etc/rc.network6

   1 #! /bin/sh
   2 # $FreeBSD$
   3
   4 # Note that almost all of the user-configurable behavior is no longer in
   5 # this file, but rather in /etc/defaults/rc.conf.  Please check that file
   6 # first before contemplating any changes here.  If you do need to change
   7 # this file for some reason, we would like to know about it.
   8
   9 # IPv6 startup
  10
  11 network6_pass1() {
  12         echo -n 'Doing IPv6 network setup:'
  13
  14         case ${ipv6_gateway_enable} in
  15         [Yy][Ee][Ss])
  16                 #
  17                 # list of interfaces, and prefix for interfaces
  18                 #
  19                 case ${ipv6_network_interfaces} in
  20                 [Aa][Uu][Tt][Oo])
  21                         ipv6_network_interfaces="`ifconfig -l`"
  22                         ;;
  23                 esac
  24                 ;;
  25         *)
  26                 #
  27                 # manual configurations - in case ip6_gateway_enable=NO
  28                 # you can configure only single interface,
  29                 # as specification assumes that
  30                 # autoconfigured host has single interface only.
  31                 #
  32                 case ${ipv6_network_interfaces} in
  33                 [Aa][Uu][Tt][Oo])
  34                         ipv6_network_interfaces="`ifconfig -l \
  35                                 | sed -e 's/ .*//'`"
  36                         ;;
  37                 esac
  38                 ;;
  39         esac
  40
  41         # just to make sure
  42         ifconfig lo0 up
  43
  44         # disallow "internal" addresses to appear on the wire
  45         route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
  46         route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
  47
  48         case ${ipv6_gateway_enable} in
  49         [Yy][Ee][Ss])
  50                 # act as a router
  51                 sysctl -w net.inet6.ip6.forwarding=1
  52                 sysctl -w net.inet6.ip6.accept_rtadv=0
  53
  54                 # wait for DAD
  55                 for i in $ipv6_network_interfaces; do
  56                         ifconfig $i up
  57                 done
  58                 sleep `sysctl net.inet6.ip6.dad_count | awk '{print $NF}'`
  59                 sleep 1
  60
  61                 # setting up interfaces
  62                 for i in $ipv6_network_interfaces; do
  63                         eval prefix=\$ipv6_prefix_$i
  64                         case ${prefix} in
  65                         '')
  66                                 continue;
  67                                 ;;
  68                         esac
  69                         for j in ${prefix}; do
  70                                 case ${prefixcmd_enable} in
  71                                 [Yy][Ee][Ss])
  72                                         prefix $i $j::
  73                                         ;;
  74                                 *)
  75                                         laddr=`ifconfig $i inet6 \
  76                                                 | grep 'inet6 fe80:' \
  77                                                 | head -1 | awk '{print $2}'`
  78                                         hostid=`echo ${laddr} | sed \
  79                                             -e 's/fe80:[0-9a-fA-F]+::/fe80::/' \
  80                                             -e 's/fe80:://' -e 's/@.*//'`
  81                                         address=$j\:${hostid}
  82
  83                                         eval hostid_$i=${hostid}
  84                                         eval address_$i=${address}
  85
  86                                         ifconfig $i inet6 ${address} \
  87                                                 prefixlen 64 alias
  88                                         ;;
  89                                 esac
  90
  91                                 # subnet-router anycast address (rfc2373)
  92                                 ifconfig $i inet6 $j:: prefixlen 64 \
  93                                         alias anycast
  94                         done
  95
  96                         ifconfig $i inet6
  97                 done
  98
  99                 # again, wait for DAD's completion (for global addrs)
 100                 sleep `sysctl net.inet6.ip6.dad_count | awk '{print $NF}'`
 101                 sleep 1
 102
 103                 # gifconfig
 104                 network6_gif_setup
 105
 106                 # install the "default interface" to kernel, which will be used
 107                 # as the default route when there's no router.
 108                 network6_default_interface_setup
 109
 110                 # ipv6_router
 111                 case ${ipv6_router_enable} in
 112                 [Yy][Ee][Ss])
 113                         if [ -x ${ipv6_router} ]; then
 114                                 echo -n " ${ipv6_router}"
 115                                 ${ipv6_router} ${ipv6_router_flags}
 116                         fi
 117                         ;;
 118                 esac
 119
 120                 # rtadvd
 121                 # This should enabled with a great care.
 122                 # You may want to fine-tune /etc/rtadvd.conf.
