craSH/opnsense-test-inet6-default-route.sh

## opnsense-test-inet6-default-route.sh
#!/bin/sh
# Test for presennce of default IPv6 route after applying interface settings
# with OPNsense API. Meant to be used with git bisect run across commits to
# find the bug discussed here:
# https://forum.opnsense.org/index.php?topic=20260.0
#
# Author: cdine / Ian Gallagher <crash@neg9.org> 2020-11

# Dev API keys for root user on this machine. Not really secret.
export key='cY1pLqJ2yhOvRlTJCdHFlzejshbebTgJ9iqNSA8ogKOGDeTUNO+MXQEyaDPw8AH415Byj4czYUJA1c2n'
export secret='i1I3+wyak5o8GIHixUe9929bQcx0F1lp1OuNpCmJKXgydHTL5KBa04/OoJS9eFJnRJscdypg1cjw+KWc'

# Cookie/CSRF form values for non-API driven things. Again, not really secret because this is for a lab instance. Have at it :)
cookie_phpsessid='c40405f89b2ba86d5d113a91408450f1'
csrf_field='M09Sd24vRnN5Nzl1M0dJOVdBTHRlZz09'
csrf_value='bEVlTlI3cGVBOGVSQ20zSnNUK0szdz09'

export opnsense_web_base='http://127.0.0.1'
#export commit19_1=$(git show 19.1 | awk '/^commit/ {print $2}')
#export commit21_1_a=$(git show 21.1.a | awk '/^commit/ {print $2}')

# Save/apply WAN interface configuration to set interface configuration/route settings
#curl -u "${key}":"${secret}" ${opnsense_web_base}/api/core/firmware/status

# Seems this isn't exposed by the API, so use cookie/etc and do a form GET instead
curl "${opnsense_web_base}/interfaces.php?if=opt2" -H "Cookie: PHPSESSID=${cookie_phpsessid}" \
	--data-raw "${csrf_field}=${csrf_value}&apply=Apply+changes&if=opt2" -v 2>&1 \
	| grep -q -e '^< HTTP/1\.1 302 Found'

if [ $? -ne 0 ]; then
	echo "Apply changes failed, check session/CSRF tokens (defined in this script)" >&2
	return 1
fi


# Pause a moment to let the configuration backend apply any settings
sleep 3

# Check if a default route is present for ipv6
netstat -nr -f inet6 | grep -q -e '^default'
has_inet6_default_route=$?

# Exit the script with status code 0 if a default IPv6 route is present, 1 otherwise
if [ $has_inet6_default_route -eq 0 ]; then
	echo "Default IPv6 route is present, exit 0"
	return $has_inet6_default_route
else
	echo "No Default IPv6 route is present, die"
	return $has_inet6_default_route
fi
	#!/bin/sh
	# Test for presennce of default IPv6 route after applying interface settings
	# with OPNsense API. Meant to be used with git bisect run across commits to
	# find the bug discussed here:
	# https://forum.opnsense.org/index.php?topic=20260.0
	#
	# Author: cdine / Ian Gallagher <crash@neg9.org> 2020-11

	# Dev API keys for root user on this machine. Not really secret.
	export key='cY1pLqJ2yhOvRlTJCdHFlzejshbebTgJ9iqNSA8ogKOGDeTUNO+MXQEyaDPw8AH415Byj4czYUJA1c2n'
	export secret='i1I3+wyak5o8GIHixUe9929bQcx0F1lp1OuNpCmJKXgydHTL5KBa04/OoJS9eFJnRJscdypg1cjw+KWc'

	# Cookie/CSRF form values for non-API driven things. Again, not really secret because this is for a lab instance. Have at it :)
	cookie_phpsessid='c40405f89b2ba86d5d113a91408450f1'
	csrf_field='M09Sd24vRnN5Nzl1M0dJOVdBTHRlZz09'
	csrf_value='bEVlTlI3cGVBOGVSQ20zSnNUK0szdz09'

	export opnsense_web_base='http://127.0.0.1'
	#export commit19_1=$(git show 19.1 \| awk '/^commit/ {print $2}')
	#export commit21_1_a=$(git show 21.1.a \| awk '/^commit/ {print $2}')

	# Save/apply WAN interface configuration to set interface configuration/route settings
	#curl -u "${key}":"${secret}" ${opnsense_web_base}/api/core/firmware/status

	# Seems this isn't exposed by the API, so use cookie/etc and do a form GET instead
	curl "${opnsense_web_base}/interfaces.php?if=opt2" -H "Cookie: PHPSESSID=${cookie_phpsessid}" \
	--data-raw "${csrf_field}=${csrf_value}&apply=Apply+changes&if=opt2" -v 2>&1 \
	\| grep -q -e '^< HTTP/1\.1 302 Found'

	if [ $? -ne 0 ]; then
	echo "Apply changes failed, check session/CSRF tokens (defined in this script)" >&2
	return 1
	fi


	# Pause a moment to let the configuration backend apply any settings
	sleep 3

	# Check if a default route is present for ipv6
	netstat -nr -f inet6 \| grep -q -e '^default'
	has_inet6_default_route=$?

	# Exit the script with status code 0 if a default IPv6 route is present, 1 otherwise
	if [ $has_inet6_default_route -eq 0 ]; then
	echo "Default IPv6 route is present, exit 0"
	return $has_inet6_default_route
	else
	echo "No Default IPv6 route is present, die"
	return $has_inet6_default_route
	fi