From: Urban Wallasch <urban.wallasch@freenet.de>
Date: Mon, 22 Apr 2019 09:24:48 +0000 (+0200)
Subject: * Replaced hard-coded values by variables.
X-Git-Url: https://git.packet-gain.de/?a=commitdiff_plain;h=1b9cb550d0324da6040034e99808ec126ed4b95a;p=netutil.git

* Replaced hard-coded values by variables.
* Removed lots of clutter.
---

diff --git a/nns.sh b/nns.sh
index ebc2b22..9de197a 100755
--- a/nns.sh
+++ b/nns.sh
@@ -14,10 +14,7 @@
 #
 # * Outsource configuration to sourceable script fragment.
 #
-# * Add config options to specify guest network and gw/bridge IP.
-#   (Run dhclient to obtain bridge IP, if none was specified?)
-#
-# * Add config option(s) to specify name server(s).
+# * (Run dhclient to obtain bridge IP, if none was specified?)
 #
 # * Add config option to disable IP forwarding on stop?
 #
@@ -31,11 +28,6 @@
 
 set -x
 
-# It will open an xterm window in the new network namespace; if anything
-# else is required, change the statement below.
-
-export XTERM1=xterm
-
 # The script will temporarily activate ip forwarding for you. If you
 # do not wish to retain this feature, you will have to issue, at the
 # end of this session, the command
@@ -44,58 +36,58 @@ export XTERM1=xterm
 
 ###############################################################################
 
+###############################
+# Configuration variables
+
 BASE_IF=vpn_tap1
+BASE_NET=192.168.30.0/24
+BR_NAME=br0
+BR_IP=192.168.30.3
+
+# List of nameservers to provide DNS in the new network namespace:
+NAMESRV="8.8.8.8 8.8.4.4"
+
+# Program to run in the new network namespace:
+XTERM1=xterm
+
+# Virtual Ethernet to connect new network namespace to default namespace:
 VETH_HOST=veth_host
 VETH_GUEST=veth_guest
 
-export WHEREIS=/usr/bin/whereis
-
-# First of all, check that the script is run by root:
+#
+###############################
 
-[ "root" != "$USER" ] && exec sudo -E $0 "$@"
+SHORTNAME=${0##*/}
 
-if [ $# != 2 ]; then
-    echo "Usage $0 name action"
+if [ $# -lt 2 ]; then
+    echo "Usage $SHORTNAME name action"
     echo "where name is the network namespace name,"
     echo " and action is one of start| stop| reload."
     exit 1
 fi
 
-# Do we have all it takes?
-
-IERROR1=0
-IERROR2=0
-IERROR3=0
-
-export IP=$($WHEREIS -b ip | /usr/bin/awk '{print $2}')
-export IPTABLES=$($WHEREIS -b iptables | /usr/bin/awk '{print $2}')
-export XTERM=$($WHEREIS -b $XTERM1 | /usr/bin/awk '{print $2}')
+# Become root if not already:
+[ "root" != "$USER" ] && exec sudo -E $0 "$@"
 
-if [ "x$IP" = "x" ] ; then
+# Locate essential commands:
+IP=$(command -v ip)
+if [ -z $IP ] ; then
     echo "please install the iproute2 package"
-    IERROR1=1
+    exit 1
 fi
-
-if [ "x$IPTABLES" = "x" ] ; then
+IPTABLES=$(command -v iptables)
+if [ -z $IPTABLES ] ; then
     echo "please install the iptables package"
-    IERROR2=1
-fi
-
-if [ "x$XTERM" = "x" ] ; then
-    echo "please install the xterm package"
-    IERROR3=1
+    exit 1
 fi
-
-if [[ $IERROR1 == 0 && $IERROR2 == 0 && $IERROR3 == 0 ]]
-then
-    :
-else
+XTERM=$(command -v $XTERM1)
+if [ -z $XTERM ] ; then
+    echo "please install the $XTERM1 package"
     exit 1
 fi
 
 
 prelim() {
-
 # Perform some preliminary setup. First, clear the proposed
 # namespace name of blank characters; then create a directory
 # for logging info, and a pid file in it; lastly, enable IPv4
@@ -115,56 +107,53 @@ prelim() {
 
 }
 
-start_nns() {
-
-# Check whether a namespace with the same name already exists.
-
+# Check whether a namespace with given name exists:
+exist_nns() {
     $IP netns list | /bin/grep $1 2> /dev/null
-    if [ $? == 0 ]; then
+}
+
+# Create and configure a new network namespace:
+start_nns() {
+    if exist_nns $1 ; then
         echo "Network namespace $1 already exists,"
-        echo "please choose another name"
+        echo "please choose another name."
         exit 1
     fi
 
