diff options
Diffstat (limited to 'sysconfig')
| -rwxr-xr-x | sysconfig/network-scripts/ifdown-eth | 25 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifdown-ipsec | 86 | ||||
| -rw-r--r-- | sysconfig/network-scripts/ifdown-ipv6 | 7 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifdown-routes | 10 | ||||
| -rw-r--r-- | sysconfig/network-scripts/ifdown-sit | 4 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifdown-tunnel | 2 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup | 18 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-aliases | 20 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-ctc | 2 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-eth | 73 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-ipsec | 279 | ||||
| -rw-r--r-- | sysconfig/network-scripts/ifup-ipv6 | 46 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-ipx | 2 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-routes | 39 | ||||
| -rw-r--r-- | sysconfig/network-scripts/ifup-sit | 10 | ||||
| -rwxr-xr-x | sysconfig/network-scripts/ifup-tunnel | 4 | ||||
| -rw-r--r-- | sysconfig/network-scripts/network-functions | 63 | ||||
| -rw-r--r-- | sysconfig/network-scripts/network-functions-ipv6 | 267 | ||||
| -rw-r--r-- | sysconfig/readonly-root | 2 |
19 files changed, 265 insertions, 694 deletions
diff --git a/sysconfig/network-scripts/ifdown-eth b/sysconfig/network-scripts/ifdown-eth index 711d3284..684cef73 100755 --- a/sysconfig/network-scripts/ifdown-eth +++ b/sysconfig/network-scripts/ifdown-eth @@ -42,13 +42,13 @@ if [ -n "${HWADDR}" -a -z "${MACADDR}" ]; then if [ -n "${NEWCONFIG}" ]; then eval $(LANG=C grep -F "DEVICE=" $NEWCONFIG) else - echo $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring." + net_log $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring." exit 1 fi if [ -n "${NEWCONFIG}" -a "${NEWCONFIG##*/}" != "${CONFIG##*/}" -a "${DEVICE}" = "${REALDEVICE}" ]; then exec /sbin/ifdown ${NEWCONFIG} else - echo $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring." + net_log $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring." exit 1 fi fi @@ -60,8 +60,25 @@ if is_bonding_device ${DEVICE} ; then is_ignored_file "$device" && continue /sbin/ifdown ${device##*/} done - for target in $(cat /sys/class/net/${DEVICE}/bonding/arp_ip_target) ; do - echo "-${target}" > /sys/class/net/${DEVICE}/bonding/arp_ip_target + for arg in $BONDING_OPTS ; do + key=${arg%%=*}; + [[ "${key}" != "arp_ip_target" ]] && continue + value=${arg##*=}; + if [ "${value:0:1}" != "" ]; then + OLDIFS=$IFS; + IFS=','; + for arp_ip in $value; do + if grep -q $arp_ip /sys/class/net/${DEVICE}/bonding/arp_ip_target; then + echo "-$arp_ip" > /sys/class/net/${DEVICE}/bonding/arp_ip_target + fi + done + IFS=$OLDIFS; + else + value=${value#+}; + if grep -q $value /sys/class/net/${DEVICE}/bonding/arp_ip_target; then + echo "-$value" > /sys/class/net/${DEVICE}/bonding/arp_ip_target + fi + fi done fi diff --git a/sysconfig/network-scripts/ifdown-ipsec b/sysconfig/network-scripts/ifdown-ipsec deleted file mode 100755 index 85133784..00000000 --- a/sysconfig/network-scripts/ifdown-ipsec +++ /dev/null @@ -1,86 +0,0 @@ -#!/bin/bash -PATH=/sbin:/usr/sbin/:/bin:/usr/bin - -cd /etc/sysconfig/network-scripts -. ./network-functions - -CONFIG=$1 -[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1} -source_config - -if [ -n "$KEY_AH" -o -n "$KEY_ESP" ]; then - KEYING=manual -fi - - -if [ -n "$IKE_PSK" ]; then - KEYING=automatic - IKE_METHOD=PSK -fi - -if [ -n "$IKE_CERTFILE" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi - -if [ -n "$IKE_PEER_CERTFILE" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi - -if [ -n "$IKE_DNSSEC" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi -if [ -n "$RSA_KEY" ]; then - KEYING=automatic - IKE_METHOD=RSA -fi - -[ -n "$IKE_METHOD" ] && KEYING=automatic -[ -z "$KEYING" ] && KEYING=manual - -if [ -z "$SRC" ]; then - SRC=$(ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|") -fi - -if [ -n "$SRCNET" -o -n "$DSTNET" ]; then - MODE=tunnel - [ -z "$SRCNET" ] && SRCNET="$SRC/32" - [ -z "$DSTNET" ] && DSTNET="$DST/32" - SPD_SRC=$SRCNET - SPD_DST=$DSTNET - # If SRCNET is a subnet of DSTNET, exclude SRCNET<->SRCNET communication - if [ "${SRCNET##*/}" -gt "${DSTNET##*/}" ] \ - && [ "$(ipcalc -n "${SRCNET%%/*}/${DSTNET##*/}")" \ - = "NETWORK=${DSTNET%%/*}" ]; then - EXCLUDE_SRCNET=yes - fi - [ -z "$SRCGW" ] && SRCGW=$(ip -o route get to $SRCNET | sed "s|.*src \([^ ]*\).*|\1|") - ip route del to $DSTNET via $SRCGW src $SRCGW -else - MODE=transport - SPD_SRC=$SRC - SPD_DST=$DST - unset EXCLUDE_SRCNET -fi - -setkey -c << EOF -${SPI_AH_OUT:+delete $SRC $DST ah $SPI_AH_OUT;} -${SPI_AH_IN:+delete $DST $SRC ah $SPI_AH_IN;} -${SPI_ESP_OUT:+delete $SRC $DST esp $SPI_ESP_OUT;} -${SPI_ESP_IN:+delete $DST $SRC esp $SPI_ESP_IN;} -spddelete $SPD_SRC $SPD_DST any -P out; -spddelete $SPD_DST $SPD_SRC any -P in; -${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P out;} -${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P in;} -EOF - -if [ "$KEYING" = "automatic" -a -n "$IKE_METHOD" ]; then - racoontmp=$(mktemp /etc/racoon/racoon.XXXXXX) - grep -v "^include \"/etc/racoon/$DST.conf\";" /etc/racoon/racoon.conf >> $racoontmp - mv -f $racoontmp /etc/racoon/racoon.conf - pidof -x /usr/sbin/racoon > /dev/null 2>&1 && killall -HUP racoon -fi - -/etc/sysconfig/network-scripts/ifdown-post $CONFIG diff --git a/sysconfig/network-scripts/ifdown-ipv6 b/sysconfig/network-scripts/ifdown-ipv6 index 9f04531a..7bfcfb34 100644 --- a/sysconfig/network-scripts/ifdown-ipv6 +++ b/sysconfig/network-scripts/ifdown-ipv6 @@ -45,9 +45,8 @@ CONFIG=$1 [ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG source_config -# IPv6 don't need aliases anymore, config is skipped -REALDEVICE=$(echo ${DEVICE} | sed 's/:.*//g') -[ "$DEVICE" != "$REALDEVICE" ] && exit 0 +REALDEVICE=${DEVICE%%:*} +DEVICE=$REALDEVICE [ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1 . /etc/sysconfig/network-scripts/network-functions-ipv6 @@ -120,7 +119,7 @@ if [ "$valid6to4config" = "yes" ]; then if [ -n "$IPV6TO4_ROUTING" ]; then # Delete routes to local networks for devsuf in $IPV6TO4_ROUTING; do - dev="$(echo $devsuf | awk -F- '{ print $1 }')" + dev="${devsuf%%-*}" ipv6_cleanup_6to4_device $dev done fi diff --git a/sysconfig/network-scripts/ifdown-routes b/sysconfig/network-scripts/ifdown-routes index 00e592f7..3c62498a 100755 --- a/sysconfig/network-scripts/ifdown-routes +++ b/sysconfig/network-scripts/ifdown-routes @@ -12,16 +12,20 @@ fi MATCH='^[[:space:]]*(\#.*)?$' # Routing rules -FILES="/etc/sysconfig/network-scripts/rule-$1" +FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1" if [ -n "$2" -a "$2" != "$1" ]; then - FILES="$FILES /etc/sysconfig/network-scripts/rule-$2" + FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2" fi for file in $FILES; do if [ -f "$file" ]; then + proto= + if [ "$file" != "${file##*/rule6-}" ]; then + proto="-6" + fi { cat "$file" ; echo ; } | while read line; do if [[ ! "$line" =~ $MATCH ]]; then - /sbin/ip rule del $line + /sbin/ip $proto rule del $line fi done fi diff --git a/sysconfig/network-scripts/ifdown-sit b/sysconfig/network-scripts/ifdown-sit index 041dc3cd..39e9c50f 100644 --- a/sysconfig/network-scripts/ifdown-sit +++ b/sysconfig/network-scripts/ifdown-sit @@ -28,7 +28,7 @@ CONFIG=$1 source_config # IPv6 don't need aliases anymore, config is skipped -REALDEVICE=$(echo ${DEVICE} | sed 's/:.