]> git.proxmox.com Git - pve-firewall.git/commitdiff
projects / pve-firewall.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e51bd2a)
add ifupdown helper to create veth devices plugged into bridges
authorDietmar Maurer <dietmar@proxmox.com>
Thu, 6 Mar 2014 12:15:07 +0000 (13:15 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Thu, 6 Mar 2014 12:32:00 +0000 (13:32 +0100)
README patch | blob | blame | history
debian/ifupdown.sh [new file with mode: 0755] patch | blob
debian/install [new file with mode: 0644] patch | blob
debian/links [new file with mode: 0644] patch | blob

diff --git a/README b/README
index ae0d7ba0ee96b54d532fe62b126dbacb7a936ce4..2f0840dc90656f3a256e9e62d89b0b004ebb59e5 100644 (file)
--- a/README
+++ b/README
@@ -93,23 +93,21 @@ use a veth device which is plugged into the bridge:
 
 ...
 
 
 ...
 
-auto pvemgmt0
-iface pvemgmt0 inet static
-       address  192.168.10.10
-       netmask  255.255.255.0
-       gateway  192.168.10.1
-       pre-up ip link add name pvemgmt0 type veth peer name pvemgmt0peer
-       pre-up ip link set pvemgmt0peer up
-       pre-down ip link set pvemgmt0peer down
-       post-down ip link del pvemgmt0
-
 auto vmbr0
 iface vmbr0 inet manual
 auto vmbr0
 iface vmbr0 inet manual
-       bridge_ports pvemgmt0peer eth0
+       bridge_ports bond0
        bridge_stp off
        bridge_fd 0
        bridge_stp off
        bridge_fd 0
-       pre-up ifup pvemgmt0
+
+# this create the veth device and plug it into vmbr0
+auto pm0
+iface pm0 inet static
+       address  192.168.10.10
+       netmask  255.255.255.0
+       gateway  192.168.10.1
+       VETH_BRIDGETO vmbr0
 
 ...
 
 --------------------------------
 
 ...
 
 --------------------------------
+
diff --git a/debian/ifupdown.sh b/debian/ifupdown.sh
new file mode 100755 (executable)
index 0000000..e41efda
--- /dev/null
+++ b/debian/ifupdown.sh
@@ -0,0 +1,25 @@
+#!/bin/sh
+
+# create a VETH device and plug it into bridge ${IF_VETH_BRIDGETO}
+
+if [ -z "${IF_VETH_BRIDGETO}" ]; then
+    exit 0
+fi
+
+if [ ! -x /sbin/brctl ]
+then
+    exit 0
+fi
+
+if [ "${MODE}" = "start" ]; then
+    ifconfig "${IF_VETH_BRIDGETO}" up
+    ip link add name "${IFACE}" type veth peer name "${IFACE}peer"
+    ip link set "${IFACE}peer" up
+    brctl addif "${IF_VETH_BRIDGETO}" "${IFACE}peer"
+elif [ "${MODE}" = "stop" ]; then
+    brctl delif "${IF_VETH_BRIDGETO}" "${IFACE}peer"
+    ip link set "${IFACE}peer" down
+    ip link del "${IFACE}"
+fi
+
+exit 0
diff --git a/debian/install b/debian/install
new file mode 100644 (file)
index 0000000..2ab287d
--- /dev/null
+++ b/debian/install
@@ -0,0 +1 @@
+debian/ifupdown.sh usr/share/pve-firewall/scripts
\ No newline at end of file
diff --git a/debian/links b/debian/links
new file mode 100644 (file)
index 0000000..4a1cf60
--- /dev/null
+++ b/debian/links
@@ -0,0 +1,2 @@
+usr/share/pve-firewall/scripts/ifupdown.sh etc/network/if-pre-up.d/pve-firewall
+usr/share/pve-firewall/scripts/ifupdown.sh etc/network/if-post-down.d/pve-firewall
Firewall test scripts