From 1bd3a9f25ec7b6b4aee6405431102f3d1c2a1031 Mon Sep 17 00:00:00 2001 From: Harald Welte Date: Tue, 5 Sep 2017 22:24:45 +0200 Subject: Move examples to doc/examples and include them in DIST Change-Id: I0846e21ac63774939934ab629c6d7212269be9a6 --- configure.ac | 1 + contrib/osmo-ggsn.init | 97 +++++++++++++++++++++++++++++++++ doc/Makefile.am | 5 +- doc/examples/Makefile.am | 22 ++++++++ doc/examples/firewall | 48 +++++++++++++++++ doc/examples/osmo-ggsn.cfg | 71 ++++++++++++++++++++++++ doc/examples/sgsnemu.conf | 131 +++++++++++++++++++++++++++++++++++++++++++++ examples/firewall | 48 ----------------- examples/osmo-ggsn.cfg | 71 ------------------------ examples/osmo-ggsn.init | 97 --------------------------------- examples/sgsnemu.conf | 131 --------------------------------------------- 11 files changed, 373 insertions(+), 349 deletions(-) create mode 100644 contrib/osmo-ggsn.init create mode 100644 doc/examples/Makefile.am create mode 100755 doc/examples/firewall create mode 100644 doc/examples/osmo-ggsn.cfg create mode 100644 doc/examples/sgsnemu.conf delete mode 100755 examples/firewall delete mode 100644 examples/osmo-ggsn.cfg delete mode 100644 examples/osmo-ggsn.init delete mode 100644 examples/sgsnemu.conf diff --git a/configure.ac b/configure.ac index c19eedc..19548d1 100644 --- a/configure.ac +++ b/configure.ac @@ -137,6 +137,7 @@ PKG_CHECK_MODULES(LIBOSMOCTRL, libosmoctrl) AC_CONFIG_FILES([Makefile doc/Makefile + doc/examples/Makefile ggsn/Makefile gtp/Makefile lib/Makefile diff --git a/contrib/osmo-ggsn.init b/contrib/osmo-ggsn.init new file mode 100644 index 0000000..2deb378 --- /dev/null +++ b/contrib/osmo-ggsn.init @@ -0,0 +1,97 @@ +#!/bin/sh +# +# osmo-ggsn This shell script takes care of starting and stopping +# osmo-ggsn. +# +# chkconfig: - 65 35 +# description: osmo-ggsn is a Gateway GPRS Support Node. + +# Source function library. +. /etc/rc.d/init.d/functions + +# Source networking configuration. +. /etc/sysconfig/network + +if [ -f /etc/sysconfig/osmo-ggsn ]; then + . /etc/sysconfig/osmo-ggsn +fi + +# Check that networking is up. +[ ${NETWORKING} = "no" ] && exit 0 + +[ -f /usr/bin/osmo-ggsn ] || exit 0 +[ -f /etc/osmo-ggsn.cfg ] || exit 0 + +RETVAL=0 +prog="osmo-ggsn" + +start() { + # Start daemons. + echo -n $"Starting $prog: " + + # Load tun module + /sbin/modprobe tun >/dev/null 2>&1 + + # Enable routing of packets: WARNING!!! + # Users should enable this explicitly + # echo 1 > /proc/sys/net/ipv4/ip_forward + + # Check for runtime directory of nonvolatile data + if [ ! -d /var/lib/osmo-ggsn ]; then + mkdir /var/lib/osmo-ggsn + fi + + # Check for GTP restart counter + if [ ! -d /var/lib/osmo-ggsn/gsn_restart ]; then + echo 0 > /var/lib/osmo-ggsn/gsn_restart + fi + + + daemon /usr/bin/osmo-ggsn + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/osmo-ggsn + return $RETVAL +} + +stop() { + # Stop daemons. + echo -n $"Shutting down $prog: " + killproc osmo-ggsn + RETVAL=$? + echo + [ $RETVAL = 0 ] && rm -f /var/lock/subsys/osmo-ggsn /var/run/osmo-ggsn.pid + return $RETVAL +} + +# See how we were called. +case "$1" in + start) + start + ;; + stop) + stop + ;; + restart|reload) + stop + start + RETVAL=$? + ;; + condrestart) + if [ -f /var/lock/subsys/osmo-ggsn ] ; then + stop + start + RETVAL=$? + fi + ;; + status) + status osmo-ggsn + RETVAL=$? + ;; + *) + echo $"Usage: $0 {start|stop|restart|condrestart|status}" + exit 