root/fedkit/prep_gateway.pl

Revision c6d6c4377154a1ff91e1d05651a95e275d6b59d3, 3.1 KB (checked in by Mike Ryan <mikeryan@…>, 14 months ago)

mass typo in perldoc
nice cut & paste job faber
  • Property mode set to 100644
Line 
1#!/usr/bin/perl
2
3use strict;
4
5use gateway_lib;
6
7use Getopt::Long;
8use File::Copy;
9use IO::File;
10
11my $ssh_pubkey;
12my $tunnelip;
13my $peer;
14my $use_file;
15my $fed_dir = "/usr/local/federation/";
16my %opts = (
17    'ssh_pubkey=s' => \$ssh_pubkey,
18    'tunnelip' => \$tunnelip,
19    'peer=s' => \$peer,
20    'use_file' => \$use_file,
21);
22
23exit(20) unless GetOptions(%opts);
24
25if ($use_file) {
26    gateway_lib::read_config(gateway_lib::config_filename(), \%opts)
27}
28
29my $uname = `uname`;
30chomp $uname;
31
32# on portals make sure client.conf is in the override position (in fed_dir).
33my $client_conf = gateway_lib::client_conf_filename();
34
35copy($client_conf, "$fed_dir/etc/client.conf") 
36    unless $client_conf =~ /^$fed_dir/;
37
38if ($uname =~ /Linux/) {
39    # Restart sshd with tunnel params
40    gateway_lib::set_sshd_params( 
41        { 'GatewayPorts' => 'yes', 'PermitTunnel' => 'yes' } );
42    system("/etc/init.d/sshd restart");
43    gateway_lib::import_key($ssh_pubkey,'/root/.ssh/authorized_keys')
44        if $ssh_pubkey;
45    # Install bridging software if not present
46    system('/usr/bin/yum -y install bridge-utils');
47}
48elsif ($uname =~ /FreeBSD/ ){
49    gateway_lib::set_sshd_params( 
50        { 'GatewayPorts' => 'yes', 'PermitTunnel' => 'yes' } );
51    system("/etc/rc.d/sshd restart");
52
53    gateway_lib::import_key($ssh_pubkey,'/root/.ssh/authorized_keys')
54        if $ssh_pubkey;
55
56    # Need these to make the Ethernet tap and bridge work.
57    system("kldload /boot/kernel/bridgestp.ko") 
58        if -r "/boot/kernel/bridgestp.ko"; 
59    system("kldload /boot/kernel/if_bridge.ko");
60    system("kldload /boot/kernel/if_tap.ko");
61}
62
63if ( $tunnelip ) {
64    my ($interface, $ip, $netmask, $mac, $router) = 
65        gateway_lib::deter_tunnelip();
66
67    gateway_lib::configure_outgoing_iface($interface, $ip, $netmask);
68    # Add the route to a peer.  Wait up to an hour for the peer's IP address to
69    # appear in the DNS.
70    gateway_lib::add_route($peer, $router, 1, 60 *60) 
71        if $peer && $router;
72}
73my $coord_fn = "$fed_dir/etc/prep_done";
74my $coord_file = new IO::File(">$coord_fn") || die "Cannot open $coord_fn";
75
76print $coord_file `date`;
77$coord_file->close();
78
79exit(0);
80
81=pod
82
83=head1 NAME
84
85B<prep_tunnel.pl> - Prepare a tunnel node for use as either a service or connectivity gateway.
86
87=head1 OPTIONS
88
89=over 8
90
91=item B<peer=>I<hostname>
92
93The other gateway providing forwarding.
94
95=item B<ssh_pubkey=>I<keyfile>
96
97A public to install as authorized.
98
99=item B<tunnelip>
100
101True if the testbed uses the DETER tunnelip extension to provide external
102connectivity information
103
104=item B<use_file>
105
106If given read additional parameters from the file in
107/proj/I<project>/exp/I<experiment>/tmp/I<hostname>.gw/conf where those are the
108current testbed project and experiment and the hostname is before the first
109dot.  The file is option: value.
110
111
112=back
113
114=head1 SYNOPSIS
115
116B<prep_gateway.pl> laods the necessary kernel modules for low-level bridging
117configures the local sshd to allow it, restarts that sshd, and installs the
118given key in root's authorized keys.
119
120If the gateway supports DETER gateway, it setablishes outside connectivity and
121adds a host rout to the given peer.
122
123=head1 AUTHORS
124
125Ted Faber <faber@isi.edu>
126
127=cut
Note: See TracBrowser for help on using the browser.