Commit Graph

253 Commits

Author SHA1 Message Date
melifaro
b5d711d3a6 Renove faith(4) and faithd(8) from base. It looks like industry
have chosen different (and more traditional) stateless/statuful
NAT64 as translation mechanism. Last non-trivial commits to both
faith(4) and faithd(8) happened more than 12 years ago, so I assume
it is time to drop RFC3142 in FreeBSD.

No objections from:	net@
2014-11-09 21:33:01 +00:00
hrs
9e4c2e6032 - Add $netif_ipexpand_max to specify the upper limit for the number of
addresses generated by an address range specification.  The default
  value is 2048.  This can be increased by setting $netif_ipexpand_max
  in rc.conf.

- Fix warning messages when an address range spec exceeds the upper limit.

PR:	186841
2014-09-11 12:30:29 +00:00
hrs
bc975afc0c Fix ifname normalization. ifconfig_IF_alias{es,N} did not work if ifname has
any of [.-/+].

Spotted by:	jhay
2014-06-24 04:37:36 +00:00
hrs
ab263ec2ff Fix address matching rule.
Reported by:	jase
2014-06-19 07:39:28 +00:00
rea
4b5f56c9a5 Fix warning messages after r252015
$alias used to hold alias number, but now it carries full variable name,
so messages were tuned to account for that.

Other fixes:
 - eliminate unneeded double spaces;
 - tell user where inet/inet6 keywords are expected to be.
Reviewed by:	hrs
MFC after:	1 week
2014-05-20 19:55:59 +00:00
hrs
c8cbe4ade0 Fix an issue in range specification handling when a "-foo" is specified in
ifconfig_IF_aliasN.
2014-05-16 18:44:23 +00:00
hrs
af9fb17a16 Move configuration of IPv6 NDP flags to a point before handling ifconfig_IF.
This fixes a race that a non-IPv4 interface can get an EUI64 LLA even if it
has IFDISABLED nd6 flag at boot time.
2014-05-16 14:48:21 +00:00
dteske
6b8b017a4a Loosen the processing of *_IF_aliasN vars to be less strict. Previously,
the first alias had to be _alias0 and processing stopped at the first non-
defined variable (preventing gaps). Allowing gaps gives the administrator
the ability to group aliases in an adhoc manner and also lifts the
requirement to renumber aliases simply to comment-out an existing one.
Aliases are processed in numerical ascending order.

Discussed on:	-rc
MFC after:	1 week
2014-04-07 22:40:29 +00:00
glebius
d494babace Remove IPX support.
IPX was a network transport protocol in Novell's NetWare network operating
system from late 80s and then 90s. The NetWare itself switched to TCP/IP
as default transport in 1998. Later, in this century the Novell Open
Enterprise Server became successor of Novell NetWare. The last release
that claimed to still support IPX was OES 2 in 2007. Routing equipment
vendors (e.g. Cisco) discontinued support for IPX in 2011.

Thus, IPX won't be supported in FreeBSD 11.0-RELEASE.
2014-03-14 02:58:48 +00:00
jhb
96b4afd9d5 Revert r257715. This breaks the case where devd isn't running. The
real solution to this is still being discussed and probably won't look
quite like this.
2013-11-12 18:59:23 +00:00
jhb
7887fd3f23 Don't explicitly invoke ifn_start on new child interfaces (vaps and
subinterfaces) after they are created.  Interfaces are already started
by devd invoking /etc/pccard_ether when they are created, so the explicit
calls in childif_create() resulted in interfaces being started twice.

Note that interfaces created via cloned_interfaces are not explicitly
started but depend on the devd mechanism already.

MFC after:	1 week
2013-11-05 19:49:53 +00:00
glebius
2d77669bc5 Remove more remnants of ng_fec(4).
The ng_create_one() and ng_mkpeer() functions in network.subr are
now not used anywhere, but I left them, since they can be useful
in future in netgraph scripting.

Submitted by:	pluknet
2013-10-28 16:21:31 +00:00
hrs
028a23e8a8 Add support for "vnet jname" argument in ifconfig_IF. The vnet keyword
is ignored except for "rc.d/netif vnet{up,down} ifn" because a jail is
usually created after interface initialization on boot time.

"rc.d/netif vnetup ifn" moves ifn into the specified jail.  It is
designed to be used in other scripts like rc.d/jail, not automatically
invoked during the interface initialization.