1 +esac + +exit $RETVAL + diff --git a/doc/Makefile.am b/doc/Makefile.am index 7e2246c..46c634e 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -2,5 +2,6 @@ man_MANS = osmo-ggsn.8 sgsnemu.8 man_aux = $(man_MANS:.1=.x) EXTRA_DIST = $(man_MANS) - - +SUBDIRS = \ + examples \ + $(NULL) diff --git a/doc/examples/Makefile.am b/doc/examples/Makefile.am new file mode 100644 index 0000000..530c3fa --- /dev/null +++ b/doc/examples/Makefile.am @@ -0,0 +1,22 @@ +CFG_FILES = find $(srcdir) -name '*.cfg*' | sed -e 's,^$(srcdir),,' + +dist-hook: + for f in $$($(CFG_FILES)); do \ + j="$(distdir)/$$f" && \ + mkdir -p "$$(dirname $$j)" && \ + $(INSTALL_DATA) $(srcdir)/$$f $$j; \ + done + +install-data-hook: + for f in $$($(CFG_FILES)); do \ + j="$(DESTDIR)$(docdir)/examples/$$f" && \ + mkdir -p "$$(dirname $$j)" && \ + $(INSTALL_DATA) $(srcdir)/$$f $$j; \ + done + +uninstall-hook: + @$(PRE_UNINSTALL) + for f in $$($(CFG_FILES)); do \ + j="$(DESTDIR)$(docdir)/examples/$$f" && \ + $(RM) $$j; \ + done diff --git a/doc/examples/firewall b/doc/examples/firewall new file mode 100755 index 0000000..fce735a --- /dev/null +++ b/doc/examples/firewall @@ -0,0 +1,48 @@ +#!/bin/sh +# +# Firewall script for GGSN +# +# Uses $IFGN (eth0) as the Gn interface (Gn) and +# $IFGI (eth1) as the Gi interface. +# +# SUMMARY +# * All connections originating from GGSN are allowed. +# * Incoming ssh, GTPv0 and GTPv1 is allowed on the Gn interface. +# * Incoming ssh is allowed on the Gi interface. +# * Forwarding is allowed to and from the Gi interface, but disallowed +# to and from the Gn interface. +# * Masquerede on Gi interface. + +IPTABLES="/sbin/iptables" +IFGN="eth0" +IFGI="eth1" + +$IPTABLES -P INPUT DROP +$IPTABLES -P FORWARD ACCEPT +$IPTABLES -P OUTPUT ACCEPT + +#Allow related and established on all interfaces (input) +$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT + +#Allow releated, established, GTP and ssh on $IFGN. Reject everything else. +$IPTABLES -A INPUT -i $IFGN -p tcp -m tcp --dport 22 --syn -j ACCEPT +$IPTABLES -A INPUT -i $IFGN -p udp -m udp --dport 2123 -j ACCEPT +$IPTABLES -A INPUT -i $IFGN -p udp -m udp --dport 2152 -j ACCEPT +$IPTABLES -A INPUT -i $IFGN -p udp -m udp --dport 3386 -j ACCEPT +$IPTABLES -A INPUT -i $IFGN -j REJECT + +#Allow related, established and ssh. Drop everything else. +$IPTABLES -A INPUT -i $IFGI -p tcp -m tcp --dport 22 --syn -j ACCEPT +$IPTABLES -A INPUT -i $IFGI -j DROP + +# Masquerade everything going out on $IFGI +$IPTABLES -t nat -A POSTROUTING -o $IFGI -j MASQUERADE + +#Allow everything on loopback interface. +$IPTABLES -A INPUT -i lo -j ACCEPT + +# Drop everything to and from $IFGN (forward) +$IPTABLES -A FORWARD -i $IFGN -j DROP +$IPTABLES -A FORWARD -o $IFGN -j DROP + + diff --git a/doc/examples/osmo-ggsn.cfg b/doc/examples/osmo-ggsn.cfg new file mode 100644 index 0000000..763e561 --- /dev/null +++ b/doc/examples/osmo-ggsn.cfg @@ -0,0 +1,71 @@ +! +! OpenGGSN (0.94.1-adac) configuration saved from vty +!! +! +log stderr + logging filter all 1 + logging color 1 + logging print category 0 + logging timestamp 0 + logging level ip info + logging level tun info + logging level ggsn info + logging level sgsn notice + logging level icmp6 notice + logging level lglobal notice + logging level llapd notice + logging level linp notice + logging level lmux notice + logging level lmi notice + logging level lmib notice + logging