diff options
Diffstat (limited to 'sysconfig/network-scripts/ifdown-ipv6')
| -rwxr-xr-x | sysconfig/network-scripts/ifdown-ipv6 | 106 |
1 files changed, 75 insertions, 31 deletions
diff --git a/sysconfig/network-scripts/ifdown-ipv6 b/sysconfig/network-scripts/ifdown-ipv6 index 45c7f24d..d111d1cb 100755 --- a/sysconfig/network-scripts/ifdown-ipv6 +++ b/sysconfig/network-scripts/ifdown-ipv6 @@ -6,9 +6,27 @@ # Taken from: # (P) & (C) 2000-2001 by Peter Bieringer <pb@bieringer.de> # -# Version 2001-02-08 +# RHL integration assistance by Pekka Savola <pekkas@netcore.fi> +# +# Version 2001-05-22d +# +# Uses following information from /etc/sysconfig/network: +# NETWORKING_IPV6=yes|no: controls IPv6 initialization (global setting) +# +# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1: +# IPV6INIT=yes|no: controls IPv6 configuration for this interface +# +# Optional for 6to4 tunneling: +# IPV6TO4_RELAY=<ipv4address>: IPv4 address of the remote 6to4 relay +# IPV6TO4_ROUTING="eth0-:f101::0/64 eth1-:f102::0/64": information to setup local subnetting +# IPV6TO4_CONTROL_RADVD=yes|no: controls radvd triggering [optional] +# IPV6TO4_RADVD_PIDFILE=file: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid" [optional] +# +# Requirements for 6to4 if using radvd: +# radvd-0.6.2p3 or newer supporting option "Base6to4Interface" # + . /etc/sysconfig/network cd /etc/sysconfig/network-scripts @@ -18,42 +36,68 @@ CONFIG=$1 [ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG source_config -# Test if IPv6 configuration is enabled -if [ ! "$IPV6INIT" = "yes" ]; then - # not enabled, stop here - exit 0 +# Test if IPv6 is globally enabled +if [ ! "${NETWORKING_IPV6}" = "yes" ]; then + # Global IPv6 switch not enabled, end now + exit 0 +fi + +if [ ! -f /etc/sysconfig/network-scripts/network-functions-ipv6 ]; then + # IPv6 setup isn't well + exit 1 fi - -# Test if IPv6 is up -if [ "${NETWORKING_IPV6}" = "yes" ]; then - . /etc/sysconfig/network-scripts/network-functions-ipv6 +# Source IPv6 helper functions +. /etc/sysconfig/network-scripts/network-functions-ipv6 + +# IPv6 test, no module loaded, exit if system is not IPv6-ready +test_ipv6 testonly || exit 0 - # Delete additional static IPv6 routes on specified interface - if [ -f /etc/sysconfig/static-routes-ipv6 ]; then - grep "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device args; do - if [ "$device" = "$DEVICE" ]; then - ifdown_ipv6_route $args $DEVICE + +# Switch some sysctls to secure mode +sysctl -w net.ipv6.conf.$DEVICE.forwarding=0 >/dev/null +sysctl -w net.ipv6.conf.$DEVICE.accept_ra=0 >/dev/null +sysctl -w net.ipv6.conf.$DEVICE.accept_redirects=0 >/dev/null + +# Shutdown of 6to4, if configured +valid6to4config="yes" +if [ -z "$IPV6TO4_RELAY" ]; then + valid6to4config="no" +fi +if [ "$valid6to4config" = "yes" ]; then + if [ "$IPV6TO4_CONTROL_RADVD" = "yes" ]; then + # stop RADVD from distributing no longer usable 6to4 prefixes + if [ -z "$IPV6TO4_RADVD_PIDFILE" ]; then + # Take default + IPV6TO4_RADVD_PIDFILE="/var/run/radvd/radvd.pid" + fi + # Send SIGHUP to radvd + if [ -f "$IPV6TO4_RADVD_PIDFILE" ]; then + pid="`cat $IPV6TO4_RADVD_PIDFILE`" + if [ ! -z "$pid" ]; then + # still waiting for feature enabling: stopping distribution of prefixes in RADVD.... + # kill -SOMETHING $pid + false + else + false fi - done + fi fi - # Switch off forwarding per device (packets received on this - # interface aren't forwarded - forwarding_ipv6 no $DEVICE - - # Delete additional IPv6 addresses from list - if [ ! -z "$IPV6ADDR_SECONDARIES" ]; then - for ipv6addr in $IPV6ADDR_SECONDARIES; do - ifdown_ipv6_real $DEVICE $ipv6addr + if [ ! -z "$IPV6TO4_ROUTING" ]; then + # Delete routes to local networks + for devsuf in $IPV6TO4_ROUTING; do + dev="`echo $devsuf | awk -F- '{ print $1 }'`" + ifdown_ipv6_route_all $dev :: done fi - - # Shutdown basic configured IPv6 address on specified interface - if ! [ -z "$IPV6ADDR" ]; then - ifdown_ipv6_real $DEVICE $IPV6ADDR - fi - # Cleanup all IPv6 configuration on specified interface (prevents from kernel crashing) - ifdown_ipv6_real_all $DEVICE -fi + # Delete all static IPv6to4 routes + ifdown_ipv6_route_all sit0 ::$IPV6TO4_RELAY + + # Delete all configured 6to4 address + ifdown_ipv6to4_all sit0 +fi + +# Delete all current configured IPv6 addresses on this interface +ifdown_ipv6_real_all $DEVICE |