[ViewVC] Annotation of: repos/FreeBSDAdmin/Gateway/dhclient-exit-hooks

#!/bin/sh
# DHCP Client Exit Hooks
#
# Douglas Thrift
#
# $Id$

tunnelbroker()
{
        local pass=`python -c "import getpass, hashlib; print hashlib.md5(getpass.getpass('tunnelbroker pass: ')).hexdigest()"`
        read -p 'tunnelbroker user_id: ' -r user_id
        read -p 'tunnelbroker tunnel_id: ' -r tunnel_id
        export CURL_CA_BUNDLE=`mktemp -t dhclient`
        cat >$CURL_CA_BUNDLE <<-EOF
        -----BEGIN CERTIFICATE-----
        MIID8DCCAtigAwIBAgIJAPF6IlDmmdRhMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
        VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEQMA4GA1UEBxMHRnJlbW9udDEg
        MB4GA1UEChMXSHVycmljYW5lIEVsZWN0cmljLCBMTEMxDTALBgNVBAsTBElQdjYx
        GTAXBgNVBAMTEHR1bm5lbGJyb2tlci5uZXQxGjAYBgkqhkiG9w0BCQEWC2lwdjZA
        aGUubmV0MB4XDTExMDQyMjE3NDIyMFoXDTIxMDQxOTE3NDIyMFowgZwxCzAJBgNV
        BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRAwDgYDVQQHEwdGcmVtb250MSAw
        HgYDVQQKExdIdXJyaWNhbmUgRWxlY3RyaWMsIExMQzENMAsGA1UECxMESVB2NjEZ
        MBcGA1UEAxMQdHVubmVsYnJva2VyLm5ldDEaMBgGCSqGSIb3DQEJARYLaXB2NkBo
        ZS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe5nza8zQ/AiT+
        ySc4mZYmLMcIrcU3q6ZEwIY5vHg2chzCJGCPQIwtBiexSZ7CWL8/GjdPWs6DoCut
        DS6VlGGaRhJd0ppUOB3uZLcqnfY0/d40WpRFm49yAV3fmhQg744BKUz2+V23E3tP
        n4UXq507dQ3RmNiZoS/T+DUbt1URXFZDIJmc4vjnYfGQhUzhbWZbC7J5fMFnTFSL
        NWNou4drWwcApm4FjPfVr+tdanjGEs8bMGSbXo6BjtStiEy1yJ3QGyZLwuURcMMv
        DV06/hc2Nv9MZPUaIPvXmNcSuVvY3MJiD1CiCWVmfiO3h7b5EmIWC+ZpO9L3Mk6/
        j/MgWR6jAgMBAAGjMzAxMC8GA1UdEQQoMCaCEHR1bm5lbGJyb2tlci5uZXSCEiou
        dHVubmVsYnJva2VyLm5ldDANBgkqhkiG9w0BAQUFAAOCAQEAXMG5ZOeyRCzIEPYP
        tZKbr1N0CkiBHf+7bVqUqfifEte6S/edpUdzIzB9Wtt484Dt88cAeg4BH2z+Kx2C
        lE9PxtTSMCInZIniuoLhaBP0BiRXEurTYdreFmen/S5cCkffVr+eJGk92lQQAdMr
        kyz2kD1NCwCaEp1w9DYltDbfC2v8BSIiEKVvD72VW6E2r7AvW73s3+E3WcWbt6pV
        qrKfFH4mKH0BR7nLzm5zduojCvIdH3GjelyLd7lUVR3N8Dz626tOzni/bzHpbH3T
        dMlBIl3f7c41wcoFG5zSZf1mvgyOnSlOnNmlxMbnfnrIyIyfYz1L8UWqWZGbxJYH
        EXcOrA==
        -----END CERTIFICATE-----
        EOF
        curl -4 "https://tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$pass&user_id=$user_id&tunnel_id=$tunnel_id"
        echo
        rm $CURL_CA_BUNDLE
        unset CURL_CA_BUNDLE
        if ! grep -q "^gifconfig_${tunnelbroker_gif:=gif0}=\"$new_ip_address $tunnelbroker_server\"$" /etc/rc.conf; then
                sed -Ee "s/^(gifconfig_$tunnelbroker_gif=\").*( $tunnelbroker_server\")$/\1$new_ip_address\2/" -i '' /etc/rc.conf
                ifconfig $tunnelbroker_gif tunnel $new_ip_address $tunnelbroker_server
        fi
}

dns()
{
        read -p 'dns key: ' -r key
        read -p 'dns secret: ' -r secret
        nsupdate -d <<-EOF
        key $key $secret
        update delete $hostname A
        update add $hostname 300 A $new_ip_address
        send
        EOF
}

case ${reason:=RENEW} in
BOUND|RENEW|REBIND|REBOOT)
        case `hostname -s` in
        justonenight)
                hostname='laguna.douglasthrift.net'
                tunnelbroker_server='64.62.134.130'
                ;;
        backhome)
                hostname='mustang.douglasthrift.net'
                tunnelbroker_server='66.220.18.42'
                ;;
        esac

