wifidog-gateway/rc.wifidog

   1 #!/bin/bash
   2
   3 daemon_name=wifidog
   4 IPT='/usr/sbin/iptables'
   5 WIFIDOG='/usr/bin/wifidog'
   6 WDCTL='/usr/bin/wdctl'
   7
   8 . /etc/rc.conf
   9 . /etc/rc.d/functions
  10
  11 get_pid() {
  12         pidof -o %PPID $daemon_name
  13 }
  14
  15 case "$1" in
  16   start)
  17     stat_busy "Starting $daemon_name daemon"
  18
  19     PID=$(get_pid)
  20     if [ -z "$PID" ]; then
  21       [ -f /var/run/$daemon_name.pid ] && rm -f /var/run/$daemon_name.pid
  22       # Test the ipt modules
  23       $0 test-module > /dev/null
  24       if [ $? -gt 0 ]; then
  25         stat_fail
  26         exit 1
  27       fi
  28
  29       # RUN
  30       $WIFIDOG
  31       if [ $? -gt 0 ]; then
  32         stat_fail
  33         exit 1
  34       else
  35         echo $(get_pid) > /var/run/$daemon_name.pid
  36         add_daemon $daemon_name
  37         stat_done
  38       fi
  39     else
  40       stat_fail
  41       exit 1
  42     fi
  43     ;;
  44
  45   stop)
  46     stat_busy "Stopping $daemon_name daemon"
  47     #
  48     # Ask the process to stop
  49     $WDCTL stop
  50     if [ $? -gt 0 ]; then
  51       stat_fail
  52       exit 1
  53     else
  54       rm -f /var/run/$daemon_name.pid &> /dev/null
  55       rm_daemon $daemon_name
  56       stat_done
  57     fi
  58     ;;
  59
  60   restart)
  61     $0 stop
  62     sleep 1
  63     $0 start
  64     ;;
  65
  66   status)
  67     $WDCTL status
  68     ;;
  69
  70   debug|test-module)
  71     ### Test ipt_mark with iptables
  72     test_ipt_mark () {
  73       IPTABLES_OK=$($IPT -A FORWARD -m mark --mark 2 -j ACCEPT 2>&1 | grep "No chain.target.match")
  74       if [ -z "$IPTABLES_OK" ]; then
  75         $IPT -D FORWARD -m mark --mark 2 -j ACCEPT 2>&1
  76         echo 1
  77       else
  78         echo 0
  79       fi
  80     }
  81
  82     ### Test ipt_mac with iptables
  83     test_ipt_mac () {
  84       IPTABLES_OK=$($IPT -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1 | grep "No chain.target.match")
  85       if [ -z "$IPTABLES_OK" ]; then
  86         $IPT -D INPUT -m mac --mac-source 00:00:00:00:00:00 -j ACCEPT 2>&1
  87         echo 1
  88       else
  89         echo 0
  90       fi
  91     }
  92
  93     ### Find a module on disk
  94     module_exists () {
  95       echo " Looking for a module on disk"
  96       EXIST=$(find /lib/modules/`uname -r` -name $1.*o 2>/dev/null)
  97       if [ -n "$EXIST" ]; then
  98         echo 1
  99       else
 100         echo 0
 101       fi
 102     }
 103
 104     ### Test if a module is in memory
 105     module_in_memory () {
 106       MODULE=$(lsmod | grep $1 | awk '{print $1}')
 107       if [ "$MODULE" = "$1" ]; then
 108         echo 1
 109       else
 110         echo 0
 111       fi
 112     }
 113
 114     echo "Testing for iptables modules"
 115
 116     echo "  Testing ipt_mac"
 117     TEST_IPT_MAC=$(test_ipt_mac)
 118     if [ "$TEST_IPT_MAC" = "0" ]; then
 119       echo "   iptables is not working with ipt_mac"
 120       echo "   Scanning disk for ipt_mac module"
 121       TEST_IPT_MAC_MODULE_EXISTS=$(module_exists "ipt_mac")
 122       if [ "$TEST_IPT_MAC_MODULE_EXISTS" = "0" ]; then
 123         echo "   ipt_mac module is missing, please install it (kernel or module)"
 124         exit
 125       else
 126         echo "   ipt_mac module exists, trying to load"
 127         insmod ipt_mac > /dev/null
 128         TEST_IPT_MAC_MODULE_MEMORY=$(module_in_memory "ipt_mac")
 129         if [ "$TEST_IPT_MAC_MODULE_MEMORY" = "0" ]; then
 130           echo "  Error: ipt_mac not loaded"
 131           exit
 132         else
 133           echo "  ipt_mac loaded sucessfully"
 134         fi
 135       fi
 136     else
 137       echo "   ipt_mac  module is working"
 138     fi
 139
 140     echo "  Testing ipt_mark"
 141     TEST_IPT_MARK=$(test_ipt_mark)
 142     if [ "$TEST_IPT_MARK" = "0" ]; then
 143       echo "   iptables is not working with ipt_mark"
 144       echo "   Scanning disk for ipt_mark module"
 145       TEST_IPT_MARK_MODULE_EXISTS=$(module_exists "ipt_mark")
 146       if [ "$TEST_IPT_MARK_MODULE_EXISTS" = "0" ]; then
 147         echo "   iptables ipt_mark module missing, please install it (kernel or module)"
 148         exit
 149       else
 150         echo "   ipt_mark module exists, trying to load"
 151         insmod ipt_mark
 152         TEST_IPT_MARK_MODULE_MEMORY=$(module_in_memory "ipt_mark")
 153         if [ "$TEST_IPT_MARK_MODULE_MEMORY" = "0" ]; then
 154           echo "   Error: ipt_mark not loaded"
 155           exit
 156         else
 157           echo "   ipt_mark loaded sucessfully"
 158         fi
 159       fi
 160     else
 161       echo "   ipt_mark module is working"
 162     fi
 163     ;;
 164
 165   *)
 166     echo "usage: $0 {start|stop|restart|status|debug|test-module}"
 167 esac
 168
 169 exit 0
 170
 171 # vim:set ts=2 sw=2 et: