sethrandall/live.diff Secret

## live.diff
diff -urN --no-dereference -x run orig/etc/init.d/network/network-up.sh live/etc/init.d/network/network-up.sh
--- orig/etc/init.d/network/network-up.sh	2022-10-06 14:42:10.359151513 -0600
+++ live/etc/init.d/network/network-up.sh	2023-02-16 11:52:29.118001335 -0700
@@ -6,6 +6,73 @@
 . /etc/init.d/init-utils/init-utils
 . /etc/init.d/init-utils/init-utils-ex

+configure_dhcp() {
+    local IFACE=$1
+    local IFACEPATH=$2
+
+    $LOGGER "Settings for $IFNAME will be acquired by DHCP"
+    REQUEST_OPTION="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf/dhcp/@options\" $CONFIG_FILE`"
+
+    UDHCPC_OPTIONS="-b -R -F \"$FQDN\" -o -T 4 -t 5 -A 10 $REQUEST_OPTION"
+
+    if [ -f $FLR_FLAG_FILE ]; then
+        UDHCPC_OPTIONS="-n -R -F \"$FQDN\" -o $REQUEST_OPTION"
+    fi
+
+    error_message="`udhcpc -S -i \"$IFNAME\" -h \"$HOSTNAME\" $UDHCPC_OPTIONS 2>&1`"
+    exec_status=$?
+
+    if [ "$exec_status" -ne "0" ]; then
+        $LOGGER "Unable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
+        warning_messages="$warning_messages\nUnable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
+    fi
+}
+
+configure_static() {
+    local IFNAME=$1
+    local IFACEPATH=$2
+
+    IPCONFCOUNT=`xmlstarlet sel -t -v "count(/settings/network/$IFACEPATH/ipconf)" $CONFIG_FILE`
+    for i in `seq 1 $IPCONFCOUNT`; do
+        IP="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf[$i]/ip\" $CONFIG_FILE`"
+        NETMASK="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf[$i]/netmask\" $CONFIG_FILE`"
+        PHYS_DEV="`echo $IFNAME | sed -e 's/:.*//'`"
+        NETPREFIX="`ipcalc -p $IP $NETMASK | sed -e 's/PREFIX=//'`"
+        NETADDR="`ipcalc -n $IP/$NETPREFIX | sed -e 's/NETWORK=//'`"
+        BROADCAST="`ipcalc -b $IP/$NETPREFIX | sed -e 's/BROADCAST=//'`"
+        $LOGGER "dev: $IFNAME ip: $IP, netmask: $NETMASK"
+
+        if ! echo "$IFNAME" | grep -q ':'; then
+            arptables -A INPUT -d $IP -i $IFNAME -j ACCEPT
+            arptables -A OUTPUT -s $IP -o $IFNAME -j ACCEPT
+            ip addr add $IP/$NETPREFIX broadcast $BROADCAST dev $IFNAME
+            ip link set $IFNAME up
+        else
+            continue
+        fi
+
+        if [ "$PHYS_DEV" != "eth0" ]; then
+            if [ -f /var/run/skip_routing ]; then
+                continue
+            fi
+
+            ip route flush dev $IFNAME
+            $LOGGER "Adding route $NETADDR/$NETPREFIX dev $PHYS_DEV table 2"
+
+            error_message="`ip route add $NETADDR/$NETPREFIX dev $PHYS_DEV table 2 2>&1`"
+            exec_status=$?
+
+            if [ "$exec_status" -ne "0" ]; then
+                $LOGGER "Adding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
+                warning_messages="$warning_messages\nAdding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
+            fi
+
+            if [ $ENABLE_INTERNAL_ROUTING ]; then
+                iptables -t mangle -A PREROUTING -i $PHYS_DEV \! -d $IP -j MARK --set-mark 2
+            fi
+        fi
+    done
+}

 CONFIG_FILE="$1"

@@ -27,9 +94,6 @@

 warning_messages=''

-# Getting number of interfaces
-IFACE_COUNT=`xmlstarlet sel -t -v "count(/settings/network/iface)" $CONFIG_FILE`
-
 # Getting domain name & host name
 HOSTNAME=`xmlstarlet sel -t -v '/settings/network/resolv/hostname' $CONFIG_FILE`
 if [ ${#HOSTNAME} -gt "60" ]; then
@@ -64,9 +128,13 @@
     exit 1
 fi

+# Getting number of interfaces
+IFACE_COUNT=`xmlstarlet sel -t -v "count(/settings/network/iface)" $CONFIG_FILE`
+VLAN_COUNT=`xmlstarlet sel -t -v "count(/settings/network/vlan)" $CONFIG_FILE`

 # ---------- Setting up interfaces ----------
 $LOGGER "Found $IFACE_COUNT interfaces"
+$LOGGER "Found $VLAN_COUNT Vlans"

