initial commit of file from CVS for smeserver-bridge-interface on Sat Sep 7 20:11:17 AEST 2024

.gitignore

@@ -0,0 +1,4 @@
+*.rpm
+*.log
+*spec-20*
+*.tar.xz

Makefile

@@ -0,0 +1,21 @@
+# Makefile for source rpm: smeserver-bridge-interface
+# $Id: Makefile,v 1.1 2021/01/14 20:08:10 brianr Exp $
+NAME := smeserver-bridge-interface
+SPECFILE = $(firstword $(wildcard *.spec))
+
+define find-makefile-common
+for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done
+endef
+
+MAKEFILE_COMMON := $(shell $(find-makefile-common))
+
+ifeq ($(MAKEFILE_COMMON),)
+# attept a checkout
+define checkout-makefile-common
+test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2
+endef
+
+MAKEFILE_COMMON := $(shell $(checkout-makefile-common))
+endif
+
+include $(MAKEFILE_COMMON)

README.md

@@ -1,3 +1,15 @@
-# smeserver-bridge-interface
+# <img src="https://www.koozali.org/images/koozali/Logo/Png/Koozali_logo_2016.png" width="25%" vertical="auto" style="vertical-align:bottom"> smeserver-bridge-interface
 
 SMEServer Koozali developed git repo for smeserver-bridge-interface smecontribs
+
+## Wiki
+<br />https://wiki.koozali.org/
+
+## Bugzilla
+Show list of outstanding bugs: [here](https://bugs.koozali.org/buglist.cgi?component=smeserver-bridge-interface&product=SME%20Contribs&query_format=advanced&limit=0&bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&bug_status=CONFIRMED)
+
+## Description
+
+<br />*This description has been generated by an LLM AI system and cannot be relied on to be fully correct.*
+*Once it has been checked, then this comment will be deleted*
+<br />

contriborbase

@@ -0,0 +1 @@
+contribs10

createlinks

@@ -0,0 +1,42 @@
+#!/usr/bin/perl -w
+
+use esmith::Build::CreateLinks  qw(:all);
+
+# our event specific for updating with yum without reboot
+$event = "smeserver-bridge-interface-update";
+
+
+#add here the path to your templates needed to expand
+#see the /etc/systemd/system-preset/49-koozali.preset should be present for systemd integration on all you yum update event
+
+foreach my $file (qw(
+		/etc/systemd/system-preset/49-koozali.preset
+		/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf
+
+))
+{
+    templates2events( $file, $event );
+}
+
+
+#action needed in case we have a systemd unit
+#event_link("systemd-default", $event, "10");
+#event_link("systemd-reload", $event, "50");
+event_link("systemd-default", $event, "88");
+event_link("systemd-reload", $event, "89");
+
+
+#action specific to this package
+#event_link("bridge-disable", "$event", "02");
+#event_link("bridge-enable", "$event", "98");
+event_link("bridge-enable", "$event", "87");
+
+#services we need to restarta
+#none?
+event_services($event, "dhcpd" => "restart");
+event_services($event, "bridge" => "restart");
+
+foreach my $event (qw/console-save bootstrap-console-save/){
+  event_link("bridge-disable", "$event", "02");
+  event_link("bridge-enable", "$event", "98");
+}

root/etc/e-smith/db/configuration/defaults/bridge/bridgeInterface

@@ -0,0 +1 @@
+br0

root/etc/e-smith/db/configuration/defaults/bridge/status

@@ -0,0 +1 @@
+enabled

root/etc/e-smith/db/configuration/defaults/bridge/tapInterface

@@ -0,0 +1 @@
+tap0

root/etc/e-smith/db/configuration/defaults/bridge/type

@@ -0,0 +1 @@
+service

root/etc/e-smith/db/configuration/migrate/50bridge-interface

@@ -0,0 +1,21 @@
+{
+    my $bridge = $DB->get('bridge') || $DB->new_record('bridge', {type => 'service'});
+    my $brStatus = $bridge->prop('status') || 'enabled';
+
+    # Return nothing if bridge is disabled
+    return "" if ($brStatus eq 'disabled');
+
+    my $br = $bridge->prop('bridgeInterface') || 'br0';
+    my $IntIfConf = $DB->get('InternalInterface');
+    my $IntIfName = $IntIfConf->prop('Name');
+
+    # If the InternalInterface Name is the same as the bridge, there's nothing to do
+    return "" if ($IntIfName eq $br);
+
+    # else, we store the old InternalInterface Name in ethernetInterface
+    # and we set the InternalInterface to be the bridge
+
+    $bridge->set_prop('ethernetInterface',$IntIfName);
+    $IntIfConf->set_prop('Name',$br);
+}
+

