1#!/bin/sh 2# 3# 4 5# PROVIDE: netoptions 6# REQUIRE: FILESYSTEMS 7# BEFORE: netif 8# KEYWORD: nojailvnet 9 10. /etc/rc.subr 11. /etc/network.subr 12 13name="netoptions" 14desc="Network options setup" 15start_cmd="netoptions_start" 16stop_cmd=: 17 18_netoptions_initdone= 19netoptions_init() 20{ 21 if [ -z "${_netoptions_initdone}" ]; then 22 echo -n 'Additional TCP/IP options:' 23 _netoptions_initdone=yes 24 fi 25} 26 27netoptions_start() 28{ 29 local _af 30 31 for _af in inet inet6; do 32 afexists ${_af} && eval netoptions_${_af} 33 done 34 [ -n "${_netoptions_initdone}" ] && echo '.' 35} 36 37netoptions_inet() 38{ 39 case ${log_in_vain} in 40 [12]) 41 netoptions_init 42 echo -n " log_in_vain=${log_in_vain}" 43 ${SYSCTL} net.inet.tcp.log_in_vain=${log_in_vain} >/dev/null 44 ${SYSCTL} net.inet.udp.log_in_vain=${log_in_vain} >/dev/null 45 ;; 46 *) 47 ${SYSCTL} net.inet.tcp.log_in_vain=0 >/dev/null 48 ${SYSCTL} net.inet.udp.log_in_vain=0 >/dev/null 49 ;; 50 esac 51 52 if checkyesno tcp_extensions; then 53 ${SYSCTL} net.inet.tcp.rfc1323=1 >/dev/null 54 else 55 netoptions_init 56 echo -n " rfc1323 extensions=${tcp_extensions}" 57 ${SYSCTL} net.inet.tcp.rfc1323=0 >/dev/null 58 fi 59 60 if checkyesno tcp_keepalive; then 61 ${SYSCTL} net.inet.tcp.always_keepalive=1 >/dev/null 62 else 63 netoptions_init 64 echo -n " TCP keepalive=${tcp_keepalive}" 65 ${SYSCTL} net.inet.tcp.always_keepalive=0 >/dev/null 66 fi 67 68 if checkyesno tcp_drop_synfin; then 69 netoptions_init 70 echo -n " drop SYN+FIN packets=${tcp_drop_synfin}" 71 ${SYSCTL} net.inet.tcp.drop_synfin=1 >/dev/null 72 else 73 ${SYSCTL} net.inet.tcp.drop_synfin=0 >/dev/null 74 fi 75 76 case ${ip_portrange_first} in 77 [0-9]*) 78 netoptions_init 79 echo -n " ip_portrange_first=$ip_portrange_first" 80 ${SYSCTL} net.inet.ip.portrange.first=$ip_portrange_first >/dev/null 81 ;; 82 esac 83 84 case ${ip_portrange_last} in 85 [0-9]*) 86 netoptions_init 87 echo -n " ip_portrange_last=$ip_portrange_last" 88 ${SYSCTL} net.inet.ip.portrange.last=$ip_portrange_last >/dev/null 89 ;; 90 esac 91} 92 93netoptions_inet6() 94{ 95 if checkyesno ipv6_ipv4mapping; then 96 netoptions_init 97 echo -n " ipv4-mapped-ipv6=${ipv6_ipv4mapping}" 98 ${SYSCTL} net.inet6.ip6.v6only=0 >/dev/null 99 else 100 ${SYSCTL} net.inet6.ip6.v6only=1 >/dev/null 101 fi 102 103 if checkyesno ipv6_privacy; then 104 netoptions_init 105 echo -n " IPv6 Privacy Addresses" 106 ${SYSCTL} net.inet6.ip6.use_tempaddr=1 >/dev/null 107 ${SYSCTL} net.inet6.ip6.prefer_tempaddr=1 >/dev/null 108 fi 109 110 case $ipv6_cpe_wanif in 111 ""|[Nn][Oo]|[Nn][Oo][Nn][Ee]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0) 112 ${SYSCTL} net.inet6.ip6.no_radr=0 >/dev/null 113 ${SYSCTL} net.inet6.ip6.rfc6204w3=0 >/dev/null 114 ;; 115 *) 116 netoptions_init 117 echo -n " IPv6 CPE WANIF=${ipv6_cpe_wanif}" 118 ${SYSCTL} net.inet6.ip6.no_radr=1 >/dev/null 119 ${SYSCTL} net.inet6.ip6.rfc6204w3=1 >/dev/null 120 ;; 121 esac 122} 123 124load_rc_config $name 125 126# doesn't make sense to run in a svcj: config setting 127netoptions_svcj="NO" 128 129run_rc_command $1 130