#!/bin/bash # Copyright (C) 2010-2023 Pädagogisches Landesinstitut Rheinland-Pfalz # Copyright (C) 2022-2023 Mike Gabriel # Copyright (C) 2022-2023 Daniel Teichmann # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the # Free Software Foundation, Inc., # 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. set -e . /usr/share/debconf/confmodule || exit 255 common_file="/usr/share/debian-edu-router/debian-edu-router.common" # Load common functions, variables and stuff. if [ -s "$common_file" ]; then source "$common_file" else echo "Could not load common file at "$common_file"." # touch /tmp/debian-edu-router-config-counter exit 0; fi if [ -e /etc/debian-edu/router.conf ]; then source /etc/debian-edu/router.conf fi PRODUCTNAME="${PRODUCTNAME:-"Debian Edu Router"}" PACKAGE_NAME="debian-edu-router-config" db_title "${PRODUCTNAME}" # # FIXME: Only every other config-try would open debconf questions. # if ! [ -f "/tmp/debian-edu-router-config-counter" ]; then # debug_log "Skip first execution of config script." # touch /tmp/debian-edu-router-config-counter # exit 0; # fi # rm /tmp/debian-edu-router-config-counter || true # Returns $existing_uplink_iface. function get_uplink_iface_in_interface_file() { # Tests internet connection (also needs working domain name resolution). has_internet_connection if [ $has_internet_connection != "true" ]; then notice_log "No working internet connection was found." return fi # Every interface defined in /etc/network/interfaces{.d/*} ifaces_in_interfaces_file=($(get_non_d_e_r_ifaces)) # Every interface which has at least one default route. ifaces_with_default_route=($(ip route | grep -E "^default via" | awk '{print $5}' | tr '\n' ' ')) # Interfaces which are defined in /etc/network/interfaces{.d/*} and have a default route. uplinks_in_interface_file=($(intersect_comma_separated_items "${ifaces_in_interfaces_file[*]}" "${ifaces_with_default_route[*]}")) if ! [ $(echo "${#uplinks_in_interface_file[@]}") -eq 1 ]; then if [ $(echo "${#uplinks_in_interface_file[@]}") -lt 1 ]; then debug_log "There is an internet connection available, but couldn't find source of it in /etc/network/interfaces." return fi if ! [ $(echo "${#uplinks_in_interface_file[@]}") -gt 1 ]; then notice_log "Multiple possible uplinks found. Network situation is too ambiguous to just randomly select one interface." return fi fi existing_uplink_iface="${uplinks_in_interface_file}" # Yes, no [@]. } function get_existing_uplink_information() { if [[ "$existing_uplink_available" = "true" ]]; then # debug_log "Using cached existing uplink information:" # debug_log "\texisting_uplink_available - $existing_uplink_available" # debug_log "\texisting_uplink_method - $existing_uplink_method" # debug_log "\texisting_uplink_gateway - $existing_uplink_gateway" # debug_log "\texisting_uplink_address - $existing_uplink_address" # debug_log "\texisting_uplink_subnetmask - $existing_uplink_subnetmask" # debug_log "\texisting_uplink_nameservers - $existing_uplink_nameservers" return else # Delete cache existing_uplink_available="" existing_uplink_method="" existing_uplink_gateway="" existing_uplink_address="" existing_uplink_subnetmask="" existing_uplink_nameservers="" fi get_uplink_iface_in_interface_file if [ -z "$existing_uplink_iface" ]; then notice_log "Could not find existing Uplink interface." return fi if [ -n "$(ip a | grep $existing_uplink_iface | grep dynamic)" ]; then existing_uplink_method="dhcp" existing_uplink_address="$(ip a | grep $existing_uplink_iface | grep inet | awk -F '/' '{ print $1 }' | awk '{ print $2 }')" existing_uplink_subnetmask="$(ip a | grep $existing_uplink_iface | grep inet | awk -F '/' '{ print $2 }' | awk '{ print $1 }')" else existing_uplink_method="static" existing_uplink_gateway=$(ip route | grep -E "^default via" | grep "${existing_uplink_iface}" | awk '{print $3}') existing_uplink_address="$(ip a | grep $existing_uplink_iface | grep inet | awk -F '/' '{ print $1 }' | awk '{ print $2 }')" existing_uplink_subnetmask="$(ip a | grep $existing_uplink_iface | grep inet | awk -F '/' '{ print $2 }' | awk '{ print $1 }')" existing_uplink_nameservers="$(cat /etc/resolv.conf | grep nameserver | awk '{print $2}' | tr '\n' ' ')" if !([ "$IPV4" == true ] && is_address_v4 "${existing_uplink_gateway}") && !([ "$IPV6" == true ] && is_address_v6 "${existing_uplink_gateway}"); then notice_log "Could not find existing and working Uplink interface. No gateway." return fi if !([ "$IPV4" == true ] && is_netmask_v4 "${existing_uplink_subnetmask}") && !([ "$IPV6" == true ] && is_netmask_v6 "${existing_uplink_subnetmask}"); then notice_log "Could not find existing and working Uplink interface. No subnetmask." return fi if [ -z "$existing_uplink_nameservers" ]; then notice_log "Could not find existing and working Uplink interface. No DNS servers." return fi fi if !([ "$IPV4" == true ] && is_address_v4 "${existing_uplink_address}") && !([ "$IPV6" == true ] && is_address_v6 "${existing_uplink_address}"); then notice_log "Could not find existing and working Uplink interface. No uplink address." return fi if [ -z "$existing_uplink_method" ] || [ -z "$existing_uplink_subnetmask" ]; then notice_log "Could not find existing and working Uplink interface." return fi existing_uplink_available="true" debug_log "An existing Uplink interface was found. It got its IP '$existing_uplink_address/$existing_uplink_subnetmask' via $existing_uplink_method." } function get_non_d_e_r_ifaces() { ifaces_dir="/etc/network/interfaces.d" # Find all files *not* managed by d-e-r readarray -d '' not_d_e_r_files < <(find "$ifaces_dir" -type f -not -name "??_d-e-r_*" -print0) # Add /etc/network/interfaces (if its size is over 0 bytes) if [ -s "/etc/network/interfaces" ]; then not_d_e_r_files+=(/etc/network/interfaces) fi if [ -n "${not_d_e_r_files[*]}" ]; then # Find all interfaces configured in those files (except if commented out) echo `cat "${not_d_e_r_files[@]}" | grep -P '^(?=[\s]*+[^#])[^#]*(iface)' | grep -v "iface lo" | awk '{print $2}'` fi } # $1: The state you want. Options: # - 'online' or '1' # - 'offline' or '0' # $@: All the ifaces in a space-separated list # Returns $_return_ifaces: All interfaces with desired online status separated # by spaces. function filter_ifaces_by_online_status() { _ifaces_connected=(${@:2}) if [ "$1" == "online" ]; then desired_state="1" elif [ "$1" == "offline" ]; then desired_state="0" elif [ "$1" == "1" ]; then desired_state="1" elif [ "$1" == "0" ]; then desired_state="0" else error_log "filter_ifaces_by_online_status(): Desired state '$1' is not" \ "supported." exit 1 fi for iface in ${_ifaces_connected[@]}; do if [[ -z "$(ip link show dev "$iface" up)" ]]; then ip link set dev "$iface" up was_down=true debug_log_stderr "$iface: Waiting for iface to get up." while [[ -z "$(ip link show dev "$iface" up)" ]]; do sleep 0.1s done fi carrier="$(cat /sys/class/net/"$iface"/carrier)" if [[ "$carrier" -eq "$desired_state" ]] ; then _return_ifaces+=("$iface") fi if [[ "$carrier" -eq 1 ]] ; then debug_log_stderr "O - Interface '$iface' has a network cable attached." else debug_log_stderr "X - Interface '$iface' doesn't have a network cable attached." fi if [ "$was_down" == true ]; then ip link set dev "$iface" down was_down=false debug_log_stderr " - Also interface '$iface' is down.\n" fi done } # # Input: none # Output: none # function set_all_available_ifaces_up() { ifaces_manually_configured=($(get_non_d_e_r_ifaces)) if [ -z "${TEST_MODE}" ]; then ifaces_connected=($(ip a | grep -E "^[0-9]+:.*" | awk '{ print $2 }' | sed -e "s/:.*//" \ | grep -v "@" | grep -v -E '(lo|tun[0-9]+|vnet[0-9]+|virbr[0-9]+|lxcbr[0-9]+|docker[0-9]+|br-[a-f0-9]{12})' \ | tr '\n' ' ')) # Filter out manually configured ifaces. for i in "${ifaces_manually_configured[@]}"; do ifaces_connected=(${ifaces_connected[@]/$i/}) done for iface in "${ifaces_connected[@]}"; do if [[ -z "$(ip link show dev "$iface" up)" ]]; then ip link set dev "$iface" up warning_log_stderr "Raising network interface '$iface'." while [[ -z "$(ip link show dev "$iface" up)" ]]; do sleep 0.1s done fi done fi } # # Input: none # Output: comma-separated list of all available interfaces (with a cable connected). # TODO: Extract ifaces_connected part into own function in commons file. # Then update set_all_available_ifaces_up and available_network_interfaces_offline too. # function available_network_interfaces_online() { ifaces_manually_configured=($(get_non_d_e_r_ifaces)) if [ -z "${TEST_MODE}" ]; then ifaces_connected=($(ip a | grep -E "^[0-9]+:.*" | awk '{ print $2 }' | sed -e "s/:.*//" \ | grep -v "@" | grep -v -E '(lo|tun[0-9]+|vnet[0-9]+|virbr[0-9]+|lxcbr[0-9]+|docker[0-9]+|br-[a-f0-9]{12})' \ | tr '\n' ' ')) # Filter out manually configured ifaces. for i in "${ifaces_manually_configured[@]}"; do ifaces_connected=(${ifaces_connected[@]/$i/}) done # Now filter out ifaces which are not ONLINE declare -a _return_ifaces filter_ifaces_by_online_status "online" "${ifaces_connected[@]}" ifaces_connected=(${_return_ifaces[@]}"") debug_log_stderr "Following ifaces are online right now: '${ifaces_connected[@]}'." echo "${ifaces_connected[@]}" | sed -e 's| $||' -e 's| |, |g' else echo "eth0, eth2, eth3, eth5, eth6, eth7, eth9" fi } function available_network_interfaces_offline() { ifaces_manually_configured=($(get_non_d_e_r_ifaces)) if [ -z "${TEST_MODE}" ]; then ifaces_connected=($(ip a | grep -E "^[0-9]+:.