craSH · December 28, 2020 01:00
diff --git a/opnsense-test-inet6-default-route.sh b/opnsense-test-inet6-default-route.sh
 #!/bin/sh
 # Test for presennce of default IPv6 route after applying interface settings
 # with OPNsense API. Meant to be used with git bisect run across commits to
 # find the bug discussed here:
 # https://forum.opnsense.org/index.php?topic=20260.0
 #
 # Author: cdine / Ian Gallagher <[email protected]> 2020-11

 # Dev API keys for root user on this machine. Not really secret.
 export key='cY1pLqJ2yhOvRlTJCdHFlzejshbebTgJ9iqNSA8ogKOGDeTUNO+MXQEyaDPw8AH415Byj4czYUJA1c2n'
 export secret='i1I3+wyak5o8GIHixUe9929bQcx0F1lp1OuNpCmJKXgydHTL5KBa04/OoJS9eFJnRJscdypg1cjw+KWc'

 # Cookie/CSRF form values for non-API driven things. Again, not really secret because this is for a lab instance. Have at it :)
 cookie_phpsessid='c40405f89b2ba86d5d113a91408450f1'
 csrf_field='M09Sd24vRnN5Nzl1M0dJOVdBTHRlZz09'
 csrf_value='bEVlTlI3cGVBOGVSQ20zSnNUK0szdz09'

 export opnsense_web_base='http://127.0.0.1'
 #export commit19_1=$(git show 19.1 | awk '/^commit/ {print $2}')
 #export commit21_1_a=$(git show 21.1.a | awk '/^commit/ {print $2}')

 # Save/apply WAN interface configuration to set interface configuration/route settings
 #curl -u "${key}":"${secret}" ${opnsense_web_base}/api/core/firmware/status

 # Seems this isn't exposed by the API, so use cookie/etc and do a form GET instead
 curl "${opnsense_web_base}/interfaces.php?if=opt2" -H "Cookie: PHPSESSID=${cookie_phpsessid}" \
 	--data-raw "${csrf_field}=${csrf_value}&apply=Apply+changes&if=opt2" -v 2>&1 \
 	| grep -q -e '^< HTTP/1\.1 302 Found'

 if [ $? -ne 0 ]; then
 	echo "Apply changes failed, check session/CSRF tokens (defined in this script)" >&2
 	return 1
 fi


 # Pause a moment to let the configuration backend apply any settings
 sleep 3

 # Check if a default route is present for ipv6
 netstat -nr -f inet6 | grep -q -e '^default'
 has_inet6_default_route=$?

 # Exit the script with status code 0 if a default IPv6 route is present, 1 otherwise
 if [ $has_inet6_default_route -eq 0 ]; then
 	echo "Default IPv6 route is present, exit 0"
 	return $has_inet6_default_route
 else
 	echo "No Default IPv6 route is present, die"
 	return $has_inet6_default_route
 fi
	#!/bin/sh
	# Test for presennce of default IPv6 route after applying interface settings
	# with OPNsense API. Meant to be used with git bisect run across commits to
	# find the bug discussed here:
	# https://forum.opnsense.org/index.php?topic=20260.0
	#
	# Author: cdine / Ian Gallagher <[email protected]> 2020-11

	# Dev API keys for root user on this machine. Not really secret.
	export key='cY1pLqJ2yhOvRlTJCdHFlzejshbebTgJ9iqNSA8ogKOGDeTUNO+MXQEyaDPw8AH415Byj4czYUJA1c2n'
	export secret='i1I3+wyak5o8GIHixUe9929bQcx0F1lp1OuNpCmJKXgydHTL5KBa04/OoJS9eFJnRJscdypg1cjw+KWc'

	# Cookie/CSRF form values for non-API driven things. Again, not really secret because this is for a lab instance. Have at it :)
	cookie_phpsessid='c40405f89b2ba86d5d113a91408450f1'
	csrf_field='M09Sd24vRnN5Nzl1M0dJOVdBTHRlZz09'
	csrf_value='bEVlTlI3cGVBOGVSQ20zSnNUK0szdz09'

	export opnsense_web_base='http://127.0.0.1'
	#export commit19_1=$(git show 19.1 \| awk '/^commit/ {print $2}')
	#export commit21_1_a=$(git show 21.1.a \| awk '/^commit/ {print $2}')

	# Save/apply WAN interface configuration to set interface configuration/route settings
	#curl -u "${key}":"${secret}" ${opnsense_web_base}/api/core/firmware/status

	# Seems this isn't exposed by the API, so use cookie/etc and do a form GET instead
	curl "${opnsense_web_base}/interfaces.php?if=opt2" -H "Cookie: PHPSESSID=${cookie_phpsessid}" \
	--data-raw "${csrf_field}=${csrf_value}&apply=Apply+changes&if=opt2" -v 2>&1 \
	\| grep -q -e '^< HTTP/1\.1 302 Found'

	if [ $? -ne 0 ]; then
	echo "Apply changes failed, check session/CSRF tokens (defined in this script)" >&2
	return 1
	fi


	# Pause a moment to let the configuration backend apply any settings
	sleep 3

	# Check if a default route is present for ipv6
	netstat -nr -f inet6 \| grep -q -e '^default'
	has_inet6_default_route=$?

	# Exit the script with status code 0 if a default IPv6 route is present, 1 otherwise
	if [ $has_inet6_default_route -eq 0 ]; then
	echo "Default IPv6 route is present, exit 0"
	return $has_inet6_default_route
	else
	echo "No Default IPv6 route is present, die"
	return $has_inet6_default_route
	fi