-
Notifications
You must be signed in to change notification settings - Fork 34
/
Copy pathpfsense
executable file
·142 lines (110 loc) · 2.85 KB
/
pfsense
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
#!/bin/bash
### Management
root=/mnt/volatiles/vms
dst="$root"/pfsense/live.dump
telnet_port=8201
vde_mac_wan=52:54:00:12:34:59
vde_mac_lan=52:54:00:12:34:65
vde_path=~/tmp/vde
dump_inc=
restore=
net_only=
case "$1" in
d|dump)
[[ "$2" = -i ]] && { dump_inc=-i; shift; }
[[ -n "$2" ]] && {
touch "$2" || exit 1
dst=$(realpath "$2")
}
echo "Dumping to: $dst"
ncat -t 127.0.0.1 "$telnet_port" <<EOF
stop
migrate_set_speed 4g
migrate -d $dump_inc "exec:lzop -c > $dst"
EOF
echo
while :; do
echo 'info migrate' | ncat -t 127.0.0.1 "$telnet_port" |
grep -aq '^Migration status:[[:space:]]*completed[[:space:]]*$'
pipe=( "${PIPESTATUS[@]}" )
[[ ${pipe[0]} -ne 0 || ${pipe[1]} -ne 0 ]] && exit 1
[[ ${pipe[2]} -eq 0 ]] && {
echo 'quit' | ncat -t 127.0.0.1 "$telnet_port"
echo "Done"
ls -lah "$dst"
exit 0
}
sleep 1 || exit 1
done ;;
r|restore)
[[ -n "$2" ]] && dst=$2
echo "Restoring from: $dst"
[[ -f "$dst" ]] || { echo >&2 "FIle not found: $dst"; exit 1; }
restore=t ;;
m|monitor) exec rlwrap ncat -t 127.0.0.1 "$telnet_port" ;;
n|net|net-only) net_only=t ;;
'') ;;
*)
echo >&2 "Usage: $0 [ { d | dump } [path] | { r | restore } [-i] [path] | { m | monitor } | { n | net-only } ]"
exit 1 ;;
esac
cd "$root"
### Slugfest otherwise
modprobe kvm || exit 1
modprobe kvm-intel
modprobe kvm-amd
### VDE
mkdir -p "$vde_path"
mkdir -p "$vde_path"/lan
cgrc vm/misc vde_switch\
-s "$vde_path"/link.sock\
-M "$vde_path"/mgmt.sock &
pid1=$!
cgrc vm/misc vde_switch\
-s "$vde_path"/lan/link.sock\
-M "$vde_path"/lan/mgmt.sock &
pid1a=$!
for n in {0..50}; do
[[ -e "$vde_path"/link.sock\
&& -e "$vde_path"/lan/link.sock ]] && break
sleep 0.1
done
[[ $n -eq 50 ]] && { echo >&2 "vde switch startup failed"; exit 1; }
cgrc vm/misc sudo vde_plug2tap\
-s "$vde_path"/link.sock\
vde &
pid2=$!
cgrc vm/misc sudo vde_plug2tap\
-s "$vde_path"/lan/link.sock\
vde_lan &
pid2a=$!
# Add a little delay if vde stuff is just starting
for n in {0..5}; do
kill -0 $pid1 $pid1a $pid2 $pid2a 2>/dev/null || break
sleep 0.1
done
[[ -n "$net_only" ]] && exit 0
### Run qemu
qemu_opts=(
-name "$(basename "$0")"
-m 512
-rtc base=utc,clock=host
-monitor telnet:127.0.0.1:${telnet_port},server,nowait
-k en-us
# pfSense needs at least one "default" interface
# https://doc.pfsense.org/index.php/VirtIO_Driver_Support
-net nic,vlan=1,macaddr=${vde_mac_wan},model=e1000,name=wan
-net vde,vlan=1,sock="$vde_path"/link.sock
-net nic,vlan=2,macaddr=${vde_mac_lan},model=e1000,name=lan
-net vde,vlan=2,sock="$vde_path"/lan/link.sock
-enable-kvm
-cpu host
-smp 2
-vga std
# -cdrom pfsense/pfSense-LiveCD-2.2.4-RELEASE-amd64.iso
-drive file=pfsense/install_inc.qcow2
)
ulimit -c 0
export QEMU_AUDIO_DRV=none
[[ -n "$restore" ]] && qemu_opts+=( -incoming "exec:bsdcat $dst" )
exec cgrc vm/misc qemu-system-x86_64 "${qemu_opts[@]}"