1 | #!/usr/bin/perl -w
|
---|
2 | #
|
---|
3 | # Copyright 2005 Stichting Wireless Leiden
|
---|
4 | # maart 2004 rick@wirelessleiden.nl
|
---|
5 | #
|
---|
6 |
|
---|
7 | # Config located at other file
|
---|
8 | my $conf_file="./genesis.conf";
|
---|
9 | do($conf_file) || die("Cann't open $conf_file");
|
---|
10 | ################ END OF CONFIG ##########################
|
---|
11 |
|
---|
12 | #variablen
|
---|
13 | my $time=gmtime();
|
---|
14 | my $source=`/bin/hostname`;
|
---|
15 | chomp($source);
|
---|
16 |
|
---|
17 |
|
---|
18 | #slurp IP berekeningen info
|
---|
19 | do ("$IP_pmPath") || die ("Cann't open $IP_pmPath");
|
---|
20 | #slurp dns info
|
---|
21 | do ("$dnsheader_confPath") || die ("Cann't open $dnsheader_confPath");
|
---|
22 |
|
---|
23 |
|
---|
24 | #zoek uit of het master_ip addr voorkomt in de configs
|
---|
25 | #belangrijk van aliassen
|
---|
26 | sub master_ipNotUsed {
|
---|
27 | if( $debug ) {
|
---|
28 | print "running master_ipNotUsed...\n";
|
---|
29 | }
|
---|
30 | foreach my $if (keys %config) {
|
---|
31 | if( $IP{$if} =~ /([0-9\.]+).*/ ) {
|
---|
32 | if( $1 eq $master_ip ) {
|
---|
33 | return(0);
|
---|
34 | };
|
---|
35 | };
|
---|
36 | };
|
---|
37 | return(1);
|
---|
38 | };
|
---|
39 |
|
---|
40 |
|
---|
41 |
|
---|
42 | sub genHeader {
|
---|
43 | my $comment = $_[0];
|
---|
44 | my $output =
|
---|
45 | "$comment This file specific to wireless\n" .
|
---|
46 | "$comment leiden. Please make all changes in Genesis.\n" .
|
---|
47 | "$comment\n" .
|
---|
48 | "$comment Generated by $source\n" .
|
---|
49 | "$comment on $time\n" .
|
---|
50 | "$comment\n" .
|
---|
51 | "$comment $author\n" .
|
---|
52 | "$comment\n\n\n";
|
---|
53 | return ($output);
|
---|
54 | };
|
---|
55 |
|
---|
56 |
|
---|
57 | sub txtconfig {
|
---|
58 | my $output = "";
|
---|
59 | foreach $interface (keys %config) {
|
---|
60 | $output .= $config{$interface};
|
---|
61 | };
|
---|
62 | return($output);
|
---|
63 | };
|
---|
64 |
|
---|
65 |
|
---|
66 | sub dnsmasq_conf {
|
---|
67 | my $output = genHeader("#");
|
---|
68 | $output .=
|
---|
69 | "# Query all upstream dns servers by default\n" .
|
---|
70 | "all-servers \n" .
|
---|
71 | "# DHCP server options \n" .
|
---|
72 | "dhcp-authoritative \n" .
|
---|
73 | "dhcp-fqdn \n" .
|
---|
74 | "domain=dhcp.$nodename.$domain. \n" .
|
---|
75 | "bogus-priv \n" .
|
---|
76 | "domain-needed \n" .
|
---|
77 | "expand-hosts \n" .
|
---|
78 | "\n" .
|
---|
79 | "# Low memory footprint \n" .
|
---|
80 | "cache-size=10000 \n" .
