Commit Graph

220 Commits

Author SHA1 Message Date
Hiroki Sato
d4358e709f - Add an warning when ifconfig_IF_ipv6 has no inet6 keyword in front
of an IPv6 address. (r225489)

- Use eval for ${ifconfig_args} to fix an issue fixed in r223506. (r225489)

Approved by:	re (bz)
2011-09-13 00:09:47 +00:00
Hiroki Sato
049087a0f3 Add $ipv6_cpe_wanif to enable functionality required for IPv6 CPE
(r225485).  When setting an interface name to it, the following
configurations will be enabled:

 1. "no_radr" is set to all IPv6 interfaces automatically.

 2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif.  This is
    done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this
    means you can manually supersede this configuration if necessary).

 3. The node will add RA-sending routers to the default router list
    even if net.inet6.ip6.forwarding=1.

This mode is added to conform to RFC 6204 (a router which connects
the end-user network to a service provider network).  To enable
packet forwarding, you still need to set ipv6_gateway_enable=YES.

Note that accepting router entries into the default router list when
packet forwarding capability and a routing daemon are enabled can
result in messing up the routing table.  To minimize such unexpected
behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.

Approved by:	re (bz)
2011-09-13 00:06:11 +00:00
Sergey Kandaurov
f253603f0c Add support for string values with white spaces for ifconfig(8)
parameters accepting them (such as description, group).

Changes discussed on freebsd-rc.

PR:		conf/156675
Reported by:	"Alexander V. Chernikov" <melifaro att ipfw ru>
Suggested by:	hrs
Analyzed with:	Alexander V. Chernikov via IRC
MFC after:	2 weeks
2011-06-24 14:56:38 +00:00
Hiroki Sato
d3ae0231fe Add a helper function to check kern.features.* sysctls.
Discussed with:	dougb
2011-06-11 21:40:37 +00:00
Hiroki Sato
746b269075 Do not mark lo0 as IFDISABLED even if there is no $ifconfig_lo0_ipv6 line. 2011-06-06 11:36:10 +00:00
Hiroki Sato
73dda0356d Remove "ifconfig IF inet6 -accept_rtadv" when ipv6_gateway_enable=YES because
this is no longer needed.
2011-06-06 03:37:33 +00:00
Bjoern A. Zeeb
1dd53eaea3 No logner set an IPv4 loopback address by default in defaults/rc.conf.
If not specified, network.subr will add it automatically if we have
INET support (1).

In network.subr only call the address family up/down functions
if the respective AF is available.

Switch to new kern.features variables for inet and inet6 as the
inet sysctl tree is also available for IPv6-only kernels leading
to unexpected results.

Suggested by:	hrs (1)
Reviewed by:	hrs
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	20 days
2011-05-31 00:25:52 +00:00
Jilles Tjoelker
b1865d5303 network.subr: Use printf(1) builtin for hexprint function.
Now that printf(1) is a shell builtin, there is no need to emulate it
anymore. The external printf(1) is /usr/bin/printf and therefore may not be
available in early boot.

It may be faster to use printf directly but the function is useful for
compatibility.
2011-05-14 12:22:58 +00:00
Hiroki Sato
d3a8a8b9fa Split $ipv6_prefer into $ip6addrctl_policy and $ipv6_activate_all_interfaces.
The $ip6addrctl_policy is a variable to choose a pre-defined address
selection policy set by ip6addrctl(8).
The keyword "ipv4_prefer" sets IPv4-preferred one described in Section 10.3,
the keyword "ipv6_prefer" sets IPv6-preferred one in Section 2.1 in RFC 3484,
respectively.  When "AUTO" is specified, it attempts to read
/etc/ip6addrctl.conf first.  If it is found, it reads and installs it as
a policy table.  If not, either of the two pre-defined policy tables is
chosen automatically according to $ipv6_activate_all_interfaces.

When $ipv6_activate_all_interfaces=NO, interfaces which have no corresponding
$ifconfig_IF_ipv6 is marked as IFDISABLED for security reason.

