1*4882a593Smuzhiyun#!/bin/bash 2*4882a593Smuzhiyun# 3*4882a593Smuzhiyun# QEMU network interface configuration script. This utility needs to 4*4882a593Smuzhiyun# be run as root, and will use the tunctl binary from a native sysroot. 5*4882a593Smuzhiyun# Note: many Linux distros these days still use an older version of 6*4882a593Smuzhiyun# tunctl which does not support the group permissions option, hence 7*4882a593Smuzhiyun# the need to use build system's version. 8*4882a593Smuzhiyun# 9*4882a593Smuzhiyun# If you find yourself calling this script a lot, you can add the 10*4882a593Smuzhiyun# the following to your /etc/sudoers file to be able to run this 11*4882a593Smuzhiyun# command without entering your password each time: 12*4882a593Smuzhiyun# 13*4882a593Smuzhiyun# <my-username> ALL=NOPASSWD: /path/to/runqemu-ifup 14*4882a593Smuzhiyun# <my-username> ALL=NOPASSWD: /path/to/runqemu-ifdown 15*4882a593Smuzhiyun# 16*4882a593Smuzhiyun# If you'd like to create a bank of tap devices at once, you should use 17*4882a593Smuzhiyun# the runqemu-gen-tapdevs script instead. If tap devices are set up using 18*4882a593Smuzhiyun# that script, the runqemu script will never end up calling this 19*4882a593Smuzhiyun# script. 20*4882a593Smuzhiyun# 21*4882a593Smuzhiyun# Copyright (c) 2006-2011 Linux Foundation 22*4882a593Smuzhiyun# 23*4882a593Smuzhiyun# SPDX-License-Identifier: GPL-2.0-only 24*4882a593Smuzhiyun# 25*4882a593Smuzhiyun 26*4882a593Smuzhiyunusage() { 27*4882a593Smuzhiyun echo "sudo $(basename $0) <uid> <gid> <native-sysroot-basedir>" 28*4882a593Smuzhiyun} 29*4882a593Smuzhiyun 30*4882a593Smuzhiyunif [ $EUID -ne 0 ]; then 31*4882a593Smuzhiyun echo "Error: This script (runqemu-ifup) must be run with root privileges" 32*4882a593Smuzhiyun exit 1 33*4882a593Smuzhiyunfi 34*4882a593Smuzhiyun 35*4882a593Smuzhiyunif [ $# -ne 3 ]; then 36*4882a593Smuzhiyun usage 37*4882a593Smuzhiyun exit 1 38*4882a593Smuzhiyunfi 39*4882a593Smuzhiyun 40*4882a593SmuzhiyunUSERID="-u $1" 41*4882a593SmuzhiyunGROUP="-g $2" 42*4882a593SmuzhiyunSTAGING_BINDIR_NATIVE=$3 43*4882a593Smuzhiyun 44*4882a593SmuzhiyunTUNCTL=$STAGING_BINDIR_NATIVE/tunctl 45*4882a593Smuzhiyunif [ ! -x "$TUNCTL" ]; then 46*4882a593Smuzhiyun echo "Error: Unable to find tunctl binary in '$STAGING_BINDIR_NATIVE', please bitbake qemu-helper-native" 47*4882a593Smuzhiyun exit 1 48*4882a593Smuzhiyunfi 49*4882a593Smuzhiyun 50*4882a593SmuzhiyunTAP=`$TUNCTL -b $GROUP 2>&1` 51*4882a593SmuzhiyunSTATUS=$? 