level lsms notice + logging level lctrl notice + logging level lgtp info + logging level lstats notice + logging level lgsup notice + logging level loap notice + logging level lss7 notice + logging level lsccp notice + logging level lsua notice + logging level lm3ua notice + logging level lmgcp notice +! +stats interval 5 +! +line vty + no login +! +ggsn ggsn0 + gtp state-dir /tmp + gtp bind-ip 127.0.0.6 + apn internet + gtpu-mode tun + tun-device tun4 + type-support v4 + ip prefix dynamic 176.16.222.0/24 + ip dns 0 192.168.100.1 + ip dns 1 8.8.8.8 + ip ifconfig 176.16.222.0/24 + no shutdown + apn inet6 + gtpu-mode tun + tun-device tun6 + type-support v6 + ipv6 prefix dynamic 2001:780:44:2000:0:0:0:0/56 + ipv6 dns 0 2001:4860:4860::8888 + ipv6 ifconfig 2001:780:44:2000:0:0:0:0/56 + no shutdown + apn inet46 + gtpu-mode tun + tun-device tun46 + type-support v4v6 + ip prefix dynamic 176.16.46.0/24 + ip dns 0 192.168.100.1 + ip dns 1 8.8.8.8 + ip ifconfig 176.16.46.0/24 + ipv6 prefix dynamic 2001:780:44:2100:0:0:0:0/56 + ipv6 dns 0 2001:4860:4860::8888 + ipv6 ifconfig 2001:780:44:2100:0:0:0:0/56 + no shutdown + default-apn internet + no shutdown ggsn diff --git a/doc/examples/sgsnemu.conf b/doc/examples/sgsnemu.conf new file mode 100644 index 0000000..43b2458 --- /dev/null +++ b/doc/examples/sgsnemu.conf @@ -0,0 +1,131 @@ +############################################################################## +# +# Sample sgsnemu configuration file +# +############################################################################## + +# TAG: debug +# Include this flag to include debug information. +#debug + + +# TAG: conf +# Configuration file to use. This file is the configuration file, +# so changing this parameter in the configuration file does not make +# sense. Use it on the command line instead. + +# TAG: pidfile +# File to store information about the pricess id of the program. +# The program must have write access to this file/directory. +#pidfile ./sgsnemu.pid + +# TAG: statedir +# Directory to use for nonvolatile storage. +# The program must have write access to this directory. +#statedir ./ + + +# TAG: dns +# DNS server to use for ns lookups. +# If this tag is not set the system default DNS will be used. +#dns 10.1.2.3 + +# TAG: listen +# Specifies the local IP address to listen to +#listen 10.0.0.217 + +# TAG: remote +# Specifies the remote IP address to connect to +# If DNS is setup correctly it should be possible to specify the +# access point name (APN) as the remote address. +#remote 10.0.0.240 + + +# TAG: contexts +# Number of contexts to establish from the emulator to the ggsn. +# Set this tag to zero to not establish any contexts. +#contexts 1 + +# TAG: timelimit +# Disconnect contexts after timelimit seconds, and exit the program. +# Setting timelimit to zero will cause the program not to disconnect. +#timelimit 0 + + +# TAG: apn +# Access point name to connect to when run in client mode. +#apn internet + +# TAG: selmode +# Selection mode to use when connecting to GGSN. +#selmode 0x01 + +# TAG: imsi +# IMSI number used when run in client mode. +#imsi 2400101234567890 + +# TAG: msisdn +# MSISDN number used when run in client mode. +#msisdn 46702123456 + +# TAG: qos +# Requested Quality of Service used when run in client mode. +# 3 bytes corresponding to ???? +#qos 0x0b921f + +# TAG: uid +# User ID used when run in client mode. +#uid mig + +# TAG: pwd +# Password used when run in client mode. +#pwd hemlig + + +# TAG: createif +# Use this flag if you want to set up a local network interface after +# a PDP context has been established. +#createif + +# TAG: defaultroute +# Use this flag if you want to add a default route after a network interface +# had been established. +#defaultroute + +# TAG: ipup +# Script executed after network interface has been brought up. +# Executed with the following parameters: +#ipup /etc/sgsnemu/ip-up + +# TAG: ipdown +# Script executed after network interface has been taken down. +# Executed with the following parameters: +#ipdown /etc/sgsnemu/ip-down + + +# TAG: pinghost +# Ping a remote host through a PDP context by using ICMP echo messages. +# If more than one PDP context has been established the ICMP messages will +# be distributed between all available contexts. +#pinghost 192.168.0.0 + +# TAG: pingrate +# Number of ping messages to send off each second. +#pingrate 1 + +# TAG: pingsize +# Size of ICMP echo message payload. Add 28 to get the full IP packet size. +#pingsize 56 + +# TAG: pingcount +# Number of ping messages to send off. +#pingcount 0 + +# TAG: pingquiet +# Do not print ping packet info. +#pingquiet + + + + + diff --git a/examples/firewall b/examples/firewall deleted file mode 100755 index fce735a..0000000 --- a/examples/firewall +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/sh -# -# Firewall script for GGSN -# -# Uses $IFGN (eth0) as the Gn interface (Gn) and -# $IFGI (eth1) as the Gi interface. -# -# SUMMARY -# * All connections originating from GGSN are allowed. -# * Incoming ssh, GTPv0 and GTPv1 is allowed on the Gn interface. -# * Incoming ssh is allowed on the Gi interface. -# * Forwarding is allowed to and from the Gi interface, but disallowed -# to and from the Gn interface. -# * Masquerede on Gi interface. - -IPTABLES="/sbin/iptables" -IFGN="eth0" -IFGI="eth1" - -$IPTABLES -P INPUT DROP -$IPTABLES -P FORWARD ACCEPT -$IPTABLES -P OUTPUT ACCEPT - -#Allow related and established on all interfaces (input) -$IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT - -#Allow releated, established, GTP and ssh on $IFGN. Reject everything else. -$IPTABLES -A INPUT -i $IFGN -p tcp -m tcp --dport 22 --syn -j ACCEPT -$IPTABLES -A INPUT -i $IFGN -p udp -m udp --dport 2123 -j ACCEPT -$IPTABLES -A INPUT -i $IFGN -p udp -m udp --dport 2152 -j ACCEPT -$IPTABLES -A INPUT -i $IFGN -p udp -m udp --dport 3386 -j ACCEPT -$IPTABLES -A INPUT -i $IFGN -j REJECT - -#Allow related, established and ssh. Drop everything else. -$IPTABLES -A INPUT -i $IFGI -p tcp -m tcp --dport 22 --syn -j ACCEPT -$IPTABLES -A INPUT -i $IFGI -j DROP - -# Masquerade everything going out on $IFGI -$IPTABLES -t nat -A POSTROUTING -o $IFGI -j MASQUERADE - -#Allow everything on loopback interface. -$IPTABLES -A INPUT -i lo -j ACCEPT - -# Drop everything to and from $IFGN (forward) -$IPTABLES -A FORWARD -i $IFGN -j DROP -$IPTABLES -A FORWARD -o $IFGN -j DROP - - diff --git a/examples/osmo-ggsn.cfg b/examples/osmo-ggsn.cfg deleted file mode 100644 index 763e561..0000000 --- a/examples/osmo-ggsn.cfg +++ /dev/null @@ -1,71 +0,0 @@ -! -! OpenGGSN (0.94.1-adac) configuration saved from vty -!! -! -log stderr - logging filter all 1 - logging color 1 - logging print category 0 - logging timestamp 0 - logging level ip info - logging level tun info - logging level ggsn info - logging