5 files changed, 0 insertions, 552 deletions
diff --git a/contrib/netjail/netjail_core.sh b/contrib/netjail/netjail_core.sh
deleted file mode 100755
index da784fa5e..000000000
--- a/contrib/netjail/netjail_core.sh
+++ /dev/null
@@ -1,263 +0,0 @@
-#!/bin/sh
-# 
-PREFIX=${PPID:?must run from a parent process}
-# running with `sudo` is required to be
-# able running the actual commands as the
-# original user.
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-export RESULT=
-export NAMESPACE_NUM=0
-export INTERFACE_NUM=0
-netjail_next_namespace() {
-        local NUM=$NAMESPACE_NUM
-        NAMESPACE_NUM=$(($NAMESPACE_NUM + 1))
-        RESULT=$NUM
-}
-netjail_next_interface() {
-        local NUM=$INTERFACE_NUM
-        INTERFACE_NUM=$(($INTERFACE_NUM + 1))
-        RESULT=$NUM
-}
-netjail_opt() {
-        local OPT=$1
-        shift 1
-        INDEX=1
-        while [ $# -gt 0 ]; do
-                if [ "$1" = "$OPT" ]; then
-                        RESULT=$INDEX
-                        return
-                fi
-                INDEX=$(($INDEX + 1))
-                shift 1
-        done
-        RESULT=0
-}
-netjail_opts() {
-        local OPT=$1
-        local DEF=$2
-        shift 2
-        
-        while [ $# -gt 0 ]; do
-                if [ "$1" = "$OPT" ]; then
-                        printf "$2"
-                        return
-                fi
-                shift 1
-        done
-        
-        RESULT="$DEF"
-}
-netjail_check() {
-        local NODE_COUNT=$1
-        local FD_COUNT=$(($(ls /proc/self/fd | wc -w) - 4))
-        # quit if `$FD_COUNT < ($LOCAL_M * $GLOBAL_N * 2)`:
-        # the script also requires `sudo -C ($FD_COUNT + 4)`
-        # so you need 'Defaults closefrom_override' in the
-        # sudoers file.
-        if [ $FD_COUNT -lt $(($NODE_COUNT * 2)) ]; then
-                echo "File descriptors do not match requirements!" >&2
-                exit 1
-        fi
-}
-netjail_check_bin() {
-        local PROGRAM=$1
-        local MATCH=$(ls $(echo $PATH | tr ":" "\n") | grep "^$PROGRAM\$" | tr "\n" " " | awk '{ print $1 }')
-        # quit if the required binary $PROGRAM can not be
-        # found in the used $PATH.
-        if [ "$MATCH" != "$PROGRAM" ]; then
-                echo "Required binary not found: $PROGRAM" >&2
-                exit 1
-        fi
-}
-netjail_bridge() {
-        netjail_next_interface
-        local NUM=$RESULT
-        local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
-        ip link add $BRIDGE type bridge
-        ip link set dev $BRIDGE up
-        
-        RESULT=$BRIDGE
-}
-netjail_bridge_name() {
-        netjail_next_interface
-        local NUM=$RESULT
-        local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
-        
-        RESULT=$BRIDGE
-}
-netjail_bridge_clear() {
-        local BRIDGE=$1
-        ip link delete $BRIDGE
-}
-netjail_node() {
-        netjail_next_namespace
-        local NUM=$RESULT
-        local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
-        ip netns add $NODE
-        
-        RESULT=$NODE
-}
-netjail_node_name() {
-        netjail_next_namespace
-        local NUM=$RESULT
-        local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
-        
-        RESULT=$NODE
-}
-netjail_node_clear() {
-        local NODE=$1
-        ip netns delete $NODE
-}
-netjail_node_link_bridge() {
-        local NODE=$1
-        local BRIDGE=$2
-        local ADDRESS=$3
-        local MASK=$4
-        
-        netjail_next_interface
-        local NUM_IF=$RESULT
-        netjail_next_interface
-        local NUM_BR=$RESULT
-        
-        local LINK_IF=$(printf "%06x-%08x" $PREFIX $NUM_IF)
-        local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
