From 5ef27f558a3d8ea3ef2f1f76e9d9614f58fb01db Mon Sep 17 00:00:00 2001 From: Jed Reynolds Date: Tue, 2 Jul 2019 13:15:55 -0700 Subject: [PATCH 1/7] adds scp of config files to station --- setup-concentrator.sh | 29 +++++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/setup-concentrator.sh b/setup-concentrator.sh index 78a0e741..39d8d927 100755 --- a/setup-concentrator.sh +++ b/setup-concentrator.sh @@ -162,7 +162,8 @@ EOF function create_station_peer() { if [ -f "$SWANC/peers-available/${1}.conf-remote" ]; then echo "Peer $1 remote config already exists." - return; + echo "Remove $SWANC/peers-available/${1}.conf-remote to continue." + exit 1; fi cat > "$SWANC/peers-available/${1}.conf-remote" < $SWANC/remote-${1}-secrets.conf - echo "created $SWANC/remote-${1}-secrets.conf" + done > $SWANC/${1}-secrets.conf-remote + echo "created $SWANC/${1}-secrets.conf-remote" } function get_vrf_for_if() { @@ -284,12 +284,18 @@ function activate_all() { done } +function copy_config() { + local vrf=`get_vrf_for_if $WAN_IF` + ip vrf exec $vrf scp $WAN_IP:$SWANC/${1}-secrets.conf-remote $SWANC/${1}-secrets.conf + ip vrf exec $vrf scp $WAN_IP:$SWANC/peers-available/${1}.conf-remote $SWANC/peers-available/${1}.conf +} + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # M A I N # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -while getopts "a:c:d:p:v:behi" arg; do +while getopts "a:c:d:f:p:v:behi" arg; do case $arg in a) check_arg $OPTARG @@ -297,7 +303,7 @@ while getopts "a:c:d:p:v:behi" arg; do activate_peer $OPTARG ;; b) - enable_ipsec_if $WLAN_IF + enable_ipsec_if $WAN_IF ;; c) check_arg $OPTARG @@ -315,16 +321,22 @@ while getopts "a:c:d:p:v:behi" arg; do e) activate_all ;; - + f) + check_arg $OPTARG + copy_config $OPTARG + ;; h) cat < Date: Fri, 6 Sep 2019 13:42:38 -0700 Subject: [PATCH 2/7] analyzes lag of csv entries --- hires_cxreport.pl | 130 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100755 hires_cxreport.pl diff --git a/hires_cxreport.pl b/hires_cxreport.pl new file mode 100755 index 00000000..19112aec --- /dev/null +++ b/hires_cxreport.pl @@ -0,0 +1,130 @@ +#!/usr/bin/perl +package main; +if (defined $ENV{DEBUG}) { + use strict; + use warnings; + use diagnostics; + use Carp; + use Data::Dumper; +} +use Time::HiRes qw(usleep ualarm gettimeofday stat lstat utime); +#use Time::Format qw/%time/; +if ( -f "./LANforge/Utils.pm" ) { + use lib '.'; +} +elsif ( -f "/home/lanforge/scripts/LANforge/Utils.pm" ) { + use lib "/home/lanforge/scripts/LANforge"; +} +use LANforge::Utils; +use Net::Telnet (); +use Getopt::Long; +our $quiet = 1; + +my $report_filename = "/tmp/hires_report.txt"; +my $duration_sec = 60; +my $cx = "rdtest"; + + +our $lfmgr_host = 'localhost'; +our $lfmgr_port = 4001; +$| = 1; +my $t = new Net::Telnet(Prompt => '/default\@btbits\>\>/', + Timeout => 60); + +$t->open(Host => $::lfmgr_host, + Port => $::lfmgr_port, + Timeout => 10); + +$t->max_buffer_length(16 * 1024 * 1000); # 16 MB buffer +$t->waitfor("/btbits\>\>/"); + +# Configure our utils. +our $utils = new LANforge::Utils(); +$::utils->telnet($t); # Set our telnet object. +if ($::utils->isQuiet()) { + if (defined $ENV{'LOG_CLI'} && $ENV{'LOG_CLI'} ne "") { + $::utils->cli_send_silent(0); + } + else { + $::utils->cli_send_silent(1); # Do not show input to telnet + } + $::utils->cli_rcv_silent(1); # Repress output from telnet +} +else { + $::utils->cli_send_silent(0); # Show input to telnet + $::utils->cli_rcv_silent(0); # Show output from telnet +} +#$::utils->log_cli("# $0 ".`date "+%Y-%m-%d %H:%M:%S"`); + +$SIG{'INT'} = sub { + $::utils->doCmd("set_cx_state all $cx STOPPED"); + exit 0; +}; + +# start rdtest +my %times = (); +$times{gettimeofday().'_before_set_cx_state'} = gettimeofday() ." before_start_cx 0 0"; +$::utils->doCmd("set_cx_report_timer all $cx 250"); +$::utils->doCmd("set_cx_state all $cx RUNNING"); +$times{gettimeofday().'_after_set_cx_state'} = gettimeofday() ." after_start_cx 0 0"; + +my $timelimit = $duration_sec + time(); + +my $show_cx_str = ''; +my $lastline = ''; +my $lasttime = 0; +my @hunks = (); +my $delta = 0; +my $tod = gettimeofday(); +my $last_a = 0; +my $last_b = 0; +my $step_a = 0; +my $step_b = 0; +while ($tod < $timelimit) { +# the command below does not indicate last reported timestamp, skip it +# $show_cx_str = $::utils->doAsyncCmd("show_cxe all $cx"); +# $times{gettimeofday()."_show_cxe"} = $show_cx_str; + $tod = gettimeofday(); + $lastline=`tail -1 /home/lanforge/lf_reports/${cx}-A*`; + @hunks = split(',', $lastline); + $hunks[0] = $hunks[0]/1000 if ($hunks[0] > 0); + $last_a = $hunks[0] if ($last_a == 0); + if ($hunks[0] gt $last_a){ + print "\nnew report A entry!\n"; + $step_a = $hunks[0] - $last_a; + $last_a = $hunks[0]; + $delta = $tod - $hunks[0]; + $times{"${tod}_tail_csv-A"} = "$hunks[0] $hunks[1] $step_a $delta"; + } + $lastline=`tail -1 /home/lanforge/lf_reports/${cx}-B*`; + @hunks = split(',', $lastline); + $hunks[0] = $hunks[0]/1000 if ($hunks[0] > 0); + $last_b = $hunks[0] if ($last_b == 0); + if ($hunks[0] gt $last_b) { + print "\nnew report B entry!\n"; + $step_b = $hunks[0] - $last_b; + $last_b = $hunks[0]; + $delta = $tod - $hunks[0]; + $times{"${tod}_tail_csv-B"} = "$hunks[0] $hunks[1] $step_b $delta"; + } + usleep(125); + if (time() gt $lasttime) { + print "\r".($timelimit - time())." sec remaining "; + $lasttime = time(); + } +} #~while +$::utils->doCmd("set_cx_state all $cx STOPPED"); +print "...collected.