + fi +fi +netdev=${netdev:-eth0} +bridge=${bridge:-${netdev}} +antispoof=${antispoof:-no} + +pdev="p${netdev}" +tdev=tmpbridge + +get_ip_info() { + addr_pfx=`ip addr show dev $1 | grep -E '^ *inet' | sed -e 's/ *inet //' -e 's/ .*//'` + gateway=`ip route show dev $1 | fgrep default | sed 's/default via //'` +} + +do_ifup() { + if ! ifup $1 ; then + if [ -n "$addr_pfx" ] ; then + # use the info from get_ip_info() + ip addr flush $1 + ip addr add ${addr_pfx} dev $1 + ip link set dev $1 up + [ -n "$gateway" ] && ip route add default via ${gateway} + fi + fi +} + +# Usage: transfer_addrs src dst +# Copy all IP addresses (including aliases) from device $src to device $dst. +transfer_addrs () { + local src=$1 + local dst=$2 + # Don't bother if $dst already has IP addresses. + if ip addr show dev ${dst} | grep -E -q '^ *inet ' ; then + return + fi + # Address lines start with 'inet' and have the device in them. + # Replace 'inet' with 'ip addr add' and change the device name $src + # to 'dev $src'. + ip addr show dev ${src} | grep -E '^ *inet ' | sed -e " +s/inet/ip addr add/ +s@\([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+/[0-9]\+\)@\1@ +s/${src}/dev ${dst} label ${dst}/ +s/secondary// +" | sh -e + # Remove automatic routes on destination device + ip route list | sed -ne " +/dev ${dst}\( \|$\)/ { + s/^/ip route del / + p +}" | sh -e +} + +# Usage: transfer_routes src dst +# Get all IP routes to device $src, delete them, and +# add the same routes to device $dst. +# The original routes have to be deleted, otherwise adding them +# for $dst fails (duplicate routes). +transfer_routes () { + local src=$1 + local dst=$2 + # List all routes and grep the ones with $src in. + # Stick 'ip route del' on the front to delete. + # Change $src to $dst and use 'ip route add' to add. + ip route list | sed -ne " +/dev ${src}\( \|$\)/ { + h + s/^/ip route del / + P + g + s/${src}/${dst}/ + s/^/ip route add / + P + d +}" | sh -e +} + + +## +# link_exists interface +# +# Returns 0 if the interface named exists (whether up or down), 1 otherwise. +# +link_exists() +{ + if ip link show "$1" >/dev/null 2>/dev/null + then + return 0 + else + return 1 + fi +} + +# Set the default forwarding policy for $dev to drop. +# Allow forwarding to the bridge. +antispoofing () { + iptables -P FORWARD DROP + iptables -F FORWARD + iptables -A FORWARD -m physdev --physdev-in ${pdev} -j ACCEPT +} + +# Usage: show_status dev bridge +# Print ifconfig and routes. +show_status () { + local dev=$1 + local bridge=$2 + + echo '============================================================' + ip addr show ${dev} + ip addr show ${bridge} + echo ' ' + brctl show ${bridge} + echo ' ' + ip route list + echo ' ' + route -n + echo '============================================================' +} + +op_start () { + if [ "${bridge}" = "null" ] ; then + return + fi + + if link_exists "$pdev"; then + # The device is already up. + return + fi + + create_bridge ${tdev} + + preiftransfer ${netdev} + transfer_addrs ${netdev} ${tdev} + if ! ifdown ${netdev}; then + # If ifdown fails, remember the IP details. + get_ip_info ${netdev} + ip link set ${netdev} down + ip addr flush ${netdev} + fi + ip link set ${netdev} name ${pdev} + ip link set ${tdev} name ${bridge} + + setup_bridge_port ${pdev} + + add_to_bridge2 ${bridge} ${pdev} + do_ifup ${bridge} + + if [ ${antispoof} = 'yes' ] ; then + antispoofing + fi +} + +op_stop () { + if [ "${bridge}" = "null" ]; then + return + fi + if ! link_exists "$bridge"; then + return + fi + + transfer_addrs ${bridge} ${pdev} + if ! ifdown ${bridge}; then + get_ip_info ${bridge} + fi + ip link set ${pdev} down + ip addr flush ${bridge} + + brctl delif ${bridge} ${pdev} + ip link set ${bridge} down + + ip link set ${bridge} name ${tdev} + ip link set ${pdev} name ${netdev} + do_ifup ${netdev} + + brctl delbr ${tdev} +} + +# adds $dev to $bridge but waits for $dev to be in running state first +add_to_bridge2() { + local