 #iptables -P INPUT DROP
 #iptables -P OUTPUT DROP
@@ -80,76 +148,39 @@
     log_progress_msg "$IFNAME"
     $LOGGER "Configuring dev $IFNAME"

-    if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then
-        $LOGGER "Settings for $IFNAME will be acquired by DHCP"
-
-        #ifconfig $IFNAME up
-        ip link set dev $IFNAME up
-
-        REQUEST_OPTION="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/dhcp/@options\" $CONFIG_FILE`"
-
-        UDHCPC_OPTIONS="-b -R -F \"$FQDN\" -o -T 4 -t 5 -A 10 $REQUEST_OPTION"
-
-        if [ -f $FLR_FLAG_FILE ]; then
-            UDHCPC_OPTIONS="-n -R -F \"$FQDN\" -o $REQUEST_OPTION"
-        fi
-
-        error_message="`udhcpc -S -i \"$IFNAME\" -h \"$HOSTNAME\" $UDHCPC_OPTIONS 2>&1`"
-        exec_status=$?
-
-        if [ "$exec_status" -ne "0" ]; then
-            $LOGGER "Unable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
-            warning_messages="$warning_messages\nUnable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
-        fi
+    # Enable the interface
+    ip link set dev $IFNAME up

+    if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/trunk\" $CONFIG_FILE`" ]; then
         continue
-    fi
-
-    IP="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/ip\" $CONFIG_FILE`"
-    NETMASK="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/netmask\" $CONFIG_FILE`"
-    PHYS_DEV="`echo $IFNAME | sed -e 's/:.*//'`"
-    NETPREFIX="`ipcalc -p $IP $NETMASK | sed -e 's/PREFIX=//'`"
-    NETADDR="`ipcalc -n $IP/$NETPREFIX | sed -e 's/NETWORK=//'`"
-    BROADCAST="`ipcalc -b $IP/$NETPREFIX | sed -e 's/BROADCAST=//'`"
-    $LOGGER "dev: $IFNAME ip: $IP, netmask: $NETMASK"
-
-    if ! echo "$IFNAME" | grep -q ':'; then
-        arptables -A INPUT -d $IP -i $IFNAME -j ACCEPT
-        arptables -A OUTPUT -s $IP -o $IFNAME -j ACCEPT
-        #iptables -A INPUT -i $IFNAME -d $IP -j ACCEPT
-        #iptables -A OUTPUT -o $IFNAME -s $IP -j ACCEPT
-        ip addr add $IP/$NETPREFIX broadcast $BROADCAST dev $IFNAME
-        ip link set $IFNAME up
-#        ip route flush dev $IFNAME
     else
-#        iptables -A INPUT -i $PHYS_DEV -d $IP -j ACCEPT
-#        iptables -A OUTPUT -o $PHYS_DEV -s $IP -j ACCEPT
-#        ip addr add $IP/$NETMASK dev $PHYS_DEV label $IFNAME
-#        ip link set $PHYS_DEV up
-#        ip route flush dev $PHYS_DEV
-        continue
-    fi
-
-    if [ "$PHYS_DEV" != "eth0" ]; then
-
-        if [ -f /var/run/skip_routing ]; then
-            continue
-        fi
-
-        ip route flush dev $IFNAME
-        $LOGGER "Adding route $NETADDR/$NETPREFIX dev $PHYS_DEV table 2"
-
-        error_message="`ip route add $NETADDR/$NETPREFIX dev $PHYS_DEV table 2 2>&1`"
-        exec_status=$?
-
-        if [ "$exec_status" -ne "0" ]; then
-            $LOGGER "Adding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
-            warning_messages="$warning_messages\nAdding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
+        if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then
+            configure_dhcp $IFNAME "iface[$i]"
+        else
+            configure_static $IFNAME "iface[$i]"
         fi
+    fi
+done

-        if [ $ENABLE_INTERNAL_ROUTING ]; then
-            iptables -t mangle -A PREROUTING -i $PHYS_DEV \! -d $IP -j MARK --set-mark 2
-        fi
+for i in `seq 1 $VLAN_COUNT`; do
+    PARENT="`xmlstarlet sel -t -v \"/settings/network/vlan[$i]/parent\" $CONFIG_FILE`"
+    VLANID="`xmlstarlet sel -t -v \"/settings/network/vlan[$i]/vlanid\" $CONFIG_FILE`"
+    VLANNAME="$PARENT.$VLANID"
+
+    log_progress_msg "$VLANNAME"
+    $LOGGER "Configuring vlan dev $VLANNAME"
+
+    if [ ! -f /sys/class/net/$VLANNAME ]; then
+        # Create the VLAN interface
+        ip link add link $PARENT name $VLANNAME type vlan id $VLANID
+    fi
+    ip link set dev $VLANNAME up
+
+    ## TODO: function to configure DHCP
+    if [ -n "`xmlstarlet sel -t -c \"/settings/network/vlan[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then
+        configure_dhcp $VLANNAME "vlan[$i]"
+    else
+        configure_static $VLANNAME "vlan[$i]"
     fi
 done

