# # Copyright (c) 2003 The FreeBSD Project. All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # $FreeBSD$ # # # Subroutines commonly used from network startup scripts. # Requires that rc.conf be loaded first. # # ifn_start ifn # Bring up and configure an interface. If some configuration is applied, # print the interface configuration. # ifn_start() { local ifn cfg ifn="$1" cfg=1 [ -z "$ifn" ] && err 1 "ifn_start called without an interface" ifscript_up ${ifn} && cfg=0 ifconfig_up ${ifn} && cfg=0 ipv4_up ${ifn} && cfg=0 ipx_up ${ifn} && cfg=0 childif_create ${ifn} && cfg=0 return $cfg } # ifn_start ifn # Shutdown and de-configure an interface. If action is taken, print the # interface name. # ifn_stop() { local ifn cfg ifn="$1" cfg=1 [ -z "$ifn" ] && return 1 ipx_down ${ifn} && cfg=0 ipv4_down ${ifn} && cfg=0 ifconfig_down ${ifn} && cfg=0 ifscript_down ${ifn} && cfg=0 childif_destroy ${ifn} && cfg=0 return $cfg } # ifconfig_up if # Evaluate ifconfig(8) arguments for interface $if and # run ifconfig(8) with those arguments. It returns 0 if # arguments were found and executed or 1 if the interface # had no arguments. Pseudo arguments DHCP and WPA are handled # here. # ifconfig_up() { _cfg=1 ifconfig_args=`ifconfig_getargs $1` if [ -n "${ifconfig_args}" ]; then eval ifconfig $1 ${ifconfig_args} ifconfig $1 up _cfg=0 fi if wpaif $1; then /etc/rc.d/wpa_supplicant start $1 _cfg=0 # XXX: not sure this should count fi if dhcpif $1; then if [ $_cfg -ne 0 ] ; then ifconfig $1 up fi if syncdhcpif $1; then /etc/rc.d/dhclient start $1 fi _cfg=0 fi return $_cfg } # ifconfig_down if # returns 1 if wpa_supplicant or dhclient was stopped or # the interface exists. # ifconfig_down() { [ -z "$1" ] && return 1 _cfg=1 if wpaif $1; then /etc/rc.d/wpa_supplicant stop $1 _cfg=0 fi if dhcpif $1; then /etc/rc.d/dhclient stop $1 _cfg=0 fi if ifexists $1; then ifconfig $1 down _cfg=0 fi return $_cfg } # get_if_var if var [default] # Return the value of the pseudo-hash corresponding to $if where # $var is a string containg the sub-string "IF" which will be # replaced with $if after the characters defined in _punct are # replaced with '_'. If the variable is unset, replace it with # $default if given. get_if_var() { if [ $# -ne 2 -a $# -ne 3 ]; then err 3 'USAGE: get_if_var name var [default]' fi _if=$1 _punct=". - / +" for _punct_c in $_punct; do _if=`ltr ${_if} ${_punct_c} '_'` done _var=$2 _default=$3 prefix=${_var%%IF*} suffix=${_var##*IF} eval echo \${${prefix}${_if}${suffix}-${_default}} } # _ifconfig_getargs if # Prints the arguments for the supplied interface to stdout. # Returns 1 if empty. In general, ifconfig_getargs should be used # outside this file. _ifconfig_getargs() { _ifn=$1 if [ -z "$_ifn" ]; then return 1 fi get_if_var $_ifn ifconfig_IF "$ifconfig_DEFAULT" } # ifconfig_getargs if # Takes the result from _ifconfig_getargs and removes pseudo # args such as DHCP and WPA. ifconfig_getargs() { _tmpargs=`_ifconfig_getargs $1` if [ $? -eq 1 ]; then return 1 fi _args= for _arg in $_tmpargs; do case $_arg in [Dd][Hh][Cc][Pp]) ;; [Nn][Oo][Aa][Uu][Tt][Oo]) ;; [Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;; [Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;; [Ww][Pp][Aa]) ;; *) _args="$_args $_arg" ;; esac done echo $_args } # autoif # Returns 0 if the interface should be automatically configured at # boot time and 1 otherwise. autoif() { _tmpargs=`_ifconfig_getargs $1` for _arg in $_tmpargs; do case $_arg in [Nn][Oo][Aa][Uu][Tt][Oo]) return 1 ;; esac done