#! /usr/bin/lua --[[ Part of AREDN -- Used for creating Amateur Radio Emergency Data Networks Copyright (C) 2021 Tim Wilkinson Original Perl Copyright (C) 2015 Conrad Lara See Contributors file for additional contributors This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation version 3 of the License. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . Additional Terms: Additional use restrictions exist on the AREDN(TM) trademark and logo. See AREDNLicense.txt for more info. Attributions to the AREDN Project must be retained in the source code. If importing this code into a new or existing project attribution to the AREDN project must be added to the source code. You must not misrepresent the origin of the material contained within. Modified versions must be modified to attribute to the original source and be marked in reasonable ways as differentiate it from the original version --]] require("nixio") require("aredn.utils") require("aredn.hardware") aredn.info = require('aredn.info') require("uci") -- Whether to validate hosts and services before publishing local validate = false -- check what config gile we are building for local uci_conf_file if #arg == 0 then uci_conf_file = "olsrd" else uci_conf_file = arg[1] if #arg == 2 and arg[2] == "validate" then validate = true end end if uci_conf_file == "olsrd6" then -- we only generate entries for IPv4 at the moment os.exit(0) end local cursor = uci.cursor() local names = {} local hosts = {} local services = {} local tunnels = {} function ip_to_hostname(ip) if ip and ip ~= "" and ip ~= "none" then local a, b, c, d = ip:match("(.*)%.(.*)%.(.*)%.(.*)") local revip = d .. "." .. c .. "." .. b .. "." .. a local f = io.popen("nslookup " .. ip) if f then local pattern = "^" .. revip .. "%.in%-addr%.arpa%s+name%s+=%s+(%S+)%.local%.mesh" for line in f:lines() do local host = line:match(pattern) if host then f:close() return host end end f:close() end end return "" end -- canonical names for this node -- (they should up in reverse order, make the official name last) local name = aredn.info.get_nvram("tactical") if name ~= "" then names[#names + 1] = name end name = aredn.info.get_nvram("node") if name ~= "" then names[#names + 1] = name end local dmz_mode = cursor:get("aredn", "@dmz[0]", "mode") if dmz_mode ~= "0" then if nixio.fs.stat("/etc/config.mesh/aliases.dmz") then for line in io.lines("/etc/config.mesh/aliases.dmz") do local ip, host = line:match("(.*) (.*)") if host then hosts[#hosts + 1] = { ip = ip, host = host } end end end if nixio.fs.stat("/etc/ethers") then local noprop_ip = {} if nixio.fs.stat("/etc/hosts") then for line in io.lines("/etc/hosts") do local ip = line:match("^(%S+)%s.*#NOPROP$") if ip then noprop_ip[ip] = true end end end for line in io.lines("/etc/ethers") do local ip = line:match("[0-9a-fA-F:]+%s+([%d%.]+)") if ip and not noprop_ip[ip] then local host = ip_to_hostname(ip) if host then hosts[#hosts + 1] = { ip = ip, host = host } end end end end end -- add a name for the dtdlink and xlink interfaces if name then local dtdip = aredn.hardware.get_interface_ip4(aredn.hardware.get_iface_name("dtdlink")) if dtdip then hosts[#hosts + 1] = { ip = dtdip, host = "dtdlink." .. name .. ".local.mesh" } if nixio.fs.stat("/etc/config.mesh/xlink") then local count = 0 uci.cursor("/etc/config.mesh"):foreach("xlink", "interface", function(section) if section.ipaddr then hosts[#hosts + 1] = { ip = section.ipaddr, host = "xlink" .. count .. "." .. name .. ".local.mesh" } count = count + 1 end end ) end end end -- load the services if nixio.fs.stat("/etc/config/services") then for line in io.lines("/etc/config/services") do if line:match("^%w+://[%w%-%.]+:%d+.*|tcp|[^|]+$") or line:match("^%w+://[%w%-%.]+:%d+.*|udp|[^|]+$") then services[#services + 1] = line end end end -- validation if validate then local laniface = aredn.hardware.get_iface_name("lan") local valid_hosts = {} -- Add in local names so services checks pass for _, name in ipairs(names) do valid_hosts[name:lower()] = { host = name, ip = nil } end -- Check we can reach all the IP addresses for _, host in ipairs(hosts) do if os.execute("/bin/ping -q -c 1 -W 1 " .. host.ip .. " > /dev/null 2>&1") == 0 then valid_hosts[host.host:lower()] = host elseif os.execute("/usr/sbin/arping -q -f -c 1 -w 1 -I " .. laniface .. " " .. host.ip .. " > /dev/null 2>&1") == 0 then valid_hosts[host.host:lower()] = host end end -- Check all the services have a valid host local valid_services = {} for _, service in ipairs(services) do local proto, hostname, port, path = service:match("^(%w+)://([%w%-%.]