[Dibbler] Hello quick question about dibbler and openbsd

Sly Midnight slymidnight at yahoo.com
Sun Sep 2 17:13:14 CEST 2012


Thanks again for the reply.

I am very much interested in helping out as much as I can in my spare time with this.  My only concern is that I'm a SysAdmin mostly and haven't coded anything in C in just over 10 years.  So I'd have to give myself a refresher course.

In the mean time, though, I can most definitely have a working script for OpenBSD (and FreeBSD though I won't have a way to actually test the FreeBSD variant) within a week, maybe even less.  I already modified OpenBSD's stock dhclient script to work with the official ISC dhclient from ports with IPv6 support.  It mostly works, has functionality to provision IPs and even prefixes, but the executable's ability to adjust preferred addresses or their lifetimes and even removal of addresses isn't yet implemented with my modifications.  But at least it's a start.  What was holding me back was the odd behavior of the dhclient executable that didn't always pass the information I was expecting via the variables that the script uses to perform tasks on.  I am hoping to have MUCH better luck with your software.

Once I get a working script I would like to upload/send it to you for review and then I'd like to take a shot at adding native support via ioctls.  But as I believe that part will take some time, it is my personal belief that at least a working script is a good first step.

Please let me know what you think.  And thanks again for taking the time to look into this.
Sly





________________________________
 From: Tomek Mrugalski <thomson at klub.com.pl>
To: dibbler at klub.com.pl 
Sent: Friday, August 31, 2012 6:29 PM
Subject: Re: [Dibbler] Hello quick question about dibbler and openbsd
 
On 12-08-30 20:59, Sly Midnight wrote:
> I just read your email and downloaded the latest copy of the git repo
> and compiled a new version of the software on my OpenBSD firewall. 
> While I do agree that the workaround you applied is indeed ugly and not
> ideal, I am happy to report it is now correctly functioning.
Thanks for your testing and the report.

I was contacted by two OpenBSD developers and they confirmed that this
is something that needs fixing. I'm afraid that the ugly workaround will
have to stay. I'm sure that they will be able to fix in their newest
release (that's 5.1, right?), but I'm not sure if there are reasonable
ways of deploying it on older releases.

> Apparently there is some missing functionality with regards to assigning
> the addresses it obtains via ifconfig and prefix delegations aren't
> supported at all under BSD systems yet it says.  But I could at least
> see the correct information that I expected.
There are 2 ways in which dibbler client can consume received
configuration: built-in functions and external script.

1. Built-in functions.
I never had a chance to implement BSD-specific interface for address
manipulation. Right now the code is taken from Mac OS with the hope of
it working on Free/Net/OpenBSD. The Mac OS interface is crude - it
simply calls external ifconfig command, but it is better than nothing.
From your response I imagine that it didn't work on OpenBSD. Oh well.

2. External script.
Dibbler client can call external script every time a message is
received. You may take a look at scripts/notify-scripts directory. There
are scripts for Linux (works pretty well) and Mac OS (it's only can
configure DNS and domain, so not very useful yet). See Dibbler User's
Guide, section 4.8 for explanation how the script works. The basics are
very simple, just add this line:

script /path/to/the/script/script.sh

to your /etc/dibbler/client.conf.

Ultimately, dibbler will have a switch that controls which configuration
mechanism is used (built-in, script or both), but I haven't implemented
it yet.

> I would like to thank you for getting to this so quickly.  I would like
> to help with getting the functionality of adding/removing addresses via
> ifconfig fixed and to add support for prefix delegation assignment.  Is
> this done via some kind of script I could modify or is it done entirely
> within the code itself?
Your offer to help with this is much appreciated. There are 2 things to
do. The easier one is to write OpenBSD-specific script. I think with
this mail, User's Guide and Linux script as an example, you'll have no
troubles achieving this. Keep in mind that the script calling procedures
are relatively fresh and may have some rough edges. If there are things
that you think should be improved here, please let me know.

The harder thing is to make it work using built-in code. I was told by
one of the OpenBSD developers (thanks, Simon!) that the proper interface
to manipulate (add/update/delete) addresses is ioctls.

Here's the quote regarding address configuration:

> It's all ioctls.
>
> add: SIOCAIFADDR_IN6
> remove: SIOCDIFADDR_IN6
> update lifetime: SIOCSIFALIFETIME_IN6
>
> Check out ifconfig.c for examples.
> http://www.openbsd.org/cgi-bin/cvsweb/src/sbin/ifconfig/ifconfig.c

There are existing functions in Port-bsd/lowlevel-bsd.c that are
dedicated to adding (ipaddr_add(), ipaddr_del() and ipaddr_update()).
The DHCP part is working, so the appropriate function will be called
when needed. You have working example code in ifconfig.c. I'm sure there
is an OpenBSD man page that explains those particular ioctl calls in
detail. It is not trivial, but it is not that scary either. Are you
willing to help with this?

If you (or anyone else familiar with OpenBSD) are willing to do this
work, I think we should continue this discussion on dibbler-devel list.

Cheers,
Tomek

_______________________________________________
http://klub.com.pl/cgi-bin/mailman/listinfo/dibbler
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://klub.com.pl/pipermail/dibbler/attachments/20120902/4141c511/attachment.html>


More information about the Dibbler mailing list