Re: [Shorewall-users] detect gateway for dhcp provider

Fri, 14 Nov 2014 03:03:11 -0800 

This bug is still present in shorewall version 4.6.4.3, and the
appended patch still fixes it.

--apb (Alan Barrett)

On Sat, 19 Jul 2014, Alan Barrett wrote:
>I attempted to use a line like this in /etc/shorewall/providers:
>
>#NAME   NUMBER  MARK    DUPLIC. INTERFACE       GATEWAY OPTIONS
>#
>ISP1    1       -       -       eth0            detect  track,balance=1
>
>but the "detect" didn't work.  I forget the error message, but you 
>don't need that because I found a fix.
>
>I tracked it down to the detect_dynamic_gateway function in 
>/usr/share/shorewall/lib.core, which was not handling the
>${VARLIB}/dhcp/dhclient.${1}.leases file.
>
>On my system (Debian 7.6 with isc-dhcp-client version 
>4.2.2.dfsg.1-5+deb70u6), the file name is dhclient.eth0.leases, not 
>dhclient-eth0.lease ("." instead of "-", and plural "leases" instead 
>of singular "lease").  Also, the relevant line in the file looks like
>
>option routers 192.0.2.1;
>
>with a trailing semicolon that needs to be removed when the
>value is printed.
>
>I attach a patch that should fix this issue.
>
>--apb (Alan Barrett)

>--- /usr/share/shorewall/lib.core.orig 2014-07-19 12:50:41.509285154 +0000
>+++ /usr/share/shorewall/lib.core      2014-07-19 13:00:11.252206970 +0000
>@@ -845,6 +845,7 @@
>     local GATEWAYS
>     GATEWAYS=
>     local gateway
>+    local file
>
>     gateway=$(run_findgw_exit $1);
>
>@@ -852,14 +853,21 @@
>       gateway=$( find_peer $($IP addr list $interface ) )
>     fi
>
>-    if [ -z "$gateway" -a -f ${VARLIB}/dhcpcd/dhcpcd-${1}.info ]; then
>-      eval $(grep ^GATEWAYS=  ${VARLIB}/dhcpcd/dhcpcd-${1}.info 2> /dev/null)
>+    file="${VARLIB}/dhcpcd/dhcpcd-${1}.info"
>+    if [ -z "$gateway" -a -f "${file}" ]; then
>+      eval $(grep ^GATEWAYS= "${file}" 2> /dev/null)
>       [ -n "$GATEWAYS" ] && GATEWAYS=${GATEWAYS%,*} && gateway=$GATEWAYS
>     fi
>
>-    if [ -z "$gateway" -a -f ${VARLIB}/dhcp/dhclient-${1}.lease ]; then
>-      gateway=$(grep 'option routers' ${VARLIB}/dhcp/dhclient-${1}.lease | 
>tail -n 1 | while read j1 j2 gateway; do echo $gateway ; return 0; done)
>-    fi
>+    for file in \
>+      "${VARLIB}/dhcp/dhclient-${1}.lease" \
>+      "${VARLIB}/dhcp/dhclient.${1}.leases"
>+    do
>+      [ -n "$gateway" ] && break
>+      if [ -f "${file}" ]; then
>+          gateway=$(grep 'option routers' "${file}" | tail -n 1 | while read 
>j1 j2 gateway; do echo "${gateway%\;}" ; return 0; done)
>+      fi
>+    done
>
>     [ -n "$gateway" ] && echo $gateway
> }


------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to