root/etc/e-smith/events/actions/bridge-disable

@@ -0,0 +1,35 @@
+#!/usr/bin/perl -w
+#----------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+#----------------------------------------------------------------------
+
+use esmith::ConfigDB;
+
+my $c = esmith::ConfigDB->open() || die "Error opening the ConfigDB\n";
+my $bridge = $c->get('bridge') || $c->new_record('bridge', {type => 'service'});
+my $status = $bridge->prop('status') || 'enabled';
+my $internal = $bridge->prop('ethernetInterface') || 'eth0';
+
+if ($status eq 'enabled'){
+  $c->set_prop('bridge', 'OldStatus', 'enabled');
+  $c->set_prop('bridge', 'status', 'disabled');
+  $c->set_prop('InternalInterface', 'Name', "$internal");
+}
+
+exit (0);

root/etc/e-smith/events/actions/bridge-enable

@@ -0,0 +1,38 @@
+#!/usr/bin/perl -w
+#----------------------------------------------------------------------
+# copyright (C) 2011 Firewall-Services
+# daniel@firewall-services.com
+# 
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA
+# 
+#----------------------------------------------------------------------
+
+use esmith::ConfigDB;
+
+my $c = esmith::ConfigDB->open() || die "Error opening the ConfigDB\n";
+my $bridge = $c->get('bridge') || $c->new_record('bridge', {type => 'service'});
+my $status = $bridge->prop('status') || 'enabled';
+my $internal = $bridge->prop('bridgeInterface') || 'br0';
+
+if ($status eq 'disabled'){
+  my $oldstatus = $bridge->prop('OldStatus') || 'disabled';
+  if ($oldstatus eq 'enabled'){
+    $c->set_prop('bridge', 'status', 'enabled');
+    $c->set_prop('InternalInterface', 'Name', "$internal");
+    $c->get_prop_and_delete('bridge','OldStatus');
+  }
+}
+
+exit (0);

root/etc/e-smith/templates/usr/lib/systemd/system/dhcpd.service.d/50koozali.conf/41service

@@ -0,0 +1,20 @@
+{
+$interface=$InternalInterface{'Name'}||"hum";
+$bridgeif=(defined $bridge{bridgeInterface} )? $bridge{bridgeInterface}: "";
+#$bridgedif=(defined $bridge{ethernetInterface} ) ? $bridge{ethernetInterface} : undef;
+#$interface=(defined $bridgedif && $bridgedif eq $interface && defined $bridgeif) ? $bridgeif : $interface;
+# extra code if we want to hide the ethernet interface, howecer with only a little noise in dhcp log, we can keep the two intefaces
+$interface=( "$interface"  ne "$bridgeif" && defined $bridgeif ) ? "$interface $bridgeif" : $interface;
+
+$configfile='/etc/dhcpd.conf';
+$leasefile='/var/lib/dhcpd/dhcpd.leases';
+$OUT .="";
+}
+
+[Service]
+# added for bridge interface
+ExecStart=
+ExecStart=/usr/bin/sh -c 'exec /usr/sbin/dhcpd -f -cf /etc/dhcpd.conf -lf /var/lib/dhcpd/dhcpd.leases -user dhcpd -group dhcpd --no-pid {$bridgeif} >>/var/log/dhcpd/current 2>>/var/log/dhcpd/current'
+Restart=always
+RestartSec=5
+