-        ip link add $LINK_IF type veth peer name $LINK_BR
-        ip link set $LINK_IF netns $NODE
-        ip link set $LINK_BR master $BRIDGE
-        ip -n $NODE addr add "$ADDRESS/$MASK" broadcast + dev $LINK_IF
-        ip -n $NODE link set $LINK_IF up
-        ip -n $NODE link set up dev lo
-        ip link set $LINK_BR up
-        
-        RESULT=$LINK_BR
-}
-netjail_node_link_bridge_name() {
-        
-        netjail_next_interface
-        netjail_next_interface
-        local NUM_BR=$RESULT
-        
-        local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
-        
-        RESULT=$LINK_BR
-}
-netjail_node_unlink_bridge() {
-        local LINK_BR=$1
-        ip link delete $LINK_BR
-}
-netjail_node_add_nat() {
-        local NODE=$1
-        local ADDRESS=$2
-        local MASK=$3
-    ip netns exec $NODE nft add table nat
-    ip netns exec $NODE nft add chain nat postrouting { type nat hook postrouting priority 0 \; }
-    ip netns exec $NODE nft add rule ip nat postrouting ip saddr "$ADDRESS/$MASK" counter masquerade
-        # ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE
-}
-netjail_node_add_default() {
-        local NODE=$1
-        local ADDRESS=$2
-        ip -n $NODE route add default via $ADDRESS
-}
-netjail_node_exec() {
-    JAILOR=${SUDO_USER:?must run in sudo}
-        local NODE=$1
-        local FD_IN=$2
-        local FD_OUT=$3
-        shift 3
-        ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN
-}
-netjail_node_exec_without_fds() {
-    JAILOR=${SUDO_USER:?must run in sudo}
-        NODE=$1
-        shift 1
-        ip netns exec $NODE sudo -u $JAILOR -- $@
-}
-netjail_node_exec_without_fds_and_sudo() {
-        NODE=$1
-        shift 1
-        ip netns exec $NODE $@
-}
-netjail_kill() {
-        local PID=$1
-        local MATCH=$(ps --pid $PID | awk "{ if ( \$1 == $PID ) { print \$1 } }" | wc -l)
-        if [ $MATCH -gt 0 ]; then
-                kill -n 19 $PID
-                for CHILD in $(ps -o pid,ppid -ax | awk "{ if ( \$2 == $PID ) { print \$1 } }"); do
-                        netjail_kill $CHILD
-                done
-                kill $PID
-        fi
-}
-netjail_killall() {
-        if [ $# -gt 0 ]; then
-                local PIDS=$1
-                for PID in $PIDS; do
-                        netjail_kill $PID
-                done
-        fi
-}
-netjail_waitall() {
-        if [ $# -gt 0 ]; then
-                local PIDS=$1
-                for PID in $PIDS; do
-                        wait $PID
-                done
-        fi
-}
diff --git a/contrib/netjail/netjail_exec.sh b/contrib/netjail/netjail_exec.sh
deleted file mode 100755
index fa68d90d4..000000000
--- a/contrib/netjail/netjail_exec.sh
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/sh
-. "$(dirname $0)/netjail_core.sh"
-set -eu
-set -x
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-M=$1
-N=$2
-NODE=$6
-#netjail_node_exec_without_fds_and_sudo $NODE valgrind --leak-check=full --track-origins=yes --trace-children=yes $3 $4 $5 $1 $2 $7 $8
-netjail_node_exec_without_fds_and_sudo $NODE $3 $4 $5 $1 $2 $7 $8
diff --git a/contrib/netjail/netjail_start.sh b/contrib/netjail/netjail_start.sh
deleted file mode 100755
index e2d5fd634..000000000
--- a/contrib/netjail/netjail_start.sh
+++ /dev/null
@@ -1,92 +0,0 @@
-#!/bin/bash
-. "$(dirname $0)/netjail_core.sh"
-. "$(dirname $0)/topo.sh"
-set -eu
-set -x
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-filename=$1
-PREFIX=$2
-readfile=$3
-BROADCAST=0
-if [ $readfile -eq 0 ]
-then
-    read_topology_string "$filename"
-else
-    echo read file
-    read_topology $filename
-fi
-shift 2
-LOCAL_GROUP="192.168.15"
-GLOBAL_GROUP="92.68.150"
