use PVE::Tools qw(file_set_contents run_command lock_file);
use File::Copy;
+use Net::DBus;
+
+use PVE::RESTEnvironment qw(log_warn);
my $DNSMASQ_CONFIG_ROOT = '/etc/dnsmasq.d';
my $DNSMASQ_DEFAULT_ROOT = '/etc/default';
return 'dnsmasq';
}
-sub del_ip_mapping {
- my ($class, $dhcpid, $mac) = @_;
-
- my $ethers_file = "$DNSMASQ_CONFIG_ROOT/$dhcpid/ethers";
- my $ethers_tmp_file = "$ethers_file.tmp";
-
- my $removeFn = sub {
- open(my $in, '<', $ethers_file) or die "Could not open file '$ethers_file' $!\n";
- open(my $out, '>', $ethers_tmp_file) or die "Could not open file '$ethers_tmp_file' $!\n";
-
- while (my $line = <$in>) {
- next if $line =~ m/^$mac/;
- print $out $line;
- }
-
- close $in;
- close $out;
-
- move $ethers_tmp_file, $ethers_file;
-
- chmod 0644, $ethers_file;
- };
+my sub assert_dnsmasq_installed {
+ my ($noerr) = @_;
- PVE::Tools::lock_file($ethers_file, 10, $removeFn);
-
- if ($@) {
- warn "Unable to remove $mac from the dnsmasq configuration: $@\n";
- return;
+ my $bin_path = "/usr/sbin/dnsmasq";
+ if (!-e $bin_path) {
+ return if $noerr; # just ignore, e.g., in case zone doesn't use DHCP at all
+ log_warn("please install the 'dnsmasq' package in order to use the DHCP feature!");
+ die "cannot reload with missing 'dnsmasq' package\n";
}
-
- my $service_name = "dnsmasq\@$dhcpid";
- PVE::Tools::run_command(['systemctl', 'reload', $service_name]);
+ return 1;
}
sub add_ip_mapping {
my $ethers_file = "$DNSMASQ_CONFIG_ROOT/$dhcpid/ethers";
my $ethers_tmp_file = "$ethers_file.tmp";
- my $change = undef;
- my $match4 = undef;
- my $match6 = undef;
+ my $reload = undef;
my $appendFn = sub {
open(my $in, '<', $ethers_file) or die "Could not open file '$ethers_file' $!\n";
open(my $out, '>', $ethers_tmp_file) or die "Could not open file '$ethers_tmp_file' $!\n";
- while (my $line = <$in>) {
+ my $match = undef;
+
+ while (my $line = <$in>) {
chomp($line);
- my ($parsed_mac, $parsed_ip) = split(/,/, $line);
- #delete removed mac
- if (!defined($macdb->{macs}->{$parsed_mac})) {
- $change = 1;
- next;
+ my $parsed_ip4 = undef;
+ my $parsed_ip6 = undef;
+ my ($parsed_mac, $parsed_ip1, $parsed_ip2) = split(/,/, $line);
+
+ if ($parsed_ip2) {
+ $parsed_ip4 = $parsed_ip1;
+ $parsed_ip6 = $parsed_ip2;
+ } elsif (Net::IP::ip_is_ipv4($parsed_ip1)) {
+ $parsed_ip4 = $parsed_ip1;
+ } else {
+ $parsed_ip6 = $parsed_ip1;
+ }
+ $parsed_ip6 = $1 if $parsed_ip6 && $parsed_ip6 =~ m/\[(\S+)\]/;
+
+ #delete changed
+ if (!defined($macdb->{macs}->{$parsed_mac}) ||
+ ($parsed_ip4 && $macdb->{macs}->{$parsed_mac}->{'ip4'} && $macdb->{macs}->{$parsed_mac}->{'ip4'} ne $parsed_ip4) ||
+ ($parsed_ip6 && $macdb->{macs}->{$parsed_mac}->{'ip6'} && $macdb->{macs}->{$parsed_mac}->{'ip6'} ne $parsed_ip6)) {
+ $reload = 1;
+ next;
}
- #delete changed ip
- my $ipversion = Net::IP::ip_is_ipv4($parsed_ip) ? "ip4" : "ip6";
- if ($macdb->{macs}->{$parsed_mac}->{$ipversion} && $macdb->{macs}->{$parsed_mac}->{$ipversion} ne $parsed_ip) {
