aredn/files/usr/local/bin/olsrd-config

#! /usr/bin/lua
--[[

	Part of AREDN -- Used for creating Amateur Radio Emergency Data Networks
	Copyright (C) 2021 Tim Wilkinson
	Original Perl Copyright (C) 2015 Conrad Lara
	See Contributors file for additional contributors

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation version 3 of the License.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program.  If not, see <http://www.gnu.org/licenses/>.

	Additional Terms:

	Additional use restrictions exist on the AREDN(TM) trademark and logo.
		See AREDNLicense.txt for more info.

	Attributions to the AREDN Project must be retained in the source code.
	If importing this code into a new or existing project attribution
	to the AREDN project must be added to the source code.

	You must not misrepresent the origin of the material contained within.

	Modified versions must be modified to attribute to the original source
	and be marked in reasonable ways as differentiate it from the original
	version

--]]

require("nixio")
require("aredn.utils")
require("aredn.hardware")
aredn.info = require('aredn.info')
require("uci")

-- Whether to validate hosts and services before publishing
local validate = false

-- check what config gile we are building for
local uci_conf_file
if #arg == 0 then
    uci_conf_file = "olsrd"
else
    uci_conf_file = arg[1]
    if #arg == 2 and arg[2] == "validate" then
        validate = true
    end
end

if uci_conf_file == "olsrd6" then
    -- we only generate entries for IPv4 at the moment
    os.exit(0)
end

local cursor = uci.cursor()

local names = {}
local hosts = {}
local services = {}
local tunnels = {}

function ip_to_hostname(ip)
    if ip and ip ~= "" and ip ~= "none" then
        local a, b, c, d = ip:match("(.*)%.(.*)%.(.*)%.(.*)")
        local revip = d .. "." .. c .. "." .. b .. "." .. a
        local f = io.popen("nslookup " .. ip)
        if f then
            local pattern = "^" .. revip .. "%.in%-addr%.arpa%s+name%s+=%s+(%S+)%.local%.mesh"
            for line in f:lines()
            do
                local host = line:match(pattern)
                if host then
                    f:close()
                    return host
                end
            end
            f:close()
        end
    end
    return ""
end

-- canonical names for this node
-- (they should up in reverse order, make the official name last)
local name = aredn.info.get_nvram("tactical")
if name ~= "" then
    names[#names + 1] = name
end
name = aredn.info.get_nvram("node")
if name ~= "" then
    names[#names + 1] = name
end

local dmz_mode = cursor:get("aredn", "@dmz[0]", "mode")
if dmz_mode ~= "0" then
    if nixio.fs.stat("/etc/config.mesh/aliases.dmz") then
        for line in io.lines("/etc/config.mesh/aliases.dmz")
        do
            local ip, host = line:match("(.*) (.*)")
            if host then
                hosts[#hosts + 1] = { ip = ip, host = host }
            end
        end
    end
    if nixio.fs.stat("/etc/ethers") then
        local noprop_ip = {}
        if nixio.fs.stat("/etc/hosts") then
            for line in io.lines("/etc/hosts")
            do
                local ip = line:match("^(%S+)%s.*#NOPROP$")
                if ip then
                    noprop_ip[ip] = true
                end
            end
        end
        for line in io.lines("/etc/ethers")
        do
            local ip = line:match("[0-9a-fA-F:]+%s+([%d%.]+)")
            if ip and not noprop_ip[ip] then
                local host = ip_to_hostname(ip)
                if host then
                    hosts[#hosts + 1] = { ip = ip, host = host }
                end
            end
        end
    end
end

-- add a name for the dtdlink interface
if name then
    local dtdip = aredn.hardware.get_interface_ip4(aredn.hardware.get_iface_name("dtdlink"))
    hosts[#hosts + 1] = { ip = dtdip, host = "dtdlink." .. name .. ".local.mesh" }
end

-- load the services
if nixio.fs.stat("/etc/config/services") then
    for line in io.lines("/etc/config/services")
    do
        if line:match("^%w+://[%w%-%.]+:%d+.*|tcp|[^|]+$") or line:match("^%w+://[%w%-%.]+:%d+.*|udp|[^|]+$") then
            services[#services + 1] = line
        end
    end
end