+):(%d+)(.*)|...|[^|]+$") if valid_hosts[hostname:lower()] or dmz_mode == "0" then if port == "0" then -- no port so not a link - we can only check the hostname so have to assume the service is good valid_services[#valid_services + 1] = service elseif proto == "http" then -- http so looks like a link. http check it local status, effective_url = io.popen("/usr/bin/curl --retry 0 --connect-timeout 2 --speed-time 5 --speed-limit 1000 --silent --output /dev/null --location --write-out '%{http_code} %{url_effective}' " .. "http://" .. hostname .. ":" .. port .. path):read("*a"):match("^(%d+) (.*)") if status == "200" or status == "401" then valid_services[#valid_services + 1] = service elseif status == "301" or status == "302" or status == "303" or status == "307" or status == "308" then -- Ended at a redirect rather than an actual page. if effective_url:match("^https:") then -- We cannot validate https: links so we just assume they're okay valid_services[#valid_services + 1] = service end end else -- valid port, but we dont know the protocol (we cannot trust the one defined in the services file because the UI wont set -- anything but 'tcp'). Check both tcp and udp and assume valid it either is okay -- tcp local s = nixio.socket("inet", "stream") s:setopt("socket", "sndtimeo", 2) local r = s:connect(hostname, tonumber(port)) s:close() if r == true then -- tcp connection succeeded valid_services[#valid_services + 1] = service else -- udp s = nixio.socket("inet", "dgram") s:setopt("socket", "rcvtimeo", 2) s:connect(hostname, tonumber(port)) s:send("") r = s:recv(0) s:close() if r ~= nil then -- A nil response is an explicity rejection of the udp request. Otherwise we have -- to assume the service is valid valid_services[#valid_services + 1] = service end end end end end local old_hosts = hosts hosts = {} for _, host in ipairs(old_hosts) do if valid_hosts[host.host:lower()] then hosts[#hosts + 1] = host end end services = valid_services end -- end validation -- load the tunnels if nixio.fs.stat("/etc/local/mesh-firewall/02-vtund") then local tunnum = 50 cursor:foreach("vtun", "client", function(section) if section.enabled == "1" then tunnels[#tunnels + 1] = "tun" .. tunnum tunnum = tunnum + 1 end end ) local maxclients = cursor:get("aredn", "@tunnel[0]", "maxclients") if not maxclients then maxclients = 10 end tunnum = 50 + maxclients cursor:foreach("vtun", "server", function(section) if section.enabled == "1" then tunnels[#tunnels + 1] = "tun" .. tunnum tunnum = tunnum + 1 end end ) end -- add the nameservice plugin print() print([[LoadPlugin "olsrd_nameservice.so.0.4"]]) print([[{]]) print([[ PlParam "sighup-pid-file" "/var/run/dnsmasq/dnsmasq.pid"]]) print([[ PlParam "interval" "30"]]) print([[ PlParam "timeout" "300"]]) print([[ PlParam "name-change-script" "cp /var/run/hosts_olsr /var/run/hosts_olsr.snapshot; mv -f /var/run/hosts_olsr.snapshot /var/run/hosts_olsr.stable; touch /tmp/namechange /var/run/hosts_olsr.stable"]]) for _, name in ipairs(names) do print([[ PlParam "name" "]] .. name .. [["]]) end for _, host in ipairs(hosts) do print([[ PlParam "]] .. host.ip .. [[" "]] .. host.host .. [["]]) end for _, service in ipairs(services) do print([[ PlParam "service" "]] .. service .. [["]]) end print([[}]]) -- add the ACTIVE tunnel interfaces if #tunnels > 0 then local tun_weight = tonumber(cursor:get("aredn", "@tunnel[0]", "weight")) local tuns = "" for _, tunnel in ipairs(tunnels) do tuns = tuns .. " \"" .. tunnel .. "\"" end print() print([[Interface]] .. tuns) print([[{]]) print([[ Ip4Broadcast 255.255.255.255]]) if not tun_weight or tun_weight < 1 then print([[ Mode "ether"]]) elseif tun_weight > 1 then print([[ LinkQualityMult default ]] .. (1 / tun_weight)) end print([[}]]) end -- add the XLINK interfaces if nixio.fs.stat("/etc/config.mesh/xlink") then uci.cursor("/etc/config.mesh"):foreach("xlink", "interface", function(section) print() print([[Interface "]] .. section.ifname .. [["]]) print([[{]]) if section.peer then print([[ Ip4Broadcast ]] .. section.peer) else print([[ Ip4Broadcast 255.255.255.255]]) end local weight = tonumber(section.weight) if weight then if weight > 1 then print([[ LinkQualityMult default ]] .. (1 / weight)) elseif weight < 1 then print([[ Mode "ether"]]) end else print([[ Mode "ether"]]) end print([[}]]) end ) end