Approved by:	re (kib)
2013-10-10 07:41:11 +00:00
hrs
1673ef1797 Do not attempt to do AF-specific configurations on a interface when
noafif() is true.  The following warning message was displayed when
pflog0 interface existed, for example:

 ifconfig: ioctl(SIOCGIFINFO_IN6): Protocol family not supported

Reported by:	bz
Approved by:	re (gjb)
2013-10-04 04:15:18 +00:00
hrs
1315bdcd1c Add epair(4) support in $cloned_interfaces. One should be specified
as "epair0" in $cloned_interfaces and "epair0[ab]" in the others in
rc.conf like the following:

 cloned_interfaces="epair0"
 ifconfig_epair0a="inet 192.168.1.1/24"
 ifconfig_epair0b="inet 192.168.2.1/24"

/etc/rc.d/netif now accepts both "netif start epair0" and "netif start
epair0a".

Approved by:	re (kib)
2013-10-04 02:44:04 +00:00
hrs
b688fb2537 Fix parsing lines of ifconfig output which include \t in the case of
inet and inet6.

Approved by:	re (delphij)
2013-09-17 20:22:24 +00:00
asomers
2dbc952848 Correctly remove an interface's ipv4 address when the user calls
"/etc/rc.d/netif stop XXX".  The old globbing pattern failed to account for the
possibility of a tab occuring before "inet".

Reviewed by:	will
Approved by:	ken (mentor, implicit)
MFC after:	Never (bug affects head only)
Sponsored by:	Spectra Logic
2013-08-23 23:12:16 +00:00
hrs
cbd7fe2b24 - Reimplement $gif_interfaces as a variant of $cloned_interfaces.
Newly-configured systems should use $cloned_interfaces.

- Call clone_{up,down}() and ifnet_rename() in rc.d/netif {start,stop}.
  ifnet_rename() now accepts an interface name list as its argument.

- Add rc.d/netif clear.  The "clear" subcommand is basically equivalent to
  "stop" but it does not call clone_down().

- Add "ifname:sticky" keyword into $cloned_interfaces.  If :sticky is
  specified, the interface will not be destroyed in rc.d/netif stop.

- Add cloned_interfaces_sticky={YES,NO}.  This variable globally sets
  :sticky keyword above for all interfaces.  The default value is NO.
  When cloned_interfaces_sticky=YES, :nosticky keyword can be used to
  override it on per interface basis.
2013-08-04 06:36:17 +00:00
hrs
5d72d2ce1e Do not set ND6_IFF_ACCEPT_RTADV on if_bridge(4) interfaces when
ipv6_enable=yes.

MFC after:	3 days
2013-07-21 15:26:25 +00:00
hrs
43ff25fce8 Fix address range specification with ifconfig(8) options such as:
- inet 192.0.2.1-10 netmask 255.255.255.0 (inet range spec + ifconfig options)
- inet6 2001:db8:1::1-f prefixlen 60 (inet6 range spec + ifconfig options)

If prefixlen or netmask option is specified with CIDR notation at
the same time, the option is used.

Tested by:	Michael Grimm
MFC after:	3 days
2013-07-20 16:58:17 +00:00
hrs
ff98999e18 - Fix a bug in ipv6_prefix_IF. It did not work with the 64-bit prefix
notation like 2001:db8:1:1.

- Use eui64 flag in ifconfig(8) instead of network6_getladdr()[*] for
  interface indentifier part.

Suggested by:	ume [*]
MFC after:	3 days
2013-07-18 02:58:24 +00:00
hrs
e4c2fc3046 Add "ether" and "link" to ifconfig_alias{es,N}. 2013-06-30 19:52:45 +00:00
delphij
3c207809e5 Don't attempt to do DHCP on certain interfaces, similar to what's done for
ipv6_autoconfif() in r212577.

MFC after:	1 week
2013-06-28 22:25:37 +00:00
rpaulo
5d588b2eef Implement ifconfig_wlanX="HOSTAP".
Not only this is a bit cleaner, it allows multiple instances of hostapd to be
running on the system host, useful for simultaneous dual-band WiFi.
This is similar to ifconfig_wlanX="WPA" but it uses /etc/hostapd-wlanX.conf.
Compatibility with hostapd_enable=YES/NO was kept.