level sgsn notice - logging level icmp6 notice - logging level lglobal notice - logging level llapd notice - logging level linp notice - logging level lmux notice - logging level lmi notice - logging level lmib notice - logging level lsms notice - logging level lctrl notice - logging level lgtp info - logging level lstats notice - logging level lgsup notice - logging level loap notice - logging level lss7 notice - logging level lsccp notice - logging level lsua notice - logging level lm3ua notice - logging level lmgcp notice -! -stats interval 5 -! -line vty - no login -! -ggsn ggsn0 - gtp state-dir /tmp - gtp bind-ip 127.0.0.6 - apn internet - gtpu-mode tun - tun-device tun4 - type-support v4 - ip prefix dynamic 176.16.222.0/24 - ip dns 0 192.168.100.1 - ip dns 1 8.8.8.8 - ip ifconfig 176.16.222.0/24 - no shutdown - apn inet6 - gtpu-mode tun - tun-device tun6 - type-support v6 - ipv6 prefix dynamic 2001:780:44:2000:0:0:0:0/56 - ipv6 dns 0 2001:4860:4860::8888 - ipv6 ifconfig 2001:780:44:2000:0:0:0:0/56 - no shutdown - apn inet46 - gtpu-mode tun - tun-device tun46 - type-support v4v6 - ip prefix dynamic 176.16.46.0/24 - ip dns 0 192.168.100.1 - ip dns 1 8.8.8.8 - ip ifconfig 176.16.46.0/24 - ipv6 prefix dynamic 2001:780:44:2100:0:0:0:0/56 - ipv6 dns 0 2001:4860:4860::8888 - ipv6 ifconfig 2001:780:44:2100:0:0:0:0/56 - no shutdown - default-apn internet - no shutdown ggsn diff --git a/examples/osmo-ggsn.init b/examples/osmo-ggsn.init deleted file mode 100644 index 2deb378..0000000 --- a/examples/osmo-ggsn.init +++ /dev/null @@ -1,97 +0,0 @@ -#!/bin/sh -# -# osmo-ggsn This shell script takes care of starting and stopping -# osmo-ggsn. -# -# chkconfig: - 65 35 -# description: osmo-ggsn is a Gateway GPRS Support Node. - -# Source function library. -. /etc/rc.d/init.d/functions - -# Source networking configuration. -. /etc/sysconfig/network - -if [ -f /etc/sysconfig/osmo-ggsn ]; then - . /etc/sysconfig/osmo-ggsn -fi - -# Check that networking is up. -[ ${NETWORKING} = "no" ] && exit 0 - -[ -f /usr/bin/osmo-ggsn ] || exit 0 -[ -f /etc/osmo-ggsn.cfg ] || exit 0 - -RETVAL=0 -prog="osmo-ggsn" - -start() { - # Start daemons. - echo -n $"Starting $prog: " - - # Load tun module - /sbin/modprobe tun >/dev/null 2>&1 - - # Enable routing of packets: WARNING!!! - # Users should enable this explicitly - # echo 1 > /proc/sys/net/ipv4/ip_forward - - # Check for runtime directory of nonvolatile data - if [ ! -d /var/lib/osmo-ggsn ]; then - mkdir /var/lib/osmo-ggsn - fi - - # Check for GTP restart counter - if [ ! -d /var/lib/osmo-ggsn/gsn_restart ]; then - echo 0 > /var/lib/osmo-ggsn/gsn_restart - fi - - - daemon /usr/bin/osmo-ggsn - RETVAL=$? - echo - [ $RETVAL -eq 0 ] && touch /var/lock/subsys/osmo-ggsn - return $RETVAL -} - -stop() { - # Stop daemons. - echo -n $"Shutting down $prog: " - killproc osmo-ggsn - RETVAL=$? - echo - [ $RETVAL = 0 ] && rm -f /var/lock/subsys/osmo-ggsn /var/run/osmo-ggsn.pid - return $RETVAL -} - -# See how we were called. -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart|reload) - stop - start - RETVAL=$? - ;; - condrestart) - if [ -f /var/lock/subsys/osmo-ggsn ] ; then - stop - start - RETVAL=$? - fi - ;; - status) - status osmo-ggsn - RETVAL=$? - ;; - *) - echo $"Usage: $0 {start|stop|restart|condrestart|status}" - exit 1 -esac - -exit $RETVAL - diff --git a/examples/sgsnemu.conf b/examples/sgsnemu.conf deleted file mode 