aboutsummaryrefslogtreecommitdiffstats
path: root/sysconfig
diff options
context:
space:
mode:
Diffstat (limited to 'sysconfig')
-rwxr-xr-xsysconfig/network-scripts/ifdown-ippp6
-rwxr-xr-xsysconfig/network-scripts/ifdown-ipv6138
-rwxr-xr-xsysconfig/network-scripts/ifdown-sit55
-rwxr-xr-xsysconfig/network-scripts/ifup-ippp16
-rwxr-xr-xsysconfig/network-scripts/ifup-ipv6185
-rwxr-xr-xsysconfig/network-scripts/ifup-sit109
-rwxr-xr-xsysconfig/network-scripts/init.ipv6-global110
-rw-r--r--sysconfig/network-scripts/network-functions-ipv61543
8 files changed, 1416 insertions, 746 deletions
diff --git a/sysconfig/network-scripts/ifdown-ippp b/sysconfig/network-scripts/ifdown-ippp
index 4a4c449d..adc6d4b7 100755
--- a/sysconfig/network-scripts/ifdown-ippp
+++ b/sysconfig/network-scripts/ifdown-ippp
@@ -16,9 +16,9 @@ if [ -f /var/lock/subsys/ibod ] ; then
fi
# Shut down IPv6
-#if [ "${NETWORKING_IPV6}" = "yes" ]; then
-# /etc/sysconfig/network-scripts/ifdown-ipv6 $DEVICE
-#fi
+if [ "${NETWORKING_IPV6}" = "yes" ]; then
+ /etc/sysconfig/network-scripts/ifdown-ipv6 $DEVICE
+fi
# shutdown isdn device
isdnctrl hangup $DEVICE >/dev/null 2>&1
diff --git a/sysconfig/network-scripts/ifdown-ipv6 b/sysconfig/network-scripts/ifdown-ipv6
index 8f4319ba..23084670 100755
--- a/sysconfig/network-scripts/ifdown-ipv6
+++ b/sysconfig/network-scripts/ifdown-ipv6
@@ -4,26 +4,38 @@
#
#
# Taken from:
-# (P) & (C) 2000-2001 by Peter Bieringer <pb@bieringer.de>
+# (P) & (C) 2000-2002 by Peter Bieringer <pb@bieringer.de>
+#
+# You will find more information in the IPv6-HowTo for Linux at
+# http://www.bieringer.de/linux/IPv6/
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
-# Version 2001-07-15
+# Version 2002-01-25
+#
+# Note: if called as (like normally) by /etc/sysconfig/network-scripts/ifdown
+# exit codes aren't handled by "ifdown"
#
# Uses following information from /etc/sysconfig/network:
# NETWORKING_IPV6=yes|no: controls IPv6 initialization (global setting)
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
+# DEVICE=<device>
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
#
# Optional for 6to4 tunneling:
-# IPV6TO4_RELAY=<ipv4address>: IPv4 address of the remote 6to4 relay
-# IPV6TO4_ROUTING="eth0-:f101::0/64 eth1-:f102::0/64": information to setup local subnetting
-# IPV6TO4_CONTROL_RADVD=yes|no: controls radvd triggering [optional]
-# IPV6TO4_RADVD_PIDFILE=file: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid" [optional]
+# IPV6TO4_RELAY=<IPv4 address>: IPv4 address of the remote 6to4 relay [default: 192.88.99.1]
+# IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ...": information to setup local subnetting
#
-# Requirements for 6to4 if using radvd:
-# radvd-0.6.2p3 or newer supporting option "Base6to4Interface"
+# Optional for 6to4 tunneling links to trigger radvd:
+# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering [optional]
+# IPV6_RADVD_PIDFILE=<file>: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid" [optional]
+# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd [optional, default is SIGHUP]
+#
+# Required version of radvd to use 6to4 prefix recalculation
+# 0.6.2p3 or newer supporting option "Base6to4Interface"
+# Required version of radvd to use dynamic ppp links
+# 0.7.0 + fixes or newer
#
@@ -34,7 +46,11 @@ cd /etc/sysconfig/network-scripts
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
-source_config
+source_config
+
+# IPv6 don't need aliases anymore, config is skipped
+REALDEVICE=`echo ${DEVICE} | sed 's/:.*//g'`
+[ "$DEVICE" != "$REALDEVICE" ] && exit 0
# Test whether IPv6 should be configured, else stop
[ "${NETWORKING_IPV6}" = "yes" ] || exit 0
@@ -46,88 +62,66 @@ fi
# Source IPv6 helper functions
. /etc/sysconfig/network-scripts/network-functions-ipv6
+
# IPv6 test, no module loaded, exit if system is not IPv6-ready
-test_ipv6 testonly || exit 0
+ipv6_test testonly || exit 0
+# Test device status
+ipv6_test_device_status $DEVICE
+if [ $? != 0 -a $? != 11 ]; then
+ # device doesn't exist or other problem occurs
+ exit 1
+fi
# Switch some sysctls to secure mode
-sysctl -w net.ipv6.conf.$DEVICE.forwarding=0 >/dev/null
-sysctl -w net.ipv6.conf.$DEVICE.accept_ra=0 >/dev/null
-sysctl -w net.ipv6.conf.$DEVICE.accept_redirects=0 >/dev/null
+ipv6_exec_sysctl -w net.ipv6.conf.$DEVICE.forwarding=0 >/dev/null
+ipv6_exec_sysctl -w net.ipv6.conf.$DEVICE.accept_ra=0 >/dev/null
+ipv6_exec_sysctl -w net.ipv6.conf.$DEVICE.accept_redirects=0 >/dev/null
# Shutdown of 6to4, if configured
valid6to4config="yes"
if [ -z "$IPV6TO4_RELAY" ]; then
- valid6to4config="no"
+ IPV6TO4_RELAY="192.88.99.1"
fi
-if [ "$valid6to4config" = "yes" ]; then
- if [ "$IPV6TO4_CONTROL_RADVD" = "yes" ]; then
- # stop RADVD from distributing no longer usable 6to4 prefixes
- if [ -z "$IPV6TO4_RADVD_PIDFILE" ]; then
- IPV6TO4_RADVD_PIDFILE="/var/run/radvd/radvd.pid"
- fi
- # Send SIGHUP to radvd
- if [ -f "$IPV6TO4_RADVD_PIDFILE" ]; then
- pid="`cat $IPV6TO4_RADVD_PIDFILE`"
- if [ ! -z "$pid" ]; then
- # still waiting for feature enabling: stopping distribution of prefixes in RADVD....
- # kill -SOMETHING $pid
- false
- else
- false
- fi
- fi
+
+# Get IPv4 address from interface
+if [ ! -z "$IPV6TO4_IPV4ADDR" ]; then
+ # Take special configured from config file (precedence 1)
+ ipv4addr="$IPV6TO4_IPV4ADDR"
+else
+ # Get IPv4 address from interface first (has precedence 2)
+ ipv4addr="`ipv6_get_ipv4addr_of_device $DEVICE`"
+ if [ -z "$ipv4addr" ]; then
+ # Take configured from config file (precedence 3)
+ ipv4addr="$IPADDR"
fi
+fi
+
+# Get local IPv4 address of dedicated tunnel
+ipv4addr6to4local="`ipv6_get_ipv4addr_of_tunnel tun6to4 local`"
+
+# Check against configured 6to4 tunnel to see if this interface was used before
+if [ "$ipv4addr" != "$ipv4addr6to4local" ]; then
+ # IPv4 address of interface does't match local tunnel address, interface was not used for current 6to4 setup
+ valid6to4config="no"
+fi
+# Shutdown of 6to4, if configured
+if [ "$valid6to4config" = "yes" ]; then
if [ ! -z "$IPV6TO4_ROUTING" ]; then
# Delete routes to local networks
for devsuf in $IPV6TO4_ROUTING; do
dev="`echo $devsuf | awk -F- '{ print $1 }'`"
- ifdown_ipv6_route_all $dev ::
+ ipv6_cleanup_routes $dev ::
done
fi
- # Detect type of address, whether it is IPv4 or IPv6
- if testipv6_valid $IPV6TO4_RELAY; then
- relay6to4type="ipv6"
- fi
-
- # Delete all static IPv6to4 routes
- if [ "$relay6to4type" = "ipv6" ]; then
- ifdown_ipv6_route_all sit0 $IPV6TO4_RELAY
- else
- ifdown_ipv6_route_all sit0 ::$IPV6TO4_RELAY
- fi
-
- # Delete old 6to4 routes, even if IPV6TO4_RELAY was changed
- if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
- grep -w "^sit0" /etc/sysconfig/static-routes-ipv6 | while read device network dummy; do
- if [ "$EXISTS_ipv6calc" = "yes" ]; then
- # Convert given network to compressed one
- network="`ipv6calc --addr_to_compressed $network`"
- fi
- LC_ALL=C route -A inet6 | grep "^$network" | while read destination nexthop flags metric ref use iface dummy; do
- if ! [ "$device" = "$iface" -a "$network" = "$destination" ]; then
- continue
- fi
- # Look for routes to a compatible IPv4 address, delete them
- if echo $nexthop | egrep -q '^::[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'; then
- ifdown_ipv6_route $destination $nexthop $iface
- fi
- # Look for routes to a IPv6to4 address, delete them
- if echo $nexthop | egrep -q '^2002::'; then
- ifdown_ipv6_route $destination $nexthop $iface
- fi
- done
- done
- fi
-
- # Delete 6to4 route
- ifdown_ipv6_route 2002::/16 :: sit0
-
# Delete all configured 6to4 address
- ifdown_ipv6to4_all sit0
+ ipv6_cleanup_6to4_tunnels tun6to4
+
+ # Control running radvd
+ ipv6_trigger_radvd down "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
# Delete all current configured IPv6 addresses on this interface
-ifdown_ipv6_real_all $DEVICE
+ipv6_cleanup_device $DEVICE
diff --git a/sysconfig/network-scripts/ifdown-sit b/sysconfig/network-scripts/ifdown-sit
index 1fa4dad9..521217ce 100755
--- a/sysconfig/network-scripts/ifdown-sit
+++ b/sysconfig/network-scripts/ifdown-sit
@@ -4,19 +4,20 @@
#
#
# Taken from:
-# (P) & (C) 2000-2001 by Peter Bieringer <pb@bieringer.de>
+# (P) & (C) 2000-2002 by Peter Bieringer <pb@bieringer.de>
+#
+# You will find more information in the IPv6-HowTo for Linux at
+# http://www.bieringer.de/linux/IPv6/
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
-# Version 2001-07-15a
+# Version 2002-01-25
#
# Uses following information from /etc/sysconfig/network:
# NETWORKING_IPV6=yes|no: controls IPv6 initialization (global setting)
#
-# Uses following information from "/etc/sysconfig/network-scripts/ifcfg-$1":
-# For static tunnels
-# IPV6TUNNELIPV4="<ipv4 address of foreign tunnel endpoint>"
-# IPV6ADDR=<ipv6address>/<prefixlength> [OPTIONAL: numbered tunnels]
+# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
+# DEVICE=<device>
#
@@ -29,10 +30,14 @@ cd /etc/sysconfig/network-scripts
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
-source_config
+source_config
+
+# IPv6 don't need aliases anymore, config is skipped
+REALDEVICE=`echo ${DEVICE} | sed 's/:.*//g'`
+[ "$DEVICE" != "$REALDEVICE" ] && exit 0
# Test whether IPv6 should be configured, else stop
-[ "${NETWORKING_IPV6}" = "yes" ] || exit 0
+[ "$NETWORKING_IPV6" = "yes" ] || exit 0
if [ ! -f /etc/sysconfig/network-scripts/network-functions-ipv6 ]; then
exit 1
@@ -41,28 +46,22 @@ fi
# Source IPv6 helper functions
. /etc/sysconfig/network-scripts/network-functions-ipv6
-# IPv6 test, no module loaded, exit if system is not IPv6-ready
-test_ipv6 testonly || exit 0
-# Delete IPv6-in-IPv4 tunnel(s)
+# Generic tunnel device sit0 is not supported here
if [ "$DEVICE" = "sit0" ]; then
- ifdown_ipv6_autotunnel
-elif [ ! -z "$IPV6TUNNELIPV4" ]; then
- if [ "$IPV6_TUNNELMODE" = "NBMA" ]; then
- if [ ! -z "$IPV6ADDR" ]; then
- ifdown_ipv6_real sit0 $IPV6ADDR
- fi
-
- # Cleanup all IPv6 tunnel configuration on specified interface and shut down sit0, if no longer used
- ifdown_ipv6_tunnel_all $DEVICE $IPV6TUNNELIPV4
+ echo $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking"
+ exit 1
+fi
- elif [ -z "$IPV6_TUNNELMODE" -o "$IPV6_TUNNELMODE" = "IP" ]; then
- # Delete all IPv6 routes and addresses
- ifdown_ipv6_real_all $DEVICE
+# IPv6 test, no module loaded, exit if system is not IPv6-ready
+ipv6_test testonly || exit 0
- # Shut down tunnel device
- ifdown_ipv6_tunneldev $DEVICE
- else
- echo $"Tunnel creation mode '$IPV6_TUNNELMODE' not supported - skip!"