*//g') +REALDEVICE=${DEVICE%%:*} [ "$DEVICE" != "$REALDEVICE" ] && exit 0 [ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1 @@ -37,7 +37,7 @@ REALDEVICE=$(echo ${DEVICE} | sed 's/:.*//g') # Generic tunnel device sit0 is not supported here if [ "$DEVICE" = "sit0" ]; then - echo $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking" + net_log $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking" exit 1 fi diff --git a/sysconfig/network-scripts/ifdown-tunnel b/sysconfig/network-scripts/ifdown-tunnel index a96aff4b..e04effe7 100755 --- a/sysconfig/network-scripts/ifdown-tunnel +++ b/sysconfig/network-scripts/ifdown-tunnel @@ -33,7 +33,7 @@ source_config # Generic tunnel devices are not supported here if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 ]; then - echo $"Device '$DEVICE' isn't supported as a valid GRE device name." + net_log $"Device '$DEVICE' isn't supported as a valid GRE device name." exit 1 fi diff --git a/sysconfig/network-scripts/ifup b/sysconfig/network-scripts/ifup index fb203f5a..914309c0 100755 --- a/sysconfig/network-scripts/ifup +++ b/sysconfig/network-scripts/ifup @@ -76,9 +76,9 @@ fi # Ethernet 802.1Q VLAN support if [ "${VLAN}" = "yes" ] && [ "$ISALIAS" = "no" ]; then VID="" - MATCH='^(eth|hsi|bond)[0-9]+\.[0-9]{1,4}$' + MATCH='^.+\.[0-9]{1,4}$' if [[ "${DEVICE}" =~ $MATCH ]]; then - VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^[a-z0-9]*\.0*\([0-9]\+\)/\1/') + VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^.*\.\([0-9]\+\)/\1/') PHYSDEV=${DEVICE%.*} fi MATCH='^vlan[0-9]{1,4}?' @@ -86,21 +86,21 @@ if [ "${VLAN}" = "yes" ] && [ "$ISALIAS" = "no" ]; then VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^vlan0*//') # PHYSDEV should be set in ifcfg-vlan* file if test -z "$PHYSDEV"; then - echo $"PHYSDEV should be set for device ${DEVICE}" + net_log $"PHYSDEV should be set for device ${DEVICE}" exit 1 fi fi if [ -n "$VID" ]; then if [ ! -d /proc/net/vlan ]; then if ! modprobe 8021q >/dev/null 2>&1 ; then - echo $"No 802.1Q VLAN support available in kernel for device ${DEVICE}" + net_log $"No 802.1Q VLAN support available in kernel for device ${DEVICE}" exit 1 fi fi is_available ${PHYSDEV} || { if [ "$?" = "1" ] ; then - echo $"$alias device ${DEVICE} does not seem to be present, delaying initialization." + net_log $"$alias device ${DEVICE} does not seem to be present, delaying initialization." exit 1 else exit 0 @@ -117,10 +117,14 @@ if [ "${VLAN}" = "yes" ] && [ "$ISALIAS" = "no" ]; then FLAG_REORDER_HDR="reorder_hdr off" fi - ip link add dev ${DEVICE} link ${PHYSDEV} type vlan id ${VID} ${FLAG_REORDER_HDR} || { + if [ "${GVRP}" = "yes" -o "${GVRP}" = "1" ]; then + FLAG_GVRP="gvrp on" + fi + + ip link add dev ${DEVICE} link ${PHYSDEV} type vlan id ${VID} ${FLAG_REORDER_HDR} ${FLAG_GVRP} || { (/usr/bin/logger -p daemon.info -t ifup \ $"ERROR: could not add vlan ${VID} as ${DEVICE} on dev ${PHYSDEV}" &)& - echo $"ERROR: could not add vlan ${VID} as ${DEVICE} on dev ${PHYSDEV}" + net_log $"ERROR: could not add vlan ${VID} as ${DEVICE} on dev ${PHYSDEV}" exit 1 } fi diff --git a/sysconfig/network-scripts/ifup-aliases b/sysconfig/network-scripts/ifup-aliases index 1312eede..fc21c7b6 100755 --- a/sysconfig/network-scripts/ifup-aliases +++ b/sysconfig/network-scripts/ifup-aliases @@ -125,7 +125,7 @@ eval ` ( # read defaults from the parent config file [ -f $PARENTCONFIG ] || { - echo $"Missing config file $PARENTCONFIG." >&2 + net_log $"Missing config file $PARENTCONFIG." exit 1 } eval ` ( @@ -169,7 +169,7 @@ function new_interface () MATCH='^[0-9A-Za-z_]*$' if (LC_ALL=C; [[ ! "$DEVNUM" =~ $MATCH ]]); then - echo $"error in $FILE: invalid alias number" >&2 + net_log $"error in $FILE: invalid alias number" return 1 fi @@ -179,17 +179,17 @@ function new_interface () "; if [ -n "$ipseen" ]; then - echo $"error in $FILE: already seen ipaddr $IPADDR in $ipseen" >&2 + net_log $"error in $FILE: already seen ipaddr $IPADDR in $ipseen" return 1 fi if [ -n "$devseen" ]; then - echo $"error in $FILE: already seen device $parent_device:$DEVNUM in $devseen" >&2 + net_log $"error in $FILE: already seen device $parent_device:$DEVNUM in $devseen" return 1 fi if [ -z "$DEVICE" -o -z "$IPADDR" ]; then - echo $"error in $FILE: didn't specify device or ipaddr" >&2 + net_log $"error in $FILE: didn't specify device or ipaddr" return 1 fi @@ -256,7 +256,7 @@ function new_interface () setup_this=yes fi if [ -n "$rdev_mark" -a "$rdev_mark" != "$newmark" ]; then - echo $"error in ifcfg-${parent_device}: files" >&2 + net_log $"error in ifcfg-${parent_device}: files" return 1 fi eval " rdev_${DEVNUM}_mark=\$newmark "; @@ -267,7 +267,7 @@ function new_interface () if [ -n "$rdevip" -a "$rdevip" != "${DEVNUM}" ]; then eval " mark_remove=\$rdev_${rdevip}_mark "; if [ -n "$mark_remove" -a "$mark_remove" != "remove" ]; then - echo $"error in ifcfg-${parent_device}: files" >&2 + net_log $"error in ifcfg-${parent_device}: files" return 1 fi if [ "$mark_remove" != "remove" ]; then @@ -292,6 +292,8 @@ function new_interface () /sbin/ifconfig ${DEVICE} ${IPADDR} netmask ${NETMASK} broadcast ${BROADCAST} + [ "$IPV6INIT" = "yes" ] && /etc/sysconfig/network-scripts/ifup-ipv6 ${DEVICE} + if [ "$NO_ALIASROUTING" != yes ]; then GATEWAYDEV=$network_GATEWAYDEV; @@ -337,11 +339,11 @@ for FILE in ifcfg-${parent_device}-range* ; do ipaddr_endnum=${IPADDR_END##*.} if [ "${IPADDR_START%.*}" != "${IPADDR_END%.*}" ]; then - echo $"error in $FILE: IPADDR_START and IPADDR_END don't agree" >&2; continue + net_log $"error in $FILE: IPADDR_START and IPADDR_END don't agree"; continue fi if [ $ipaddr_startnum -gt $ipaddr_endnum ]; then - echo $"error in $FILE: IPADDR_START greater than IPADDR_END" >&2; continue + net_log $"error in $FILE: IPADDR_START greater than IPADDR_END"; continue fi ipaddr_num=$ipaddr_startnum diff --git a/sysconfig/network-scripts/ifup-ctc b/sysconfig/network-scripts/ifup-ctc index 514c102b..e268d7cc 100755 --- a/sysconfig/network-scripts/ifup-ctc +++ b/sysconfig/network-scripts/ifup-ctc @@ -33,7 +33,7 @@ timeout=0 while ! ping -w 30 -c 1 ${GATEWAY} &>/dev/null; do timeout=$(($timeout + 1)) if [ $timeout = 20 ]; then - echo $"ERROR: ${DEVICE} did not come up!" + net_log $"ERROR: ${DEVICE} did not come up!" break fi done diff --git a/sysconfig/network-scripts/ifup-eth b/sysconfig/network-scripts/ifup-eth index b1039176..93b6241e 100755 --- a/sysconfig/network-scripts/ifup-eth +++ b/sysconfig/network-scripts/ifup-eth @@ -52,7 +52,7 @@ is_available ${REALDEVICE} if [ -n "${HWADDR}" ]; then FOUNDMACADDR=$(get_hwaddr ${REALDEVICE}) if [ "${FOUNDMACADDR}" != "${HWADDR}" -a "${FOUNDMACADDR}" != "${MACADDR}" ]; then - echo $"Device ${DEVICE} has different MAC address than expected, ignoring." + net_log $"Device ${DEVICE} has different MAC address than expected, ignoring." mdv-network-event connection_failure ${DEVICE} exit 1 fi @@ -61,7 +61,7 @@ fi # If the device is a bridge, create it with brctl, if available. if [ "${TYPE}" = "Bridge" ]; then if [ ! -x /usr/sbin/brctl ]; then - echo $"Bridge support not available: brctl not found" + net_log $"Bridge support not available: brctl not found" mdv-network-event connection_failure ${DEVICE} exit 1 fi @@ -70,12 +70,18 @@ if [ "${TYPE}" = "Bridge" ]; then fi [ -n "${DELAY}" ] && /usr/sbin/brctl setfd ${DEVICE} ${DELAY} [ -n "${STP}" ] && /usr/sbin/brctl stp ${DEVICE} ${STP} + # add the bits to setup driver parameters here + for arg in $BRIDGING_OPTS ; do + key=${arg%%=*}; + value=${arg##*=}; + echo $value > /sys/class/net/${DEVICE}/bridge/$key + done fi # If the device is a tap device, create it with tunctl, if available. if [ "${TYPE}" = "Tap" ]; then if [ ! -x /usr/sbin/tunctl -a ! -x /usr/bin/tunctl ]; then - echo $"Tap support not available: tunctl not found" + net_log $"Tap support not available: tunctl not found" mdv-network-event connection_failure ${DEVICE} exit 1 fi @@ -95,9 +101,9 @@ fi # now check the real state is_available ${REALDEVICE} || { if [ -n "$alias" ]; then - echo $"$alias device ${DEVICE} does not seem to be present, delaying initialization." + net_log $"$alias device ${DEVICE} does not seem to be present, delaying initialization." else - echo $"Device ${DEVICE} does not seem to be present, delaying initialization." + net_log $"Device ${DEVICE} does not seem to be present, delaying initialization." fi mdv-network-event connection_failure ${DEVICE} exit 1 @@ -173,13 +179,12 @@ fi # slave device? if [ "${SLAVE}" = yes -a "${ISALIAS}" = no -a "${MASTER}" != "" ]; then - grep -wq "${DEVICE}" /sys/class/net/${MASTER}/bonding/slaves || { + install_bonding_driver ${MASTER} + grep -wq "${DEVICE}" /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null || { /sbin/ip link set dev ${DEVICE} down echo "+${DEVICE}" > /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null } - if [ -n "$ETHTOOL_OPTS" ] ; then - ethtool -s ${REALDEVICE} $ETHTOOL_OPTS - fi + ethtool_set exit 0 fi @@ -198,10 +203,16 @@ if [ "$ISALIAS" = no ] && is_bonding_device ${DEVICE} ; then OLDIFS=$IFS; IFS=','; for arp_ip in $value; do - echo +$arp_ip > /sys/class/net/${DEVICE}/bonding/$key + if ! grep -q $arp_ip /sys/class/net/${DEVICE}/bonding/$key; then + echo +$arp_ip > /sys/class/net/${DEVICE}/bonding/$key + fi done IFS=$OLDIFS; - else + elif [ "${key}" = "arp_ip_target" ]; then + if ! grep -q ${value#+} /sys/class/net/${DEVICE}/bonding/$key; then + echo "$value" > /sys/class/net/${DEVICE}/bonding/$key + fi + else echo $value > /sys/class/net/${DEVICE}/bonding/$key fi done @@ -230,11 +241,15 @@ if [ -n "${BRIDGE}" ] && [ -x /usr/sbin/brctl ]; then fi /sbin/ip addr flush dev ${DEVICE} 2>/dev/null /sbin/ip link set dev ${DEVICE} up - if [ -n "$ETHTOOL_OPTS" ] ; then - /sbin/ethtool -s ${REALDEVICE} $ETHTOOL_OPTS - fi + ethtool_set [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} /usr/sbin/brctl addif ${BRIDGE} ${DEVICE} + # add the bits to setup driver parameters here + for arg in $BRIDGING_OPTS ; do + key=${arg%%=*}; + value=${arg##*=}; + echo $value > /sys/class/net/${DEVICE}/brport/$key + done # Upon adding a device to a bridge, # it's necessary to make radvd reload its config [ -r /var/run/radvd/radvd.pid ] && kill -HUP $(cat /var/run/radvd/radvd.pid) @@ -351,7 +366,7 @@ fi if [ -n "${DYNCONFIG}" ]; then # copy any lease obtained by the initrd - for file in /dev/.dhclient-${DEVICE}.leases /dev/.initramfs/net.${DEVICE}.lease ; do + for file in /dev/.dhclient-${DEVICE}.leases /dev/.initramfs/net.${DEVICE}.lease /run/initramfs/net.${DEVICE}.lease; do if [ -f "${file}" ]; then mv -f $file /var/lib/dhclient/dhclient-${DEVICE}.leases [ -x /sbin/restorecon ] && restorecon /var/lib/dhclient/dhclient-${DEVICE}.leases > /dev/null 2>&1 @@ -366,9 +381,7 @@ if [ -n "${DYNCONFIG}" ]; then exit 1 fi - if [ -n "$ETHTOOL_OPTS" ] ; then - ethtool -s ${REALDEVICE} $ETHTOOL_OPTS - fi + ethtool_set mdv-network-event dhcp_request ${DEVICE} if $DHCP_CLIENT $DHCP_ARGS ; then @@ -395,12 +408,10 @@ if [ -n "${DYNCONFIG}" ]; then fi # end dynamic device configuration else - if [ -z "${IPADDR}" ]; then + if [ -z "${IPADDR}" -a -z "${IPADDR0}" -a -z "${IPADDR1}" -a -z "${IPADDR2}" ]; then # enable device without IP, useful for e.g. PPPoE ip link set dev ${REALDEVICE} up - if [ -n "$ETHTOOL_OPTS" ] ; then - ethtool -s ${REALDEVICE} $ETHTOOL_OPTS - fi + ethtool_set [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} else @@ -410,14 +421,12 @@ else ip link set dev ${REALDEVICE} $(toggle_value arp $ARP) if ! ip link set dev ${REALDEVICE} up ; then - echo $"Failed to bring up ${DEVICE}." + net_log $"Failed to bring up ${DEVICE}." mdv-network-event connection_failure ${DEVICE} exit 1 fi - if [ -n "$ETHTOOL_OPTS" ] ; then - ethtool -s ${REALDEVICE} $ETHTOOL_OPTS - fi + ethtool_set [ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY} @@ -468,10 +477,12 @@ else fi ip route replace default ${METRIC:+metric $METRIC} \ via ${GATEWAY} ${WINDOW:+window $WINDOW} ${SRC} \ - ${GATEWAYDEV:+dev $GATEWAYDEV} + ${GATEWAYDEV:+dev $GATEWAYDEV} || + net_log $"Error adding default gateway ${GATEWAY} for ${DEVICE}." elif [ "${GATEWAYDEV}" = "${DEVICE}" ]; then ip route replace default ${METRIC:+metric $METRIC} \ - ${SRC} ${WINDOW:+window $WINDOW} dev ${REALDEVICE} + ${SRC} ${WINDOW:+window $WINDOW} dev ${REALDEVICE} || + net_log $"Erorr adding default gateway for ${REALDEVICE}." fi fi fi @@ -484,10 +495,8 @@ fi # IPv6 initialisation? /etc/sysconfig/network-scripts/ifup-ipv6 ${CONFIG} -if [[ "${DHCPV6C}" = [Yy1]* ]] && [ -x /sbin/dhcp6c ]; then - /sbin/dhcp6c ${DHCPV6C_OPTIONS} ${DEVICE} - dhcp6_pid=($(/bin/ps -eo 'pid,args' | /bin/grep "dhcp6c ${DHCPV6C_OPTIONS} ${DEVICE}" | egrep -v grep)) - [ -n "$dhcp6_pid" ] && echo ${dhcp6_pid[0]} > /var/run/dhcp6c_${DEVICE}.pid +if [[ "${DHCPV6C}" = [Yy1]* ]] && [ -x /sbin/dhclient ]; then + /sbin/dhclient -6 -1 ${DHCPV6C_OPTIONS} -lf /var/lib/dhclient/dhclient6-${DEVICE}.leases -pf /var/run/dhclient6-${DEVICE}.pid -H ${DHCP_HOSTNAME:-${HOSTNAME%%.*}} ${DEVICE} fi if [ "${IPX}" = yes ]; then diff --git a/sysconfig/network-scripts/ifup-ipsec b/sysconfig/network-scripts/ifup-ipsec deleted file mode 100755 index f3da7d4b..00000000 --- a/sysconfig/network-scripts/ifup-ipsec +++ /dev/null @@ -1,279 +0,0 @@ -#!/bin/sh -# -# ifup-ipsec -# -# Brings up ipsec interfaces - -handle_keys() { - [ -z "$KEY_AH_IN" -a -n "$KEY_AH" ] && KEY_AH_IN=$KEY_AH - [ -z "$KEY_AH_OUT" -a -n "$KEY_AH" ] && KEY_AH_OUT=$KEY_AH - [ -z "$KEY_ESP_IN" -a -n "$KEY_ESP" ] && KEY_ESP_IN=$KEY_ESP - [ -z "$KEY_ESP_OUT" -a -n "$KEY_ESP" ] && KEY_ESP_OUT=$KEY_ESP - [ -z "$KEY_AESP_IN" -a -n "$KEY_AESP" ] && KEY_AESP_IN=$KEY_AESP - [ -z "$KEY_AESP_OUT" -a -n "$KEY_AESP" ] && KEY_AESP_OUT=$KEY_AESP - - [ -n "$KEY_AH_IN" -a "$KEY_AH_IN" = "${KEY_AH_IN##0x}" ] \ - && KEY_AH_IN=\"$KEY_AH_IN\" - [ -n "$KEY_AH_OUT" -a "$KEY_AH_OUT" = "${KEY_AH_OUT##0x}" ] \ - && KEY_AH_OUT=\"$KEY_AH_OUT\" - [ -n "$KEY_ESP_IN" -a "$KEY_ESP_IN" = "${KEY_ESP_IN##0x}" ] \ - && KEY_ESP_IN=\"$KEY_ESP_IN\" - [ -n "$KEY_ESP_OUT" -a "$KEY_ESP_OUT" = "${KEY_ESP_OUT##0x}" ] \ - && KEY_ESP_OUT=\"$KEY_ESP_OUT\" - [ -n "$KEY_AESP_IN" -a "$KEY_AESP_IN" = "${KEY_AESP_IN##0x}" ] \ - && KEY_AESP_IN=\"$KEY_AESP_IN\" - [ -n "$KEY_AESP_OUT" -a "$KEY_AESP_OUT" = "${KEY_AESP_OUT##0x}" ] \ - && KEY_AESP_OUT=\"$KEY_AESP_OUT\" -} - -. /etc/init.d/functions -cd /etc/sysconfig/network-scripts -. ./network-functions - -CONFIG=$1 -[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1} -source_config - -handle_keys - -if [ -n "$KEY_AH" -o -n "$KEY_ESP" ]; then - KEYING=manual -fi - - -if [ -n "$IKE_PSK" ]; then - KEYING=automatic - IKE_METHOD=PSK -fi - -if [ -n "$IKE_CERTFILE" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi - -if [ -n "$IKE_PEER_CERTFILE" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi - -if [ -n "$IKE_DNSSEC" ]; then - KEYING=automatic - IKE_METHOD=X509 -fi - -[ -n "$IKE_METHOD" ] && KEYING=automatic -[ -z "$KEYING" ] && KEYING=manual - -if [ -z "$SRC" ]; then - SRC=$(ip -o route get to $DST | sed "s|.*src \([^ ]*\).