Reviewed by:	adrian
2013-06-26 04:00:52 +00:00
hrs
754a6006f2 - Add CIDR notation support like 192.168.1-2.10-16/24 to $ifconfig_IF_aliasN.
This is an extended version of ipv4_addr_IF which supports both IPv4 and
  IPv6, and multiple range specifications.  To avoid to generate too many
  addresses, the maximum number of the generated addresses is currently
  limited to 31.

- Add $ifconfig_IF_aliases, which accepts multiple IP aliases in a variable.

- ipv6_prefix_IF now supports !/64 prefix length.  In addition to the old
  64-bit format (2001:db8:1:1), a full 128-bit format like 2001:db8:1:1::/64
  is supported.

- Replace ifconfig command with $IFCONFIG_CMD variable to support
  a dry-run mode in the future.

- Remove IP aliases before removing all of IPv4 addresses when doing
  "rc.d/netif down".

- Add a DAD wait to network6_getladdr() because it is possible to fail to
  configure an EUI64 address when ipv6_prefix_IF is specified.

A summary of the supported ifconfig_* variables is as follows:

 # IPv4 configuration.
 ifconfig_em0="inet 192.168.0.1"
 # IPv6 configuration.
 ifconfig_em0_ipv6="inet6 2001:db8::1/64"
 # IPv4 address range spec.  Now deprecated.
 ipv4_addr_em0="10.2.1.1-10"
 # IPv6 alias.
 ifconfig_em0_alias0="inet6 2001:db8:5::1 prefixlen 70"
 # IPv4 alias.
 ifconfig_em0_alias1="inet 10.2.2.1/24"
 # IPv4 alias with range spec w/o AF keyword (backward compat).
 ifconfig_em0_alias2="10.3.1.1-10/32"
 # IPv6 alias with range spec.
 ifconfig_em0_alias3="inet6 2001:db8:20-2f::1/64"
 # ifconfig_IF_aliases is just like ifconfig_IF_aliasN.
 ifconfig_em0_aliases="inet 10.3.3.201-204/24 inet6 2001:db8:210-213::1/64 inet 10.1.1.1/24"
 # IPv6 alias (backward compat)
 ipv6_ifconfig_em0_alias0="inet6 2001:db8:f::1/64"
 # IPv6 alias w/o AF keyword (backward compat)
 ipv6_ifconfig_em0_alias1="2001:db8:f:1::1/64"
 # IPv6 prefix.
 ipv6_prefix_em0="2001:db8::/64"

Tested by:	Kimmo Paasiala
2013-06-20 02:29:49 +00:00
hrs
94b3ca6d00 Fix an issue when ipv6_enable=YES && ipv6_gateway_enable=YES which could
prevent rtadvd(8) from working as intended.

Spotted by:	brian
Discussed with:	brian
2012-10-27 17:06:26 +00:00
hrs
dcf91b59f5 Fix several glitches in IPv6-related knobs:
- ipv6_enable + ipv6_gateway_enable should unset ACCEPT_RTADV by default for
  backward compatibility.

- Configurations in ipv6_prefix_IF should be recognized even if there is no
  ifconfig_IF_ipv6.

- DAD wait should be performed at once, not on a per-interface basis, if
  possible.  This fixes an issue that a system with a lot of IPv6-capable
  interfaces takes too long for booting.

MFC after:	1 week
2012-01-22 10:57:32 +00:00
uqs
a6f0acec24 Spelling fixes for etc/ 2012-01-07 16:10:32 +00:00
glebius
3eabbecb6d Add compatibility support for specifing IPv4 aliases in
rc.conf without the "inet" keyword.

Obtained from:	hrs
2011-12-13 14:36:04 +00:00
hrs
4d11bc0a4a Add support for removing addresses added by ipv6_prefix_hostid_addr_up()
upon rc.d/netif stop.
2011-10-23 07:37:36 +00:00
hrs
864e0e20bb Fix an issue that 127/8 is not configured when $ifconfig_DEFAULT is not empty.
Spotted by:	ume
2011-10-23 05:56:59 +00:00
delphij
aed7b4b7f1 Test if the interface is afif in dhcpif() and syncdhcpif(), as
done in ipv6_autoconfif.