-KNOWN_GROUP="92.68.151"
-if [ $BROADCAST -eq 0  ]; then
-   PORT="60002"
-else
-    PORT="2086"
-fi
-echo "Start [local: $LOCAL_GROUP.0/24, global: $GLOBAL_GROUP.0/16]"
-netjail_bridge
-NETWORK_NET=$RESULT
-for X in $(seq $KNOWN); do
-        netjail_node
-        KNOWN_NODES[$X]=$RESULT
-        netjail_node_link_bridge ${KNOWN_NODES[$X]} $NETWORK_NET "$KNOWN_GROUP.$X" 16
-        KNOWN_LINKS[$X]=$RESULT
-done
-declare -A NODES
-declare -A NODE_LINKS
-for N in $(seq $GLOBAL_N); do
-        netjail_node
-        ROUTERS[$N]=$RESULT
-        netjail_node_link_bridge ${ROUTERS[$N]} $NETWORK_NET "$GLOBAL_GROUP.$N" 16
-        NETWORK_LINKS[$N]=$RESULT
-        netjail_bridge
-        ROUTER_NETS[$N]=$RESULT
-        
-        for M in $(seq $LOCAL_M); do
-                netjail_node
-                NODES[$N,$M]=$RESULT
-                netjail_node_link_bridge ${NODES[$N,$M]} ${ROUTER_NETS[$N]} "$LOCAL_GROUP.$M" 24
-                NODE_LINKS[$N,$M]=$RESULT
-        done
-        ROUTER_ADDR="$LOCAL_GROUP.$(($LOCAL_M+1))"
-        netjail_node_link_bridge ${ROUTERS[$N]} ${ROUTER_NETS[$N]} $ROUTER_ADDR 24
-        ROUTER_LINKS[$N]=$RESULT
-        
-        netjail_node_add_nat ${ROUTERS[$N]} $ROUTER_ADDR 24
-        
-        for M in $(seq $LOCAL_M); do
-                netjail_node_add_default ${NODES[$N,$M]} $ROUTER_ADDR
-        done
-    # TODO Topology configuration must be enhanced to configure forwarding to more than one subnet node via different ports.
-    
-    if [ "1" == "${R_TCP[$N]}" ]
-    then
-        #ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N tcp dport 60002 counter dnat to $LOCAL_GROUP.1
-        #ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established  counter accept
-        ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p tcp -d $GLOBAL_GROUP.$N --dport 60002 -j DNAT --to $LOCAL_GROUP.1
-        ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1  -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-    fi
-    if [ "1" == "${R_UDP[$N]}" ]
-    then
-        #ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N udp dport $PORT counter dnat to $LOCAL_GROUP.1
-        #ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established  counter accept
-        ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p udp -d $GLOBAL_GROUP.$N --dport $PORT -j DNAT --to $LOCAL_GROUP.1
-        ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1  -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-    fi
-done
diff --git a/contrib/netjail/netjail_stop.sh b/contrib/netjail/netjail_stop.sh
deleted file mode 100755
index c8739dc94..000000000
--- a/contrib/netjail/netjail_stop.sh
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/bash
-. "$(dirname $0)/netjail_core.sh"
-. "$(dirname $0)/topo.sh"
-set -eu
-set -x
-export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-filename=$1
-PREFIX=$2
-readfile=$3
-if [ $readfile -eq 0 ]
-then
-    read_topology_string $filename
-else
-    read_topology $filename
-fi
-declare -A NODES
-declare -A NODE_LINKS
-netjail_bridge_name
-NETWORK_NET=$RESULT
-for X in $(seq $KNOWN); do
-    netjail_node_name
-        KNOWN_NODES[$X]=$RESULT
-    netjail_node_link_bridge_name
-    KNOWN_LINKS[$X]=$RESULT
-    netjail_node_unlink_bridge ${KNOWN_LINKS[$X]}
-        netjail_node_clear ${KNOWN_NODES[$X]}
-done
-for N in $(seq $GLOBAL_N); do
-    netjail_node_name
-        ROUTERS[$N]=$RESULT
-    netjail_node_link_bridge_name
-    NETWORK_LINKS[$N]=$RESULT
-    netjail_bridge_name
-    ROUTER_NETS[$N]=$RESULT
-    netjail_node_link_bridge_name
-    ROUTER_LINKS[$N]=$RESULT
-    netjail_node_unlink_bridge ${ROUTER_LINKS[$N]}
-    
-        for M in $(seq $LOCAL_M); do