100644 index 43b2458..0000000 --- a/examples/sgsnemu.conf +++ /dev/null @@ -1,131 +0,0 @@ -############################################################################## -# -# Sample sgsnemu configuration file -# -############################################################################## - -# TAG: debug -# Include this flag to include debug information. -#debug - - -# TAG: conf -# Configuration file to use. This file is the configuration file, -# so changing this parameter in the configuration file does not make -# sense. Use it on the command line instead. - -# TAG: pidfile -# File to store information about the pricess id of the program. -# The program must have write access to this file/directory. -#pidfile ./sgsnemu.pid - -# TAG: statedir -# Directory to use for nonvolatile storage. -# The program must have write access to this directory. -#statedir ./ - - -# TAG: dns -# DNS server to use for ns lookups. -# If this tag is not set the system default DNS will be used. -#dns 10.1.2.3 - -# TAG: listen -# Specifies the local IP address to listen to -#listen 10.0.0.217 - -# TAG: remote -# Specifies the remote IP address to connect to -# If DNS is setup correctly it should be possible to specify the -# access point name (APN) as the remote address. -#remote 10.0.0.240 - - -# TAG: contexts -# Number of contexts to establish from the emulator to the ggsn. -# Set this tag to zero to not establish any contexts. -#contexts 1 - -# TAG: timelimit -# Disconnect contexts after timelimit seconds, and exit the program. -# Setting timelimit to zero will cause the program not to disconnect. -#timelimit 0 - - -# TAG: apn -# Access point name to connect to when run in client mode. -#apn internet - -# TAG: selmode -# Selection mode to use when connecting to GGSN. -#selmode 0x01 - -# TAG: imsi -# IMSI number used when run in client mode. -#imsi 2400101234567890 - -# TAG: msisdn -# MSISDN number used when run in client mode. -#msisdn 46702123456 - -# TAG: qos -# Requested Quality of Service used when run in client mode. -# 3 bytes corresponding to ???? -#qos 0x0b921f - -# TAG: uid -# User ID used when run in client mode. -#uid mig - -# TAG: pwd -# Password used when run in client mode. -#pwd hemlig - - -# TAG: createif -# Use this flag if you want to set up a local network interface after -# a PDP context has been established. -#createif - -# TAG: defaultroute -# Use this flag if you want to add a default route after a network interface -# had been established. -#defaultroute - -# TAG: ipup -# Script executed after network interface has been brought up. -# Executed with the following parameters: -#ipup /etc/sgsnemu/ip-up - -# TAG: ipdown -# Script executed after network interface has been taken down. -# Executed with the following parameters: -#ipdown /etc/sgsnemu/ip-down - - -# TAG: pinghost -# Ping a remote host through a PDP context by using ICMP echo messages. -# If more than one PDP context has been established the ICMP messages will -# be distributed between all available contexts. -#pinghost 192.168.0.0 - -# TAG: pingrate -# Number of ping messages to send off each second. -#pingrate 1 - -# TAG: pingsize -# Size of ICMP echo message payload. Add 28 to get the full IP packet size. -#pingsize 56 - -# TAG: pingcount -# Number of ping messages to send off. -#pingcount 0 - -# TAG: pingquiet -# Do not print ping packet info. -#pingquiet - - - - - -- cgit v1.2.3