mirror of https://github.com/sipwise/rtpengine.git
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
176 lines
4.5 KiB
176 lines
4.5 KiB
#!/bin/bash
|
|
#
|
|
# rtpengine Startup script for NGCP rtpengine
|
|
#
|
|
# chkconfig: 345 84 16
|
|
# description: NGCP rtpengine
|
|
#
|
|
# processname: rtpengine
|
|
# config: /etc/sysconfig/rtpengine
|
|
# pidfile: /run/rtpengine.pid
|
|
#
|
|
### BEGIN INIT INFO
|
|
# Provides: rtpengine
|
|
# Required-Start: $local_fs $network
|
|
# Short-Description: NGCP rtpengine
|
|
# Description: NGCP rtpengine
|
|
### END INIT INFO
|
|
|
|
# Source function library.
|
|
. /etc/rc.d/init.d/functions
|
|
|
|
# defaults
|
|
|
|
if [ -f /etc/sysconfig/rtpengine ]
|
|
then
|
|
. /etc/sysconfig/rtpengine
|
|
else
|
|
echo "Error: /etc/sysconfig/rtpengine not present" >&2
|
|
exit 6
|
|
fi
|
|
|
|
rtpengine=/usr/bin/rtpengine
|
|
prog=rtpengine
|
|
pidfile=${PIDFILE-/run/rtpengine.pid}
|
|
lockfile=${LOCKFILE-/var/lock/subsys/rtpengine}
|
|
cachefile=/var/lib/ngcp-rtpengine/rtpengine.cfg
|
|
TABLE=$(/usr/sbin/rtpengine-get-table --config-file="${CONFIG_FILE-/etc/rtpengine/rtpengine.conf}")
|
|
PIDFILE=${pidfile}
|
|
RETVAL=0
|
|
OPTS=""
|
|
|
|
build_opts() {
|
|
# kernel table
|
|
MODULE=0
|
|
# the variable from the config is the source of truth
|
|
if [[ -n "$TABLE" ]];then
|
|
if [[ $TABLE -ge 0 ]];then
|
|
MODULE=1
|
|
fi
|
|
fi
|
|
|
|
# options
|
|
[[ "$FORK" == "no" ]] && OPTS+=" --foreground"
|
|
[ -z "$CONFIG_FILE" ] || OPTS+=" --config-file=$CONFIG_FILE"
|
|
[ -z "$CONFIG_SECTION" ] || OPTS+=" --config-section=$CONFIG_SECTION"
|
|
[ -z "$PIDFILE" ] || OPTS+=" --pidfile=$PIDFILE"
|
|
}
|
|
|
|
start() {
|
|
build_opts
|
|
if [[ $MODULE == 1 ]];then
|
|
echo "Loading module for in-kernel packet forwarding"
|
|
rmmod xt_RTPENGINE 2> /dev/null
|
|
if [[ -n "$SET_USER" ]];then
|
|
if [[ -n "$SET_GROUP" ]];then
|
|
proc_gid="$(grep "^$SET_GROUP:" /etc/group | cut -f3 -d:)"
|
|
else
|
|
proc_gid="$(id "$SET_USER" -g)"
|
|
fi
|
|
modprobe xt_RTPENGINE proc_uid="$(id "$SET_USER" -u)" proc_gid="$proc_gid"
|
|
else
|
|
modprobe xt_RTPENGINE
|
|
fi
|
|
if firewall-cmd --state 2>/dev/null ; then
|
|
# Using firewalld
|
|
# Need to check if the INPUT_prefilter chain is present (permanently)
|
|
if ! firewall-cmd --permanent --direct --query-chain ipv4 filter INPUT_prefilter > /dev/null; then
|
|
firewall-cmd --permanent --direct --add-chain ipv4 filter INPUT_prefilter
|
|
firewall-cmd --permanent --direct --passthrough ipv4 -t filter -I INPUT -j INPUT_prefilter
|
|
firewall-cmd --reload
|
|
fi
|