-        netjail_node_name
-                NODES[$N,$M]=$RESULT
-        netjail_node_link_bridge_name
-        NODE_LINKS[$N,$M]=$RESULT
-                netjail_node_unlink_bridge ${NODE_LINKS[$N,$M]}
-                netjail_node_clear ${NODES[$N,$M]}
-        done
-        
-        netjail_bridge_clear ${ROUTER_NETS[$N]}
-        netjail_node_unlink_bridge ${NETWORK_LINKS[$N]}
-        netjail_node_clear ${ROUTERS[$N]}
-done
-netjail_bridge_clear $NETWORK_NET
-echo "Done"
diff --git a/contrib/netjail/topo.sh b/contrib/netjail/topo.sh
deleted file mode 100755
index d7586d425..000000000
--- a/contrib/netjail/topo.sh
+++ /dev/null
@@ -1,117 +0,0 @@
-#!/bin/bash
-declare -A K_PLUGIN
-declare -A R_TCP
-declare -A R_UDP
-declare -A P_PLUGIN
-extract_attributes()
-{
-    line_key=$1
-    line=$2
-    
-    if [ "$line_key" = "P" ]
-    then
-        n=$(echo $line|cut -d \| -f 1|awk -F: '{print $2}')
-        echo $n
-        m=$(echo $line|cut -d \| -f 1|awk -F: '{print $3}')
-        echo $m
-    else
-        number=$(echo $line|cut -d \| -f 1| cut -c 2-|cut -d : -f 2 )
-        echo $number
-    fi
-    nf=$(echo $line|awk -F: '{print NF}')
-    for ((i=2;i<=$nf;i++))
-    do
-        entry=$(echo $line |awk -v i=$i -F\| '{print $i}')
-        key=$(echo $entry|cut -d { -f 2|cut -d } -f 1|cut -d : -f 1)
-        value=$(echo $entry|cut -d { -f 2|cut -d } -f 1|cut -d : -f 2)
-        if [ "$key" = "tcp_port" ]
-        then
-            echo tcp port: $value
-            R_TCP[$number]=$value
-        elif [ "$key" = "udp_port" ]
-        then
-            echo udp port: $value
-            R_UDP[$number]=$value
-        elif [ "$key" = "plugin" ]
-        then
-            echo plugin: $value
-            echo $line_key
-            if [ "$line_key" = "P" ]
-            then
-                P_PLUGIN[$n,$m]=$value
-                echo $n $m ${P_PLUGIN[$n,$m]}
-            elif [ "$line_key" = "K" ]
-            then
-                K_PLUGIN[$number]=$value
-            fi
-        fi
-    done
-}
-parse_line(){
-    line=$1
-    echo $line
-    key=$(cut -c -1 <<< $line)
-    if [ "$key" = "M" ]
-    then
-        LOCAL_M=$(cut -d : -f 2 <<< $line)
-        echo $LOCAL_M
-    elif [ "$key" = "N" ]
-    then
-        GLOBAL_N=$(cut -d : -f 2 <<< $line)
-        echo $GLOBAL_N
-    for ((i=1;i<=$GLOBAL_N;i++))
-    do
-        R_TCP[$i]=0
-        R_UDP[$i]=0
-    done    
-    elif [ "$key" = "X" ]
-    then
-        KNOWN=$(cut -d : -f 2 <<< $line)
-        echo $KNOWN
-    elif [ "$key" = "T" ]
-    then
-        PLUGIN=$(cut -d : -f 2 <<< $line)
-        echo $PLUGIN
-    elif [ "$key" = "B" ]
-    then
-        BROADCAST=$(cut -d : -f 2 <<< $line)
-        echo $BROADCAST
-    elif [ "$key" = "K" ]
-    then
-        echo know node
-        extract_attributes $key $line
-    elif [ "$key" = "R" ]
-    then
-        echo router
-        extract_attributes $key $line
-    elif [ "$key" = "P" ]
-    then
-        echo node
-        extract_attributes $key $line
-    fi
-}
-read_topology_string(){
-    string=$1
-    IFS=' ' read -r -a array <<< $string
-    for element in "${array[@]}"
-    do
-        echo $element
-        parse_line $element
-    done
-}
-read_topology(){
-    local filename=$1
-    while read line; do
-        # reading each line
-        parse_line $line
-    done < $filename
-}

diff --git a/contrib/netjail/netjail_core.sh b/contrib/netjail/netjail_core.sh deleted file mode 100755 index da784fa5e..000000000 --- a/contrib/netjail/netjail_core.sh +++ /dev/null
@@ -1,263 +0,0 @@
1	#!/bin/sh
2	#
3
4
5	PREFIX=${PPID:?must run from a parent process}
6
7	# running with `sudo` is required to be
8	# able running the actual commands as the
9	# original user.