root/sbin/e-smith/systemd/bridge-run

@@ -0,0 +1,181 @@
+#!/bin/bash
+# Bridge service on SME
+# This service will configure a bridge interface on your server
+# allowing each enslaved interfaces to act as a switch port.
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Bridge Interface
+BRIDGE_IF=$(/sbin/e-smith/db configuration getprop bridge bridgeInterface)
+BRIDGE_PROMISC=$(/sbin/e-smith/db configuration getprop bridge Promiscuous)
+
+# Define list of TAP interfaces to be bridged,
+# for example tap="tap0 tap1 tap2".
+# Defaults is tap0
+TAP_IF=$(/sbin/e-smith/db configuration getprop bridge tapInterface)
+# Replace ; and , with spaces
+TAP_IF=$(echo $TAP_IF | sed -e "s/[,;]/ /g")
+
+# Define physical ethernet interface to be bridged
+# with TAP interface(s) above.
+ETH_IF=$(/sbin/e-smith/db configuration getprop bridge ethernetInterface)
+ETH_MAC=$(/sbin/e-smith/db configuration getprop InternalInterface HWAddress)
+ETH_IP=$(/sbin/e-smith/db configuration get LocalIP)
+ETH_MASK=$(/sbin/e-smith/db configuration getprop InternalInterface Netmask)
+
+# System mode: serveronly, server&gateway ...
+MODE=$(/sbin/e-smith/db configuration get SystemMode)
+
+# Path of openvpn binary
+openvpn=""
+openvpn_locations="/usr/sbin/openvpn /usr/local/sbin/openvpn"
+for location in $openvpn_locations
+do
+  if [ -f "$location" ]
+  then
+    openvpn=$location
+  fi
+done
+
+# Check that binary exists
+if ! [ -f  $openvpn ]
+then
+  echo "openvpn binary not found"
+  exit 0
+fi
+
+
+
+# Sub to reconfigure the firewall
+firewall(){
+	/sbin/e-smith/expand-template /etc/rc.d/init.d/masq >/dev/null 2>&1
+	#/sbin/service masq restart >/dev/null 2>&1
+	/usr/bin/systemctl try-restart masq.service >/dev/null 2>&1
+        
+}
+
+# Sub to restart dhcpd
+dhcpd(){
+	#/usr/bin/sv t dhcpd
+	/usr/bin/systemctl try-restart dhcpd.service >/dev/null 2>&1
+}
+
+# Sub to reconfigures routes and defaults gateway
+routes(){
+	# We need to push all the routes of local networks as the interface has changed
+	for NET in $(/sbin/e-smith/db networks keys); do
+		SYSTEM=$(/sbin/e-smith/db networks getprop $NET SystemLocalNetwork)
+		if (! test $SYSTEM); then
+			NETMASK=$(/sbin/e-smith/db networks getprop $NET Mask)
+			ROUTER=$(/sbin/e-smith/db networks getprop $NET Router)
+			/sbin/route add -net $NET netmask $NETMASK gw $ROUTER >/dev/null 2>&1
+		fi
+	done
+
+	# If the server runs in serveronly, we need to reconfigure the default gateway:
