aboutsummaryrefslogtreecommitdiffstats
path: root/vnfs/vFW
diff options
context:
space:
mode:
Diffstat (limited to 'vnfs/vFW')
-rw-r--r--vnfs/vFW/scripts/v_firewall_init.sh30
-rw-r--r--vnfs/vFW/scripts/v_firewall_install.sh32
-rw-r--r--vnfs/vFW/scripts/v_packetgen_init.sh26
-rw-r--r--vnfs/vFW/scripts/v_packetgen_install.sh24
-rw-r--r--vnfs/vFW/scripts/v_sink_init.sh12
-rw-r--r--vnfs/vFW/scripts/v_sink_install.sh24
6 files changed, 123 insertions, 25 deletions
diff --git a/vnfs/vFW/scripts/v_firewall_init.sh b/vnfs/vFW/scripts/v_firewall_init.sh
index d277af04..75a55bee 100644
--- a/vnfs/vFW/scripts/v_firewall_init.sh
+++ b/vnfs/vFW/scripts/v_firewall_init.sh
@@ -1,5 +1,26 @@
#!/bin/bash
+# Convert Network CIDR to Netmask
+mask2cidr() {
+ nbits=0
+ IFS=.
+ for dec in $1 ; do
+ case $dec in
+ 255) let nbits+=8;;
+ 254) let nbits+=7;;
+ 252) let nbits+=6;;
+ 248) let nbits+=5;;
+ 240) let nbits+=4;;
+ 224) let nbits+=3;;
+ 192) let nbits+=2;;
+ 128) let nbits+=1;;
+ 0);;
+ *) echo "Error: $dec is not recognized"; exit 1
+ esac
+ done
+ echo "$nbits"
+}
+
# Start VPP
start vpp
sleep 1
@@ -12,6 +33,11 @@ HWADDR2=$(ifconfig eth2 | grep HWaddr | tr -s ' ' | cut -d' ' -f5)
FAKE_HWADDR1=$(echo -n 00; dd bs=1 count=5 if=/dev/urandom 2>/dev/null | hexdump -v -e '/1 ":%02X"')
FAKE_HWADDR2=$(echo -n 00; dd bs=1 count=5 if=/dev/urandom 2>/dev/null | hexdump -v -e '/1 ":%02X"')
+IPADDR1_MASK=$(ifconfig eth1 | grep "Mask" | awk '{print $4}' | awk -F ":" '{print $2}')
+IPADDR1_CIDR=$(mask2cidr $IPADDR1_MASK)
+IPADDR2_MASK=$(ifconfig eth2 | grep "Mask" | awk '{print $4}' | awk -F ":" '{print $2}')
+IPADDR2_CIDR=$(mask2cidr $IPADDR2_MASK)
+
ifconfig eth1 down
ifconfig eth2 down
ifconfig eth1 hw ether $FAKE_HWADDR1
@@ -22,8 +48,8 @@ ifconfig eth1 up
ifconfig eth2 up
vppctl tap connect tap111 hwaddr $HWADDR1
vppctl tap connect tap222 hwaddr $HWADDR2
-vppctl set int ip address tap-0 $IPADDR1"/24"
-vppctl set int ip address tap-1 $IPADDR2"/24"
+vppctl set int ip address tap-0 $IPADDR1"/"$IPADDR1_CIDR
+vppctl set int ip address tap-1 $IPADDR2"/"$IPADDR2_CIDR
vppctl set int state tap-0 up
vppctl set int state tap-1 up
brctl addbr br0
diff --git a/vnfs/vFW/scripts/v_firewall_install.sh b/vnfs/vFW/scripts/v_firewall_install.sh
index 21164383..5ec634e4 100644
--- a/vnfs/vFW/scripts/v_firewall_install.sh
+++ b/vnfs/vFW/scripts/v_firewall_install.sh
@@ -6,6 +6,14 @@ DEMO_ARTIFACTS_VERSION=$(cat /opt/config/demo_artifacts_version.txt)
INSTALL_SCRIPT_VERSION=$(cat /opt/config/install_script_version.txt)
CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
+# Convert Network CIDR to Netmask
+cdr2mask () {
+ # Number of args to shift, 255..255, first non-255 byte, zeroes
+ set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+ [ $1 -gt 1 ] && shift $1 || shift
+ echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
# OpenStack network configuration
if [[ $CLOUD_ENV == "openstack" ]]
then
@@ -17,25 +25,31 @@ then
MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
- VFW_PRIVATE_IP_O=$(cat /opt/config/vfw_private_ip_0.txt)
+ IP=$(cat /opt/config/vfw_private_ip_0.txt)
+ BITS=$(cat /opt/config/unprotected_private_net_cidr.txt | cut -d"/" -f2)
+ NETMASK=$(cdr2mask $BITS)
echo "auto eth1" >> /etc/network/interfaces
echo "iface eth1 inet static" >> /etc/network/interfaces
- echo " address $VFW_PRIVATE_IP_O" >> /etc/network/interfaces
- echo " netmask 255.255.255.0" >> /etc/network/interfaces
+ echo " address $IP" >> /etc/network/interfaces
+ echo " netmask $NETMASK" >> /etc/network/interfaces
echo " mtu $MTU" >> /etc/network/interfaces
- VFW_PRIVATE_IP_1=$(cat /opt/config/vfw_private_ip_1.txt)
+ IP=$(cat /opt/config/vfw_private_ip_1.txt)
+ BITS=$(cat /opt/config/protected_private_net_cidr.txt | cut -d"/" -f2)
+ NETMASK=$(cdr2mask $BITS)
echo "auto eth2" >> /etc/network/interfaces
echo "iface eth2 inet static" >> /etc/network/interfaces
- echo " address $VFW_PRIVATE_IP_1" >> /etc/network/interfaces
- echo " netmask 255.255.255.0" >> /etc/network/interfaces
+ echo " address $IP" >> /etc/network/interfaces
+ echo " netmask $NETMASK" >> /etc/network/interfaces
echo " mtu $MTU" >> /etc/network/interfaces
- VFW_PRIVATE_IP_2=$(cat /opt/config/vfw_private_ip_2.txt)
+ IP=$(cat /opt/config/vfw_private_ip_2.txt)
+ BITS=$(cat /opt/config/onap_private_net_cidr.txt | cut -d"/" -f2)
+ NETMASK=$(cdr2mask $BITS)
echo "auto eth3" >> /etc/network/interfaces
echo "iface eth3 inet static" >> /etc/network/interfaces
- echo " address $VFW_PRIVATE_IP_2" >> /etc/network/interfaces
- echo " netmask 255.255.255.0" >> /etc/network/interfaces
+ echo " address $IP" >> /etc/network/interfaces
+ echo " netmask $NETMASK" >> /etc/network/interfaces
echo " mtu $MTU" >> /etc/network/interfaces
ifup eth1
diff --git a/vnfs/vFW/scripts/v_packetgen_init.sh b/vnfs/vFW/scripts/v_packetgen_init.sh
index ca6571b7..3b8f51ff 100644
--- a/vnfs/vFW/scripts/v_packetgen_init.sh
+++ b/vnfs/vFW/scripts/v_packetgen_init.sh
@@ -1,5 +1,26 @@
#!/bin/bash
+# Convert Network CIDR to Netmask
+mask2cidr() {
+ nbits=0
+ IFS=.
