- Timestamp:
- Feb 1, 2010 10:43:24 AM (15 years ago)
- Branches:
- axis_example, compt_changes, info-ops, master, version-3.01, version-3.02
- Children:
- b73cc45
- Parents:
- 2edec46
- Location:
- fedkit
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
fedkit/active_config.pl
r2edec46 r2b35261 55 55 $f->close(); 56 56 exit(0); 57 58 =pod 59 60 =head1 NAME 61 62 B<active_config.pl> - Configure an active connectivity gateway under the DETER Federation Architecture 63 64 =head1 OPTIONS 65 66 =over 8 67 68 =item B<fedkit=>I<install_dir> 69 70 Directory in which this software is installed. Generally not needed. 71 72 =item B<interfaces=>I<interface table> 73 74 A list of interfaces to forward data on of the form: 75 76 =begin text 77 78 iface ip_addr 79 80 =end text 81 82 The interface is the operating system name of the interface and the IP address 83 is given in standard dotted decimal notation. Other characters on a line are 84 ignored. 85 86 =item B<peer=>I<hostname> 87 88 The other gateway providing forwarding. 89 90 =item B<perl=>I<perl_binary> 91 92 Location of the perl binary. Usually unneeded. 93 94 =item B<ssh=>I<ssh_binary> 95 96 The pathname of the ssh binary. Unusally unnecessary. 97 98 =item B<ssh_pubkey=>I<keyfile> 99 100 A public to install as authorized. 101 102 =item B<ssh_privkey=>I<identity_file> 103 104 The identity to use for remote access 105 106 =item B<tunnelip> 107 108 True if the testbed uses the DETER tunnelip extension to provide external 109 connectivity information 110 111 =back 112 113 =head1 SYNOPSIS 114 115 B<active_config.pl> initiates the active side of the connectivity connection, 116 which is to say that it: 117 118 =over 4 119 120 =item * 121 122 Installs local keys and reconfigures that local ssh system to do link layer 123 tunneling. 124 125 =item * 126 127 Starts a tunnel for each interface in the given interface table, both locally 128 and remotely. 129 130 =back 131 132 =head1 AUTHORS 133 134 Ted Faber <faber@isi.edu> 135 136 =cut -
fedkit/combo_active.pl
r2edec46 r2b35261 49 49 "--ssh=$ssh $portparam"); 50 50 exit(20) if $?; 51 52 =pod 53 54 =head1 NAME 55 56 B<combo_active.pl> - Do both the active configuration of a connectiveity gateway and service port forwarding. 57 58 =head1 OPTIONS 59 60 =over 8 61 62 =item B<fedkit=>I<install_dir> 63 64 Directory in which this software is installed. Generally not needed. 65 66 =item B<interfaces=>I<interface table> 67 68 A list of interfaces to forward data on of the form: 69 70 =begin text 71 72 iface ip_addr 73 74 =end text 75 76 The interface is the operating system name of the interface and the IP address 77 is given in standard dotted decimal notation. Other characters on a line are 78 ignored. 79 80 =item B<peer=>I<hostname> 81 82 The other gateway providing forwarding. 83 84 =item B<perl=>I<perl_binary> 85 86 Location of the perl binary. Usually unneeded. 87 88 =item B<port=>I<port_spec> 89 90 Forward the given port. The port is specified as 91 for B<port_forward.pl> 92 93 =item B<ssh=>I<ssh_binary> 94 95 The pathname of the ssh binary. Unusally unnecessary. 96 97 =item B<ssh_pubkey=>I<keyfile> 98 99 A public to install as authorized. 100 101 =item B<ssh_privkey=>I<identity_file> 102 103 The identity to use for remote access 104 105 =item B<tunnelip> 106 107 True if the testbed uses the DETER tunnelip extension to provide external 108 connectivity information 109 110 =back 111 112 =head1 SYNOPSIS 113 114 Call B<active_config.pl> and B<port_forward.pl> with the relevant parameters. 115 116 117 =head1 AUTHORS 118 119 Ted Faber <faber@isi.edu> 120 121 =cut -
fedkit/gateway_lib.pm