52*4882a593Smuzhiyunif [ $STATUS -ne 0 ]; then 53*4882a593Smuzhiyun# If tunctl -g fails, try using tunctl -u, for older host kernels 54*4882a593Smuzhiyun# which do not support the TUNSETGROUP ioctl 55*4882a593Smuzhiyun TAP=`$TUNCTL -b $USERID 2>&1` 56*4882a593Smuzhiyun STATUS=$? 57*4882a593Smuzhiyun if [ $STATUS -ne 0 ]; then 58*4882a593Smuzhiyun echo "tunctl failed:" 59*4882a593Smuzhiyun exit 1 60*4882a593Smuzhiyun fi 61*4882a593Smuzhiyunfi 62*4882a593Smuzhiyun 63*4882a593SmuzhiyunIFCONFIG=`which ip 2> /dev/null` 64*4882a593Smuzhiyunif [ "x$IFCONFIG" = "x" ]; then 65*4882a593Smuzhiyun # better than nothing... 66*4882a593Smuzhiyun IFCONFIG=/sbin/ip 67*4882a593Smuzhiyunfi 68*4882a593Smuzhiyunif [ ! -x "$IFCONFIG" ]; then 69*4882a593Smuzhiyun echo "$IFCONFIG cannot be executed" 70*4882a593Smuzhiyun exit 1 71*4882a593Smuzhiyunfi 72*4882a593Smuzhiyun 73*4882a593SmuzhiyunIPTABLES=`which iptables 2> /dev/null` 74*4882a593Smuzhiyunif [ "x$IPTABLES" = "x" ]; then 75*4882a593Smuzhiyun IPTABLES=/sbin/iptables 76*4882a593Smuzhiyunfi 77*4882a593Smuzhiyunif [ ! -x "$IPTABLES" ]; then 78*4882a593Smuzhiyun echo "$IPTABLES cannot be executed" 79*4882a593Smuzhiyun exit 1 80*4882a593Smuzhiyunfi 81*4882a593Smuzhiyun 82*4882a593Smuzhiyunn=$[ (`echo $TAP | sed 's/tap//'` * 2) + 1 ] 83*4882a593Smuzhiyun$IFCONFIG addr add 192.168.7.$n/32 broadcast 192.168.7.255 dev $TAP 84*4882a593SmuzhiyunSTATUS=$? 85*4882a593Smuzhiyunif [ $STATUS -ne 0 ]; then 86*4882a593Smuzhiyun echo "Failed to set up IP addressing on $TAP" 87*4882a593Smuzhiyun exit 1 88*4882a593Smuzhiyunfi 89*4882a593Smuzhiyun$IFCONFIG link set dev $TAP up 90*4882a593SmuzhiyunSTATUS=$? 91*4882a593Smuzhiyunif [ $STATUS -ne 0 ]; then 92*4882a593Smuzhiyun echo "Failed to bring up $TAP" 93*4882a593Smuzhiyun exit 1 94*4882a593Smuzhiyunfi 95*4882a593Smuzhiyun 96*4882a593Smuzhiyundest=$[ (`echo $TAP | sed 's/tap//'` * 2) + 2 ] 97*4882a593Smuzhiyun$IFCONFIG route add to 192.168.7.$dest dev $TAP 98*4882a593SmuzhiyunSTATUS=$? 99*4882a593Smuzhiyunif [ $STATUS -ne 0 ]; then 100*4882a593Smuzhiyun echo "Failed to add route to 192.168.7.$dest using $TAP" 101*4882a593Smuzhiyun exit 1 102*4882a593Smuzhiyunfi 103*4882a593Smuzhiyun 104*4882a593Smuzhiyun# setup NAT for tap0 interface to have internet access in QEMU 105*4882a593Smuzhiyun$IPTABLES -A POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$n/32 106*4882a593Smuzhiyun$IPTABLES -A POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$dest/32 107*4882a593Smuzhiyunecho 1 > /proc/sys/net/ipv4/ip_forward 108*4882a593Smuzhiyunecho 1 > /proc/sys/net/ipv4/conf/$TAP/proxy_arp 109*4882a593Smuzhiyun$IPTABLES -P FORWARD ACCEPT 110*4882a593Smuzhiyun 111*4882a593Smuzhiyunecho $TAP 112