network.subr revision 173355
1# 2# Copyright (c) 2003 The FreeBSD Project. All rights reserved. 3# 4# Redistribution and use in source and binary forms, with or without 5# modification, are permitted provided that the following conditions 6# are met: 7# 1. Redistributions of source code must retain the above copyright 8# notice, this list of conditions and the following disclaimer. 9# 2. Redistributions in binary form must reproduce the above copyright 10# notice, this list of conditions and the following disclaimer in the 11# documentation and/or other materials provided with the distribution. 12# 13# THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 14# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16# ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 17# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23# SUCH DAMAGE. 24# 25# $FreeBSD: head/etc/network.subr 173355 2007-11-05 06:13:07Z thompsa $ 26# 27 28# 29# Subroutines commonly used from network startup scripts. 30# Requires that rc.conf be loaded first. 31# 32 33# ifconfig_up if 34# Evaluate ifconfig(8) arguments for interface $if and 35# run ifconfig(8) with those arguments. It returns 0 if 36# arguments were found and executed or 1 if the interface 37# had no arguments. Pseudo arguments DHCP and WPA are handled 38# here. 39# 40ifconfig_up() 41{ 42 _cfg=1 43 44 ifconfig_args=`ifconfig_getargs $1` 45 if [ -n "${ifconfig_args}" ]; then 46 ifconfig $1 up 47 ifconfig $1 ${ifconfig_args} 48 _cfg=0 49 fi 50 51 if wpaif $1; then 52 /etc/rc.d/wpa_supplicant start $1 53 _cfg=0 # XXX: not sure this should count 54 fi 55 56 if dhcpif $1; then 57 if [ $_cfg -ne 0 ] ; then 58 ifconfig $1 up 59 fi 60 if syncdhcpif $1; then 61 /etc/rc.d/dhclient start $1 62 fi 63 _cfg=0 64 fi 65 66 return $_cfg 67} 68 69# ifconfig_down if 70# returns 1 if wpa_supplicant or dhclient was stopped or 71# the interface exists. 72# 73ifconfig_down() 74{ 75 [ -z "$1" ] && return 1 76 _cfg=1 77 78 if wpaif $1; then 79 /etc/rc.d/wpa_supplicant stop $1 80 _cfg=0 81 fi 82 83 if dhcpif $1; then 84 /etc/rc.d/dhclient stop $1 85 _cfg=0 86 fi 87 88 if ifexists $1; then 89 ifconfig $1 down 90 _cfg=0 91 fi 92 93 return $_cfg 94} 95 96# get_if_var if var [default] 97# Return the value of the pseudo-hash corresponding to $if where 98# $var is a string containg the sub-string "IF" which will be 99# replaced with $if after the characters defined in _punct are 100# replaced with '_'. If the variable is unset, replace it with 101# $default if given. 102get_if_var() 103{ 104 if [ $# -ne 2 -a $# -ne 3 ]; then 105 err 3 'USAGE: get_if_var name var [default]' 106 fi 107 108 _if=$1 109 _punct=". - / +" 110 for _punct_c in $_punct; do 111 _if=`ltr ${_if} ${_punct_c} '_'` 112 done 113 _var=$2 114 _default=$3 115 116 prefix=${_var%%IF*} 117 suffix=${_var##*IF} 118 eval echo \${${prefix}${_if}${suffix}-${_default}} 119} 120 121# _ifconfig_getargs if 122# Echos the arguments for the supplied interface to stdout. 