etc/rc.d/stf

   1 #!/bin/sh
   2 # $FreeBSD$
   3 #
   4
   5 # PROVIDE: stf
   6 # REQUIRE: netif
   7 # KEYWORD: nojail
   8
   9 . /etc/rc.subr
  10 . /etc/network.subr
  11
  12 name="stf"
  13 start_cmd="stf_up"
  14 stop_cmd="stf_down"
  15
  16 stf_up()
  17 {
  18         case ${stf_interface_ipv4addr} in
  19         [Nn][Oo] | '')
  20                 ;;
  21         *)
  22                 # assign IPv6 addr and interface route for 6to4 interface
  23                 stf_prefixlen=$((16+${stf_interface_ipv4plen:-0}))
  24                 OIFS="$IFS"
  25                 IFS=".$IFS"
  26                 set ${stf_interface_ipv4addr}
  27                 IFS="$OIFS"
  28                 hexfrag1=`hexprint $(($1*256 + $2))`
  29                 hexfrag2=`hexprint $(($3*256 + $4))`
  30                 ipv4_in_hexformat="${hexfrag1}:${hexfrag2}"
  31                 case ${stf_interface_ipv6_ifid} in
  32                 [Aa][Uu][Tt][Oo] | '')
  33                         for i in ${ipv6_network_interfaces}; do
  34                                 laddr=`network6_getladdr ${i}`
  35                                 case ${laddr} in
  36                                 '')
  37                                         ;;
  38                                 *)
  39                                         break
  40                                         ;;
  41                                 esac
  42                         done
  43                         stf_interface_ipv6_ifid=`expr "${laddr}" : \
  44                                                       'fe80::\(.*\)%\(.*\)'`
  45                         case ${stf_interface_ipv6_ifid} in
  46                         '')
  47                                 stf_interface_ipv6_ifid=0:0:0:1
  48                                 ;;
  49                         esac
  50                         ;;
  51                 esac
  52                 echo "Configuring 6to4 tunnel interface: stf0."
  53                 ifconfig stf0 create >/dev/null 2>&1
  54                 ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \
  55                         prefixlen ${stf_prefixlen}
  56                 check_startmsgs && /sbin/ifconfig stf0
  57
  58                 # disallow packets to malicious 6to4 prefix
  59                 route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
  60                 route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject
  61                 route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject
  62                 route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject
  63                 ;;
  64         esac
  65 }
  66
  67 stf_down()
  68 {
  69         echo "Removing 6to4 tunnel interface: stf0."
  70         ifconfig stf0 destroy
  71         route delete -inet6 2002:e000:: -prefixlen 20 ::1
  72         route delete -inet6 2002:7f00:: -prefixlen 24 ::1
  73         route delete -inet6 2002:0000:: -prefixlen 24 ::1
  74         route delete -inet6 2002:ff00:: -prefixlen 24 ::1
  75 }
  76
  77 load_rc_config $name
  78 run_rc_command "$1"