#!/bin/sh # # ifdown-ipv6 # # # Taken from: # (P) & (C) 2000-2001 by Peter Bieringer # # RHL integration assistance by Pekka Savola # # Version 2001-07-15 # # Uses following information from /etc/sysconfig/network: # NETWORKING_IPV6=yes|no: controls IPv6 initialization (global setting) # # Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1: # IPV6INIT=yes|no: controls IPv6 configuration for this interface # # Optional for 6to4 tunneling: # IPV6TO4_RELAY=: IPv4 address of the remote 6to4 relay # IPV6TO4_ROUTING="eth0-:f101::0/64 eth1-:f102::0/64": information to setup local subnetting # IPV6TO4_CONTROL_RADVD=yes|no: controls radvd triggering [optional] # IPV6TO4_RADVD_PIDFILE=file: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid" [optional] # # Requirements for 6to4 if using radvd: # radvd-0.6.2p3 or newer supporting option "Base6to4Interface" # . /etc/sysconfig/network cd /etc/sysconfig/network-scripts . network-functions CONFIG=$1 [ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG source_config # Test whether IPv6 should be configured, else stop [ "${NETWORKING_IPV6}" = "yes" ] || exit 0 if [ ! -f /etc/sysconfig/network-scripts/network-functions-ipv6 ]; then exit 1 fi # Source IPv6 helper functions . /etc/sysconfig/network-scripts/network-functions-ipv6 # IPv6 test, no module loaded, exit if system is not IPv6-ready test_ipv6 testonly || exit 0 # Switch some sysctls to secure mode sysctl -w net.ipv6.conf.$DEVICE.forwarding=0 >/dev/null sysctl -w net.ipv6.conf.$DEVICE.accept_ra=0 >/dev/null sysctl -w net.ipv6.conf.$DEVICE.accept_redirects=0 >/dev/null # Shutdown of 6to4, if configured valid6to4config="yes" if [ -z "$IPV6TO4_RELAY" ]; then valid6to4config="no" fi if [ "$valid6to4config" = "yes" ]; then if [ "$IPV6TO4_CONTROL_RADVD" = "yes" ]; then # stop RADVD from distributing no longer usable 6to4 prefixes if [ -z "$IPV6TO4_RADVD_PIDFILE" ]; then IPV6TO4_RADVD_PIDFILE="/var/run/radvd/radvd.pid" fi # Send SIGHUP to radvd if [ -f "$IPV6TO4_RADVD_PIDFILE" ]; then pid="`cat $IPV6TO4_RADVD_PIDFILE`" if [ ! -z "$pid" ]; then # still waiting for feature enabling: stopping distribution of prefixes in RADVD.... # kill -SOMETHING $pid false else false fi fi fi if [ ! -z "$IPV6TO4_ROUTING" ]; then # Delete routes to local networks for devsuf in $IPV6TO4_ROUTING; do dev="`echo $devsuf | awk -F- '{ print $1 }'`" ifdown_ipv6_route_all $dev :: done fi # Detect type of address, whether it is IPv4 or IPv6 if testipv6_valid $IPV6TO4_RELAY; then relay6to4type="ipv6" fi # Delete all static IPv6to4 routes if [ "$relay6to4type" = "ipv6" ]; then ifdown_ipv6_route_all sit0 $IPV6TO4_RELAY else ifdown_ipv6_route_all sit0 ::$IPV6TO4_RELAY fi # Delete old 6to4 routes, even if IPV6TO4_RELAY was changed if [ -f /etc/sysconfig/static-routes-ipv6 ]; then grep -w "^sit0" /etc/sysconfig/static-routes-ipv6 | while read device network dummy; do if [ "$EXISTS_ipv6calc" = "yes" ]; then # Convert given network to compressed one network="`ipv6calc --addr_to_compressed $network`" fi LC_ALL=C route -A inet6 | grep "^$network" | while read destination nexthop flags metric ref use iface dummy; do if ! [ "$device" = "$iface" -a "$network" = "$destination" ]; then continue fi # Look for routes to a compatible IPv4 address, delete them if echo $nexthop | egrep -q '^::[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$'; then ifdown_ipv6_route $destination $nexthop $iface fi # Look for routes to a IPv6to4 address, delete them if echo $nexthop | egrep -q '^2002::'; then ifdown_ipv6_route $destination $nexthop $iface fi done done fi # Delete 6to4 route ifdown_ipv6_route 2002::/16 :: sit0 # Delete all configured 6to4 address ifdown_ipv6to4_all sit0 fi # Delete all current configured IPv6 addresses on this interface ifdown_ipv6_real_all $DEVICE