\n"; +die unless open(my $fh, ">", $report_filename); +#print $fh "TimeKeyInput csv_record_tstampsecs endpoint sec_since_last_report seconds_lag_since_last_report\n"; +print $fh "clock csv_tstamp_secs endpoint sec_btwn_reports tstamp_lag_sec\n"; +foreach $key (sort {$a cmp $b} (keys %times)) { + my ($clock) = $key =~ m/^([^_]+)/; + @hunks = split(' ', $times{$key}); + print$fh sprintf "%14.3f %15.3f %18s %20.3f %15.3f\n", 0.0+$clock, $hunks[0], $hunks[1], $hunks[2], $hunks[3]; +} +close $fh; +print "View the report at $report_filename\n"; + + +#eof From 431a0b4d58f314e07424046d7a8efd49d17ef881 Mon Sep 17 00:00:00 2001 From: Jed Reynolds Date: Fri, 6 Sep 2019 13:43:45 -0700 Subject: [PATCH 3/7] vpn setup scripts, two versions --- setup-concentrator2.sh | 466 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 466 insertions(+) create mode 100755 setup-concentrator2.sh diff --git a/setup-concentrator2.sh b/setup-concentrator2.sh new file mode 100755 index 00000000..c13a75e5 --- /dev/null +++ b/setup-concentrator2.sh @@ -0,0 +1,466 @@ +#!/bin/bash +set -x +set -e +[ -f /root/strongswan-config ] && . /root/strongswan-config ||: +ETC=${ETC:=/etc/strongswan} +SWAND="$ETC/strongswan.d" +IPSECD="$ETC/ipsec.d" +SWANC="$ETC/swanctl" +NOWSEC=`date +%s` +SWAN_LIBX=${SWAN_LIBX:=/usr/libexec/strongswan} +[ -d $SWAN_LIBX ] || { + echo "SWAN_LIBX $SWAN_LIBX not found. Plese set SWAN_LIBX in /root/strongswan-config" + exit 1 +} +export LD_LIBRARY_PATH="$SWAN_LIBX:$LD_LIBRARY_PATH" +WAN_IF=${WAN_IF:=eth1} +WAN_IP=${WAN_IP:=10.1.99.1} +WAN_CONCENTRATOR_IP=${WAN_CONCENTRATOR_IP:=10.1.99.1} +# most for the concentrator +XIF_IP=${XIF_IP:=10.9.99.1} # for concentrator +XIF_CLIENT_IP=${XIF_IP:=10.9.99.2} # for station +CLIENT_OUTTER_IP=${CLIENT_OUTTER_IP:=10.4.99.1} +CLIENT_NETNS_IP=${CLIENT_NETNS_IP:=10.4.99.2} + +function initialize_vrf() { + local WANDEV=$WAN_IF + local vrfid=$1 + + [[ $vrfid = _* ]] && vrfid=${vrfid#_} + [[ $vrfid = vrf* ]] && vrfid=${vrfid#vrf} + local vrf_if="vrf${vrfid}" + local xfrm_if="xfrm${vrfid}" + + # do you need this? + #sysctl -w net.ipv4.ip_forward=1 + #sysctl -w net.ipv4.conf.all.rp_filter=0 + + # setup vrf + ip link add $vrf_if type vrf table $vrfid ||: + ip link set dev $vrf_if up ||: + ip route add unreachable default metric 4278198272 vrf $vrf_if ||: + + # create tunnel device + ip li del $xfrm_if >/dev/null 2>&1 ||: + $SWAN_LIBX/xfrmi -n $xfrm_if -i $vrfid -d $WANDEV ||: + ip li set dev $xfrm_if up + ip li set dev $xfrm_if master $vrf_if ||: + ip a add 169.254.24.201/32 dev $xfrm_if scope link ||: + ip ro add default dev $xfrm_if vrf $vrf_if ||: + #ip -6 ro add default dev $xfrm_if vrf $vrf_if +} + +function initialize_client_if() { + local intf=$1 + local vrfid=`get_vrf_for_if $1` + + [[ $vrfid = _* ]] && vrfid=${vrfid#_} + [[ $vrfid = vrf* ]] && vrfid=${vrfid#vrf} + local vrf_if="vrf${vrfid}" + local xfrm_if="xfrm${vrfid}" + + # do you