bridge=$1 + local dev=$2 + local maxtries=10 + + echo -n "Waiting for ${dev} to negotiate link." + ip link set ${dev} up + for i in `seq ${maxtries}` ; do + if ifconfig ${dev} | grep -q RUNNING ; then + break + else + echo -n '.' + sleep 1 + fi + done + + if [ ${i} -eq ${maxtries} ] ; then echo -n '(link isnt in running state)' ; fi + echo + + add_to_bridge ${bridge} ${dev} +} + +case "$command" in + start) + op_start + ;; + + stop) + op_stop + ;; + + status) + show_status ${netdev} ${bridge} + ;; + + *) + echo "Unknown command: $command" >&2 + echo 'Valid commands are: start, stop, status' >&2 + exit 1 +esac Index: drbl-virt/conf/initrd_bin/xen-network-common.sh =================================================================== --- drbl-virt/conf/initrd_bin/xen-network-common.sh (revision 170) +++ drbl-virt/conf/initrd_bin/xen-network-common.sh (revision 170) @@ -0,0 +1,128 @@ +# +# Copyright (c) 2005 XenSource Ltd. +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of version 2.1 of the GNU Lesser General Public +# License as published by the Free Software Foundation. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + + +# On SuSE it is necessary to run a command before transfering addresses and +# routes from the physical interface to the virtual. This command creates a +# variable $HWD_CONFIG_0 that specifies the appropriate configuration for +# ifup. + +# Gentoo doesn't have ifup/ifdown, so we define appropriate alternatives. + +# Other platforms just use ifup / ifdown directly. + +## +# preiftransfer +# +# @param $1 The current name for the physical device, which is also the name +# that the virtual device will take once the physical device has +# been renamed. + +if [ -e /etc/SuSE-release ] +then + preiftransfer() + { + eval `/sbin/getcfg -d /etc/sysconfig/network/ -f ifcfg- -- $1` + } + ifup() + { + /sbin/ifup ${HWD_CONFIG_0} $1 + } +elif ! which ifup >/dev/null 2>/dev/null +then + preiftransfer() + { + true + } + ifup() + { + false + } + ifdown() + { + false + } +else + preiftransfer() + { + true + } +fi + + +first_file() +{ + t="$1" + shift + for file in $@ + do + if [ "$t" "$file" ] + then + echo "$file" + return + fi + done +} + +find_dhcpd_conf_file() +{ + first_file -f /etc/dhcp3/dhcpd.conf /etc/dhcpd.conf +} + + +find_dhcpd_init_file() +{ + first_file -x /etc/init.d/{dhcp3-server,dhcp,dhcpd} +} + +# configure interfaces which act as pure bridge ports: +setup_bridge_port() { + local dev="$1" + + # take interface down ... + ip link set ${dev} down + + # ... and configure it + ip addr flush ${dev} +} + +# Usage: create_bridge bridge +create_bridge () { + local bridge=$1 + + # Don't create the bridge if it already exists. + if [ ! -e "/sys/class/net/${bridge}/bridge" ]; then + brctl addbr ${bridge} + brctl stp ${bridge} off + brctl setfd ${bridge} 0 + fi +} + +# Usage: add_to_bridge bridge dev +add_to_bridge () { + local bridge=$1 + local dev=$2 + + # Don't add $dev to $bridge if it's already on a bridge. + if [ -e "/sys/class/net/${bridge}/brif/${dev}" ]; then + ip link set ${dev} up || true + return + fi + brctl addif ${bridge} ${dev} + ip link set ${dev} up +} + Index: drbl-virt/conf/initrd_bin/xen-script-common.sh =================================================================== --- drbl-virt/conf/initrd_bin/xen-script-common.sh (revision 170) +++ drbl-virt/conf/initrd_bin/xen-script-common.sh (revision 170) @@ -0,0 +1,44 @@ +# +# Copyright (c) 2005 XenSource Ltd. +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of version 2.1 of the GNU Lesser General Public +# License as published by the Free Software Foundation. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA +# + + +set -e + + +evalVariables() +{ + for arg in "$@" + do + if expr 'index' "$arg" '=' '>' '1' >/dev/null + then + eval "$arg" + fi + done +} + + +findCommand() +{ + for arg in "$@" + do + if ! expr 'index' "$arg" '=' >/dev/null + then + command="$arg" + return + fi + done +}