diff options
| author | TheJackiMonster <thejackimonster@gmail.com> | 2021-08-28 20:36:20 +0200 |
|---|---|---|
| committer | TheJackiMonster <thejackimonster@gmail.com> | 2021-08-28 20:36:20 +0200 |
| commit | 7a4c1fb72a78a19e6d7775472266dba3a4b23356 (patch) | |
| tree | 6a1706f87169fb9ec45f8b4fb08537c48d62edd8 /contrib/scripts/netjail/netjail_core.sh | |
| parent | 5cf91c55a14f67a1dd9c57c9c8094693c615caae (diff) | |
-added ppid prefix to netjail netns and interfaces
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com>
Diffstat (limited to 'contrib/scripts/netjail/netjail_core.sh')
| -rwxr-xr-x | contrib/scripts/netjail/netjail_core.sh | 47 |
1 files changed, 35 insertions, 12 deletions
diff --git a/contrib/scripts/netjail/netjail_core.sh b/contrib/scripts/netjail/netjail_core.sh index 1bfc365e7..c93f26dc9 100755 --- a/contrib/scripts/netjail/netjail_core.sh +++ b/contrib/scripts/netjail/netjail_core.sh @@ -2,6 +2,7 @@ # JAILOR=${SUDO_USER:?must run in sudo} +PREFIX=${PPID:?must run from a parent process} # running with `sudo` is required to be # able running the actual commands as the @@ -9,6 +10,24 @@ JAILOR=${SUDO_USER:?must run in sudo} export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +# initialize the numbering to ensure unique names + +NAMESPACE_NUM=${NAMESPACE_FD:?must have a file for ids} +INTERFACE_NUM=${INTERFACE_FD:?must have a file for ids} + +netjail_read_inc() { + local FD=$1 + local NUM=$(cat $FD) + NUM=${NUM:-0} + + local RES=$NUM + NUM=$(($NUM + 1)) + + echo $NUM > $FD + + printf "$RES" +} + netjail_opt() { local OPT=$1 shift 1 @@ -73,15 +92,14 @@ netjail_check_bin() { fi } -netjail_print_name() { - printf "%s%02x%02x" $1 $2 ${3:-0} -} - netjail_bridge() { - local BRIDGE=$1 + local NUM=$(netjail_read_inc $INTERFACE_NUM) + local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM) ip link add $BRIDGE type bridge ip link set dev $BRIDGE up + + printf "%s" $BRIDGE } netjail_bridge_clear() { @@ -91,9 +109,12 @@ netjail_bridge_clear() { } netjail_node() { - local NODE=$1 + local NUM=$(netjail_read_inc $NAMESPACE_NUM) + local NODE=$(printf "%06x-%08x" $PREFIX $NUM) ip netns add $NODE + + printf "%s" $NODE } netjail_node_clear() { @@ -108,8 +129,11 @@ netjail_node_link_bridge() { local ADDRESS=$3 local MASK=$4 - local LINK_IF="$NODE-$BRIDGE-0" - local LINK_BR="$NODE-$BRIDGE-1" + local NUM_IF=$(netjail_read_inc $INTERFACE_NUM) + local NUM_BR=$(netjail_read_inc $INTERFACE_NUM) + + local LINK_IF=$(printf "%06x-%08x" $PREFIX $NUM_IF) + local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR) ip link add $LINK_IF type veth peer name $LINK_BR ip link set $LINK_IF netns $NODE @@ -120,13 +144,12 @@ netjail_node_link_bridge() { ip -n $NODE link set up dev lo ip link set $LINK_BR up + + printf "%s" $LINK_BR } netjail_node_unlink_bridge() { - local NODE=$1 - local BRIDGE=$2 - - local LINK_BR="$NODE-$BRIDGE-1" + local LINK_BR=$1 ip link delete $LINK_BR } |