need this? + #sysctl -w net.ipv4.ip_forward=1 + #sysctl -w net.ipv4.conf.all.rp_filter=0 + + # setup vrf + ip link add $vrf_if type vrf table $vrfid ||: + ip link set dev $vrf_if up ||: + ip route add unreachable default metric 4278198272 vrf $vrf_if ||: + + # create tunnel device + ip li del $xfrm_if >/dev/null 2>&1 ||: + $SWAN_LIBX/xfrmi -n $xfrm_if -i $vrfid -d $intf ||: + ip li set dev $xfrm_if up + ip li set dev $xfrm_if master $vrf_if ||: + ip a add 169.254.24.201/32 dev $xfrm_if scope link ||: + ip ro add default dev $xfrm_if vrf $vrf_if ||: + #ip -6 ro add default dev $xfrm_if vrf $vrf_if +} + +function initialize_fake_client_netns() { + local vrfid=$1 + local wan_if=$1 + [[ x$vrfid = x ]] && echo "cannot use blank argument" && exit 1 + if [[ $1 != *vrf* ]]; then + vrfid=`get_vrf_for_if $1` + fi + + [[ $vrfid = _* ]] && vrfid=${vrfid#_} + [[ $vrfid = vrf* ]] && vrfid=${vrfid#vrf} + + echo "VRFID $vrfid" + sleep 5 + sysctl net.ipv4.conf.all.rp_filter=0 + sysctl net.ipv4.conf.default.rp_filter=0 + ip netns add ts-vrf-${vrfid} ||: + ip netns exec ts-vrf-${vrfid} ip li set dev lo up ||: + ip li del ts-vrf-${vrfid}a ||: + ip link add ts-vrf-${vrfid}a type veth peer name ts-vrf-${vrfid}b netns ts-vrf-${vrfid} ||: + ip netns exec ts-vrf-${vrfid} ip link set dev ts-vrf-${vrfid}b up ||: + ip netns exec ts-vrf-${vrfid} ip a add dev ts-vrf-${vrfid}b $CLIENT_NETNS_IP/24 ||: + ip netns exec ts-vrf-${vrfid} ip ro add default via $CLIENT_OUTTER_IP ||: + ip li set dev ts-vrf-${vrfid}a up + ip li set dev ts-vrf-${vrfid}a master vrf${vrfid} ||: + ip a add $CLIENT_OUTTER_IP/24 dev ts-vrf-${vrfid}a ||: +} + +function initialize() { + [ -d "$SWANC/peers-available" ] || mkdir "$SWANC/peers-available" + [ -d "$SWANC/peers-enabled" ] || mkdir "$SWANC/peers-enabled" + [ -f "$SWANC/secrets.conf" ] || touch "$SWANC/secrets.conf" + + systemctl enable strongswan + systemctl daemon-reload + systemct start strongswan || { + journalctl -xe + } +} + +function vrf_ping() { + local vrfid=$1 + ip netns exec ts-vrf-$vrfid ping 10.0.201.2 +} + + +function backup_keys() { + if [ -f $SWANC/secrets.conf ]; then + cp $SWANC/secrets.conf $SWANC/.secrets.conf.$NOWSEC + fi +} + +function deactivate_peer() { + [ -e "$SWANC/peers-enabled/${1}.conf" ] || { + if [ -e "$SWANC/peers-available/${1}.conf" ]; then + echo "Peer $1 deactivated." + else + echo "No peer config at $SWANC/peers-available/${1}.conf" + fi + exit 0 + } + + echo -n "Deactivating $1..." + rm "$SWANC/peers-enabled/${1}.conf" + swanctl --load-all + echo "done" +} + + +function activate_peer() { + [ -f "$SWANC/peers-available/${1}.conf" ] || { + echo "No peer config at $SWANC/peers-available/${1}.conf" + exit 1 + } + + if [ -e "$SWANC/peers-enabled/${1}.conf" ]; then + echo "Peer $1 actiated." + else + echo -n "Activating $1..." + ln -s" $SWANC/peers-available/${1}.conf" "$SWANC/peers-enabled/" + swanctl --load-all + echo "done" + fi +} + +function create_concentrator_peer() { + if [ -f "$SWANC/peers-available/${1}.conf" ]; then + echo "Peer $1 config already exists." + return; + fi + + cat > "$SWANC/peers-available/${1}.conf" < "$SWANC/peers-available/${1}.conf-remote" <> "$SWANC/secrets.conf" < $SWANC/${1}-secrets.conf-remote + echo "created $SWANC/${1}-secrets.conf-remote" +} + +function get_vrf_for_if() { + local ifmaster=`ip -o li show $1 | egrep -o '(master \S+)'` + [[ x${ifmaster} = x ]] && echo "\nNo master found for $1" && exit 1 + echo ${ifmaster#master } +} + +function enable_concentrator_ipsec_if() { + local vrf_if=$1 + if [[ $vrf_if != vrf* ]]; then + vrf_if=$(get_vrf_for_if $1) + fi + local vrfnum=${vrf_if#vrf} + local xif="xfrm${vrfnum}" + sleep 1 + $SWAN_LIBX/xfrmi -n $xif -i ${vrfnum} -d $WAN_IF ||: + + sleep 1 + ip link set dev $xif up ||: + ip link set dev $xif master $vrf_if ||: + ip address add $XIF_IP/32 dev $xif scope link ||: + + #ip route add default dev $xif vrf $vrfnum ||: # doesn't work quite this way + #ip route add 10.0.0.0/8 dev $xif vrf $vrfnum ||: # not quite + + ip route add default dev $xif vrf $vrf_if ||: + sleep 1 +} + +function enable_station_ipsec_if() { + local vrf_if=$1 + local wan_if=$1 + + if [[ $wan_if = *vrf* ]]; then + echo "enable_station_ipsec_if wants L2 interface, not vrf" + exit 1 + fi + if [[ $vrf_if != vrf* ]]; then + vrf_if=$(get_vrf_for_if $1) + fi + [[ $vrf_if = _* ]] && vrf_if=${vrf_if#_} + local vrfnum=${vrf_if#vrf} + + local xif="xfrm${vrfnum}" + sleep 1 + $SWAN_LIBX/xfrmi -n $xif -i ${vrfnum} -d $wan_if ||: + + sleep 1 + ip link set dev $xif up ||: + ip link set dev $xif master $vrf_if ||: + ip address add $XIF_CLIENT_IP/32 dev $xif scope link ||: + + #ip route add default dev $xif vrf $vrfnum ||: # doesn't work quite this way + #ip route add 10.0.0.0/8 dev $xif vrf $vrfnum ||: # not quite + + sleep 1 + ip route add 10.4.99.1/32 dev $xif vrf $vrf_if ||: + ip route add 10.9.99.1/32 dev $xif vrf $vrf_if ||: + ip route add 10.1.99.0/24 dev $xif vrf $vrf_if ||: + sleep 1 +} + +function check_arg() { + if [ ! -f "$SWANC/secrets.conf" ] ; then + echo "$SWANC/secrets.conf not found. Suggest running $0 -i, bye." + exit 1 + fi + [[ z$1 != z ]] || { + echo "Please give me a peer name, bye." + exit 1 + } +} + +function activate_all() { + local f + for f in $SWANC/*.conf; do + echo "CONF $f" + f=`basename $f` + [[ $f = secrets.conf ]] && continue ||: + [[ $f = swanctl.conf ]] && continue ||: + [[ $f = *.conf ]] && f=${f%.conf} + echo "f now $f" + activate_peer $f + done +} + +function copy_config() { + local vrf=`get_vrf_for_if $WAN_IF` + ip vrf exec $vrf scp $WAN_IP:$SWANC/${1}-secrets.conf-remote $SWANC/${1}-secrets.conf + ip vrf exec $vrf scp $WAN_IP:$SWANC/peers-available/${1}.conf-remote $SWANC/peers-available/${1}.conf +} + +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +# M A I N +# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + +while getopts "a:c:d:f:g:p:v:b:ehi" arg; do + case $arg in + a) + check_arg $OPTARG + echo "Activating $OPTARG" + activate_peer $OPTARG + ;; + b) + check_arg $OPTARG + initialize_vrf $OPTARG + enable_concentrator_ipsec_if $OPTARG + initialize_fake_client_netns $OPTARG + swanctl --load-all + sleep 1 + swanctl --list-conns + ;; + c) + check_arg $OPTARG + echo "Creating $OPTARG" + create_concentrator_peer $OPTARG + create_station_peer $OPTARG + create_concentrator_key $OPTARG + create_station_key $OPTARG + ;; + d) + check_arg $OPTARG + echo "Deactivating $OPTARG" + deactivate_peer $OPTARG + ;; + e) + activate_all + swanctl --load-all + sleep 1 + swanctl --list-conns + ;; + f) + check_arg $OPTARG + copy_config $OPTARG + ;; + g) + check_arg $OPTARG + initialize_client_if $OPTARG + enable_station_ipsec_if $OPTARG + initialize_fake_client_netns $OPTARG + swanctl --load-all + sleep 1 + swanctl --list-conns + ;; + h) + cat < Date: Fri, 27 Sep 2019 16:45:46 -0700 Subject: [PATCH 4/7] library script to parse vrf devices into associative array --- lib_vrf.bash | 49 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100755 lib_vrf.bash diff --git a/lib_vrf.bash b/lib_vrf.bash new file mode 100755 index 00000000..233dc38f --- /dev/null +++ b/lib_vrf.bash @@ -0,0 +1,49 @@ +#!/bin/bash + +# create an associative array of vrf interfaces and their ports + +IFLINES=() +declare -A IFNAMES +declare -A VRFNAMES + +while read line; do + IFLINES+=("$line") +done < <(ip -o link show) + +RE_MASTER=' master ([^ ]+) state ' +for item in "${IFLINES[@]}"; do + #echo -e "\t$item" + [[ x$item = x ]] && continue + + IFS=': ' hunks=($item) + [[ "${hunks[1]}" = "" ]] && continue + + ifname="${hunks[1]}" + [[ "$ifname" = *NOARP,MASTER* ]] && continue + + IFNAMES["$ifname"]="unknown" + + if [[ $item = *master* ]] && [[ $item = *vrf* ]]; then + #echo "Looking for vrf in $ifname" + if [[ $item =~ $RE_MASTER ]]; then + [[ x${BASH_REMATCH[1]} = x ]] && continue; + vrfname=${BASH_REMATCH[1]}; + #echo "[[[$ifname]]] [[[$vrfname]]]" + IFNAMES["$ifname"]="$vrfname" + VRFNAMES["$vrfname"]="$ifname" + fi + fi +done + +if [[ x$VRF_DEBUG = x1 ]]; then + echo "Interfaces: " + for ifname in "${!IFNAMES[@]}"; do + echo "IFN $ifname => ${IFNAMES[$ifname]}" + done + + echo "virtual routers: " + for vrfname in "${!VRFNAMES[@]}"; do + echo "VRF $vrfname => ${VRFNAMES[$vrfname]}" + done +fi +# From 27b2fd21e3d86990b0119a8c7bbf0bb1916ebd7f Mon Sep 17 00:00:00 2001 From: Jed Reynolds Date: Fri, 27 Sep 2019 17:06:51 -0700 Subject: [PATCH 5/7] every_vrf.sh is a script that will execute first command across all subsequenly listed interfaces if they have vrf masters --- every_vrf.sh | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100755 every_vrf.sh diff --git a/every_vrf.sh b/every_vrf.sh new file mode 100755 index 00000000..2499bde4 --- /dev/null +++ b/every_vrf.sh @@ -0,0 +1,27 @@ +#!