        : ${new_ip_address:=`host -t a $hostname | cut -d ' ' -f 4`}

        [ -n "$tunnelbroker_server" ] && tunnelbroker

        dns
        ;;
esac
Revision:	1446
Committed:	2011-10-22T20:13:50-07:00 (13 years, 8 months ago) by douglas
File size:	2881 byte(s)
Log Message:	New cert?
#	User	Rev	Content
1	douglas	933	#!/bin/sh
2			# DHCP Client Exit Hooks
3	douglas	847	#
4			# Douglas Thrift
5			#
6			# $Id$
7
8	douglas	1407	tunnelbroker()
9			{
10			local pass=`python -c "import getpass, hashlib; print hashlib.md5(getpass.getpass('tunnelbroker pass: ')).hexdigest()"`
11			read -p 'tunnelbroker user_id: ' -r user_id
12			read -p 'tunnelbroker tunnel_id: ' -r tunnel_id
13			export CURL_CA_BUNDLE=`mktemp -t dhclient`
14			cat >$CURL_CA_BUNDLE <<-EOF
15			-----BEGIN CERTIFICATE-----
16	douglas	1446	MIID8DCCAtigAwIBAgIJAPF6IlDmmdRhMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
17			VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEQMA4GA1UEBxMHRnJlbW9udDEg
18			MB4GA1UEChMXSHVycmljYW5lIEVsZWN0cmljLCBMTEMxDTALBgNVBAsTBElQdjYx
19			GTAXBgNVBAMTEHR1bm5lbGJyb2tlci5uZXQxGjAYBgkqhkiG9w0BCQEWC2lwdjZA
20			aGUubmV0MB4XDTExMDQyMjE3NDIyMFoXDTIxMDQxOTE3NDIyMFowgZwxCzAJBgNV
21			BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRAwDgYDVQQHEwdGcmVtb250MSAw
22			HgYDVQQKExdIdXJyaWNhbmUgRWxlY3RyaWMsIExMQzENMAsGA1UECxMESVB2NjEZ
23			MBcGA1UEAxMQdHVubmVsYnJva2VyLm5ldDEaMBgGCSqGSIb3DQEJARYLaXB2NkBo
24			ZS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe5nza8zQ/AiT+
25			ySc4mZYmLMcIrcU3q6ZEwIY5vHg2chzCJGCPQIwtBiexSZ7CWL8/GjdPWs6DoCut
26			DS6VlGGaRhJd0ppUOB3uZLcqnfY0/d40WpRFm49yAV3fmhQg744BKUz2+V23E3tP
27			n4UXq507dQ3RmNiZoS/T+DUbt1URXFZDIJmc4vjnYfGQhUzhbWZbC7J5fMFnTFSL
28			NWNou4drWwcApm4FjPfVr+tdanjGEs8bMGSbXo6BjtStiEy1yJ3QGyZLwuURcMMv
29			DV06/hc2Nv9MZPUaIPvXmNcSuVvY3MJiD1CiCWVmfiO3h7b5EmIWC+ZpO9L3Mk6/
30			j/MgWR6jAgMBAAGjMzAxMC8GA1UdEQQoMCaCEHR1bm5lbGJyb2tlci5uZXSCEiou
31			dHVubmVsYnJva2VyLm5ldDANBgkqhkiG9w0BAQUFAAOCAQEAXMG5ZOeyRCzIEPYP
32			tZKbr1N0CkiBHf+7bVqUqfifEte6S/edpUdzIzB9Wtt484Dt88cAeg4BH2z+Kx2C
33			lE9PxtTSMCInZIniuoLhaBP0BiRXEurTYdreFmen/S5cCkffVr+eJGk92lQQAdMr
34			kyz2kD1NCwCaEp1w9DYltDbfC2v8BSIiEKVvD72VW6E2r7AvW73s3+E3WcWbt6pV
35			qrKfFH4mKH0BR7nLzm5zduojCvIdH3GjelyLd7lUVR3N8Dz626tOzni/bzHpbH3T
36			dMlBIl3f7c41wcoFG5zSZf1mvgyOnSlOnNmlxMbnfnrIyIyfYz1L8UWqWZGbxJYH
37			EXcOrA==
38	douglas	1407	-----END CERTIFICATE-----
39			EOF
40			curl -4 "https://tunnelbroker.net/ipv4_end.php?ipv4b=AUTO&pass=$pass&user_id=$user_id&tunnel_id=$tunnel_id"
41			echo
42			rm $CURL_CA_BUNDLE
43			unset CURL_CA_BUNDLE
44			if ! grep -q "^gifconfig_${tunnelbroker_gif:=gif0}=\"$new_ip_address $tunnelbroker_server\"$" /etc/rc.conf; then
45			sed -Ee "s/^(gifconfig_$tunnelbroker_gif=\").*( $tunnelbroker_server\")$/\1$new_ip_address\2/" -i '' /etc/rc.conf
46			ifconfig $tunnelbroker_gif tunnel $new_ip_address $tunnelbroker_server
47			fi
48			}
49	douglas	847
50	douglas	1407	dns()
51			{
52			read -p 'dns key: ' -r key
53			read -p 'dns secret: ' -r secret
54	douglas	935	nsupdate -d <<-EOF
55			key $key $secret
56			update delete $hostname A
57	douglas	1410	update add $hostname 300 A $new_ip_address
58	douglas	935	send
59			EOF
60	douglas	1407	}
61
62			case ${reason:=RENEW} in
63			BOUND\|RENEW\|REBIND\|REBOOT)
64			case `hostname -s` in
65			justonenight)
66	douglas	1444	hostname='laguna.douglasthrift.net'
67			tunnelbroker_server='64.62.134.130'
68	douglas	1407	;;
69			backhome)
70			hostname='mustang.douglasthrift.net'
71	douglas	1410	tunnelbroker_server='66.220.18.42'
72	douglas	1407	;;
73			esac
74
75			: ${new_ip_address:=`host -t a $hostname \| cut -d ' ' -f 4`}
76
77			[ -n "$tunnelbroker_server" ] && tunnelbroker
78
79			dns
80	douglas	933	;;
81			esac