simple network manager

I (mnemoc) want to reimplement rocknet in the form of snet (standing for “simple network manager” or if you prefer “SDE network manager”). snet is not supposed to become the only network manager in OpenSDE, or to be OpenSDE-specific.

It aims to be fully agnostic, and if anyone else beyond myself use it, neat! ;-)

Feel free to rummage through the git repo.

The idea is to make it simple for humans, with a single configuration file and with simple modules written in bourne shell syntax to extend the functionality. Powerful enough for no-so-complex environments.

As in rocknet the grammar is very simple, each line is the execution of a shell function.

command arg1 arg2 arg3 ...

The indentation is in practice free, but it recommended to indent by contexts using tab (just because I hate tight indentation). Comments start with a # and empty lines are ignored.

the first context is global, where the following commands are accepted:

  • group <groupname> <if0> [<if1> …]
  • interface <if> [(<profile>)]

group declares a list of interfaces to be referenced from command line (CLI). Nested groups are supported.

interface creates a new context for setting up a given interface, for a given profile. If profile is not named, “default” is used. This new context has $type set to new, and $profile and $iface are set according to the invocation.

snet [-p <profile>] [-f <rulesfile>] [<interface>] <action>

If profile is not given, snet-getprofile will be called (when available) and the single token returned as output is used. If it's empty, default is used.

If rulesfile is not given, the default file is used (/etc/conf/network).

If interface is not given, the auto group is used. It can be a group or an actual interface.

The accepted actions are:

  • up, to start the interface from scratchs.
  • down, to stop the interface to ground.
  • reload, to flush the firewall rules and apply the new ones, without setting the interface down.
  • compile, just compile the new rules file
snetc [-f <rulesfile>] <outputdir>

snetc turns a rules file into a directory structure easy for snet procedures, and easy for human review. snetc is called internally by snet if the file has been updated or not compiled before.

snet-getprofile <interface>

snet-getprofile is supposed to return one word, the name of the profile to use for this interface in this instant. “default” is used of this tool is not found in the $PATH or if it doesn't return anything.

snet will read by default it's rules from /etc/conf/network. the modules are /lib/snet/modules/*.in and temporal files and records are kept in /var/run/snet/.

Browse the source at

  • user/mnemoc/snet.txt
  • Last modified: 2018/08/14 11:25
  • by