|
|
|
firewall-cmd --direct --add-chain ipv4 filter rtpengine
|
|
firewall-cmd --direct --add-rule ipv4 filter INPUT_prefilter 0 -j rtpengine
|
|
firewall-cmd --direct --add-rule ipv4 filter rtpengine 0 -p udp -j RTPENGINE --id "$TABLE"
|
|
firewall-cmd --direct --add-rule ipv6 filter rtpengine 0 -p udp -j RTPENGINE --id "$TABLE"
|
|
firewall-cmd --reload
|
|
else
|
|
for fw in iptables ip6tables;do
|
|
# We insert the rtpengine rule at the top of the input chain
|
|
if ! $fw -t filter -C INPUT -j rtpengine 2> /dev/null; then
|
|
$fw -N rtpengine
|
|
$fw -t filter -I INPUT -j rtpengine
|
|
fi
|
|
if ! $fw -I rtpengine -p udp -j RTPENGINE --id "$TABLE" 2> /dev/null; then
|
|
$fw -I rtpengine -p udp -j RTPENGINE --id "$TABLE"
|
|
fi
|
|
done
|
|
fi
|
|
|
|
cat <<EOF > "$cachefile"
|
|
CUR_TABLE=$TABLE
|
|
EOF
|
|
fi
|
|
echo -n $"Starting $prog: "
|
|
if [[ -n "$SET_USER" ]];then
|
|
# shellcheck disable=SC2086
|
|
daemon --user "$SET_USER" --pidfile="${pidfile}" "$rtpengine" $OPTS
|
|
else
|
|
# shellcheck disable=SC2086
|
|
daemon --pidfile="${pidfile}" "$rtpengine" $OPTS
|
|
fi
|
|
RETVAL=$?
|
|
echo
|
|
[ $RETVAL = 0 ] && touch "${lockfile}"
|
|
return $RETVAL
|
|
}
|
|
|
|
stop() {
|
|
echo -n $"Stopping $prog: "
|
|
killproc -p "${pidfile}" "$rtpengine"
|
|
RETVAL=$?
|
|
echo
|
|
if [ -f "$cachefile" ];then
|
|
. "$cachefile"
|
|
echo "Unloading module for in-kernel packet forwarding"
|
|
echo "del $TABLE" > /proc/rtpengine/control
|
|
if firewall-cmd --state 2>/dev/null; then
|
|
firewall-cmd --direct --remove-rules ipv4 filter rtpengine
|
|
firewall-cmd --direct --remove-rules ipv6 filter rtpengine
|
|
firewall-cmd --direct --remove-rule ipv4 filter INPUT_prefilter 0 -j rtpengine
|
|
firewall-cmd --direct --remove-chain ipv4 filter rtpengine
|
|
firewall-cmd --reload
|
|
else
|
|
for fw in iptables ip6tables;do
|
|
$fw -D rtpengine -p udp -j RTPENGINE --id "$CUR_TABLE"
|
|
$fw -t filter -D INPUT -j rtpengine
|
|
$fw -X rtpengine
|
|
done
|
|
fi
|
|
rmmod xt_RTPENGINE
|
|
rm -f "$cachefile"
|
|
fi
|
|
|
|
[ $RETVAL = 0 ] && rm -f "${lockfile}" "${pidfile}"
|
|
}
|
|
|
|
# See how we were called.
|
|
case "$1" in
|
|
start)
|
|
start
|
|
;;
|
|
stop)
|
|
stop
|
|
;;
|
|
status)
|
|
status -p "${pidfile}" "$rtpengine"
|
|
RETVAL=$?
|
|
;;
|
|
restart)
|
|
stop
|
|
start
|
|
;;
|
|
condrestart|try-restart)
|
|
if status -p "${pidfile}" "$rtpengine" >&/dev/null; then
|
|
stop
|
|
start
|
|
fi
|
|
;;
|
|
*)
|
|
echo $"Usage: $prog {start|stop|restart|condrestart|try-restart|status}"
|
|
RETVAL=2
|
|
esac
|
|
|
|
exit $RETVAL
|