123# returns 1 if empty. In general, ifconfig_getargs should be used 124# outside this file. 125_ifconfig_getargs() 126{ 127 _ifn=$1 128 if [ -z "$_ifn" ]; then 129 return 1 130 fi 131 132 get_if_var $_ifn ifconfig_IF "$ifconfig_DEFAULT" 133} 134 135# ifconfig_getargs if 136# Takes the result from _ifconfig_getargs and removes pseudo 137# args such as DHCP and WPA. 138ifconfig_getargs() 139{ 140 _tmpargs=`_ifconfig_getargs $1` 141 if [ $? -eq 1 ]; then 142 return 1 143 fi 144 _args= 145 146 for _arg in $_tmpargs; do 147 case $_arg in 148 [Dd][Hh][Cc][Pp]) ;; 149 [Nn][Oo][Aa][Uu][Tt][Oo]) ;; 150 [Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;; 151 [Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;; 152 [Ww][Pp][Aa]) ;; 153 *) 154 _args="$_args $_arg" 155 ;; 156 esac 157 done 158 159 echo $_args 160} 161 162# autoif 163# Returns 0 if the interface should be automaticly configured at 164# boot time and 1 otherwise. 165autoif() 166{ 167 _tmpargs=`_ifconfig_getargs $1` 168 for _arg in $_tmpargs; do 169 case $_arg in 170 [Nn][Oo][Aa][Uu][Tt][Oo]) 171 return 1 172 ;; 173 esac 174 done 175 return 0 176} 177 178# dhcpif if 179# Returns 0 if the interface is a DHCP interface and 1 otherwise. 180dhcpif() 181{ 182 _tmpargs=`_ifconfig_getargs $1` 183 for _arg in $_tmpargs; do 184 case $_arg in 185 [Dd][Hh][Cc][Pp]) 186 return 0 187 ;; 188 [Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) 189 return 0 190 ;; 191 [Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) 192 return 0 193 ;; 194 esac 195 done 196 return 1 197} 198 199# syncdhcpif 200# Returns 0 if the interface should be configured synchronously and 201# 1 otherwise. 202syncdhcpif() 203{ 204 _tmpargs=`_ifconfig_getargs $1` 205 for _arg in $_tmpargs; do 206 case $_arg in 207 [Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) 208 return 1 209 ;; 210 [Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) 211 return 0 212 ;; 213 esac 214 done 215 if checkyesno synchronous_dhclient; then 216 return 0 217 else 218 return 1 219 fi 220} 221 222# wpaif if 223# Returns 0 if the interface is a WPA interface and 1 otherwise. 224wpaif() 225{ 226 _tmpargs=`_ifconfig_getargs $1` 227 for _arg in $_tmpargs; do 228 case $_arg in 229 [Ww][Pp][Aa]) 230 return 0 231 ;; 232 esac 233 done 234 return 1 235} 236 237# ipv6if if 238# Returns 0 if the interface should be configured for IPv6 and 239# 1 otherwise. 240ipv6if() 241{ 242 if ! checkyesno ipv6_enable; then 243 return 1 244 fi 245 case "${ipv6_network_interfaces}" in 246 [Aa][Uu][Tt][Oo]) 247 return 0 248 ;; 249 ''|[Nn][Oo][Nn][Ee]) 250 return 1 251 ;; 252 esac 253 for v6if in ${ipv6_network_interfaces}; do 254 if [ "${v6if}" = "${1}" ]; then 255 return 0 256 fi 257 done 258 return 1 259} 260 261# ifexists if 262# Returns 0 if the interface exists and 1 otherwise. 263ifexists() 264{ 265 ifconfig -n $1 > /dev/null 2>&1 266} 267 268# ipv4_up if 269# add IPv4 addresses to the interface $if 270ipv4_up() 271{ 272 _if=$1 273 ifalias_up ${_if} 274 ipv4_addrs_common ${_if} alias 275} 276 277# ipv4_down if 278# remove IPv4 addresses from the interface $if 279ipv4_down() 280{ 281 _if=$1 282 _ifs="^" 283 _ret=1 284 285 ifexists ${_if} || return 1 286 287 inetList="`ifconfig ${_if} | grep 'inet ' | tr "\n" "$_ifs"`" 288 289 oldifs="$IFS" 290 IFS="$_ifs" 291 for _inet in $inetList ; do 292 # get rid of extraneous line 293 [ -z "$_inet" ] && break 294 295 _inet=`expr "$_inet" : '.