1#!/bin/bash 2# 3# Copyright (c) 2017, The OpenThread Authors. 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions are met: 8# 1. Redistributions of source code must retain the above copyright 9# notice, this list of conditions and the following disclaimer. 10# 2. Redistributions in binary form must reproduce the above copyright 11# notice, this list of conditions and the following disclaimer in the 12# documentation and/or other materials provided with the distribution. 13# 3. Neither the name of the copyright holder nor the 14# names of its contributors may be used to endorse or promote products 15# derived from this software without specific prior written permission. 16# 17# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 18# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 21# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 22# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 23# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 24# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 25# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 26# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 27# POSSIBILITY OF SUCH DAMAGE. 28# 29 30AP_CONN="BorderRouter-AP" 31ETH_CONN="BorderRouter-Eth" 32 33AP_HELPER_SCRIPT="/etc/NetworkManager/dispatcher.d/ap-helper" 34DHCPV6_HELPER_SCRIPT="/etc/NetworkManager/dispatcher.d/dhcpv6-helper" 35 36create_ap_connection() 37{ 38 IFNAME=$(nmcli d | grep wifi | cut -d" " -f1) 39 40 sudo nmcli c add type wifi ifname "${IFNAME}" con-name ${AP_CONN} ssid ${AP_CONN} 41 sudo nmcli c modify ${AP_CONN} 802-11-wireless.mode ap 802-11-wireless.band bg ipv4.method shared ipv6.method auto 42 sudo nmcli c modify ${AP_CONN} wifi-sec.key-mgmt wpa-psk 43 sudo nmcli c modify ${AP_CONN} wifi-sec.proto rsn 44 sudo nmcli c modify ${AP_CONN} wifi-sec.psk "12345678" 45} 46 47create_eth_connection() 48{ 49 IFNAME=$(nmcli d | grep ethernet | cut -d" " -f1 | grep -v usb) 50 51 sudo nmcli c add type ethernet ifname "${IFNAME}" con-name ${ETH_CONN} 52 sudo nmcli c modify ${ETH_CONN} ipv6.method ignore 53} 54 55create_ap_helper_script() 56{ 57 sudo tee ${AP_HELPER_SCRIPT} <<EOF 58#!/bin/sh 59# 60# Copyright (c) 2017, The OpenThread Authors. 61# All rights reserved. 62# 63# Redistribution and use in source and binary forms, with or without 64# modification, are permitted provided that the following conditions are met: 65# 1. Redistributions of source code must retain the above copyright 66# notice, this list of conditions and the following disclaimer. 67# 2. Redistributions in binary form must reproduce the above copyright 68# notice, this list of conditions and the following disclaimer in the 69# documentation and/or other materials provided with the distribution. 70# 3. Neither the name of the copyright holder nor the 71# names of its contributors may be used to endorse or promote products 72# derived from this software without specific prior written permission. 73# 74# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 75# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 76# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 77# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 78# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 79# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 80# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 81# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 82# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 83# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 84# POSSIBILITY OF SUCH DAMAGE. 85# 86 87set -euxo pipefail 88 89NAME="ap-helper" 90 91IFNAME=\$1 92ACTION=\$2 93 94AP_CONN="${AP_CONN}" 95 96DHCP_START="10.42.0.2" 97DHCP_END="10.42.0.8" 98 99ROUTER_IP="10.42.0.1" 100 101DNS1=\${ROUTER_IP} 102DNS2="8.8.8.8" 103 104 105log() 106{ 107 logger -t "\${NAME}[\${\$}]" \$* 108} 109 110disable_accept_ra() 111{ 112 log "Disable accepting Router Advertisements on the interface: '\${IFNAME}'" 113 sysctl -w net.ipv6.conf.