/bin/bash + +[[ $# < 2 ]] && { + echo "Usage: $0 'a command' eth1 eth2 sta2 st3" + echo "Runs 'a command' in a vrf environment for all following stations" + exit 1 +} + +[[ -f lib_vrf.bash ]] || { + echo "missing lib_vrf.bash, cannot continue" + exit 1 +} +. lib_vrf.bash + +execthis="$1" +shift + +for eth in "$@"; do + [[ $execthis = $eth ]] && continue + vrf=${IFNAMES[$eth]} + if [[ x$vrf = x ]] || [[ $vrf = unknown ]]; then + echo "Skipping interface $eth" + continue + fi + echo "[$execthis] $vrf" + ip vrf exec $vrf $execthis & +done From 899c79e07203cc589e53000f9e0e52c6d8db1a9b Mon Sep 17 00:00:00 2001 From: Jed Reynolds Date: Tue, 1 Oct 2019 14:49:14 -0700 Subject: [PATCH 6/7] lf_curl script written more correctly, might not work as intended --- lf_curl.sh | 99 +++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 75 insertions(+), 24 deletions(-) diff --git a/lf_curl.sh b/lf_curl.sh index eb414641..d9ad336a 100755 --- a/lf_curl.sh +++ b/lf_curl.sh @@ -1,7 +1,14 @@ #!/bin/bash -[ -f /home/lanforge/lanforge.profile ] && . /home/lanforge/lanforge.profile -CURL=`which curl`; +if [ -f /home/lanforge/lanforge.profile ]; then + . /home/lanforge/lanforge.profile +else + echo "/home/lanforge/lanforge.profile not found, bye." + exit 1 +fi +CURL=`which curl` +IP=`which ip` #echo $CURL; +[ -f lib_vrf.bash ] && . ./lib_vrf.bash SOURCE_IP="" SOURCE_PORT="" @@ -11,21 +18,22 @@ NUM_LOOPS=1 help="$0 options: -d {destination_url} - -h this help + -h # this help -i {source ip} -n {number of times, 0 = infinite} -o {output file prefix, /dev/null is default} -p {source port} -E.G.: + -v # verbose curl option -# +E.G.: $0 -i 10.0.0.1 -p eth1 -o /tmp/output -d http://example.com/ becomes - curl -sqLk --interface 10.0.0.1 -o /tmp/output_eth1 http://example.com/ - + curl -sq. ~Lk --interface 10.0.0.1 -o /tmp/output_eth1 http://example.com/ + Best if used from lf_generic_ping.pl to construct commands referencing this script: ./lf_generic_ping.pl --mgr cholla-f19 -r 2 -n curl_ex_ --match 'eth2#' --cmd 'lf_curl.sh -o /tmp/curl_%p.out -i %i -d %d -p %p' --dest http://localhost/ " - -while getopts ":d:hi:n:o:p:" OPT ; do +LFCURL='' +while getopts ":d:vhi:n:o:p:" OPT ; do #echo "OPT[$OPT] OPTARG[$OPTARG]" case $OPT in h) @@ -36,10 +44,9 @@ while getopts ":d:hi:n:o:p:" OPT ; do DEST_HOST="$OPTARG" ;; i) - if [[ $CURL = ~/local/bin/curl ]]; then - SOURCE_IP="--dns-ipv4-addr $OPTARG --interface $OPTARG" - else - SOURCE_IP="--interface $OPTARG" + PORT_IP="$OPTARG" + if [[ $CURL = ~/local/bin/curl ]] || [[ $CURL = /home/lanforge/local/bin/curl ]]; then + LFCURL=1 fi ;; n) @@ -49,8 +56,12 @@ while getopts ":d:hi:n:o:p:" OPT ; do OUT_FILE="$OPTARG" ;; p) + PORT="$OPTARG" SOURCE_PORT="--interface $OPTARG" ;; + v) + PROGRESS='-#' + ;; *) echo "Unknown option [$OPT] [$OPTARG]" ;; @@ -64,27 +75,67 @@ fi if [[ x$OUT_FILE != x/dev/null ]] && [[ x$SOURCE_PORT != x ]] ; then OUT_FILE="-o ${OUT_FILE}_${SOURCE_PORT}" +elif [[ $OUT_FILE = /dev/null ]]; then + OUT_FILE="-o ${OUT_FILE}" fi +VRF='' NUM_GOOD=0 +LB='#' +L_SOURCE_PORT="$PORT" +if [[ $PORT = *$LB* ]] && [[ $PORT != *@* ]]; then + L_SOURCE_PORT="${PORT}@${PORT//#*/}" +fi +if [[ ${#IFNAMES[@]} -lt 1 ]]; then + [[ x$PROGRESS != x ]] && echo "NO VRF PORTS: ${#IFNAMES[@]}" +else + [[ x$PROGRESS != x ]] && echo "SOME VRF PORTS: ${#IFNAMES[@]}" + if [[ x${IFNAMES[$L_SOURCE_PORT]} = x ]]; then + [[ x$PROGRESS != x ]] && echo "No vrf port detected for $L_SOURCE_PORT" + else + [[ x$PROGRESS != x ]] && echo "VRF port: ${IFNAMES[$L_SOURCE_PORT]}" + VRF=1 + fi +fi + +if [[ $VRF = 1 ]]; then + SOURCE_IP='' +elif [[ $LFCURL = 1 ]]; then + SOURCE_IP="--dns-ipv4-addr $OPTARG --interface $OPTARG" +else + SOURCE_IP="--interface $OPTARG" +fi + + +STD_O="/tmp/lf_curl_so.$$" +if [[ x$PROGRESS = x ]]; then + VERB="-s" + STD_E="/tmp/lf_curl_se.$$" +else + VERB="" + STD_E="" +fi +CCMD="$CURL $VERB -Lk --connect-timeout 2 --max-time 10 $PROGRESS \ +-D /tmp/lf_curl_h.$$ $OUT_FILE $SOURCE_IP $DEST_HOST" + +if [[ x$VRF != x ]]; then + CCMD="$IP vrf exec ${IFNAMES[$L_SOURCE_PORT]} $CCMD" +fi for N in `seq 1 $NUM_LOOPS`; do - $CURL -sqLk --connect-timeout 1 \ - --max-time 10 \ - -D /tmp/lf_curl_h.$$ \ - $OUT_FILE \ - $SOURCE_IP \ - $DEST_HOST \ - > /tmp/lf_curl_so.$$ \ - 2> /tmp/lf_curl_se.$$ - + if [[ x$PROGRESS = x ]]; then + $CCMD > $STD_O &> $STD_E + else + echo "Running $CCMD" + $CCMD + fi if [[ $? > 0 ]]; then echo "Failed $DEST_HOST" - head -1 /tmp/lf_curl_se.$$ + [ -f /tmp/lf_curl_se.$$ ] && head -1 /tmp/lf_curl_se.$$ else NUM_GOOD=$(( $NUM_GOOD +1)) - head -1 /tmp/lf_curl_so.$$ - head -1 /tmp/lf_curl_h.$$ + [ -f /tmp/lf_curl_so.$$ ] && head -1 /tmp/lf_curl_so.$$ + [ -f /tmp/lf_curl_h.$$ ] && head -1 /tmp/lf_curl_h.$$ fi sleep 1 done From c92154abdd2451d4ef7c12c98a097b31362bac8c Mon Sep 17 00:00:00 2001 From: Jed Reynolds Date: Tue, 1 Oct 2019 14:49:39 -0700 Subject: [PATCH 7/7] lib_vrf exports variable --- lib_vrf.bash | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib_vrf.bash b/lib_vrf.bash index 233dc38f..4e30a0cf 100755 --- a/lib_vrf.bash +++ b/lib_vrf.bash @@ -4,7 +4,9 @@ IFLINES=() declare -A IFNAMES +export IFNAMES declare -A VRFNAMES +export VRFNAMES while read line; do IFLINES+=("$line")