 123                 #
 124                 # And if you wish your rtadvd to receive and process
 125                 # router renumbering messages, specify your Router Renumbering
 126                 # security policy by -P option.
 127                 #
 128                 # See `man 3 ipsec_set_policy` for IPsec policy specification
 129                 # details.
 130                 # (CAUTION: This enables your routers prefix renumbering
 131                 # from another machine, so if you enable this, do it with
 132                 # enough care.)
 133                 #
 134                 case ${rtadvd_enable} in
 135                 [Yy][Ee][Ss])
 136                         # default
 137                         rtadvd ${ipv6_network_interfaces}
 138                         #
 139                         # Enable Router Renumbering, unicast case
 140                         # (use correct src/dst addr)
 141                         # rtadvd -P "in ipsec ah/transport/fec0:0:0:1::1-fec0:0:0:10::1/require" \
 142                                 ${ipv6_network_interfaces}
 143                         # Enable Router Renumbering, multicast case
 144                         # (use correct src addr)
 145                         # rtadvd -P "in ipsec ah/transport/ff05::2-fec0:0:0:10::1/require" \
 146                                 ${ipv6_network_interfaces}
 147                         ;;
 148                 esac
 149
 150                 # mroute6d
 151                 case ${mroute6d_enable} in
 152                 [Yy][Ee][Ss])
 153                         if [ -x ${mroute6d_program} ]; then
 154                                 echo -n " ${mroute6d_program}"
 155                                 ${mroute6d_program} ${mroute6d_flags}
 156                         fi
 157                         ;;
 158                 esac
 159                 ;;
 160         *)
 161                 # act as endhost - automatically configured
 162                 sysctl -w net.inet6.ip6.forwarding=0
 163                 sysctl -w net.inet6.ip6.accept_rtadv=1
 164
 165                 ifconfig ${ipv6_network_interfaces} up
 166                 rtsol ${ipv6_network_interfaces}
 167
 168
 169
 170                 # wait for DAD's completion (for global addrs)
 171                 sleep `sysctl net.inet6.ip6.dad_count | awk '{print $NF}'`
 172                 sleep 1
 173
 174                 # gifconfig
 175                 network6_gif_setup
 176
 177                 # install the "default interface" to kernel, which will be used
 178                 # as the default route when there's no router.
 179                 # ndp -I ${ipv6_default_interface}
 180                 network6_default_interface_setup
 181                 ;;
 182         esac
 183
 184         echo '.'
 185
 186         # Let future generations know we made it.
 187         #
 188         network6_pass1_done=YES
 189 }
 190
 191 network6_gif_setup() {
 192         case ${gif_interfaces} in
 193         [Nn][Oo] | '')
 194                 ;;
 195         *)
 196                 for i in ${gif_interfaces}; do
 197                         eval peers=\$gifconfig_$i
 198                         case ${peers} in
 199                         '')
 200                                 continue
 201                                 ;;
 202                         *)
 203                                 gifconfig $i ${peers}
 204                                 ;;
 205                         esac
 206                 done
 207                 ;;
 208         esac
 209 }
 210
 211 network6_default_interface_setup() {
 212         # Choose IPv6 default interface if it is not clearly specified.
 213         case ${ipv6_default_interface} in
 214         '')
 215                 for i in ${ipv6_network_interfaces}; do
 216                         laddr=`ifconfig $i inet6 | grep 'inet6 fe80:' | \
 217                                 head -1 | grep -v tentative`
 218                         case ${laddr} in
 219                         '')
 220                                 ;;
 221                         *)
 222                                 ipv6_default_interface=$i
 223                                 break
 224                                 ;;
 225                         esac
 226                 done
 227                 ;;
 228         esac
 229
 230         # Disallow unicast packets without outgoing scope identifiers,
 231         # or route such packets to a "default" interface, if it is specified.
 232         case ${ipv6_default_interface} in
 233         '')
 234                 route add -inet6 fe80:: -prefixlen 10 ::1 -reject
 235                 route add -inet6 ff02:: -prefixlen 16 ::1 -reject
 236                 ;;
 237         *)
 238                 laddr=`ifconfig ${ipv6_default_interface} inet6 \
 239                         | grep 'inet6 fe80:' | head -1 | awk '{print $2}'`
 240                 route add -inet6 fe80:: ${laddr} -prefixlen 10 -interface \
 241                         -cloning
 242                 route add -inet6 ff02:: ${laddr} -prefixlen 16 -interface \
 243                         -cloning
 244                 ;;
 245         esac
 246 }