routing revision 197527 
1218885Sdim#!/bin/sh
2218885Sdim#
3218885Sdim# Configure routing and miscellaneous network tunables
4218885Sdim#
5218885Sdim# $FreeBSD: head/etc/rc.d/routing 197527 2009-09-26 19:00:20Z hrs $
6218885Sdim#
7218885Sdim
8218885Sdim# PROVIDE: routing
9218885Sdim# REQUIRE: faith netif ppp stf
10218885Sdim# KEYWORD: nojail
11218885Sdim
12218885Sdim. /etc/rc.subr
13249423Sdim. /etc/network.subr
14218885Sdim
15218885Sdimname="routing"
16218885Sdimstart_cmd="routing_start"
17218885Sdimstop_cmd="routing_stop"
18218885Sdimextra_commands="options static"
19218885Sdimstatic_cmd="static_start"
20218885Sdimoptions_cmd="options_start"
21249423Sdim
22249423Sdimrouting_start()
23249423Sdim{
24249423Sdim	static_start "$@"
25243830Sdim	options_start "$@"
26243830Sdim}
27263508Sdim
28263508Sdimrouting_stop()
29243830Sdim{
30243830Sdim	static_stop "$@"
31263508Sdim	route -n flush
32263508Sdim	for i in ${ipv6_network_interfaces}; do
33243830Sdim		ifconfig $i inet6 -defaultif
34243830Sdim	done
35243830Sdim}
36243830Sdim
37243830Sdimstatic_start()
38243830Sdim{
39243830Sdim	local _af
40243830Sdim	_af=$1
41243830Sdim
42243830Sdim	case ${_af} in
43243830Sdim	inet)
44243830Sdim		do_static inet add
45243830Sdim		;;
46243830Sdim	inet6)
47243830Sdim		do_static inet6 add
48243830Sdim		;;
49263508Sdim	atm)
50263508Sdim		do_static atm add
51263508Sdim		;;
52263508Sdim	*)
53239462Sdim		do_static inet add
54239462Sdim		do_static inet6 add
55239462Sdim		do_static atm add
56239462Sdim		;;
57239462Sdim	esac
58239462Sdim}
59239462Sdim
60239462Sdimstatic_stop()
61239462Sdim{
62249423Sdim	local _af
63249423Sdim	_af=$1
64249423Sdim
65249423Sdim	case ${_af} in
66239462Sdim	inet)
67239462Sdim		do_static inet delete
68263508Sdim		;;
69263508Sdim	inet6)
70263508Sdim		do_static inet6 delete
71263508Sdim		;;
72263508Sdim	atm)
73263508Sdim		do_static atm delete
74263508Sdim		;;
75263508Sdim	*)
76263508Sdim		do_static inet delete
77263508Sdim		do_static inet6 delete
78263508Sdim		do_static atm delete
79263508Sdim		;;
80263508Sdim	esac
81263508Sdim}
82249423Sdim
83249423Sdimdo_static()
84249423Sdim{
85249423Sdim	local _af _action
86249423Sdim	_af=$1
87249423Sdim	_action=$2
88249423Sdim
89249423Sdim	eval $1_static $2
90249423Sdim}
91249423Sdim
92234353Sdiminet_static()
93234353Sdim{
94239462Sdim	local _action
95239462Sdim	_action=$1
96243830Sdim
97243830Sdim	case ${defaultrouter} in
98243830Sdim	[Nn][Oo] | '')
99243830Sdim		;;
100243830Sdim	*)
101243830Sdim		static_routes="default ${static_routes}"
102234353Sdim		route_default="default ${defaultrouter}"
103234353Sdim		;;
104234353Sdim	esac
105234353Sdim
106239462Sdim	if [ -n "${static_routes}" ]; then
107239462Sdim		for i in ${static_routes}; do
108243830Sdim			route_args=`get_if_var $i route_IF`
109243830Sdim			route ${_action} ${route_args}
110243830Sdim		done
111243830Sdim	fi
112243830Sdim}
113243830Sdim
114234353Sdiminet6_static()
115234353Sdim{
116234353Sdim	local _action i
117234353Sdim	_action=$1
118234353Sdim
119234353Sdim	# disallow "internal" addresses to appear on the wire
120239462Sdim	route ${_action} -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