*\(inet \([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}\).*'` 296 297 IFS="$oldifs" 298 ifconfig ${_if} ${_inet} delete 299 IFS="$_ifs" 300 _ret=0 301 done 302 IFS="$oldifs" 303 304 ifalias_down ${_if} && _ret=0 305 ipv4_addrs_common ${_if} -alias && _ret=0 306 307 return $_ret 308} 309 310# ipv4_addrs_common if action 311# Evaluate the ifconfig_if_ipv4 arguments for interface $if 312# and use $action to add or remove IPv4 addresses from $if. 313ipv4_addrs_common() 314{ 315 _ret=1 316 _if=$1 317 _action=$2 318 319 # get ipv4-addresses 320 cidr_addr=`get_if_var $_if ipv4_addrs_IF` 321 322 for _cidr in ${cidr_addr}; do 323 _ipaddr=${_cidr%%/*} 324 _netmask="/"${_cidr##*/} 325 _range=${_ipaddr##*.} 326 _ipnet=${_ipaddr%.*} 327 _iplow=${_range%-*} 328 _iphigh=${_range#*-} 329 330 # clear netmask when removing aliases 331 if [ "${_action}" = "-alias" ]; then 332 _netmask="" 333 fi 334 335 _ipcount=${_iplow} 336 while [ "${_ipcount}" -le "${_iphigh}" ]; do 337 eval "ifconfig ${_if} ${_action} ${_ipnet}.${_ipcount}${_netmask}" 338 _ipcount=$((${_ipcount}+1)) 339 _ret=0 340 341 # only the first ipaddr in a subnet need the real netmask 342 if [ "${_action}" != "-alias" ]; then 343 _netmask="/32" 344 fi 345 done 346 done 347 return $_ret 348} 349 350# ifalias_up if 351# Configure aliases for network interface $if. 352# It returns 0 if at least one alias was configured or 353# 1 if there were none. 354# 355ifalias_up() 356{ 357 _ret=1 358 alias=0 359 while : ; do 360 ifconfig_args=`get_if_var $1 ifconfig_IF_alias${alias}` 361 if [ -n "${ifconfig_args}" ]; then 362 ifconfig $1 ${ifconfig_args} alias 363 alias=$((${alias} + 1)) 364 _ret=0 365 else 366 break 367 fi 368 done 369 return $_ret 370} 371 372#ifalias_down if 373# Remove aliases for network interface $if. 374# It returns 0 if at least one alias was removed or 375# 1 if there were none. 376# 377ifalias_down() 378{ 379 _ret=1 380 alias=0 381 while : ; do 382 ifconfig_args=`get_if_var $1 ifconfig_IF_alias${alias}` 383 if [ -n "${ifconfig_args}" ]; then 384 ifconfig $1 ${ifconfig_args} -alias 385 alias=$((${alias} + 1)) 386 _ret=0 387 else 388 break 389 fi 390 done 391 return $_ret 392} 393 394# ifscript_up if 395# Evaluate a startup script for the $if interface. 396# It returns 0 if a script was found and processed or 397# 1 if no script was found. 398# 399ifscript_up() 400{ 401 if [ -r /etc/start_if.$1 ]; then 402 . /etc/start_if.$1 403 return 0 404 fi 405 return 1 406} 407 408# ifscript_down if 409# Evaluate a shutdown script for the $if interface. 410# It returns 0 if a script was found and processed or 411# 1 if no script was found. 412# 413ifscript_down() 414{ 415 if [ -r /etc/stop_if.$1 ]; then 416 . /etc/stop_if.