-- validation
if validate then
    local valid_hosts = {}
    -- Add in local names so services checks pass
    for _, name in ipairs(names)
    do
        valid_hosts[name:lower()] = { host = name, ip = nil }
    end
    -- Check we can reach all the IP addresses
    for _, host in ipairs(hosts)
    do
        if os.execute("/bin/ping -q -c 1 -W 1 " .. host.ip .. " > /dev/null 2>&1") == 0 then
            valid_hosts[host.host:lower()] = host
        end
    end
    -- Check all the services have a valid host
    local valid_services = {}
    for _, service in ipairs(services)
    do
        local proto, hostname, port, path = service:match("^(%w+)://([%w%-%.]+):(%d+)(.*)|...|[^|]+$")
        if valid_hosts[hostname:lower()] then
            if port == "0" then
                -- no port so not a link - we can only check the hostname so have to assume the service is good
                valid_services[#valid_services + 1] = service
            elseif proto == "http" then
                -- http so looks like a link. http check it
                local status = io.popen("/usr/bin/curl --retry 0 --connect-timeout 2 --speed-time 5 --speed-limit 1000 --silent --output /dev/null --location --write-out '%{http_code}' " .. "http://" .. hostname .. ":" .. port .. path):read("*a")
                if status == "200" then
                    valid_services[#valid_services + 1] = service
                end
            else
                -- valid port, but we dont know the protocol (we cannot trust the one defined in the services file because the UI wont set
                -- anything but 'tcp'). Check both tcp and udp and assume valid it either is okay
                -- tcp
                local s = nixio.socket("inet", "stream")
                s:setopt("socket", "sndtimeo", 2)
                local r = s:connect(hostname, tonumber(port))
                s:close()
                if r == true then
                    -- tcp connection succeeded
                    valid_services[#valid_services + 1] = service
                else
                    -- udp
                    s = nixio.socket("inet", "dgram")
                    s:setopt("socket", "rcvtimeo", 2)
                    s:connect(hostname, tonumber(port))
                    s:send("")
                    r = s:recv(0)
                    s:close()
                    if r ~= nil then
                        -- A nil response is an explicity rejection of the udp request. Otherwise we have
                        -- to assume the service is valid
                        valid_services[#valid_services + 1] = service
                    end
                end
            end
        end
    end
    local old_hosts = hosts
    hosts = {}
    for _, host in ipairs(old_hosts)
    do
        if valid_hosts[host.host:lower()] then
            hosts[#hosts + 1] = host
        end
    end
    services = valid_services
end
-- end validation

-- load the tunnels
if nixio.fs.stat("/etc/local/mesh-firewall/02-vtund") then
    local tunnum = 50
    cursor:foreach("vtun", "client",
        function(section)
            if section.enabled == "1" then
                tunnels[#tunnels + 1] = "tun" .. tunnum
                tunnum = tunnum + 1
            end
        end
    )
    local maxclients = cursor:get("aredn", "@tunnel[0]", "maxclients")
    if not maxclients then
        maxclients = 10
    end
    tunnum = 50 + maxclients
    cursor:foreach("vtun", "server",
        function(section)
            if section.enabled == "1" then
                tunnels[#tunnels + 1] = "tun" .. tunnum
                tunnum = tunnum + 1
            end
        end
    )
end

-- add the nameservice plugin
print()
print([[LoadPlugin "olsrd_nameservice.so.0.4"]])
print([[{]])
print([[    PlParam "sighup-pid-file" "/var/run/dnsmasq/dnsmasq.pid"]])
print([[    PlParam "interval" "30"]])
print([[    PlParam "timeout" "300"]])
print([[    PlParam "name-change-script" "touch /tmp/namechange"]])
for _, name in ipairs(names)
do
    print([[    PlParam "name" "]] .. name .. [["]])
end
for _, host in ipairs(hosts)
do
    print([[    PlParam "]] .. host.ip .. [[" "]] .. host.host .. [["]])
end
for _, service in ipairs(services)
do
    print([[    PlParam "service" "]] .. service .. [["]])
end
print([[}]])

-- add the ACTIVE tunnel interfaces
if #tunnels > 0 then
    local tuns = ""
    for _, tunnel in ipairs(tunnels)
    do
        tuns = tuns .. " \"" .. tunnel .. "\""
    end
    print()
    print([[Interface]] .. tuns)
    print([[{]])
    print([[     Ip4Broadcast 255.255.255.255]])
    print([[     Mode "ether"]])
    print([[}]])
end