- fi
+# Test device status
+ipv6_test_device_status $DEVICE
+if [ $? != 0 -a $? != 11 ]; then
+ # device doesn't exist or other problem occurs
+ exit 0
fi
+
+# Cleanup and shut down IPv6-in-IPv4 tunnel device
+ipv6_del_tunnel_device $DEVICE
diff --git a/sysconfig/network-scripts/ifup-ippp b/sysconfig/network-scripts/ifup-ippp
index 2f715796..4ddf67c9 100755
--- a/sysconfig/network-scripts/ifup-ippp
+++ b/sysconfig/network-scripts/ifup-ippp
@@ -345,10 +345,18 @@ function addprovider()
fi
fi
- ## Setup IPv6
- #if [ "${NETWORKING_IPV6}" = "yes" ]; then
- # /etc/sysconfig/network-scripts/ifup-ipv6 $DEVICE
- #fi
+ # Setup IPv6
+ if [ "${NETWORKING_IPV6}" = "yes" ]; then
+ if [ "$IPV6INIT" = "yes" -a ! -z "$IPV6ADDR" ]; then
+ # Native IPv6 use of device configured, check of encapsulation required
+ if [ "$ENCAP" = "syncppp" ]; then
+ echo $"Warning: ipppd (kernel 2.4.x and below) doesn't support IPv6 using encapsulation 'syncppp'"
+ elif [ "$ENCAP" = "rawip" ]; then
+ echo $"Warning: link doesn't support IPv6 using encapsulation 'rawip'"
+ fi
+ fi
+ /etc/sysconfig/network-scripts/ifup-ipv6 $DEVICE
+ fi
}
addprovider || exit 1
diff --git a/sysconfig/network-scripts/ifup-ipv6 b/sysconfig/network-scripts/ifup-ipv6
index cd5d0062..dc628341 100755
--- a/sysconfig/network-scripts/ifup-ipv6
+++ b/sysconfig/network-scripts/ifup-ipv6
@@ -4,19 +4,25 @@
#
#
# Taken from:
-# (P) & (C) 2000-2001 by Peter Bieringer <pb@bieringer.de>
+# (P) & (C) 2000-2002 by Peter Bieringer <pb@bieringer.de>
+#
+# You will find more information in the IPv6-HowTo for Linux at
+# http://www.bieringer.de/linux/IPv6/
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
-# Version 2001-07-16
+# Version 2002-01-25
+#
+# Note: if called (like normally) by /etc/sysconfig/network-scripts/ifup
+# exit codes aren't handled by "ifup"
#
# Uses following information from "/etc/sysconfig/network":
# NETWORKING_IPV6=yes|no: controls IPv6 initialization (global setting)
#
# Uses following information from "/etc/sysconfig/network-scripts/ifcfg-$1":
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
-# IPV6ADDR=<ipv6address>/<prefixlength>: specify primary static IPv6 address here
-# IPV6ADDR_SECONDARIES="<list of ipv6 addresses>" [optional]
+# IPV6ADDR=<IPv6 address>[/<prefix length>]: specify primary static IPv6 address
+# IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
# IPV6_ROUTER=yes|no: controls IPv6 autoconfiguration (no: multi-homed interface without routing)
# IPV6_AUTOCONF=yes|no: controls IPv6 autoconfiguration
# defaults:
@@ -24,16 +30,22 @@
# IPV6FORWARDING=no: IPV6_AUTOCONF=yes
# IPV6_MTU=<MTU for IPv6>: controls IPv6 MTU for this link [optional]
#
-# Optional for 6to4 tunneling:
+# Optional for 6to4 tunneling (hardwired name of tunnel device is "tun6to4"):
# IPV6TO4INIT=yes|no: controls 6to4 tunneling setup
-# IPV6TO4_RELAY=<ipv4address|ipv6to4address>: IPv4/IPv6to4 address of the remote 6to4 relay
-# IPV6TO4_IPV4ADDR=<ipv6address>: overwrite local IPv4 address [optional]
-# IPV6TO4_ROUTING="eth0-:f101::0/64 eth1-:f102::0/64": information to setup local subnetting
-# IPV6TO4_CONTROL_RADVD=yes|no: controls radvd triggering [optional]
-# IPV6TO4_RADVD_PIDFILE=file: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid" [optional]
+# IPV6TO4_RELAY=<IPv4 address>: IPv4 address of the remote 6to4 relay [default: 192.88.99.1]
+# IPV6TO4_IPV4ADDR=<IPv4 address>: overwrite local IPv4 address [optional]
+# IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ...": information to setup local subnetting
+# Example: IPV6TO4_ROUTING="eth0-:f101::0/64 eth1-:f102::0/64"
+#
+# Optional for 6to4 tunneling to trigger radvd:
+# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering [optional]
+# IPV6_RADVD_PIDFILE=<file>: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid" [optional]
+# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd [optional, default is SIGHUP]
#
-# Requirements for 6to4 if using radvd:
-# radvd-0.6.2p3 or newer supporting option "Base6to4Interface"
+# Required version of radvd to use 6to4 prefix recalculation
+# 0.6.2p3 or newer supporting option "Base6to4Interface"
+# Required version of radvd to use dynamic ppp links
+# 0.7.0 + fixes or newer
#
@@ -48,6 +60,10 @@ CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
+# IPv6 don't need aliases anymore, config is skipped
+REALDEVICE=`echo ${DEVICE} | sed 's/:.*//g'`
+[ "$DEVICE" != "$REALDEVICE" ] && exit 0
+
# Test whether IPv6 configuration is enabled for this interface, else stop
[ "$IPV6INIT" = "yes" ] || exit 0
@@ -61,17 +77,24 @@ fi
# Source IPv6 helper functions
. /etc/sysconfig/network-scripts/network-functions-ipv6
+
# IPv6 test, module loaded, exit if system is not IPv6-ready
-test_ipv6 || exit 1
+ipv6_test || exit 1
+
+# Test device status
+ipv6_test_device_status $DEVICE
+if [ $? != 0 -a $? != 11 ]; then
+ # device doesn't exist or other problem occurs
+ exit 1
+fi
-
# Setup IPv6 address on specified interface
if ! [ -z "$IPV6ADDR" ]; then
- ifup_ipv6_real $DEVICE $IPV6ADDR
+ ipv6_add_addr_on_device $DEVICE $IPV6ADDR || exit 1
fi
# Get current global IPv6 forwarding
-ipv6_global_forwarding_current="`sysctl -n net.ipv6.conf.all.forwarding`"
+ipv6_global_forwarding_current="`ipv6_exec_sysctl -n net.ipv6.conf.all.forwarding`"
# Set some proc switches depending on defines
if [ "$IPV6FORWARDING" = "yes" ]; then
@@ -80,7 +103,7 @@ if [ "$IPV6FORWARDING" = "yes" ]; then
# Check, if global IPv6 forwarding was already set by global script
if [ $ipv6_global_forwarding_current -ne 1 ]; then
echo $"Global IPv6 forwarding is enabled in configuration, but not currently enabled in kernel"
-# echo $"Please restart network with '/sbin/service network restart'"
+ echo $"Please restart network with '/sbin/service network restart'"
fi
ipv6_local_forwarding=1
@@ -97,7 +120,7 @@ else
# Check, if global IPv6 forwarding was already set by global script
if [ $ipv6_global_forwarding_current -ne 0 ]; then
echo $"Global IPv6 forwarding is disabled in configuration, but not currently disabled in kernel"
-# echo $"Please restart network with '/sbin/service network restart'"
+ echo $"Please restart network with '/sbin/service network restart'"
fi
ipv6_local_forwarding=0
@@ -106,124 +129,134 @@ else
ipv6_local_auto=0
fi
fi
-sysctl -w net.ipv6.conf.$DEVICE.forwarding=$ipv6_local_forwarding >/dev/null
-sysctl -w net.ipv6.conf.$DEVICE.accept_ra=$ipv6_local_auto >/dev/null
-sysctl -w net.ipv6.conf.$DEVICE.accept_redirects=$ipv6_local_auto >/dev/null
+ipv6_exec_sysctl -w net.ipv6.conf.$DEVICE.forwarding=$ipv6_local_forwarding >/dev/null
+ipv6_exec_sysctl -w net.ipv6.conf.$DEVICE.accept_ra=$ipv6_local_auto >/dev/null
+ipv6_exec_sysctl -w net.ipv6.conf.$DEVICE.accept_redirects=$ipv6_local_auto >/dev/null
# Set IPv6 MTU, if given
if [ ! -z "$IPV6_MTU" ]; then
ipv6_set_mtu $DEVICE $IPV6_MTU
fi
-# Setup additional IPv6 addresses from list
+# Setup additional IPv6 addresses from list, if given
if [ ! -z "$IPV6ADDR_SECONDARIES" ]; then
for ipv6addr in $IPV6ADDR_SECONDARIES; do
- ifup_ipv6_real $DEVICE $ipv6addr
+ ipv6_add_addr_on_device $DEVICE $ipv6addr
done
fi
-# Setup additional static IPv6 routes on specified interface
+# Setup default IPv6 route, check are done by function
+if [ ! -z "$IPV6_DEFAULTDEV" -o ! -z "$IPV6_DEFAULTGW" ]; then
+ ipv6_set_default_route "$IPV6_DEFAULTGW" "$IPV6_DEFAULTDEV" "$DEVICE"
+fi
+
+# Setup additional static IPv6 routes on specified interface, if given
if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
- grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device args; do
- ifup_ipv6_route $args $DEVICE
+ LC_ALL=C grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device args; do
+ ipv6_add_route $args $DEVICE
done
fi
# Setup of 6to4, if configured
if [ "$IPV6TO4INIT" = "yes" ]; then
valid6to4config="yes"
+
+ # Test device status of 6to4 tunnel
+ ipv6_test_device_status tun6to4
+ if [ $? = 0 ]; then
+ # device is already up
+ echo $"Device 'tun6to4' (from '$DEVICE') is already up, shutdown first"
+ exit 1
+ fi
+
+ # Get IPv4 address for local 6to4 prefix calculation
if [ ! -z "$IPV6TO4_IPV4ADDR" ]; then
# Take special configured from config file (precedence 1)
ipv4addr="$IPV6TO4_IPV4ADDR"
else
# Get IPv4 address from interface first (has precedence 2)
- ipv4addr="`LC_ALL=C ifconfig $DEVICE |grep "inet addr:" | tr : " " | awk '{ print $3 }'`"
+ ipv4addr="`ipv6_get_ipv4addr_of_device $DEVICE`"
if [ -z "$ipv4addr" ]; then
# Take configured from config file (precedence 3)
ipv4addr="$IPADDR"
fi
fi
if [ ! -z "$ipv4addr" ]; then
- if ! testipv4_globalusable $ipv4addr; then
- echo $"Given IPv4 address $ipv4addr is not a globally usable one, 6to4 configuration is not valid!"
+ if ! ipv6_test_ipv4_addr_global_usable $ipv4addr; then
+ echo $"Given IPv4 address '$ipv4addr' is not globally usable, 6to4 configuration is not valid"
valid6to4config="no"
fi
if [ -z "$IPV6TO4_RELAY" ]; then
- echo $"IPv6to4 configuration needs an IPv6to4 relay address, 6to4 configuration is not valid!"
- valid6to4config="no"
+ IPV6TO4_RELAY="192.88.99.1"
fi
- if [ "$valid6to4config" = "yes" ]; then
- if testipv4_globalusable $IPV6TO4_RELAY 2>/dev/null; then
- true
- elif testipv6_valid $IPV6TO4_RELAY; then
- relay6to4type="ipv6"
- if echo $IPV6TO4_RELAY | grep -q "^2002:"; then
- # IPv6 address is a 6to4 (further tests not be implemented at the moment)
- true
- else
- echo $"Given IPv6 address of relay is not a 6to4 one, 6to4 configuration is not valid!"
- valid6to4config="no"
- fi
- else
- echo $"Given address of relay is not a globally usable one, 6to4 configuration is not valid!"
- valid6to4config="no"
- fi
+
+ # Check/generate relay address
+ ipv6to4_relay="`ipv6_create_6to4_relay_address $IPV6TO4_RELAY`"
+ if [ $? -ne 0 ]; then
+ valid6to4config="no"
fi
else
- echo $"IPv6to4 configuration needs an IPv4 address on related interface or extra specified, 6to4 configuration is not valid!"
+ echo $"IPv6to4 configuration needs an IPv4 address on related interface or otherwise specified, 6to4 configuration is not valid"
valid6to4config="no"
fi
+
+ # Setup 6to4 tunnel (hardwired name is "tun6to4"), if config is valid
if [ "$valid6to4config" = "yes" ]; then
- ifup_ipv6to4 $DEVICE $ipv4addr
+ ipv6_add_6to4_tunnel tun6to4 $ipv4addr
+
+ # Add default route, if device matches
+ if [ "$IPV6_DEFAULTDEV" = "tun6to4" ]; then
+ if [ ! -z "$IPV6_DEFAULTGW" ]; then
+ echo $"Warning: interface 'tun6to4' does not support 'IPV6_DEFAULTGW', ignored"
+ fi
+ ipv6_set_default_route $ipv6to4_relay tun6to4
+ fi
# Add static routes
if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
- grep -w "^sit0" /etc/sysconfig/static-routes-ipv6 | while read device network dummy; do
- if [ "$relay6to4type" = "ipv6" ]; then
- # Foreign 6to4 relay gateway as IPv6to4
- ifup_ipv6_route $network $IPV6TO4_RELAY sit0
- else
- # Foreign 6to4 relay gateway as compatible IPv4
- ifup_ipv6_route $network ::$IPV6TO4_RELAY sit0
+ LC_ALL=C grep -w "^tun6to4" /etc/sysconfig/static-routes-ipv6 | while read device network gateway; do
+ if [ -z "$network" ]; then
+ continue
+ fi
+ if [ -z "$gateway" ]; then
+ gateway="$ipv6to4_relay"
fi
+ ipv6_add_route $network $ipv6to4_relay tun6to4
done
- fi
+ fi
+
+ # Cleanup autmatically generated autotunnel (not needed for 6to4)
+ ipv6_del_route "::/96" "::" tun6to4
+ ipv6_del_addr_on_device tun6to4 "::$ipv4addr/128"
- if [ "$IPV6TO4_CONTROL_RADVD" = "yes" ]; then
+ if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# RADVD is in use, so forwarding of IPv6 packets should be enabled, display warning
if [ $ipv6_global_forwarding_current -ne 1 ]; then
- echo $"Using 6to4 and RADVD IPv6 forwarding usually should be enabled, but it isn't!"