+ for dec in $1 ; do
+ case $dec in
+ 255) let nbits+=8;;
+ 254) let nbits+=7;;
+ 252) let nbits+=6;;
+ 248) let nbits+=5;;
+ 240) let nbits+=4;;
+ 224) let nbits+=3;;
+ 192) let nbits+=2;;
+ 128) let nbits+=1;;
+ 0);;
+ *) echo "Error: $dec is not recognized"; exit 1
+ esac
+ done
+ echo "$nbits"
+}
+
# Start VPP
start vpp
sleep 1
@@ -12,12 +33,15 @@ PROTECTED_NET_CIDR=$(cat /opt/config/protected_net_cidr.txt)
FW_IPADDR=$(cat /opt/config/fw_ipaddr.txt)
SINK_IPADDR=$(cat /opt/config/sink_ipaddr.txt)
+IPADDR1_MASK=$(ifconfig eth1 | grep "Mask" | awk '{print $4}' | awk -F ":" '{print $2}')
+IPADDR1_CIDR=$(mask2cidr $IPADDR1_MASK)
+
ifconfig eth1 down
ifconfig eth1 hw ether $FAKE_HWADDR1
ip addr flush dev eth1
ifconfig eth1 up
vppctl tap connect tap111 hwaddr $HWADDR1
-vppctl set int ip address tap-0 $IPADDR1"/24"
+vppctl set int ip address tap-0 $IPADDR1"/"$IPADDR1_CIDR
vppctl set int state tap-0 up
brctl addbr br0
brctl addif br0 tap111
diff --git a/vnfs/vFW/scripts/v_packetgen_install.sh b/vnfs/vFW/scripts/v_packetgen_install.sh
index c3a510da..dd75278d 100644
--- a/vnfs/vFW/scripts/v_packetgen_install.sh
+++ b/vnfs/vFW/scripts/v_packetgen_install.sh
@@ -6,6 +6,14 @@ DEMO_ARTIFACTS_VERSION=$(cat /opt/config/demo_artifacts_version.txt)
INSTALL_SCRIPT_VERSION=$(cat /opt/config/install_script_version.txt)
CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
+# Convert Network CIDR to Netmask
+cdr2mask () {
+ # Number of args to shift, 255..255, first non-255 byte, zeroes
+ set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+ [ $1 -gt 1 ] && shift $1 || shift
+ echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
# OpenStack network configuration
if [[ $CLOUD_ENV == "openstack" ]]
then
@@ -17,18 +25,22 @@ then
MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
- VPG_PRIVATE_IP_O=$(cat /opt/config/vpg_private_ip_0.txt)
+ IP=$(cat /opt/config/vpg_private_ip_0.txt)
+ BITS=$(cat /opt/config/unprotected_private_net_cidr.txt | cut -d"/" -f2)
+ NETMASK=$(cdr2mask $BITS)
echo "auto eth1" >> /etc/network/interfaces
echo "iface eth1 inet static" >> /etc/network/interfaces
- echo " address $VPG_PRIVATE_IP_O" >> /etc/network/interfaces
- echo " netmask 255.255.255.0" >> /etc/network/interfaces
+ echo " address $IP" >> /etc/network/interfaces
+ echo " netmask $NETMASK" >> /etc/network/interfaces
echo " mtu $MTU" >> /etc/network/interfaces
- VPG_PRIVATE_IP_1=$(cat /opt/config/vpg_private_ip_1.txt)
+ IP=$(cat /opt/config/vpg_private_ip_1.txt)
+ BITS=$(cat /opt/config/onap_private_net_cidr.txt | cut -d"/" -f2)
+ NETMASK=$(cdr2mask $BITS)
echo "auto eth2" >> /etc/network/interfaces
echo "iface eth2 inet static" >> /etc/network/interfaces
- echo " address $VPG_PRIVATE_IP_1" >> /etc/network/interfaces
- echo " netmask 255.255.255.0" >> /etc/network/interfaces
+ echo " address $IP" >> /etc/network/interfaces
+ echo " netmask $NETMASK" >> /etc/network/interfaces
echo " mtu $MTU" >> /etc/network/interfaces