*|\1|") -fi - -if [ -n "$SRCNET" -o -n "$DSTNET" ]; then - TUNNEL_MODE=yes - MODE=tunnel - [ -z "$SRCNET" ] && SRCNET="$SRC/32" - [ -z "$DSTNET" ] && DSTNET="$DST/32" - SPD_SRC=$SRCNET - SPD_DST=$DSTNET - # If SRCNET is a subnet of DSTNET, exclude SRCNET<->SRCNET communication - if [ "${SRCNET##*/}" -gt "${DSTNET##*/}" ] \ - && [ "$(ipcalc -n "${SRCNET%%/*}/${DSTNET##*/}")" \ - = "NETWORK=${DSTNET%%/*}" ]; then - EXCLUDE_SRCNET=yes - fi - [ -z "$SRCGW" ] && SRCGW=$(ip -o route get to $SRCNET | sed "s|.*src \([^ ]*\).*|\1|") - ip route add to $DSTNET via $SRCGW src $SRCGW -else - unset TUNNEL_MODE - MODE=transport - SPD_SRC=$SRC - SPD_DST=$DST - unset EXCLUDE_SRCNET -fi - -unset SPD_AH_IN SPD_AH_OUT SPD_ESP_IN SPD_ESP_OUT -if [ "$KEYING" = "manual" ]; then - [ -z "$AH_PROTO" ] && AH_PROTO=hmac-sha1 - [ -z "$ESP_PROTO" ] && ESP_PROTO=3des-cbc - [ -z "$AESP_PROTO" ] && AESP_PROTO=hmac-sha1 - - [ -n "$KEY_AH_IN" ] && SPD_AH_IN=yes - [ -n "$KEY_AH_OUT" ] && SPD_AH_OUT=yes - [ -n "$KEY_ESP_IN" ] && SPD_ESP_IN=yes - [ -n "$KEY_ESP_OUT" ] && SPD_ESP_OUT=yes -else - [ -z "$IKE_DHGROUP" ] && IKE_DHGROUP=2 - [ -z "$AH_PROTO" ] && AH_PROTO=sha1 - [ -z "$ESP_PROTO" ] && ESP_PROTO=3des - [ -z "$IKE_AUTH" ] && IKE_AUTH=$AH_PROTO - [ -z "$IKE_ENC" ] && IKE_ENC=$ESP_PROTO - [ "$IKE_AUTH" = "none" ] && IKE_AUTH=sha1 - [ "$IKE_ENC" = "none" ] && IKE_ENC=3des - - SPD_AH_IN=yes - SPD_AH_OUT=yes - SPD_ESP_IN=yes - SPD_ESP_OUT=yes -fi - -if [ "$AH_PROTO" = "none" ]; then - unset SPI_AH_IN SPI_AH_OUT KEY_AH_IN KEY_AH_OUT SPD_AH_IN SPD_AH_OUT -fi -if [ "$ESP_PROTO" = "none" ]; then - unset SPI_ESP_IN SPI_ESP_OUT KEY_ESP_IN KEY_ESP_OUT SPD_ESP_IN SPD_ESP_OUT -fi - -/sbin/setkey -c >/dev/null 2>&1 << EOF -${SPI_AH_OUT:+delete $SRC $DST ah $SPI_AH_OUT;} -${SPI_AH_IN:+delete $DST $SRC ah $SPI_AH_IN;} -${SPI_ESP_OUT:+delete $SRC $DST esp $SPI_ESP_OUT;} -${SPI_ESP_IN:+delete $DST $SRC esp $SPI_ESP_IN;} -spddelete $SPD_SRC $SPD_DST any -P out; -spddelete $SPD_DST $SPD_SRC any -P in; -${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P out;} -${EXCLUDE_SRCNET:+spddelete $SPD_SRC $SPD_SRC any -P in;} -EOF - -# ESP -if [ "$ESP_PROTO" != "none" ]; then - /sbin/setkey -c >/dev/null 2>&1 << EOF - ${KEY_ESP_IN:+add $DST $SRC esp $SPI_ESP_IN ${TUNNEL_MODE:+-m tunnel} \ - -E ${ESP_PROTO_IN:-$ESP_PROTO} $KEY_ESP_IN \ - ${KEY_AESP_IN:+-A ${AESP_PROTO_IN:-$AESP_PROTO} $KEY_AESP_IN} - ;} - ${KEY_ESP_OUT:+add $SRC $DST esp $SPI_ESP_OUT ${TUNNEL_MODE:+-m tunnel} \ - -E ${ESP_PROTO_OUT:-$ESP_PROTO} $KEY_ESP_OUT \ - ${KEY_AESP_OUT:+-A ${AESP_PROTO_OUT:-$AESP_PROTO} $KEY_AESP_OUT} - ;} -EOF -fi - -# AH -if [ "$AH_PROTO" != "none" ]; then - /sbin/setkey -c >/dev/null 2>&1 << EOF - ${KEY_AH_IN:+add $DST $SRC ah $SPI_AH_IN ${TUNNEL_MODE:+-m tunnel} -A ${AH_PROTO_IN:-$AH_PROTO} $KEY_AH_IN;} - ${KEY_AH_OUT:+add $SRC $DST ah $SPI_AH_OUT ${TUNNEL_MODE:+-m tunnel} -A ${AH_PROTO_OUT:-$AH_PROTO} $KEY_AH_OUT;} -EOF -fi - -/sbin/setkey -c >/dev/null 2>&1 << EOF -${EXCLUDE_SRCNET:+spdadd $SPD_SRC $SPD_SRC any -P out none;} -${EXCLUDE_SRCNET:+spdadd $SPD_SRC $SPD_SRC any -P in none;} -EOF - -# This looks weird but if you use both ESP and AH you need to configure them together, not seperately. -if [ "$ESP_PROTO" != "none" ] && [ "$AH_PROTO" != "none" ]; then -/sbin/setkey -c >/dev/null 2>&1 << EOF -spdadd $SPD_SRC $SPD_DST any -P out ipsec - ${SPD_ESP_OUT:+esp/$MODE/${TUNNEL_MODE:+$SRC-$DST}/require} - ${SPD_AH_OUT:+ah/$MODE/${TUNNEL_MODE:+$SRC-$DST}/require} - ; - -spdadd $SPD_DST $SPD_SRC any -P in ipsec - ${SPD_ESP_IN:+esp/$MODE/${TUNNEL_MODE:+$DST-$SRC}/require} - ${SPD_AH_IN:+ah/$MODE/${TUNNEL_MODE:+$DST-$SRC}/require} - ; -EOF -elif [ "$AH_PROTO" = "none" ]; then -/sbin/setkey -c >/dev/null 2>&1 << EOF -spdadd $SPD_SRC $SPD_DST any -P out ipsec - ${SPD_ESP_OUT:+esp/$MODE/${TUNNEL_MODE:+$SRC-$DST}/require} - ; - -spdadd $SPD_DST $SPD_SRC any -P in ipsec - ${SPD_ESP_IN:+esp/$MODE/${TUNNEL_MODE:+$DST-$SRC}/require} - ; -EOF -elif [ "$ESP_PROTO" = "none" ]; then -/sbin/setkey -c >/dev/null 2>&1 << EOF -spdadd $SPD_SRC $SPD_DST any -P out ipsec - ${SPD_AH_OUT:+ah/$MODE/${TUNNEL_MODE:+$SRC-$DST}/require} - ; - -spdadd $SPD_DST $SPD_SRC any -P in ipsec - ${SPD_AH_IN:+ah/$MODE/${TUNNEL_MODE:+$DST-$SRC}/require} - ; -EOF -fi - -if [ "$KEYING" = "automatic" -a -n "$IKE_METHOD" ]; then - if [ "$IKE_METHOD" = "PSK" ]; then - MYID=address - if [ -n "$MYID_TYPE" ]; then - case "$MYID_TYPE" in - *fqdn*) - MYID="$MYID_TYPE \"$MYID_VALUE\"" - ;; - esac - fi - tmpfile=$(mktemp /etc/racoon/psk.XXXXXX) - grep -v "^$DST " /etc/racoon/psk.txt > $tmpfile - echo "$DST $IKE_PSK" >> $tmpfile - mv -f $tmpfile /etc/racoon/psk.txt - fi - if [ ! -f /etc/racoon/$DST.conf ] || [ /etc/racoon/$DST.conf -ot $1 ] ; then - cat > /etc/racoon/$DST.conf << EOF -remote $DST -{ - exchange_mode aggressive, main; -EOF - case "$IKE_METHOD" in - PSK) - cat >> /etc/racoon/$DST.conf << EOF - my_identifier $MYID; - proposal { - encryption_algorithm $IKE_ENC; - hash_algorithm $IKE_AUTH; - authentication_method pre_shared_key; - dh_group $IKE_DHGROUP; - } -} -EOF - ;; - X509) - cat >> /etc/racoon/$DST.conf << EOF - my_identifier asn1dn; - peers_identifier asn1dn; - certificate_type x509 "$IKE_CERTFILE.public" "$IKE_CERTFILE.private"; -EOF - if [ -n "$IKE_DNSSEC" ]; then - echo " peers_certfile dnssec;" >> /etc/racoon/$DST.conf - fi - if [ -n "$IKE_PEER_CERTFILE" ]; then - echo " peers_certfile x509 \"$IKE_PEER_CERTFILE.public\";" >> /etc/racoon/$DST.conf - fi - cat >> /etc/racoon/$DST.conf << EOF - proposal { - encryption_algorithm $IKE_ENC; - hash_algorithm $IKE_AUTH; - authentication_method rsasig; - dh_group $IKE_DHGROUP; - } -} -EOF - ;; - GSSAPI) - cat >> /etc/racoon/$DST.conf << EOF - my_identifier address; - proposal { - encryption_algorithm $IKE_ENC; - hash_algorithm $IKE_AUTH; - authentication_method gssapi_krb; - dh_group $IKE_DHGROUP; - } -} -EOF - esac - fi - racoontmp=$(mktemp /etc/racoon/racoon.XXXXXX) - grep -v "^include \"/etc/racoon/$DST.conf\";" /etc/racoon/racoon.conf >> $racoontmp - echo "include \"/etc/racoon/$DST.conf\";" >> $racoontmp - mv -f $racoontmp /etc/racoon/racoon.conf -fi -if [ "$KEYING" = "automatic" ]; then - if ! pidof -x /usr/sbin/racoon > /dev/null 2>&1 ; then - /usr/sbin/racoon - elif [ -n "$IKE_METHOD" ]; then - killall -HUP racoon - fi -fi diff --git a/sysconfig/network-scripts/ifup-ipv6 b/sysconfig/network-scripts/ifup-ipv6 index 4facc403..509e49f3 100644 --- a/sysconfig/network-scripts/ifup-ipv6 +++ b/sysconfig/network-scripts/ifup-ipv6 @@ -62,9 +62,8 @@ CONFIG=$1 [ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG source_config -# IPv6 don't need aliases anymore, config is skipped -REALDEVICE=$(echo ${DEVICE} | sed 's/:.