|
---|
81 | "\n";
|
---|
82 |
|
---|
83 | foreach my $interface (sort keys %config) {
|
---|
84 | if( $interface =~ /^[a-z]+[0-9]+$/i ) {
|
---|
85 | (my $ip, my $netmask) = split('/', $IP{$interface});
|
---|
86 | my $subnet = IP::toSubnet($netmask);
|
---|
87 |
|
---|
88 | $output .=
|
---|
89 | "## $interface $DESC{$interface}\n";
|
---|
90 |
|
---|
91 | if ( $DHCP{$interface} =~ /[0-9]+\-[0-9]+/i ) {
|
---|
92 | my $dhcp_part = $ip;
|
---|
93 | $dhcp_part =~ s/[0-9]+$//;
|
---|
94 | (my $dhcp_start, my $dhcp_stop) = $DHCP{$interface} =~ /([0-9]+)\-([0-9]+)/i;
|
---|
95 | $dhcp_start = $dhcp_part . $dhcp_start;
|
---|
96 | $dhcp_stop = $dhcp_part . $dhcp_stop;
|
---|
97 | $output .= "dhcp-range=$interface,$dhcp_start,$dhcp_stop,$subnet,24h\n\n";
|
---|
98 | }
|
---|
99 | else {
|
---|
100 | $output .= "# not autoritive \n\n";
|
---|
101 | };
|
---|
102 | };
|
---|
103 | };
|
---|
104 |
|
---|
105 | return($output);
|
---|
106 | };
|
---|
107 |
|
---|
108 |
|
---|
109 | sub dhcpd_conf {
|
---|
110 | my $output = genHeader("#");
|
---|
111 | $output .=
|
---|
112 | "option domain-name \"$domain\";\n" .
|
---|
113 | " \n" .
|
---|
114 | "default-lease-time 7200;\n" .
|
---|
115 | "max-lease-time 2592000;\n" .
|
---|
116 | "\n" .
|
---|
117 | "ddns-update-style none;\n" .
|
---|
118 | "\n" .
|
---|
119 | "# Hack for the WET11\n" .
|
---|
120 | "#\n" .
|
---|
121 | "always-broadcast on;\n" .
|
---|
122 | "\n" .
|
---|
123 | "option domain-name-servers ${master_ip};\n" .
|
---|
124 | "\n";
|
---|
125 |
|
---|
126 | foreach my $interface (sort keys %config) {
|
---|
127 | if( $interface =~ /^[a-z]+[0-9]+$/i ) {
|
---|
128 | (my $ip, my $netmask) = split('/', $IP{$interface});
|
---|
129 | my $subnet = IP::toSubnet($netmask);
|
---|
130 | my $broadcast = IP::getBroadcastAddr($ip, $subnet);
|
---|
131 | my $network = IP::getNetworkAddr($ip, $subnet);
|
---|
132 |
|
---|
133 | $output .=
|
---|
134 | "# $interface $DESC{$interface}\n";
|
---|
135 |
|
---|
136 | if ( $DHCP{$interface} =~ /[0-9]+\-[0-9]+/i ) {
|
---|
137 | my $dhcp_part = $ip;
|
---|
138 | $dhcp_part =~ s/[0-9]+$//;
|
---|
139 | (my $dhcp_start, my $dhcp_stop) = $DHCP{$interface} =~ /([0-9]+)\-([0-9]+)/i;
|
---|
140 | $dhcp_start = $dhcp_part . $dhcp_start;
|
---|
141 | $dhcp_stop = $dhcp_part . $dhcp_stop;
|
---|
142 | $output .=
|
---|
143 | "subnet $network netmask $subnet {\n" .
|
---|
144 | " range $dhcp_start $dhcp_stop;\n" .
|
---|
145 | " option broadcast-address $broadcast;\n" .
|
---|
146 | " option subnet-mask $subnet;\n" .
|
---|
147 | " option routers $ip;\n" .
|
---|
148 | $DHCP_STATIC{$if} .
|
---|
149 | "}\n" .
|
---|
150 | "\n";
|
---|
151 | }
|
---|
152 | else {
|
---|
153 | $output .=
|
---|
154 | "subnet $network netmask $subnet {not authoritative; }\n" .
|
---|
155 | "\n";
|
---|
156 | };
|
---|
157 | };
|
---|
158 | };
|
---|
159 |
|
---|
160 | return($output);
|
---|
161 | };
|
---|
162 |
|
---|
163 | sub named_conf {
|
---|
164 | my $output = genHeader("#");
|
---|
165 | $output .=
|
---|
166 | "options {\n" .
|
---|
167 | " directory \"/etc/namedb\"\;\n" .
|
---|
168 | " pid-file \"/var/run/named/pid\"\;\n" .
|
---|
169 | " forwarders {\n";
|
---|
170 | foreach my $forward (@forwarder) {
|
---|
171 | $output .= "$forward;\n";
|
---|
172 | };
|
---|
173 | $output .=
|
---|
174 | " };\n" .
|
---|
175 | "};\n" .
|
---|
176 | "\n" .
|
---|
177 | "\n" .
|
---|
178 | "zone \"\.\" {\n" .
