Page Menu
Home
VyOS Platform
Search
Configure Global Search
Log In
Files
F2657980
opennhrp-script-fix.py
All Users
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Authored By
Viacheslav
Apr 19 2022, 9:05 PM
2022-04-19 21:05:02 (UTC+0)
Size
2 KB
Referenced Files
None
Subscribers
None
opennhrp-script-fix.py
View Options
#!/usr/bin/env python3
from
vyos.util
import
cmd
opennhrp_script
=
"/etc/opennhrp/opennhrp-script"
opennhrp_fix
=
"""#!/bin/sh
_nhrp_config="/etc/opennhrp/opennhrp.conf"
_nhrp_ipsec="/etc/opennhrp/opennhrp.ipsec"
_strongswan_pid="/var/run/charon.pid"
_type="hub"
_script_name="opennhrp"
if ! grep "$NHRP_INTERFACE" $_nhrp_config | grep "hub"> /dev/null 2>&1; then
_type="spoke"
fi
case $1 in
interface-up)
logger -t ${_script_name} -p local7.notice "Flush route table proto 42 and neighbours on interface $NHRP_INTERFACE"
ip route flush proto 42 dev $NHRP_INTERFACE
ip neigh flush dev $NHRP_INTERFACE
;;
peer-register)
logger -t ${_script_name} -p local7.notice "Received peer registration request: $NHRP_SRCNBMA $NHRP_DESTNBMA"
;;
peer-up)
if [ -n "$NHRP_DESTMTU" ]; then
ARGS=`ip route get $NHRP_DESTNBMA from $NHRP_SRCNBMA | head -1`
ip route add $ARGS proto 42 mtu $NHRP_DESTMTU
logger -t ${_script_name} -p local7.notice "ip route add $ARGS proto 42 mtu $NHRP_DESTMTU"
fi
logger -t ${_script_name} -p local7.notice "Create link from $NHRP_SRCADDR ($NHRP_SRCNBMA) to $NHRP_DESTADDR ($NHRP_DESTNBMA)"
if [[ ( ${_type} == "spoke" ) && ( -e ${_strongswan_pid} ) ]]; then
if grep "${NHRP_SRCADDR}" "${_nhrp_ipsec}"; then
if swanctl -l -r | grep -q "^list-sa event {dmvpn-DMVPN-.* state=ESTABLISHED local-host=$NHRP_SRCNBMA.*remote-host=$NHRP_DESTNBMA"; then
logger -t ${_script_name} -p local7.notice "IPSec: connection to $NHRP_DESTADDR ($NHRP_DESTNBMA) already exists"
else
logger -t ${_script_name} -p local7.notice "IPSec: connect to $NHRP_DESTADDR ($NHRP_DESTNBMA)"
swanctl -i -c dmvpn -S $NHRP_SRCNBMA -R $NHRP_DESTNBMA || exit 1
fi
fi
fi
;;
peer-down)
logger -t ${_script_name} -p local7.notice "Delete link from $NHRP_SRCADDR ($NHRP_SRCNBMA) to $NHRP_DESTADDR ($NHRP_DESTNBMA)"
if [[ ( ${_type} == "spoke" ) && ( -e ${_strongswan_pid} ) ]]; then
swanctl -t -S $NHRP_SRCNBMA -R $NHRP_DESTNBMA || exit 1
fi
ip route del $NHRP_DESTNBMA src $NHRP_SRCNBMA proto 42
;;
route-up)
logger -t ${_script_name} -p local7.notice "Route $NHRP_DESTADDR/$NHRP_DESTPREFIX is up"
ip route replace $NHRP_DESTADDR/$NHRP_DESTPREFIX proto 42 via $NHRP_NEXTHOP dev $NHRP_INTERFACE
ip route flush cache
;;
route-down)
logger -t ${_script_name} -p local7.notice "Route $NHRP_DESTADDR/$NHRP_DESTPREFIX is down"
ip route del $NHRP_DESTADDR/$NHRP_DESTPREFIX proto 42
ip route flush cache
;;
esac
exit 0
"""
cmd
(
f
'cp {opennhrp_script} {opennhrp_script}.original'
)
with
open
(
opennhrp_script
,
'w'
)
as
f
:
f
.
write
(
opennhrp_fix
)
File Metadata
Details
Attached
Mime Type
text/x-python
Storage Engine
local-disk
Storage Format
Raw Data
Storage Handle
2d/d2/741c731fb5ea18310fe51a9af2b1
Default Alt Text
opennhrp-script-fix.py (2 KB)
Attached To
Mode
T4350: DMVPN opennhrp spokes dont work behind NAT
Attached
Detach File
Event Timeline
Log In to Comment