return 0 } # dhcpif if # Returns 0 if the interface is a DHCP interface and 1 otherwise. dhcpif() { _tmpargs=`_ifconfig_getargs $1` for _arg in $_tmpargs; do case $_arg in [Dd][Hh][Cc][Pp]) return 0 ;; [Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) return 0 ;; [Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) return 0 ;; esac done return 1 } # syncdhcpif # Returns 0 if the interface should be configured synchronously and # 1 otherwise. syncdhcpif() { _tmpargs=`_ifconfig_getargs $1` for _arg in $_tmpargs; do case $_arg in [Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) return 1 ;; [Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) return 0 ;; esac done if checkyesno synchronous_dhclient; then return 0 else return 1 fi } # wpaif if # Returns 0 if the interface is a WPA interface and 1 otherwise. wpaif() { _tmpargs=`_ifconfig_getargs $1` for _arg in $_tmpargs; do case $_arg in [Ww][Pp][Aa]) return 0 ;; esac done return 1 } # afexists af # Returns 0 if the address family is enabled in the kernel # 1 otherwise. afexists() { local _af _af=$1 case ${_af} in inet) ${SYSCTL_N} net.inet > /dev/null 2>&1 ;; inet6) ${SYSCTL_N} net.inet6 > /dev/null 2>&1 ;; ipx) ${SYSCTL_N} net.ipx > /dev/null 2>&1 ;; atm) if [ -x /sbin/atmconfig ]; then /sbin/atmconfig diag list > /dev/null 2>&1 else return 1 fi ;; *) err 1 "afexists(): Unsupported address family: $_af" ;; esac } # ipv6if if # Returns 0 if the interface should be configured for IPv6 and # 1 otherwise. ipv6if() { if ! checkyesno ipv6_enable; then return 1 fi case "${ipv6_network_interfaces}" in [Aa][Uu][Tt][Oo]) return 0 ;; ''|[Nn][Oo][Nn][Ee]) return 1 ;; esac for v6if in ${ipv6_network_interfaces}; do if [ "${v6if}" = "${1}" ]; then return 0 fi done return 1 } # ifexists if # Returns 0 if the interface exists and 1 otherwise. ifexists() { ifconfig -n $1 > /dev/null 2>&1 } # ipv4_up if # add IPv4 addresses to the interface $if ipv4_up() { _if=$1 ifalias_up ${_if} ipv4_addrs_common ${_if} alias } # ipv4_down if # remove IPv4 addresses from the interface $if ipv4_down() { _if=$1 _ifs="^" _ret=1 ifexists ${_if} || return 1 inetList="`ifconfig ${_if} | grep 'inet ' | tr "\n" "$_ifs"`" oldifs="$IFS" IFS="$_ifs" for _inet in $inetList ; do # get rid of extraneous line [ -z "$_inet" ] && break _inet=`expr "$_inet" : '.*\(inet \([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}\).*'` IFS="$oldifs" ifconfig ${_if} ${_inet} delete IFS="$_ifs" _ret=0 done IFS="$oldifs" ifalias_down ${_if} && _ret=0 ipv4_addrs_common ${_if} -alias && _ret=0 return $_ret } # ipv4_addrs_common if action # Evaluate the ifconfig_if_ipv4 arguments for interface $if # and use $action to add or remove IPv4 addresses from $if. ipv4_addrs_common() { _ret=1 _if=$1 _action=$2 # get ipv4-addresses cidr_addr=`get_if_var $_if ipv4_addrs_IF` for _cidr in ${cidr_addr}; do _ipaddr=${_cidr%%/*} _netmask="/"${_cidr##*/} _range=${_ipaddr##*.} _ipnet=${_ipaddr%.*} _iplow=${_range%-*} _iphigh=${_range#*-} # clear netmask when removing aliases if [ "${_action}" = "-alias" ]; then _netmask="" fi _ipcount=${_iplow} while [ "${_ipcount}" -le "${_iphigh}" ]; do eval "ifconfig ${_if} ${_action} ${_ipnet}.