xref: /freebsd-10.1-release/etc/rc.d/netoptions

#!/bin/sh
#
# $FreeBSD: head/etc/rc.d/netoptions 197646 2009-09-30 14:58:10Z ume $
#

# PROVIDE: netoptions
# REQUIRE: FILESYSTEMS
# BEFORE: netif
# KEYWORD: nojail

. /etc/rc.subr
. /etc/network.subr

name="netoptions"
start_cmd="netoptions_start"
stop_cmd=:

_netoptions_initdone=
netoptions_init()
{
	if [ -z "${_netoptions_initdone}" ]; then
		echo -n 'Additional TCP/IP options:'
		_netoptions_initdone=yes
	fi
}

netoptions_start()
{
	if checkyesno log_in_vain; then
		netoptions_init
		echo -n " log_in_vain=${log_in_vain}"
		${SYSCTL_W} net.inet.tcp.log_in_vain="${log_in_vain}" >/dev/null
		${SYSCTL_W} net.inet.udp.log_in_vain="${log_in_vain}" >/dev/null
	fi

	if checkyesno tcp_extensions; then
		netoptions_init
		echo -n ' rfc1323 extensions=NO'
		${SYSCTL_W} net.inet.tcp.rfc1323=0 >/dev/null
	fi

	if ! checkyesno tcp_keepalive; then
		netoptions_init
		echo -n ' TCP keepalive=NO'
		${SYSCTL_W} net.inet.tcp.always_keepalive=0 >/dev/null
	fi

	if checkyesno tcp_drop_synfin; then
		netoptions_init
		echo -n ' drop SYN+FIN packets=YES'
		${SYSCTL_W} net.inet.tcp.drop_synfin=1 >/dev/null
	fi

	case ${ip_portrange_first} in
	[0-9]*)
		netoptions_init
		echo -n " ip_portrange_first=$ip_portrange_first"
		${SYSCTL_W} net.inet.ip.portrange.first=$ip_portrange_first >/dev/null
		;;
	esac

	case ${ip_portrange_last} in
	[0-9]*)
		netoptions_init
		echo -n " ip_portrange_last=$ip_portrange_last"
		${SYSCTL_W} net.inet.ip.portrange.last=$ip_portrange_last >/dev/null
		;;
	esac

	if afexists inet6; then
		if checkyesno ipv6_ipv4mapping; then
			${SYSCTL_W} net.inet6.ip6.v6only=0 >/dev/null
		else
			echo -n " no-ipv4-mapped-ipv6"
			${SYSCTL_W} net.inet6.ip6.v6only=1 >/dev/null
		fi
	fi

	[ -n "${_netoptions_initdone}" ] && echo '.'
}

load_rc_config $name
run_rc_command $1