*" | awk '{ print $2 }' | sed -e "s/:.*//" | grep -v "@" \ | grep -v -E '(lo|tun[0-9]+|vnet[0-9]+|virbr[0-9]+|lxcbr[0-9]+|docker[0-9]+|br-[a-f0-9]{12})' \ | tr '\n' ' ')) # Filter out manually configured ifaces. for i in "${ifaces_manually_configured[@]}"; do ifaces_connected=(${ifaces_connected[@]/$i/}) done echo "${ifaces_connected[@]}" | sed -e 's| $||' -e 's| |, |g' else echo "eth0, eth1, eth2, eth3, eth4, eth5, eth6, eth7, eth8, eth9" fi } function available_network_interfaces_description_extended() { field="ID_MODEL_FROM_DATABASE" ifaces_connected=$(echo ${@} | sed -e "s/, / /g") for iface in ${ifaces_connected}; do if [ -n "${TEST_MODE}" ]; then echo "${iface} - Network test adapter ${iface}" else if ! [ -e "/sys/class/net/${iface}" ]; then error_log "Interface '${iface}' does not exist!" debug_log "Currently in available_network_interfaces_description_extended($@) function." exit 1 continue fi iface_description=`udevadm info /sys/class/net/${iface} | grep "${field}" | sed -rn -e "s/^E: $field=(.+)/\1/p" | sed -e "s/ /_/g" || true` iface_macaddress=`ip addr show ${iface} | grep "link/ether" | grep -o -E ..:..:..:..:..:.. | head -1` echo "${iface} (${iface_macaddress}) - ${iface_description}" fi done } # Calculates necessary stuff and then shows the # 'debian-edu-router-config/warn-not-enough-ifaces-available' dialog to the user. # Input: $supported_internal_networks # Input: $supported_internal_networks_via_vlan function prepare_dialog_warn_not_enough_ifaces_available () { need_own_ifaces="$(compare_comma_separated_items "$supported_internal_networks" "$supported_internal_networks_via_vlan")" num_need_own_ifaces="$(echo "$need_own_ifaces" | wc -w)" num_vlans="0" num_ifaces_vlan="0" if [[ -n "$supported_internal_networks_via_vlan" ]]; then # We don't support more than one VLAN trunks num_vlans="$(echo "$supported_internal_networks_via_vlan" | wc -w)" num_ifaces_vlan="1" fi # +1 because of Uplink num_total_ifaces_needed="$((num_ifaces_vlan + num_need_own_ifaces + 1))" if [[ "$num_total_ifaces_needed" -gt "$(echo "$IFACES_AVAILABLE" | wc -w)" ]]; then num_networks="$(echo $supported_internal_networks | wc -w)" db_subst debian-edu-router-config/warn-not-enough-ifaces-available num_networks "$num_networks" db_subst debian-edu-router-config/warn-not-enough-ifaces-available num_networks_via_vlan "$num_vlans" db_subst debian-edu-router-config/warn-not-enough-ifaces-available num_ifaces "$(echo "$IFACES_AVAILABLE" | wc -w)" db_subst debian-edu-router-config/warn-not-enough-ifaces-available num_total_ifaces "$num_total_ifaces_needed" fi } # prepare debconf export DC_PRIO_LOW="medium" export DC_PRIO_HIGH="high" db_version 2.0 db_capb backup escape # If we don't run this script for the first time, make sure we know what IP # proto versions are enabled for non-network configuration steps, what internal # networks are enabled and what internal networks have static IP address set. # # This is really important for cases where the sysadmin chooses to skip network # settings. We can't populate the IPV4 and IPV6 variables from within the while # loop, so let's preset these values in case networking set up gets skipped. # # Sets IPV4 and IPV6 bool variables. parse_ip_versions db_get debian-edu-router-config/net-int-supportednetworks supported_internal_networks="${RET}" db_get debian-edu-router-config/net-networks-staticip-v4 net_networks_staticip_v4="${RET}" db_get debian-edu-router-config/net-networks-staticip-v6 net_networks_staticip_v6="${RET}" if [ "${CONFIGURE_ONLY}" = "NETWORK_IFACE_ASSIGNMENTS" ]; then STATE=1 QCOUNT=23 elif [ "${CONFIGURE_ONLY}" = "NETWORK_ADDRESS_ASSIGNMENTS" ]; then STATE=23 QCOUNT=49 elif [ "${CONFIGURE_ONLY}" = "NETWORK_ALL" ]; then STATE=1 QCOUNT=49 elif [ "${CONFIGURE_ONLY}" = "FIREWALL_ALL" ]; then STATE=50 QCOUNT=55 elif [ "${CONFIGURE_ONLY}" = "SERVICES_ALL" ]; then STATE=56 QCOUNT=66 elif [ "${CONFIGURE_ONLY}" = "SERVICE_SSH" ]; then STATE=56 QCOUNT=56 elif [ "${CONFIGURE_ONLY}" = "SERVICE_DHCP" ]; then STATE=57 QCOUNT=66 elif [ "${CONFIGURE_ONLY}" = "NOT_IMPLEMENTED" ]; then STATE=67 QCOUNT=67 elif [ "${SKIP_DEBCONF_QUESTIONS_CONFIG}" == "1" ]; then STATE=999 QCOUNT=999 else STATE=0 # Include IP forwarding consent question (excluded above) QCOUNT=66 fi # Define a starting point that cannot be skipped by going back BACKSTOP=${STATE} debug_log "Picked up the following debconf-question state-machine settings for ${PACKAGE_NAME}.config:" debug_log " - SKIP_DEBCONF_QUESTIONS_CONFIG='${SKIP_DEBCONF_QUESTIONS_CONFIG}'." debug_log " - CONFIGURE_ONLY= '${CONFIGURE_ONLY}'." debug_log " - STATE= '${STATE}'." debug_log " - QCOUNT= '${QCOUNT}'." debug_log " - BACKSTOP= '${BACKSTOP}'." debug_log " - Script arguments= '${0} $@'." # Failure counters: Some question don't allow empty input or similar. # We can't re-ask questions endlessly, but need to bail out at some point. FCOUNTER=0 # default behaviour should be that steps go UP rather than down. # we have this variable to track in which direction we are currently going # for example if the user wants to backup a step at step 17 # and step 16 should be skipped (for whatever reason) then we should move on # to step *15* instead of step 17! STATE_DIRECTION=1 # setup milestones # when configuring a new milestone, please test if backing up from that # milestone does work as expected! NETWORK_SETUP_QUESTION=1 NETWORK_SETUP_FIRST=2 NETWORK_SETUP_LAST=49 NETWORK_SETUP_SKIP_VLAN=15 # One step after last VLAN question. # set these flags to false at start db_set debian-edu-router-config/skip-networking-if-not-enough-ifaces-available false db_set debian-edu-router-config/skip-networking-if-not-enough-ifaces-non-configured false db_set debian-edu-router-config/adopt-manual-uplink-settings false function statemachine() { while [ ${STATE} -gt -1 ] && [ ${STATE} -le ${QCOUNT} ] && [ ${STATE} -ge ${BACKSTOP} ]; do debug_log "We are currently at step ${cyan}$STATE${normal}." # ask questions case "${STATE}" in 0) db_input ${DC_PRIO_HIGH} debian-edu-router-config/ip-forwarding-consent || true ;; 1) db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-setup-mode || true ;; 2) ### ### Network Interface Assignments ### if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then # Counts how many times the user has to click ok, while not # only Uplink is connected, to make d-e-r abort. NUM_TRIES_DISCONNECT_ALL_INTERFACES=3 IFACES_AVAILABLE="" while [ -z "${IFACES_AVAILABLE}" ]; do if [ $NUM_TRIES_DISCONNECT_ALL_INTERFACES -le 0 ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-failed-to-disconnect-all-interfaces || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi IFACES_AVAILABLE="" break fi # Interfaces could be down. # For example because of power saving reasons. set_all_available_ifaces_up db_subst debian-edu-router-config/net-disconnect-all-interfaces num_tries $NUM_TRIES_DISCONNECT_ALL_INTERFACES db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-disconnect-all-interfaces || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi NUM_TRIES_DISCONNECT_ALL_INTERFACES=$(($NUM_TRIES_DISCONNECT_ALL_INTERFACES - 1)) if [ -z "${TEST_MODE}" ]; then IFACES_AVAILABLE=$(available_network_interfaces_online) # Test if IFACES_AVAILABLE contains multiple ifaces. if [ -n "$(echo "$IFACES_AVAILABLE" | grep ",")" ]; then IFACES_AVAILABLE="" fi else IFACES_AVAILABLE="eth0" fi done # broken out of the while loop if [ -z "${IFACES_AVAILABLE}" ]; then # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" continue fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [[ "$existing_uplink_available" = "true" ]]; then db_set debian-edu-router-config/net-ext-iface-uplink "$existing_uplink_iface" fi else db_subst debian-edu-router-config/net-ext-iface-uplink choices "${IFACES_AVAILABLE}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${IFACES_AVAILABLE}") db_subst debian-edu-router-config/net-ext-iface-uplink extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-iface-uplink || true fi fi ;; 3) db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-supportednetworks || true ;; 4) db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-with-vlans || true ;; 5) db_get debian-edu-router-config/net-int-with-vlans if [ "${RET}" = "false" ]; then db_set debian-edu-router-config/net-int-iface-vlan "" # Prevent asking this question if vlans shouldn't be configured. STATE=$(($STATE + $STATE_DIRECTION)) continue fi # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-vlan || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth1" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) if [ -z "${nic_choices}" ]; then # An empty choice is not acceptable here, tolerate re-asking 5 times FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-vlan ${FCOUNTER} 5 # Re-Ask question continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-vlan choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-vlan extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-vlan || true fi ;; 6) db_get debian-edu-router-config/net-int-with-vlans if [ "${RET}" = "false" ]; then db_set debian-edu-router-config/net-int-iface-vlan "" # Prevent asking this question if vlans shouldn't be configured. STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 3. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 3 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=3 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else db_subst debian-edu-router-config/net-int-supportednetworks-via-vlan choices "${supported_internal_networks}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-supportednetworks-via-vlan || true fi ;; 7) if echo "${supported_internal_networks_via_vlan}" | grep -q "OpenLAN" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-openlan || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 8) if echo "${supported_internal_networks_via_vlan}" | grep -q "Education" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-education || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 9) if echo "${supported_internal_networks_via_vlan}" | grep -q "Mgmt" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-mgmt || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 10) if echo "${supported_internal_networks_via_vlan}" | grep -q "School-Administration" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-schooladministration || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 11) if echo "${supported_internal_networks_via_vlan}" | grep -q "WiFi-Students" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-wifistudents || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 12) if echo "${supported_internal_networks_via_vlan}" | grep -q "WiFi-Teachers" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-wifiteachers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 13) if echo "${supported_internal_networks_via_vlan}" | grep -q "WiFi-Guests" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-wifiguests || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 14) if echo "${supported_internal_networks_via_vlan}" | grep -q "Printers" ; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-vlanid-printers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 15) if echo "${supported_internal_networks}" | grep -q "OpenLAN" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "OpenLAN"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-openlan || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth2" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-openlan ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-openlan choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-openlan extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-openlan || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 16) if echo "${supported_internal_networks}" | grep -q "Education" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "Education"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-education || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth3" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) is_supported "openlan" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-openlan ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-education ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-education choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-education extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-education || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 17) if echo "${supported_internal_networks}" | grep -q "Mgmt" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "Mgmt"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-mgmt || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth4" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) is_supported "openlan" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-openlan ${nic_choices}) is_supported "education" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-education ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-mgmt ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-mgmt choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-mgmt extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-mgmt || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 18) if echo "${supported_internal_networks}" | grep -q "School-Administration" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "School-Administration"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-schooladministration || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth4" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) is_supported "openlan" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-openlan ${nic_choices}) is_supported "education" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-education ${nic_choices}) is_supported "mgmt" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-mgmt ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-schooladministration ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-schooladministration choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-schooladministration extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-schooladministration || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 19) if echo "${supported_internal_networks}" | grep -q "WiFi-Students" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "WiFi-Students"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-wifistudents || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth5" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) is_supported "openlan" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-openlan ${nic_choices}) is_supported "education" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-education ${nic_choices}) is_supported "mgmt" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-mgmt ${nic_choices}) is_supported "schooladministration" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-schooladministration ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-wifistudents ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-wifistudents choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-wifistudents extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-wifistudents || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 20) if echo "${supported_internal_networks}" | grep -q "WiFi-Teachers" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "WiFi-Teachers"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-wifiteachers || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth6" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) is_supported "openlan" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-openlan ${nic_choices}) is_supported "education" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-education ${nic_choices}) is_supported "mgmt" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-mgmt ${nic_choices}) is_supported "schooladministration" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-schooladministration ${nic_choices}) is_supported "wifi-students" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-wifistudents ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-wifiteachers ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-wifiteachers choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-wifiteachers extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-wifiteachers || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 21) if echo "${supported_internal_networks}" | grep -q "WiFi-Guests" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "WiFi-Guests"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-wifiguests || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth7" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) is_supported "openlan" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-openlan ${nic_choices}) is_supported "education" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-education ${nic_choices}) is_supported "mgmt" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-mgmt ${nic_choices}) is_supported "schooladministration" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-schooladministration ${nic_choices}) is_supported "wifi-students" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-wifistudents ${nic_choices}) is_supported "wifi-teachers" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-wifiteachers ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-wifiguests ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-wifiguests choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-wifiguests extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-wifiguests || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 22) if echo "${supported_internal_networks}" | grep -q "Printers" && \ ! echo "${supported_internal_networks_via_vlan}" | grep -q "Printers"; then # Make sure original $IFACES_AVAILABLE does not get lost. _IFACES_AVAILABLE="$IFACES_AVAILABLE" if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-connect-int-iface-printers || true if ! db_go; then # Backing up a step. STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) continue fi if [ -z "${TEST_MODE}" ]; then _IFACES_AVAILABLE=$(available_network_interfaces_online) else _IFACES_AVAILABLE="eth8" fi fi if [ $STATE_DIRECTION -eq -1 ]; then # This means the user backed up to this step but we need # data provided by step 1. # So we just bypass the db_go if-clause down below for one time # and simulate coming from step 1 so that data can be prepared # for this step. Finally we'll jump back to this step again. now_state="${STATE}" STATE=1 ORIGIN_STATE=${now_state} BYPASS_DB_GO=true debug_log "Simulating step ${cyan}${STATE}" \ "to get data needed by step ${cyan}${now_state}${green}." else nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${_IFACES_AVAILABLE}) nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-vlan ${nic_choices}) is_supported "openlan" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-openlan ${nic_choices}) is_supported "education" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-education ${nic_choices}) is_supported "mgmt" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-mgmt ${nic_choices}) is_supported "schooladministration" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-schooladministration ${nic_choices}) is_supported "wifi-students" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-wifistudents ${nic_choices}) is_supported "wifi-teachers" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-wifiteachers ${nic_choices}) is_supported "wifi-guests" && nic_choices=$(filter_debconf_item debian-edu-router-config/net-int-iface-wifiguests ${nic_choices}) if [ -z "${nic_choices}" ]; then if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then bailout_on_too_many_failures debian-edu-router-config/net-connect-int-iface-printers ${FCOUNTER} 5 FCOUNTER="$((FCOUNTER+1))" else # An empty choice list is not acceptable here prepare_dialog_warn_not_enough_ifaces_available db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true warning_log "There are not enough network interfaces available! Going back to setup mode question." # Reset current d-e-r configuration progress. db_set debian-edu-router-config/net-setup-mode "" STATE="$NETWORK_SETUP_QUESTION" fi continue fi FCOUNTER=0 db_subst debian-edu-router-config/net-int-iface-printers choices "${nic_choices}" nic_choices_description_extended=$(available_network_interfaces_description_extended "${nic_choices}") db_subst debian-edu-router-config/net-int-iface-printers extended "$(echo -e "${nic_choices_description_extended}" | debconf-escape -e)" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-printers || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 23) # This questions sets $IPV4 & $IPV6. db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ip-versions-enabled || true ;; ### ### Network IPv4/IPv6 Addresses ### 24) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ]; then if [ "${existing_uplink_method}" = "static" ]; then db_get debian-edu-router-config/net-networks-staticip-v4 db_set debian-edu-router-config/net-networks-staticip-v4 "$(unique_comma_separated_items "Uplink" "$RET")" else db_get debian-edu-router-config/net-networks-staticip-v4 db_set debian-edu-router-config/net-networks-staticip-v4 "$(filter_item "Uplink" "$RET")" fi fi fi db_subst debian-edu-router-config/net-networks-staticip-v4 choices "Uplink, ${supported_internal_networks}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-networks-staticip-v4 || true ;; 25) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ]; then if [ "${existing_uplink_method}" = "dhcp" ]; then db_get debian-edu-router-config/net-networks-dhcpclient-v4 db_set debian-edu-router-config/net-networks-dhcpclient-v4 "$(unique_comma_separated_items "Uplink" "$RET")" else db_get debian-edu-router-config/net-networks-dhcpclient-v4 db_set debian-edu-router-config/net-networks-dhcpclient-v4 "$(filter_item "Uplink" "$RET")" fi fi fi db_subst debian-edu-router-config/net-networks-dhcpclient-v4 choices "${net_networks_dhcpclient_v4}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-networks-dhcpclient-v4 || true ;; 26) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ] && [ "${existing_uplink_method}" = "static" ]; then db_get debian-edu-router-config/net-networks-staticip-v6 db_set debian-edu-router-config/net-networks-staticip-v6 "$(unique_comma_separated_items "Uplink" "$RET")" fi fi db_subst debian-edu-router-config/net-networks-staticip-v6 choices "Uplink, ${supported_internal_networks}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-networks-staticip-v6 || true ;; 27) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi db_subst debian-edu-router-config/net-networks-auto-v6 choices "${net_networks_auto_v6}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-networks-auto-v6 || true ;; 28) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi db_subst debian-edu-router-config/net-networks-dhcpclient-v6 choices "${net_networks_dhcpclient_v6}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-networks-dhcpclient-v6 || true ;; 29) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "Uplink"; then db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ] && [ "${existing_uplink_method}" = "static" ]; then db_set debian-edu-router-config/net-ext-address-v4-uplink "$existing_uplink_address/$existing_uplink_subnetmask" fi else db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-address-v4-uplink || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 30) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "Uplink"; then db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ] && [ "${existing_uplink_method}" = "static" ]; then db_set debian-edu-router-config/net-ext-address-v6-uplink "$existing_uplink_address/$existing_uplink_subnetmask" fi else db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-address-v6-uplink || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 31) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "Uplink"; then db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ] && [ "${existing_uplink_method}" = "static" ]; then db_set debian-edu-router-config/net-ext-gateway-v4-uplink "$existing_uplink_gateway" fi else db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-gateway-v4-uplink || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 32) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "Uplink"; then db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ] && [ "${existing_uplink_method}" = "static" ]; then db_set debian-edu-router-config/net-ext-gateway-v6-uplink "$existing_uplink_gateway" fi else db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-gateway-v6-uplink || true fi else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 33) db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then get_existing_uplink_information if [ "$existing_uplink_available" = "true" ] && [ "${existing_uplink_method}" = "static" ]; then db_set debian-edu-router-config/net-ext-nameservers-uplink "$existing_uplink_nameservers" fi else db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-nameservers-uplink || true fi ;; 34) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "OpenLAN"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-openlan || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 35) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "OpenLAN"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-openlan || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 36) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "Education"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-education || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 37) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "Education"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-education || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 38) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "Mgmt"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-mgmt || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 39) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "Mgmt"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-mgmt || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 40) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "School-Administration"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-schooladministration || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 41) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "School-Administration"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-schooladministration || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 42) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "WiFi-Students"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-wifistudents || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 43) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "WiFi-Students"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-wifistudents || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 44) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "WiFi-Teachers"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-wifiteachers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 45) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "WiFi-Teachers"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-wifiteachers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 46) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "WiFi-Guests"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-wifiguests || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 47) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "WiFi-Guests"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-wifiguests || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 48) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v4}" | grep -q "Printers"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v4-printers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 49) # Special case: User backed up after skipping