Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-19 08:40:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1087 from BastilleBSD/tschettervictor-patch-1

Browse Source 
create: Add -g|--gateway
This commit is contained in:
tschettervictor
2025-05-22 11:00:53 -06:00
committed by GitHub
parent 2574fea879 21c0d75a13
commit 9798da4900
3 changed files with 51 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/chapters/subcommands/create.rst
View File

@@ -61,8 +61,10 @@ options. See the below help output.
-C | --clone Create a clone jail. -C | --clone Create a clone jail.
-D | --dual Create jail with both IPv4 and IPv6 networking ('inherit' and 'ip_hostname' only). -D | --dual Create jail with both IPv4 and IPv6 networking ('inherit' and 'ip_hostname' only).
-E | --empty Create an empty container, intended for custom jail builds (thin/thick/linux or unsupported). -E | --empty Create an empty container, intended for custom jail builds (thin/thick/linux or unsupported).
-g | --gateway IP Specify a default router/gateway for the jail.
-L | --linux Create a Linux jail (experimental). -L | --linux Create a Linux jail (experimental).
-M | --static-mac Generate a static MAC address for jail (VNET only). -M | --static-mac Generate a static MAC address for jail (VNET only).
-n | --nameserver IP,IP Specify nameserver(s) for the jail. Comma separated.
--no-validate Do not validate the release when creating the jail. --no-validate Do not validate the release when creating the jail.
--no-boot Create jail with boot=off. --no-boot Create jail with boot=off.
-p | --priority VALUE Set priority value for jail. -p | --priority VALUE Set priority value for jail.
@@ -70,4 +72,4 @@ options. See the below help output.
-V | --vnet Enable VNET, and attach to an existing, physical interface. -V | --vnet Enable VNET, and attach to an existing, physical interface.
-v | --vlan VLANID Creates the jail with specified VLAN ID (VNET only). -v | --vlan VLANID Creates the jail with specified VLAN ID (VNET only).
-x | --debug Enable debug mode. -x | --debug Enable debug mode.
-Z | --zfs-opts [zfs,options] Comma separated list of ZFS options to create the jail with. This overrides the defaults. -Z | --zfs-opts zfs,options Comma separated list of ZFS options to create the jail with. This overrides the defaults.

2
usr/local/share/bastille/common.sh
View File

@@ -544,4 +544,4 @@ checkyesno() {
esac esac
} }
set_bastille_mountpoints set_bastille_mountpoints