+ echo $"Using 6to4 and RADVD IPv6 forwarding usually should be enabled, but it isn't"
fi
- if [ -z "$IPV6TO4_RADVD_PIDFILE" ]; then
- IPV6TO4_RADVD_PIDFILE="/var/run/radvd/radvd.pid"
- fi
-
- # Send SIGHUP to radvd for prefix recalculation
- if [ -f "$IPV6TO4_RADVD_PIDFILE" ]; then
- pid="`cat $IPV6TO4_RADVD_PIDFILE`"
- if [ ! -z "$pid" ]; then
- echo $"Trigger RADVD for IPv6to4 prefix recalculation"
- kill -HUP $pid
- else
- false
- fi
- fi
if [ ! -z "$IPV6TO4_ROUTING" ]; then
- ipv6to4prefix="`create6to4prefix $ipv4addr`"
+ ipv6to4prefix="`ipv6_create_6to4_prefix $ipv4addr`"
if [ ! -z "$ipv6to4prefix" ]; then
# Add route to local networks
for devsuf in $IPV6TO4_ROUTING; do
dev="`echo $devsuf | awk -F- '{ print $1 }'`"
suf="`echo $devsuf | awk -F- '{ print $2 }'`"
- ifup_ipv6_route ${ipv6to4prefix}$suf :: $dev
+ ipv6_add_route ${ipv6to4prefix}$suf :: $dev
done
else
echo $"Error occured while calculating the IPv6to4 prefix"
fi
else
- echo $"RADVD control enabled, but config is not complete!"
+ echo $"radvd control enabled, but config is not complete"
fi
+
+ # Control running radvd
+ ipv6_trigger_radvd up "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
+ else
+ echo $"6to4 configuration is not valid"
+ exit 1
fi
fi
+
diff --git a/sysconfig/network-scripts/ifup-sit b/sysconfig/network-scripts/ifup-sit
index 15ed67cd..0ad99784 100755
--- a/sysconfig/network-scripts/ifup-sit
+++ b/sysconfig/network-scripts/ifup-sit
@@ -4,23 +4,24 @@
#
#
# Taken from:
-# (P) & (C) 2000-2001 by Peter Bieringer <pb@bieringer.de>
+# (P) & (C) 2000-2002 by Peter Bieringer <pb@bieringer.de>
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
-# Version 2001-07-17
+# Version 2002-01-25
#
-# Uses following information from "/etc/sysconfig/network":
+# Uses following information from /etc/sysconfig/network:
# NETWORKING_IPV6=yes|no: controls IPv6 initialization (global setting)
#
-# Uses following information from "/etc/sysconfig/network-scripts/ifcfg-$1":
+# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
+# DEVICE=<device>
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
-# IPV6_TUNNELMODE=IP|NBMA: mode of tunnel creation [default: IP]
# IPV6_MTU=<MTU for IPv6>: controls IPv6 MTU for this link [optional]
#
# For static tunnels
-# IPV6TUNNELIPV4="<ipv4 address of foreign tunnel endpoint>"
-# IPV6ADDR=<ipv6address>/<prefixlength> [OPTIONAL: numbered tunnels]
+# IPV6TUNNELIPV4=<IPv4 address>: IPv4 address of remote tunnel endpoint
+# IPV6TUNNELIPV4LOCAL=<IPv4 address>: (optional) local IPv4 address of tunnel
+# IPV6ADDR=<IPv6 address>[/<prefix length>]: (optional) local IPv6 address of a numbered tunnel
#
@@ -33,7 +34,11 @@ cd /etc/sysconfig/network-scripts
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
-source_config
+source_config
+
+# IPv6 don't need aliases anymore, config is skipped
+REALDEVICE=`echo ${DEVICE} | sed 's/:.*//g'`
+[ "$DEVICE" != "$REALDEVICE" ] && exit 0
# Test whether IPv6 configuration is enabled for this interface, else stop
[ "$IPV6INIT" = "yes" ] || exit 0
@@ -48,54 +53,50 @@ fi
# Source IPv6 helper functions
. /etc/sysconfig/network-scripts/network-functions-ipv6
+
# IPv6 test, module loaded, exit if system is not IPv6-ready
-test_ipv6 || exit 1
+ipv6_test || exit 1
-# Setup IPv6-in-IPv4 tunnel(s)
+# Generic tunnel device sit0 is not supported here
if [ "$DEVICE" = "sit0" ]; then
- ifup_ipv6_autotunnel || exit 1
+ echo $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking"
+ exit 1
+fi
+
+if [ -z "$IPV6TUNNELIPV4" ]; then
+ echo $"Missing remote IPv4 address of tunnel, configuration is not valid"
+ exit 1
+fi
+
+# Test device status
+ipv6_test_device_status $DEVICE
+if [ $? = 0 ]; then
+ # device is already up
+ echo $"Device '$DEVICE' is already up, please shutdown first"
+ exit 1
+fi
+
+# Create tunnel
+ipv6_add_tunnel_device $DEVICE $IPV6TUNNELIPV4 "" $IPV6TUNNELIPV4LOCAL || exit 1
+
+# Set IPv6 MTU, if given
+if [ ! -z "$IPV6_MTU" ]; then
+ ipv6_set_mtu $DEVICE $IPV6_MTU
+fi
+
+# Apply local IPv6 address, if given (numbered tunnel)
+if [ ! -z "$IPV6ADDR" ]; then
+ ipv6_add_addr_on_device $DEVICE $IPV6ADDR
+fi
+
+# Setup default IPv6 route, check are done by function
+if [ ! -z "$IPV6_DEFAULTDEV" -o ! -z "$IPV6_DEFAULTGW" ]; then
+ ipv6_set_default_route "$IPV6_DEFAULTGW" "$IPV6_DEFAULTDEV" "$DEVICE"
+fi
- # Set IPv6 MTU, if given
- if [ ! -z "$IPV6_MTU" ]; then
- ipv6_set_mtu $DEVICE $IPV6_MTU
- fi
-
-elif [ ! -z "$IPV6TUNNELIPV4" ]; then
- if [ "$IPV6_TUNNELMODE" = "NBMA" ]; then
- if [ ! -z "$IPV6ADDR" ]; then
- ifup_ipv6_real sit0 $IPV6ADDR
- fi
-
- # Add static IPv6 tunnel routes on specified virtual interface
- if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
- grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device ipv6route args; do
- ifup_ipv6_tunnel $DEVICE $IPV6TUNNELIPV4 $ipv6route
- done
- fi
-
- # Set IPv6 MTU, if given and in range
- if [ ! -z "$IPV6_MTU" ]; then
- ipv6_set_mtu sit0 $IPV6_MTU
- fi
-
- elif [ -z "$IPV6_TUNNELMODE" -o "$IPV6_TUNNELMODE" = "IP" ]; then
- ifup_ipv6_tunneldev $DEVICE $IPV6TUNNELIPV4 || exit 1
-
- # Set IPv6 MTU, if given and in range
- if [ ! -z "$IPV6_MTU" ]; then
- ipv6_set_mtu $DEVICE $IPV6_MTU
- fi
-
- if [ ! -z "$IPV6ADDR" ]; then
- ifup_ipv6_real $DEVICE $IPV6ADDR
- fi
-
- if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
- grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device ipv6route args; do
- ifup_ipv6_route $ipv6route :: $DEVICE
- done
- fi
- else
- echo $"Tunnel creation mode '$IPV6_TUNNELMODE' not supported - skip!"
- fi
+# Setup additional static IPv6 routes on specified interface, if given
+if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
+ LC_ALL=C grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device ipv6route args; do
+ ipv6_add_route $ipv6route :: $DEVICE
+ done
fi
diff --git a/sysconfig/network-scripts/init.ipv6-global b/sysconfig/network-scripts/init.ipv6-global
index aed005d8..fa380391 100755
--- a/sysconfig/network-scripts/init.ipv6-global
+++ b/sysconfig/network-scripts/init.ipv6-global
@@ -3,25 +3,30 @@
# init.ipv6-global
#
#
-# Taken from:
-# (P) & (C) 2001 by Peter Bieringer <pb@bieringer.de>
+# Taken from: init.ipv6-global
+# (P) & (C) 2001-2002 by Peter Bieringer <pb@bieringer.de>
+#
+# You will find more information in the IPv6-HowTo for Linux at
+# http://www.bieringer.de/linux/IPv6/
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
-# Version 2001-07-15a
+# Version 2002-01-25
#
# Calling parameters:
# $1: action (currently supported: start|stop|showsysctl)
# $2: position for start|stop (currently supported: pre|post)
#
-# Called by hooks from /etc/rc.d/init.d/network
+# Called by hooks from /etc/[rc.d/]init.d/network
#
# Uses following information from /etc/sysconfig/network:
# NETWORKING_IPV6=yes|no: controls global IPv6 initialization (default: no)
# IPV6FORWARDING=yes|no: controls global IPv6 forwarding (default: no)
-# IPV6AUTOCONF=yes|no: controls global automatic IPv6 configuration
+# IPV6_AUTOCONF=yes|no: controls global automatic IPv6 configuration
# (default: yes if IPV6FORWARDING=no, no if IPV6FORWARDING=yes)
# IPV6_AUTOTUNNEL=yes|no: controls automatic IPv6 tunneling (default: no)
+# IPV6_DEFAULTGW=<ipv6address[%interface]> [optional]
+# IPV6_DEFAULTDEV=<interface> [optional]
#
@@ -47,13 +52,14 @@ fi
# Source IPv6 helper functions
. /etc/sysconfig/network-scripts/network-functions-ipv6
+
# Initialize IPv6, depending on caller option
case $ACTION in
start)
case $POSITION in
pre)
# IPv6 test, module loaded, exit if system is not IPv6-ready
- test_ipv6 || exit 1
+ ipv6_test || exit 1
if [ "$IPV6FORWARDING" = "yes" ]; then
@@ -61,7 +67,7 @@ case $ACTION in
ipv6_global_auto=0
else
ipv6_global_forwarding=0
- if [ "$IPV6AUTO" = "no" ]; then
+ if [ "$IPV6_AUTOCONF" = "no" ]; then
ipv6_global_auto=0
else
ipv6_global_auto=1
@@ -69,44 +75,52 @@ case $ACTION in
fi
# Reset IPv6 sysctl switches for "all", "default" and still existing devices
- for i in /proc/sys/net/ipv6/conf/*; do
- if [ ! -d $i ]; then
- continue
- fi
- interface="`echo $i | awk -F/ '{ print $NF}'`"
+ sysctl -a | grep "^net\.ipv6\.conf\." | awk -F. '{ print $4 }' | sort | uniq | while read interface; do
# Host/Router behaviour for the interface
- sysctl -w net.ipv6.conf.$interface.forwarding=$ipv6_global_forwarding >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$interface.forwarding=$ipv6_global_forwarding >/dev/null
# Autoconfiguration and redirect handling for Hosts
- sysctl -w net.ipv6.conf.$interface.accept_ra=$ipv6_global_auto >/dev/null
- sysctl -w net.ipv6.conf.$interface.accept_redirects=$ipv6_global_auto >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$interface.accept_ra=$ipv6_global_auto >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$interface.accept_redirects=$ipv6_global_auto >/dev/null
done
-
- if [ "$IPV6_AUTOTUNNEL" = "yes" ]; then
- ifup_ipv6_autotunnel
- fi
;;
post)
# IPv6 test, module loaded, exit if system is not IPv6-ready
- test_ipv6 || exit 1
+ ipv6_test || exit 1
+ if [ "$IPV6_AUTOTUNNEL" = "yes" ]; then
+ ipv6_enable_autotunnel
+ # autotunnel interface doesn't require a MTU setup
+ fi
+
## Add some routes which should never appear on the wire
# Unreachable IPv4-only addresses, normally blocked by source address selection
- ip route add unreach ::ffff:0.0.0.0/96
+ ipv6_exec_ip route add unreach ::ffff:0.0.0.0/96
# Unreachable IPv4-mapped addresses
- ip route add unreach ::0.0.0.0/96
+ ipv6_exec_ip route add unreach ::0.0.0.0/96
# Unreachable 6to4: IPv4 multicast, reserved, limited broadcast
- ip route add unreach 2002:e000::/19
+ ipv6_exec_ip route add unreach 2002:e000::/19
# Unreachable 6to4: IPv4 loopback
- ip route add unreach 2002:7f00::/24
- # Unreachable 6to4: IPv4 private (RFC1918)
- ip route add unreach 2002:0a00::/24
- ip route add unreach 2002:ac10::/28
- ip route add unreach 2002:c0a8::/32
- # Unreachable 6to4: IPv4 private (DHCP link-local)
- ip route add unreach 2002:a9fe::/32
+ ipv6_exec_ip route add unreach 2002:7f00::/24
+ # Unreachable 6to4: IPv4 private (RFC 1918)
+ ipv6_exec_ip route add unreach 2002:0a00::/24
+ ipv6_exec_ip route add unreach 2002:ac10::/28
+ ipv6_exec_ip route add unreach 2002:c0a8::/32
+ # Unreachable 6to4: IPv4 private (APIPA / DHCP link-local)
+ ipv6_exec_ip route add unreach 2002:a9fe::/32
+ # Unreachable IPv6: 6bone test addresses
+ ipv6_exec_ip route add unreach 3ffe:ffff::/32
+
+ # Set default route for autotunnel, if specified
+ if [ "$IPV6_DEFAULTDEV" = "sit0" -a "$IPV6_AUTOTUNNEL" = "yes" ]; then
+ if [ ! -z "$IPV6_DEFAULTGW" ]; then
+ ipv6_set_default_route $IPV6_DEFAULTGW $IPV6_DEFAULTDEV sit0
+ elif [ ! -z "$IPV6_DEFAULTDEV" ]; then