$1 417 return 0 418 fi 419 return 1 420} 421 422# Create cloneable interfaces. 423# 424clone_up() 425{ 426 _prefix= 427 _list= 428 for ifn in ${cloned_interfaces}; do 429 ifconfig ${ifn} create 430 if [ $? -eq 0 ]; then 431 _list="${_list}${_prefix}${ifn}" 432 [ -z "$_prefix" ] && _prefix=' ' 433 fi 434 done 435 debug "Cloned: ${_list}" 436} 437 438# Destroy cloned interfaces. Destroyed interfaces are echoed 439# to standard output. 440# 441clone_down() 442{ 443 _prefix= 444 _list= 445 for ifn in ${cloned_interfaces}; do 446 ifconfig ${ifn} destroy 447 if [ $? -eq 0 ]; then 448 _list="${_list}${_prefix}${ifn}" 449 [ -z "$_prefix" ] && _prefix=' ' 450 fi 451 done 452 debug "Destroyed clones: ${_list}" 453} 454 455# Create netgraph nodes. 456# 457ng_mkpeer() { 458 ngctl -f - 2> /dev/null <<EOF 459mkpeer $* 460msg dummy nodeinfo 461EOF 462} 463 464ng_create_one() { 465 ng_mkpeer $* | while read line; do 466 t=`expr "${line}" : '.* name="\([a-z]*[0-9]*\)" .*'` 467 if [ -n "${t}" ]; then 468 echo ${t} 469 return 470 fi 471 done 472} 473 474gif_up() { 475 # The following must be removed once RELENG_7 is branched. 476 case ${gif_interfaces} in 477 [Nn][Oo]) 478 warn "gif_interfaces=\"NO\" is deprecated, use gif_interfaces=\"\" instead." 479 gif_interfaces="" 480 ;; 481 esac 482 483 for i in ${gif_interfaces}; do 484 peers=`get_if_var $i gifconfig_IF` 485 case ${peers} in 486 '') 487 continue 488 ;; 489 *) 490 ifconfig $i create >/dev/null 2>&1 491 ifconfig $i tunnel ${peers} 492 ifconfig $i up 493 ;; 494 esac 495 done 496} 497 498# ng_fec_create ifn 499# Configure Fast EtherChannel for interface $ifn. Returns 0 if FEC 500# arguments were found and configured; returns !0 otherwise. 501ng_fec_create() { 502 local req_iface iface bogus 503 req_iface="$1" 504 505 ngctl shutdown ${req_iface}: > /dev/null 2>&1 506 507 bogus="" 508 while true; do 509 iface=`ng_create_one fec dummy fec` 510 if [ -z "${iface}" ]; then 511 exit 2 512 fi 513 if [ "${iface}" = "${req_iface}" ]; then 514 break 515 fi 516 bogus="${bogus} ${iface}" 517 done 518 519 for iface in ${bogus}; do 520 ngctl shutdown ${iface}: 521 done 522} 523 524fec_up() { 525 for i in ${fec_interfaces}; do 526 ng_fec_create $i 527 for j in `get_if_var $i fecconfig_IF`; do 528 case ${j} in 529 '') 530 continue 531 ;; 532 *) 533 ngctl msg ${i}: add_iface "\"${j}\"" 534 ;; 535 esac 536 done 537 done 538} 539 540# 541# ipx_up ifn 542# Configure any IPX addresses for interface $ifn. Returns 0 if IPX 543# arguments were found and configured; returns 1 otherwise. 544# 545ipx_up() 546{ 547 ifn="$1" 548 ifconfig_args=`get_if_var $ifn ifconfig_IF_ipx` 549 if [ -n "${ifconfig_args}" ]; then 550 ifconfig ${ifn} ${ifconfig_args} 551 return 0 552 fi 553 return 1 554} 555 556# ipx_down ifn 557# Remove IPX addresses for interface $ifn. Returns 0 if IPX 558# addresses were found and unconfigured. It returns 1, otherwise. 559# 560ipx_down() 561{ 562 [ -z "$1" ] && return 1 563 _ifs="^" 564 _ret=1 565 566 ifexists $1 || return 1 567 568 ipxList="`ifconfig $1 | grep 'ipx ' | tr "\n" "$_ifs"`" 569 570 oldifs="$IFS" 571 IFS="$_ifs" 572 for _ipx in $ipxList ; do 573 # get rid of extraneous line 574 [ -z "$_ipx" ] && break 575 576 _ipx=`expr "$_ipx" : '.