*//g') -[ "$DEVICE" != "$REALDEVICE" ] && exit 0 +REALDEVICE=${DEVICE%%:*} +DEVICE=$REALDEVICE # Test whether IPv6 configuration is enabled for this interface, else stop [ "$IPV6INIT" = "yes" ] || exit 0 @@ -98,8 +97,8 @@ if [ "$IPV6FORWARDING" = "yes" ]; then # Check, if global IPv6 forwarding was already set by global script if [ $ipv6_global_forwarding_current -ne 1 ]; then - echo $"Global IPv6 forwarding is enabled in configuration, but not currently enabled in kernel" - echo $"Please restart network with '/sbin/service network restart'" + net_log $"Global IPv6 forwarding is enabled in configuration, but not currently enabled in kernel" + net_log $"Please restart network with '/sbin/service network restart'" fi ipv6_local_forwarding=1 @@ -115,8 +114,8 @@ else # Check, if global IPv6 forwarding was already set by global script if [ $ipv6_global_forwarding_current -ne 0 ]; then - echo $"Global IPv6 forwarding is disabled in configuration, but not currently disabled in kernel" - echo $"Please restart network with '/sbin/service network restart'" + net_log $"Global IPv6 forwarding is disabled in configuration, but not currently disabled in kernel" + net_log $"Please restart network with '/sbin/service network restart'" fi ipv6_local_forwarding=0 @@ -145,7 +144,7 @@ fi if [ "$IPV6_PRIVACY" = "rfc3041" ]; then /sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.use_tempaddr=2 >/dev/null 2>&1 if [ $? -ne 0 ]; then - echo $"Cannot enable IPv6 privacy method '$IPV6_PRIVACY', not supported by kernel" + net_log $"Cannot enable IPv6 privacy method '$IPV6_PRIVACY', not supported by kernel" fi fi @@ -161,13 +160,6 @@ if [ -f /etc/sysconfig/static-routes-ipv6 ]; then done fi -# Setup additional static IPv6 routes (newer config style) -if [ -f "/etc/sysconfig/network-scripts/route6-$DEVICE" ]; then - cat "/etc/sysconfig/network-scripts/route6-$DEVICE" | sed 's/#.*//g' | grep -v '^[[:space:]]*$' | while read line; do - /sbin/ip -6 route add $line - done -fi - # Setup of 6to4, if configured if [ "$IPV6TO4INIT" = "yes" ]; then valid6to4config="yes" @@ -176,7 +168,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then ipv6_test_device_status tun6to4 if [ $? = 0 ]; then # device is already up - echo $"Device 'tun6to4' (from '$DEVICE') is already up, shutdown first" + net_log $"Device 'tun6to4' (from '$DEVICE') is already up, shutdown first" mdv-network-event connection_failure ${DEVICE} exit 1 fi @@ -204,7 +196,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then if [ -n "$ipv4addr" ]; then if ! ipv6_test_ipv4_addr_global_usable $ipv4addr; then - echo $"Given IPv4 address '$ipv4addr' is not globally usable" + net_log $"Given IPv4 address '$ipv4addr' is not globally usable" info valid6to4config="no" fi if [ -z "$IPV6TO4_RELAY" ]; then @@ -217,14 +209,14 @@ if [ "$IPV6TO4INIT" = "yes" ]; then valid6to4config="no" fi else - echo $"IPv6to4 configuration needs an IPv4 address on related interface or otherwise specified" + net_log $"IPv6to4 configuration needs an IPv4 address on related interface or otherwise specified" info valid6to4config="no" fi # Setup 6to4 tunnel (hardwired name is "tun6to4"), if config is valid if [ "$valid6to4config" = "yes" ]; then # Get MTU of master device - ipv4mtu="$(/sbin/ip link show dev $DEVICE | grep -w "mtu" | awk '{ print $5 }')" + ipv4mtu="$(/sbin/ip link show dev $DEVICE | awk '/\<mtu\>/ { print $5 }')" if [ -n "$ipv4mtu" ]; then # IPv6 tunnel MTU is IPv4 MTU minus 20 for IPv4 header tunnelmtu=$(($ipv4mtu-20)) @@ -232,7 +224,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then if [ -n "$IPV6TO4_MTU" ]; then if [ $IPV6TO4_MTU -gt $tunnelmtu ]; then - echo $"Warning: configured MTU '$IPV6TO4_MTU' for 6to4 exceeds maximum limit of '$tunnelmtu', ignored" + net_log $"Warning: configured MTU '$IPV6TO4_MTU' for 6to4 exceeds maximum limit of '$tunnelmtu', ignored" warning else tunnelmtu=$IPV6TO4_MTU fi @@ -246,7 +238,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then # Add default route, if device matches if [ "$IPV6_DEFAULTDEV" = "tun6to4" ]; then if [ -n "$IPV6_DEFAULTGW" ]; then - echo $"Warning: interface 'tun6to4' does not support 'IPV6_DEFAULTGW', ignored" + net_log $"Warning: interface 'tun6to4' does not support 'IPV6_DEFAULTGW', ignored" warning fi ipv6_set_default_route $ipv6to4_relay tun6to4 fi @@ -266,7 +258,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then # Setup additional static IPv6 routes (newer config style) if [ -f "/etc/sysconfig/network-scripts/route6-tun6to4" ]; then - cat "/etc/sysconfig/network-scripts/route6-tun6to4" | sed 's/#.*//g' | LC_ALL=C grep -v '^[[:space:]]*$' | while read line; do + sed -ne 's/#.*//' -e '/[^[:space:]]/p' /etc/sysconfig/network-scripts/route6-tun6to4 | while read line; do if echo "$line" | LC_ALL=C grep -vq 'via'; then # Add gateway if missing line="$line via $ipv6to4_relay" @@ -282,7 +274,7 @@ if [ "$IPV6TO4INIT" = "yes" ]; then if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then # RADVD is in use, so forwarding of IPv6 packets should be enabled, display warning if [ $ipv6_global_forwarding_current -ne 1 ]; then - echo $"Using 6to4 and RADVD IPv6 forwarding usually should be enabled, but it isn't" + net_log $"Using 6to4 and RADVD IPv6 forwarding usually should be enabled, but it isn't" warning fi if [ -n "$IPV6TO4_ROUTING" ]; then @@ -290,22 +282,22 @@ if [ "$IPV6TO4INIT" = "yes" ]; then if [ -n "$ipv6to4prefix" ]; then # Add route to local networks for devsuf in $IPV6TO4_ROUTING; do - dev="$(echo $devsuf | awk -F- '{ print $1 }')" + dev="${devsuf%%-*}" suf="$(echo $devsuf | awk -F- '{ print $2 }')" ipv6_add_addr_on_device ${dev} ${ipv6to4prefix}${suf} done else - echo $"Error occurred while calculating the IPv6to4 prefix" + net_log $"Error occurred while calculating the IPv6to4 prefix" fi else - echo $"radvd control enabled, but config is not complete" + net_log $"radvd control enabled, but config is not complete" fi # Control running radvd ipv6_trigger_radvd up "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE fi else - echo $"6to4 configuration is not valid" + net_log $"6to4 configuration is not valid" mdv-network-event connection_failure ${DEVICE} exit 1 fi diff --git a/sysconfig/network-scripts/ifup-ipx b/sysconfig/network-scripts/ifup-ipx index a5693cfe..dbd294a8 100755 --- a/sysconfig/network-scripts/ifup-ipx +++ b/sysconfig/network-scripts/ifup-ipx @@ -23,7 +23,7 @@ CONFIG=$1 source_config for frametype in 802.2 802.3 ETHERII SNAP ; do - framename=$(echo $frametype | sed 's/\./_/') + framename=${frametype/./_} eval ACT=\$IPXACTIVE_$framename case $ACT in yes|true) diff --git a/sysconfig/network-scripts/ifup-routes b/sysconfig/network-scripts/ifup-routes index db3e51ea..ff8d5b56 100755 --- a/sysconfig/network-scripts/ifup-routes +++ b/sysconfig/network-scripts/ifup-routes @@ -6,6 +6,8 @@ if [ -z "$1" ]; then exit 1 fi +MATCH='^[[:space:]]*(\#.*)?$' + handle_file () { . $1 routenum=0 @@ -21,13 +23,26 @@ handle_file () { done } -FILES="/etc/sysconfig/network-scripts/route-$1" +handle_ip_file() { + local f t type= file=$1 proto="-4" + f=${file##*/} + t=${f%%-*} + type=${t%%6} + if [ "$type" != "$t" ]; then + proto="-6" + fi + { cat "$file" ; echo ; } | while read line; do + if [[ ! "$line" =~ $MATCH ]]; then + /sbin/ip $proto $type add $line + fi + done +} + +FILES="/etc/sysconfig/network-scripts/route-$1 /etc/sysconfig/network-scripts/route6-$1" if [ -n "$2" -a "$2" != "$1" ]; then - FILES="$FILES /etc/sysconfig/network-scripts/route-$2" + FILES="$FILES /etc/sysconfig/network-scripts/route-$2 /etc/sysconfig/network-scripts/route6-$2" fi -MATCH='^[[:space:]]*(\#.*)?$' - for file in $FILES; do if [ -f "$file" ]; then if grep -Eq '^[[:space:]]*ADDRESS[0-9]+=' $file ; then @@ -35,11 +50,7 @@ for file in $FILES; do handle_file $file ${1%:*} else # older format - { cat "$file" ; echo ; } | while read line; do - if [[ ! "$line" =~ $MATCH ]]; then - /sbin/ip route add $line - fi - done + handle_ip_file $file fi fi done @@ -52,17 +63,13 @@ CONFIG="/etc/sysconfig/network-scripts/$NICK.route" # Routing rules -FILES="/etc/sysconfig/network-scripts/rule-$1" +FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1" if [ -n "$2" -a "$2" != "$1" ]; then - FILES="$FILES /etc/sysconfig/network-scripts/rule-$2" + FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2" fi for file in $FILES; do if [ -f "$file" ]; then - { cat "$file" ; echo ; } | while read line; do - if [[ ! "$line" =~ $MATCH ]]; then - /sbin/ip rule add $line - fi - done + handle_ip_file $file fi done diff --git a/sysconfig/network-scripts/ifup-sit b/sysconfig/network-scripts/ifup-sit index b41dbf81..9e55146b 100644 --- a/sysconfig/network-scripts/ifup-sit +++ b/sysconfig/network-scripts/ifup-sit @@ -40,7 +40,7 @@ CONFIG=$1 source_config # IPv6 don't need aliases anymore, config is skipped -REALDEVICE=$(echo ${DEVICE} | sed 's/:.