#!/bin/sh
#
# network-functions-ipv6
#
# Taken from:
# (P) & (C) 1997-2001 by Peter Bieringer <pb@bieringer.de>
#
# Version: 2001-07-17a
#
# Extended address detection is enabled, if 'ipv6calc' is installed
# Available here: http://www.bieringer.de/linux/IPv6/tools/index.html#ipv6calc
#
# Return values
# 0 = ok
# 1 = error occurs
# 2 = not enabled, i.e. no IPv6 kernel support or switched off by configuration
##### Test for "ipv6calc" (used for better existing address detection)
EXISTS_ipv6calc=no
if which ipv6calc >/dev/null 2>&1; then
if ipv6calc --if_inet62addr 3ffe04000100f1010000000000000001 40 | grep -q -v '3ffe:400:100:f101::1/64'; then
false
elif ipv6calc --addr2if_inet6 3ffe:400:100::1/64 | grep -q -v '3ffe0400010000000000000000000001 00 40'; then
false
else
EXISTS_ipv6calc=yes
fi
else
false
fi
##### Test for IPv6 capabilites
# $1: (optional) testflag: currently supported: "testonly" (do not load a module)
test_ipv6() {
local testflag=$1
if ! [ -f /proc/net/if_inet6 ]; then
if [ "$testflag" = "testonly" ]; then
return 2
else
modprobe ipv6
if ! [ -f /proc/net/if_inet6 ]; then
echo $"Kernel is not compiled with IPv6 support"
return 2
fi
fi
fi
if [ ! -d /proc/sys/net/ipv6/conf/ ]; then
return 2
fi
if ! which ip 2>&1 >/dev/null; then
echo $"Utility 'ip' (from the iproute package) doesn't exist or isn't executable - non-NBMA-styled tunneling setup won't work!"
return 2
fi
return 0
}
##### Get version of this function libary
getversion_ipv6_functions() {
local version_ipv6_functions="`cat /etc/sysconfig/network-scripts/network-functions-ipv6 | grep "^# Version:" | awk '{ print $3 }' | sed 's/-//g' | sed 's/[A-Za-z]*$//g'`"
echo $version_ipv6_functions
}
##### Control IPv6 forwarding
# Control IPv6 forwarding
# $1: control [yes|no|on|off]
# $2: network device (if not given, global IPv6 forwarding is set) [OBSOLETE]
forwarding_ipv6() {
local fw_control=$1
local fw_device=$2 # maybe empty
if [ -z "$fw_control" ]; then
echo $"Missing parameter 'forwarding control' (arg 1)"
return 1
fi
if ! [ "$fw_control" = "yes" -o "$fw_control" = "no" -o "$fw_control" = "on" -o "$fw_control" = "off" ]; then
echo $"Don't understand forwarding control parameter '$fw_control' (arg 1)"
return 1
fi
test_ipv6 || return 2
if [ "$fw_control" = "yes" -o "$fw_control" = "on" ]; then
local status=1
else
local status=0
fi
# Global control? (if no device is given)
if [ -z "$fw_device" ]; then
sysctl -w net.ipv6.conf.all.forwarding=$status >/dev/null
fi
# Per device control (not implemented in kernel)
if [ ! -z "$fw_device" ]; then
echo $"IPv6 forwarding per device cannot be controlled via sysctl - use netfilter6 instead!"