-# Here we take care of DNS
-
+    # Take care of DNS:
     /bin/mkdir -p /etc/netns/$1
-    echo "nameserver 8.8.8.8" > /etc/netns/$1/resolv.conf
-    echo "nameserver 8.8.4.4" >> /etc/netns/$1/resolv.conf
-
-# The following creates the new namespace, and the veth interface
+    /bin/rm /etc/netns/$1/resolv.conf 2> /dev/null
+    for NS in $NAMESRV ; do
+        echo "nameserver $NS" >> /etc/netns/$1/resolv.conf
+    done
 
+    # Create the new namespace, the veth interface and the bridge:
     $IP netns add $1
-    ip link add $VETH_HOST type veth peer name $VETH_GUEST
-    brctl addbr br0
-    brctl addif br0 $BASE_IF
-    brctl addif br0 $VETH_HOST
+    $IP link add $VETH_HOST type veth peer name $VETH_GUEST
+    brctl addbr $BR_NAME
+    brctl addif $BR_NAME $BASE_IF
+    brctl addif $BR_NAME $VETH_HOST
     ifconfig $VETH_HOST up
-    ifconfig br0 192.168.30.3 up
+    ifconfig $BR_NAME $BR_IP up
+
 # This assigns the macvlan interface, mac$1, to the new
 # namespace, asks for an IP address via a call to dhclient,
 # brings up this and the (essential) lo interface,
 # creates a new terminal in the new namespace and
 # stores its pid for the purpose of tearing it cleanly, later.
 
-#    $IP link set mac$1 netns $1
     $IP link set $VETH_GUEST netns $1
-#    $IP netns exec $1 /sbin/dhclient -pf /var/run/dhclient_$1.pid -v mac$1 1> /dev/null 2>&1
     $IP netns exec $1 /sbin/dhclient -pf /var/run/dhclient_$1.pid -v $VETH_GUEST 1> /dev/null 2>&1
     $IP netns exec $1 $IP link set dev lo up
     $IP netns exec $1 su -p -c $XTERM $SUDO_USER &
     $IP netns exec $1 echo "$!" > $PID
-    iptables -t nat -A POSTROUTING --source 192.168.30.0/24 --jump MASQUERADE
-    $IP netns exec $1 /sbin/route add default gw 192.168.30.3
+    $IPTABLES -t nat -A POSTROUTING --source $BASE_NET --jump MASQUERADE
+    $IP netns exec $1 /sbin/route add default gw $BR_IP
 
 }
 
 stop_nns() {
-
-# Check that the namespace to be torn down really exists
-
-    $IP netns list | /bin/grep $1 2>&1 1> /dev/null
-    if [ ! $? == 0 ]; then
+    if ! exist_nns $1 ; then
         echo "Network namespace $1 does not exist,"
         echo "please choose another name"
         exit 1
@@ -178,15 +167,15 @@ stop_nns() {
     /bin/rm $PID
     /bin/rmdir $OUTDIR
 
-    ifconfig br0 down
-    brctl delif br0 $BASE_IF
-    brctl delif br0 $VETH_HOST
-    brctl delbr br0
+    ifconfig $BR_NAME down
+    brctl delif $BR_NAME $BASE_IF
+    brctl delif $BR_NAME $VETH_HOST
+    brctl delbr $BR_NAME
 
     $IP netns exec $1 $IP link del $VETH_GUEST
     $IP netns del $1
     $IP link del $VETH_HOST
-    iptables -t nat -D POSTROUTING --source 192.168.30.0/24 --jump MASQUERADE
+    $IPTABLES -t nat -D POSTROUTING --source $BASE_NET --jump MASQUERADE
 
 # This deletes the file and direcotory connected with the DNSes.
 
@@ -205,17 +194,17 @@ case $2 in
         prelim "$1"
         stop_nns $NNSNAME
         ;;
-    reload)
+    reload|restart)
         prelim "$1"
         stop_nns $NNSNAME
         prelim "$1"
         start_nns $NNSNAME
         ;;
+    run)
+        echo "TO-DO: implement '$SHORTNAME run <command>' action."
+        ;;
     *)
-# This removes the absolute path from the command name
-        NAME1=$0
-        NAMESHORT=${NAME1##*/}
-        echo "Usage:" $NAMESHORT "name action,"
+        echo "Usage: $SHORTNAME name action,"
         echo "where name is the name of the network namespace,"
         echo "and action is one of start|stop|reload"
         ;;