@@ -161,7 +192,6 @@
 	ip rule add fwmark 2/2 table 2
 fi

-
 # ---------- Setting up routes ----------
 $LOGGER "Setting routes"

@@ -220,4 +250,4 @@
 else
     # All OK
     log_end_msg 0
-fi
+fi
\ No newline at end of file
diff -urN --no-dereference -x run orig/etc/init.d/rc.S live/etc/init.d/rc.S
--- orig/etc/init.d/rc.S	2022-10-06 14:42:10.356151248 -0600
+++ live/etc/init.d/rc.S	2023-02-20 14:04:06.106649836 -0700
@@ -10,6 +10,12 @@
 # Let's begin boot!
 $LOGGER "Entering on level: S"

+function shell_on_exit {
+    /bin/sh
+}
+
+# trap shell_on_exit EXIT
+
 # Mounting system fs
 if ! /etc/init.d/mount-sysfs.sh; then
     critical_error "Unable to mount system filesystems, exiting"
diff -urN --no-dereference -x run orig/etc/init.d/read-settings.sh live/etc/init.d/read-settings.sh
--- orig/etc/init.d/read-settings.sh	2022-10-06 14:42:10.359151513 -0600
+++ live/etc/init.d/read-settings.sh	2023-02-15 15:57:39.947335616 -0700
@@ -7,55 +7,49 @@

 CONFIG_FILE="$1"

+mdev -s
+
 i=1
 item='<>'
 LINE=$(cat /proc/cmdline)

 while( [ -n "$item" ] ) do
-item=$(echo $LINE | cut -d" " -f$i)
-i=$((i+1))
-itemPart=${item:0:11}
-if [ "$itemPart" = "configfile=" ]
-then
-
-INPUT_DEVICE=${item:11}
-
-log_daemon_msg "Override config input device" "$INPUT_DEVICE"
-$LOGGER "Override config input device: $INPUT_DEVICE"
-log_end_msg 0
-
-mdev -s
-mkdir /media
-mkdir /media/veeam_appliance_config
-
-log_daemon_msg "blkid output:" "`blkid`"
-$LOGGER "blkid output:" "`blkid`"
-log_end_msg 0
-
+    item=$(echo $LINE | cut -d" " -f$i)
+    i=$((i+1))
+    itemPart=${item:0:11}
+    if [ "$itemPart" = "configfile=" ]; then
+        INPUT_DEVICE=${item:11}
+
+        log_daemon_msg "Override config input device" "$INPUT_DEVICE"
+        $LOGGER "Override config input device: $INPUT_DEVICE"
+        log_end_msg 0
+
+        mkdir /media
+        mkdir /media/veeam_appliance_config
+
+        log_daemon_msg "blkid output:" "`blkid`"
+        $LOGGER "blkid output:" "`blkid`"
+        log_end_msg 0
+
+        if blkid --uuid '567B-25D1'; then
+            # take only first disk
+            DEV_NAME=$(blkid --uuid '567B-25D1' | head -n 1)
+        elif blkid | grep '559E-A8C7'; then
+            # take only first disk
+            DEV_NAME=$(blkid --uuid '559E-A8C7' | head -n 1)
+        else
+            log_daemon_msg "Config input device" "not found by UUID, fallback to /dev/sda2"
+            $LOGGER "Config input device: not found by UUID, fallback to /dev/sda2"
+            DEV_NAME=/dev/sda2
+        fi

+        mount -t vfat -o ro,utf8 $DEV_NAME /media/veeam_appliance_config 2>&1 | head -n 5

-if blkid --uuid '567B-25D1'
-then
-    # take only first disk
-    DEV_NAME=$(blkid --uuid '567B-25D1' | head -n 1)
-elif blkid | grep '559E-A8C7'
-then
-    # take only first disk
-    DEV_NAME=$(blkid --uuid '559E-A8C7' | head -n 1)
-else
-    log_daemon_msg "Config input device" "not found by UUID, fallback to /dev/sda2"
-    $LOGGER "Config input device: not found by UUID, fallback to /dev/sda2"
-    DEV_NAME=/dev/sda2
-fi
-
-mount -t vfat -o ro,utf8 $DEV_NAME /media/veeam_appliance_config 2>&1 | head -n 5
-
-break
-
-fi
+        break
+    fi
 done;
-DTD_FILE="/var/run/settings.dtd"