fi
}
##### Static IPv6 route configuration
# Set static IPv6 route
# $1: IPv6 network to route
# $2: IPv6 gateway over which $1 should be routed (if "::", gw will be skipped)
# $3: Interface (optional)
ifup_ipv6_route() {
local networkipv6=$1
local gatewayipv6=$2
local device=$3 # maybe empty
if [ -z "$networkipv6" ]; then
echo $"Missing parameter 'IPv6-network' (arg 1)"
return 1
fi
if [ -z "$gatewayipv6" ]; then
echo $"Missing parameter 'IPv6-gateway' (arg 2)"
return 1
fi
test_ipv6 || return 2
testipv6_valid $networkipv6 || return 2
testipv6_valid $gatewayipv6 || return 2
if [ -z "$device" ]; then
local output="`LC_ALL=C route -A inet6 add $networkipv6 gw $gatewayipv6 2>&1`"
else
if [ "$gatewayipv6" = "::" ]; then
local output="`LC_ALL=C route -A inet6 add $networkipv6 dev $device 2>&1`"
else
local output="`LC_ALL=C route -A inet6 add $networkipv6 gw $gatewayipv6 dev $device 2>&1`"
fi
fi
if [ $? -ne 0 ]; then
if echo $output | grep -i -q 'SIOCADDRT: File exists'; then
true
else
echo $output
return 2
fi
fi
return 0
}
# Delete a static IPv6 route
# $1: IPv6 network to route
# $2: IPv6 gateway over which $1 should be routed (if "::", gw will be skipped)
# $3: Interface (optional)
ifdown_ipv6_route() {
local networkipv6=$1
local gatewayipv6=$2
local device=$3 # maybe empty
if [ -z "$networkipv6" ]; then
echo $"Missing parameter 'IPv6-network' (arg 1)"
return 1
fi
if [ -z "$gatewayipv6" ]; then
echo $"Missing parameter 'IPv6-gateway' (arg 2)"
return 1
fi
test_ipv6 || return 2
# Test, whether given IPv6 address is valid
testipv6_valid $networkipv6 || return 2
testipv6_valid $gatewayipv6 || return 2
if [ -z "$device" ]; then
local output="`LC_ALL=C route -A inet6 del $networkipv6 gw $gatewayipv6 2>&1`"
else
if [ "$gatewayipv6" = "::" ]; then
local output="`LC_ALL=C route -A inet6 del $networkipv6 dev $device 2>&1`"
else
local output="`LC_ALL=C route -A inet6 del $networkipv6 gw $gatewayipv6 dev $device 2>&1`"
fi
fi
if [ $? -ne 0 ]; then
if echo $output | grep -i -q 'SIOCDELRT: No such process'; then
true
else
echo $output
return 2
fi
fi
return 0
}
# Delete all static IPv6 routes through a given interface
# $1: Interface
# $2: Gateway match (optional)
ifdown_ipv6_route_all() {
local device=$1
local gatewaymatch=$2
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
test_ipv6 || return 2
# Get all IPv6 routes through given interface and remove them
LC_ALL=C route -A inet6 -n | grep "$device\W*$" | while read ipv6net nexthop flags metric ref use iface args; do
if [ "$iface" = "$device" ]; then
if [ ! -z "$gatewaymatch" ]; then
# Test if given gateway matches
if [ "$gatewaymatch" != "$nexthop" ]; then
continue
fi
fi
# Only non addrconf (automatic installed) routes should be removed
if echo $flags | grep -v -q "A"; then
local output="`LC_ALL=C route -A inet6 del $ipv6net gw $nexthop dev $iface 2>&1`"
fi
fi
done
}
##### automatic tunneling configuration
## Configure automatic tunneling up
ifup_ipv6_autotunnel() {
test_ipv6 || return 2
# enable IPv6-over-IPv4 tunnels
if test_interface_status sit0; then
true
else
# bring up basic tunnel device
ifconfig sit0 up
if ! test_interface_status sit0; then
echo $"Tunnel device 'sit0' enabling didn't work - FATAL ERROR!"
return 2
fi
# Set sysctls proper (regardless "default")
sysctl -w net.ipv6.conf.sit0.forwarding=1 >/dev/null
sysctl -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null
sysctl -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null
fi
return 0
}
## Configure automatic tunneling down
ifdown_ipv6_autotunnel() {
test_ipv6 || return 2
if test_interface_status sit0; then
# disable IPv6-over-IPv4 tunnels (if a tunnel is no longer up)
if LC_ALL=C route -A inet6 -n | grep "sit0\W*$" | awk '{ print $2 }' | grep -v -q "^::$"; then
# still existing routes, skip shutdown of sit0
true
elif LC_ALL=C ip addr show dev sit0 | grep inet6 | awk '{ print $2 }' | grep -v -q '^::'; then
# still existing IPv6 addresses, skip shutdown of sit0
true
else
# take down basic tunnel device
sysctl -w net.ipv6.conf.sit0.forwarding=0 >/dev/null
sysctl -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null
sysctl -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null
ifconfig sit0 down
if test_interface_status sit0; then
echo $"Tunnel device 'sit0' is still up - FATAL ERROR!"