+	if [ $MODE == 'serveronly' ]; then
+		GW=$(/sbin/e-smith/db configuration get GatewayIP)
+		/sbin/route add default gw $GW >/dev/null 2>&1
+	fi
+}
+
+start(){
+	# prep : filtering module
+	/usr/sbin/modprobe br_netfilter
+
+	# First, create the bridge interface
+	/usr/sbin/brctl addbr $BRIDGE_IF
+
+	# Then, create the tap interface(s) and enslave it in the bridge one
+	for t in $TAP_IF; do
+	    $openvpn --mktun --dev $t >/dev/null 2>&1
+	    /sbin/ifconfig $t 0.0.0.0 promisc up >/dev/null 2>&1
+	    /usr/sbin/brctl addif $BRIDGE_IF $t >/dev/null 2>&1
+	done
+
+	# Now make the real ethernet interface promiscuous
+	/sbin/ifconfig $ETH_IF 0.0.0.0 promisc up >/dev/null 2>&1
+	sleep 1
+
+	# And add it to the bridge
+	/usr/sbin/brctl addif $BRIDGE_IF $ETH_IF >/dev/null 2>&1
+
+	[ -n "$ETH_MAC" ] && /sbin/ifconfig $BRIDGE_IF hw ether $ETH_MAC
+
+	[ "$BRIDGE_PROMISC" == "yes" ] && /sbin/ifconfig $BRIDGE_IF promisc
+
+	# Now configure the LocalIP on the bridge interface
+	/sbin/e-smith/db configuration setprop InternalInterface Name $BRIDGE_IF
+	/sbin/ifconfig $BRIDGE_IF $ETH_IP netmask $ETH_MASK >/dev/null 2>&1
+
+	# Push the routes for the new interface
+	routes
+
+	# Now we have to reconfigure the firewall
+	firewall
+
+	# And dhcpd (the configuration file is expanded each time the service starts
+	# so no need to do it manually
+	dhcpd
+}
+
+stop(){
+	# Shutdown the bridge and remove it
+	/sbin/ifconfig $BRIDGE_IF down >/dev/null 2>&1
+	/usr/sbin/brctl delbr $BRIDGE_IF >/dev/null 2>&1
+	
+	# Then delete each tap interfaces
+	for t in $TAP_IF; do
+            $openvpn --rmtun --dev $t >/dev/null 2>&1
+	done
+	
+	# Reconfigure the ethernet interface
+	/sbin/e-smith/db configuration setprop InternalInterface Name $ETH_IF
+	/sbin/ifconfig $ETH_IF $ETH_IP netmask $ETH_MASK up -promisc >/dev/null 2>&1
+	
+	# Push the routes
+	routes
+	
+	# restart the firewall
+	firewall
+	
+	# and dhcp
+	dhcpd
+}
+
+case "$1" in
+  start)
+	echo -n $"Starting Bridge Service: "
+  	start
+	RETVAL=$?
+  	;;
+  stop)
+	echo -n $"Stoping Bridge Service: "
+  	stop
+	RETVAL=$?
+  	;;
+  restart)
+	echo -n $"Restarting Bridge Service: "
+  	stop && start
+	RETVAL=$?
+  	;;
+  adjust)
+	echo -n $"Restarting Bridge Service: "
+	stop && start
+	RETVAL=$?
+  	;;
+  *)
+  	echo "Usage: $0 start|stop|restart"
+  ;;
+esac
+
+if [ $RETVAL -eq 0 ]; then
+        echo_success
+else 
+        echo_failure
+fi
+echo
+
+exit $RETVAL
+