+DTD_FILE="/var/run/settings.dtd"
 # ------------------------------------

 log_daemon_msg "Reading settings" "`basename $0`"
diff -urN --no-dereference -x run orig/etc/init.d/set-up-passwords.sh live/etc/init.d/set-up-passwords.sh
--- orig/etc/init.d/set-up-passwords.sh	2022-10-06 14:42:10.359151513 -0600
+++ live/etc/init.d/set-up-passwords.sh	2023-02-15 15:04:34.627367630 -0700
@@ -76,7 +76,7 @@
 $LOGGER < /etc/group

 # Adding OpenSSH user and group
-$LOGGER "Adding OpenSSH privelege separation user and group"
+$LOGGER "Adding OpenSSH privilege separation user and group"
 echo "sshd:x:50:" >> /etc/group
 echo "sshd:x:50:50:sshd PrivSep:/var/lib/sshd:/bin/false" >> /etc/passwd
 echo "sshd:!:1:0:99999:7:::" >> /etc/shadow
diff -urN --no-dereference -x run orig/var/dtd/settings.dtd live/var/dtd/settings.dtd
--- orig/var/dtd/settings.dtd	2022-10-06 14:42:09.815103570 -0600
+++ live/var/dtd/settings.dtd	2023-02-16 10:34:45.045370591 -0700
@@ -1,12 +1,10 @@
-<?xml version="1.0" encoding="UTF-8" ?>
-
 <!ELEMENT settings (preboot_commands, network, nat?, web?, dhcp_daemons?, passwd, ssh_settings?, postboot_commands)>
-<!ATTLIST settings version CDATA #REQUIRED>
+	<!ATTLIST settings version CDATA #REQUIRED>
 	<!ELEMENT preboot_commands (command*)>
 		<!ELEMENT command (#PCDATA)>
 			<!ATTLIST command required CDATA #REQUIRED>
-	<!ELEMENT network (iface+, routes, resolv)>
-		<!ELEMENT iface (dev, hwaddr?, ipconf)>
+	<!ELEMENT network (iface+, routes, resolv, vlan*)>
+		<!ELEMENT iface (dev, hwaddr?, (ipconf* | trunk))>
 			<!ELEMENT dev (#PCDATA)>
 			<!ELEMENT hwaddr (#PCDATA)>
 			<!ELEMENT ipconf ((ip, netmask)|dhcp)>
@@ -14,16 +12,20 @@
 				<!ELEMENT netmask (#PCDATA)>
 				<!ELEMENT dhcp EMPTY>
 					<!ATTLIST dhcp options CDATA #REQUIRED>
-			<!ELEMENT routes (route*)>
-				<!ELEMENT route (#PCDATA)>
-			<!ELEMENT resolv (hostname, domain, nameservers, hosts)>
-				<!ELEMENT hostname (#PCDATA)>
-				<!ELEMENT domain (#PCDATA)>
-				<!ELEMENT nameservers (nameserver*)>
-					<!ELEMENT nameserver (#PCDATA)>
-				<!ELEMENT hosts (host*)>
-					<!ELEMENT host (ip, name)>
-						<!ELEMENT name (#PCDATA)>
+			<!ELEMENT trunk EMPTY>
+		<!ELEMENT routes (route*)>
+			<!ELEMENT route (#PCDATA)>
+		<!ELEMENT resolv (hostname, domain, nameservers, hosts)>
+			<!ELEMENT hostname (#PCDATA)>
+			<!ELEMENT domain (#PCDATA)>
+			<!ELEMENT nameservers (nameserver*)>
+				<!ELEMENT nameserver (#PCDATA)>
+			<!ELEMENT hosts (host*)>
+				<!ELEMENT host (ip, name)>
+					<!ELEMENT name (#PCDATA)>
+		<!ELEMENT vlan (vlanid, ipconf*, parent)>
+			<!ELEMENT vlanid (#PCDATA)>
+			<!ELEMENT parent (#PCDATA)>
 	<!ELEMENT nat (enable_internal_routing, map*, netmap*, netmap2*)>
 		<!ELEMENT enable_internal_routing (#PCDATA)>
 		<!ELEMENT map (src, src_dev, dst, dst_dev)>
@@ -77,4 +79,4 @@
 			<!ELEMENT userlist (#PCDATA)>
 	<!ELEMENT ssh_settings (rsa_private_key)>
 		<!ELEMENT rsa_private_key (#PCDATA)>
-	<!ELEMENT postboot_commands (command*)>
+	<!ELEMENT postboot_commands (command*)>
\ No newline at end of file
	diff -urN --no-dereference -x run orig/etc/init.d/network/network-up.sh live/etc/init.d/network/network-up.sh
	--- orig/etc/init.d/network/network-up.sh 2022-10-06 14:42:10.359151513 -0600
	+++ live/etc/init.d/network/network-up.sh 2023-02-16 11:52:29.118001335 -0700
	@@ -6,6 +6,73 @@
	. /etc/init.d/init-utils/init-utils
	. /etc/init.d/init-utils/init-utils-ex