+ ipv6_set_default_route "" $IPV6_DEFAULTDEV sit0
+ fi
+ fi
;;
*)
@@ -120,34 +134,30 @@ case $ACTION in
case $POSITION in
pre)
# IPv6 test, no module loaded, exit if system is not IPv6-ready
- test_ipv6 testonly || exit 0
+ ipv6_test testonly || exit 0
;;
post)
# IPv6 test, no module loaded, exit if system is not IPv6-ready
- test_ipv6 testonly || exit 0
+ ipv6_test testonly || exit 0
- for i in /proc/sys/net/ipv6/conf/*; do
- if [ ! -d $i ]; then
- continue
- fi
- interface="`echo $i | awk -F/ '{ print $NF}'`"
+ sysctl -a | grep "^net\.ipv6\.conf\." | awk -F. '{ print $4 }' | sort | uniq | while read interface; do
# Assume Host behaviour
- sysctl -w net.ipv6.conf.$interface.forwarding=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$interface.forwarding=0 >/dev/null
# Disable autoconfiguration and redirects
- sysctl -w net.ipv6.conf.$interface.accept_ra=0 >/dev/null
- sysctl -w net.ipv6.conf.$interface.accept_redirects=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$interface.accept_ra=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$interface.accept_redirects=0 >/dev/null
done
- # Find still existing tunnel devices and shutdown and delete them
- LC_ALL=C ip tunnel | grep "ipv6/ip" | awk -F: '{ print $1 }' | while read device; do
- ifdown_ipv6_tunneldev $device
- done
+ # Cleanup still existing tunnel devices
+ ipv6_cleanup_tunnel_devices
+ # Shut down generic tunnel interface now
+ ipv6_exec_ifconfig sit0 down
;;
*)
@@ -163,15 +173,11 @@ case $ACTION in
showsysctl)
# Run only basic tests, no module is loaded, if not ok, skip IPv6 initialization
- test_ipv6 testonly || exit 0
+ ipv6_test testonly || exit 0
# Show sysctl switches
- for i in /proc/sys/net/ipv6/conf/default/*; do
- if [ ! -f $i ]; then continue; fi
- switch="`echo $i | awk -F/ '{ print $NF}'`"
- for j in /proc/sys/net/ipv6/conf/*; do
- if [ ! -d $j ]; then continue; fi
- interface="`echo $j | awk -F/ '{ print $NF}'`"
+ sysctl -a | grep "^net\.ipv6\.conf\.default\." | awk -F. '{ print $5 }' | awk -F= '{ print $1 }' | sed 's/ //g' | while read switch; do
+ sysctl -a | grep "^net\.ipv6\.conf\." | awk -F. '{ print $4 }' | sort | uniq | while read interface; do
sysctl net.ipv6.conf.$interface.$switch
done
echo
@@ -179,7 +185,7 @@ case $ACTION in
;;
*)
- echo "Usage: $0 {start|stop|showsysctl}"
+ echo $"Usage: $0 {start|stop|reload|restart|showsysctl}"
exit 1
;;
diff --git a/sysconfig/network-scripts/network-functions-ipv6 b/sysconfig/network-scripts/network-functions-ipv6
index fc7b5254..dd1bd823 100644
--- a/sysconfig/network-scripts/network-functions-ipv6
+++ b/sysconfig/network-scripts/network-functions-ipv6
@@ -2,30 +2,170 @@
#
# network-functions-ipv6
#
-# Taken from:
-# (P) & (C) 1997-2001 by Peter Bieringer <pb@bieringer.de>
+# Taken from: network-functions-ipv6
+# (P) & (C) 1997-2002 by Peter Bieringer <pb@bieringer.de>
#
-# Version: 2001-07-17a
+# Version: 2002-01-25
#
# Extended address detection is enabled, if 'ipv6calc' is installed
# Available here: http://www.bieringer.de/linux/IPv6/tools/index.html#ipv6calc
#
+#
+
-# Return values
-# 0 = ok
-# 1 = error occurs
-# 2 = not enabled, i.e. no IPv6 kernel support or switched off by configuration
+##### Logging function
+# $1: <message> : message string
+# $2: [stdout|stderr].[err|warn[ing]|inf[o]|notice] : log level with optional channel, default is "stdout.notice"
+# [syslog.[facility.].err|warn[ing]|inf[o]|notice : syslog channel, default is "syslog.user.notice"
+# $3: <function name> : name of function which calls this log function, can be empty using ""
+# return code: 0=ok 1=argument error 3=major problem
+ipv6_log() {
+ local message="$1"
+ local level="$2"
+ local name="$3"
+
+ if [ -z "$message" ]; then
+ echo $"ERROR: [ipv6_log] Missing 'message' (arg 1)" >/dev/stderr
+ return 1
+ fi
+ if [ -z "$level" ]; then
+ local level="stdout.notice"
+ fi
+
+
+ # Map loglevel now
+ local fn=1
+ local fnawk="print \$$fn"
+ local t="`echo $level | awk -F. "{ $fnawk }"`"
+
+ # Check channel, if given
+ case $t in
+ 'stdout'|'stderr'|'syslog')
+ local channel="$t"
+ local fn=$[ $fn + 1 ]
+ ;;
+ *)
+ local channel="stdout"
+ ;;
+ esac
+
+ # Check syslog facilty, if given
+ if [ "$channel" = "syslog" ]; then
+ local fnawk="print \$$fn"
+ local t="`echo $level | awk -F. "{ $fnawk }"`"
+ case $t in
+ 'local0'|'local1'|'local2'|'local3'|'local4'|'local5'|'local6'|'local7'|'daemon')
+ local facility="$t"
+ local fn=$[ $fn + 1 ]
+ ;;
+ *)
+ local facility="user"
+ ;;
+ esac
+ fi
+
+ local fnawk="print \$$fn"
+ local t="`echo $level | awk -F. "{ $fnawk }"`"
+
+ # Map priority
+ [ "$t" = "inf" ] && local t="info"
+ [ "$t" = "deb" ] && local t="debug"
+ [ "$t" = "warning" ] && local t="warn"
+ [ "$t" = "error" ] && local t="err"
+ [ "$t" = "critical" ] && local t="crit"
+
+ # Check priority, if given
+ case $t in
+ 'info'|'debug'|'notice'|'warn'|'err'|'crit')
+ local priority="$t"
+ local fn=$[ $fn + 1 ]
+ ;;
+ *)
+ local priority="notice"
+ ;;
+ esac
+
+ local fnawk="print \$$fn"
+ local t="`echo $level | awk -F. "{ $fnawk }"`"
+ if [ ! -z "$t" ]; then
+ echo $"ERROR: [ipv6_log] Loglevel isn't valid '$level' (arg 2)" >/dev/stderr
+ return 1
+ fi
+
+ # Generate function text
+ if [ -z "$name" ]; then
+ local txt_name=""
+ else
+ local txt_name="[$name]"
+ fi
+
+ # Log message
+ case $channel in
+ 'stdout'|'stderr')
+ # Generate level text
+ case $priority in
+ 'debug')
+ local txt_level=$"DEBUG "
+ ;;
+ 'err')
+ local txt_level=$"ERROR "
+ ;;
+ 'warn')
+ local txt_level=$"WARN "
+ ;;
+ 'crit')
+ local txt_level=$"CRITICAL "
+ ;;
+ 'info')
+ local txt_level=$"INFO "
+ ;;
+ 'notice')
+ local txt_level=$"NOTICE "
+ ;;
+ esac
+
+ [ ! -z "$txt_name" ] && local txt_name="$txt_name "
+
+ if [ "$channel" = "stderr" ]; then
+ echo "$txt_level: ${txt_name}${message}" >/dev/stderr
+ elif [ "$channel" = "stdout" ]; then
+ echo "$txt_level: ${txt_name}${message}"
+ fi
+ ;;
+ 'syslog')
+
+ if [ ! -x logger ]; then
+ echo $"ERROR: [ipv6_log] Syslog is chosen, but binary 'logger' doesn't exist or isn't executable" >/dev/stderr
+ return 3
+ fi
+ if [ -z "$txt_name" ]; then
+ logger -p $facility.$priority $message
+ else
+ logger -p $facility.$priority -t "$txt_name" "$message"
+ fi
+ ;;
+ *)
+ echo $"ERROR: [ipv6_log] Cannot log to channel '$channel'" >/dev/stderr
+ return 3
+ ;;
+ esac
+
+ return 0
+}
+
+
+###### Beginning of main code here, always executed on "source|. network-functions-ipv6"
##### Test for "ipv6calc" (used for better existing address detection)
EXISTS_ipv6calc=no
if which ipv6calc >/dev/null 2>&1; then
- if ipv6calc --if_inet62addr 3ffe04000100f1010000000000000001 40 | grep -q -v '3ffe:400:100:f101::1/64'; then
+ if ipv6calc --if_inet62addr 3ffe04000100f1010000000000000001 40 | LC_ALL=C grep -q -v '3ffe:400:100:f101::1/64'; then
false
- elif ipv6calc --addr2if_inet6 3ffe:400:100::1/64 | grep -q -v '3ffe0400010000000000000000000001 00 40'; then
+ elif ipv6calc --addr2if_inet6 3ffe:400:100::1/64 | LC_ALL=C grep -q -v '3ffe0400010000000000000000000001 00 40'; then
false
else
EXISTS_ipv6calc=yes
@@ -35,12 +175,17 @@ EXISTS_ipv6calc=no
fi
+
+###### End of main code here
+
+
##### Test for IPv6 capabilites
# $1: (optional) testflag: currently supported: "testonly" (do not load a module)
-test_ipv6() {
- local testflag=$1
-
+# return code: 0=ok 2=IPv6 test fails
+ipv6_test() {
+ local fn="ipv6_test"
+ local testflag=$1
if ! [ -f /proc/net/if_inet6 ]; then
if [ "$testflag" = "testonly" ]; then
@@ -49,7 +194,7 @@ test_ipv6() {
modprobe ipv6
if ! [ -f /proc/net/if_inet6 ]; then
- echo $"Kernel is not compiled with IPv6 support"
+ ipv6_log $"Kernel is not compiled with IPv6 support" crit $fn
return 2
fi
fi
@@ -59,44 +204,95 @@ test_ipv6() {
return 2
fi
-
if ! which ip 2>&1 >/dev/null; then
- echo $"Utility 'ip' (from the iproute package) doesn't exist or isn't executable - non-NBMA-styled tunneling setup won't work!"
+ ipv6_log $"Utility 'ip' (from iproute-package) doesn't exist or isn't executable - stop" crit $fn
return 2
fi
-
return 0
}
##### Get version of this function libary
+# stdout: <version number YYYYMMDD>
getversion_ipv6_functions() {
- local version_ipv6_functions="`cat /etc/sysconfig/network-scripts/network-functions-ipv6 | grep "^# Version:" | awk '{ print $3 }' | sed 's/-//g' | sed 's/[A-Za-z]*$//g'`"
+ local version_ipv6_functions="`cat /etc/sysconfig/network-scripts/network-functions-ipv6 | LC_ALL=C grep "^# Version:" | awk '{ print $3 }' | sed 's/-//g' | sed 's/[A-Za-z]*$//g'`"
echo $version_ipv6_functions
}
+
+##### Wrapper for used binaries
+## ifconfig
+# $*: <arguments...>
+# return code: result of execution
+ipv6_exec_ifconfig() {
+ local options=$*
+
+ LC_ALL=C ifconfig $options 2>&1
+
+ return $?
+}
+
+
+## route
+# $*: <arguments...>
+# return code: result of execution
+ipv6_exec_route() {
+ local options=$*
+
+ LC_ALL=C route $options 2>&1
+
+ return $?
+}
+
+
+## ip
+# $*: <arguments...>
+# return code: result of execution
+ipv6_exec_ip() {
+ local options=$*
+
+ LC_ALL=C ip $options 2>&1
+
+ return $?
+}
+
+
+## sysctl
+# $*: <arguments...>
+# return code: result of execution
+ipv6_exec_sysctl() {
+ local options=$*
+
+ LC_ALL=C sysctl $options 2>&1
+
+ return $?
+}
+
+
##### Control IPv6 forwarding
# Control IPv6 forwarding
-# $1: control [yes|no|on|off]
-# $2: network device (if not given, global IPv6 forwarding is set) [OBSOLETE]
-forwarding_ipv6() {
+# $1: yes|no|on|off : control value
+# $2: [<interface>] : (optional), if not given, global IPv6 forwarding is set [OBSOLETE]
+# return code: 0=ok 1=argument error 2=IPv6 test fails
+ipv6_control_forwarding() {
+ local fn="ipv6_control_forwarding"
+
local fw_control=$1
local fw_device=$2 # maybe empty
if [ -z "$fw_control" ]; then
- echo $"Missing parameter 'forwarding control' (arg 1)"
+ ipv6_log $"Missing parameter 'forwarding control' (arg 1)" err $fn
return 1
fi
if ! [ "$fw_control" = "yes" -o "$fw_control" = "no" -o "$fw_control" = "on" -o "$fw_control" = "off" ]; then
- echo $"Don't understand forwarding control parameter '$fw_control' (arg 1)"
+ ipv6_log $"Forwarding control parameter isn't valid '$fw_control' (arg 1)" err $fn
return 1
fi
- test_ipv6 || return 2
-
+ ipv6_test || return 2
if [ "$fw_control" = "yes" -o "$fw_control" = "on" ]; then
local status=1
@@ -106,131 +302,146 @@ forwarding_ipv6() {
# Global control? (if no device is given)
if [ -z "$fw_device" ]; then
- sysctl -w net.ipv6.conf.all.forwarding=$status >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.all.forwarding=$status >/dev/null
fi
# Per device control (not implemented in kernel)
if [ ! -z "$fw_device" ]; then
- echo $"IPv6 forwarding per device cannot be controlled via sysctl - use netfilter6 instead!"