return 2
fi
fi
fi
return 0
}
##### static NBMA-styled tunnel configuration
## Configure static tunnels up
# $1: Interface (not needed - dummy)
# $2: IPv4 address of foreign tunnel
# $3: IPv6 route through this tunnel
ifup_ipv6_tunnel() {
local device=$1
local addressipv4tunnel=$2
local routeipv6=$3
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
if [ -z "$addressipv4tunnel" ]; then
echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
return 1
fi
if [ -z "$routeipv6" ]; then
echo $"Missing parameter 'IPv6-route' (arg 3)"
return 1
fi
test_ipv6 || return 2
# Test, whether given IPv6 address is valid
testipv6_valid $routeipv6 || return 2
# enable general IPv6-over-IPv4 tunneling
ifup_ipv6_autotunnel
if [ $? -ne 0 ]; then
return 2
fi
# Set up a tunnel
ifup_ipv6_route $routeipv6 ::$addressipv4tunnel sit0
if [ $? -ne 0 ]; then
return 2
fi
return 0
}
## Configure static tunnels down
# $1: Interface (not used - dummy)
# $2: IPv4 address of foreign tunnel
# $3: IPv6 route through this tunnel
ifdown_ipv6_tunnel() {
local device=$1
local addressipv4tunnel=$2
local routeipv6=$3
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
if [ -z "$addressipv4tunnel" ]; then
echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
return 1
fi
if [ -z "$routeipv6" ]; then
echo $"Missing parameter 'IPv6-route' (arg 3)"
return 1
fi
test_ipv6 || return 2
# Delete a NBMA-styled tunnel
ifdown_ipv6_route $routeipv6 ::$addressipv4tunnel sit0
if [ $? -ne 0 ]; then
return 2
fi
# disable IPv6-over-IPv4 tunneling (if this was the last tunnel)
ifdown_ipv6_autotunnel
}
## Remove all IPv6 tunnels for a given tunnel endpoint
# $1: Interface (not used - dummy)
# $2: IPv4-tunnel address
ifdown_ipv6_tunnel_all() {
local idtuall_device=$1
local idtuall_tunnel=$2
if [ -z "$idtuall_device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
if [ -z "$idtuall_tunnel" ]; then
echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
return 1
fi
test_ipv6 || return 2
# Get all IPv6 routes through given interface and remove them
LC_ALL=C route -A inet6 -n | grep "::$idtuall_tunnel" | while read ipv6net nexthop flags metric ref use iface args; do
if [ "::$idtuall_tunnel" = "$nexthop" ]; then
if echo $flags | grep -v -q "A"; then
# Only non addrconf (automatic installed) routes should be removed
ifdown_ipv6_tunnel $idtuall_device $idtuall_tunnel $ipv6net
fi
fi
done
# disable IPv6-over-IPv4 tunneling (if this was the last tunnel)
ifdown_ipv6_autotunnel
return 0
}
##### Test, whether an IPv6 address exists on an interface
# $1: Device for testing
# $2: Address to test (without prefix)
# $3: Prefix of address $1
# return values: 1:problem, 10:not exists, 11:exits
test_ipv6_address_exists() {
local testdevice=$1
local testaddr=$2
local testprefix=$3
if [ -z "$testaddr" ]; then
echo $"Missing parameter 'IPv6AddrToTest' (arg 1)"
return 1
fi
if [ "$EXISTS_ipv6calc" = "yes" ]; then
# Using ipv6calc and compare against /proc/net/if_inet6
local convertresult="`ipv6calc --addr2if_inet6 $testaddr/$testprefix`"
# Split in address, scope and prefix length
local test_addr="`echo $convertresult | awk '{ print $1 }'`"
local test_scope="`echo $convertresult | awk '{ print $2 }'`"
local test_prefixlength="`echo $convertresult | awk '{ print $3 }'`"
if [ -z "$test_prefixlength" ]; then
local testresult="`grep "$test_addr .. .. $test_scope .." /proc/net/if_inet6 | grep $testdevice$`"
else
local testresult="`grep "$test_addr .. $test_prefixlength $test_scope .." /proc/net/if_inet6 | grep $testdevice$`"
fi
if [ ! -z "$testresult" ]; then
return 11
else
return 10
fi
else
# low budget version, only works if given address is in equal form like "ip" displays
local testresult="`LC_ALL=C ip addr show dev $testdevice | grep inet6 | awk '{ print $2 }' | grep -i "^$testaddr/$testprefix$"`"
if [ ! -z "$testresult" ]; then
return 11
else
return 10
fi
fi
}
##### Interface configuration
## Add an IPv6 address for given interface
# $1: Interface
# $2: IPv6 address
ifup_ipv6_real() {
local device=$1
local address=$2
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
ifupdown_ipv6_usage
return 1
fi
if [ -z "$address" ]; then
echo $"Missing parameter 'IPv6-address' (arg 2)"
ifupdown_ipv6_usage
return 1
fi
test_ipv6 || return 2
testipv6_valid $address || return 2
if test_interface_status $device; then
true
else
ifconfig $device up
if ! test_interface_status $device; then
echo $"Device '$device' enabling didn't work - FATAL ERROR!"