The default values are ip6addrctl_policy=AUTO and
ipv6_activate_all_interfaces=NO.

Discussed with:	ume and bz
2010-09-13 19:55:40 +00:00
Hiroki Sato
95f15c1589 Localize $_punct_c in get_if_var() and whitespace clean-ups.
Based on:	changes in r206408 by dougb
2010-09-13 19:53:54 +00:00
Hiroki Sato
fa3b84643a - Check some specific IFs first in ipv6_autoconfif().
- $ipv6_enable supports YES|TRUE|ON|1 as in checkyesno().

Based on:	changes in r206408 by dougb
2010-09-13 19:53:22 +00:00
Hiroki Sato
e5481092bb Fix $ipv6_network_interfaces and set it as AUTO by default.
Based on:	changes in r206408 by dougb
2010-09-13 19:52:04 +00:00
Hiroki Sato
c5ad71aff5 Revert changes in r206408.
Discussed with:	dougb, core.5, and core.6
2010-09-13 19:51:15 +00:00
John Baldwin
4d84f49da4 Prevent unloading a kld for a driver that has subinterfaces (vlan and/or
wlan interfaces) from being automatically reloaded via devd shutdown
event handlers.
- Revert part of my previous changes to call ifn_stop on subinterfaces
  when an interface is detached.  It is better to destroy the interfaces
  first so that an 'ifconfig foo0.blah down' doesn't result in ifconfig
  auto-loading if_foo.ko.  The ifconfig command will not be invoked if
  foo0.blah is gone when ifn_stop() is called.  Furthermore, it is not
  necessary to explicitly invoke ifn_stop() after the subinterface is
  destroyed as devd will already do that.
- Pass -n to ifconfig when destroying interfaces so that destroying a
  cloned interface does not kldload any drivers.

Reviewed by:	dougb
MFC after:	4 days
2010-05-17 19:51:34 +00:00
Doug Barton
2557f5bf0a Remove trailing white space. No functional changes. 2010-05-14 04:53:57 +00:00
Doug Barton
fd73ccb143 Make address assignment via ipv6_prefix_IF work again 2010-05-04 01:46:58 +00:00
Doug Barton
8aa4c57946 Improve the handling of IPv6 configuration in rc.d. The ipv6_enable
and ipv6_ifconfig_<interface> options have already been deprecated,
these changes do not alter that.

With these changes any value set for ipv6_enable will emit a
warning. In order to avoid a POLA violation for the deprecation
of the option ipv6_enable=NO will still disable configuration
for all interfaces other than lo0. ipv6_enable=YES will not have
any effect, but will emit an additional warning. Support and
warnings for this option will be removed in FreeBSD 10.x.

Consistent with the current code, in order for IPv6 to be configured
on an interface (other than lo0) an ifconfig_<interface>_ipv6
option will have to be added to /etc/rc.conf[.local].

1. Clean up and minor optimizations for the following functions:
ifconfig_up (the ipv6 elements)
ipv6if
ipv6_autoconfif
get_if_var
_ifconfig_getargs
The cleanups generally were to move the "easy" tests earlier in the
functions, and consolidate duplicate code.

2. Stop overloading ipv6_prefer with the ability to disable IPv6
configuration.

3. Remove noafif() which was only ever called from ipv6_autoconfif.
Instead, simplify and integrate the tests into that function, and
convert the test to use is_wired_interface() instead of listing
wireless interfaces explicitly.

4. Integrate backwards compatibility for ipv6_ifconfig_<interface>
into _ifconfig_getargs. This dramatically simplifies the code in
all of the callers, and avoids a lot of other code duplication.

5. In rc.d/netoptions, add code for an ipv6_privacy option to use
RFC 4193 style pseudo-random addresses (this is what windows does
by default, FYI).

6. Add support for the [NO]RTADV options in ifconfig_getargs() and
ipv6_autoconfif(). In the latter, include support for the explicit
addition of [-]accept_rtadv in ifconfig_<interface>_ipv6 as is done
in the current code.