\${IFNAME}.accept_ra=1 114} 115 116start_dnsmasq() 117{ 118 log "Starting 'dnsmasq' on the interface: '\${IFNAME}'" 119 /usr/sbin/dnsmasq -i \${IFNAME} -a \${ROUTER_IP} -b -z -K -F\${DHCP_START},\${DHCP_END},24h -p0 -O3,\${ROUTER_IP} -O6,\${DNS1},\${DNS2} 120} 121 122kill_dnsmasq() 123{ 124 local DNSMASQ_PID=\`pidof dnsmasq\` 125 126 if [ -n \${DNSMASQ_PID} ]; then 127 log "Killing 'dnsmasq' process with PID: '\${DNSMASQ_PID}'" 128 kill -9 \${DNSMASQ_PID} 129 else 130 log "'dnsmasq' is not running" 131 fi 132} 133 134release_dhcpcd() 135{ 136 log "Releasing 'dhcpcd' on the interface: '\${IFNAME}'" 137 /sbin/dhcpcd -6 -k \${IFNAME} 138} 139 140handle_action_up() 141{ 142 case \${IFNAME} in 143 wlan*) 144 if [ \${CONNECTION_ID} = \${AP_CONN} ]; then 145 release_dhcpcd 146 disable_accept_ra 147 start_dnsmasq 148 fi 149 ;; 150 *) 151 ;; 152 esac 153} 154 155handle_action_down() 156{ 157 case \${IFNAME} in 158 wlan*) 159 if [ \${CONNECTION_ID} = \${AP_CONN} ]; then 160 kill_dnsmasq 161 fi 162 ;; 163 *) 164 log "Skipping action: '\${ACTION}' on the interface: '\${IFNAME}'" 165 ;; 166 esac 167} 168 169 170case \${ACTION} in 171up) 172 handle_action_up 173 ;; 174down) 175 handle_action_down 176 ;; 177*) 178 log "Unsupported action: '\${ACTION}'" 179 ;; 180esac 181EOF 182} 183 184create_dhcpv6_helper_script() 185{ 186 sudo tee ${DHCPV6_HELPER_SCRIPT} <<EOF 187#!/bin/sh 188# 189# Copyright (c) 2017, The OpenThread Authors. 190# All rights reserved. 191# 192# Redistribution and use in source and binary forms, with or without 193# modification, are permitted provided that the following conditions are met: 194# 1. Redistributions of source code must retain the above copyright 195# notice, this list of conditions and the following disclaimer. 196# 2. Redistributions in binary form must reproduce the above copyright 197# notice, this list of conditions and the following disclaimer in the 198# documentation and/or other materials provided with the distribution. 199# 3. Neither the name of the copyright holder nor the 200# names of its contributors may be used to endorse or promote products 201# derived from this software without specific prior written permission. 202# 203# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 204# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 205# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 206# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 207# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 208# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 209# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 210# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 211# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 212# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 213# POSSIBILITY OF SUCH DAMAGE. 214# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 215# POSSIBILITY OF SUCH DAMAGE. 216# 217# Description: 218# This script manipulates DHCPv6-PD configuration. 219# 220 221set -euxo pipefail 222 223NAME="dhcpv6-helper" 224 225IFNAME=\$1 226ACTION=\$2 227 228AP_CONN="${AP_CONN}" 229 230DHCPCD_INTERFACES="/tmp/dhcpcd_interfaces" 231 232 233log() 234{ 235 logger -t "\${NAME}[\${\$}]" \$* 236} 237 238enable_accept_ra() 239{ 240 log "Enable accepting Router Advertisements on the interface: '\${IFNAME}'" 241 sysctl -w net.ipv6.conf.\${IFNAME}.accept_ra=2 242} 243 244kill_dnsmasq() 245{ 246 local DNSMASQ_PID=\`pidof dnsmasq\` 247 248 log "Killing 'dnsmasq' process with PID: '\${DNSMASQ_PID}'" 249 kill -9 \${DNSMASQ_PID} 250} 251 252start_dhcpcd() 253{ 254 log "Starting 'dhcpcd' on the interface: '\${IFNAME}'" 255 /sbin/dhcpcd -6 -b -K -E \${IFNAME} 256 257 # Add interface to active dhcpcd interfaces. 