stf revision 197139 
1197139Shrs#!/bin/sh
2197139Shrs# $FreeBSD: head/etc/rc.d/stf 197139 2009-09-12 22:13:41Z hrs $
3197139Shrs#
4197139Shrs
5197139Shrs# PROVIDE: stf
6197139Shrs# REQUIRE: netif routing
7197139Shrs# KEYWORD: nojail
8197139Shrs
9197139Shrs. /etc/rc.subr
10197139Shrs. /etc/network.subr
11197139Shrs
12197139Shrsname="stf"
13197139Shrsstart_cmd="stf_up"
14197139Shrsstop_cmd="stf_down"
15197139Shrs
16197139Shrsstf_up()
17197139Shrs{
18197139Shrs	case ${stf_interface_ipv4addr} in
19197139Shrs	[Nn][Oo] | '')
20197139Shrs		;;
21197139Shrs	*)
22197139Shrs		# assign IPv6 addr and interface route for 6to4 interface
23197139Shrs		stf_prefixlen=$((16+${stf_interface_ipv4plen:-0}))
24197139Shrs		OIFS="$IFS"
25197139Shrs		IFS=".$IFS"
26197139Shrs		set ${stf_interface_ipv4addr}
27197139Shrs		IFS="$OIFS"
28197139Shrs		hexfrag1=`hexprint $(($1*256 + $2))`
29197139Shrs		hexfrag2=`hexprint $(($3*256 + $4))`
30197139Shrs		ipv4_in_hexformat="${hexfrag1}:${hexfrag2}"
31197139Shrs		case ${stf_interface_ipv6_ifid} in
32197139Shrs		[Aa][Uu][Tt][Oo] | '')
33197139Shrs			for i in ${ipv6_network_interfaces}; do
34197139Shrs				laddr=`network6_getladdr ${i}`
35197139Shrs				case ${laddr} in
36197139Shrs				'')
37197139Shrs					;;
38197139Shrs				*)
39197139Shrs					break
40197139Shrs					;;
41197139Shrs				esac
42197139Shrs			done
43197139Shrs			stf_interface_ipv6_ifid=`expr "${laddr}" : \
44197139Shrs						      'fe80::\(.*\)%\(.*\)'`
45197139Shrs			case ${stf_interface_ipv6_ifid} in
46197139Shrs			'')
47197139Shrs				stf_interface_ipv6_ifid=0:0:0:1
48197139Shrs				;;
49197139Shrs			esac
50197139Shrs			;;
51197139Shrs		esac
52197139Shrs		echo "Configuring 6to4 tunnel interface: stf0." 
53197139Shrs		ifconfig stf0 create >/dev/null 2>&1
54197139Shrs		ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \
55197139Shrs			prefixlen ${stf_prefixlen}
56197139Shrs		if [ -z "${rc_quiet}" ]; then
57197139Shrs			/sbin/ifconfig stf0
58197139Shrs		fi
59197139Shrs		# disallow packets to malicious 6to4 prefix
60197139Shrs		route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
61197139Shrs		route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject
62197139Shrs		route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject
63197139Shrs		route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject
64197139Shrs		;;
65197139Shrs	esac
66197139Shrs}
67197139Shrs
68197139Shrsstf_down()
69197139Shrs{
70197139Shrs	echo "Removing 6to4 tunnel interface: stf0." 
71197139Shrs	ifconfig stf0 destroy
72197139Shrs	route delete -inet6 2002:e000:: -prefixlen 20 ::1
73197139Shrs	route delete -inet6 2002:7f00:: -prefixlen 24 ::1
74197139Shrs	route delete -inet6 2002:0000:: -prefixlen 24 ::1
75197139Shrs	route delete -inet6 2002:ff00:: -prefixlen 24 ::1
76197139Shrs}
77197139Shrs
78197139Shrsload_rc_config $name
79197139Shrsrun_rc_command "$1"
80