*//g') +REALDEVICE=${DEVICE%%:*} [ "$DEVICE" != "$REALDEVICE" ] && exit 0 # Test whether IPv6 configuration is enabled for this interface, else stop @@ -55,13 +55,13 @@ ipv6_test || exit 1 # Generic tunnel device sit0 is not supported here if [ "$DEVICE" = "sit0" ]; then - echo $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking" + net_log $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking" mdv-network-event connection_failure ${DEVICE} exit 1 fi if [ -z "$IPV6TUNNELIPV4" ]; then - echo $"Missing remote IPv4 address of tunnel, configuration is not valid" + net_log $"Missing remote IPv4 address of tunnel, configuration is not valid" mdv-network-event connection_failure ${DEVICE} exit 1 fi @@ -70,7 +70,7 @@ fi ipv6_test_device_status $DEVICE if [ $? = 0 ]; then # device is already up - echo $"Device '$DEVICE' is already up, please shutdown first" + net_log $"Device '$DEVICE' is already up, please shutdown first" mdv-network-event connection_failure ${DEVICE} exit 1 fi @@ -109,7 +109,7 @@ fi # Setup additional static IPv6 routes (newer config style) if [ -f "/etc/sysconfig/network-scripts/route6-$REALDEVICE" ]; then - cat "/etc/sysconfig/network-scripts/route6-$REALDEVICE" | sed 's/#.*//g' | grep -v '^[[:space:]]*$' | while read line; do + sed -ne 's/#.*//' -e '/[^[:space:]]/p' "/etc/sysconfig/network-scripts/route6-$REALDEVICE" | while read line; do /sbin/ip -6 route add $line done fi diff --git a/sysconfig/network-scripts/ifup-tunnel b/sysconfig/network-scripts/ifup-tunnel index fe43cdd9..b235bfe0 100755 --- a/sysconfig/network-scripts/ifup-tunnel +++ b/sysconfig/network-scripts/ifup-tunnel @@ -46,14 +46,14 @@ case "$TYPE" in /sbin/modprobe ipip ;; *) - echo $"Invalid tunnel type $TYPE" + net_log $"Invalid tunnel type $TYPE" exit 1 ;; esac # Generic tunnel devices are not supported here if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 ]; then - echo $"Device '$DEVICE' isn't supported as a valid GRE device name." + net_log $"Device '$DEVICE' isn't supported as a valid GRE device name." mdv-network-event connection_failure ${DEVICE} exit 1 fi diff --git a/sysconfig/network-scripts/network-functions b/sysconfig/network-scripts/network-functions index 37e088a0..5ca3abe6 100644 --- a/sysconfig/network-scripts/network-functions +++ b/sysconfig/network-scripts/network-functions @@ -53,7 +53,7 @@ get_config_by_name () get_device_by_hwaddr () { - LANG=C ip -o link | grep -v link/ieee802.11 | awk -F ': ' -vIGNORECASE=1 "/$1/ { print \$2 }" + LANG=C ip -o link | awk -F ': ' -vIGNORECASE=1 '!/link\/ieee802\.11/ && /'"$1"'/ { print $2 }' } need_config () @@ -150,7 +150,21 @@ source_config () is_true $NM_CONTROLLED && USE_NM=true } - +ethtool_set() +{ + oldifs=$IFS; + IFS=';'; + for opts in $ETHTOOL_OPTS ; do + IFS=$oldifs; + if [[ "${opts}" =~ [[:space:]]*- ]]; then + /sbin/ethtool $opts + else + /sbin/ethtool -s ${REALDEVICE} $opts + fi + IFS=';'; + done + IFS=$oldifs; +} expand_config () { @@ -166,6 +180,8 @@ expand_config () eval $(/bin/ipcalc --broadcast ${IPADDR} ${NETMASK}) fi + [ -n "$DHCP_HOSTNAME" ] && DHCP_HOSTNAME=${DHCP_HOSTNAME%%.*} + if [ -z "${NETWORK}" ]; then eval $(/bin/ipcalc --network ${IPADDR} ${NETMASK}) fi @@ -188,9 +204,8 @@ do_netreport () ( cd /var/run/netreport || exit for i in * ; do if [ -f $i ]; then - OWNER=$(ls -l $i | awk '{ print $3 }') - if [ "$(id -u)" = "0" ]; then + OWNER=$(stat -c %U $i) su -s /bin/bash $OWNER -c "kill -SIGIO $i >/dev/null 2>&1 || rm -f $i >/dev/null 2>&1" > /dev/null 2>&1 else kill -SIGIO $i >/dev/null 2>&1 || rm -f $i >/dev/null 2>&1 @@ -214,7 +229,7 @@ is_nm_active () is_nm_device_unmanaged () { - LANG=C LC_ALL=C nmcli -t --fields device,state dev status 2>/dev/null | grep -q "^${1}:unmanaged$" + LANG=C LC_ALL=C nmcli -t --fields GENERAL dev list iface "${1}" 2>/dev/null | awk -F ':' '/GENERAL.STATE/ { if ($2 == "unmanaged") exit 0 ; else exit 1; }' } # Sets $alias to the device module if $? != 0 @@ -438,3 +453,41 @@ clear_resolv_conf () rm -f /etc/resolv.conf.save fi } + +# Logging function +# +# Usage: net_log <message> <err|warning|info> <optional file/function name> +# +# Default level is 'err'. + +net_log() { + local message="$1" + local level="$2" + local name="$3" + + [ -z "$message" ] && return 1 + [ -z "$level" ] && level=err + [ -z "$name" ] && name=$0 + + case $level in + 'debug') + local txt_level=$"DEBUG " + ;; + 'err') + local txt_level=$"ERROR " + ;; + 'warning') + local txt_level=$"WARN " + ;; + 'info') + local txt_level=$"INFO " + ;; + esac + + echo "$txt_level: [$name] $message" + + if [ -x /usr/bin/logger ]; then + /usr/bin/logger -p daemon.$level -t "$name" "$message" + fi + return 0 +} diff --git a/sysconfig/network-scripts/network-functions-ipv6 b/sysconfig/network-scripts/network-functions-ipv6 index 24100cba..394367bb 100644 --- a/sysconfig/network-scripts/network-functions-ipv6 +++ b/sysconfig/network-scripts/network-functions-ipv6 @@ -11,158 +11,6 @@ # - - - - -##### Logging function -# $1: <message> : message string -# $2: [stdout|stderr].[err|warn[ing]|inf[o]|notice] : log level with optional channel, default is "stdout.notice" -# [syslog.[facility.].err|warn[ing]|inf[o]|notice : syslog channel, default is "syslog.user.notice" -# $3: <function name> : name of function which calls this log function, can be empty using "" -# return code: 0=ok 1=argument error 3=major problem -ipv6_log() { - local message="$1" - local level="$2" - local name="$3" - - if [ -z "$message" ]; then - echo $"ERROR: [ipv6_log] Missing 'message' (arg 1)" >/dev/stderr - return 1 - fi - if [ -z "$level" ]; then - local level="stdout.notice" - fi - - - # Map loglevel now - local fn=1 - local fnawk="print \$$fn" - local t="$(echo $level | awk -F. "{ $fnawk }")" - - # Check channel, if given - case $t in - 'stdout'|'stderr'|'syslog') - local channel="$t" - local fn=$(($fn + 1)) - ;; - *) - local channel="stdout" - ;; - esac - - # Check syslog facilty, if given - if [ "$channel" = "syslog" ]; then - local fnawk="print \$$fn" - local t="$(echo $level | awk -F. "{ $fnawk }")" - case $t in - 'local0'|'local1'|'local2'|'local3'|'local4'|'local5'|'local6'|'local7'|'daemon') - local facility="$t" - local fn=$(($fn + 1)) - ;; - *) - local facility="user" - ;; - esac - fi - - local fnawk="print \$$fn" - local t="$(echo $level | awk -F. "{ $fnawk }")" - - # Map priority - [ "$t" = "inf" ] && local t="info" - [ "$t" = "deb" ] && local t="debug" - [ "$t" = "warning" ] && local t="warn" - [ "$t" = "error" ] && local t="err" - [ "$t" = "critical" ] && local t="crit" - - # Check priority, if given - case $t in - 'info'|'debug'|'notice'|'warn'|'err'|'crit') - local priority="$t" - local fn=$(($fn + 1)) - ;; - *) - local priority="notice" - ;; - esac - - local fnawk="print \$$fn" - local t="$(echo $level | awk -F. "{ $fnawk }")" - if [ -n "$t" ]; then - echo $"ERROR: [ipv6_log] Loglevel isn't valid '$level' (arg 2)" >/dev/stderr - return 1 - fi - - # Generate function text - if [ -z "$name" ]; then - local txt_name="" - else - local txt_name="[$name]" - fi - - # Log message - case $channel in - 'stdout'|'stderr') - # Generate level text - case $priority in - 'debug') - local txt_level=$"DEBUG " - ;; - 'err') - local txt_level=$"ERROR " - ;; - 'warn') - local txt_level=$"WARN " - ;; - 'crit') - local txt_level=$"CRITICAL " - ;; - 'info') - local txt_level=$"INFO " - ;; - 'notice') - local txt_level=$"NOTICE " - ;; - esac - - [ -n "$txt_name" ] && local txt_name="$txt_name " - - if [ "$channel" = "stderr" ]; then - echo "$txt_level: ${txt_name}${message}" >/dev/stderr - elif [ "$channel" = "stdout" ]; then - echo "$txt_level: ${txt_name}${message}" - fi - ;; - 'syslog') - # note: logger resides in /usr/bin, but not used by default - if ! [ -x /usr/bin/logger ]; then - echo $"ERROR: [ipv6_log] Syslog is chosen, but binary 'logger' doesn't exist or isn't executable" >/dev/stderr - return 3 - fi - if [ -z "$txt_name" ]; then - /usr/bin/logger -p $facility.