r2edec46 r2b35261 3 3 package gateway_lib; 4 4 5 # Package stuff to keep the caller's namespace clean, but allow additions if 6 # they need it. 5 7 require Exporter; 6 8 @ISA=qw(Exporter); … … 17 19 use File::Copy; 18 20 21 # Standard locations of these commands (FreeBSD) 19 22 my $IFCONFIG = "/sbin/ifconfig"; 20 23 my $ROUTE = "/sbin/route"; … … 22 25 my $FINDIF = "/usr/local/etc/emulab/findif"; 23 26 27 # Takes an ssh config file and a reference to a hash of keys whose values must 28 # be set a specific way. Replaces existing entries with the set values. 24 29 sub set_sshd_params { 25 30 my($keys, $file) = @_; … … 44 49 } 45 50 51 # Append the given keyfile to the given authorised key file. 46 52 sub import_key { 47 53 my($keyfile, $authkeys) = @_; … … 57 63 } 58 64 59 65 # Keep trying to look up the given hostname until successful. If timeout is 66 # given, die after waiting that long. If sleep is given, wait that many 67 # seconds between attempts (defaults to 5). 60 68 sub wait_for_DNS { 61 my($name, $timeout ) = @_;69 my($name, $timeout, $sleep) = @_; 62 70 my $start = time(); 71 $sleep = 5 unless $sleep; 63 72 my @rv; 64 73 … … 67 76 die "Timeout waiting for DNS to get $name\n" 68 77 if ($timeout && time() - $start > $timeout); 69 } 70 } 71 78 sleep($sleep) unless @rv; 79 } 80 } 81 82 # Get the external access parameters (interface, address, netmask, mac address, 83 # and next hop router) from tmcd in Emulabs that support the DETER tunnelip 84 # extension. 72 85 sub deter_tunnelip { 73 86 # To parse tmcc … … 80 93 81 94 82 # Parse out the info about tunnelips 95 # Parse out the info about tunnelips. Format is usually one line of 96 # ATTR=VALUE. Multiple lines are possible. 83 97 $tmcc->reader("$TMCC tunnelip"); 84 98 while (<$tmcc>) { … … 101 115 } 102 116 117 118 # Configure the given interface with the given IP address and netmask. 103 119 sub configure_outgoing_iface { 104 my ($interface, $ip, $netmask , $mac) = @_;120 my ($interface, $ip, $netmask) = @_; 105 121 106 122 my @ifconfig = ($IFCONFIG, $interface, $ip); … … 111 127 } 112 128 129 # Add a route to the destination through the router. If wait is given, do not 130 # attempt to add the route until DNS has the hostname in it. If timeout is 131 # given, only wait that many seconds for DNS to acquire it. 113 132 sub add_route { 114 133 my($routedest, $router, $wait, $timeout) = @_; … … 138 157 } 139 158 159 # Connect the tap($tapno) interface to $iface at the link level. Remove any IP 160 # addresses assigned to interface to avoid confusing the routing system. We're 161 # very tolerant of errors as the bridge and other interfaces may already exist 162 # when this is called. 140 163 sub bind_tap_to_iface { 141 164 my($tapno, $iface) = @_; … … 163 186 } 164 187 188 # Return the IP addresses accociated with this interface (as a list) 165 189 sub iface_to_addr { 166 190 my($iface) = @_; … … 176 200 } 177 201 202 # Return the interface that packets to this host (IP or DNS) would be sent on. 178 203 sub dest_to_iface { 179 204 my($dest) =@_; … … 193 218 } 194 219 220 # Return the interface bound to this IP address. If there are more than one, 221 # the first one returned by ifconfig is the one returned. 195 222 sub addr_to_iface { 196 223 my($addr) = @_; -
fedkit/prep_gateway.pl
r2edec46 r2b35261 33 33 gateway_lib::deter_tunnelip(); 34 34 35 gateway_lib::configure_outgoing_iface($interface, $ip, $netmask , $mac);35 gateway_lib::configure_outgoing_iface($interface, $ip, $netmask); 36 36 # Add the route to a peer. Wait up to an hour for the peer's IP address to 37 37 # appear in the DNS. … … 40 40 41 41 exit(0); 42 43 =pod 44 45 =head1 NAME 46 47 B<prep_tunnel.pl> - Prepare a tunnel node for use as either a service or connectivity gateway. 48 49 =head1 OPTIONS 50 51 =over 8 52 53 =item B<peer=>I<hostname> 54 55 The other gateway providing forwarding. 56 57 =item B<ssh_pubkey=>I<keyfile> 58 59 A public to install as authorized. 60 61 =item B<tunnelip> 62 63 True if the testbed uses the DETER tunnelip extension to provide external 64 connectivity information 65 66 =back 67 68 =head1 SYNOPSIS 69 70 B<prep_gateway.pl> laods the necessary kernel modules for low-level bridging 71 configures the local sshd to allow it, restarts that sshd, and installs the 72 given key in root's authorized keys. 73 74 If the gateway supports DETER gateway, it setablishes outside connectivity and 75 adds a host rout to the given peer. 76 77 =head1 AUTHORS 78 79 Ted Faber <faber@isi.edu> 80 81 =cut
Note: See TracChangeset
for help on using the changeset viewer.