+#!/bin/sh
+#
+# OCF RA for tunctl(1) TUN/TAP device initialization
+#
+# Copyright (c) 2008,2009 Barton IT-Consulting
+# Copyright (c) 2004 SUSE LINUX AG, Lars Marowsky-Brée
+# All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of version 2 of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+#
+# Further, this software is distributed without any warranty that it is
+# free of the rightful claim of any third person regarding infringement
+# or the like. Any license provided herein, whether implied or
+# otherwise, applies only to this software file. Patent licenses, if
+# any, provided herein do not apply to combinations of this program with
+# other software, or any other product whatsoever.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc., 59 Temple Place - Suite 330, Boston MA 02111-1307, USA.
+#
+
+# Initialization:
+. ${OCF_ROOT}/resource.d/heartbeat/.ocf-shellfuncs
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+meta_data() {
+ cat <<END
+<?xml version="1.0"?>
+<!DOCTYPE resource-agent SYSTEM "ra-api-1.dtd">
+<resource-agent name="TunCtl">
+<version>1.1</version>
+
+<longdesc lang="en">
+OCF RA for tunctl(1) TUN/TAP device initialization.
+</longdesc>
+<shortdesc lang="en">TUN/TAP device initialization</shortdesc>
+
+<parameters>
+<parameter name="if_name" unique="1">
+<shortdesc lang="en">Name of TUN/TAP interface</shortdesc>
+<content type="string" default="" />
+</parameter>
+<parameter name="if_owner" unique="1">
+<shortdesc lang="en">TUN/TAP interface owner</shortdesc>
+<content type="string" default="" />
+</parameter>
+<parameter name="host_ip" unique="1">
+<shortdesc lang="en">Host-side IP address</shortdesc>
+<content type="string" default="" />
+</parameter>
+<parameter name="host_netmask" unique="1">
+<shortdesc lang="en">Host-side netmask</shortdesc>
+<content type="string" default="" />
+</parameter>
+<parameter name="client_ip" unique="1">
+<shortdesc lang="en">Client-side IP address</shortdesc>
+<content type="string" default="" />
+</parameter>
+<parameter name="if_proxyarp" unique="1">
+<shortdesc lang="en">Interface for Proxy-ARP</shortdesc>
+<content type="string" default="" />
+</parameter>
+</parameters>
+
+<actions>
+<action name="start" timeout="10" />
+<action name="stop" timeout="10" />
+<action name="monitor" timeout="10" interval="15" depth="0" start-delay="5" />
+<action name="meta-data" timeout="5" />
+<action name="verify-all" timeout="30" />
+</actions>
+</resource-agent>
+END
+}
+
+# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+TunCtl_usage() {
+ echo "usage: $0 {start|stop|monitor|validate-all|meta-data}"
+}
+
+TunCtl_start() {
+ tunctl -u "${OCF_RESKEY_if_owner:-root}" -t "$OCF_RESKEY_if_name"
+ if [ $? -ne 0 ]; then
+ return $OCF_ERR_GENERIC
+ fi
+ ifconfig "$OCF_RESKEY_if_name" "$OCF_RESKEY_host_ip" \
+ netmask "${OCF_RESKEY_host_netmask:-255.255.255.0}" up
+ if [ $? -ne 0 ]; then
+ return $OCF_ERR_GENERIC
+ fi
+ echo 1 >/proc/sys/net/ipv4/ip_forward
+ route add -host "$OCF_RESKEY_client_ip" dev "$OCF_RESKEY_if_name"
+ if [ $? -ne 0 ]; then
+ return $OCF_ERR_GENERIC
+ fi
+ if [ -n "$OCF_RESKEY_if_proxyarp" ]; then
+ # Proxy ARP
+ echo 1 >/proc/sys/net/ipv4/conf/"$OCF_RESKEY_if_name"/proxy_arp
+ if [ $? -ne 0 ]; then
+ return $OCF_ERR_GENERIC
+ fi
+ arp -Ds "$OCF_RESKEY_client_ip" "$OCF_RESKEY_if_proxyarp" pub
+ if [ $? -ne 0 ]; then
+ return $OCF_ERR_GENERIC
+ fi
+ fi
+ return $OCF_SUCCESS
+}
+
+TunCtl_stop() {
+ if [ -n "$OCF_RESKEY_if_proxyarp" ]; then
+ # Proxy ARP
+ arp -d "$OCF_RESKEY_client_ip" -i "$OCF_RESKEY_if_proxyarp" pub
+ fi
+ ifconfig "$OCF_RESKEY_if_name" down >/dev/null 2>&1
+ tunctl -d "$OCF_RESKEY_if_name"
+ if [ $? -eq 0 ]; then
+ return $OCF_SUCCESS
+ fi
+ return $OCF_ERR_GENERIC
+}
+
+TunCtl_monitor() {
+ ip link show "$OCF_RESKEY_if_name" | grep "UP" >/dev/null 2>&1
+ if [ $? -eq 0 ]; then
+ return $OCF_SUCCESS
+ fi
+ return $OCF_NOT_RUNNING
+}
+
+TunCtl_validate() {
+ if [ -z "$OCF_RESKEY_if_name" ]; then
+ return $OCF_ERR_ARGS
+ fi
+ if [ -z "$OCF_RESKEY_host_ip" ]; then
+ return $OCF_ERR_ARGS
+ fi
+ if [ -z "$OCF_RESKEY_client_ip" ]; then
+ return $OCF_ERR_ARGS
+ fi
+ return $OCF_SUCCESS
+}
+
+case $__OCF_ACTION in
+ meta-data)
+ meta_data
+ exit $OCF_SUCCESS
+ ;;
+ start)
+ TunCtl_start
+ ;;
+ stop)
+ TunCtl_stop
+ ;;
+ monitor)
+ TunCtl_monitor
+ ;;
+ validate-all)
+ TunCtl_validate
+ ;;
+ usage|help)
+ TunCtl_usage
+ exit $OCF_SUCCESS
+ ;;
+ *)
+ TunCtl_usage
+ exit $OCF_ERR_UNIMPLEMENTED
+ ;;
+esac
+
+rc=$?
+ocf_log debug "${OCF_RESOURCE_INSTANCE} $__OCF_ACTION : $rc"
+exit $rc
+
+# -eof-