function bridges_build() { $unix = new unix(); $iptables = $unix->find_program("iptables"); $sysctl = $unix->find_program("sysctl"); $sql = "SELECT * FROM iptables_bridge ORDER BY ID DESC"; $q = new mysql(); $results = $q->QUERY_SQL($sql, "artica_backup"); if (!$q->ok) { return null; } while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) { $array_virtual_infos = VirtualNicInfosIPaddr($ligne["nics_virtuals_id"]); $nicvirtual = $array_virtual_infos["IPADDR"]; if ($nicvirtual == null) { continue; } $nic_linked = trim($ligne["nic_linked"]); if (trim($nic_linked) == null) { continue; } if (preg_match("#(.+?):([0-9]+)#", $nic_linked, $re)) { $array_virtual_infos = VirtualNicInfosIPaddr($re[2]); $nic_linked = $array_virtual_infos["IPADDR"]; } $id = $ligne["ID"]; echo "Starting......: Virtuals bridge {$nicvirtual} to {$nic_linked}\n"; $iptables_rules[] = "{$iptables} -A FORWARD -i {$nicvirtual} -o {$nic_linked} -m state --state ESTABLISHED,RELATED -j ACCEPT -m comment --comment \"ArticaBridgesVirtual:{$id}\" 2>&1"; $iptables_rules[] = "{$iptables} -A FORWARD -i {$nicvirtual} -o {$nic_linked} -j ACCEPT -m comment --comment \"ArticaBridgesVirtual:{$id}\" 2>&1"; $iptables_rules[] = "{$iptables} -t nat -A POSTROUTING -o {$nic_linked} -j MASQUERADE\t-m comment --comment \"ArticaBridgesVirtual:{$id}\" 2>&1"; } bridges_delete(); $rules = 0; if (count($iptables_rules) > 0) { while (list($index, $chain) = each($iptables_rules)) { unset($results); exec($chain, $results); if (count($results) > 0) { echo "Starting......: Virtuals bridge ERROR {$chain}\n"; while (list($num, $line) = each($results)) { echo "Starting......: Virtuals bridge ERROR {$line}\n"; } } else { $rules = $rules + 1; } } } if ($rules > 0) { shell_exec("{$sysctl} -w net.ipv4.ip_forward=1"); } echo "Starting......: Virtuals bridge adding iptables {$rules} rule(s)\n"; }
exit; } if ($argv[1] == "--bridge-rm") { bridge_deletemanu($argv[2]); exit; } if ($argv[1] == "--hosts") { etc_hosts_exec(); exit; } if ($argv[1] == "--hosts-defaults") { etc_hosts_defaults(); exit; } if ($argv[1] == "--iptables-bridge-delete") { bridges_delete(); exit; } if ($argv[1] == "--ucarp-notify") { ucarp_notify($argv[2], $argv[3], $argv[4], $argv[5], $argv[6]); exit; } if ($argv[1] == "--ucarp-notify-down") { ucarp_notify_down($argv[2], $argv[3], $argv[4], $argv[5], $argv[6]); exit; } if ($argv[1] == "--wccp-build") { nics_wccp_build(true); exit; } if ($argv[1] == "--ucarp-active") {