10
11	export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
12
13	export RESULT=
14	export NAMESPACE_NUM=0
15	export INTERFACE_NUM=0
16
17	netjail_next_namespace() {
18	local NUM=$NAMESPACE_NUM
19	NAMESPACE_NUM=$(($NAMESPACE_NUM + 1))
20	RESULT=$NUM
21	}
22
23	netjail_next_interface() {
24	local NUM=$INTERFACE_NUM
25	INTERFACE_NUM=$(($INTERFACE_NUM + 1))
26	RESULT=$NUM
27	}
28
29	netjail_opt() {
30	local OPT=$1
31	shift 1
32
33	INDEX=1
34
35	while [ $# -gt 0 ]; do
36	if [ "$1" = "$OPT" ]; then
37	RESULT=$INDEX
38	return
39	fi
40
41	INDEX=$(($INDEX + 1))
42	shift 1
43	done
44
45	RESULT=0
46	}
47
48	netjail_opts() {
49	local OPT=$1
50	local DEF=$2
51	shift 2
52
53	while [ $# -gt 0 ]; do
54	if [ "$1" = "$OPT" ]; then
55	printf "$2"
56	return
57	fi
58
59	shift 1
60	done
61
62	RESULT="$DEF"
63	}
64
65	netjail_check() {
66	local NODE_COUNT=$1
67	local FD_COUNT=$(($(ls /proc/self/fd \| wc -w) - 4))
68
69	# quit if `$FD_COUNT < ($LOCAL_M * $GLOBAL_N * 2)`:
70	# the script also requires `sudo -C ($FD_COUNT + 4)`
71	# so you need 'Defaults closefrom_override' in the
72	# sudoers file.
73
74	if [ $FD_COUNT -lt $(($NODE_COUNT * 2)) ]; then
75	echo "File descriptors do not match requirements!" >&2
76	exit 1
77	fi
78	}
79
80	netjail_check_bin() {
81	local PROGRAM=$1
82	local MATCH=$(ls $(echo $PATH \| tr ":" "\n") \| grep "^$PROGRAM\$" \| tr "\n" " " \| awk '{ print $1 }')
83
84	# quit if the required binary $PROGRAM can not be
85	# found in the used $PATH.
86
87	if [ "$MATCH" != "$PROGRAM" ]; then
88	echo "Required binary not found: $PROGRAM" >&2
89	exit 1
90	fi
91	}
92
93	netjail_bridge() {
94	netjail_next_interface
95	local NUM=$RESULT
96	local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
97
98	ip link add $BRIDGE type bridge
99	ip link set dev $BRIDGE up
100
101	RESULT=$BRIDGE
102	}
103
104	netjail_bridge_name() {
105	netjail_next_interface
106	local NUM=$RESULT
107	local BRIDGE=$(printf "%06x-%08x" $PREFIX $NUM)
108
109	RESULT=$BRIDGE
110	}
111
112	netjail_bridge_clear() {
113	local BRIDGE=$1
114
115	ip link delete $BRIDGE
116	}
117
118	netjail_node() {
119	netjail_next_namespace
120	local NUM=$RESULT
121	local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
122
123	ip netns add $NODE
124
125	RESULT=$NODE
126	}
127
128	netjail_node_name() {
129	netjail_next_namespace
130	local NUM=$RESULT
131	local NODE=$(printf "%06x-%08x" $PREFIX $NUM)
132
133	RESULT=$NODE
134	}
135
136	netjail_node_clear() {
137	local NODE=$1
138
139	ip netns delete $NODE
140	}
141
142	netjail_node_link_bridge() {
143	local NODE=$1
144	local BRIDGE=$2
145	local ADDRESS=$3
146	local MASK=$4
147
148	netjail_next_interface
149	local NUM_IF=$RESULT
150	netjail_next_interface
151	local NUM_BR=$RESULT
152
153	local LINK_IF=$(printf "%06x-%08x" $PREFIX $NUM_IF)
154	local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
155
156	ip link add $LINK_IF type veth peer name $LINK_BR
157	ip link set $LINK_IF netns $NODE
158	ip link set $LINK_BR master $BRIDGE
159
160	ip -n $NODE addr add "$ADDRESS/$MASK" broadcast + dev $LINK_IF
161	ip -n $NODE link set $LINK_IF up
162	ip -n $NODE link set up dev lo
163
164	ip link set $LINK_BR up
165
166	RESULT=$LINK_BR
167	}
168