+ ipv6_log $"IPv6 forwarding per device cannot be controlled via sysctl - use netfilter6 instead" warn $fn
fi
+ return 0
}
##### Static IPv6 route configuration
# Set static IPv6 route
-# $1: IPv6 network to route
-# $2: IPv6 gateway over which $1 should be routed (if "::", gw will be skipped)
-# $3: Interface (optional)
-ifup_ipv6_route() {
+# $1: <IPv6 network> : to route
+# $2: <IPv6 gateway> : over which $1 should be routed (if "::", gw will be skipped)
+# $3: [<Interface>] : (optional)
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem adding route
+ipv6_add_route() {
+ local fn="ipv6_add_route"
+
local networkipv6=$1
local gatewayipv6=$2
local device=$3 # maybe empty
if [ -z "$networkipv6" ]; then
- echo $"Missing parameter 'IPv6-network' (arg 1)"
+ ipv6_log $"Missing parameter 'IPv6-network' (arg 1)" err $fn
return 1
fi
if [ -z "$gatewayipv6" ]; then
- echo $"Missing parameter 'IPv6-gateway' (arg 2)"
+ ipv6_log $"Missing parameter 'IPv6-gateway' (arg 2)" err $fn
return 1
fi
- test_ipv6 || return 2
+ ipv6_test || return 2
- testipv6_valid $networkipv6 || return 2
- testipv6_valid $gatewayipv6 || return 2
+ ipv6_test_ipv6_addr_valid $networkipv6 || return 2
+ ipv6_test_ipv6_addr_valid $gatewayipv6 || return 2
-
if [ -z "$device" ]; then
- local output="`LC_ALL=C route -A inet6 add $networkipv6 gw $gatewayipv6 2>&1`"
+ local returntxt="`ipv6_exec_ip -6 route add $networkipv6 via $gatewayipv6 metric 1`"
else
if [ "$gatewayipv6" = "::" ]; then
- local output="`LC_ALL=C route -A inet6 add $networkipv6 dev $device 2>&1`"
+ local returntxt="`ipv6_exec_ip -6 route add $networkipv6 dev $device metric 1`"
else
- local output="`LC_ALL=C route -A inet6 add $networkipv6 gw $gatewayipv6 dev $device 2>&1`"
+ local returntxt="`ipv6_exec_ip -6 route add $networkipv6 via $gatewayipv6 dev $device metric 1`"
fi
fi
- if [ $? -ne 0 ]; then
- if echo $output | grep -i -q 'SIOCADDRT: File exists'; then
+ if [ ! -z "$returntxt" ]; then
+ if echo $returntxt | grep -q "File exists"; then
+ # Netlink: "File exists"
true
- else
- echo $output
- return 2
+ elif echo $returntxt | grep -q "No route to host"; then
+ # Netlink: "No route to host"
+ ipv6_log $"'No route to host' adding route '$networkipv6' via gateway '$gatewayipv6' through device '$device'" warn $fn
+ return 3
+ else
+ ipv6_log $"Unknown error" warn $fn
+ return 3
fi
fi
return 0
}
+
# Delete a static IPv6 route
-# $1: IPv6 network to route
-# $2: IPv6 gateway over which $1 should be routed (if "::", gw will be skipped)
-# $3: Interface (optional)
-ifdown_ipv6_route() {
+# $1: <IPv6 network> : to route
+# $2: <IPv6 gateway> : over which $1 should be routed (if "::", gw will be skipped)
+# $3: [<Interface>] : (optional)
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem adding route
+ipv6_del_route() {
+ local fn="ipv6_del_route"
+
local networkipv6=$1
local gatewayipv6=$2
local device=$3 # maybe empty
if [ -z "$networkipv6" ]; then
- echo $"Missing parameter 'IPv6-network' (arg 1)"
+ ipv6_log $"Missing parameter 'IPv6-network' (arg 1)" err $fn
return 1
fi
if [ -z "$gatewayipv6" ]; then
- echo $"Missing parameter 'IPv6-gateway' (arg 2)"
+ ipv6_log $"Missing parameter 'IPv6-gateway' (arg 2)" err $fn
return 1
fi
- test_ipv6 || return 2
+ ipv6_test testonly || return 2
# Test, whether given IPv6 address is valid
- testipv6_valid $networkipv6 || return 2
- testipv6_valid $gatewayipv6 || return 2
+ ipv6_test_ipv6_addr_valid $networkipv6 || return 1
+ ipv6_test_ipv6_addr_valid $gatewayipv6 || return 1
-
if [ -z "$device" ]; then
- local output="`LC_ALL=C route -A inet6 del $networkipv6 gw $gatewayipv6 2>&1`"
+ ipv6_exec_ip -6 route del $networkipv6 via $gatewayipv6
+ local result=$?
else
if [ "$gatewayipv6" = "::" ]; then
- local output="`LC_ALL=C route -A inet6 del $networkipv6 dev $device 2>&1`"
+ ipv6_exec_ip -6 route del $networkipv6 dev $device
+ local result=$?
else
- local output="`LC_ALL=C route -A inet6 del $networkipv6 gw $gatewayipv6 dev $device 2>&1`"
+ ipv6_exec_ip -6 route del $networkipv6 via $gatewayipv6 dev $device
+ local result=$?
fi
fi
- if [ $? -ne 0 ]; then
- if echo $output | grep -i -q 'SIOCDELRT: No such process'; then
- true
- else
- echo $output
- return 2
- fi
+ if [ $result -eq 2 ]; then
+ # Netlink: "No such process"
+ true
+ elif [ $result -ne 0 ]; then
+ return 3
fi
return 0
}
+
# Delete all static IPv6 routes through a given interface
-# $1: Interface
-# $2: Gateway match (optional)
-ifdown_ipv6_route_all() {
+# $1: <Interface>
+# $2: [<Gateway>] : to match (optional)
+# return code: 0=ok 1=argument error 2=IPv6 test fails
+ipv6_cleanup_routes() {
+ local fn="ipv6_cleanup_routes"
+
local device=$1
local gatewaymatch=$2
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
- test_ipv6 || return 2
-
+ ipv6_test testonly || return 2
# Get all IPv6 routes through given interface and remove them
- LC_ALL=C route -A inet6 -n | grep "$device\W*$" | while read ipv6net nexthop flags metric ref use iface args; do
+ ipv6_exec_route -A inet6 -n | LC_ALL=C grep "$device\W*$" | while read ipv6net nexthop flags metric ref use iface args; do
if [ "$iface" = "$device" ]; then
if [ ! -z "$gatewaymatch" ]; then
# Test if given gateway matches
@@ -239,38 +450,41 @@ ifdown_ipv6_route_all() {
fi
fi
# Only non addrconf (automatic installed) routes should be removed
- if echo $flags | grep -v -q "A"; then
- local output="`LC_ALL=C route -A inet6 del $ipv6net gw $nexthop dev $iface 2>&1`"
+ if echo $flags | LC_ALL=C grep -v -q "A"; then
+ ipv6_exec_route -A inet6 del $ipv6net gw $nexthop dev $iface
fi
fi
done
+ return 0
}
##### automatic tunneling configuration
## Configure automatic tunneling up
-ifup_ipv6_autotunnel() {
- test_ipv6 || return 2
+# return code: 0=ok 2=IPv6 test fails 3=major problem
+ipv6_enable_autotunnel() {
+ local fn="ipv6_enable_autotunnel"
+ ipv6_test || return 2
# enable IPv6-over-IPv4 tunnels
- if test_interface_status sit0; then
+ if ipv6_test_device_status sit0; then
true
else
# bring up basic tunnel device
- ifconfig sit0 up
+ ipv6_exec_ifconfig sit0 up
- if ! test_interface_status sit0; then
- echo $"Tunnel device 'sit0' enabling didn't work - FATAL ERROR!"
- return 2
+ if ! ipv6_test_device_status sit0; then
+ ipv6_log $"Tunnel device 'sit0' enabling didn't work" err $fn
+ return 3
fi
- # Set sysctls proper (regardless "default")
- sysctl -w net.ipv6.conf.sit0.forwarding=1 >/dev/null
- sysctl -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null
- sysctl -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null
+ # Set sysctls proper (regardless "default")
+ ipv6_exec_sysctl -w net.ipv6.conf.sit0.forwarding=1 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null
fi
return 0
@@ -278,30 +492,32 @@ ifup_ipv6_autotunnel() {
## Configure automatic tunneling down
-ifdown_ipv6_autotunnel() {
- test_ipv6 || return 2
+# return code: 0=ok 2=IPv6 test fails 3=major problem
+ipv6_disable_autotunnel() {
+ local fn="ipv6_disable_autotunnel"
+ ipv6_test testonly || return 2
- if test_interface_status sit0; then
+ if ipv6_test_device_status sit0; then
# disable IPv6-over-IPv4 tunnels (if a tunnel is no longer up)
- if LC_ALL=C route -A inet6 -n | grep "sit0\W*$" | awk '{ print $2 }' | grep -v -q "^::$"; then
+ if ipv6_exec_route -A inet6 -n | LC_ALL=C grep "sit0\W*$" | awk '{ print $2 }' | LC_ALL=C grep -v -q "^::$"; then
# still existing routes, skip shutdown of sit0
true
- elif LC_ALL=C ip addr show dev sit0 | grep inet6 | awk '{ print $2 }' | grep -v -q '^::'; then
+ elif ipv6_exec_ip addr show dev sit0 | LC_ALL=C grep inet6 | awk '{ print $2 }' | LC_ALL=C grep -v -q '^::'; then
# still existing IPv6 addresses, skip shutdown of sit0
true
else
# take down basic tunnel device
- sysctl -w net.ipv6.conf.sit0.forwarding=0 >/dev/null
- sysctl -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null
- sysctl -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.sit0.forwarding=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null
- ifconfig sit0 down
+ ipv6_exec_ifconfig sit0 down
- if test_interface_status sit0; then
- echo $"Tunnel device 'sit0' is still up - FATAL ERROR!"
- return 2
+ if ipv6_test_device_status sit0; then
+ ipv6_log $"Tunnel device 'sit0' is still up" err $fn
+ return 3
fi
fi
fi
@@ -310,298 +526,251 @@ ifdown_ipv6_autotunnel() {
}
-##### static NBMA-styled tunnel configuration
-
-## Configure static tunnels up
-# $1: Interface (not needed - dummy)
-# $2: IPv4 address of foreign tunnel
-# $3: IPv6 route through this tunnel
-ifup_ipv6_tunnel() {
- local device=$1
- local addressipv4tunnel=$2
- local routeipv6=$3
-
- if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
- return 1
- fi
-
- if [ -z "$addressipv4tunnel" ]; then
- echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
- return 1
- fi
-
- if [ -z "$routeipv6" ]; then
- echo $"Missing parameter 'IPv6-route' (arg 3)"
- return 1
- fi
-
- test_ipv6 || return 2
-
-
- # Test, whether given IPv6 address is valid
- testipv6_valid $routeipv6 || return 2
-
-
- # enable general IPv6-over-IPv4 tunneling
- ifup_ipv6_autotunnel
- if [ $? -ne 0 ]; then
- return 2
- fi
-
- # Set up a tunnel
- ifup_ipv6_route $routeipv6 ::$addressipv4tunnel sit0
- if [ $? -ne 0 ]; then
- return 2
- fi
-
- return 0
-}
-
-
-## Configure static tunnels down
-# $1: Interface (not used - dummy)
-# $2: IPv4 address of foreign tunnel
-# $3: IPv6 route through this tunnel
-ifdown_ipv6_tunnel() {
- local device=$1
- local addressipv4tunnel=$2
- local routeipv6=$3
-
- if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
- return 1
- fi
-
- if [ -z "$addressipv4tunnel" ]; then
- echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
- return 1
- fi
-
- if [ -z "$routeipv6" ]; then
- echo $"Missing parameter 'IPv6-route' (arg 3)"
- return 1
- fi
-
- test_ipv6 || return 2
-
-
-
- # Delete a NBMA-styled tunnel
- ifdown_ipv6_route $routeipv6 ::$addressipv4tunnel sit0
- if [ $? -ne 0 ]; then
- return 2
- fi
-
- # disable IPv6-over-IPv4 tunneling (if this was the last tunnel)
- ifdown_ipv6_autotunnel
-
-}
-
-
-## Remove all IPv6 tunnels for a given tunnel endpoint
-# $1: Interface (not used - dummy)
-# $2: IPv4-tunnel address
-ifdown_ipv6_tunnel_all() {
- local idtuall_device=$1
- local idtuall_tunnel=$2
-
- if [ -z "$idtuall_device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
- return 1
- fi
-
- if [ -z "$idtuall_tunnel" ]; then
- echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
- return 1
- fi
-
- test_ipv6 || return 2
-
-
- # Get all IPv6 routes through given interface and remove them
- LC_ALL=C route -A inet6 -n | grep "::$idtuall_tunnel" | while read ipv6net nexthop flags metric ref use iface args; do
- if [ "::$idtuall_tunnel" = "$nexthop" ]; then
- if echo $flags | grep -v -q "A"; then
- # Only non addrconf (automatic installed) routes should be removed
- ifdown_ipv6_tunnel $idtuall_device $idtuall_tunnel $ipv6net
- fi
- fi
- done
-
- # disable IPv6-over-IPv4 tunneling (if this was the last tunnel)
- ifdown_ipv6_autotunnel
- return 0
-}
-
##### Test, whether an IPv6 address exists on an interface
-# $1: Device for testing
-# $2: Address to test (without prefix)
-# $3: Prefix of address $1
-# return values: 1:problem, 10:not exists, 11:exits
-test_ipv6_address_exists() {
+# $1: <Interface> : to testing
+# $2: <IPv6 Address> : to test (without prefix length)
+# $3: <Prefix length> : of address $2
+# return values: 0=ok (exists) 1=argument error 3=major problem 10=not exists
+ipv6_test_addr_exists_on_device() {
+ local fn="ipv6_test_addr_exists_on_device"
+
local testdevice=$1
local testaddr=$2
local testprefix=$3
+ if [ -z "$testdevice" ]; then
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
+ return 1
+ fi
if [ -z "$testaddr" ]; then
- echo $"Missing parameter 'IPv6AddrToTest' (arg 2)"
+ ipv6_log $"Missing parameter 'IPv6 address to test' (arg 2)" err $fn
+ return 1
+ fi
+ if [ -z "$testprefix" ]; then
+ ipv6_log $"Missing parameter 'IPv6 address prefix length' (arg 3)" err $fn
return 1
fi
+ ipv6_test testonly || return 2
if [ "$EXISTS_ipv6calc" = "yes" ]; then
# Using ipv6calc and compare against /proc/net/if_inet6
local convertresult="`ipv6calc --addr2if_inet6 $testaddr/$testprefix`"
+
# Split in address, scope and prefix length
local test_addr="`echo $convertresult | awk '{ print $1 }'`"
local test_scope="`echo $convertresult | awk '{ print $2 }'`"
local test_prefixlength="`echo $convertresult | awk '{ print $3 }'`"
if [ -z "$test_prefixlength" ]; then
- local testresult="`grep "$test_addr .. .. $test_scope .." /proc/net/if_inet6 | grep $testdevice$`"
+ local testresult="`LC_ALL=C grep "$test_addr .. .. $test_scope .." /proc/net/if_inet6 | LC_ALL=C grep $testdevice$`"
else
- local testresult="`grep "$test_addr .. $test_prefixlength $test_scope .." /proc/net/if_inet6 | grep $testdevice$`"
+ local testresult="`LC_ALL=C grep "$test_addr .. $test_prefixlength $test_scope .." /proc/net/if_inet6 | LC_ALL=C grep $testdevice$`"
fi
if [ ! -z "$testresult" ]; then
- return 11
+ # exists
+ return 0
else
+ # not exits
return 10
fi
else
# low budget version, only works if given address is in equal form like "ip" displays
- local testresult="`LC_ALL=C ip addr show dev $testdevice | grep inet6 | awk '{ print $2 }' | grep -i "^$testaddr/$testprefix$"`"
+ local testresult="`ipv6_exec_ip addr show dev $testdevice | LC_ALL=C grep inet6 | awk '{ print $2 }' | LC_ALL=C grep -i "^$testaddr/$testprefix$"`"
if [ ! -z "$testresult" ]; then
- return 11
+ # exits
+ return 0
else
+ # not exits
return 10
fi
fi
+
+ # Normally this lines not reached
+ return 3
+}
+
+
+##### Test, whether an IPv6 address with given prefix exists on an interface
+# $1: <Interface> : to test
+# $2: <Prefix>
+# return values: 0=ok (exists) 1=argument error 3=major problem 10=not exists
+ipv6_test_addrprefix_exists_on_device() {
+ local fn="ipv6_test_addr_prefix_exists_on_device"
+
+ local testdevice=$1
+ local testaddrprefix=$2
+
+ if [ -z "$testdevice" ]; then
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
+ return 1
+ fi
+ if [ -z "$testaddrprefix" ]; then
+ ipv6_log $"Missing parameter 'IPv6 address prefix' (arg 2)" err $fn
+ return 1
+ fi
+
+ ipv6_test testonly || return 2
+
+ # For the moment: low budget version, only works if given address is in equal form like "ip" displays
+ local testresult="`ipv6_exec_ip addr show dev $testdevice | LC_ALL=C grep inet6 | awk '{ print $2 }' | LC_ALL=C grep -i "^$testaddrprefix:"`"
+ if [ ! -z "$testresult" ]; then
+ # exists
+ return 0
+ else
+ # not exists
+ return 10
+ fi
+
+ # Normally this lines not reached
+ return 3
}
+
##### Interface configuration
## Add an IPv6 address for given interface
-# $1: Interface
-# $2: IPv6 address
-ifup_ipv6_real() {
+# $1: <Interface>
+# $2: <IPv6 address>
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_add_addr_on_device() {
+ local fn="ipv6_add_addr_on_device"
+
local device=$1
local address=$2
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
- ifupdown_ipv6_usage
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
if [ -z "$address" ]; then
- echo $"Missing parameter 'IPv6-address' (arg 2)"
- ifupdown_ipv6_usage
+ ipv6_log $"Missing parameter 'IPv6-address' (arg 2)" err $fn
return 1
fi
- test_ipv6 || return 2
+ ipv6_test || return 2
+
+ ipv6_test_ipv6_addr_valid $address || return 1
- testipv6_valid $address || return 2
+ ipv6_test_device_status $device
+ local result=$?