${_ipcount}${_netmask}" _ipcount=$((${_ipcount}+1)) _ret=0 # only the first ipaddr in a subnet need the real netmask if [ "${_action}" != "-alias" ]; then _netmask="/32" fi done done return $_ret } # ifalias_up if # Configure aliases for network interface $if. # It returns 0 if at least one alias was configured or # 1 if there were none. # ifalias_up() { _ret=1 alias=0 while : ; do ifconfig_args=`get_if_var $1 ifconfig_IF_alias${alias}` if [ -n "${ifconfig_args}" ]; then ifconfig $1 ${ifconfig_args} alias alias=$((${alias} + 1)) _ret=0 else break fi done return $_ret } #ifalias_down if # Remove aliases for network interface $if. # It returns 0 if at least one alias was removed or # 1 if there were none. # ifalias_down() { _ret=1 alias=0 while : ; do ifconfig_args=`get_if_var $1 ifconfig_IF_alias${alias}` if [ -n "${ifconfig_args}" ]; then ifconfig $1 ${ifconfig_args} -alias alias=$((${alias} + 1)) _ret=0 else break fi done return $_ret } # ifscript_up if # Evaluate a startup script for the $if interface. # It returns 0 if a script was found and processed or # 1 if no script was found. # ifscript_up() { if [ -r /etc/start_if.$1 ]; then . /etc/start_if.$1 return 0 fi return 1 } # ifscript_down if # Evaluate a shutdown script for the $if interface. # It returns 0 if a script was found and processed or # 1 if no script was found. # ifscript_down() { if [ -r /etc/stop_if.$1 ]; then . /etc/stop_if.$1 return 0 fi return 1 } # Create cloneable interfaces. # clone_up() { _prefix= _list= for ifn in ${cloned_interfaces}; do ifconfig ${ifn} create `get_if_var ${ifn} create_args_IF` if [ $? -eq 0 ]; then _list="${_list}${_prefix}${ifn}" [ -z "$_prefix" ] && _prefix=' ' fi done debug "Cloned: ${_list}" } # Destroy cloned interfaces. Destroyed interfaces are echoed # to standard output. # clone_down() { _prefix= _list= for ifn in ${cloned_interfaces}; do ifconfig -n ${ifn} destroy if [ $? -eq 0 ]; then _list="${_list}${_prefix}${ifn}" [ -z "$_prefix" ] && _prefix=' ' fi done debug "Destroyed clones: ${_list}" } # Create and configure child interfaces. # Return 0 if child interfaces are created. # childif_create() { local cfg child child_vlans child_wlans create_args debug_flags ifn i cfg=1 ifn=$1 # Create wireless interfaces child_wlans=`get_if_var $ifn wlans_IF` for child in ${child_wlans}; do create_args="wlandev $ifn `get_if_var $child create_args_IF`" debug_flags="`get_if_var $child wlandebug_IF`" if expr $child : 'wlan[0-9][0-9]*$' >/dev/null 2>&1; then ifconfig $child create ${create_args} && cfg=0 if [ -n "${debug_flags}" ]; then wlandebug -i $child ${debug_flags} fi else i=`ifconfig wlan create ${create_args}` if [ -n "${debug_flags}" ]; then wlandebug -i $i ${debug_flags} fi ifconfig $i name $child && cfg=0 fi if autoif $child; then ifn_start $child fi done # Create vlan interfaces child_vlans=`get_if_var $ifn vlans_IF` if [ -n "${child_vlans}" ]; then load_kld if_vlan fi for child in ${child_vlans}; do if expr $child : '[1-9][0-9]*$' >/dev/null 2>&1; then child="${ifn}.${child}" create_args=`get_if_var $child create_args_IF` ifconfig $child create ${create_args} && cfg=0 else create_args="vlandev $ifn `get_if_var $child create_args_IF`" if expr $child : 'vlan[0-9][0-9]*$' >/dev/null 2>&1; then ifconfig $child create ${create_args} && cfg=0 else i=`ifconfig vlan create ${create_args}` ifconfig $i name $child && cfg=0 fi fi if autoif $child; then ifn_start $child fi done return ${cfg} } # Destroy child interfaces. # childif_destroy() { local cfg child child_vlans child_wlans ifn child_wlans=`get_if_var $ifn wlans_IF` for child in ${child_wlans}; do if ! ifexists $child; then continue fi ifconfig -n $child destroy && cfg=0 done child_vlans=`get_if_var $ifn vlans_IF` for child in ${child_vlans}; do if expr $child : '[1-9][0-9]*$' >/dev/null 2>&1; then child="${ifn}.