#!/bin/sh # # Configure routing and miscellaneous network tunables # # $FreeBSD$ # # PROVIDE: routing # REQUIRE: netif ppp # KEYWORD: nojail . /etc/rc.subr . /etc/network.subr name="routing" start_cmd="routing_start" stop_cmd="routing_stop" extra_commands="options static" static_cmd="static_start" options_cmd="options_start" routing_start() { static_start options_start } routing_stop() { route -n flush } static_start() { case ${defaultrouter} in [Nn][Oo] | '') ;; *) static_routes="default ${static_routes}" route_default="default ${defaultrouter}" ;; esac # Setup static routes. This should be done before router discovery. # if [ -n "${static_routes}" ]; then for i in ${static_routes}; do eval route_args=\$route_${i} route add ${route_args} done fi # Now ATM static routes # if [ -n "${natm_static_routes}" ]; then for i in ${natm_static_routes}; do eval route_args=\$route_${i} atmconfig natm add ${route_args} done fi # Disallow "internal" addresses to appear on the wire if inet6 # is enabled. if afexists inet6; then local fibs i # Get the number of FIBs supported. fibs=`sysctl -n net.fibs` : ${fibs:=1} # disallow "internal" addresses to appear on the wire route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject i=1 if test ${i} -lt ${fibs}; then printf "Also installing reject routes for FIBs" while test ${i} -lt ${fibs}; do setfib -F ${i} route -q add -inet6 \ ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject setfib -F ${i} route -q add -inet6 \ ::0.0.0.0 -prefixlen 96 ::1 -reject printf " %d" ${i} i=$((i + 1)) done printf "\n" fi fi } _ropts_initdone= ropts_init() { if [ -z "${_ropts_initdone}" ]; then echo -n 'Additional routing options:' _ropts_initdone=yes fi } options_start() { case ${icmp_bmcastecho} in [Yy][Ee][Ss]) ropts_init echo -n ' broadcast ping responses=YES' sysctl net.inet.icmp.bmcastecho=1 >/dev/null ;; esac case ${icmp_drop_redirect} in [Yy][Ee][Ss]) ropts_init echo -n ' ignore ICMP redirect=YES' sysctl net.inet.icmp.drop_redirect=1 >/dev/null ;; esac case ${icmp_log_redirect} in [Yy][Ee][Ss]) ropts_init echo -n ' log ICMP redirect=YES' sysctl net.inet.icmp.log_redirect=1 >/dev/null ;; esac case ${gateway_enable} in [Yy][Ee][Ss]) ropts_init echo -n ' IP gateway=YES' sysctl net.inet.ip.forwarding=1 >/dev/null ;; esac case ${forward_sourceroute} in [Yy][Ee][Ss]) ropts_init echo -n ' do source routing=YES' sysctl net.inet.ip.sourceroute=1 >/dev/null ;; esac case ${accept_sourceroute} in [Yy][Ee][Ss]) ropts_init echo -n ' accept source routing=YES' sysctl net.inet.ip.accept_sourceroute=1 >/dev/null ;; esac case ${ipxgateway_enable} in [Yy][Ee][Ss]) ropts_init echo -n ' IPX gateway=YES' sysctl net.ipx.ipx.ipxforwarding=1 >/dev/null ;; esac case ${arpproxy_all} in [Yy][Ee][Ss]) ropts_init echo -n ' ARP proxyall=YES' sysctl net.link.ether.inet.proxyall=1 >/dev/null ;; esac [ -n "${_ropts_initdone}" ] && echo '.' } load_rc_config $name run_rc_command "$1"