- if test_interface_status $device; then
+ if [ "$result" = "0" ]; then
true
+ elif [ "$result" != "11" ]; then
+ ipv6_log $"Device '$device' doesn't exist" err $fn
+ return 3
else
- ifconfig $device up
+ ipv6_exec_ifconfig $device up
if ! test_interface_status $device; then
- echo $"Device '$device' enabling didn't work - FATAL ERROR!"
- return 2
+ ipv6_log $"Device '$device' enabling didn't work" err $fn
+ return 3
fi
fi
-
# Extract address parts
local prefixlength_implicit="`echo $address | awk -F/ '{ print $2 }'`"
local address_implicit="`echo $address | awk -F/ '{ print $1 }'`"
+ # Check prefix length and using '64' as default
+ if [ -z "$prefixlength_implicit" ]; then
+ local prefixlength_implicit="64"
+ local address="$address_implicit/$prefixlength_implicit"
+ fi
+
# Only add if address does not already exist
- test_ipv6_address_exists $device $address_implicit $prefixlength_implicit
- retval=$?
- if [ $retval -lt 10 ]; then
- return 2
+ ipv6_test_addr_exists_on_device $device $address_implicit $prefixlength_implicit
+ local result=$?
+
+ if [ $result -ne 0 -a $result -ne 10 ]; then
+ return 3
fi
- if [ $retval -eq 11 ]; then
+ if [ $result -eq 0 ]; then
true
else
- ifconfig $device add $address || return 2
+ ipv6_exec_ifconfig $device inet6 add $address || return 3
fi
return 0
}
-## Remove all IPv6 routes and addresses for given interface
-# cleanup to prevent kernel crashes
-# $1: Interface
-ifdown_ipv6_real_all() {
+## Remove all IPv6 routes and addresses on given interface (cleanup to prevent kernel crashes)
+# $1: <Interface>
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_cleanup_device() {
+ local fn="ipv6_cleanup_device"
+
local device=$1
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
- test_ipv6 || return 2
-
+ ipv6_test testonly || return 2
# Remove all IPv6 routes through this device (but not "lo")
- if [ "$device" != "lo" ]; then
- ip -6 route flush dev $device >/dev/null 2>&1
- fi
+ if [ "$device" != "lo" ]; then
+ ipv6_exec_ip -6 route flush dev $device >/dev/null 2>&1
+ fi
# Remove all IPv6 addresses on this interface
- ip -6 addr flush dev $device >/dev/null 2>&1
+ ipv6_exec_ip -6 addr flush dev $device >/dev/null 2>&1
return 0
}
## Remove an IPv6 address on given interface
-# $1: Interface
-# $2: IPv6 address
-ifdown_ipv6_real() {
+# $1: <Interface>
+# $2: <IPv6 address>
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_del_addr_on_device() {
+ local fn="ipv6_del_addr_on_device"
+
local device=$1
local address=$2
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
- ifupdown_ipv6_usage
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
if [ -z "$address" ]; then
- echo $"Missing parameter 'IPv6-address' (arg 2)"
- ifupdown_ipv6_usage
+ ipv6_log $"Missing parameter 'IPv6 address' (arg 2)" err $fn
return 1
fi
- test_ipv6 || return 2
-
- testipv6_valid $address || return 2
+ ipv6_test testonly || return 2
+ ipv6_test_ipv6_addr_valid $address || return 1
# Extract address parts
local prefixlength_implicit="`echo $address | awk -F/ '{ print $2 }'`"
local address_implicit="`echo $address | awk -F/ '{ print $1 }'`"
+ # Check prefix length and using '64' as default
+ if [ -z "$prefixlength_implicit" ]; then
+ local prefixlength_implicit="64"
+ local address="$address_implicit/$prefixlength_implicit"
+ fi
+
# Only remove, if address exists and is not link-local (prevents from kernel crashing)
- test_ipv6_address_exists $device $address_implicit $prefixlength_implicit
- local retval=$?
- if [ $retval -lt 10 ]; then
- return 2
+ ipv6_test_addr_exists_on_device $device $address_implicit $prefixlength_implicit
+ local result=$?
+
+ if [ $result -ne 0 -a $result -ne 10 ]; then
+ return 3
fi
- if [ $retval -eq 11 ]; then
- ifconfig $device del $address || return 2
+ if [ $result -eq 0 ]; then
+ ipv6_exec_ifconfig $device inet6 del $address || return 3
else
true
fi
@@ -612,15 +781,24 @@ ifdown_ipv6_real() {
##### Some address test functions
-## Test a given IPv6 address for valid
-# $1: IPv6 address
-# Return code =0:valid 1:not valid 2:general problem
-testipv6_valid() {
- local testipv6addr_valid=$1
+## Test a given IPv6 address for validity
+# $1: <IPv6 address>
+# $2: [quiet] : (optional) don't display error message
+# return code: 0=ok 1=argument error 10=not valid
+ipv6_test_ipv6_addr_valid() {
+ local fn="ipv6_test_ipv6_addr_valid"
+ local testipv6addr_valid=$1
+ local modequiet=$2
if [ -z "$testipv6addr_valid" ]; then
- return 2
+ return 1
+ fi
+ if [ ! -z "$modequiet" ]; then
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"Parameter '$modequiet' for 'quiet' mode is not valid (arg 2)" err $fn
+ return 1
+ fi
fi
# Extract parts
@@ -629,102 +807,166 @@ testipv6_valid() {
if [ "$EXISTS_ipv6calc" = "yes" ]; then
if ! ipv6calc --addr2uncompaddr $testipv6addr_valid >/dev/null 2>&1; then
- echo $"Given IPv6 address '$testipv6addr_valid' is not valid"
- return 1
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"Given IPv6 address '$testipv6addr_valid' is not valid" err $fn
+ fi
+ return 10
fi
else
# Test for a valid format
- if ! echo "$address_implicit" | egrep -q '^[a-fA-F0-9:\.]*$'; then
- echo $"Given IPv6 address '$testipv6addr_valid' is not valid"
- return 1
+ if ! echo "$address_implicit" | LC_ALL=C egrep -q '^[:xdigit:]|[:\.]*$'; then
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"Given IPv6 address '$testipv6addr_valid' is not valid" err $fn
+ fi
+ return 10
fi
fi
# Test for prefix length
if [ -z "$prefixlength_implicit" ]; then
- if echo "$testipv6addr_valid" | grep "/$"; then
+ if echo "$testipv6addr_valid" | LC_ALL=C grep "/$"; then
# Trailing "/", but no value
- echo $"Missing 'prefix length' for given address '$testipv6addr_valid'"
- return 1
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"Missing prefix length for given address '$testipv6addr_valid'" err $fn
+ fi
+ return 10
else
return 0
fi
elif [ $prefixlength_implicit -lt 0 -o $prefixlength_implicit -gt 128 ]; then
- echo $"'prefix length' on given address '$testipv6addr_valid' is out of range (0-128)"
- return 1
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"On given address '$testipv6addr_valid' the prefix length is out of range (valid: 0-128)" err $fn
+ fi
+ return 10
fi
return 0
}
+## Test a given IPv4 address for validity
+# $1: <IPv4 address>
+# $2: [quiet] : (optional) don't display error message
+# return code: 0=ok 1=argument error 10=not valid
+ipv6_test_ipv4_addr_valid() {
+ local fn="ipv6_test_ipv4_addr_valid"
+
+ local testipv4addr_valid=$1
+ local modequiet=$2
+
+ if [ -z "$testipv4addr_valid" ]; then
+ return 1
+ fi
+ if [ ! -z "$modequiet" ]; then
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"Parameter '$modequiet' for 'quiet' mode is not valid (arg 2)" err $fn
+ return 1
+ fi
+ fi
+
+ # Test for a valid format
+ if echo "$testipv4addr_valid" | LC_ALL=C egrep -q -v '^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'; then
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"Given IPv4 address '$testipv4addr_valid' has no proper format" err $fn
+ fi
+ return 10
+ fi
+
+ # Test for valid IPv4 address parts
+ local number1="`echo $testipv4addr_valid | awk -F. '{ print $1 }'`"
+ local number2="`echo $testipv4addr_valid | awk -F. '{ print $2 }'`"
+ local number3="`echo $testipv4addr_valid | awk -F. '{ print $3 }'`"
+ local number4="`echo $testipv4addr_valid | awk -F. '{ print $4 }'`"
+ local c=1
+ for number in "$number1" "$number2" "$number3" "$number4"; do
+ if [ $number -lt 0 -o $number -gt 255 ]; then
+ if [ "$modequiet" != "quiet" ]; then
+ ipv6_log $"Part $c of given IPv4 address '$testipv4addr_valid' is out of range" err $fn
+ fi
+ return 10
+ fi
+ local c=$[ $c + 1 ]
+ done
+
+ return 0
+}
## Test a given IPv4 address for not a private but unicast one
-# $1: IPv4 address
-# Return code =0:ok 1:private or not unicast 2:general problem
-testipv4_globalusable() {
+# $1: <IPv4 address>
+# return code: 0=ok 1=argument error 10=private or not unicast
+ipv6_test_ipv4_addr_global_usable() {
+ local fn="ipv6_test_ipv4_addr_global_usable"
+
local testipv4addr_globalusable=$1
if [ -z "$testipv4addr_globalusable" ]; then
- return 2
+ return 1
fi
-
# Test for a globally usable IPv4 address now
# test 0.0.0.0/8
- ipcalc --network $testipv4addr_globalusable 255.0.0.0 | grep -q "NETWORK=0\.0\.0\.0" && return 1
- # test 10.0.0.0/8 (private)
- ipcalc --network $testipv4addr_globalusable 255.0.0.0 | grep -q "NETWORK=10\.0\.0\.0" && return 1
- # test 127.0.0.0/8 (loopback)
- ipcalc --network $testipv4addr_globalusable 255.0.0.0 | grep -q "NETWORK=127\.0\.0\.0" && return 1
- # test 169.254.0.0/16 (DHCP link local)
- ipcalc --network $testipv4addr_globalusable 255.255.0.0 | grep -q "NETWORK=169\.254\.0\.0" && return 1
- # test 172.16.0.0/12 (private)
- ipcalc --network $testipv4addr_globalusable 255.240.0.0 | grep -q "NETWORK=172\.16\.0\.0" && return 1
- # test 192.168.0.0/16 (private)
- ipcalc --network $testipv4addr_globalusable 255.255.0.0 | grep -q "NETWORK=192\.168\.0\.0" && return 1
- # test 224.0.0.0/3 (multicast and reserved, broadcast)
- ipcalc --network $testipv4addr_globalusable 224.0.0.0 | grep -q "NETWORK=224\.0\.0\.0" && return 1
+ ipcalc --network $testipv4addr_globalusable 255.0.0.0 | LC_ALL=C grep -q "NETWORK=0\.0\.0\.0" && return 10
+ # test 10.0.0.0/8 (RFC 1918 / private)
+ ipcalc --network $testipv4addr_globalusable 255.0.0.0 | LC_ALL=C grep -q "NETWORK=10\.0\.0\.0" && return 10
+ # test 127.0.0.0/8 (loopback)
+ ipcalc --network $testipv4addr_globalusable 255.0.0.0 | LC_ALL=C grep -q "NETWORK=127\.0\.0\.0" && return 10
+ # test 169.254.0.0/16 (APIPA / DHCP link local)
+ ipcalc --network $testipv4addr_globalusable 255.255.0.0 | LC_ALL=C grep -q "NETWORK=169\.254\.0\.0" && return 10
+ # test 172.16.0.0/12 (RFC 1918 / private)
+ ipcalc --network $testipv4addr_globalusable 255.240.0.0 | LC_ALL=C grep -q "NETWORK=172\.16\.0\.0" && return 10
+ # test 192.168.0.0/16 (RFC 1918 / private)
+ ipcalc --network $testipv4addr_globalusable 255.255.0.0 | LC_ALL=C grep -q "NETWORK=192\.168\.0\.0" && return 10
+ # test 224.0.0.0/3 (multicast and reserved, broadcast)
+ ipcalc --network $testipv4addr_globalusable 224.0.0.0 | LC_ALL=C grep -q "NETWORK=224\.0\.0\.0" && return 10
return 0
}
## Test a given device for status
-# $1: device name