169	netjail_node_link_bridge_name() {
170
171	netjail_next_interface
172	netjail_next_interface
173	local NUM_BR=$RESULT
174
175	local LINK_BR=$(printf "%06x-%08x" $PREFIX $NUM_BR)
176
177	RESULT=$LINK_BR
178	}
179
180	netjail_node_unlink_bridge() {
181	local LINK_BR=$1
182
183	ip link delete $LINK_BR
184	}
185
186	netjail_node_add_nat() {
187	local NODE=$1
188	local ADDRESS=$2
189	local MASK=$3
190
191	ip netns exec $NODE nft add table nat
192	ip netns exec $NODE nft add chain nat postrouting { type nat hook postrouting priority 0 \; }
193	ip netns exec $NODE nft add rule ip nat postrouting ip saddr "$ADDRESS/$MASK" counter masquerade
194	# ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE
195	}
196
197	netjail_node_add_default() {
198	local NODE=$1
199	local ADDRESS=$2
200
201	ip -n $NODE route add default via $ADDRESS
202	}
203
204	netjail_node_exec() {
205	JAILOR=${SUDO_USER:?must run in sudo}
206	local NODE=$1
207	local FD_IN=$2
208	local FD_OUT=$3
209	shift 3
210
211	ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN
212	}
213
214	netjail_node_exec_without_fds() {
215	JAILOR=${SUDO_USER:?must run in sudo}
216	NODE=$1
217	shift 1
218
219	ip netns exec $NODE sudo -u $JAILOR -- $@
220	}
221
222	netjail_node_exec_without_fds_and_sudo() {
223	NODE=$1
224	shift 1
225
226	ip netns exec $NODE $@
227	}
228
229	netjail_kill() {
230	local PID=$1
231	local MATCH=$(ps --pid $PID \| awk "{ if ( \$1 == $PID ) { print \$1 } }" \| wc -l)
232
233	if [ $MATCH -gt 0 ]; then
234	kill -n 19 $PID
235
236	for CHILD in $(ps -o pid,ppid -ax \| awk "{ if ( \$2 == $PID ) { print \$1 } }"); do
237	netjail_kill $CHILD
238	done
239
240	kill $PID
241	fi
242	}
243
244	netjail_killall() {
245	if [ $# -gt 0 ]; then
246	local PIDS=$1
247
248	for PID in $PIDS; do
249	netjail_kill $PID
250	done
251	fi
252	}
253
254	netjail_waitall() {
255	if [ $# -gt 0 ]; then
256	local PIDS=$1
257
258	for PID in $PIDS; do
259	wait $PID
260	done
261	fi
262	}
263


diff --git a/contrib/netjail/netjail_exec.sh b/contrib/netjail/netjail_exec.sh deleted file mode 100755 index fa68d90d4..000000000 --- a/contrib/netjail/netjail_exec.sh +++ /dev/null
@@ -1,15 +0,0 @@
1	#!/bin/sh
2	. "$(dirname $0)/netjail_core.sh"
3
4	set -eu
5	set -x
6
7	export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
8
9	M=$1
10	N=$2
11
12	NODE=$6
13
14	#netjail_node_exec_without_fds_and_sudo $NODE valgrind --leak-check=full --track-origins=yes --trace-children=yes $3 $4 $5 $1 $2 $7 $8
15	netjail_node_exec_without_fds_and_sudo $NODE $3 $4 $5 $1 $2 $7 $8


diff --git a/contrib/netjail/netjail_start.sh b/contrib/netjail/netjail_start.sh deleted file mode 100755 index e2d5fd634..000000000 --- a/contrib/netjail/netjail_start.sh +++ /dev/null
@@ -1,92 +0,0 @@
1	#!/bin/bash
2	. "$(dirname $0)/netjail_core.sh"
3	. "$(dirname $0)/topo.sh"
4
5	set -eu
6	set -x
7
8	export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
9
10	filename=$1
11	PREFIX=$2
12	readfile=$3
13
14	BROADCAST=0
15
16	if [ $readfile -eq 0 ]
17	then
18	read_topology_string "$filename"
19	else
20	echo read file
21	read_topology $filename
22	fi
23
24	shift 2
25
26	LOCAL_GROUP="192.168.15"
27	GLOBAL_GROUP="92.68.150"
28	KNOWN_GROUP="92.68.151"
29