- $change = 1;
- next;
+ if ($parsed_mac eq $mac) {
+ $match = 1 if $ip4 && $parsed_ip4 && $ip4;
+ $match = 1 if $ip6 && $parsed_ip6 && $ip6;
}
- print $out "$parsed_mac,$parsed_ip\n";
- #check if mac/ip already exist
- $match4 = 1 if $parsed_mac eq $mac && $macdb->{macs}->{$mac}->{'ip4'} && $macdb->{macs}->{$mac}->{'ip4'} eq $ip4;
- $match6 = 1 if $parsed_mac eq $mac && $macdb->{macs}->{$mac}->{'ip6'} && $macdb->{macs}->{$mac}->{'ip6'} eq $ip6;
- }
- if(!$match4 && $ip4) {
- print $out "$mac,$ip4\n";
- $change = 1;
+ print $out "$line\n";
}
- if(!$match6 && $ip6) {
- print $out "$mac,$ip6\n";
- $change = 1;
+ if(!$match) {
+ my $reservation = $mac;
+ $reservation .= ",$ip4" if $ip4;
+ $reservation .= ",[$ip6]" if $ip6;
+ print $out "$reservation\n";
+ $reload = 1;
}
+
close $in;
close $out;
move $ethers_tmp_file, $ethers_file;
}
my $service_name = "dnsmasq\@$dhcpid";
- PVE::Tools::run_command(['systemctl', 'reload', $service_name]) if $change;
+ PVE::Tools::run_command(['systemctl', 'reload', $service_name]) if $reload;
+
+ #update lease as ip could still be associated to an old removed mac
+ my $bus = Net::DBus->system();
+ my $dnsmasq = $bus->get_service("uk.org.thekelleys.dnsmasq.$dhcpid");
+ my $manager = $dnsmasq->get_object("/uk/org/thekelleys/dnsmasq","uk.org.thekelleys.dnsmasq.$dhcpid");
+
+ my @hostname = unpack("C*", "*");
+ $manager->AddDhcpLease($ip4, $mac, \@hostname, undef, 0, 0, 0) if $ip4;
+# $manager->AddDhcpLease($ip6, $mac, \@hostname, undef, 0, 0, 0) if $ip6;
+
}
sub configure_subnet {
- my ($class, $dhcpid, $subnet_config) = @_;
+ my ($class, $config, $dhcpid, $vnetid, $subnet_config) = @_;
die "No gateway defined for subnet $subnet_config->{id}"
if !$subnet_config->{gateway};
my $tag = $subnet_config->{id};
- my @dnsmasq_config = (
- "listen-address=$subnet_config->{gateway}",
- );
-
my $option_string;
if (ip_is_ipv6($subnet_config->{network})) {
$option_string = 'option6';
- push @dnsmasq_config, "enable-ra";
} else {
$option_string = 'option';
- push @dnsmasq_config, "dhcp-option=tag:$tag,$option_string:router,$subnet_config->{gateway}";
+ push @{$config}, "dhcp-option=tag:$tag,$option_string:router,$subnet_config->{gateway}";
}
- push @dnsmasq_config, "dhcp-option=tag:$tag,$option_string:dns-server,$subnet_config->{'dhcp-dns-server'}"
+ push @{$config}, "dhcp-option=tag:$tag,$option_string:dns-server,$subnet_config->{'dhcp-dns-server'}"
if $subnet_config->{'dhcp-dns-server'};
- PVE::Tools::file_set_contents(
- "$DNSMASQ_CONFIG_ROOT/$dhcpid/10-$subnet_config->{id}.conf",
- join("\n", @dnsmasq_config) . "\n"
- );
}
sub configure_range {
- my ($class, $dhcpid, $subnet_config, $range_config) = @_;
+ my ($class, $config, $dhcpid, $vnetid, $subnet_config, $range_config) = @_;
- my $range_file = "$DNSMASQ_CONFIG_ROOT/$dhcpid/10-$subnet_config->{id}.ranges.conf",
my $tag = $subnet_config->{id};
- open(my $fh, '>>', $range_file) or die "Could not open file '$range_file' $!\n";