$priority $message - else - /usr/bin/logger -p $facility.$priority -t "$txt_name" "$message" - fi - ;; - *) - echo $"ERROR: [ipv6_log] Cannot log to channel '$channel'" >/dev/stderr - return 3 - ;; - esac - - return 0 -} - - -###### Beginning of main code here, always executed on "source|. network-functions-ipv6" - - - -###### End of main code here - - ##### Test for IPv6 capabilites # $1: (optional) testflag: currently supported: "testonly" (do not load a module) # return code: 0=ok 2=IPv6 test fails @@ -178,7 +26,6 @@ ipv6_test() { modprobe ipv6 if ! [ -f /proc/net/if_inet6 ]; then - # ipv6_log $"Kernel is not compiled with IPv6 support" crit $fn return 2 fi fi @@ -206,12 +53,12 @@ ipv6_add_route() { local device=$3 # maybe empty if [ -z "$networkipv6" ]; then - ipv6_log $"Missing parameter 'IPv6-network' (arg 1)" err $fn + net_log $"Missing parameter 'IPv6-network' (arg 1)" err $fn return 1 fi if [ -z "$gatewayipv6" ]; then - ipv6_log $"Missing parameter 'IPv6-gateway' (arg 2)" err $fn + net_log $"Missing parameter 'IPv6-gateway' (arg 2)" err $fn return 1 fi @@ -236,10 +83,10 @@ ipv6_add_route() { true elif echo $returntxt | LC_ALL=C grep -q "No route to host"; then # Netlink: "No route to host" - ipv6_log $"'No route to host' adding route '$networkipv6' via gateway '$gatewayipv6' through device '$device'" warn $fn + net_log $"'No route to host' adding route '$networkipv6' via gateway '$gatewayipv6' through device '$device'" err $fn return 3 else - ipv6_log $"Unknown error" warn $fn + net_log $"Unknown error" err $fn return 3 fi fi @@ -264,7 +111,7 @@ ipv6_enable_autotunnel() { /sbin/ip link set sit0 up if ! ipv6_test_device_status sit0; then - ipv6_log $"Tunnel device 'sit0' enabling didn't work" err $fn + net_log $"Tunnel device 'sit0' enabling didn't work" err $fn return 3 fi @@ -290,12 +137,12 @@ ipv6_add_addr_on_device() { local address=$2 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi if [ -z "$address" ]; then - ipv6_log $"Missing parameter 'IPv6-address' (arg 2)" err $fn + net_log $"Missing parameter 'IPv6-address' (arg 2)" err $fn return 1 fi @@ -309,20 +156,20 @@ ipv6_add_addr_on_device() { if [ "$result" = "0" ]; then true elif [ "$result" != "11" ]; then - ipv6_log $"Device '$device' doesn't exist" err $fn + net_log $"Device '$device' doesn't exist" err $fn return 3 else /sbin/ip link set $device up if ! ipv6_test_device_status $device; then - ipv6_log $"Device '$device' enabling didn't work" err $fn + net_log $"Device '$device' enabling didn't work" err $fn return 3 fi fi # Extract address parts local prefixlength_implicit="$(echo $address | awk -F/ '{ print $2 }')" - local address_implicit="$(echo $address | awk -F/ '{ print $1 }')" + local address_implicit="${address%%/*}" # Check prefix length and using '64' as default if [ -z "$prefixlength_implicit" ]; then @@ -336,7 +183,7 @@ ipv6_add_addr_on_device() { if [ $result -eq 2 ]; then return 0 elif [ $result -ne 0 ]; then - ipv6_log $"Cannot add IPv6 address '$address' on dev '$device'" err $fn + net_log $"Cannot add IPv6 address '$address' on dev '$device'" err $fn return 3 fi @@ -353,7 +200,7 @@ ipv6_cleanup_device() { local device=$1 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi @@ -382,14 +229,14 @@ ipv6_cleanup_6to4_device() { local device=$1 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi ipv6_test testonly || return 2 # Cleanup 6to4 addresses on this device - /sbin/ip -6 addr show dev $dev scope global permanent | LC_ALL=C grep -w inet6 | awk '{ print $2}' | LC_ALL=C grep "^2002:" | while read addr; do + /sbin/ip -6 addr show dev $dev scope global permanent | awk '/\<inet6\>/ && $2 ~ /^2002:/ { print $2 }' | while read addr; do /sbin/ip -6 addr del ${addr} dev ${dev} done @@ -462,7 +309,7 @@ ipv6_test_device_status() { local device=$1 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi @@ -493,10 +340,10 @@ ipv6_create_6to4_prefix() { local ipv4addr=$1 if [ -z "$ipv4addr" ]; then - ipv6_log $"Missing parameter 'IPv4 address' (arg 1)" stderr.err $fn + net_log $"Missing parameter 'IPv4 address' (arg 1)" err $fn fi - local major1="$(echo $ipv4addr | awk -F. '{ print $1 }')" + local major1="${ipv4addr%%.*}" local minor1="$(echo $ipv4addr | awk -F. '{ print $2 }')" local major2="$(echo $ipv4addr | awk -F. '{ print $3 }')" local minor2="$(echo $ipv4addr | awk -F. '{ print $4 }')" @@ -533,7 +380,7 @@ ipv6_create_6to4_relay_address() { local addr=$1 if [ -z "$addr" ]; then - ipv6_log $"Missing parameter 'address' (arg 1)" stderr.err $fn + net_log $"Missing parameter 'address' (arg 1)" err $fn return 1 fi @@ -544,11 +391,11 @@ ipv6_create_6to4_relay_address() { # IPv4 globally usable local ipv6to4_relay="::$addr" else - ipv6_log $"Given address '$addr' is not a global IPv4 one (arg 1)" stderr.err $fn + net_log $"Given address '$addr' is not a global IPv4 one (arg 1)" err $fn return 1 fi else - ipv6_log $"Given address '$addr' is not a valid IPv4 one (arg 1)" stderr.err $fn + net_log $"Given address '$addr' is not a valid IPv4 one (arg 1)" err $fn return 1 fi @@ -577,18 +424,18 @@ ipv6_add_6to4_tunnel() { local localipv4=$5 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi if [ -z "$globalipv4" ]; then - ipv6_log $"Missing parameter 'global IPv4 address' (arg 2)" err $fn + net_log $"Missing parameter 'global IPv4 address' (arg 2)" err $fn return 1 fi # Check device if [ "$device" != "tun6to4" ]; then - ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn + net_log $"Given device '$device' is not supported (arg 1)" err $fn return 1 fi @@ -639,13 +486,13 @@ ipv6_cleanup_6to4_tunnels() { local device=$1 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi # Check device if [ "$device" != "tun6to4" ]; then - ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn + net_log $"Given device '$device' is not supported (arg 1)" err $fn return 1 fi @@ -654,7 +501,7 @@ ipv6_cleanup_6to4_tunnels() { ipv6_del_tunnel_device tun6to4 # Remove all unspecific unreachable routes for local 6to4 address space - /sbin/ip -6 route | LC_ALL=C grep "^unreachable 2002:" | LC_ALL=C grep "/48 dev lo" | while read token net rest; do + /sbin/ip -6 route | LC_ALL=C grep "^unreachable 2002:.