[dhcp-busybox] Add service to create additional bridges

5 files changed, 88 insertions, 6 deletions

diff --git a/core/modules/dhcpc-busybox/data/etc/systemd/system/bridge-additional-nics.service b/core/modules/dhcpc-busybox/data/etc/systemd/system/bridge-additional-nics.service
new file mode 100644
index 00000000..df36e015
--- /dev/null
+++ b/core/modules/dhcpc-busybox/data/etc/systemd/system/bridge-additional-nics.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Setup bridges for addition network interfaces
+Wants=systemd-udevd.service
+After=systemd-udev-settle.service systemd-udevd.service
+Before=network.target
+
+[Service]
+Type=oneshot
+ExecStart=/opt/openslx/scripts/systemd-bridge_additional_nics
+RemainAfterExit=true
diff --git a/core/modules/dhcpc-busybox/data/etc/systemd/system/network.target.wants/bridge-additional-nics.service b/core/modules/dhcpc-busybox/data/etc/systemd/system/network.target.wants/bridge-additional-nics.service
new file mode 120000
index 00000000..948dc5d7
--- /dev/null
+++ b/core/modules/dhcpc-busybox/data/etc/systemd/system/network.target.wants/bridge-additional-nics.service
@@ -0,0 +1 @@
+../bridge-additional-nics.service
\ No newline at end of file
diff --git a/core/modules/dhcpc-busybox/data/opt/openslx/scripts/systemd-bridge_additional_nics b/core/modules/dhcpc-busybox/data/opt/openslx/scripts/systemd-bridge_additional_nics
new file mode 100755
index 00000000..295483f9
--- /dev/null
+++ b/core/modules/dhcpc-busybox/data/opt/openslx/scripts/systemd-bridge_additional_nics
@@ -0,0 +1,50 @@
+#!/bin/bash
+#
+# Small script scanning sysfs for physical network interfaces
+# and creating additional network bridges 'br-nic-[0-9]'.
+
+. /opt/openslx/config
+
+# do nothing if not netbooted
+[ -z "$SLX_PXE_NETIF" ] && exit 0
+# or feature disabled
+[ "$SLX_BRIDGE_OTHER_NICS" != "yes" ] && exit 0
+
+declare -g id=1
+for nic in /sys/class/net/*; do
+	# The presence of this symlink pointing to the physical device
+	# seems to be the better way to detect them.
+	[ -h "${nic}/device" ] || continue
+
+	# do not handle the primary interface
+	[ "$SLX_PXE_NETIF" = "${nic##*/}" ] && continue
+
+	# physical nic found, create a bridge with the same MAC
+	bridge="br-nic-${id}"
+	mac="$(cat "${nic}/address")"
+	if ! [[ $mac =~ ^([0-9a-f]{2}:){5}[0-9a-f]{2}$ ]]; then
+		echo "'$mac' does not seem like a valid MAC address."
+		continue
+	fi
+
+	(
+	set -e
+	brctl addbr "$bridge"
+	brctl stp "$bridge" 0
+	ip link set addr "$mac" "$bridge"
+	ip link set dev "${nic##*/}" up
+	brctl addif "$bridge" "${nic##*/}"
+	ip link set dev "$bridge" up
+	)
+	ret=$?
+	if [ "$ret" != 0 ]; then
+		echo "Failed to setup additional bridge '$bridge' for '$nic'."
+		brctl delbr "$bridge"
+		continue
+	fi
+
+	# all fine, increase counter and continue
+	(( id++ ))
+done
+
+exit 0
diff --git a/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env b/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env
index 8d2302bc..c3b08b01 100755
--- a/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env
+++ b/core/modules/vbox-src/data/opt/openslx/scripts/systemd-vbox_env
@@ -21,6 +21,8 @@ VBOX_BASE_DIR="/usr/lib/virtualbox"
 VBOX_KMOD_DIR="/lib/modules/vbox"
 VBOX_MANAGE="${VBOX_BASE_DIR}/VBoxManage"
 