7. In rc.d/netif add a warning if $ipv6_enable is set, and remove
the set_rcvar_obsolete for it. Also remove the latter from
rc.d/ip6addrctl.

8. In /etc/defaults/rc.conf:

Add an example for RTADV configuration.

Set ipv6_network_interfaces to AUTO.

Switch ipv6_prefer to YES. If ipv6_enable is not set this will have
no effect.

Add a default for ipv6_privacy (NO).

9. Document all of this in rc.conf.5.
2010-04-09 01:35:09 +00:00
Hajimu UMEMOTO
e60d067996 Add rc.d script for the rtsold(8) daemon.
The rtsol(8) handles just one RA then exit.  So, the OtherConfig flag
may not be handled well by rtsol(8) in the environment where there are
multiple RA servers on the segment.  In such case, rtsold(8) will be
your friend.

Reviewed by:	hrs
MFC after:	2 weeks
2010-02-03 16:18:42 +00:00
John Baldwin
f50c094638 Remove a trailing reference to the obsolete vaps_<IF> variable.
Reviewed by:	brooks
MFC after:	3 days
2009-12-29 21:06:49 +00:00
John Baldwin
9557a45059 Add support for configuring vlan(4) interfaces as child devices similar to
wlan(4) interfaces.  vlan(4) interfaces are listed via a new 'vlans_<IF>'
variable.  If a vlan interface is a number, then that number is treated as
the vlan tag for the interface and the interface will be named '<IF>.<tag>'.
Otherwise, the vlan tag must be provided via a vlan parameter in a
'create_args_<vlan>' variable.

While I'm here, fix a few nits in rc.conf(5) and mention create_args_<IF> in
the description of cloned_interfaces.

Reviewed by:	brooks
MFC after:	2 weeks
2009-12-29 21:03:36 +00:00
Hiroki Sato
b558571de6 - Add AF_IPX and AF_NATM to afexists().
- Add afexists() check to address family specific rc.d scripts.  A
  script for an AF will be silently ignored if the kernel has no
  support for the AF.
2009-10-02 02:24:25 +00:00
Hiroki Sato
2e77c5abfb Fix several logic bugs in the previous IPv6 variable change and
re-add $ipv6_enable support for backward compatibility.  From
UPDATING:

 1. To use IPv6, simply define $ifconfig_IF_ipv6 like $ifconfig_IF
    for IPv4.  For aliases, $ifconfig_IF_aliasN should be used.
    Note that both variables need the "inet6" keyword at the head.

    Do not set $ipv6_network_interfaces manually if you do not
    understand what you are doing.  It is not needed in most cases.

    $ipv6_ifconfig_IF and $ipv6_ifconfig_IF_aliasN still work, but
    they are obsolete.

 2. $ipv6_enable is obsolete.  Use $ipv6_prefer and/or
    "inet6 accept_rtadv" keyword in ifconfig(8) instead.

    If you define $ipv6_enable=YES, it means $ipv6_prefer=YES and
    all configured interfaces have "inet6 accept_rtadv" in the
    $ifconfig_IF_ipv6.  These are for backward compatibility.

 3. A new variable $ipv6_prefer has been added.  If NO, IPv6
    functionality of interfaces with no corresponding
    $ifconfig_IF_ipv6 is disabled by using "inet6 ifdisabled" flag,
    and the default address selection policy of ip6addrctl(8)
    is the IPv4-preferred one (see rc.d/ip6addrctl for more details).
    Note that if you want to configure IPv6 functionality on the
    disabled interfaces after boot, first you need to clear the flag by
    using ifconfig(8) like:

         ifconfig em0 inet6 -ifdisabled

    If YES, the default address selection policy is set as
    IPv6-preferred.

    The default value of $ipv6_prefer is NO.