-# Return code =0:UP 1:not UP 2:not exists
-test_interface_status() {
+# $1: <Interface>
+# return code: 0=ok 1=argument error 10=not exists 11=down
+ipv6_test_device_status() {
+ local fn="ipv6_test_device_status"
+
local device=$1
if [ -z "$device" ]; then
- echo $"Missing parameter 'device'"
- echo $"Usage: ifdown_ipv6to4_all interfacename"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
# Test if device exists
- if ! LC_ALL=C ifconfig $device >/dev/null 2>&1 ; then
- return 2
+ if ! ipv6_exec_ifconfig $device >/dev/null; then
+ # not exists
+ return 10
fi
# Test if device is up
- if LC_ALL=C ifconfig $device 2>&1 | grep -q "UP "; then
+ if ipv6_exec_ifconfig $device | LC_ALL=C grep -q "UP "; then
+ # up
return 0
else
- return 1
+ # down
+ return 11
fi
}
-## Build 6to4 prefix
-# $1: IPv4 address
-# RetVal: 6to4address
-# Returncode 0=ok 1=failure 2=general problem
-create6to4prefix() {
+## Create 6to4 prefix
+# $1: <IPv4 address>
+# stdout: <6to4address>
+# return code: 0=ok 1=argument error
+ipv6_create_6to4_prefix() {
+ local fn="ipv6_create_6to4_prefix"
+
local ipv4addr=$1
+ if [ -z "$ipv4addr" ]; then
+ ipv6_log $"Missing parameter 'IPv4 address' (arg 1)" stderr.err $fn
+ fi
local major1="`echo $ipv4addr | awk -F. '{ print $1 }'`"
local minor1="`echo $ipv4addr | awk -F. '{ print $2 }'`"
@@ -732,7 +974,7 @@ create6to4prefix() {
local minor2="`echo $ipv4addr | awk -F. '{ print $4 }'`"
if [ -z "$major1" -o -z "$minor1" -o -z "$major2" -o -z "$minor2" ]; then
- return 2
+ return 1
fi
if [ $major1 -eq 0 ]; then
@@ -753,37 +995,77 @@ create6to4prefix() {
}
+## Check and create 6to4 tunnel relay address
+# $1: <IPv4 address|IPv6to4 address>
+# stdout: <tunnel relay address>
+# return code: 0=ok 1=argument error
+ipv6_create_6to4_relay_address() {
+ local fn="ipv6_create_6to4_relay_address"
+
+ local addr=$1
+
+ if [ -z "$addr" ]; then
+ ipv6_log $"Missing parameter 'address' (arg 1)" stderr.err $fn
+ return 1
+ fi
+
+ # Check
+ if ipv6_test_ipv4_addr_valid $addr quiet; then
+ # ok, a IPv4 one
+ if ipv6_test_ipv4_addr_global_usable $addr; then
+ # IPv4 globally usable
+ local ipv6to4_relay="::$addr"
+ else
+ ipv6_log $"Given address '$addr' is not a global IPv4 one (arg 1)" stderr.err $fn
+ return 1
+ fi
+ else
+ ipv6_log $"Given address '$addr' is not a valid IPv4 one (arg 1)" stderr.err $fn
+ return 1
+ fi
+
+ echo "$ipv6to4_relay"
+
+ return 0
+}
+
+
##### 6to4 tunneling setup
## Configure 6to4 tunneling up
-# $1: Interface (not needed - dummy)
-# $2: global IPv4 address of local interface
-# $3: IPv6 suffix for 6to4 prefix (optional, default is "1")
-# ReturnCodes 0=ok 1=failure 2=general problem
-ifup_ipv6to4() {
- local device=$1 # dummy
+# $1: <Interface> : only "tun6to4" is supported
+# $2: <IPv4 address> : global address of local interface
+# $3: [<IPv6 suffix>] : for 6to4 prefix (optional, default is "::1")
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_add_6to4_tunnel() {
+ local fn="ipv6_add_6to4_tunnel"
+
+ local device=$1
local localipv4=$2
local localipv6to4suffix=$3
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
- ifupdown_ipv6to4_usage
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
if [ -z "$localipv4" ]; then
- echo $"Missing parameter 'local IPv4 address' (arg 2)"
- ifupdown_ipv6to4_usage
+ ipv6_log $"Missing parameter 'local IPv4 address' (arg 2)" err $fn
return 1
fi
- test_ipv6 || return 2
+ # Check device
+ if [ "$device" != "tun6to4" ]; then
+ ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn
+ return 1
+ fi
+ ipv6_test || return 2
# Generate 6to4 address
- local prefix6to4="`create6to4prefix $localipv4`"
+ local prefix6to4="`ipv6_create_6to4_prefix $localipv4`"
if [ $? -ne 0 -o -z "$prefix6to4" ]; then
- return 2
+ return 3
fi
if [ -z "$localipv6to4suffix" ]; then
@@ -792,69 +1074,76 @@ ifup_ipv6to4() {
local address6to4="${prefix6to4}::${localipv6to4suffix}/16"
fi
- # Enable general IPv6-over-IPv4 tunneling
- ifup_ipv6_autotunnel
-
- ifup_ipv6_real sit0 $address6to4
- if [ $? -ne 0 ]; then
- return 2
- fi
+ ipv6_add_tunnel_device tun6to4 0.0.0.0 $address6to4 $ipv4addr
+ if [ $? -ne 0 ]; then
+ local retval=3
+ else
+ local retval=0
+ fi
- return 0
+ return $retval
}
## Configure all 6to4 tunneling down
-# $1: Interface (not needed - dummy)
-# ReturnCodes 0=ok 1=failure 2=general problem
-ifdown_ipv6to4_all() {
- local device=$1 # dummy
+# $1: <Interface> : only "tun6to4" is supported
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_cleanup_6to4_tunnels() {
+ local fn="ipv6_cleanup_6to4_tunnels"
+
+ local device=$1
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
- test_ipv6 || return 2
-
+ # Check device
+ if [ "$device" != "tun6to4" ]; then
+ ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn
+ return 1
+ fi
- # Get all configured 6to4 addresses and delete them
- LC_ALL=C ip addr show dev sit0 | grep inet6 | awk '{ print $2 }' | grep "^2002:" | while read ipv6to4addr; do
- ifdown_ipv6_real sit0 $ipv6to4addr
- done
+ ipv6_test testonly || return 2
- # Try to disable general IPv6-over-IPv4 tunneling
- ifdown_ipv6_autotunnel
+ ipv6_del_tunnel_device tun6to4
-}
+ return 0
+}
## Configure 6to4 tunneling down
-# $1: Interface (not needed - dummy)
-# $2: global IPv4 address of local interface
-# ReturnCodes 0=ok 1=failure 2=general problem
-ifdown_ipv6to4() {
- local device=$1 # dummy
+# $1: <Interface> : only "tun6to4" is supported
+# $2: <IPv4 address> : global address of local interface
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_del_6to4_tunnel() {
+ local fn="ipv6_del_6to4_tunnel"
+
+ local device=$1
local localipv4=$2
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
if [ -z "$localipv4" ]; then
- echo $"Missing parameter 'local IPv4 address' (arg 2)"
+ ipv6_log $"Missing parameter 'local IPv4 address' (arg 2)" err $fn
return 1
fi
- test_ipv6 || return 2
+ # Check device
+ if [ "$device" != "tun6to4" ]; then
+ ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn
+ return 1
+ fi
+ ipv6_test || return 2
# generate 6to4 address
- local prefix6to4="`create6to4prefix $localipv4`"
- echo $"Generated 6to4 prefix '$prefix6to4' from '$localipv4'"
+ local prefix6to4="`ipv6_create_6to4_prefix $localipv4`"
if [ $? -ne 0 -o -z "$prefix6to4" ]; then
- return 2
+ return 3
fi
if [ -z "$localipv6to4suffix" ]; then
@@ -863,121 +1152,120 @@ ifdown_ipv6to4() {
local address6to4="${prefix6to4}::${localipv6to4suffix}/16"
fi
- ifdown_ipv6_real sit0 $address6to4
- if [ $? -ne 0 ]; then
- return 2
- fi
-
- # Try to disable general IPv6-over-IPv4 tunneling
- ifdown_ipv6_autotunnel
- if [ $? -ne 0 ]; then
- return 2
- fi
+ ipv6_del_tunnel_device tun6to4
+ local retval=$?
- return 0
+ return $retval
}
-##### static tunnel device configuration
-
## Configure a static tunnel device up
-# $1: Interface
-# $2: IPv4 address of foreign tunnel
-# $3: Local IPv6 address of a P-t-P tunnel (optional)
-ifup_ipv6_tunneldev() {
+# $1: <Interface>
+# $2: <IPv4 address> : of foreign tunnel
+# $3: [<IPv6 address>] : local one of a P-t-P tunnel (optional)
+# $4: [<IPv4 address>] : local one of tunnel (optional)
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_add_tunnel_device() {
+ local fn="ipv6_add_tunnel_device"
+
local device=$1
local addressipv4tunnel=$2
local addressipv6local=$3
-
+ local addressipv4tunnellocal=$4
+
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
if [ -z "$addressipv4tunnel" ]; then
- echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
+ ipv6_log $"Missing parameter 'IPv4-tunnel address' (arg 2)" err $fn
return 1
fi
- test_ipv6 || return 2
-
+ if [ -z "$addressipv4tunnellocal" ]; then
+ local addressipv4tunnellocal="any"
+ fi
+
+ ipv6_test || return 2
+ if ! ipv6_test_device_status $device; then
+ local ttldefault="`ipv6_exec_sysctl net.ipv4.ip_default_ttl | awk '{ print $3 }'`"
+ if [ -z "$ttldefault" ]; then
+ local ttldefault=64
+ fi
- if ! test_interface_status $device; then
- local ttldefault="`sysctl net.ipv4.ip_default_ttl | awk '{ print $3 }'`"
- if [ -z "$ttldefault" ]; then
- local ttldefault=64
- fi
-
- # Test whether remote IPv4 address was already applied to another tunnel (does not catch IPv4 addresses with leading 0's)
- LC_ALL=C ip tunnel show | grep $addressipv4tunnel | while read dev type tag remote tag local tag ttl rest; do
- local devnew="`echo $dev | sed 's/:$//g'`"
- if [ "$remote" = "$addressipv4tunnel" ]; then
- echo $"Given remote address '$addressipv4tunnel' on tunnel device '$device' is already configured on device '$devnew' - FATAL ERROR!"
- return 2
- fi
- done
- if [ $? -ne 0 ]; then
- return 2
+ # Test whether remote IPv4 address was already applied to another tunnel (does not catch IPv4 addresses with leading 0's)
+ ipv6_exec_ip tunnel show 2>/dev/null | LC_ALL=C grep $addressipv4tunnel | while read dev type tag remote tag local tag ttl rest; do
+ local devnew="`echo $dev | sed 's/:$//g'`"
+ if [ "$remote" = "$addressipv4tunnel" ]; then
+ ipv6_log $"Given remote address '$addressipv4tunnel' on tunnel device '$device' is already configured on device '$devnew'" err $fn
+ return 3
fi
+ done
+ if [ $? -ne 0 ]; then
+ return 3
+ fi
- ip tunnel add $device mode sit ttl $ttldefault remote $addressipv4tunnel
+ ipv6_exec_ip tunnel add $device mode sit ttl $ttldefault remote $addressipv4tunnel local $addressipv4tunnellocal
- # Test, whether "ip tunnel show" works without error
- ip tunnel show $device >/dev/null 2>&1
- if [ $? -ne 0 ]; then
- echo $"Tunnel device '$device' creation didn't work - ERROR!"
- return 2
- fi
+ # Test, whether "ip tunnel show" works without error
+ ipv6_exec_ip tunnel show $device >/dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ ipv6_log $"Tunnel device '$device' creation didn't work" err $fn
+ return 3
+ fi
- # Test, whether "ip tunnel show" reports valid content
- if ! ip tunnel show $device | grep -q "remote"; then
- echo $"Tunnel device '$device' creation didn't work - ERROR!"
- return 2
- fi
+ # Test, whether "ip tunnel show" reports valid content
+ if ! ipv6_exec_ip tunnel show $device | LC_ALL=C grep -q "remote"; then
+ ipv6_log $"Tunnel device '$device' creation didn't work" err $fn
+ return 3
+ fi
- ifconfig $device up
+ ipv6_exec_ifconfig $device up
- if ! test_interface_status $device; then
- echo $"Tunnel device '$device' bringing up didn't work - ERROR!"