*\(ipx [0-9a-h]\{1,8\}H*\.[0-9a-h]\{1,12\}\).*'` 577 578 IFS="$oldifs" 579 ifconfig $1 ${_ipx} delete 580 IFS="$_ifs" 581 _ret=0 582 done 583 IFS="$oldifs" 584 585 return $_ret 586} 587 588# ifnet_rename 589# Rename all requested interfaces. 590# 591ifnet_rename() 592{ 593 594 _ifn_list="`ifconfig -l`" 595 [ -z "$_ifn_list" ] && return 0 596 for _if in ${_ifn_list} ; do 597 _ifname=`get_if_var $_if ifconfig_IF_name` 598 if [ ! -z "$_ifname" ]; then 599 ifconfig $_if name $_ifname 600 fi 601 done 602 return 0 603} 604 605# 606# list_net_interfaces type 607# List all network interfaces. The type of interface returned 608# can be controlled by the type argument. The type 609# argument can be any of the following: 610# nodhcp - all interfaces, excluding DHCP configured interfaces 611# dhcp - list only DHCP configured interfaces 612# If no argument is specified all network interfaces are output. 613# Note that the list will include cloned interfaces if applicable. 614# Cloned interfaces must already exist to have a chance to appear 615# in the list if ${network_interfaces} is set to `auto'. 616# 617list_net_interfaces() 618{ 619 type=$1 620 621 # Get a list of ALL the interfaces and make lo0 first if it's there. 622 # 623 case ${network_interfaces} in 624 [Aa][Uu][Tt][Oo]) 625 _prefix='' 626 _autolist="`ifconfig -l`" 627 _lo= 628 for _if in ${_autolist} ; do 629 if autoif $_if; then 630 if [ "$_if" = "lo0" ]; then 631 _lo="lo0 " 632 else 633 _tmplist="${_tmplist}${_prefix}${_if}" 634 [ -z "$_prefix" ] && _prefix=' ' 635 fi 636 fi 637 done 638 _tmplist="${_lo}${_tmplist}" 639 ;; 640 *) 641 _tmplist="${network_interfaces} ${cloned_interfaces}" 642 ;; 643 esac 644 645 if [ -z "$type" ]; then 646 echo $_tmplist 647 return 0 648 fi 649 650 # Separate out dhcp and non-dhcp interfaces 651 # 652 _aprefix= 653 _bprefix= 654 for _if in ${_tmplist} ; do 655 if dhcpif $_if; then 656 _dhcplist="${_dhcplist}${_aprefix}${_if}" 657 [ -z "$_aprefix" ] && _aprefix=' ' 658 elif [ -n "`_ifconfig_getargs $_if`" ]; then 659 _nodhcplist="${_nodhcplist}${_bprefix}${_if}" 660 [ -z "$_bprefix" ] && _bprefix=' ' 661 fi 662 done 663 664 case "$type" in 665 nodhcp) 666 echo $_nodhcplist 667 ;; 668 dhcp) 669 echo $_dhcplist 670 ;; 671 esac 672 return 0 673} 674 675hexdigit() 676{ 677 if [ $1 -lt 10 ]; then 678 echo $1 679 else 680 case $1 in 681 10) echo a ;; 682 11) echo b ;; 683 12) echo c ;; 684 13) echo d ;; 685 14) echo e ;; 686 15) echo f ;; 687 esac 688 fi 689} 690 691hexprint() 692{ 693 val=$1 694 str='' 695 696 dig=`hexdigit $((${val} & 15))` 697 str=${dig}${str} 698 val=$((${val} >> 4)) 699 while [ ${val} -gt 0 ]; do 700 dig=`hexdigit $((${val} & 15))` 701 str=${dig}${str} 702 val=$((${val} >> 4)) 703 done 704 705 echo ${str} 706} 707 708# Setup the interfaces for IPv6 709network6_interface_setup() 710{ 711 interfaces=$* 712 rtsol_interfaces='' 713 case ${ipv6_gateway_enable} in 714 [Yy][Ee][Ss]) 715 rtsol_available=no 716 ;; 717 *) 718 rtsol_available=yes 719 ;; 720 esac 721 for i in $interfaces; do 722 rtsol_interface=yes 723 prefix=`get_if_var $i ipv6_prefix_IF` 724 if [ -n "${prefix}" ]; then 725 rtsol_available=no 726 rtsol_interface=no 727 laddr=`network6_getladdr $i` 728 hostid=`expr "${laddr}" : 'fe80::\(.