- print $fh "dhcp-range=set:$tag,$range_config->{'start-address'},$range_config->{'end-address'}\n";
- close $fh;
+ my ($zone, $network, $mask) = split(/-/, $tag);
+
+ if (Net::IP::ip_is_ipv4($network)) {
+ $mask = (2 ** $mask - 1) << (32 - $mask);
+ $mask = join( '.', unpack( "C4", pack( "N", $mask ) ) );
+ }
+
+ push @{$config}, "dhcp-range=set:$tag,$network,static,$mask,infinite";
+}
+
+sub configure_vnet {
+ my ($class, $config, $dhcpid, $vnetid, $vnet_config) = @_;
+
+ return if @{$config} < 1;
+
+ push @{$config}, "interface=$vnetid";
+
+ PVE::Tools::file_set_contents(
+ "$DNSMASQ_CONFIG_ROOT/$dhcpid/10-$vnetid.conf",
+ join("\n", @{$config}) . "\n"
+ );
}
sub before_configure {
my ($class, $dhcpid) = @_;
+ my $dbus_config = <<DBUSCFG;
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+<busconfig>
+ <policy user="root">
+ <allow own="uk.org.thekelleys.dnsmasq.$dhcpid"/>
+ <allow send_destination="uk.org.thekelleys.dnsmasq.$dhcpid"/>
+ </policy>
+ <policy user="dnsmasq">
+ <allow own="uk.org.thekelleys.dnsmasq.$dhcpid"/>
+ <allow send_destination="uk.org.thekelleys.dnsmasq.$dhcpid"/>
+ </policy>
+ <policy context="default">
+ <deny own="uk.org.thekelleys.dnsmasq.$dhcpid"/>
+ <deny send_destination="uk.org.thekelleys.dnsmasq.$dhcpid"/>
+ </policy>
+</busconfig>
+DBUSCFG
+
+ PVE::Tools::file_set_contents(
+ "/etc/dbus-1/system.d/dnsmasq.$dhcpid.conf",
+ $dbus_config
+ );
+
my $config_directory = "$DNSMASQ_CONFIG_ROOT/$dhcpid";
- mkdir($config_directory, 755) if !-d $config_directory;
+ mkdir($config_directory, 0755) if !-d $config_directory;
my $default_config = <<CFG;
CONFIG_DIR='$config_directory,\*.conf'
-DNSMASQ_OPTS="--conf-file=/dev/null"
+DNSMASQ_OPTS="--conf-file=/dev/null --enable-dbus=uk.org.thekelleys.dnsmasq.$dhcpid"
CFG
PVE::Tools::file_set_contents(
my $default_dnsmasq_config = <<CFG;
except-interface=lo
+enable-ra
+quiet-ra
bind-dynamic
-no-resolv
no-hosts
dhcp-leasefile=$DNSMASQ_LEASE_ROOT/dnsmasq.$dhcpid.leases
dhcp-hostsfile=$config_directory/ethers
$default_dnsmasq_config
);
- unlink glob "$config_directory/10-*.conf";
+ my @config_files = ();
+ PVE::Tools::dir_glob_foreach($config_directory, '10-.*\.conf', sub {
+ my ($file) = @_;
+ push @config_files, "$config_directory/$file";
+ });
+
+ unlink @config_files;
}
sub after_configure {
- my ($class, $dhcpid) = @_;
+ my ($class, $dhcpid, $noerr) = @_;
+
+ return if !assert_dnsmasq_installed($noerr);
my $service_name = "dnsmasq\@$dhcpid";
+ PVE::Tools::run_command(['systemctl', 'reload', 'dbus']);
PVE::Tools::run_command(['systemctl', 'enable', $service_name]);
PVE::Tools::run_command(['systemctl', 'restart', $service_name]);
}
sub before_regenerate {
- my ($class) = @_;
+ my ($class, $noerr) = @_;
+
+ return if !assert_dnsmasq_installed($noerr);
PVE::Tools::run_command(['systemctl', 'stop', "dnsmasq@*"]);
PVE::Tools::run_command(['systemctl', 'disable', 'dnsmasq@']);
projects / pve-network.git / blobdiff