Reviewed by:	hrs (freebsd-rc@)
MFC after:	1 week
2011-09-28 19:01:15 +00:00
brueffer
b3c2a14506 Minor spelling, wording and punctuation fixes in comments.
PR:		155984
Submitted by:	gcooper
Approved by:	re (kib)
MFC after:	1 week
2011-09-14 20:13:10 +00:00
hrs
6a7d91769a - Add an warning when ifconfig_IF_ipv6 has no inet6 keyword in front
of an IPv6 address. (r225489)

- Use eval for ${ifconfig_args} to fix an issue fixed in r223506. (r225489)

Approved by:	re (bz)
2011-09-13 00:09:47 +00:00
hrs
08320280c6 Add $ipv6_cpe_wanif to enable functionality required for IPv6 CPE
(r225485).  When setting an interface name to it, the following
configurations will be enabled:

 1. "no_radr" is set to all IPv6 interfaces automatically.

 2. "-no_radr accept_rtadv" will be set only for $ipv6_cpe_wanif.  This is
    done just before evaluating $ifconfig_IF_ipv6 in the rc.d scripts (this
    means you can manually supersede this configuration if necessary).

 3. The node will add RA-sending routers to the default router list
    even if net.inet6.ip6.forwarding=1.

This mode is added to conform to RFC 6204 (a router which connects
the end-user network to a service provider network).  To enable
packet forwarding, you still need to set ipv6_gateway_enable=YES.

Note that accepting router entries into the default router list when
packet forwarding capability and a routing daemon are enabled can
result in messing up the routing table.  To minimize such unexpected
behaviors, "no_radr" is set on all interfaces but $ipv6_cpe_wanif.

Approved by:	re (bz)
2011-09-13 00:06:11 +00:00
pluknet
71e30a51e8 Add support for string values with white spaces for ifconfig(8)
parameters accepting them (such as description, group).

Changes discussed on freebsd-rc.

PR:		conf/156675
Reported by:	"Alexander V. Chernikov" <melifaro att ipfw ru>
Suggested by:	hrs
Analyzed with:	Alexander V. Chernikov via IRC
MFC after:	2 weeks
2011-06-24 14:56:38 +00:00
hrs
3a786b5d67 Add a helper function to check kern.features.* sysctls.
Discussed with:	dougb
2011-06-11 21:40:37 +00:00
hrs
de9cf29a6b Do not mark lo0 as IFDISABLED even if there is no $ifconfig_lo0_ipv6 line. 2011-06-06 11:36:10 +00:00
hrs
9c9abb4736 Remove "ifconfig IF inet6 -accept_rtadv" when ipv6_gateway_enable=YES because
this is no longer needed.
2011-06-06 03:37:33 +00:00
bz
3de43df666 No logner set an IPv4 loopback address by default in defaults/rc.conf.
If not specified, network.subr will add it automatically if we have
INET support (1).

In network.subr only call the address family up/down functions
if the respective AF is available.

Switch to new kern.features variables for inet and inet6 as the
inet sysctl tree is also available for IPv6-only kernels leading
to unexpected results.

Suggested by:	hrs (1)
Reviewed by:	hrs
Sponsored by:	The FreeBSD Foundation
Sponsored by:	iXsystems
MFC after:	20 days
2011-05-31 00:25:52 +00:00
jilles
ea495298d6 network.subr: Use printf(1) builtin for hexprint function.
Now that printf(1) is a shell builtin, there is no need to emulate it
anymore. The external printf(1) is /usr/bin/printf and therefore may not be
available in early boot.

It may be faster to use printf directly but the function is useful for
compatibility.
2011-05-14 12:22:58 +00:00
hrs
ab8bbcbaf3 Split $ipv6_prefer into $ip6addrctl_policy and $ipv6_activate_all_interfaces.
The $ip6addrctl_policy is a variable to choose a pre-defined address
selection policy set by ip6addrctl(8).
The keyword "ipv4_prefer" sets IPv4-preferred one described in Section 10.3,
the keyword "ipv6_prefer" sets IPv6-preferred one in Section 2.1 in RFC 3484,
respectively.  When "AUTO" is specified, it attempts to read
/etc/ip6addrctl.conf first.  If it is found, it reads and installs it as
a policy table.  If not, either of the two pre-defined policy tables is
chosen automatically according to $ipv6_activate_all_interfaces.

When $ipv6_activate_all_interfaces=NO, interfaces which have no corresponding
$ifconfig_IF_ipv6 is marked as IFDISABLED for security reason.

The default values are ip6addrctl_policy=AUTO and
ipv6_activate_all_interfaces=NO.