*\)%\(.*\)'` 729 for j in ${prefix}; do 730 address=$j\:${hostid} 731 ifconfig $i inet6 ${address} prefixlen 64 alias 732 733 case ${ipv6_gateway_enable} in 734 [Yy][Ee][Ss]) 735 # subnet-router anycast address 736 # (rfc2373) 737 ifconfig $i inet6 $j:: prefixlen 64 \ 738 alias anycast 739 ;; 740 esac 741 done 742 fi 743 ipv6_ifconfig=`get_if_var $i ipv6_ifconfig_IF` 744 if [ -n "${ipv6_ifconfig}" ]; then 745 rtsol_available=no 746 rtsol_interface=no 747 ifconfig $i inet6 ${ipv6_ifconfig} alias 748 fi 749 750 if [ ${rtsol_available} = yes -a ${rtsol_interface} = yes ] 751 then 752 case ${i} in 753 lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*|pflog[0-9]*|pfsync[0-9]*) 754 ;; 755 *) 756 rtsol_interfaces="${rtsol_interfaces} ${i}" 757 ;; 758 esac 759 else 760 ifconfig $i inet6 761 fi 762 done 763 764 if [ ${rtsol_available} = yes -a -n "${rtsol_interfaces}" ]; then 765 # Act as endhost - automatically configured. 766 # You can configure only single interface, as 767 # specification assumes that autoconfigured host has 768 # single interface only. 769 sysctl net.inet6.ip6.accept_rtadv=1 770 set ${rtsol_interfaces} 771 ifconfig $1 up 772 rtsol ${rtsol_flags} $1 773 fi 774 775 for i in $interfaces; do 776 alias=0 777 while : ; do 778 ipv6_ifconfig=`get_if_var $i ipv6_ifconfig_IF_alias${alias}` 779 if [ -z "${ipv6_ifconfig}" ]; then 780 break; 781 fi 782 ifconfig $i inet6 ${ipv6_ifconfig} alias 783 alias=$((${alias} + 1)) 784 done 785 done 786} 787 788# Setup IPv6 to IPv4 mapping 789network6_stf_setup() 790{ 791 case ${stf_interface_ipv4addr} in 792 [Nn][Oo] | '') 793 ;; 794 *) 795 # assign IPv6 addr and interface route for 6to4 interface 796 stf_prefixlen=$((16+${stf_interface_ipv4plen:-0})) 797 OIFS="$IFS" 798 IFS=".$IFS" 799 set ${stf_interface_ipv4addr} 800 IFS="$OIFS" 801 hexfrag1=`hexprint $(($1*256 + $2))` 802 hexfrag2=`hexprint $(($3*256 + $4))` 803 ipv4_in_hexformat="${hexfrag1}:${hexfrag2}" 804 case ${stf_interface_ipv6_ifid} in 805 [Aa][Uu][Tt][Oo] | '') 806 for i in ${ipv6_network_interfaces}; do 807 laddr=`network6_getladdr ${i}` 808 case ${laddr} in 809 '') 810 ;; 811 *) 812 break 813 ;; 814 esac 815 done 816 stf_interface_ipv6_ifid=`expr "${laddr}" : \ 817 'fe80::\(.*\)%\(.*\)'` 818 case ${stf_interface_ipv6_ifid} in 819 '') 820 stf_interface_ipv6_ifid=0:0:0:1 821 ;; 822 esac 823 ;; 824 esac 825 ifconfig stf0 create >/dev/null 2>&1 826 ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \ 827 prefixlen ${stf_prefixlen} 828 # disallow packets to malicious 6to4 prefix 829 route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject 830 route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject 831 route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject 832 route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject 833 ;; 834 esac 835} 836 837# Setup static routes 838network6_static_routes_setup() 839{ 840 # Set up any static routes. 