network setup. if [[ -n "$USER_SKIPPED_NETWORK_SETUP" ]]; then # We are going to $NETWORK_SETUP_QUESTION - 1 because # STATE control goes directly to $NETWORK_SETUP_QUESTION + 1 # This causes a bug if one has failed STEP-BY-STEP setup, # was sent to the network-setup question again, skipped # network-setup and then backed up again. STATE="$(($NETWORK_SETUP_QUESTION - 1))"; STATE_DIRECTION=1 fi if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${net_networks_staticip_v6}" | grep -q "Printers"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-address-v6-printers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; ### Firewall 50) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi # start with all networks service_firewall_networks_nat="${supported_internal_networks}" db_subst debian-edu-router-config/service-firewall-networks-nat choices "${service_firewall_networks_nat}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-networks-nat || true ;; 51) db_subst debian-edu-router-config/service-firewall-networks-routed choices "${service_firewall_networks_routed}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-networks-routed || true ;; 52) service_firewall_networks_allow_internet="${supported_internal_networks}" db_subst debian-edu-router-config/service-firewall-networks-allow-internet choices "${service_firewall_networks_allow_internet}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-networks-allow-internet || true ;; 53) # Suitable for both IPv4 and IPv6 db_get debian-edu-router-config/service-firewall-networks-allow-internet service_firewall_networks_allow_internet="${RET}" unequal_items="$(compare_comma_separated_items "${supported_internal_networks}" "${service_firewall_networks_allow_internet}")" if [ -z "${unequal_items}" ]; then # If all networks are allowed to have direct internet access # anyway, then don't bother to ask this question. STATE=$(($STATE + $STATE_DIRECTION)); debug_log "All supported networks have direct internet access, skipping trustworthy IPs/networks step..." continue; fi db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-trustworthy-ips || true ;; 54) # Reverse NAT: This question is IPv4 only if [ "$IPV4" != true ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-reverse-nat-configs || true ;; 55) # Incoming SSH connections db_subst debian-edu-router-config/service-firewall-ssh-incoming choices "$(unique_comma_separated_items Uplink ${supported_internal_networks})" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-ssh-incoming || true ;; ### ### SERVICES: ### # # Service: SSH # 56) # Asking port for SSH services db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-ssh-custom-port || true ;; # # Service: DHCP # 57) if [ "$IPV4" != true ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi # start with networks that have a static IPv4 address on this host (except Uplink network) service_dhcp_networks_v4="$(echo ${net_networks_staticip_v4} | sed -e 's/Uplink, //g')" db_subst debian-edu-router-config/service-dhcp-networks-v4 choices "${service_dhcp_networks_v4}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-networks-v4 || true ;; 58) if [ "${IPV6}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi # start with networks that have a static IPv6 address on this host (except Uplink network) service_dhcp_networks_v6="$(echo ${net_networks_staticip_v6} | sed -e 's/Uplink, //g')" db_subst debian-edu-router-config/service-dhcp-networks-v6 choices "${service_dhcp_networks_v6}" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-networks-v6 || true ;; 59) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "OpenLAN"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-openlan || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 60) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "Education"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-education || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 61) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "Mgmt"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-mgmt || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 62) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "School-Administration"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-schooladministration || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 63) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "WiFi-Students"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-wifistudents || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 64) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "WiFi-Teachers"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-wifiteachers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 65) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "WiFi-Guests"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-wifiguests || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; 66) if [ "${IPV4}" != "true" ]; then STATE=$(($STATE + $STATE_DIRECTION)); continue; fi if echo "${service_dhcp_networks_v4}" | grep -q "Printers"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-dhcp-range-v4-printers || true else STATE=$(($STATE + $STATE_DIRECTION)) continue fi ;; ### END OF SERVICES # not implemented yet... 67) db_input ${DC_PRIO_HIGH} debian-edu-router-config/not-implemented-yet || true ;; # Used for skipping/aborting questions entirely. 999) ;; *) echo "Unknown state ${STATE}!"; exit 255 ;; esac if db_go || [ "$BYPASS_DB_GO" == true ]; then # evaluate answers case "${STATE}" in 0) db_get debian-edu-router-config/ip-forwarding-consent if [ "${RET}" != "Yes" ]; then echo "Aborting configuration of Debian Edu Router as requested." exit 1 fi ;; 1) USER_SKIPPED_NETWORK_SETUP="" db_get debian-edu-router-config/net-setup-mode net_setup_mode=$(echo "${RET}" | cut -d" " -f1) if [ "${net_setup_mode}" == "" ] || \ [ "${net_setup_mode}" == "SKIP-NETWORK-SETUP" ]; then STATE=$((${NETWORK_SETUP_LAST} + 1)) USER_SKIPPED_NETWORK_SETUP="true" continue else # detect network interfaces if [ "${net_setup_mode}" = "OFFLINE-SETUP" ]; then IFACES_AVAILABLE=$(available_network_interfaces_offline) elif [ "${net_setup_mode}" = "ALL-CONNECTED" ]; then IFACES_AVAILABLE=$(available_network_interfaces_online) elif [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then # delay checking number of online interfaces # be content with offline interfaces for now IFACES_AVAILABLE=$(available_network_interfaces_offline) fi fi # --- Adopt existing Uplink info from /etc/network/interfaces{.d/*} --- # # Force "delete" cache existing_uplink_available="" # FIXME: Only execute get_existing_uplink_information if uplink is not actually set. (First time run?) # if uplink_not_set; then get_existing_uplink_information existing_uplink_info="$existing_uplink_iface ($existing_uplink_method) - $existing_uplink_address/$existing_uplink_subnetmask" #fi if [[ "$existing_uplink_available" = "true" ]]; then # Always reset question. db_set debian-edu-router-config/adopt-manual-uplink-settings false db_subst debian-edu-router-config/adopt-manual-uplink-settings uplink_info "$(echo ${existing_uplink_info} | debconf-escape -e)" db_subst debian-edu-router-config/adopt-manual-uplink-settings uplink_iface "$(echo ${existing_uplink_iface} | debconf-escape -e)" db_input $DC_PRIO_HIGH debian-edu-router-config/adopt-manual-uplink-settings || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." # db_get gets true, then. fi db_get debian-edu-router-config/adopt-manual-uplink-settings if [ "${RET}" = true ]; then IFACES_AVAILABLE="$(unique_comma_separated_items "$IFACES_AVAILABLE" "$existing_uplink_iface")" fi fi # --- # we need at least two network interfaces if ! echo "${IFACES_AVAILABLE}" | grep -q ", "; then db_set debian-edu-router-config/skip-networking-if-not-enough-ifaces-available true db_set debian-edu-router-config/skip-networking-if-not-enough-ifaces-non-configured true # skip network setup, not enough interfaces available non_d_e_r_ifaces=`get_non_d_e_r_ifaces` if [ -n "${non_d_e_r_ifaces}" ]; then db_subst debian-edu-router-config/skip-networking-if-not-enough-ifaces-non-configured non_d_e_r_ifaces "$(echo ${non_d_e_r_ifaces} | tr ' ' '\n' | debconf-escape -e)" db_input $DC_PRIO_HIGH debian-edu-router-config/skip-networking-if-not-enough-ifaces-non-configured || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." # db_get gets true, then. fi db_get debian-edu-router-config/skip-networking-if-not-enough-ifaces-non-configured else db_input $DC_PRIO_HIGH debian-edu-router-config/skip-networking-if-not-enough-ifaces-available || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." # db_get gets true, then. fi db_get debian-edu-router-config/skip-networking-if-not-enough-ifaces-available fi if [ "${RET}" = false ]; then STATE=1 continue else STATE=999 fi fi ;; 2) nic_choices=$(filter_debconf_item debian-edu-router-config/net-ext-iface-uplink ${IFACES_AVAILABLE}) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-ext-iface-uplink uplink_iface="${RET}" db_subst debian-edu-router-config/net-ext-iface-uplink-assigned iface "$uplink_iface" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-iface-uplink-assigned || true db_go || true fi ;; 3) db_get debian-edu-router-config/net-int-supportednetworks if [ -z "${RET}" ]; then # An empty choice is not acceptable here, tolerate re-asking 5 times FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-supportednetworks ${FCOUNTER} 5 # Simply re-ask the question for supported internal network types continue fi supported_internal_networks="${RET}" # Possibly remove networks service-firewall-networks-allow-internet, in case they got removed from # net-int-supportednetworks. db_get debian-edu-router-config/service-firewall-networks-allow-internet || true firewall_networks_allow_internet="${RET}" firewall_networks_allow_internet=$(intersect_comma_separated_items "${supported_internal_networks}" "${firewall_networks_allow_internet}") db_set debian-edu-router-config/service-firewall-networks-allow-internet "${firewall_networks_allow_internet}" FCOUNTER=0 ;; 4) db_get debian-edu-router-config/net-int-with-vlans if [ "${RET}" = "false" ]; then db_set debian-edu-router-config/net-int-iface-vlan "" STATE=$((${NETWORK_SETUP_SKIP_VLAN}-1)) fi ;; 5) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-vlan || true db_subst debian-edu-router-config/net-int-iface-vlan-assigned iface "${RET}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-vlan-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 6) db_get debian-edu-router-config/net-int-supportednetworks-via-vlan if [ -z "${RET}" ]; then # An empty choice is not acceptable here, tolerate re-asking 5 times FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-supportednetworks-via-vlan ${FCOUNTER} 5 # Simply re-ask the question for supported internal network # types via VLAN. continue fi supported_internal_networks_via_vlan="${RET}" if [ "${net_setup_mode}" != "STEP-BY-STEP" ]; then prepare_dialog_warn_not_enough_ifaces_available if [[ "$num_total_ifaces_needed" -gt "$(echo "$IFACES_AVAILABLE" | wc -w)" ]]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/warn-not-enough-ifaces-available || true bailout_on_too_many_failures debian-edu-router-config/net-int-supportednetworks-via-vlan ${FCOUNTER} 5 continue fi fi FCOUNTER=0 ;; 7) db_get debian-edu-router-config/net-int-vlanid-openlan _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-openlan ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 8) db_get debian-edu-router-config/net-int-vlanid-education _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-education ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 9) db_get debian-edu-router-config/net-int-vlanid-mgmt _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-mgmt ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 10) db_get debian-edu-router-config/net-int-vlanid-schooladministration _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-schooladministration ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 11) db_get debian-edu-router-config/net-int-vlanid-wifistudents _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-wifistudents ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 12) db_get debian-edu-router-config/net-int-vlanid-wifiteachers _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-wifiteachers ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 13) db_get debian-edu-router-config/net-int-vlanid-wifiguests _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-wifiguests ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 14) db_get debian-edu-router-config/net-int-vlanid-printers _vlanid=$(echo ${RET} | sed -e "s/\s//g") if ! is_vlanid ${_vlanid}; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-int-vlanid-printers ${FCOUNTER} 5 continue fi FCOUNTER=0 ;; 15) # if we reach here, network setup is obviously possible, enough interfaces have been found db_set debian-edu-router-config/skip-networking-if-not-enough-ifaces-available false db_set debian-edu-router-config/skip-networking-if-not-enough-ifaces-non-configured false if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-openlan openlan_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-openlan-assigned iface "${openlan_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-openlan-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 16) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-education education_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-education-assigned iface "${education_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-education-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 17) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-mgmt mgmt_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-mgmt-assigned iface "${mgmt_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-mgmt-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 18) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-schooladministration schooladministration_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-schooladministration-assigned iface "${schooladministration_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-schooladministration-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 19) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-wifistudents wifistudents_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-wifistudents-assigned iface "${wifistudents_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-wifistudents-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 20) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-wifiteachers wifiteachers_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-wifiteachers-assigned iface "${wifiteachers_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-wifiteachers-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 21) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-wifiguests wifiguests_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-wifiguests-assigned iface "${wifiguests_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-wifiguests-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 22) if [ "${net_setup_mode}" = "STEP-BY-STEP" ]; then db_get debian-edu-router-config/net-int-iface-printers printers_iface="${RET}" db_subst debian-edu-router-config/net-int-iface-printers-assigned iface "${printers_iface}" || true db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-int-iface-printers-assigned || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi fi ;; 23) db_get debian-edu-router-config/net-ip-versions-enabled if [ -z "${RET}" ]; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-ip-versions-enabled ${FCOUNTER} 5 continue fi FCOUNTER=0 parse_ip_versions ;; ### ### Network IPv4/IPv6 Addresses ### 24) db_get debian-edu-router-config/net-networks-staticip-v4 net_networks_staticip_v4="${RET}" net_networks_dhcpclient_v4="Uplink, ${supported_internal_networks}" for network in $(echo "${net_networks_staticip_v4}" | sed -e 's/,//g'); do net_networks_dhcpclient_v4=`echo ${net_networks_dhcpclient_v4} | sed -Ee "s/(${network}, |, ${network}|${network})//g"` done ;; 25) db_get debian-edu-router-config/net-networks-dhcpclient-v4 net_networks_dhcpclient_v4="${RET}" net_networks_manual_v4="Uplink, ${supported_internal_networks}" for network in $(echo "${net_networks_staticip_v4}, ${net_networks_dhcpclient_v4}" | sed -e 's/,//g'); do net_networks_manual_v4=`echo ${net_networks_manual_v4} | sed -Ee "s/(${network}, |, ${network}|${network})//g"` done db_subst debian-edu-router-config/net-networks-manual-v4 choices "${net_networks_manual_v4}" db_set debian-edu-router-config/net-networks-manual-v4 "${net_networks_manual_v4}" db_fset debian-edu-router-config/net-networks-manual-v4 seen true ;; 26) db_get debian-edu-router-config/net-networks-staticip-v6 net_networks_staticip_v6="${RET}" net_networks_auto_v6="Uplink, ${supported_internal_networks}" for network in $(echo "${net_networks_staticip_v6}" | sed -e 's/,//g'); do net_networks_auto_v6=`echo ${net_networks_auto_v6} | sed -Ee "s/(${network}, |, ${network}|${network})//g"` done ;; 27) db_get debian-edu-router-config/net-networks-auto-v6 net_networks_auto_v6="${RET}" net_networks_manual_v6="Uplink, ${supported_internal_networks}" for network in $(echo "${net_networks_staticip_v4}, ${net_networks_auto_v6}" | sed -e 's/,//g'); do net_networks_manual_v6=`echo ${net_networks_manual_v6} | sed -Ee "s/(${network}, |, ${network}|${network})//g"` done db_subst debian-edu-router-config/net-networks-manual-v6 choices "${net_networks_manual_v6}" db_set debian-edu-router-config/net-networks-manual-v6 "${net_networks_manual_v6}" db_fset debian-edu-router-config/net-networks-manual-v6 seen true # interfaces that are candidates for IPv6 router advertisement are also candidates for DHCPv6 net_networks_dhcpclient_v6="${net_networks_auto_v6}" ;; 28) ;; ### ### Service to Network Assignments ### 29) if echo "${net_networks_staticip_v4}" | grep -q "Uplink"; then db_get debian-edu-router-config/net-ext-address-v4-uplink || true if ! is_valid_ipconfig_v4 "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-ext-address-v4-uplink ${FCOUNTER} 5 continue db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 fi ;; 30) if echo "${net_networks_staticip_v6}" | grep -q "Uplink"; then db_get debian-edu-router-config/net-ext-address-v6-uplink || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 31) if echo "${net_networks_staticip_v4}" | grep -q "Uplink"; then db_get debian-edu-router-config/net-ext-gateway-v4-uplink || true if ! is_address_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 32) # Check whether an IPv6 network address has been configured for the 'Uplink' interface. # And only if