|
---|
179 | " type hint;\n" .
|
---|
180 | " file \"/etc/namedb/named.root\"\;\n" .
|
---|
181 | "}\;\n" .
|
---|
182 | "\n" .
|
---|
183 | "zone \"0\.0\.127\.IN-ADDR.ARPA\" {\n" .
|
---|
184 | " type master\;\n" .
|
---|
185 | " file \"/etc/namedb/master/localhost.rev\"\;\n" .
|
---|
186 | "}\;\n" .
|
---|
187 | "\n" .
|
---|
188 | "zone \"1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.IP6.INT\" {\n" .
|
---|
189 | " type master\;\n" .
|
---|
190 | " file \"/etc/namedb/master/localhost-v6.rev\"\;\n" .
|
---|
191 | "};\n" .
|
---|
192 | "\n";
|
---|
193 |
|
---|
194 |
|
---|
195 | foreach my $tmpZone (sort keys %zone) {
|
---|
196 | my $dnsZone = $zone{$tmpZone};
|
---|
197 | $output .=
|
---|
198 | "zone \"$tmpZone\" {\n" .
|
---|
199 | " type slave\;\n" .
|
---|
200 | " file \"slave/slave-$tmpZone\"\;\n" .
|
---|
201 | " masters {\n";
|
---|
202 | foreach my $tmpIP (sort @$dnsZone) {
|
---|
203 | $output .= " $tmpIP\;\n";
|
---|
204 | };
|
---|
205 | $output .=
|
---|
206 | " };\n" .
|
---|
207 | "};\n" .
|
---|
208 | "\n";
|
---|
209 | };
|
---|
210 |
|
---|
211 | return($output);
|
---|
212 | };
|
---|
213 |
|
---|
214 |
|
---|
215 |
|
---|
216 | sub rc_conf_local {
|
---|
217 | my $output = genHeader("#");
|
---|
218 | my $masterNotUsed = master_ipNotUsed();
|
---|
219 | $output.=
|
---|
220 | "hostname=\"$nodename.$domain\"\n" .
|
---|
221 | "location=\"$location\"\n" .
|
---|
222 | "\n";
|
---|
223 | if( $gateway ) {
|
---|
224 | $output .=
|
---|
225 | "defaultrouter='$gateway'\n"
|
---|
226 | }
|
---|
227 | if( $tproxy ) {
|
---|
228 | if( $tproxy =~ m/\d+\.\d+\.\d+\.\d+\/\d+/ ) {
|
---|
229 | $output .=
|
---|
230 | "# Tproxy is ran on this system\n".
|
---|
231 | "tproxy_enable='YES'\n".
|
---|
232 | "tproxy_range='$tproxy'\n".
|
---|
233 | "\n";
|
---|
234 | }
|
---|
235 | elsif( $tproxy !~ m/no/i ) {
|
---|
236 | $output .= "# WARNING - specification propably wrong - check " .
|
---|
237 | "genesis. It should be a pure CIDR\n";
|
---|
238 | };
|
---|
239 | };
|
---|
240 |
|
---|
241 | $output .= "ifconfig_lo0_alias0=\"inet 172.31.255.1/32\"\n";
|
---|
242 | if( $masterNotUsed ) {
|
---|
243 | $output .= "ifconfig_lo0_alias1=\"inet $master_ip/32\"\n\n";
|
---|
244 | }
|
---|
245 | else {
|
---|
246 | $output .= "#ifconfig_lo0_alias1=\"inet $master_ip/32\"\n\n";
|
---|
247 | };
|
---|
248 |
|
---|
249 | foreach my $interface (sort keys %config) {
|
---|
250 | (my $if, my $number) = split(/:/, $interface);
|
---|
251 | if( defined $number ) {
|
---|
252 | $output .= "ifconfig_$if\_alias$number=\"inet $IP{$interface}\"\n";
|
---|
253 | }
|
---|
254 | else {
|
---|
255 | if ( $DHCPCLIENT{$if} =~ /yes/i ) {
|
---|
256 | $output .= "ifconfig_$if=\"DHCP";
|
---|
257 | } else {
|
---|
258 | $output .= "ifconfig_$if=\"inet $IP{$interface}";
|
---|
259 | };
|
---|
260 | $output .= " $CARD_OPTION{$interface}";
|
---|
261 | if( $TYPE{$if} =~ /wireless/i ) {
|
---|