841 case ${ipv6_defaultrouter} in 842 [Nn][Oo] | '') 843 ;; 844 *) 845 ipv6_static_routes="default ${ipv6_static_routes}" 846 ipv6_route_default="default ${ipv6_defaultrouter}" 847 ;; 848 esac 849 case ${ipv6_static_routes} in 850 [Nn][Oo] | '') 851 ;; 852 *) 853 for i in ${ipv6_static_routes}; do 854 ipv6_route_args=`get_if_var $i ipv6_route_IF` 855 route add -inet6 ${ipv6_route_args} 856 done 857 ;; 858 esac 859} 860 861# Setup faith 862network6_faith_setup() 863{ 864 case ${ipv6_faith_prefix} in 865 [Nn][Oo] | '') 866 ;; 867 *) 868 sysctl net.inet6.ip6.keepfaith=1 869 ifconfig faith0 create >/dev/null 2>&1 870 ifconfig faith0 up 871 for prefix in ${ipv6_faith_prefix}; do 872 prefixlen=`expr "${prefix}" : ".*/\(.*\)"` 873 case ${prefixlen} in 874 '') 875 prefixlen=96 876 ;; 877 *) 878 prefix=`expr "${prefix}" : \ 879 "\(.*\)/${prefixlen}"` 880 ;; 881 esac 882 route add -inet6 ${prefix} -prefixlen ${prefixlen} ::1 883 route change -inet6 ${prefix} -prefixlen ${prefixlen} \ 884 -ifp faith0 885 done 886 ;; 887 esac 888} 889 890# Install the "default interface" to kernel, which will be used 891# as the default route when there's no router. 892network6_default_interface_setup() 893{ 894 # Choose IPv6 default interface if it is not clearly specified. 895 case ${ipv6_default_interface} in 896 '') 897 for i in ${ipv6_network_interfaces}; do 898 case $i in 899 lo0|faith[0-9]*) 900 continue 901 ;; 902 esac 903 laddr=`network6_getladdr $i exclude_tentative` 904 case ${laddr} in 905 '') 906 ;; 907 *) 908 ipv6_default_interface=$i 909 break 910 ;; 911 esac 912 done 913 ;; 914 esac 915 916 # Disallow unicast packets without outgoing scope identifiers, 917 # or route such packets to a "default" interface, if it is specified. 918 route add -inet6 fe80:: -prefixlen 10 ::1 -reject 919 case ${ipv6_default_interface} in 920 [Nn][Oo] | '') 921 route add -inet6 ff02:: -prefixlen 16 ::1 -reject 922 ;; 923 *) 924 laddr=`network6_getladdr ${ipv6_default_interface}` 925 route add -inet6 ff02:: ${laddr} -prefixlen 16 -interface \ 926 -cloning 927 928 # Disable installing the default interface with the 929 # case net.inet6.ip6.forwarding=0 and 930 # net.inet6.ip6.accept_rtadv=0, due to avoid conflict 931 # between the default router list and the manual 932 # configured default route. 933 case ${ipv6_gateway_enable} in 934 [Yy][Ee][Ss]) 935 ;; 936 *) 937 if [ `sysctl -n net.inet6.ip6.accept_rtadv` -eq 1 ] 938 then 939 ndp -I ${ipv6_default_interface} 940 fi 941 ;; 942 esac 943 ;; 944 esac 945} 946 947network6_getladdr() 948{ 949 ifconfig $1 2>/dev/null | while read proto addr rest; do 950 case ${proto} in 951 inet6) 952 case ${addr} in 953 fe80::*) 954 if [ -z "$2" ]; then 955 echo ${addr} 956 return 957 fi 958 case ${rest} in 959 *tentative*) 960 continue 961 ;; 962 *) 963 echo ${addr} 964 return 965 esac 966 esac 967 esac 968 done 969} 970