so, ask for an IPv6 gateway adress. db_get debian-edu-router-config/net-ext-address-v6-uplink || true if echo "${net_networks_staticip_v6}" | grep -q "Uplink" && [ -n "${RET}" ]; then db_get debian-edu-router-config/net-ext-gateway-v6-uplink || true if ! is_address_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 33) db_get debian-edu-router-config/net-networks-staticip-v4 networks_static_v4="${RET}" if [ "$IPV4" == true ] && [ -n "$(echo "${networks_static_v4}" | grep Uplink)" ]; then needs_ipv4_nameserver_address=true debug_log "An external IPv4 nameserver must be specified since Uplink NIC is configured statically." else needs_ipv4_nameserver_address=false fi db_get debian-edu-router-config/net-networks-staticip-v6 networks_static_v6="${RET}" if [ "$IPV6" == true ] && [ -n "$(echo "${networks_static_v6}" | grep Uplink)" ]; then needs_ipv6_nameserver_address=true debug_log "An external IPv6 nameserver must be specified since Uplink NIC is configured statically." else needs_ipv6_nameserver_address=false fi db_get debian-edu-router-config/net-ext-nameservers-uplink || true dns_nameservers="$(echo ${RET} | sed -E -e "s/,/ /g" -e "s/\s+/ /g")" if [ -z "${dns_nameservers}" ]; then # Only absolutely require external nameservers, if 'Uplink' is configured statically, # IPv4 nameservers can answer queries for IPv6 addresses and vice versa. So, in theory, # it is sufficient to configure one nameserver IP. if [ "$needs_ipv4_nameserver_address" == true ] || [ "$needs_ipv6_nameserver_address" == true ]; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-ext-nameservers-uplink-required || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi warning_log "An external nameserver must be specified since Uplink is configured statically!" FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-ext-nameservers-uplink ${FCOUNTER} 5 continue fi fi invalid_nameserver=false # Check for invalid entries for dns_addr in ${dns_nameservers}; do if [ "$IPV4" == true ] && is_address_v4 "${dns_addr}"; then # Alright, address looks good. Check next one. debug_log "IPv4 nameserver address '$dns_addr' could be verified." continue elif [ "$IPV6" == true ] && is_address_v6 "${dns_addr}"; then # Alright, address looks good. Check next one. debug_log "IPv6 nameserver address '$dns_addr' could be verified." continue fi warning_log "Nameserver address '$dns_addr' is *not* valid!" db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-nameserver || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi invalid_nameserver=true FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/net-ext-nameservers-uplink ${FCOUNTER} 5 break done # Let the user retry if invalid entry was found. if [ "${invalid_nameserver}" == true ]; then continue fi FCOUNTER=0 ;; 34) if echo "${net_networks_staticip_v4}" | grep -q "OpenLAN"; then db_get debian-edu-router-config/net-int-address-v4-openlan || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 35) if echo "${net_networks_staticip_v6}" | grep -q "OpenLAN"; then db_get debian-edu-router-config/net-int-address-v6-openlan || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 36) if echo "${net_networks_staticip_v4}" | grep -q "Education"; then db_get debian-edu-router-config/net-int-address-v4-education || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 37) if echo "${net_networks_staticip_v6}" | grep -q "Education"; then db_get debian-edu-router-config/net-int-address-v6-education || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 38) if echo "${net_networks_staticip_v4}" | grep -q "Mgmt"; then db_get debian-edu-router-config/net-int-address-v4-mgmt || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 39) if echo "${net_networks_staticip_v6}" | grep -q "Mgmt"; then db_get debian-edu-router-config/net-int-address-v6-mgmt || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 40) if echo "${net_networks_staticip_v4}" | grep -q "School-Administration"; then db_get debian-edu-router-config/net-int-address-v4-schooladministration || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 41) if echo "${net_networks_staticip_v6}" | grep -q "School-Administration"; then db_get debian-edu-router-config/net-int-address-v6-schooladministration || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 42) if echo "${net_networks_staticip_v4}" | grep -q "WiFi-Students"; then db_get debian-edu-router-config/net-int-address-v4-wifistudents || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 43) if echo "${net_networks_staticip_v6}" | grep -q "WiFi-Students"; then db_get debian-edu-router-config/net-int-address-v6-wifistudents || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 44) if echo "${net_networks_staticip_v4}" | grep -q "WiFi-Teachers"; then db_get debian-edu-router-config/net-int-address-v4-wifiteachers || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 45) if echo "${net_networks_staticip_v6}" | grep -q "WiFi-Teachers"; then db_get debian-edu-router-config/net-int-address-v6-wifiteachers || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 46) if echo "${net_networks_staticip_v4}" | grep -q "WiFi-Guests"; then db_get debian-edu-router-config/net-int-address-v4-wifiguests || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 47) if echo "${net_networks_staticip_v6}" | grep -q "WiFi-Guests"; then db_get debian-edu-router-config/net-int-address-v6-wifiguests || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 48) if echo "${net_networks_staticip_v4}" | grep -q "Printers"; then db_get debian-edu-router-config/net-int-address-v4-printers || true if ! is_valid_ipconfig_v4 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv4 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; 49) if echo "${net_networks_staticip_v6}" | grep -q "Printers"; then db_get debian-edu-router-config/net-int-address-v6-printers || true # an IPv6 address is optional, so it can be left empty if [ -n "${RET}" ] && ! is_valid_ipconfig_v6 "${RET}"; then db_input ${DC_PRIO_HIGH} debian-edu-router-config/net-syntax-invalid-ipv6 || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi fi ;; ### Firewall 50) db_get debian-edu-router-config/service-firewall-networks-nat || true service_firewall_networks_nat="${RET}" service_firewall_networks_routed="${supported_internal_networks}" for network in $(echo "${service_firewall_networks_nat}" | sed -e 's/,//g'); do service_firewall_networks_routed=`echo ${service_firewall_networks_routed} | sed -Ee "s/(${network}, |, ${network}|${network})//g"` done ;; 51) db_get debian-edu-router-config/service-firewall-networks-routed || true service_firewall_networks_routed="${RET}" service_firewall_networks_hostonly="${supported_internal_networks}" for network in $(echo "${service_firewall_networks_nat}, ${service_firewall_networks_routed}" | sed -e 's/,//g'); do service_firewall_networks_hostonly=`echo ${service_firewall_networks_hostonly} | sed -Ee "s/(${network}, |, ${network}|${network})//g"` done db_subst debian-edu-router-config/service-firewall-networks-hostonly choices "${service_firewall_networks_hostonly}" db_set debian-edu-router-config/service-firewall-networks-hostonly "${service_firewall_networks_hostonly}" ;; 52) db_get debian-edu-router-config/service-firewall-networks-allow-internet || true service_firewall_networks_allow_internet="${RET}" service_firewall_networks_block_internet="${supported_internal_networks}" for network in $(echo "${service_firewall_networks_allow_internet}" | sed -e 's/,//g'); do service_firewall_networks_block_internet=`echo ${service_firewall_networks_block_internet} | sed -Ee "s/(${network}, |, ${network}|${network})//g"` done db_subst debian-edu-router-config/service-firewall-networks-block-internet choices "${service_firewall_networks_block_internet}" db_set debian-edu-router-config/service-firewall-networks-block-internet "${service_firewall_networks_block_internet}" ;; 53) # Check if debian-edu-router-config/service-firewall-trustworthy-ips # is valid db_get debian-edu-router-config/service-firewall-trustworthy-ips if [[ -n "${RET}" ]]; then declare -a trustworthy_ips=(${RET}) # Collect all internal addresses/networks declare -A internal_networks get_internal_networks_v4 # debug_log "Internal networks found for trustworthy " \ # "addresses/networks validation:" # for _i_n_name in "${!internal_networks[@]}"; do # debug_log " - $_i_n_name:\t${internal_networks[$_i_n_name]}" # done failure_in_for_loop="" for item in "${trustworthy_ips[@]}"; do item_ip_version="" # Could be a network or an address. So let's figure out what # it is. We could generally say everything containing a '/' # should be consired as a network. if [[ "$item" == *"/"* ]]; then if [ "${IPV4}" == "true" ]; then is_valid_ipconfig_v4 "${item}" && item_ip_version="network_v4" fi if [ "${IPV6}" == "true" ]; then is_valid_ipconfig_v6 "${item}" && item_ip_version="network_v6" fi if ! [ "$item_ip_version" = "network_v4" ] && \ ! [ "$item_ip_version" = "network_v6" ]; then debug_log "${item}: Is *not* a valid IP network!" failure_in_for_loop="invalid_ip_network" break fi else if [ "${IPV4}" == "true" ]; then is_address_v4 "${item}" && item_ip_version="address_v4" fi if [ "${IPV6}" == "true" ]; then is_address_v6 "${item}" && item_ip_version="address_v6" fi if ! [ "$item_ip_version" = "address_v4" ] && \ ! [ "$item_ip_version" = "address_v6" ]; then debug_log "${item}: Is *not* a valid