+. /opt/openslx/config
+
 # Runtime critical checks first
 # VBoxManage should be under /usr/lib/virtualbox
 if ! [ -d "${VBOX_BASE_DIR}" -o -x "${VBOX_MANAGE}" -o -d "${VBOX_KMOD_DIR}" ]; then
@@ -54,10 +56,11 @@ mkdir -p "/tmp/virt/virtualbox" -m 1777
 # reload udev rules since aufs'ing the layer on top do not trigger its inotify watch
 udevadm control --reload
 
-# pretty dumb you can just create host-only interfaces,
+# pretty dumb, you can only create host-only interfaces,
 # but not assign a specific name/number
 ${VBOX_MANAGE} hostonlyif create
 ip link set dev vboxnet0 up
+[ "$SLX_JUMBO_FRAMES" = "yes" ] && ip link set dev vboxnet0 mtu 9000
 brctl addif br0 vboxnet0
 
 ${VBOX_MANAGE} hostonlyif create
@@ -68,4 +71,23 @@ ${VBOX_MANAGE} hostonlyif create
 ip link set dev vboxnet2 up
 brctl addif vsw2 vboxnet2
 
+if [ "$SLX_BRIDGE_OTHER_NICS" = "yes" ]; then
+	# These will have been set up in our init, or by bridge-other-nics.service
+	NICS=$( ls -1 /sys/class/net | grep '^br-nic-' | cut -c 8- )
+	vboxnet=3
+	for nic in $NICS; do
+		if ! [ "$nic" -gt 0 ] && ! [ "$nic" -eq 0 ]; then
+			slxlog "vbox-other-nics" "NaN: br-nic-X has X='$nic'"
+			continue
+		fi
+		# create vboxnet10 - vboxnetN for these
+		${VBOX_MANAGE} hostonlyif create
+		brctl addif "br-nic-${nic}" "vboxnet${vboxnet}"
+		vboxnet="$(( vboxnet + 1 ))"
+	done
+fi
+
+# trigger reload of iptables stuff (it's using inotify)
+touch /opt/openslx/iptables/rules.d/empty
+
 exit 0
diff --git a/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env b/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env
index d54b66af..4e7875db 100755
--- a/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env
+++ b/core/modules/vmware-common/data/opt/openslx/scripts/systemd-vmware_env
@@ -66,15 +66,14 @@ vmnetif () {
 		vmnet_create "$vmnet"
 	done
 	# Set the vmware interface to 9000 too, as br0 will use the smallest of all slave devices
-	[ "x$SLX_JUMBO_FRAMES" = "xyes" ] && ip link set dev vmnet0 mtu 9000
+	[ "$SLX_JUMBO_FRAMES" = "yes" ] && ip link set dev vmnet0 mtu 9000
 	# setup bridge (vmnet0), nat (vmnet1) and software defined networking (vmnet2) interfaces
 	brctl addif br0 vmnet0
 	brctl addif nat1 vmnet1
 	brctl addif vsw2 vmnet2
 	# 2) see if we should bridge additional interfaces
-	NICS=
 	if [ "$SLX_BRIDGE_OTHER_NICS" = "yes" ]; then
-		# These will have been set up in our init
+		# These will have been set up in our init, or by bridge-other-nics.service
 		NICS=$( ls -1 /sys/class/net | grep '^br-nic-' | cut -c 8- )
 		vmnet=10
 		for nic in $NICS; do
@@ -88,8 +87,8 @@ vmnetif () {
 			vmnet="$(( vmnet + 1 ))"
 		done
 	fi
-	# Printergui rules etc.
-	systemctl --no-block restart openslx-iptables.service
+	# trigger reload of iptables stuff (it's using inotify)
+	touch /opt/openslx/iptables/rules.d/empty
 }
 
 vmblock () {