source: fedkit/prep_gateway.pl @ 5c35160

axis_examplecompt_changesinfo-opsversion-3.01version-3.02
Last change on this file since 5c35160 was 1d91791f, checked in by Ted Faber <faber@…>, 14 years ago

Remove support for ancient linux distros, which effectively adds support for
modern ones.

  • Property mode set to 100644
File size: 2.9 KB
RevLine 
[2edec46]1#!/usr/bin/perl
2
3use strict;
4
5use gateway_lib;
6
7use Getopt::Long;
[f8fa72b]8use File::Copy;
9use IO::File;
[2edec46]10
11my $ssh_pubkey;
12my $tunnelip;
13my $peer;
[8d4e4fb]14my $use_file;
[4e9719b]15my $fed_dir = "/usr/local/federation/";
[8d4e4fb]16my %opts = (
17    'ssh_pubkey=s' => \$ssh_pubkey,
[2edec46]18    'tunnelip' => \$tunnelip,
19    'peer=s' => \$peer,
[8d4e4fb]20    'use_file' => \$use_file,
[2edec46]21);
22
[8d4e4fb]23exit(20) unless GetOptions(%opts);
24
[f8fa72b]25if ($use_file) {
26    gateway_lib::read_config(gateway_lib::config_filename(), \%opts)
27}
28
29my $uname = `uname`;
30chomp $uname;
[8d4e4fb]31
[4e9719b]32# on portals make sure client.conf is in the override position (in fed_dir).
33my $client_conf = gateway_lib::client_conf_filename();
34
35copy($client_conf, "$fed_dir/etc/client.conf") 
36    unless $client_conf =~ /^$fed_dir/;
37
[f8fa72b]38if ($uname =~ /Linux/) {
[1d91791f]39    # Install bridging software if not present
40    system('/usr/bin/yum -y install bridge-utils');
41    # Restart sshd with tunnel params
42    gateway_lib::set_sshd_params( 
43        { 'GatewayPorts' => 'yes', 'PermitTunnel' => 'yes' } );
44    system("/etc/init.d/sshd restart");
[f8fa72b]45    gateway_lib::import_key($ssh_pubkey,'/root/.ssh/authorized_keys')
46        if $ssh_pubkey;
47}
48elsif ($uname =~ /FreeBSD/ ){
49    gateway_lib::set_sshd_params( 
50        { 'GatewayPorts' => 'yes', 'PermitTunnel' => 'yes' } );
51    system("/etc/rc.d/sshd restart");
[2edec46]52
[f8fa72b]53    gateway_lib::import_key($ssh_pubkey,'/root/.ssh/authorized_keys')
54        if $ssh_pubkey;
[2edec46]55
[f8fa72b]56    # Need these to make the Ethernet tap and bridge work.
57    system("kldload /boot/kernel/bridgestp.ko") 
58        if -r "/boot/kernel/bridgestp.ko"; 
59    system("kldload /boot/kernel/if_bridge.ko");
60    system("kldload /boot/kernel/if_tap.ko");
61}
[2edec46]62
63if ( $tunnelip ) {
64    my ($interface, $ip, $netmask, $mac, $router) = 
65        gateway_lib::deter_tunnelip();
66
[2b35261]67    gateway_lib::configure_outgoing_iface($interface, $ip, $netmask);
[2edec46]68    # Add the route to a peer.  Wait up to an hour for the peer's IP address to
69    # appear in the DNS.
[55779d4]70    gateway_lib::add_route($peer, $router, 1, 60 *60) 
71        if $peer && $router;
[2edec46]72}
73
74exit(0);
[2b35261]75
76=pod
77
78=head1 NAME
79
80B<prep_tunnel.pl> - Prepare a tunnel node for use as either a service or connectivity gateway.
81
82=head1 OPTIONS
83
84=over 8
85
86=item B<peer=>I<hostname>
87
88The other gateway providing forwarding.
89
90=item B<ssh_pubkey=>I<keyfile>
91
92A public to install as authorized.
93
94=item B<tunnelip>
95
96True if the testbed uses the DETER tunnelip extension to provide external
97connectivity information
98
[8d4e4fb]99=item B<use_file>
100
101If given read additional parameters from the file in
102/proj/I<project>/exp/I<experiment/tmp/I<hostname>.gw/conf where those are the
103current testbed project and experiment and the hostname is before the first
104dot.  The file is option: value.
105
106
[2b35261]107=back
108
109=head1 SYNOPSIS
110
111B<prep_gateway.pl> laods the necessary kernel modules for low-level bridging
112configures the local sshd to allow it, restarts that sshd, and installs the
113given key in root's authorized keys.
114
115If the gateway supports DETER gateway, it setablishes outside connectivity and
116adds a host rout to the given peer.
117
118=head1 AUTHORS
119
120Ted Faber <faber@isi.edu>
121
122=cut
Note: See TracBrowser for help on using the repository browser.