 4. If your system need to receive Router Advertisement messages,
    define "inet6 accept_rtadv" in $ifconfig_IF_ipv6.  The rc(8)
    scripts automatically invoke rtsol(8) when the interface becomes
    UP.  The Router Advertisement messages are used for SLAAC
    (State-Less Address AutoConfiguration).
2009-09-26 18:59:00 +00:00
Hiroki Sato
66ed47241a Add missing comments and whitespace clean-ups. 2009-09-12 23:01:36 +00:00
Hiroki Sato
5d595cb88e Integrate rc.d/network_ipv6 into rc.d/netif:
- Add rc.d/stf and rc.d/faith for stf(4) and faith(4).
- Remove rc.d/auto_linklocal and rc.d/network_ipv6.
- Move rc.d/sysctl to just before FILESYSTEMS because rc.d/netif
  depends on some sysctl variables.

Reviewed by:	brooks
MFC after:	3 days
2009-09-12 22:13:41 +00:00
Doug Barton
d1321a41a5 In the loop through the list of interfaces in network6_interface_setup()
rtsol_interface gets reset to "yes" each time through the loop, but
rtsol_available does not. If a user has lo0 first in their list of
interfaces rtsol_available will get set to "no" the first time through
the loop and subsequent interfaces will not get rtsol'ed when they should.

Therefore change the conditional for the is_wired() test to _interface.

Noticed by:	Dimitry Andric <dimitry@andric.com>
2009-08-27 15:24:26 +00:00
Doug Barton
b7084131de Improve the case test to detect the presence of lo0 in the list of
network_interfaces.

Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
2009-08-24 22:05:08 +00:00
Doug Barton
6913541fe4 Prior to the dire warning about values of network_interfaces other than
AUTO the biggest mistake users made was leaving lo0 off the list. Since
lo0 is effectively mandatory, check for it and add it to the list if
it's not there.
2009-08-23 19:52:47 +00:00
Doug Barton
86567e4164 Move is_wired_interface() from rc.d/wpa_supplicant into network.subr,
simplify it a bit, and make use of that method to determine if an
interface is a candidate for IPv6 rtsol rather than listing all of the
possible wireless interfaces that should _not_ get rtsol'ed.

This change is only relevant for 8.0+ unless the "wlan mandatory" code
gets ported back to RELENG_7.
2009-08-23 05:47:19 +00:00
Doug Barton
511b9af0c9 rtsol should not be run on the wireless NIC interfaces directly,
it will run on wlan0 instead.
2009-06-26 01:27:16 +00:00
Doug Barton
9cdd13b268 Eliminate the warning that "Values of network_interfaces other than
AUTO are deprecated.' There is no good reason to deprecate them, and
setting this to different values can be useful for custom solutions
and/or one-off configuration problems.
2009-06-01 05:37:13 +00:00
Brooks Davis
3e5f41cf03 Add support for setting the debug flags on wlan interfaces after the are
created using wlandebug_<ifn> variables.
2009-03-13 07:12:25 +00:00
Andrew Thompson
c05bf25301 Check for NOAUTO on child interfaces (eg wlanX) so they can be created via
rc.conf but not necessarily started.
2009-02-04 18:20:27 +00:00
Brooks Davis
4c8b092e18 Remove compat support for vaps_<ifn> and vap_create_<ifn> variables as
promised in r178527.  These variables were never in a release version.

Reminded by:	sam
2008-10-01 18:46:46 +00:00
Mike Makonnen
b064049801 Implement a "quiet" mode for rc.d/netif, which only outputs
the interface name of interfaces that were configured.

This change has the added benefit that ifn_start() and
ifn_stop() in network.subr no longer write to standard output.
Whether to output and what to output is now handled entirely
in rc.d/netif.
2008-06-23 20:50:11 +00:00
Doug Barton
5071594969 Add a missing space between a variable and the ] for a test 2008-05-26 10:10:11 +00:00
Brooks Davis
ace19032cf Change the default value of synchronous_dhclient to NO.
To preserve the existing behavior of etc/rc.d/netif, add code to wait
up to if_up_delay seconds (30 seconds by default) for a default route to
be configured if there are any dhcp interfaces.  This should be extended
to test that the interface is actually up.