262 | $output .= " ssid $ESSID{$interface}";
|
---|
263 | if ( $SUBTYPE{$if} =~ /802.11a/i ) {
|
---|
264 | $output .= " mode 11a";
|
---|
265 | } elsif ( $SUBTYPE{$if} =~ /802.11g/i ) {
|
---|
266 | $output .= " mode 11g";
|
---|
267 | } else {
|
---|
268 | # Default output
|
---|
269 | $output .= " mode 11b";
|
---|
270 | }
|
---|
271 |
|
---|
272 | if( $MODE{$if}=~/master/i ) {
|
---|
273 | $output .= " channel $CHANNEL{$interface}";
|
---|
274 | $output .= " mediaopt hostap";
|
---|
275 | }
|
---|
276 | else {
|
---|
277 | $output .= "";
|
---|
278 | };
|
---|
279 | };
|
---|
280 | $output .= "\"\n";
|
---|
281 | };
|
---|
282 | };
|
---|
283 | $output .= "\n";
|
---|
284 | $output .= "# XXX: Automagic by finding out which IP is in 172.16.0.0/12, perhaps?\n";
|
---|
285 | $output .= "internalif=\"" . $internalif . "\"\n";
|
---|
286 |
|
---|
287 | $output .= "\n";
|
---|
288 | $output .= "static_routes=\"wleiden\"\n";
|
---|
289 |
|
---|
290 | $output .= "route_wleiden=\"-net 172.16.0.0/12 $internalroute\"\n";
|
---|
291 |
|
---|
292 |
|
---|
293 | if( $proxyid ) {
|
---|
294 | # ssh-tun requires a four digit port number, so 22 + "??"
|
---|
295 | $proxyid = sprintf("%02i", $proxyid);
|
---|
296 |
|
---|
297 | $output .= "\n";
|
---|
298 | $output .= "sshtun_enable=\"YES\"\n";
|
---|
299 | $output .= "sshtun_flags=\"-R 22$proxyid:localhost:22 \"\n";
|
---|
300 | }
|
---|
301 |
|
---|
302 | if ( $inboundnat =~ /yes/i ) {
|
---|
303 | $output .= "\n";
|
---|
304 | $output .= "# Firewall inbound NAT option\n";
|
---|
305 | $output .= "firewall_enable=\"YES\"\n";
|
---|
306 | $output .= "firewall_script=\"/etc/ipfw.sh\"\n";
|
---|
307 | $output .= "firewall_nat_enable=\"YES\"\n";
|
---|
308 | $output .= "gateway_enable=\"YES\"\n";
|
---|
309 |
|
---|
310 | }
|
---|
311 |
|
---|
312 | if ( $nat =~ /yes/i ) {
|
---|
313 | $output .= "\n";
|
---|
314 | $output .= "# Enable nat and stateful firewalling\n";
|
---|
315 | $output .= "pf_enable=\"YES\"\n";
|
---|
316 | $output .= "pf_rules=\"/etc/pf.conf\"\n";
|
---|
317 | $output .= "\n";
|
---|
318 | $output .= "# Enable routing\n";
|
---|
319 | $output .= "gateway_enable=\"yes\"\n";
|
---|
320 | } else {
|
---|
321 | $output .= "\n";
|
---|
322 | $output .= "# Disable routing\n";
|
---|
323 | $output .= "gateway_enable=\"no\"\n";
|
---|
324 | }
|
---|
325 |
|
---|
326 | # Block these ip's
|
---|
327 | if ( $firewall_block ) {
|
---|
328 | $firewall_block=~s/\n/\ /g;
|
---|
329 | $output .= "\n";
|
---|
330 | $output .= "firewall_block=\"$firewall_block\"";
|
---|
331 | }
|
---|
332 |
|
---|
333 | return($output);
|
---|
334 | };
|
---|
335 |
|
---|
336 |
|
---|
337 | sub resolv_conf {
|
---|
338 | my $output = genHeader"#";
|
---|
339 |
|
---|
340 | # $output .=
|
---|
341 | # "search wleiden.net.\n" .
|
---|
342 | # "# Try local (cache) first \n" .
|
---|
343 | # "nameserver 127.0.0.1\n" .
|
---|
344 | # "# Direct neighboors\n" .