*/48 dev lo" | while read token net rest; do /sbin/ip route del unreach $net done @@ -673,18 +520,18 @@ ipv6_del_6to4_tunnel() { local localipv4=$2 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi if [ -z "$localipv4" ]; then - ipv6_log $"Missing parameter 'local IPv4 address' (arg 2)" err $fn + net_log $"Missing parameter 'local IPv4 address' (arg 2)" err $fn return 1 fi # Check device if [ "$device" != "tun6to4" ]; then - ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn + net_log $"Given device '$device' is not supported (arg 1)" err $fn return 1 fi @@ -715,12 +562,12 @@ ipv6_add_tunnel_device() { local addressipv4tunnellocal=$4 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi if [ -z "$addressipv4tunnel" ]; then - ipv6_log $"Missing parameter 'IPv4-tunnel address' (arg 2)" err $fn + net_log $"Missing parameter 'IPv4-tunnel address' (arg 2)" err $fn return 1 fi @@ -740,7 +587,7 @@ ipv6_add_tunnel_device() { if [ "$addressipv4tunnel" != "0.0.0.0" -a "$addressipv4tunnel" != "any" ]; then /sbin/ip tunnel show remote $addressipv4tunnel 2>/dev/null | LC_ALL=C grep -w "ipv6/ip" | while IFS=":" read devnew rest; do if [ "$devnew" != "$device" ]; then - ipv6_log $"Given remote address '$addressipv4tunnel' on tunnel device '$device' is already configured on device '$devnew'" err $fn + net_log $"Given remote address '$addressipv4tunnel' on tunnel device '$device' is already configured on device '$devnew'" err $fn return 3 fi done @@ -753,14 +600,14 @@ ipv6_add_tunnel_device() { # Test, whether "ip tunnel show" reports valid content if ! /sbin/ip tunnel show $device 2>/dev/null | LC_ALL=C grep -q -w "remote"; then - ipv6_log $"Tunnel device '$device' creation didn't work" err $fn + net_log $"Tunnel device '$device' creation didn't work" err $fn return 3 fi /sbin/ip link set $device up if ! ipv6_test_device_status $device; then - ipv6_log $"Tunnel device '$device' bringing up didn't work" err $fn + net_log $"Tunnel device '$device' bringing up didn't work" err $fn return 3 fi @@ -793,7 +640,7 @@ ipv6_del_tunnel_device() { local device=$1 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi @@ -831,7 +678,7 @@ ipv6_cleanup_tunnel_devices() { # Find still existing tunnel devices and shutdown and delete them - /sbin/ip tunnel show | LC_ALL=C grep -w "ipv6/ip" | awk -F: '{ print $1 }' | while read device; do + /sbin/ip tunnel show | awk -F: '/\<ipv6\/ip\>/ { print $1 }' | while read device; do ipv6_del_tunnel_device $device done @@ -851,16 +698,16 @@ ipv6_get_ipv4addr_of_tunnel() { local selection=$2 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" stderr.err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi if [ -z "$selection" ]; then - ipv6_log $"Missing parameter 'selection' (arg 2)" stderr.err $fn + net_log $"Missing parameter 'selection' (arg 2)" err $fn return 1 fi if [ "$selection" != "local" -a "$selection" != "remote" ]; then - ipv6_log $"Unsupported selection '$selection' specified (arg 2)" stderr.err $fn + net_log $"Unsupported selection '$selection' specified (arg 2)" err $fn return 1 fi @@ -904,7 +751,7 @@ ipv6_get_ipv4addr_of_device() { local device=$1 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" stderr.err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi @@ -943,18 +790,18 @@ ipv6_set_mtu() { local ipv6_mtu=$2 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi if [ -z "$ipv6_mtu" ]; then - ipv6_log $"Missing parameter 'IPv6 MTU' (arg 2)" err $fn + net_log $"Missing parameter 'IPv6 MTU' (arg 2)" err $fn return 1 fi # Check range if [ $ipv6_mtu -lt 1280 -o $ipv6_mtu -gt 65535 ]; then - ipv6_log $"Given IPv6 MTU '$ipv6_mtu' is out of range" err $fn + net_log $"Given IPv6 MTU '$ipv6_mtu' is out of range" err $fn return 1 fi @@ -987,17 +834,17 @@ ipv6_set_default_route() { fi if [ -n "$address" ]; then - local addressgw=$(echo $address | awk -F% '{ print $1 }') + local addressgw=${address%%%*} local device_scope=$(echo $address | awk -F% '{ print $2 }') if [ -z "$addressgw" ]; then - ipv6_log $"Given IPv6 default gateway '$address' is not in proper format" err $fn + net_log $"Given IPv6 default gateway '$address' is not in proper format" err $fn return 3 fi # Scope device has precedence if [ -n "$device_scope" -a -n "$device" -a "$device_scope" != "$device" ]; then - ipv6_log $"Given IPv6 default gateway '$address' has scope '$device_scope' defined, given default gateway device '$device' will be not used" inf $fn + net_log $"Given IPv6 default gateway '$address' has scope '$device_scope' defined, given default gateway device '$device' will be not used" info $fn local device="" fi @@ -1005,7 +852,7 @@ ipv6_set_default_route() { if echo $addressgw | LC_ALL=C grep -qi "^fe80:"; then if [ -z "$device_scope" ]; then if [ -z "$device" ]; then - ipv6_log $"Given IPv6 default gateway '$address' is link-local, but no scope or gateway device is specified" err $fn + net_log $"Given IPv6 default gateway '$address' is link-local, but no scope or gateway device is specified" err $fn return 3 fi fi @@ -1045,16 +892,16 @@ ipv6_set_default_route() { local result=$? if [ $result = 0 ]; then - ipv6_log $"Given IPv6 default device '$device' requires an explicit nexthop" err $fn + net_log $"Given IPv6 default device '$device' requires an explicit nexthop" err $fn return 3 elif [ $result != 10 ]; then - ipv6_log $"Given IPv6 default device '$device' doesn't exist or isn't up" err $fn + net_log $"Given IPv6 default device '$device' doesn't exist or isn't up" err $fn return 3 fi ipv6_add_route ::/0 :: $device else - ipv6_log $"No parameters given to setup a default route" err $fn + net_log $"No parameters given to setup a default route" err $fn return 3 fi @@ -1071,7 +918,7 @@ ipv6_test_route_requires_next_hop() { local device=$1 if [ -z "$device" ]; then - ipv6_log $"Missing parameter 'device' (arg 1)" err $fn + net_log $"Missing parameter 'device' (arg 1)" err $fn return 1 fi @@ -1109,12 +956,12 @@ ipv6_trigger_radvd() { local pidfile=$3 if [ -z "$reason" ]; then - ipv6_log $"No reason given for sending trigger to radvd" err $fn + net_log $"No reason given for sending trigger to radvd" err $fn return 1 fi if [ "$reason" != "up" -a "$reason" != "down" ]; then - ipv6_log $"Unsupported reason '$reason' for sending trigger to radvd" err $fn + net_log $"Unsupported reason '$reason' for sending trigger to radvd" err $fn return 1 fi @@ -1143,7 +990,7 @@ ipv6_trigger_radvd() { local action="$mechanism" ;; *) - ipv6_log $"Unsupported mechanism '$mechanism' for sending trigger to radvd" err $fn + net_log $"Unsupported mechanism '$mechanism' for sending trigger to radvd" err $fn return 3 ;; esac @@ -1155,7 +1002,7 @@ ipv6_trigger_radvd() { # be quiet because triggering may have been disabled true else - ipv6_log $"Given pidfile '$pidfile' doesn't exist, cannot send trigger to radvd" err $fn + net_log $"Given pidfile '$pidfile' doesn't exist, cannot send trigger to radvd" err $fn fi return 3 fi @@ -1164,7 +1011,7 @@ ipv6_trigger_radvd() { local pid="$(cat $pidfile)" if [ -z "$pid" ]; then # pidfile empty - strange - ipv6_log $"Pidfile '$pidfile' is empty, cannot send trigger to radvd" err $fn + net_log $"Pidfile '$pidfile' is empty, cannot send trigger to radvd" err $fn return 3 fi fi @@ -1181,7 +1028,7 @@ ipv6_trigger_radvd() { # be quiet because triggering may have been disabled true else - ipv6_log $"radvd not (properly) installed, triggering failed" err $fn + net_log $"radvd not (properly) installed, triggering failed" err $fn fi return 3 else diff --git a/sysconfig/readonly-root b/sysconfig/readonly-root index dbf1829f..ac03e565 100644 --- a/sysconfig/readonly-root +++ b/sysconfig/readonly-root @@ -15,3 +15,5 @@ STATE_LABEL=stateless-state STATE_MOUNT=/var/lib/stateless/state # Options to use for peristent mount STATE_OPTIONS= +# NFS server to use for persistent data? +CLIENTSTATE= |