IP address!" failure_in_for_loop="invalid_ip_address" break fi fi matching_internal_network="" # For-loop in a for-loop is often not a good idea # but we don't have that many supported internal networks. for _i_n_name in "${!internal_networks[@]}"; do _internal_network="${internal_networks[$_i_n_name]}" if is_valid_ipconfig_v4 "$_internal_network"; then if [[ "$item_ip_version" =~ "_v4" ]]; then #debug_log "Checking if IPv4 address/network '$item' is in network '$_internal_network'..." if is_ip4config_in_network "$item" "$_internal_network"; then debug_log "IPv4 address/network $item is in network '$_internal_network'!" matching_internal_network="$_internal_network" break fi fi elif is_valid_ipconfig_v6 "$_internal_network"; then if [[ "$item_ip_version" =~ "_v6" ]]; then #debug_log "Checking if IPv6 address/network '$item' is in network '$_internal_network'..." # TODO: Create function is_ip6config_in_network debug_log "----- IPv6 matching is not yet implemented! -----" # if is_ip6config_in_network "$item" "$_internal_network"; then # debug_log "IPv6 address/network $item is in network '$_internal_network'!" # matching_internal_network="$_internal_network" # break # fi fi else error_log "Found invalid internal network '$_internal_network'!" error_log "This definitely shouldn't be possible. Aborting configuration now." error_log "Run 'dpkg-configure debian-edu-router-config' from the" error_log "command line and fix your configuration." exit 1 fi done if [[ -z "$matching_internal_network" ]]; then failure_in_for_loop="no_matching_internal_network" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-invalid-trustworthy-ips || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-firewall-trustworthy-ips ${FCOUNTER} 5 # Let the user try again STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) break fi # Do not reset $FCOUNTER here. We want to reset it below. done # If an invalid IP address or network was specified. # Invalid means: Neither valid IPv4 nor valid IPv6 if [[ "$failure_in_for_loop" = "invalid_ip_"* ]]; then debug_log "Reason for retry: $failure_in_for_loop." reason_text="Unknown reason." case $failure_in_for_loop in "invalid_ip_"*) reason_text="A malformed IP/network was specified." ;; "no_matching_internal_network") reason_text="One of the specified IPs/networks is $( )not part of an internal network and can $( )therefore not be matched." ;; esac db_subst debian-edu-router-config/service-firewall-invalid-trustworthy-ips reason "$reason_text" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-invalid-trustworthy-ips || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-firewall-trustworthy-ips ${FCOUNTER} 5 # Let the user try again STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) elif [[ "$failure_in_for_loop" != "no_matching_internal_network" ]]; then FCOUNTER=0 fi fi ;; 54) db_get debian-edu-router-config/service-firewall-reverse-nat-configs if [[ -n "${RET}" ]]; then declare -a reverse_nat_configs=(${RET}) db_get debian-edu-router-config/service-firewall-networks-nat || true service_firewall_networks_nat="${RET}" # Examples: # reverse_nat_configs=("tcp:200:10.0.2.2:22" "udp:25565:10.0.2.10:26000" # "udp:25565:10.0.2.10" "25565:10.0.2.10:26000" "25565:10.0.2.250") for item in "${reverse_nat_configs[@]}"; do parse_reverse_nat_config "$item" if [ -n "$failure_in_parsing" ]; then break else debug_log "Config item '$item' is valid." \ "Following things could be extracted:" debug_log " - Protocol: $rn_protocol" debug_log " - External port: $rn_extern_port" debug_log " - Host address: $rn_host_address" debug_log " - Host port: $rn_host_port" debug_log " - Internal network: $rn_matching_internal_network" fi done if [ -n "$failure_in_parsing" ]; then debug_log "Reason for retry: $failure_in_parsing." reason_text="Unknown reason." case $failure_in_parsing in "invalid_"*) reason_text="A malformed input was detected." ;; "no_matching_internal_network") reason_text="One of the specified host addresses $( )is not part of an internal network or the network $( )is not configured to be hidden behind a NAT." ;; esac db_subst debian-edu-router-config/service-firewall-invalid-reverse-nat-configs reason "$reason_text" db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-firewall-invalid-reverse-nat-configs || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-firewall-reverse-nat-configs ${FCOUNTER} 5 # Let the user try again STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) else FCOUNTER=0 fi fi ;; 55) # nothing to do for SSH incoming firewall policy ;; ### ### SERVICES ### # # Service: SSH # 56) db_get debian-edu-router-config/service-ssh-custom-port || true service_ssh_custom_port="${RET}" if [ -n "$service_ssh_custom_port" ]; then re='^[0-9]+$' if ! [[ $service_ssh_custom_port =~ $re ]] ; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-ssh-custom-port ${FCOUNTER} 5 # Let the user try again STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) else FCOUNTER=0 fi fi ;; # # Service: DHCP # 57) db_get debian-edu-router-config/service-dhcp-networks-v4 || true service_dhcp_networks_v4="${RET}" ;; 58) db_get debian-edu-router-config/service-dhcp-networks-v6 || true service_dhcp_networks_v6="${RET}" ;; 59) if echo "${service_dhcp_networks_v4}" | grep -q "OpenLAN"; then db_get debian-edu-router-config/service-dhcp-range-v4-openlan || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-openlan ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; 60) if echo "${service_dhcp_networks_v4}" | grep -q "Education"; then db_get debian-edu-router-config/service-dhcp-range-v4-education || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-education ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; 61) if echo "${service_dhcp_networks_v4}" | grep -q "Mgmt"; then db_get debian-edu-router-config/service-dhcp-range-v4-mgmt || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-mgmt ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; 62) if echo "${service_dhcp_networks_v4}" | grep -q "School-Administration"; then db_get debian-edu-router-config/service-dhcp-range-v4-schooladministration || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-schooladministration ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; 63) if echo "${service_dhcp_networks_v4}" | grep -q "WiFi-Students"; then db_get debian-edu-router-config/service-dhcp-range-v4-wifistudents || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-wifistudents ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; 64) if echo "${service_dhcp_networks_v4}" | grep -q "WiFi-Teachers"; then db_get debian-edu-router-config/service-dhcp-range-v4-wifiteachers || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-wifiteachers ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; 65) if echo "${service_dhcp_networks_v4}" | grep -q "WiFi-Guests"; then db_get debian-edu-router-config/service-dhcp-range-v4-wifiguests || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-wifiguests ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; 66) if echo "${service_dhcp_networks_v4}" | grep -q "Printers"; then db_get debian-edu-router-config/service-dhcp-range-v4-printers || true if ! is_valid_dhcp4_range "${RET}"; then FCOUNTER=$((${FCOUNTER}+1)) bailout_on_too_many_failures debian-edu-router-config/service-dhcp-range-v4-printers ${FCOUNTER} 5 db_input ${DC_PRIO_HIGH} debian-edu-router-config/service-syntax-invalid-dhcp-v4-range || true if ! db_go; then debug_log "Ignoring backup/db_go-failure..." fi continue fi FCOUNTER=0 # FIXME: further checks possible... # * start address lower than end address # * both addresses in same subnet # * check that both addresses are in iface's subnet # * etc. (?) fi ;; ### END OF SERVICES # not implemented yet... 67) ;; # Used for skipping/aborting questions entirely. 999) ;; esac # last question was ok, so go up. # except if we just simulated that step... if [ "$BYPASS_DB_GO" == true ]; then STATE_DIRECTION=1 STATE=$ORIGIN_STATE else STATE_DIRECTION=1 STATE=$(($STATE + $STATE_DIRECTION)) fi # reset. BYPASS_DB_GO=false else # last question was not ok (user wants to backup), so go *DOWN* a step. # and if the next step should be skipped, go down another step. # and if that step should also be skipped, go down another step. # and so on and so on... STATE_DIRECTION=-1 STATE=$(($STATE + $STATE_DIRECTION)) debug_log "Backing up to step ${cyan}${STATE}${green}..." fi done if [ $STATE -lt $BACKSTOP ]; then # user went backwards from beyond BACKSTOP/entry point, abort package configuration. debug_log "User tried to backup beyond BACKSTOP/entry point... Exiting." exit 10 fi } function main() { statemachine # Reset, to avoid duplicate questions and looping when in STEP-BY-STEP setup mode. db_set debian-edu-router-config/net-setup-mode "" } if [[ "$1" == "configure" ]] && [[ -n "$2" ]]; then main # elif [[ "$1" == "configure" ]] && [[ "$2" == "debian-edu-router-reconfigured" ]]; then # debug_log "config script was called via dpkg-trigger, specifically 'debian-edu-router-reconfigured' trigger." # main elif [[ "$1" == "reconfigure" ]]; then debug_log "config script was called via dpkg-reconfigure." main else debug_log "config script was probably called to preconfigure package, skipping..." exit 0 fi # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. debug_log "Finished .config stage of ${PACKAGE_NAME}." exit 0