ifup eth1
diff --git a/vnfs/vFW/scripts/v_sink_init.sh b/vnfs/vFW/scripts/v_sink_init.sh
index 77f4296c..7975d435 100644
--- a/vnfs/vFW/scripts/v_sink_init.sh
+++ b/vnfs/vFW/scripts/v_sink_init.sh
@@ -1,7 +1,17 @@
#!/bin/bash
+# Convert Network CIDR to Netmask
+cdr2mask () {
+ # Number of args to shift, 255..255, first non-255 byte, zeroes
+ set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+ [ $1 -gt 1 ] && shift $1 || shift
+ echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
# Set the IP address of the protected network interface of the vFirewall as a default gateway to the unprotected network
PROTECTED_NET_GW=$(cat /opt/config/protected_net_gw.txt)
UNPROTECTED_NET=$(cat /opt/config/unprotected_net.txt | cut -d'/' -f1)
+BITS=$(cat /opt/config/unprotected_net.txt | cut -d"/" -f2)
+NETMASK=$(cdr2mask $BITS)
-route add -net $UNPROTECTED_NET netmask 255.255.255.0 gw $PROTECTED_NET_GW
+route add -net $UNPROTECTED_NET netmask $NETMASK gw $PROTECTED_NET_GW
diff --git a/vnfs/vFW/scripts/v_sink_install.sh b/vnfs/vFW/scripts/v_sink_install.sh
index 32c6167f..71bab414 100644
--- a/vnfs/vFW/scripts/v_sink_install.sh
+++ b/vnfs/vFW/scripts/v_sink_install.sh
@@ -4,6 +4,14 @@ REPO_URL_BLOB=$(cat /opt/config/repo_url_blob.txt)
INSTALL_SCRIPT_VERSION=$(cat /opt/config/install_script_version.txt)
CLOUD_ENV=$(cat /opt/config/cloud_env.txt)
+# Convert Network CIDR to Netmask
+cdr2mask () {
+ # Number of args to shift, 255..255, first non-255 byte, zeroes
+ set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
+ [ $1 -gt 1 ] && shift $1 || shift
+ echo ${1-0}.${2-0}.${3-0}.${4-0}
+}
+
# OpenStack network configuration
if [[ $CLOUD_ENV == "openstack" ]]
then
@@ -15,18 +23,22 @@ then
MTU=$(/sbin/ifconfig | grep MTU | sed 's/.*MTU://' | sed 's/ .*//' | sort -n | head -1)
- VSN_PRIVATE_IP_O=$(cat /opt/config/vsn_private_ip_0.txt)
+ IP=$(cat /opt/config/vsn_private_ip_0.txt)
+ BITS=$(cat /opt/config/protected_private_net_cidr.txt | cut -d"/" -f2)
+ NETMASK=$(cdr2mask $BITS)
echo "auto eth1" >> /etc/network/interfaces
echo "iface eth1 inet static" >> /etc/network/interfaces
- echo " address $VSN_PRIVATE_IP_O" >> /etc/network/interfaces
- echo " netmask 255.255.255.0" >> /etc/network/interfaces
+ echo " address $IP" >> /etc/network/interfaces
+ echo " netmask $NETMASK" >> /etc/network/interfaces
echo " mtu $MTU" >> /etc/network/interfaces
- VSN_PRIVATE_IP_1=$(cat /opt/config/vsn_private_ip_1.txt)
+ IP=$(cat /opt/config/vsn_private_ip_1.txt)
+ BITS=$(cat /opt/config/onap_private_net_cidr.txt | cut -d"/" -f2)
+ NETMASK=$(cdr2mask $BITS)
echo "auto eth2" >> /etc/network/interfaces
echo "iface eth2 inet static" >> /etc/network/interfaces
- echo " address $VSN_PRIVATE_IP_1" >> /etc/network/interfaces
- echo " netmask 255.255.255.0" >> /etc/network/interfaces
+ echo " address $IP" >> /etc/network/interfaces
+ echo " netmask $NETMASK" >> /etc/network/interfaces
echo " mtu $MTU" >> /etc/network/interfaces
ifup eth1