	+configure_dhcp() {
	+ local IFACE=$1
	+ local IFACEPATH=$2
	+
	+ $LOGGER "Settings for $IFNAME will be acquired by DHCP"
	+ REQUEST_OPTION="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf/dhcp/@options\" $CONFIG_FILE`"
	+
	+ UDHCPC_OPTIONS="-b -R -F \"$FQDN\" -o -T 4 -t 5 -A 10 $REQUEST_OPTION"
	+
	+ if [ -f $FLR_FLAG_FILE ]; then
	+ UDHCPC_OPTIONS="-n -R -F \"$FQDN\" -o $REQUEST_OPTION"
	+ fi
	+
	+ error_message="`udhcpc -S -i \"$IFNAME\" -h \"$HOSTNAME\" $UDHCPC_OPTIONS 2>&1`"
	+ exec_status=$?
	+
	+ if [ "$exec_status" -ne "0" ]; then
	+ $LOGGER "Unable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
	+ warning_messages="$warning_messages\nUnable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
	+ fi
	+}
	+
	+configure_static() {
	+ local IFNAME=$1
	+ local IFACEPATH=$2
	+
	+ IPCONFCOUNT=`xmlstarlet sel -t -v "count(/settings/network/$IFACEPATH/ipconf)" $CONFIG_FILE`
	+ for i in `seq 1 $IPCONFCOUNT`; do
	+ IP="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf[$i]/ip\" $CONFIG_FILE`"
	+ NETMASK="`xmlstarlet sel -t -v \"/settings/network/$IFACEPATH/ipconf[$i]/netmask\" $CONFIG_FILE`"
	+ PHYS_DEV="`echo $IFNAME \| sed -e 's/:.*//'`"
	+ NETPREFIX="`ipcalc -p $IP $NETMASK \| sed -e 's/PREFIX=//'`"
	+ NETADDR="`ipcalc -n $IP/$NETPREFIX \| sed -e 's/NETWORK=//'`"
	+ BROADCAST="`ipcalc -b $IP/$NETPREFIX \| sed -e 's/BROADCAST=//'`"
	+ $LOGGER "dev: $IFNAME ip: $IP, netmask: $NETMASK"
	+
	+ if ! echo "$IFNAME" \| grep -q ':'; then
	+ arptables -A INPUT -d $IP -i $IFNAME -j ACCEPT
	+ arptables -A OUTPUT -s $IP -o $IFNAME -j ACCEPT
	+ ip addr add $IP/$NETPREFIX broadcast $BROADCAST dev $IFNAME
	+ ip link set $IFNAME up
	+ else
	+ continue
	+ fi
	+
	+ if [ "$PHYS_DEV" != "eth0" ]; then
	+ if [ -f /var/run/skip_routing ]; then
	+ continue
	+ fi
	+
	+ ip route flush dev $IFNAME
	+ $LOGGER "Adding route $NETADDR/$NETPREFIX dev $PHYS_DEV table 2"
	+
	+ error_message="`ip route add $NETADDR/$NETPREFIX dev $PHYS_DEV table 2 2>&1`"
	+ exec_status=$?
	+
	+ if [ "$exec_status" -ne "0" ]; then
	+ $LOGGER "Adding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
	+ warning_messages="$warning_messages\nAdding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
	+ fi
	+
	+ if [ $ENABLE_INTERNAL_ROUTING ]; then
	+ iptables -t mangle -A PREROUTING -i $PHYS_DEV \! -d $IP -j MARK --set-mark 2
	+ fi
	+ fi
	+ done
	+}

	CONFIG_FILE="$1"

	@@ -27,9 +94,6 @@

	warning_messages=''

	-# Getting number of interfaces
	-IFACE_COUNT=`xmlstarlet sel -t -v "count(/settings/network/iface)" $CONFIG_FILE`
	-
	# Getting domain name & host name
	HOSTNAME=`xmlstarlet sel -t -v '/settings/network/resolv/hostname' $CONFIG_FILE`
	if [ ${#HOSTNAME} -gt "60" ]; then
	@@ -64,9 +128,13 @@
	exit 1
	fi

	+# Getting number of interfaces
	+IFACE_COUNT=`xmlstarlet sel -t -v "count(/settings/network/iface)" $CONFIG_FILE`
	+VLAN_COUNT=`xmlstarlet sel -t -v "count(/settings/network/vlan)" $CONFIG_FILE`

	# ---------- Setting up interfaces ----------
	$LOGGER "Found $IFACE_COUNT interfaces"
	+$LOGGER "Found $VLAN_COUNT Vlans"

	#iptables -P INPUT DROP
	#iptables -P OUTPUT DROP
	@@ -80,76 +148,39 @@
	log_progress_msg "$IFNAME"
	$LOGGER "Configuring dev $IFNAME"