258 sed -i "/\${IFNAME}/d" \${DHCPCD_INTERFACES} 259 echo "\${IFNAME}" >> \${DHCPCD_INTERFACES} 260} 261 262release_dhcpcd() 263{ 264 log "Releasing 'dhcpcd' on the interface: '\${IFNAME}'" 265 /sbin/dhcpcd -6 -k \${IFNAME} 266 267 # Remove interface from active dhcpcd interfaces. 268 sed -i "/\${IFNAME}/d" \${DHCPCD_INTERFACES} 269} 270 271handle_action_up() 272{ 273 case \${IFNAME} in 274 enp*) 275 enable_accept_ra 276 start_dhcpcd 277 ;; 278 eth*) 279 enable_accept_ra 280 start_dhcpcd 281 ;; 282 wlan*) 283 if ! [ \${CONNECTION_ID} = \${AP_CONN} ]; then 284 enable_accept_ra 285 start_dhcpcd 286 fi 287 ;; 288 *) 289 ;; 290 esac 291 292} 293 294handle_action_down() 295{ 296 case \${IFNAME} in 297 enp*) 298 release_dhcpcd 299 ;; 300 eth*) 301 release_dhcpcd 302 ;; 303 wlan*) 304 if ! [ \${CONNECTION_ID} = \${AP_CONN} ]; then 305 release_dhcpcd 306 fi 307 ;; 308 *) 309 log "Skipping action: '\${ACTION}' on the interface: '\${IFNAME}'" 310 ;; 311 esac 312} 313 314case \${ACTION} in 315up) 316 handle_action_up 317 ;; 318down) 319 handle_action_down 320 ;; 321*) 322 log "Unsupported action: '\${ACTION}'" 323 ;; 324esac 325EOF 326} 327 328network_manager_install() 329{ 330 with NETWORK_MANAGER || return 0 331 332 if ! have systemctl; then 333 echo "This script requires systemctl!" 334 return 0 335 fi 336 337 if with DNS64; then 338 # bind9 provides DNS service 339 sudo sed -i 's/^#port=5353/port=0/g' /etc/dnsmasq.conf 340 sudo systemctl restart dnsmasq 341 fi 342 343 sudo systemctl daemon-reload 344 345 sudo systemctl stop wpa_supplicant || true 346 sudo systemctl disable wpa_supplicant || true 347 348 sudo systemctl stop dhcpcd || true 349 sudo systemctl disable dhcpcd || true 350 351 sudo systemctl daemon-reload 352 353 sudo systemctl start NetworkManager || die "Failed to start NetworkManager." 354 sudo systemctl enable NetworkManager || die "Failed to enable NetworkManager." 355 356 # Create AP connection only on raspbian platform. 357 if [ "$PLATFORM" = raspbian ] || with NETWORK_MANAGER_WIFI; then 358 create_ap_helper_script 359 sudo chmod a+x ${AP_HELPER_SCRIPT} 360 361 create_ap_connection 362 fi 363 364 create_dhcpv6_helper_script 365 sudo chmod a+x ${DHCPV6_HELPER_SCRIPT} 366 367 create_eth_connection 368 369 sudo systemctl daemon-reload 370 sudo systemctl restart NetworkManager 371 372 sleep 15 373 374 if [ "$PLATFORM" = raspbian ] || with NETWORK_MANAGER_WIFI; then 375 sudo nmcli c up ${AP_CONN} 376 fi 377 378 sudo nmcli c up ${ETH_CONN} 379} 380 381network_manager_uninstall() 382{ 383 with NETWORK_MANAGER || return 0 384 385 if with DNS64; then 386 sudo systemctl stop dnsmasq 387 # revert changes to dnsmasq 388 sudo sed -i 's/^port=0/#port=5353/g' /etc/dnsmasq.conf 389 fi 390 391 if ! have systemctl; then 392 echo "This script requires systemctl!" 393 return 0 394 fi 395 396 if ! systemctl is-active NetworkManager; then 397 sudo systemctl daemon-reload 398 sudo systemctl start NetworkManager 399 fi 400 401 if [ "$PLATFORM" = raspbian ] || with NETWORK_MANAGER_WIFI; then 402 sudo nmcli c down ${AP_CONN} || true 403 sudo nmcli c delete ${AP_CONN} || true 404 fi 405 406 sudo nmcli c down ${ETH_CONN} || true 407 sudo nmcli c delete ${ETH_CONN} || true 408 409 sudo systemctl disable NetworkManager || die 'Failed to disable NetworkManager!' 410 sudo systemctl stop NetworkManager || die 'Failed to stop NetworkManager!' 411 412 sudo rm ${AP_HELPER_SCRIPT} || true 413 sudo rm ${DHCPV6_HELPER_SCRIPT} || true 414 415 sudo systemctl daemon-reload 416 417 sudo systemctl start dhcpcd || true 418 sudo systemctl enable dhcpcd || true 419 420 sudo systemctl start wpa_supplicant || true 421 sudo systemctl enable wpa_supplicant || true 422} 423