30	if [ $BROADCAST -eq 0 ]; then
31	PORT="60002"
32	else
33	PORT="2086"
34	fi
35
36	echo "Start [local: $LOCAL_GROUP.0/24, global: $GLOBAL_GROUP.0/16]"
37
38	netjail_bridge
39	NETWORK_NET=$RESULT
40
41	for X in $(seq $KNOWN); do
42	netjail_node
43	KNOWN_NODES[$X]=$RESULT
44	netjail_node_link_bridge ${KNOWN_NODES[$X]} $NETWORK_NET "$KNOWN_GROUP.$X" 16
45	KNOWN_LINKS[$X]=$RESULT
46	done
47
48	declare -A NODES
49	declare -A NODE_LINKS
50
51	for N in $(seq $GLOBAL_N); do
52	netjail_node
53	ROUTERS[$N]=$RESULT
54	netjail_node_link_bridge ${ROUTERS[$N]} $NETWORK_NET "$GLOBAL_GROUP.$N" 16
55	NETWORK_LINKS[$N]=$RESULT
56	netjail_bridge
57	ROUTER_NETS[$N]=$RESULT
58
59	for M in $(seq $LOCAL_M); do
60	netjail_node
61	NODES[$N,$M]=$RESULT
62	netjail_node_link_bridge ${NODES[$N,$M]} ${ROUTER_NETS[$N]} "$LOCAL_GROUP.$M" 24
63	NODE_LINKS[$N,$M]=$RESULT
64	done
65
66	ROUTER_ADDR="$LOCAL_GROUP.$(($LOCAL_M+1))"
67	netjail_node_link_bridge ${ROUTERS[$N]} ${ROUTER_NETS[$N]} $ROUTER_ADDR 24
68	ROUTER_LINKS[$N]=$RESULT
69
70	netjail_node_add_nat ${ROUTERS[$N]} $ROUTER_ADDR 24
71
72	for M in $(seq $LOCAL_M); do
73	netjail_node_add_default ${NODES[$N,$M]} $ROUTER_ADDR
74	done
75
76	# TODO Topology configuration must be enhanced to configure forwarding to more than one subnet node via different ports.
77
78	if [ "1" == "${R_TCP[$N]}" ]
79	then
80	#ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N tcp dport 60002 counter dnat to $LOCAL_GROUP.1
81	#ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established counter accept
82	ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p tcp -d $GLOBAL_GROUP.$N --dport 60002 -j DNAT --to $LOCAL_GROUP.1
83	ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
84	fi
85	if [ "1" == "${R_UDP[$N]}" ]
86	then
87	#ip netns exec ${ROUTERS[$N]} nft add rule ip nat prerouting ip daddr $GLOBAL_GROUP.$N udp dport $PORT counter dnat to $LOCAL_GROUP.1
88	#ip netns exec ${ROUTERS[$N]} nft add rule ip filter FORWARD ip daddr $LOCAL_GROUP.1 ct state new,related,established counter accept
89	ip netns exec ${ROUTERS[$N]} iptables -t nat -A PREROUTING -p udp -d $GLOBAL_GROUP.$N --dport $PORT -j DNAT --to $LOCAL_GROUP.1
90	ip netns exec ${ROUTERS[$N]} iptables -A FORWARD -d $LOCAL_GROUP.1 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
91	fi
92	done


diff --git a/contrib/netjail/netjail_stop.sh b/contrib/netjail/netjail_stop.sh deleted file mode 100755 index c8739dc94..000000000 --- a/contrib/netjail/netjail_stop.sh +++ /dev/null
@@ -1,65 +0,0 @@
1	#!/bin/bash
2	. "$(dirname $0)/netjail_core.sh"
3	. "$(dirname $0)/topo.sh"
4
5	set -eu
6	set -x
7
8	export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
9
10	filename=$1
11	PREFIX=$2
12	readfile=$3
13
14	if [ $readfile -eq 0 ]
15	then
16	read_topology_string $filename
17	else
18	read_topology $filename
19	fi
20
21	declare -A NODES
22	declare -A NODE_LINKS
23
24	netjail_bridge_name
25	NETWORK_NET=$RESULT
26
27	for X in $(seq $KNOWN); do
28	netjail_node_name
29	KNOWN_NODES[$X]=$RESULT
30	netjail_node_link_bridge_name
31	KNOWN_LINKS[$X]=$RESULT
32	netjail_node_unlink_bridge ${KNOWN_LINKS[$X]}
33	netjail_node_clear ${KNOWN_NODES[$X]}
34	done
35
36	for N in $(seq $GLOBAL_N); do
37	netjail_node_name