	- if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then
	- $LOGGER "Settings for $IFNAME will be acquired by DHCP"
	-
	- #ifconfig $IFNAME up
	- ip link set dev $IFNAME up
	-
	- REQUEST_OPTION="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/dhcp/@options\" $CONFIG_FILE`"
	-
	- UDHCPC_OPTIONS="-b -R -F \"$FQDN\" -o -T 4 -t 5 -A 10 $REQUEST_OPTION"
	-
	- if [ -f $FLR_FLAG_FILE ]; then
	- UDHCPC_OPTIONS="-n -R -F \"$FQDN\" -o $REQUEST_OPTION"
	- fi
	-
	- error_message="`udhcpc -S -i \"$IFNAME\" -h \"$HOSTNAME\" $UDHCPC_OPTIONS 2>&1`"
	- exec_status=$?
	-
	- if [ "$exec_status" -ne "0" ]; then
	- $LOGGER "Unable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
	- warning_messages="$warning_messages\nUnable to obtain settings by DHCP for interface $IFNAME: [$error_message]."
	- fi
	+ # Enable the interface
	+ ip link set dev $IFNAME up

	+ if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/trunk\" $CONFIG_FILE`" ]; then
	continue
	- fi
	-
	- IP="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/ip\" $CONFIG_FILE`"
	- NETMASK="`xmlstarlet sel -t -v \"/settings/network/iface[$i]/ipconf/netmask\" $CONFIG_FILE`"
	- PHYS_DEV="`echo $IFNAME \| sed -e 's/:.*//'`"
	- NETPREFIX="`ipcalc -p $IP $NETMASK \| sed -e 's/PREFIX=//'`"
	- NETADDR="`ipcalc -n $IP/$NETPREFIX \| sed -e 's/NETWORK=//'`"
	- BROADCAST="`ipcalc -b $IP/$NETPREFIX \| sed -e 's/BROADCAST=//'`"
	- $LOGGER "dev: $IFNAME ip: $IP, netmask: $NETMASK"
	-
	- if ! echo "$IFNAME" \| grep -q ':'; then
	- arptables -A INPUT -d $IP -i $IFNAME -j ACCEPT
	- arptables -A OUTPUT -s $IP -o $IFNAME -j ACCEPT
	- #iptables -A INPUT -i $IFNAME -d $IP -j ACCEPT
	- #iptables -A OUTPUT -o $IFNAME -s $IP -j ACCEPT
	- ip addr add $IP/$NETPREFIX broadcast $BROADCAST dev $IFNAME
	- ip link set $IFNAME up
	-# ip route flush dev $IFNAME
	else
	-# iptables -A INPUT -i $PHYS_DEV -d $IP -j ACCEPT
	-# iptables -A OUTPUT -o $PHYS_DEV -s $IP -j ACCEPT
	-# ip addr add $IP/$NETMASK dev $PHYS_DEV label $IFNAME
	-# ip link set $PHYS_DEV up
	-# ip route flush dev $PHYS_DEV
	- continue
	- fi
	-
	- if [ "$PHYS_DEV" != "eth0" ]; then
	-
	- if [ -f /var/run/skip_routing ]; then
	- continue
	- fi
	-
	- ip route flush dev $IFNAME
	- $LOGGER "Adding route $NETADDR/$NETPREFIX dev $PHYS_DEV table 2"
	-
	- error_message="`ip route add $NETADDR/$NETPREFIX dev $PHYS_DEV table 2 2>&1`"
	- exec_status=$?
	-
	- if [ "$exec_status" -ne "0" ]; then
	- $LOGGER "Adding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
	- warning_messages="$warning_messages\nAdding route [$NETADDR/$NETPREFIX] for device [$PHYS_DEV] in table [2] failed: [$error_message]."
	+ if [ -n "`xmlstarlet sel -t -c \"/settings/network/iface[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then
	+ configure_dhcp $IFNAME "iface[$i]"
	+ else
	+ configure_static $IFNAME "iface[$i]"
	fi
	+ fi
	+done

	- if [ $ENABLE_INTERNAL_ROUTING ]; then
	- iptables -t mangle -A PREROUTING -i $PHYS_DEV \! -d $IP -j MARK --set-mark 2
	- fi
	+for i in `seq 1 $VLAN_COUNT`; do
	+ PARENT="`xmlstarlet sel -t -v \"/settings/network/vlan[$i]/parent\" $CONFIG_FILE`"
	+ VLANID="`xmlstarlet sel -t -v \"/settings/network/vlan[$i]/vlanid\" $CONFIG_FILE`"
	+ VLANNAME="$PARENT.$VLANID"
	+
	+ log_progress_msg "$VLANNAME"
	+ $LOGGER "Configuring vlan dev $VLANNAME"
	+
	+ if [ ! -f /sys/class/net/$VLANNAME ]; then
	+ # Create the VLAN interface
	+ ip link add link $PARENT name $VLANNAME type vlan id $VLANID
	+ fi
	+ ip link set dev $VLANNAME up
	+
	+ ## TODO: function to configure DHCP
	+ if [ -n "`xmlstarlet sel -t -c \"/settings/network/vlan[$i]/ipconf/dhcp\" $CONFIG_FILE`" ]; then
	+ configure_dhcp $VLANNAME "vlan[$i]"
	+ else
	+ configure_static $VLANNAME "vlan[$i]"
	fi
	done