X-MFC after:
2008-05-15 01:06:10 +00:00
Brooks Davis
d0c63cd27f Fix last commit and call childif_destroy() correctly. 2008-05-15 00:08:02 +00:00
Brooks Davis
106049d9ab Don't print the interface status if we only create child or destroy
interfaces.

Correctly return status from childif_create().
2008-05-14 23:53:39 +00:00
Brooks Davis
a54149a9ed Emit a warning when the network_interfaces variable is not set to AUTO.
MFC after:	3 days
2008-04-30 16:29:15 +00:00
Brooks Davis
89b5b33da2 Replace the prototype vaps_<ifn> and vap_create_<ifn> variables with
more wlans_<ifn> and create_args_<ifn>

Add documentation for these variants and generally update the wireless
device example.

There is are very short lived shim from vaps_<ifn> which produces
a warning and vap_create_<ifn> which does not.  Misuse the MFC
notification service to remind me to remove them.

MFC after:	3 weeks
2008-04-25 23:50:49 +00:00
Sam Leffler
5bd720a7c2 rc support for vaps 2008-04-20 20:37:21 +00:00
Brooks Davis
b31eb9bec0 Support gif_interface values that don't follow the pattern gif###.
Remove ancient compatablity support for gif_interface="NO".
2008-03-28 06:50:06 +00:00
Andrew Thompson
5090437236 Change wpa_supplicant to down the interface at the start of the init routine.
wpa_supplicant expects that it has exclusive access to the net80211 state so
when its starts poking in the WEP/WPA settings and the card is already
scanning it can cause net80211 to try and associate incorrectly with a
protected AP.

This is an inconvenience for firmware based cards such as iwi where it can be
sent an auth instruction with incomplete security info and cause a firmware
error.

Remove the 'ifconfig up' from network.subr since wpa_supplicant will
immediately down the interface again.

Reported by:	Guy Helmer (and others)
Reviewed by:	sam, brooks, avatar
MFC after:	3 days
2007-11-05 06:13:07 +00:00
Andrew Thompson
ddf1c6facd Do not attempt to load the kernel module when checking if an interface exists.
This would cause pseudo network modules to be reloaded again when trying to
unload the first time if any cloned interfaces exist.

MFC after:	2 weeks
2007-05-23 00:18:44 +00:00
Andrey A. Chernov
e8670c2c4e Back out network.subr :- fix and comment out dhc*_fxp0 examples instead
Submitted by:   jhb
2007-03-29 21:42:19 +00:00
Andrey A. Chernov
2395c8cbfc Fix get_if_var() with 3 args (i.e. with default)
All xxx_<ifname> flags are set to empty strings automatically earlier so
eval echo \${${prefix}${_if}${suffix}-${_default}}
not substitute the default but return just the empty string.
Fix it using
eval echo \${${prefix}${_if}${suffix}:-${_default}}
(i.e. treat empty strings as unset)

The bug manifistates itself with the following warning from checkyesno():
/etc/rc.d/dhclient: WARNING: $background_dhclient is not set properly -
see rc.conf(5)
2007-03-29 10:55:33 +00:00
Florent Thoumie
2d69b43eb2 Add support for EtherChannel configuration to rc startup scripts.
Note: This also deprecates "NO" as a way to specify an empty list of
interfaces for gif_interfaces.

PR:		conf/104884
Submitted by:	nork
Harassed by:	brd
Discussed with:	brooks, dougb
2007-02-09 12:11:27 +00:00
Max Laier
51769ee611 Do not try to rtsol on pflog or pfsync devices. 2006-10-29 13:29:49 +00:00
Hajimu UMEMOTO
639b2c8e5a Restore the behavior that net.inet6.ip6.auto_linklocal=0 could
be coexist with ipv6_enable="YES".

MFC after:	3 days
2006-10-07 15:45:56 +00:00
George V. Neville-Neil
90ce6fa1c8 Turn off automatic link local address if ipv6_enable is not set to YES
in rc.conf

Reviewed by:    KAME core team, cperciva
MFC after:      3 days
2006-10-02 10:13:30 +00:00