38	ROUTERS[$N]=$RESULT
39	netjail_node_link_bridge_name
40	NETWORK_LINKS[$N]=$RESULT
41	netjail_bridge_name
42	ROUTER_NETS[$N]=$RESULT
43	netjail_node_link_bridge_name
44	ROUTER_LINKS[$N]=$RESULT
45
46	netjail_node_unlink_bridge ${ROUTER_LINKS[$N]}
47
48	for M in $(seq $LOCAL_M); do
49	netjail_node_name
50	NODES[$N,$M]=$RESULT
51	netjail_node_link_bridge_name
52	NODE_LINKS[$N,$M]=$RESULT
53	netjail_node_unlink_bridge ${NODE_LINKS[$N,$M]}
54	netjail_node_clear ${NODES[$N,$M]}
55	done
56
57
58	netjail_bridge_clear ${ROUTER_NETS[$N]}
59	netjail_node_unlink_bridge ${NETWORK_LINKS[$N]}
60	netjail_node_clear ${ROUTERS[$N]}
61	done
62
63	netjail_bridge_clear $NETWORK_NET
64
65	echo "Done"


diff --git a/contrib/netjail/topo.sh b/contrib/netjail/topo.sh deleted file mode 100755 index d7586d425..000000000 --- a/contrib/netjail/topo.sh +++ /dev/null
@@ -1,117 +0,0 @@
1	#!/bin/bash
2
3	declare -A K_PLUGIN
4	declare -A R_TCP
5	declare -A R_UDP
6	declare -A P_PLUGIN
7
8	extract_attributes()
9	{
10	line_key=$1
11	line=$2
12
13	if [ "$line_key" = "P" ]
14	then
15	n=$(echo $line\|cut -d \\| -f 1\|awk -F: '{print $2}')
16	echo $n
17	m=$(echo $line\|cut -d \\| -f 1\|awk -F: '{print $3}')
18	echo $m
19	else
20	number=$(echo $line\|cut -d \\| -f 1\| cut -c 2-\|cut -d : -f 2 )
21	echo $number
22	fi
23
24	nf=$(echo $line\|awk -F: '{print NF}')
25	for ((i=2;i<=$nf;i++))
26	do
27	entry=$(echo $line \|awk -v i=$i -F\\| '{print $i}')
28	key=$(echo $entry\|cut -d { -f 2\|cut -d } -f 1\|cut -d : -f 1)
29	value=$(echo $entry\|cut -d { -f 2\|cut -d } -f 1\|cut -d : -f 2)
30	if [ "$key" = "tcp_port" ]
31	then
32	echo tcp port: $value
33	R_TCP[$number]=$value
34	elif [ "$key" = "udp_port" ]
35	then
36	echo udp port: $value
37	R_UDP[$number]=$value
38	elif [ "$key" = "plugin" ]
39	then
40	echo plugin: $value
41	echo $line_key
42	if [ "$line_key" = "P" ]
43	then
44	P_PLUGIN[$n,$m]=$value
45	echo $n $m ${P_PLUGIN[$n,$m]}
46	elif [ "$line_key" = "K" ]
47	then
48	K_PLUGIN[$number]=$value
49	fi
50	fi
51	done
52	}
53
54	parse_line(){
55	line=$1
56	echo $line
57	key=$(cut -c -1 <<< $line)
58	if [ "$key" = "M" ]
59	then
60	LOCAL_M=$(cut -d : -f 2 <<< $line)
61	echo $LOCAL_M
62	elif [ "$key" = "N" ]
63	then
64	GLOBAL_N=$(cut -d : -f 2 <<< $line)
65	echo $GLOBAL_N
66	for ((i=1;i<=$GLOBAL_N;i++))
67	do
68	R_TCP[$i]=0
69	R_UDP[$i]=0
70	done
71	elif [ "$key" = "X" ]
72	then
73	KNOWN=$(cut -d : -f 2 <<< $line)
74	echo $KNOWN
75	elif [ "$key" = "T" ]
76	then
77	PLUGIN=$(cut -d : -f 2 <<< $line)
78	echo $PLUGIN
79	elif [ "$key" = "B" ]
80	then
81	BROADCAST=$(cut -d : -f 2 <<< $line)
82	echo $BROADCAST
83	elif [ "$key" = "K" ]
84	then
85	echo know node
86	extract_attributes $key $line
87	elif [ "$key" = "R" ]
88	then
89	echo router
90	extract_attributes $key $line
91	elif [ "$key" = "P" ]
92	then
93	echo node
94	extract_attributes $key $line
95	fi
96	}
97
98	read_topology_string(){
99	string=$1
100	IFS=' ' read -r -a array <<< $string
101	for element in "${array[@]}"
102	do
103	echo $element
104	parse_line $element
105	done
106	}
107
108	read_topology(){
109	local filename=$1
110	while read line; do
111	# reading each line
112	parse_line $line
113	done < $filename
114	}
115
116
117