freebsd-nq/etc/rc.d/routing
Jilles Tjoelker 068c02de6d rc.d/routing: Fix ugly output with additional routing options.
Print a separate "Additional routing options" line for each address family
which has additional options, so that it does not get mixed up with the
output from adding routes.

This also reverts r224048 which added newlines to two arbitrary routing
options.
2011-07-17 14:52:55 +00:00

361 lines
6.5 KiB
Bash
Executable File

#!/bin/sh
#
# Configure routing and miscellaneous network tunables
#
# $FreeBSD$
#
# PROVIDE: routing
# REQUIRE: faith netif ppp stf
# KEYWORD: nojail
. /etc/rc.subr
. /etc/network.subr
name="routing"
start_cmd="routing_start doall"
stop_cmd="routing_stop"
extra_commands="options static"
static_cmd="routing_start static"
options_cmd="routing_start options"
afcheck()
{
case $_af in
""|inet|inet6|ipx|atm)
;;
*)
err 1 "Unsupported address family: $_af."
;;
esac
}
routing_start()
{
local _cmd _af _a
_cmd=$1
_af=$2
afcheck
case $_af in
inet|inet6|ipx|atm)
setroutes $_cmd $_af
;;
"")
for _a in inet inet6 ipx atm; do
afexists $_a && setroutes $_cmd $_a
done
;;
esac
}
routing_stop()
{
local _af _a
_af=$1
afcheck
case $_af in
inet|inet6|ipx|atm)
eval static_${_af} delete
eval routing_stop_${_af}
;;
"")
for _a in inet inet6 ipx atm; do
afexists $_a || continue
eval static_${_a} delete
eval routing_stop_${_a}
done
;;
esac
}
setroutes()
{
case $1 in
static)
static_$2 add
;;
options)
options_$2
;;
doall)
static_$2 add
options_$2
;;
esac
}
routing_stop_inet()
{
route -n flush -inet
}
routing_stop_inet6()
{
local i
route -n flush -inet6
for i in ${ipv6_network_interfaces}; do
ifconfig $i inet6 -defaultif
done
}
routing_stop_atm()
{
return 0
}
routing_stop_ipx()
{
return 0
}
static_inet()
{
local _action
_action=$1
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
route_args=`get_if_var $i route_IF`
route ${_action} ${route_args}
done
fi
}
static_inet6()
{
local _action i
_action=$1
# disallow "internal" addresses to appear on the wire
route ${_action} -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
route ${_action} -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
case ${ipv6_defaultrouter} in
[Nn][Oo] | '')
;;
*)
ipv6_static_routes="default ${ipv6_static_routes}"
ipv6_route_default="default ${ipv6_defaultrouter}"
;;
esac
if [ -n "${ipv6_static_routes}" ]; then
for i in ${ipv6_static_routes}; do
ipv6_route_args=`get_if_var $i ipv6_route_IF`
route ${_action} -inet6 ${ipv6_route_args}
done
fi
# Fixup $ipv6_network_interfaces
case ${ipv6_network_interfaces} in
[Nn][Oo][Nn][Ee])
ipv6_network_interfaces=''
;;
esac
if checkyesno ipv6_gateway_enable; then
for i in ${ipv6_network_interfaces}; do
laddr=`network6_getladdr $i exclude_tentative`
case ${laddr} in
'')
;;
*)
ipv6_working_interfaces="$i \
${ipv6_working_interfaces}"
;;
esac
done
ipv6_network_interfaces=${ipv6_working_interfaces}
fi
# Install the "default interface" to kernel, which will be used
# as the default route when there's no router.
case "${ipv6_default_interface}" in
[Nn][Oo] | [Nn][Oo][Nn][Ee])
ipv6_default_interface=""
;;
[Aa][Uu][Tt][Oo] | "")
for i in ${ipv6_network_interfaces}; do
case $i in
lo0|faith[0-9]*)
continue
;;
esac
laddr=`network6_getladdr $i exclude_tentative`