	@@ -161,7 +192,6 @@
	ip rule add fwmark 2/2 table 2
	fi

	-
	# ---------- Setting up routes ----------
	$LOGGER "Setting routes"

	@@ -220,4 +250,4 @@
	else
	# All OK
	log_end_msg 0
	-fi
	+fi
	\ No newline at end of file
	diff -urN --no-dereference -x run orig/etc/init.d/rc.S live/etc/init.d/rc.S
	--- orig/etc/init.d/rc.S 2022-10-06 14:42:10.356151248 -0600
	+++ live/etc/init.d/rc.S 2023-02-20 14:04:06.106649836 -0700
	@@ -10,6 +10,12 @@
	# Let's begin boot!
	$LOGGER "Entering on level: S"

	+function shell_on_exit {
	+ /bin/sh
	+}
	+
	+# trap shell_on_exit EXIT
	+
	# Mounting system fs
	if ! /etc/init.d/mount-sysfs.sh; then
	critical_error "Unable to mount system filesystems, exiting"
	diff -urN --no-dereference -x run orig/etc/init.d/read-settings.sh live/etc/init.d/read-settings.sh
	--- orig/etc/init.d/read-settings.sh 2022-10-06 14:42:10.359151513 -0600
	+++ live/etc/init.d/read-settings.sh 2023-02-15 15:57:39.947335616 -0700
	@@ -7,55 +7,49 @@

	CONFIG_FILE="$1"

	+mdev -s
	+
	i=1
	item='<>'
	LINE=$(cat /proc/cmdline)

	while( [ -n "$item" ] ) do
	-item=$(echo $LINE \| cut -d" " -f$i)
	-i=$((i+1))
	-itemPart=${item:0:11}
	-if [ "$itemPart" = "configfile=" ]
	-then
	-
	-INPUT_DEVICE=${item:11}
	-
	-log_daemon_msg "Override config input device" "$INPUT_DEVICE"
	-$LOGGER "Override config input device: $INPUT_DEVICE"
	-log_end_msg 0
	-
	-mdev -s
	-mkdir /media
	-mkdir /media/veeam_appliance_config
	-
	-log_daemon_msg "blkid output:" "`blkid`"
	-$LOGGER "blkid output:" "`blkid`"
	-log_end_msg 0
	-
	+ item=$(echo $LINE \| cut -d" " -f$i)
	+ i=$((i+1))
	+ itemPart=${item:0:11}
	+ if [ "$itemPart" = "configfile=" ]; then
	+ INPUT_DEVICE=${item:11}
	+
	+ log_daemon_msg "Override config input device" "$INPUT_DEVICE"
	+ $LOGGER "Override config input device: $INPUT_DEVICE"
	+ log_end_msg 0
	+
	+ mkdir /media
	+ mkdir /media/veeam_appliance_config
	+
	+ log_daemon_msg "blkid output:" "`blkid`"
	+ $LOGGER "blkid output:" "`blkid`"
	+ log_end_msg 0
	+
	+ if blkid --uuid '567B-25D1'; then
	+ # take only first disk
	+ DEV_NAME=$(blkid --uuid '567B-25D1' \| head -n 1)
	+ elif blkid \| grep '559E-A8C7'; then
	+ # take only first disk
	+ DEV_NAME=$(blkid --uuid '559E-A8C7' \| head -n 1)
	+ else
	+ log_daemon_msg "Config input device" "not found by UUID, fallback to /dev/sda2"
	+ $LOGGER "Config input device: not found by UUID, fallback to /dev/sda2"
	+ DEV_NAME=/dev/sda2
	+ fi

	+ mount -t vfat -o ro,utf8 $DEV_NAME /media/veeam_appliance_config 2>&1 \| head -n 5

	-if blkid --uuid '567B-25D1'
	-then
	- # take only first disk
	- DEV_NAME=$(blkid --uuid '567B-25D1' \| head -n 1)
	-elif blkid \| grep '559E-A8C7'
	-then
	- # take only first disk
	- DEV_NAME=$(blkid --uuid '559E-A8C7' \| head -n 1)
	-else
	- log_daemon_msg "Config input device" "not found by UUID, fallback to /dev/sda2"
	- $LOGGER "Config input device: not found by UUID, fallback to /dev/sda2"
	- DEV_NAME=/dev/sda2
	-fi
	-
	-mount -t vfat -o ro,utf8 $DEV_NAME /media/veeam_appliance_config 2>&1 \| head -n 5
	-
	-break
	-
	-fi
	+ break
	+ fi
	done;
	-DTD_FILE="/var/run/settings.dtd"