121239462Sdim	route ${_action} -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
122234353Sdim
123234353Sdim	case ${ipv6_defaultrouter} in
124239462Sdim	[Nn][Oo] | '')
125239462Sdim		;;
126243830Sdim	*)
127243830Sdim		ipv6_static_routes="default ${ipv6_static_routes}"
128243830Sdim		ipv6_route_default="default ${ipv6_defaultrouter}"
129243830Sdim		;;
130243830Sdim	esac
131243830Sdim
132239462Sdim	if [ -n "${ipv6_static_routes}" ]; then
133239462Sdim		for i in ${ipv6_static_routes}; do
134249423Sdim			ipv6_route_args=`get_if_var $i ipv6_route_IF`
135249423Sdim			route ${_action} -inet6 ${ipv6_route_args}
136249423Sdim		done
137249423Sdim	fi
138249423Sdim
139249423Sdim	# Fixup $ipv6_network_interfaces
140249423Sdim	case ${ipv6_network_interfaces} in
141249423Sdim	[Nn][Oo][Nn][Ee])
142249423Sdim		ipv6_network_interfaces=''
143249423Sdim		;;
144249423Sdim	esac
145249423Sdim
146249423Sdim	if checkyesno ipv6_gateway_enable; then
147249423Sdim		for i in ${ipv6_network_interfaces}; do
148243830Sdim
149243830Sdim			laddr=`network6_getladdr $i exclude_tentative`
150243830Sdim			case ${laddr} in
151243830Sdim			'')
152243830Sdim				;;
153243830Sdim			*)
154243830Sdim				ipv6_working_interfaces="$i \
155243830Sdim				    ${ipv6_working_interfaces}"
156234353Sdim				;;
157234353Sdim			esac
158239462Sdim		done
159239462Sdim		ipv6_network_interfaces=${ipv6_working_interfaces}
160234353Sdim	fi
161234353Sdim
162249423Sdim	# Install the "default interface" to kernel, which will be used
163249423Sdim	# as the default route when there's no router.
164249423Sdim	case "${ipv6_default_interface}" in
165249423Sdim	[Nn][Oo] | [Nn][Oo][Nn][Ee])
166249423Sdim		ipv6_default_interface=""
167249423Sdim		;;
168249423Sdim	[Aa][Uu][Tt][Oo] | "")
169249423Sdim		for i in ${ipv6_network_interfaces}; do
170234353Sdim			case $i in
171234353Sdim			lo0|faith[0-9]*)
172234353Sdim				continue
173234353Sdim				;;
174234353Sdim			esac
175234353Sdim			laddr=`network6_getladdr $i exclude_tentative`
176234353Sdim			case ${laddr} in
177234353Sdim			'')
178234353Sdim				;;
179234353Sdim			*)
180234353Sdim				ipv6_default_interface=$i
181234353Sdim				break
182239462Sdim				;;
183239462Sdim			esac
184234353Sdim		done
185234353Sdim		;;
186239462Sdim	esac
187239462Sdim
188249423Sdim	# Disallow unicast packets without outgoing scope identifiers,
189249423Sdim	# or route such packets to a "default" interface, if it is specified.
190234353Sdim	route ${_action} -inet6 fe80:: -prefixlen 10 ::1 -reject
191234353Sdim
192243830Sdim	case ${ipv6_default_interface} in
193243830Sdim	'')
194243830Sdim		route ${_action} -inet6 ff02:: -prefixlen 16 ::1 -reject
195243830Sdim		;;
196243830Sdim	*)
197243830Sdim		laddr=`network6_getladdr ${ipv6_default_interface}`
198234353Sdim		route ${_action} -inet6 ff02:: ${laddr} -prefixlen 16 -interface
199234353Sdim
200239462Sdim		# Disable installing the default interface with the
201239462Sdim		# case net.inet6.ip6.forwarding=0 and
202234353Sdim		# the interface with no ND6_IFF_ACCEPT_RTADV
203234353Sdim		# to avoid conflict between the default router list and
204239462Sdim		# the manual configured default route.
