Package: ifupdown
Version: 0.8.19
Severity: wishlist
Tags: patch newcomer
Dear Maintainer,
* What led up to the situation?
I am building a router with two external gateways, and felt that
the support for complex sets of rules and routes which can be
passed into the ip command is inadequate.
I am a Debian newbie - and arrived after many years of Redhattery.
RHEL has a per-interface file of rules and routes commands for the
ip command which can be used to both on up and down. The files
contain command lines for the ip command but they don't have
/bin/ip add or /bin/ip del so they are re-usuable.
* What exactly did you do (or not do) that was effective (or
ineffective)?
I've created a shell script which can be put into /etc/networks -
and then symlinked from if-down.d and if-up.d. It can also be run
standalone to setup the rules and routes.
It looks for files in /etc/network/iproute which are named for
the interface.
I include the script below.
* What was the outcome of this action?
It's now easy to add and remove routes, and also easier to test
settings because you can fiddle with the rules and routes without
taking interfaces up and down.
All this may have been suggested before, or be against Debian
philosophy so if this is Debian 'rubbish' please feel free to
ditch this report.
----------------- cut here and save as iproute ----------------
#!/bin/bash
# Script to run from the .d directories in /etc/network
# AND also when given start/stop/restart as an argument to load the ip tables
# without changing the network status
#
# It adds or deletes /sbin/ip rule and route commands taken from files in
# /etc/network/iproute.d
#
# The files are named
# route-IFACE, route6-IFACE
# rule-IFACE, rule6-IFACE
# and only need to be present for interfaces you want to supply routes or rules
for
#
# These files are formatted as arguments to /bin/ip but without
# the command, any flags or add/del
# the idea is that the same arguments can be used for up and down
#
# the command needs to be put into if-down.d and if-up.d
# it will be activated in the pre-down and post-up phases
#
# This is not a novel idea, and is based on RHEL interface specs
# some of this code is taken from the RedHat system
#
# Peter Collinson 30 July 2017
# constants
SRCDIR=/etc/network/iproute.d
iproute=/bin/ip
#iproute="echo /bin/ip"
ifquery=/sbin/ifquery
# Remove comments from the files - RHEL
MATCH='^[[:space:]]*(\#.*)?$'
# File process
# $1 is rule or route
# $2 is add or del
# uses global ADDRFAM to determine protocol
function fileprocess {
local proto=""
local srcfile="${SRCDIR}/${1}-${IFACE}"
if [ "$ADDRFAM" = 'inet6' ]; then
srcfile="${SRCDIR}/${1}6-${IFACE}"
proto='-6'
fi
if [ -f "$srcfile" ]; then
{ cat "$srcfile" ; echo ; } | while read line; do
if [[ ! "$line" =~ $MATCH ]]; then
$iproute $proto $1 $2 $line || echo "Error $IFACE $line"
fi
done
fi
}
# start and stop - set up interface for fileprocess
# $1 is start or stop
# $2 is the interface
function startandstop {
case $1 in
start)
export PHASE='post-up'
cmd=add
;;
stop)
export PHASE='pre-down'
cmd=del
;;
esac
for proto in inet inet6; do
export ADDRFAM=$proto
export IFACE=$if
fileprocess rule $cmd
fileprocess route $cmd
done
}
if [ $# -eq 0 ]; then
# this is the automatic call from ifupdown
# we are not interested in some of the ways this script is called
# First scripts are called on allup or alldown
if [ "$ADDRFAM" = 'meta' ]; then
exit 0
fi
# Second we ignore the loopback interfaces
if [ "$IFACE" = 'lo' ]; then
exit 0
fi
# Finally we only deal with pre-down and post-up phases
case ${PHASE} in
pre-down|post-up) ;;
*) exit 0 ;;
esac
# run from script
case $PHASE in
post-up)
fileprocess rule add
fileprocess route add
;;
pre-down)
fileprocess route del
fileprocess rule del
;;
esac
exit 0
elif [ $# -eq 1 ]; then
# should be a better way of doing this
interfaces=$($ifquery -a --list; ifquery --list --allow=hotplug)
case $1 in
start)
for if in $interfaces; do
startandstop start $if
done
;;
stop)
for if in $interfaces; do
startandstop stop $if
done
;;
restart)
for if in $interfaces; do
startandstop stop $if
done
for if in $interfaces; do
startandstop start $if
done
;;
*)
echo "Usage: iproute [start|stop|restart]"
;;
esac
exit 0
else
echo "Usage: iproute [start|stop|restart]"
exit 0
fi
------------------- end of cut --------------------------
-- Package-specific info:
--- /etc/network/interfaces:
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).
source /etc/network/interfaces.d/*
# The loopback network interface
auto lo
iface lo inet loopback
# Lan 1
allow-hotplug enp1s0
iface enp1s0 inet static
address 10.10.10.254/24
gateway 10.10.10.1
post-up ip route add 81.138.86.233 via 10.10.10.1
# Lan 2
allow-hotplug enp2s0
iface enp2s0 inet static
address 10.190.20.254/24
iface enp2s0 inet6 auto
# Lan 3
allow-hotplug enp3s0
iface enp3s0 inet static
address 192.168.50.2/24
# post-up /etc/network/debug
iface enp3s0 inet6 auto
# Lan 4
allow-hotplug enp4s0
iface enp4s0 inet dhcp
pre-up ip link set enp4s0 mtu 1488
# don't need to take this down because it will go when the link does
post-up ip route add 192.168.1.0/24 via 81.138.86.234
post-up ip route change default via 81.138.86.238 dev enp4s0
pre-down ip route change default via 10.10.10.1 dev enp1s0
--- /etc/network/interfaces.d/*:
cat: '/etc/network/interfaces.d/*': No such file or directory
--- up and down scripts installed:
/etc/network/if-down.d:
total 8
-rwxr-xr-x 1 root root 283 Jul 22 20:24 bind9
lrwxrwxrwx 1 root root 10 Jul 31 10:47 iproute -> ../iproute
-rwxr-xr-x 1 root root 332 Jun 2 2015 upstart
/etc/network/if-post-down.d:
total 0
lrwxrwxrwx 1 root root 23 Jan 23 2017 avahi-daemon -> ../if-up.d/avahi-daemon
/etc/network/if-pre-up.d:
total 4
-rwxr-xr-x 1 root root 344 Jun 30 2016 ethtool
/etc/network/if-up.d:
total 24
-rwxr-xr-x 1 root root 484 Jan 23 2017 avahi-daemon
-rwxr-xr-x 1 root root 283 Jul 22 20:24 bind9
-rwxr-xr-x 1 root root 1685 Jun 30 2016 ethtool
lrwxrwxrwx 1 root root 10 Jul 31 10:47 iproute -> ../iproute
-rwxr-xr-x 1 root root 900 May 7 22:04 ntpdate
-rwxr-xr-x 1 root root 972 Mar 30 11:18 openssh-server
-rwxr-xr-x 1 root root 1483 Jun 2 2015 upstart
-- System Information:
Debian Release: 9.1
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Init: systemd (via /run/systemd/system)
Versions of packages ifupdown depends on:
ii adduser 3.115
ii init-system-helpers 1.48
ii iproute2 4.9.0-1
ii libc6 2.24-11+deb9u1
ii lsb-base 9.20161125
Versions of packages ifupdown recommends:
ii isc-dhcp-client [dhcp-client] 4.3.5-3
Versions of packages ifupdown suggests:
pn ppp <none>
pn rdnssd <none>
-- no debconf information