	+DTD_FILE="/var/run/settings.dtd"
	# ------------------------------------

	log_daemon_msg "Reading settings" "`basename $0`"
	diff -urN --no-dereference -x run orig/etc/init.d/set-up-passwords.sh live/etc/init.d/set-up-passwords.sh
	--- orig/etc/init.d/set-up-passwords.sh 2022-10-06 14:42:10.359151513 -0600
	+++ live/etc/init.d/set-up-passwords.sh 2023-02-15 15:04:34.627367630 -0700
	@@ -76,7 +76,7 @@
	$LOGGER < /etc/group

	# Adding OpenSSH user and group
	-$LOGGER "Adding OpenSSH privelege separation user and group"
	+$LOGGER "Adding OpenSSH privilege separation user and group"
	echo "sshd:x:50:" >> /etc/group
	echo "sshd:x:50:50:sshd PrivSep:/var/lib/sshd:/bin/false" >> /etc/passwd
	echo "sshd:!:1:0:99999:7:::" >> /etc/shadow
	diff -urN --no-dereference -x run orig/var/dtd/settings.dtd live/var/dtd/settings.dtd
	--- orig/var/dtd/settings.dtd 2022-10-06 14:42:09.815103570 -0600
	+++ live/var/dtd/settings.dtd 2023-02-16 10:34:45.045370591 -0700
	@@ -1,12 +1,10 @@
	-<?xml version="1.0" encoding="UTF-8" ?>
	-
	<!ELEMENT settings (preboot_commands, network, nat?, web?, dhcp_daemons?, passwd, ssh_settings?, postboot_commands)>
	-<!ATTLIST settings version CDATA #REQUIRED>
	+ <!ATTLIST settings version CDATA #REQUIRED>
	<!ELEMENT preboot_commands (command*)>
	<!ELEMENT command (#PCDATA)>
	<!ATTLIST command required CDATA #REQUIRED>
	- <!ELEMENT network (iface+, routes, resolv)>
	- <!ELEMENT iface (dev, hwaddr?, ipconf)>
	+ <!ELEMENT network (iface+, routes, resolv, vlan*)>
	+ <!ELEMENT iface (dev, hwaddr?, (ipconf* \| trunk))>
	<!ELEMENT dev (#PCDATA)>
	<!ELEMENT hwaddr (#PCDATA)>
	<!ELEMENT ipconf ((ip, netmask)\|dhcp)>
	@@ -14,16 +12,20 @@
	<!ELEMENT netmask (#PCDATA)>
	<!ELEMENT dhcp EMPTY>
	<!ATTLIST dhcp options CDATA #REQUIRED>
	- <!ELEMENT routes (route*)>
	- <!ELEMENT route (#PCDATA)>
	- <!ELEMENT resolv (hostname, domain, nameservers, hosts)>
	- <!ELEMENT hostname (#PCDATA)>
	- <!ELEMENT domain (#PCDATA)>
	- <!ELEMENT nameservers (nameserver*)>
	- <!ELEMENT nameserver (#PCDATA)>
	- <!ELEMENT hosts (host*)>
	- <!ELEMENT host (ip, name)>
	- <!ELEMENT name (#PCDATA)>
	+ <!ELEMENT trunk EMPTY>
	+ <!ELEMENT routes (route*)>
	+ <!ELEMENT route (#PCDATA)>
	+ <!ELEMENT resolv (hostname, domain, nameservers, hosts)>
	+ <!ELEMENT hostname (#PCDATA)>
	+ <!ELEMENT domain (#PCDATA)>
	+ <!ELEMENT nameservers (nameserver*)>
	+ <!ELEMENT nameserver (#PCDATA)>
	+ <!ELEMENT hosts (host*)>
	+ <!ELEMENT host (ip, name)>
	+ <!ELEMENT name (#PCDATA)>
	+ <!ELEMENT vlan (vlanid, ipconf*, parent)>
	+ <!ELEMENT vlanid (#PCDATA)>
	+ <!ELEMENT parent (#PCDATA)>
	<!ELEMENT nat (enable_internal_routing, map, netmap, netmap2*)>
	<!ELEMENT enable_internal_routing (#PCDATA)>
	<!ELEMENT map (src, src_dev, dst, dst_dev)>
	@@ -77,4 +79,4 @@
	<!ELEMENT userlist (#PCDATA)>
	<!ELEMENT ssh_settings (rsa_private_key)>
	<!ELEMENT rsa_private_key (#PCDATA)>
	- <!ELEMENT postboot_commands (command*)>
	+ <!ELEMENT postboot_commands (command*)>
	\ No newline at end of file