|
---|
345 | # "\n";
|
---|
346 | #
|
---|
347 | # foreach my $if (sort keys %config) {
|
---|
348 | # if( exists $POINT_TO_POINT{$if} ) {
|
---|
349 | # foreach my $ip ($POINT_TO_POINT{$if}) {
|
---|
350 | # $output .= "nameserver $ip # $DESC{$if}\n";
|
---|
351 | # };
|
---|
352 | # };
|
---|
353 | # };
|
---|
354 | #
|
---|
355 | # $output .=
|
---|
356 | # "\n" .
|
---|
357 | # "# Last resort/backup remote nameservers \n" .
|
---|
358 | # "nameserver 172.17.8.68 # proxy1\n" .
|
---|
359 | # "nameserver 172.17.143.4 # proxy2\n" .
|
---|
360 | # "nameserver 172.20.128.98 # proxy3\n" .
|
---|
361 | # "nameserver 172.16.2.254 # proxy4\n" .
|
---|
362 | # "nameserver 172.19.168.66 # proxy5\n";
|
---|
363 |
|
---|
364 | $output .=
|
---|
365 | "nameserver 8.8.8.8 # Google\n" .
|
---|
366 | "nameserver 8.8.4.4 # Google\n" .
|
---|
367 | "search wleiden.net";
|
---|
368 |
|
---|
369 | return($output);
|
---|
370 | };
|
---|
371 |
|
---|
372 |
|
---|
373 | sub parse_config {
|
---|
374 | my $workingfile = $_[0];
|
---|
375 | do($workingfile) || die("Cann't open/parse $workingfile");
|
---|
376 | foreach my $if (keys %config) {
|
---|
377 | my $cfg=$config{$if};
|
---|
378 | while ($cfg) {
|
---|
379 | $cfg=~s/^([^\n\r]+)[\r\n]*//m;
|
---|
380 | my $line=$1;
|
---|
381 | $line=~s/\s*#.*//;
|
---|
382 | if (((my $name, my $value)=split(/=/,$line)) eq 2) {
|
---|
383 | my $doit="if (exists(\$$name\{\"$if\"\})) {\$$name\{\"$if\"\}.=\";$value\";} else {\$$name\{\"$if\"\}.=\"$value\";}";
|
---|
384 | eval($doit);
|
---|
385 | };
|
---|
386 | $cfg=~s/[\r\n]*$//m;
|
---|
387 | };
|
---|
388 | };
|
---|
389 | };
|
---|
390 |
|
---|
391 | sub authorized_keys {
|
---|
392 | my $output = genHeader("#");
|
---|
393 | if( -e "$global_keyPath" ) {
|
---|
394 | open( GLOBAL, "$global_keyPath" ) || die ("Cann't open $global_keyPath");
|
---|
395 | $output .= join("", <GLOBAL>);
|
---|
396 | close( GLOBAL );
|
---|
397 | }
|
---|
398 | else {
|
---|
399 | $output .= "# No $global_keyPath\n";
|
---|
400 | };
|
---|
401 |
|
---|
402 | if( -e "$ndir/$nodetype$nodename/$ssh_file" ) {
|
---|
403 | open( NODE, "$ndir/$nodetype$nodename/$ssh_file" ) || die ("Cann't open $home/$nodename/$ssh_file");
|
---|
404 | $output .= join("", <NODE>);
|
---|
405 | close( NODE );
|
---|
406 | }
|
---|
407 | else {
|
---|
408 | $output .= "# No $ndir/$nodetype$nodename/$ssh_file\n";
|
---|
409 | };
|
---|
410 |
|
---|
411 | return($output);
|
---|
412 | };
|
---|
413 |
|
---|
414 | sub do_it {
|
---|
415 | my $file = $_[0];
|
---|
416 | my $body = "";
|
---|
417 |
|
---|
418 | $file =~ s/\./_/g;
|
---|
419 | $body=&$file;
|
---|
420 | return($body);
|
---|
421 | };
|
---|
422 |
|
---|
423 | if( exists $ARGV[0] ) {
|
---|
424 | if( exists $ARGV[1] ) {
|
---|
425 | parse_config($ARGV[0]);
|
---|
426 | print do_it($ARGV[1]);
|
---|
427 | }
|
---|
428 | else {
|
---|
429 | print "Usage `perl wleiden.pl 'inputfile' 'outputfile'`\n";
|
---|
430 | };
|
---|
431 | };
|
---|
432 |
|
---|
433 | 1;
|
---|