case ${laddr} in
'')
;;
*)
ipv6_default_interface=$i
break
;;
esac
done
;;
esac
# Disallow link-local unicast packets without outgoing scope
# identifiers. However, if you set "ipv6_default_interface",
# for the host case, you will allow to omit the identifiers.
# Under this configuration, the packets will go to the default
# interface.
route ${_action} -inet6 fe80:: -prefixlen 10 ::1 -reject
route ${_action} -inet6 ff02:: -prefixlen 16 ::1 -reject
case ${ipv6_default_interface} in
'')
;;
*)
# Disable installing the default interface when we act
# as router to avoid conflict between the default
# router list and the manual configured default route.
if ! checkyesno ipv6_gateway_enable; then
ifconfig ${ipv6_default_interface} inet6 defaultif
sysctl net.inet6.ip6.use_defaultzone=1
fi
;;
esac
}
static_atm()
{
local _action i route_args
_action=$1
if [ -n "${natm_static_routes}" ]; then
for i in ${natm_static_routes}; do
route_args=`get_if_var $i route_IF`
atmconfig natm ${_action} ${route_args}
done
fi
}
static_ipx()
{
}
ropts_init()
{
if [ -z "${_ropts_initdone}" ]; then
echo -n "Additional $1 routing options:"
_ropts_initdone=yes
fi
}
options_inet()
{
_ropts_initdone=
if checkyesno icmp_bmcastecho; then
ropts_init inet
echo -n ' broadcast ping responses=YES'
${SYSCTL} net.inet.icmp.bmcastecho=1 > /dev/null
else
${SYSCTL} net.inet.icmp.bmcastecho=0 > /dev/null
fi
if checkyesno icmp_drop_redirect; then
ropts_init inet
echo -n ' ignore ICMP redirect=YES'
${SYSCTL} net.inet.icmp.drop_redirect=1 > /dev/null
else
${SYSCTL} net.inet.icmp.drop_redirect=0 > /dev/null
fi
if checkyesno icmp_log_redirect; then
ropts_init inet
echo -n ' log ICMP redirect=YES'
${SYSCTL} net.inet.icmp.log_redirect=1 > /dev/null
else
${SYSCTL} net.inet.icmp.log_redirect=0 > /dev/null
fi
if checkyesno gateway_enable; then
ropts_init inet
echo -n ' gateway=YES'
${SYSCTL} net.inet.ip.forwarding=1 > /dev/null
else
${SYSCTL} net.inet.ip.forwarding=0 > /dev/null
fi
if checkyesno forward_sourceroute; then
ropts_init inet
echo -n ' do source routing=YES'
${SYSCTL} net.inet.ip.sourceroute=1 > /dev/null
else
${SYSCTL} net.inet.ip.sourceroute=0 > /dev/null
fi
if checkyesno accept_sourceroute; then
ropts_init inet
echo -n ' accept source routing=YES'
${SYSCTL} net.inet.ip.accept_sourceroute=1 > /dev/null
else
${SYSCTL} net.inet.ip.accept_sourceroute=0 > /dev/null
fi
if checkyesno arpproxy_all; then
ropts_init inet
echo -n ' ARP proxyall=YES'
${SYSCTL} net.link.ether.inet.proxyall=1 > /dev/null
else
${SYSCTL} net.link.ether.inet.proxyall=0 > /dev/null
fi
[ -n "${_ropts_initdone}" ] && echo '.'
}
options_inet6()
{
_ropts_initdone=
if checkyesno ipv6_gateway_enable; then
ropts_init inet6
echo -n ' gateway=YES'
${SYSCTL} net.inet6.ip6.forwarding=1 > /dev/null
else
${SYSCTL} net.inet6.ip6.forwarding=0 > /dev/null
fi
[ -n "${_ropts_initdone}" ] && echo '.'
}
options_atm()
{
_ropts_initdone=
[ -n "${_ropts_initdone}" ] && echo '.'
}
options_ipx()
{
_ropts_initdone=
if checkyesno ipxgateway_enable; then
ropts_init ipx
echo -n ' gateway=YES'
${SYSCTL} net.ipx.ipx.ipxforwarding=1 > /dev/null
else
${SYSCTL} net.ipx.ipx.ipxforwarding=0 > /dev/null
fi
[ -n "${_ropts_initdone}" ] && echo '.'
}
load_rc_config $name
run_rc_command "$@"