${child}" fi if ! ifexists $child; then continue fi ifconfig -n $child destroy && cfg=0 done return ${cfg} } # Create netgraph nodes. # ng_mkpeer() { ngctl -f - 2> /dev/null </dev/null 2>&1; then ifconfig $i create >/dev/null 2>&1 else gif=`ifconfig gif create` ifconfig $gif name $i fi ifconfig $i tunnel ${peers} ifconfig $i up ;; esac done } # ng_fec_create ifn # Configure Fast EtherChannel for interface $ifn. Returns 0 if FEC # arguments were found and configured; returns !0 otherwise. ng_fec_create() { local req_iface iface bogus req_iface="$1" ngctl shutdown ${req_iface}: > /dev/null 2>&1 bogus="" while true; do iface=`ng_create_one fec dummy fec` if [ -z "${iface}" ]; then exit 2 fi if [ "${iface}" = "${req_iface}" ]; then break fi bogus="${bogus} ${iface}" done for iface in ${bogus}; do ngctl shutdown ${iface}: done } fec_up() { for i in ${fec_interfaces}; do ng_fec_create $i for j in `get_if_var $i fecconfig_IF`; do case ${j} in '') continue ;; *) ngctl msg ${i}: add_iface "\"${j}\"" ;; esac done done } # # ipx_up ifn # Configure any IPX addresses for interface $ifn. Returns 0 if IPX # arguments were found and configured; returns 1 otherwise. # ipx_up() { ifn="$1" ifconfig_args=`get_if_var $ifn ifconfig_IF_ipx` if [ -n "${ifconfig_args}" ]; then ifconfig ${ifn} ${ifconfig_args} return 0 fi return 1 } # ipx_down ifn # Remove IPX addresses for interface $ifn. Returns 0 if IPX # addresses were found and unconfigured. It returns 1, otherwise. # ipx_down() { [ -z "$1" ] && return 1 _ifs="^" _ret=1 ifexists $1 || return 1 ipxList="`ifconfig $1 | grep 'ipx ' | tr "\n" "$_ifs"`" oldifs="$IFS" IFS="$_ifs" for _ipx in $ipxList ; do # get rid of extraneous line [ -z "$_ipx" ] && break _ipx=`expr "$_ipx" : '.*\(ipx [0-9a-h]\{1,8\}H*\.[0-9a-h]\{1,12\}\).*'` IFS="$oldifs" ifconfig $1 ${_ipx} delete IFS="$_ifs" _ret=0 done IFS="$oldifs" return $_ret } # ifnet_rename # Rename all requested interfaces. # ifnet_rename() { _ifn_list="`ifconfig -l`" [ -z "$_ifn_list" ] && return 0 for _if in ${_ifn_list} ; do _ifname=`get_if_var $_if ifconfig_IF_name` if [ ! -z "$_ifname" ]; then ifconfig $_if name $_ifname fi done return 0 } # # list_net_interfaces type # List all network interfaces. The type of interface returned # can be controlled by the type argument. The type # argument can be any of the following: # nodhcp - all interfaces, excluding DHCP configured interfaces # dhcp - list only DHCP configured interfaces # If no argument is specified all network interfaces are output. # Note that the list will include cloned interfaces if applicable. # Cloned interfaces must already exist to have a chance to appear # in the list if ${network_interfaces} is set to `auto'. # list_net_interfaces() { type=$1 # Get a list of ALL the interfaces and make lo0 first if it's there. # case ${network_interfaces} in [Aa][Uu][Tt][Oo]) _prefix='' _autolist="`ifconfig -l`" _lo= for _if in ${_autolist} ; do if autoif $_if; then if [ "$_if" = "lo0" ]; then _lo="lo0 " else _tmplist="${_tmplist}${_prefix}${_if}" [ -z "$_prefix" ] && _prefix=' ' fi fi done _tmplist="${_lo}${_tmplist}" ;; *) _tmplist="${network_interfaces} ${cloned_interfaces}" # lo0 is effectively mandatory, so help prevent foot-shooting # case "$_tmplist" in lo0|'lo0 '*|*' lo0'|*' lo0 '*) ;; # This is fine, do nothing *) _tmplist="lo0 ${_tmplist}" ;; esac ;; esac if [ -z "$type" ]; then echo $_tmplist return 0 fi # Separate out dhcp and non-dhcp interfaces # _aprefix= _bprefix= for _if in ${_tmplist} ; do if dhcpif $_if; then _dhcplist="${_dhcplist}${_aprefix}${_if}" [ -z "$_aprefix" ] && _aprefix=' ' elif [ -n "`_ifconfig_getargs $_if`" ]; then _nodhcplist="${_nodhcplist}${_bprefix}${_if}" [ -z "$_bprefix" ] && _bprefix=' ' fi done case "$type" in nodhcp) echo $_nodhcplist ;; dhcp) echo $_dhcplist ;; esac return 0 } # get_default_if -address_family # Get the interface of the default route for the given address family. # The -address_family argument must be suitable passing to route(8). # get_default_if() { routeget="`route -n get $1 default 2>/dev/null`" oldifs="$IFS" IFS=" " defif= for line in $routeget ; do case $line in *interface:*) defif=${line##*: } ;; esac done IFS=${oldifs} echo $defif } hexdigit() { if [ $1 -lt 10 ]; then echo $1 else case $1 in 10) echo a ;; 11) echo b ;; 12) echo c ;; 13) echo d ;; 14) echo e ;; 15) echo f ;; esac fi } hexprint() { val=$1 str='' dig=`hexdigit $((${val} & 15))` str=${dig}${str} val=$((${val} >> 4)) while [ ${val} -gt 0 ]; do dig=`hexdigit $((${val} & 15))` str=${dig}${str} val=$((${val} >> 4)) done echo ${str} } is_wired_interface() { local media case `ifconfig $1 2>/dev/null` in *media:?Ethernet*) media=Ethernet ;; esac test "$media" = "Ethernet" } # Setup the interfaces for IPv6 network6_interface_setup() { interfaces=$* rtsol_interfaces='' case ${ipv6_gateway_enable} in [Yy][Ee][Ss]) rtsol_available=no ;; *) rtsol_available=yes ;; esac for i in $interfaces; do rtsol_interface=yes prefix=`get_if_var $i ipv6_prefix_IF` if [ -n "${prefix}" ]; then rtsol_available=no rtsol_interface=no laddr=`network6_getladdr $i` hostid=`expr "${laddr}" : 'fe80::\(.*\)%\(.*\)'` for j in ${prefix}; do address=$j\:${hostid} ifconfig $i inet6 ${address} prefixlen 64 alias case ${ipv6_gateway_enable} in [Yy][Ee][Ss]) # subnet-router anycast address # (rfc2373) ifconfig $i inet6 $j:: prefixlen 64 \ alias anycast ;; esac done fi ipv6_ifconfig=`get_if_var $i ipv6_ifconfig_IF` if [ -n "${ipv6_ifconfig}" ]; then rtsol_available=no rtsol_interface=no ifconfig $i inet6 ${ipv6_ifconfig} alias fi # Wireless NIC cards are virtualized through the wlan interface if ! is_wired_interface ${i}; then case "${i}" in wlan*) rtsol_interface=yes ;; *) rtsol_interface=no ;; esac fi if [ ${rtsol_available} = yes -a ${rtsol_interface} = yes ] then case ${i} in lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*|pflog[0-9]*|pfsync[0-9]*) ;; *) rtsol_interfaces="${rtsol_interfaces} ${i}" ;; esac else ifconfig $i inet6 fi done if [ ${rtsol_available} = yes -a -n "${rtsol_interfaces}" ]; then # Act as endhost - automatically configured. # You can configure only single interface, as # specification assumes that autoconfigured host has # single interface only. sysctl net.inet6.ip6.accept_rtadv=1 set ${rtsol_interfaces} ifconfig $1 up if ! checkyesno rtsold_enable; then rtsol ${rtsol_flags} $1 fi fi for i in $interfaces; do alias=0 while : ; do ipv6_ifconfig=`get_if_var $i ipv6_ifconfig_IF_alias${alias}` if [ -z "${ipv6_ifconfig}" ]; then break; fi ifconfig $i inet6 ${ipv6_ifconfig} alias alias=$((${alias} + 1)) done done } # Setup IPv6 to IPv4 mapping network6_stf_setup() { case ${stf_interface_ipv4addr} in [Nn][Oo] | '') ;; *) # assign IPv6 addr and interface route for 6to4 interface stf_prefixlen=$((16+${stf_interface_ipv4plen:-0})) OIFS="$IFS" IFS=".$IFS" set ${stf_interface_ipv4addr} IFS="$OIFS" hexfrag1=`hexprint $(($1*256 + $2))` hexfrag2=`hexprint $(($3*256 + $4))` ipv4_in_hexformat="${hexfrag1}:${hexfrag2}" case ${stf_interface_ipv6_ifid} in [Aa][Uu][Tt][Oo] | '') for i in ${ipv6_network_interfaces}; do laddr=`network6_getladdr ${i}` case ${laddr} in '') ;; *) break ;; esac done stf_interface_ipv6_ifid=`expr "${laddr}" : \ 'fe80::\(.