- return 2
- fi
+ if ! ipv6_test_device_status $device; then
+ ipv6_log $"Tunnel device '$device' bringing up didn't work" err $fn
+ return 3
+ fi
- # Set sysctls proper (regardless "default")
- sysctl -w net.ipv6.conf.$device.forwarding=1 >/dev/null
- sysctl -w net.ipv6.conf.$device.accept_ra=0 >/dev/null
- sysctl -w net.ipv6.conf.$device.accept_redirects=0 >/dev/null
+ # Set sysctls proper (regardless "default")
+ ipv6_exec_sysctl -w net.ipv6.conf.$device.forwarding=1 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$device.accept_ra=0 >/dev/null
+ ipv6_exec_sysctl -w net.ipv6.conf.$device.accept_redirects=0 >/dev/null
- if [ ! -z "$addressipv6local" ]; then
- # Setup P-t-P address
- ifup_ipv6_real $device $addressipv6local
- if [ $? -ne 0 ]; then
- return 2
- fi
+ if [ ! -z "$addressipv6local" ]; then
+ # Setup P-t-P address
+ ipv6_add_addr_on_device $device $addressipv6local
+ if [ $? -ne 0 ]; then
+ return 3
fi
- else
- false
fi
+ else
+ false
+ fi
return 0
}
## Configure a static tunnel device down
-# $1: Interface
-ifdown_ipv6_tunneldev() {
+# $1: <Interface>
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_del_tunnel_device() {
+ local fn="ipv6_del_tunnel_device"
+
local device=$1
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
- test_ipv6 || return 2
+ ipv6_test testonly || return 2
-
- if test_interface_status $device; then
- ifdown_ipv6_real_all $device
+ if ipv6_test_device_status $device; then
+ ipv6_cleanup_device $device
else
if [ "$device" != "sit0" ]; then
false
@@ -985,11 +1273,11 @@ ifdown_ipv6_tunneldev() {
fi
if [ "$device" != "sit0" ]; then
- if ip tunnel | grep -q "^$device:" ; then
- ip tunnel del $device
+ if ipv6_exec_ip tunnel 2>/dev/null | LC_ALL=C grep -q "^$device:" ; then
+ ipv6_exec_ip tunnel del $device
- if test_interface_status $device; then
- false
+ if ipv6_test_device_status $device; then
+ return 3
fi
else
false
@@ -997,31 +1285,372 @@ ifdown_ipv6_tunneldev() {
fi
return 0
+}
+
+
+## Cleanup all dedicated tunnel devices
+ipv6_cleanup_tunnel_devices() {
+ local fn="ipv6_cleanup_tunnel_devices"
+
+ ipv6_test testonly || return 2
+
+ # Find still existing tunnel devices and shutdown and delete them
+
+ ipv6_exec_ip tunnel | grep "ipv6/ip" | awk -F: '{ print $1 }' | while read device; do
+ ipv6_del_tunnel_device $device
+ done
+
+ return 0
+}
+
+
+## Get address of a dedicated tunnel
+# $1: <Interface>
+# $2: local|remote : local or remote address
+# stdout: <IPv4 address> if available
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_get_ipv4addr_of_tunnel() {
+ local fn="ipv6_get_local_ipv4_of_tunnel"
+
+ local device=$1
+ local selection=$2
+
+ if [ -z "$device" ]; then
+ ipv6_log $"Missing parameter 'device' (arg 1)" stderr.err $fn
+ return 1
+ fi
+
+ if [ -z "$selection" ]; then
+ ipv6_log $"Missing parameter 'selection' (arg 2)" stderr.err $fn
+ return 1
+ fi
+ if [ "$selection" != "local" -a "$selection" != "remote" ]; then
+ ipv6_log $"Unsupported selection '$selection' specified (arg 2)" stderr.err $fn
+ return 1
+ fi
+
+ ipv6_test testonly || return 2
+
+ ipv6_test_device_status $device
+
+ if [ $? != 0 -a $? != 11 ]; then
+ # Device doesn't exist
+ return 3
+ fi
+
+ # Device exists, retrieve address
+ if [ "$selection" = "local" ]; then
+ local tunnel_local_ipv4addr="`ipv6_exec_ip tunnel show $device | awk '{ print $6 }'`"
+ elif [ "$selection" = "remote" ]; then
+ local tunnel_local_ipv4addr="`ipv6_exec_ip tunnel show $device | awk '{ print $4 }'`"
+ fi
+
+ if [ $? != 0 ]; then
+ return 3
+ fi
+
+ if [ "$tunnel_local_ipv4addr" = "any" ]; then
+ local tunnel_local_ipv4addr="0.0.0.0"
+ fi
+
+ echo "$tunnel_local_ipv4addr"
+
+ return 0
+}
+
+
+## Get IPv4 address of a device
+# $1: <Interface>
+# stdout: <IPv4 address> if available
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_get_ipv4addr_of_device() {
+ local fn="ipv6_get_ipv4addr_of_device"
+
+ local device=$1
+
+ if [ -z "$device" ]; then
+ ipv6_log $"Missing parameter 'device' (arg 1)" stderr.err $fn
+ return 1
+ fi
+
+ ipv6_test_device_status $device
+
+ if [ $? != 0 -a $? != 11 ]; then
+ # Device doesn't exist
+ return 3
+ fi
+
+ # Device exists, retrieve address
+ local ipv4addr="`ipv6_exec_ip -4 addr show dev $device | grep -w "inet" | awk '{ print $2 }' | awk -F/ '{ print $1 }'`"
+
+ if [ $? != 0 ]; then
+ return 3
+ fi
+
+ if [ "$ipv4addr" = "any" ]; then
+ local ipv4addr="0.0.0.0"
+ fi
+
+ echo "$ipv4addr"
+
+ return 0
}
## Set IPv6 MTU for a device
-# $1: Interface
-# $2: IPv6 MTU
+# $1: <Interface>
+# $2: <IPv6 MTU>
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_set_mtu() {
+ local fn="ipv6_set_mtu"
+
local device=$1
local ipv6_mtu=$2
if [ -z "$device" ]; then
- echo $"Missing parameter 'device' (arg 1)"
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
return 1
fi
if [ -z "$ipv6_mtu" ]; then
- echo $"Missing parameter 'IPv6 MTU' (arg 2)"
+ ipv6_log $"Missing parameter 'IPv6 MTU' (arg 2)" err $fn
return 1
fi
# Check range
if [ $ipv6_mtu -lt 1280 -o $ipv6_mtu -gt 65535 ]; then
- echo $"Given IPv6 MTU is out of range"
+ ipv6_log $"Given IPv6 MTU '$ipv6_mtu' is out of range" err $fn
return 1
fi
- sysctl -w net.ipv6.conf.$device.mtu=$ipv6_mtu >/dev/null
+ ipv6_test testonly || return 2
+
+ # Check whether key exists
+ ipv6_exec_sysctl net.ipv6.conf.$device.mtu=$ipv6_mtu >/dev/null 2>&1
+ if [ $? -ne 0 ]; then
+ return 3
+ fi
+
+ # Set value
+ ipv6_exec_sysctl -w net.ipv6.conf.$device.mtu=$ipv6_mtu >/dev/null
+
+ return 0
+}
+
+
+## Set a default gateway
+# $1: <IPv6 Address> : gateway, can also contain scope suffix (device name), cause a warning if not matching with $2 (but will have precedence)
+# $2: <gateway device>: specified gateway device (has
+# $3: <check device>: (optional) device to check scope and gateway device against (setup is skipped, if not matching)
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
+ipv6_set_default_route() {
+ local fn="ipv6_set_default_route"
+
+ local address=$1
+ local device=$2
+ local device_check=$3
+
+ ipv6_test testonly || return 2
+
+ # Map the unspecified address to nothing
+ if [ "$address" = "::" ]; then
+ local address=""
+ fi
+
+ if [ ! -z "$address" ]; then
+ local addressgw=`echo $address | awk -F% '{ print $1 }'`
+ local device_scope=`echo $address | awk -F% '{ print $2 }'`
+
+ if [ -z "$addressgw" ]; then
+ ipv6_log $"Given IPv6 default gateway '$address' is not in proper format" err $fn
+ return 3
+ fi
+
+ # Scope device has precedence
+ if [ ! -z "$device_scope" -a ! -z "$device" -a "$device_scope" != "$device" ]; then
+ ipv6_log $"Given IPv6 default gateway '$address' has scope '$device_scope' defined, given default gateway device '$device' will be not used" inf $fn
+ local device=""
+ fi
+
+ # Link local addresses require a device
+ if echo $addressgw | LC_ALL=C grep -qi "^fe80:"; then
+ if [ -z "$device_scope" ]; then
+ if [ -z "$device" ]; then
+ ipv6_log $"Given IPv6 default gateway '$address' is link-local, but no scope or gateway device is specified" err $fn
+ return 3
+ fi
+ fi
+ fi
+
+ # Check whether the route belongs to the specific given interface
+ if [ ! -z "$device_check" ]; then
+ # Check whether scope device matches given check device
+ if [ ! -z "$device_scope" -a "$device_check" != "$device_scope" ]; then
+ # scope device != specific given -> skip
+ return 0
+ elif [ ! -z "$device" -a "$device_check" != "$device" ]; then
+ # gateway device != specific given -> skip
+ return 0
+ fi
+ fi
+
+ # Set device now, if given
+ if [ -z "$device" ]; then
+ local device="$device_scope"
+ fi
+
+ if [ -z "$device" ]; then
+ # Note: this can cause a warning and a not installed route, if given address is not reachable on the link
+ #ipv6_add_route ::/0 $addressgw
+ ipv6_add_route 2000::/3 $addressgw
+ else
+ #ipv6_add_route ::/0 $addressgw $device
+ ipv6_add_route 2000::/3 $addressgw $device
+ fi
+ elif [ ! -z "$device" ]; then
+ # Check whether the route belongs to the specific given interface
+ if [ ! -z "$device_check" -a "$device_check" != "$device" ]; then
+ # gateway device != specific given -> skip
+ return 0
+ fi
+
+ ipv6_test_route_requires_next_hop $device
+ local result=$?
+
+ if [ $result = 0 ]; then
+ ipv6_log $"Given IPv6 default device '$device' requires an explicit nexthop" err $fn
+ return 3
+ elif [ $result != 10 ]; then
+ ipv6_log $"Given IPv6 default device '$device' doesn't exist or isn't up" err $fn
+ return 3
+ fi
+
+ #ipv6_add_route ::/0 :: $device
+ ipv6_add_route 2000::/3 :: $device
+ else
+ ipv6_log $"No parameters given to setup a default route" err $fn
+ return 3
+ fi
+
+ return 0
+}
+
+
+## Resolve need of explicit next hop for an interface
+# $1: <Interface>
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem 10=needs no explicit hop
+ipv6_test_route_requires_next_hop() {
+ local fn="ipv6_test_route_requires_next_hop"
+
+ local device=$1
+
+ if [ -z "$device" ]; then
+ ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
+ return 1
+ fi
+
+ ipv6_test testonly || return 2
+
+ ipv6_test_device_status $device
+
+ if [ $? != 0 ]; then
+ return 3
+ fi
+
+ if [ "$device" = "sit0" ]; then
+ return 10
+ fi
+
+ if ipv6_exec_ip link show $device | LC_ALL=C grep -q "POINTOPOINT"; then
+ return 10
+ fi
+
+ return 0
+}
+
+
+## Trigger radvd
+# $1: up|down : device reason for triggering (coming up or going down)
+# $2: [startstop|restart|reload|SIGHUP] : triger mechanism (default is "SIGHUP")
+# "startstop" : reason=up -> start, reason=down -> stop
+# $3: [<filename>] : alternative pid file [optional]
+# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem 10=need no explicit hop
+ipv6_trigger_radvd() {
+ local fn="ipv6_trigger_radvd"
+
+ local reason=$1
+ local mechanism=$2
+ local pidfile=$3
+
+ if [ -z "$reason" ]; then
+ ipv6_log $"No reason given for sending trigger to radvd" err $fn
+ return 1
+ fi
+
+ if [ "$reason" != "up" -a "$reason" != "down" ]; then
+ ipv6_log $"Unsupported reason '$reason' for sending trigger to radvd" err $fn
+ return 1
+ fi
+
+ if [ -z "$mechanism" ]; then
+ # Take default
+ local mechanism="SIGHUP"
+ fi
+
+ if [ -z "$pidfile" ]; then
+ local pidfile="/var/run/radvd/radvd.pid"
+ fi
+
+ # Print message and select action
+ case $mechanism in
+ 'startstop')
+ case $reason in
+ up)
+ local action="start"
+ ;;
+ down)
+ local action="stop"
+ ;;
+ esac
+ ;;
+ 'reload'|'restart'|'SIGHUP')
+ local action="$mechanism"
+ ;;
+ *)
+ ipv6_log $"Unsupported mechanism '$mechanism' for sending trigger to radvd" err $fn
+ return 3
+ ;;
+ esac
+
+ # PID file needed?
+ if [ "$action" = "SIGHUP" ]; then
+ if [ ! -f "$pidfile" ]; then
+ ipv6_log $"Given pidfile '$pidfile' doesn't exist, cannot send trigger to radvd" err $fn
+ return 3
+ fi
+
+ # Get PID
+ local pid="`cat $pidfile`"
+ if [ -z "$pid" ]; then
+ # pidfile empty - strange
+ ipv6_log $"Pidfile '$pidfile' is empty, cannot send trigger to radvd" err $fn
+ return 3
+ fi
+ fi
+
+
+ # Do action
+ case $action in
+ 'SIGHUP')
+ kill -HUP $pid
+ ;;
+ 'reload'|'restart'|'stop'|'start')
+ service radvd $action >/dev/null 2>&1
+ ;;
+ *)
+ # Normally not reached, "action" is set above to proper value
+ ;;
+ esac
+
+ return 0
}