etc/rc.d/stf

   1 #!/bin/sh
   2 # $FreeBSD$
   3 #
   4
   5 # PROVIDE: stf
   6 # REQUIRE: netif
   7 # KEYWORD: nojail
   8
   9 . /etc/rc.subr
  10 . /etc/network.subr
  11
  12 name="stf"
  13 desc="6to4 tunnel interface"
  14 start_cmd="stf_up"
  15 stop_cmd="stf_down"
  16
  17 stf_up()
  18 {
  19         case ${stf_interface_ipv4addr} in
  20         [Nn][Oo] | '')
  21                 ;;
  22         *)
  23                 # assign IPv6 addr and interface route for 6to4 interface
  24                 stf_prefixlen=$((16+${stf_interface_ipv4plen:-0}))
  25                 OIFS="$IFS"
  26                 IFS=".$IFS"
  27                 set ${stf_interface_ipv4addr}
  28                 IFS="$OIFS"
  29                 hexfrag1=`hexprint $(($1*256 + $2))`
  30                 hexfrag2=`hexprint $(($3*256 + $4))`
  31                 ipv4_in_hexformat="${hexfrag1}:${hexfrag2}"
  32                 case ${stf_interface_ipv6_ifid} in
  33                 [Aa][Uu][Tt][Oo] | '')
  34                         for i in ${ipv6_network_interfaces}; do
  35                                 laddr=`network6_getladdr ${i}`
  36                                 case ${laddr} in
  37                                 '')
  38                                         ;;
  39                                 *)
  40                                         break
  41                                         ;;
  42                                 esac
  43                         done
  44                         stf_interface_ipv6_ifid=`expr "${laddr}" : \
  45                                                       'fe80::\(.*\)%\(.*\)'`
  46                         case ${stf_interface_ipv6_ifid} in
  47                         '')
  48                                 stf_interface_ipv6_ifid=0:0:0:1
  49                                 ;;
  50                         esac
  51                         ;;
  52                 esac
  53                 echo "Configuring 6to4 tunnel interface: stf0."
  54                 ifconfig stf0 create >/dev/null 2>&1
  55                 ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \
  56                         prefixlen ${stf_prefixlen}
  57                 check_startmsgs && /sbin/ifconfig stf0
  58
  59                 # disallow packets to malicious 6to4 prefix
  60                 route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
  61                 route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject
  62                 route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject
  63                 route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject
  64                 ;;
  65         esac
  66 }
  67
  68 stf_down()
  69 {
  70         echo "Removing 6to4 tunnel interface: stf0."
  71         ifconfig stf0 destroy
  72         route delete -inet6 2002:e000:: -prefixlen 20 ::1
  73         route delete -inet6 2002:7f00:: -prefixlen 24 ::1
  74         route delete -inet6 2002:0000:: -prefixlen 24 ::1
  75         route delete -inet6 2002:ff00:: -prefixlen 24 ::1
  76 }
  77
  78 load_rc_config $name
  79 run_rc_command "$1"