root/usr/lib/systemd/system/bridge.service

@@ -0,0 +1,19 @@
+[Unit]
+Description=Bridge Interface for VPN use.
+#After=network.target
+After=network.service
+After=wan.service
+Requires=network.service
+PartOf=network.service
+Before=network-online.target
+
+[Service]
+Type=forking
+ExecStart=/sbin/e-smith/systemd/bridge-run start
+ExecStop=/sbin/e-smith/systemd/bridge-run stop
+RemainAfterExit=true
+Type=oneshot
+
+[Install]
+WantedBy=sme-server.target
+

smeserver-bridge-interface.spec

@@ -0,0 +1,130 @@
+# $Id: smeserver-bridge-interface.spec,v 1.10 2022/12/25 07:16:58 terryfage Exp $
+# Authority: vip-ire
+# Name: Daniel Berteaud
+
+%define version 0.2
+%define release 10
+%define name smeserver-bridge-interface
+
+
+Summary:        Configure a bridge interface
+Name:           %{name}
+Version:        %{version}
+Release:        %{release}%{?dist}
+License:        GPL
+Group:          System/Servers
+Source:         %{name}-%{version}.tar.xz
+
+BuildRoot:      /var/tmp/%{name}-%{version}-%{release}-buildroot
+URL:            http://www.firewall-services.com/
+
+BuildRequires:  e-smith-devtools
+
+Requires:       bridge-utils
+Requires:	openvpn
+Requires: e-smith-base >= 5.8.1-23
+Buildarch:      noarch
+Conflicts:	smeserver-openvpn-bridge.fws
+Conflicts:	smeserver-openvpn-bridge-fws
+AutoReqProv:    no
+
+
+%description
+This package allows you to replace the internal interface with a bridge
+interface (and the original internal interface enslaved to it).
+It's usefull for OpenVPN in bridge mode but can also be used for virtual host
+configuration
+
+%changelog
+* Sat Sep 07 2024 cvs2git.sh aka Brian Read <brianr@koozali.org> 0.2-10.sme
+- Roll up patches and move to git repo [SME: 12338]
+
+* Sat Sep 07 2024 BogusDateBot
+- Eliminated rpmbuild "bogus date" warnings due to inconsistent weekday,
+  by assuming the date is correct and changing the weekday.
+
+* Sun Dec 25 2022 Terry Fage <terry@fage.id.au> 0.2-9.sme
+- make bridge interface compat to e-smith-base on install [SME: 12271]
+
+* Fri Dec 16 2022 Terry Fage <terry@fage.id.au> 0.2-8.sme
+- make bridge interface up on install [SME: 12271]
+
+* Tue Mar 23 2021 Jean-Philippe Pialasse <tests@pialasse.com> 0.2-7.sme
+- make bridge interface up on install [SME: 11485]
+- modify support for dhcp with bridge
+
+* Thu Jan 28 2021 Brian Read <brianr@bjsystems.co.uk> 0.2-6.sme
+- Change-After-in-Service-file-to-network-service-from-target [SME: 11324]
+
+* Sun Jan 24 2021 Brian Read <brianr@bjsystems.co.uk> 0.2-5.sme
+- Add-Restart-to-service-file.patch [SME: 11324 ]
+
+* Sat Jan 23 2021 Brian Read <brianr@bjsystems.co.uk> 0.2-4.sme
+- Move exec to  /sbin/e-smith/systemd/bridge-run, add service file [SME: 11324]
+
+* Thu Jan 14 2021 Brian Read <brianr@bjsystems.co.uk> 0.2-2.sme
+- Initial Import to SME10 [SME: 11324]
+- Update-Createlinks-for-systemd.patch
+
+* Mon Nov 11 2013 Daniel B. <daniel@firewall-services.com> - 0.2-1.sme
+- Rebuild for SME9
+
+* Tue Jun 19 2012 Daniel B. <daniel@firewall-services.com> - 0.1-6.sme
+- Wait after physical interface config
+  (fix a random bug in serveronly mode)
+- Ensure the bridge takes the MAC address of the physical interface
+- Optionally set the bridge interface in promiscuous mode
+
+* Tue Apr 19 2011 Daniel B. <daniel@firewall-services.com> - 0.1-5.sme
+- Fix ifcfg templates expension on SME8 [SME: 6092]
+
+* Fri May 29 2009 Daniel B. <daniel@firewall-services.com> [0.1-4]
+- Enhance init script to display what it's doing (starting/stoping etc...)
+- Cleanup in spec file
+
+* Fri Jan 16 2009 Daniel B. <daniel@firewall-services.com> [0.1-3]
+- Set default status to enabled
+
+* Mon Jan 12 2009 Daniel B. <daniel@firewall-services.com> [0.1-2]
+- possibility to set multiple tap interfaces separated with commas
+
+* Fri Dec 12 2008 Daniel B. <daniel@firewall-services.com> [0.1-1]
+- Set the Name of InternalInterface to br0 when starting
+- Do not set the Name of InternalInterface to br0 if service is disabled
+  (during databases initialization)
+
+* Tue Dec 02 2008 Daniel B. <daniel@firewall-services.com> [0.1-0]
+- initial release
+
+%prep
+
+%setup -q -n %{name}-%{version}
+
+%build
+# Build symlinks
+perl createlinks
+
+%install
+rm -rf $RPM_BUILD_ROOT
+(cd root   ; find . -depth -print | cpio -dump $RPM_BUILD_ROOT)
+/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \
+         > %{name}-%{version}-%{release}-filelist
+
+chmod +x %{buildroot}/sbin/e-smith/systemd/bridge-run
+
+
+%clean
+rm -rf $RPM_BUILD_ROOT
+
+%files -f %{name}-%{version}-%{release}-filelist
+%defattr(-,root,root)
+
+
+%post
+
+%preun
+#if [ $1 = 0 ] ; then
+#  /etc/rc.d/init.d/bridge stop >& /dev/null || :
+#fi
+
+true