*\)%\(.*\)'` case ${stf_interface_ipv6_ifid} in '') stf_interface_ipv6_ifid=0:0:0:1 ;; esac ;; esac ifconfig stf0 create >/dev/null 2>&1 ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \ prefixlen ${stf_prefixlen} # disallow packets to malicious 6to4 prefix route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject ;; esac } # Setup static routes network6_static_routes_setup() { # Set up any static routes. case ${ipv6_defaultrouter} in [Nn][Oo] | '') ;; *) ipv6_static_routes="default ${ipv6_static_routes}" ipv6_route_default="default ${ipv6_defaultrouter}" ;; esac case ${ipv6_static_routes} in [Nn][Oo] | '') ;; *) for i in ${ipv6_static_routes}; do ipv6_route_args=`get_if_var $i ipv6_route_IF` route add -inet6 ${ipv6_route_args} done ;; esac } # Setup faith network6_faith_setup() { case ${ipv6_faith_prefix} in [Nn][Oo] | '') ;; *) sysctl net.inet6.ip6.keepfaith=1 ifconfig faith0 create >/dev/null 2>&1 ifconfig faith0 up for prefix in ${ipv6_faith_prefix}; do prefixlen=`expr "${prefix}" : ".*/\(.*\)"` case ${prefixlen} in '') prefixlen=96 ;; *) prefix=`expr "${prefix}" : \ "\(.*\)/${prefixlen}"` ;; esac route add -inet6 ${prefix} -prefixlen ${prefixlen} ::1 route change -inet6 ${prefix} -prefixlen ${prefixlen} \ -ifp faith0 done ;; esac } # Install the "default interface" to kernel, which will be used # as the default route when there's no router. network6_default_interface_setup() { # Choose IPv6 default interface if it is not clearly specified. case ${ipv6_default_interface} in '') for i in ${ipv6_network_interfaces}; do case $i in lo0|faith[0-9]*) continue ;; esac laddr=`network6_getladdr $i exclude_tentative` case ${laddr} in '') ;; *) ipv6_default_interface=$i break ;; esac done ;; esac # Get the number of FIBs supported. fibs=`sysctl -n net.fibs` : ${fibs:=1} # Disallow unicast packets without outgoing scope identifiers, # or route such packets to a "default" interface, if it is specified. route add -inet6 fe80:: -prefixlen 10 ::1 -reject case ${ipv6_default_interface} in [Nn][Oo] | '') route add -inet6 ff02:: -prefixlen 16 ::1 -reject i=1 if test ${i} -lt ${fibs}; then printf "Also installing reject routes for FIBs" while test ${i} -lt ${fibs}; do setfib -F ${i} route add -inet6 \ ff02:: -prefixlen 16 ::1 -reject printf " %d" ${i} i=$((i + 1)) done printf "\n" fi ;; *) laddr=`network6_getladdr ${ipv6_default_interface}` # Only add the laddr route to the default FIB and a reject # route to all others. route add -inet6 ff02:: ${laddr} -prefixlen 16 -interface i=1 if test ${i} -lt ${fibs}; then printf "Also installing reject routes for FIBs" while test ${i} -lt ${fibs}; do setfib -F ${i} route add -inet6 \ ff02:: -prefixlen 16 ::1 -reject printf " %d" ${i} i=$((i + 1)) done printf "\n" fi # Disable installing the default interface with the # case net.inet6.ip6.forwarding=0 and # net.inet6.ip6.accept_rtadv=0, due to avoid conflict # between the default router list and the manual # configured default route. case ${ipv6_gateway_enable} in [Yy][Ee][Ss]) ;; *) if [ `sysctl -n net.inet6.ip6.accept_rtadv` -eq 1 ] then ndp -I ${ipv6_default_interface} fi ;; esac ;; esac } network6_getladdr() { ifconfig $1 2>/dev/null | while read proto addr rest; do case ${proto} in inet6) case ${addr} in fe80::*) if [ -z "$2" ]; then echo ${addr} return fi case ${rest} in *tentative*) continue ;; *) echo ${addr} return esac esac esac done }