205239462Sdim		if ! checkyesno ipv6_gateway_enable; then
206239462Sdim			ifconfig ${ipv6_default_interface} nd6 | \
207239462Sdim			while read proto options
208234353Sdim			do
209234353Sdim				case "${proto}:${options}" in
210239462Sdim				nd6:*ACCEPT_RTADV*)
211239462Sdim					ifconfig ${ipv6_default_interface} inet6 defaultif
212234353Sdim					break
213234353Sdim				;;
214234353Sdim				esac
215234353Sdim			done
216239462Sdim		fi
217239462Sdim		;;
218234353Sdim	esac
219234353Sdim}
220249423Sdim
221249423Sdimatm_static()
222249423Sdim{
223249423Sdim	local _action i
224249423Sdim	_action=$1
225249423Sdim
226249423Sdim	if [ -n "${natm_static_routes}" ]; then
227249423Sdim		for i in ${natm_static_routes}; do
228249423Sdim			route_args=`get_if_var $i route_IF`
229249423Sdim			atmconfig natm ${_action} ${route_args}
230249423Sdim		done
231249423Sdim	fi
232249423Sdim}
233249423Sdim
234249423Sdim_ropts_initdone=
235249423Sdimropts_init()
236249423Sdim{
237249423Sdim	if [ -z "${_ropts_initdone}" ]; then
238249423Sdim		echo -n 'Additional routing options:'
239249423Sdim		_ropts_initdone=yes
240249423Sdim	fi
241249423Sdim}
242249423Sdim
243249423Sdimoptions_start()
244239462Sdim{
245239462Sdim	if checkyesno icmp_bmcastecho; then
246249423Sdim		ropts_init
247249423Sdim		echo -n ' broadcast ping responses=YES'
248234353Sdim		sysctl net.inet.icmp.bmcastecho=1 >/dev/null
249234353Sdim	fi
250239462Sdim
251239462Sdim	if checkyesno icmp_drop_redirect; then
252234353Sdim		ropts_init
253234353Sdim		echo -n ' ignore ICMP redirect=YES'
254234353Sdim		sysctl net.inet.icmp.drop_redirect=1 >/dev/null
255234353Sdim	fi
256239462Sdim
257239462Sdim	if checkyesno icmp_log_redirect; then
258234353Sdim		ropts_init
259234353Sdim		echo -n ' log ICMP redirect=YES'
260249423Sdim		sysctl net.inet.icmp.log_redirect=1 >/dev/null
261249423Sdim	fi
262249423Sdim
263249423Sdim	if checkyesno gateway_enable; then
264249423Sdim		ropts_init
265249423Sdim		echo -n ' IPv4 gateway=YES'
266239462Sdim		sysctl net.inet.ip.forwarding=1 >/dev/null
267239462Sdim	fi
268234353Sdim
269234353Sdim	if checkyesno ipv6_gateway_enable; then
270249423Sdim		ropts_init
271249423Sdim		echo -n ' IPv6 gateway=YES'
272243830Sdim		sysctl net.inet6.ip6.forwarding=1 >/dev/null
273243830Sdim	fi
274249423Sdim
275249423Sdim	if checkyesno forward_sourceroute; then
276249423Sdim		ropts_init
277249423Sdim		echo -n ' do source routing=YES'
278249423Sdim		sysctl net.inet.ip.sourceroute=1 >/dev/null
279249423Sdim	fi
280249423Sdim
281249423Sdim	if checkyesno accept_sourceroute; then
282249423Sdim		ropts_init
283249423Sdim		echo -n ' accept source routing=YES'
284249423Sdim		sysctl net.inet.ip.accept_sourceroute=1 >/dev/null
285249423Sdim	fi
286249423Sdim
287249423Sdim	if checkyesno ipxgateway_enable; then
288249423Sdim		ropts_init
289249423Sdim		echo -n ' IPX gateway=YES'
290249423Sdim		sysctl net.ipx.ipx.ipxforwarding=1 >/dev/null
291249423Sdim	fi
292249423Sdim
293249423Sdim	if checkyesno arpproxy_all; then
294249423Sdim		ropts_init
295249423Sdim		echo -n ' ARP proxyall=YES'
296249423Sdim		sysctl net.link.ether.inet.proxyall=1 >/dev/null
297249423Sdim	fi
298249423Sdim
299249423Sdim	 [ -n "${_ropts_initdone}" ] && echo '.'
300249423Sdim}
301249423Sdim
302249423Sdimload_rc_config $name
303249423Sdimrun_rc_command "$@"
304249423Sdim