Discussed with:	ume and bz
2010-09-13 19:55:40 +00:00
hrs
462966ddac Localize $_punct_c in get_if_var() and whitespace clean-ups.
Based on:	changes in r206408 by dougb
2010-09-13 19:53:54 +00:00
hrs
0a11003ea2 - Check some specific IFs first in ipv6_autoconfif().
- $ipv6_enable supports YES|TRUE|ON|1 as in checkyesno().

Based on:	changes in r206408 by dougb
2010-09-13 19:53:22 +00:00
hrs
03d1ec35f1 Fix $ipv6_network_interfaces and set it as AUTO by default.
Based on:	changes in r206408 by dougb
2010-09-13 19:52:04 +00:00
hrs
3319d93aea Revert changes in r206408.
Discussed with:	dougb, core.5, and core.6
2010-09-13 19:51:15 +00:00
jhb
32689449b7 Prevent unloading a kld for a driver that has subinterfaces (vlan and/or
wlan interfaces) from being automatically reloaded via devd shutdown
event handlers.
- Revert part of my previous changes to call ifn_stop on subinterfaces
  when an interface is detached.  It is better to destroy the interfaces
  first so that an 'ifconfig foo0.blah down' doesn't result in ifconfig
  auto-loading if_foo.ko.  The ifconfig command will not be invoked if
  foo0.blah is gone when ifn_stop() is called.  Furthermore, it is not
  necessary to explicitly invoke ifn_stop() after the subinterface is
  destroyed as devd will already do that.
- Pass -n to ifconfig when destroying interfaces so that destroying a
  cloned interface does not kldload any drivers.

Reviewed by:	dougb
MFC after:	4 days
2010-05-17 19:51:34 +00:00
dougb
3df3a625bf Remove trailing white space. No functional changes. 2010-05-14 04:53:57 +00:00
dougb
955bde9203 Make address assignment via ipv6_prefix_IF work again 2010-05-04 01:46:58 +00:00
dougb
2ae521fa83 Improve the handling of IPv6 configuration in rc.d. The ipv6_enable
and ipv6_ifconfig_<interface> options have already been deprecated,
these changes do not alter that.

With these changes any value set for ipv6_enable will emit a
warning. In order to avoid a POLA violation for the deprecation
of the option ipv6_enable=NO will still disable configuration
for all interfaces other than lo0. ipv6_enable=YES will not have
any effect, but will emit an additional warning. Support and
warnings for this option will be removed in FreeBSD 10.x.

Consistent with the current code, in order for IPv6 to be configured
on an interface (other than lo0) an ifconfig_<interface>_ipv6
option will have to be added to /etc/rc.conf[.local].

1. Clean up and minor optimizations for the following functions:
ifconfig_up (the ipv6 elements)
ipv6if
ipv6_autoconfif
get_if_var
_ifconfig_getargs
The cleanups generally were to move the "easy" tests earlier in the
functions, and consolidate duplicate code.

2. Stop overloading ipv6_prefer with the ability to disable IPv6
configuration.

3. Remove noafif() which was only ever called from ipv6_autoconfif.
Instead, simplify and integrate the tests into that function, and
convert the test to use is_wired_interface() instead of listing
wireless interfaces explicitly.

4. Integrate backwards compatibility for ipv6_ifconfig_<interface>
into _ifconfig_getargs. This dramatically simplifies the code in
all of the callers, and avoids a lot of other code duplication.

5. In rc.d/netoptions, add code for an ipv6_privacy option to use
RFC 4193 style pseudo-random addresses (this is what windows does
by default, FYI).

6. Add support for the [NO]RTADV options in ifconfig_getargs() and
ipv6_autoconfif(). In the latter, include support for the explicit
addition of [-]accept_rtadv in ifconfig_<interface>_ipv6 as is done
in the current code.

7. In rc.d/netif add a warning if $ipv6_enable is set, and remove
the set_rcvar_obsolete for it. Also remove the latter from
rc.d/ip6addrctl.

8. In /etc/defaults/rc.conf:

Add an example for RTADV configuration.

Set ipv6_network_interfaces to AUTO.

Switch ipv6_prefer to YES. If ipv6_enable is not set this will have
no effect.

Add a default for ipv6_privacy (NO).

9. Document all of this in rc.conf.5.
2010-04-09 01:35:09 +00:00