#!/bin/sh # # ppp-linkup # # part of pfSense (https://www.pfsense.org) # Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate) # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # # 1. Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in # the documentation and/or other materials provided with the # distribution. # # 3. All advertising materials mentioning features or use of this software # must display the following acknowledgment: # "This product includes software developed by the pfSense Project # for use in the pfSense® software distribution. (http://www.pfsense.org/). # # 4. The names "pfSense" and "pfSense Project" must not be used to # endorse or promote products derived from this software without # prior written permission. For written permission, please contact # coreteam@pfsense.org. # # 5. Products derived from this software may not be called "pfSense" # nor may "pfSense" appear in their names without prior written # permission of the Electric Sheep Fencing, LLC. # # 6. Redistributions of any form whatsoever must retain the following # acknowledgment: # # "This product includes software developed by the pfSense Project # for use in the pfSense software distribution (http://www.pfsense.org/). # # THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY # EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR # ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED # OF THE POSSIBILITY OF SUCH DAMAGE. export PATH=/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin DNSALLOWOVERRIDE=$(/usr/local/sbin/read_xml_tag.sh boolean system/dnsallowoverride) IF="${1}" PROTOCOL="${2}" LOCAL_IP="${3}" REMOTE_IP="${4}" AUTH_NAME="${5}" DNS1_RAW="${6}" DNS2_RAW="${7}" if [ "${PROTOCOL}" == "inet" ]; then OLD_ROUTER=`cat /tmp/${IF}_router` if [ -n "${OLD_ROUTER}" ]; then echo "Removing states to old router ${OLD_ROUTER}" | logger -t ppp-linkup pfctl -i ${IF} -k 0.0.0.0/0 -k ${OLD_ROUTER}/32 pfctl -i ${IF} -k ${OLD_ROUTER}/32 -k 0.0.0.0/0 fi # let the configuration system know that the ipv4 has changed. echo ${REMOTE_IP} > /tmp/${IF}_router echo ${LOCAL_IP} > /tmp/${IF}_ip touch /tmp/${IF}up if [ "${DNSALLOWOVERRIDE}" = "true" ]; then # write nameservers to file echo -n "" > /var/etc/nameserver_${IF} if echo "${DNS1_RAW}" | grep -q dns1; then DNS1=`echo "${DNS1_RAW}" | awk '{print $2}'` echo "${DNS1}" >> /var/etc/nameserver_${IF} route change "${DNS1}" ${REMOTE_IP} fi if echo "${DNS2_RAW}" | grep -q dns2; then DNS2=`echo "${DNS2_RAW}" | awk '{print $2}'` echo "${DNS2}" >> /var/etc/nameserver_${IF} route change "${DNS2}" ${REMOTE_IP} fi pfSctl -c 'service reload dns' sleep 1 fi pfSctl -c "interface newip ${IF}" elif [ "${PROTOCOL}" == "inet6" ]; then /usr/local/sbin/ppp-ipv6 ${IF} up # let the configuration system know that the ipv6 has changed. echo ${REMOTE_IP} |cut -d% -f1 > /tmp/${IF}_routerv6 echo ${LOCAL_IP} |cut -d% -f1 > /tmp/${IF}_ipv6 touch /tmp/${IF}upv6 if [ "${DNSALLOWOVERRIDE}" = "true" ]; then # write nameservers to file echo -n "" > /var/etc/nameserver_v6${IF} if echo "${DNS1_RAW}" | grep -q dns1; then DNS1=`echo "${DNS1_RAW}" | awk '{print $2}'` echo "${DNS1}" >> /var/etc/nameserver_v6${IF} route change -inet6 "${DNS1}" ${REMOTE_IP} fi if echo "${DNS2_RAW}" | grep -q dns2; then DNS2=`echo "${DNS2_RAW}" | awk '{print $2}'` echo "${DNS2}" >> /var/etc/nameserver_v6${IF} route change -inet6 "${DNS2}" ${REMOTE_IP} fi pfSctl -c 'service reload dns' sleep 1 fi pfSctl -c "interface newipv6 ${IF}" fi exit 0