52
usr/local/share/bastille/create.sh
View File

@@ -44,8 +44,10 @@ usage() {
-C | --clone Create a clone jail. -C | --clone Create a clone jail.
-D | --dual Create jail with both IPv4 and IPv6 networking ('inherit' and 'ip_hostname' only). -D | --dual Create jail with both IPv4 and IPv6 networking ('inherit' and 'ip_hostname' only).
-E | --empty Create an empty container, intended for custom jail builds (thin/thick/linux or unsupported). -E | --empty Create an empty container, intended for custom jail builds (thin/thick/linux or unsupported).
-g | --gateway IP Specify a default router/gateway for the jail.
-L | --linux Create a Linux jail (experimental). -L | --linux Create a Linux jail (experimental).
-M | --static-mac Generate a static MAC address for jail (VNET only). -M | --static-mac Generate a static MAC address for jail (VNET only).
-n | --nameserver IP,IP Specify nameserver(s) for the jail. Comma separated.
--no-validate Do not validate the release when creating the jail. --no-validate Do not validate the release when creating the jail.
--no-boot Create jail with boot=off. --no-boot Create jail with boot=off.
-p | --priority VALUE Set priority value for jail. -p | --priority VALUE Set priority value for jail.
@@ -53,7 +55,7 @@ usage() {
-V | --vnet Enable VNET, and attach to an existing, physical interface. -V | --vnet Enable VNET, and attach to an existing, physical interface.
-v | --vlan VLANID Creates the jail with specified VLAN ID (VNET only). -v | --vlan VLANID Creates the jail with specified VLAN ID (VNET only).
-x | --debug Enable debug mode. -x | --debug Enable debug mode.
-Z | --zfs-opts [zfs,options] Comma separated list of ZFS options to create the jail with. This overrides the defaults. -Z | --zfs-opts zfs,options Comma separated list of ZFS options to create the jail with. This overrides the defaults.
EOF EOF
exit 1 exit 1
@@ -190,6 +192,12 @@ validate_netif() {
else else
info "\nValid: (${INTERFACE})." info "\nValid: (${INTERFACE})."
fi fi
# Don't allow dots in INTERFACE if -V
if [ -n "${VNET_JAIL}" ] && [ -z "${VNET_JAIL_BRIDGE}" ]; then
if echo "${INTERFACE}" | grep -q "\."; then
error_exit "[ERROR]: [-V|--vnet] does not support dots (.) in interface names."
fi
fi
} }
validate_release() { validate_release() {
@@ -626,7 +634,9 @@ create_jail() {
_ifconfig_inet=SYNCDHCP _ifconfig_inet=SYNCDHCP
else else
# Else apply the default gateway # Else apply the default gateway
if [ -n "${bastille_network_gateway}" ]; then if [ -n "${OPT_GATEWAY}" ]; then
_gateway="${OPT_GATEWAY}"
elif [ -n "${bastille_network_gateway}" ]; then
_gateway="${bastille_network_gateway}" _gateway="${bastille_network_gateway}"
else else
_gateway="$(netstat -4rn | awk '/default/ {print $2}')" _gateway="$(netstat -4rn | awk '/default/ {print $2}')"
@@ -692,6 +702,14 @@ create_jail() {
fi fi
fi fi
# Apply nameserver (if set)
if [ -n "${OPT_NAMESERVER}" ]; then
sed -i '' "/^nameserver.*/d" "${bastille_jail_resolv_conf}"
for _ns in $(echo ${OPT_NAMESERVER} | sed 's/,/ /g'); do
echo "nameserver ${_ns}" >> "${bastille_jail_resolv_conf}"
done
fi
# Apply values changed by the template. -- cwells # Apply values changed by the template. -- cwells
if [ -z "${EMPTY_JAIL}" ] && [ -z "${LINUX_JAIL}" ]; then if [ -z "${EMPTY_JAIL}" ] && [ -z "${LINUX_JAIL}" ]; then
bastille restart "${NAME}" bastille restart "${NAME}"
@@ -724,6 +742,8 @@ STATIC_MAC=""
DUAL_STACK="" DUAL_STACK=""
VALIDATE_RELEASE="1" VALIDATE_RELEASE="1"
PRIORITY="99" PRIORITY="99"
OPT_GATEWAY=""
OPT_NAMESERVER=""
while [ $# -gt 0 ]; do while [ $# -gt 0 ]; do
case "${1}" in case "${1}" in
-h|--help|help) -h|--help|help)
@@ -746,6 +766,16 @@ while [ $# -gt 0 ]; do
EMPTY_JAIL="1" EMPTY_JAIL="1"
shift shift
;; ;;
-g|--gateway|--defaultrouter)
OPT_GATEWAY="${2}"
# Validate gateway
if [ -n "${OPT_GATEWAY}" ]; then
if ! validate_ip "${OPT_GATEWAY}" >/dev/null 2>/dev/null; then
error_exit "[ERROR]: Not a valid gateway: ${OPT_GATEWAY}"
fi
fi
shift 2
;;
-L|--linux) -L|--linux)
LINUX_JAIL="1" LINUX_JAIL="1"
shift shift
@@ -754,6 +784,18 @@ while [ $# -gt 0 ]; do
STATIC_MAC="1" STATIC_MAC="1"
shift shift
;; ;;
-n|--nameserver)
OPT_NAMESERVER="${2}"
# Validate nameserver
if [ -n "${OPT_NAMESERVER}" ]; then
for _nameserver in $(echo ${OPT_NAMESERVER} | sed 's/,/ /g'); do
if ! validate_ip "${_nameserver}" >/dev/null 2>/dev/null; then
error_exit "[ERROR]: Invalid nameserver(s): ${OPT_NAMESERVER}"
fi
done
fi
shift 2
;;
-p|--priority) -p|--priority)
if echo "${2}" | grep -Eoq "^[0-9]+$"; then if echo "${2}" | grep -Eoq "^[0-9]+$"; then
PRIORITY="${2}" PRIORITY="${2}"
@@ -779,11 +821,11 @@ while [ $# -gt 0 ]; do
shift shift
;; ;;
-v|--vlan) -v|--vlan)
if echo "${2}" | grep -Eq '^[0-9]+$'; then if echo "${2}" | grep -Eq '^[0-9]+$'; then
VLAN_ID="${2}" VLAN_ID="${2}"
else else
error_exit "Not a valid VLAN ID: ${2}" error_exit "Not a valid VLAN ID: ${2}"
fi fi
shift 2 shift 2
;; ;;
-x|--debug) -x|--debug)