return 2
fi
fi
# Extract address parts
local prefixlength_implicit="`echo $address | awk -F/ '{ print $2 }'`"
local address_implicit="`echo $address | awk -F/ '{ print $1 }'`"
# Only add if address does not already exist
test_ipv6_address_exists $device $address_implicit $prefixlength_implicit
retval=$?
if [ $retval -lt 10 ]; then
return 2
fi
if [ $retval -eq 11 ]; then
true
else
ifconfig $device add $address || return 2
fi
return 0
}
## Remove all IPv6 routes and addresses for given interface
# cleanup to prevent kernel crashes
# $1: Interface
ifdown_ipv6_real_all() {
local device=$1
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
test_ipv6 || return 2
# Remove all IPv6 routes through this device (but not "lo")
if [ "$device" != "lo" ]; then
ip -6 route flush dev $device >/dev/null 2>&1
fi
# Remove all IPv6 addresses on this interface
ip -6 addr flush dev $device >/dev/null 2>&1
return 0
}
## Remove an IPv6 address on given interface
# $1: Interface
# $2: IPv6 address
ifdown_ipv6_real() {
local device=$1
local address=$2
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
ifupdown_ipv6_usage
return 1
fi
if [ -z "$address" ]; then
echo $"Missing parameter 'IPv6-address' (arg 2)"
ifupdown_ipv6_usage
return 1
fi
test_ipv6 || return 2
testipv6_valid $address || return 2
# Extract address parts
local prefixlength_implicit="`echo $address | awk -F/ '{ print $2 }'`"
local address_implicit="`echo $address | awk -F/ '{ print $1 }'`"
# Only remove, if address exists and is not link-local (prevents from kernel crashing)
test_ipv6_address_exists $device $address_implicit $prefixlength_implicit
local retval=$?
if [ $retval -lt 10 ]; then
return 2
fi
if [ $retval -eq 11 ]; then
ifconfig $device del $address || return 2
else
true
fi
return 0
}
##### Some address test functions
## Test a given IPv6 address for valid
# $1: IPv6 address
# Return code =0:valid 1:not valid 2:general problem
testipv6_valid() {
local testipv6addr_valid=$1
if [ -z "$testipv6addr_valid" ]; then
return 2
fi
# Extract parts
local prefixlength_implicit="`echo $testipv6addr_valid | awk -F/ '{ print $2 }'`"
local address_implicit="`echo $testipv6addr_valid | awk -F/ '{ print $1 }'`"
if [ "$EXISTS_ipv6calc" = "yes" ]; then
if ! ipv6calc --addr2uncompaddr $testipv6addr_valid >/dev/null 2>&1; then
echo $"Given IPv6 address '$testipv6addr_valid' is not valid"
return 1
fi
else
# Test for a valid format
if ! echo "$address_implicit" | egrep -q '^[a-fA-F0-9:\.]*$'; then
echo $"Given IPv6 address '$testipv6addr_valid' is not valid"
return 1
fi
fi
# Test for prefix length
if [ -z "$prefixlength_implicit" ]; then
if echo "$testipv6addr_valid" | grep "/$"; then
# Trailing "/", but no value
echo $"Missing 'prefix length' for given address '$testipv6addr_valid'"
return 1
else
return 0
fi
elif [ $prefixlength_implicit -lt 0 -o $prefixlength_implicit -gt 128 ]; then
echo $"'prefix length' on given address '$testipv6addr_valid' is out of range (0-128)"
return 1
fi
return 0
}
## Test a given IPv4 address for not a private but unicast one
# $1: IPv4 address
# Return code =0:ok 1:private or not unicast 2:general problem
testipv4_globalusable() {
local testipv4addr_globalusable=$1
if [ -z "$testipv4addr_globalusable" ]; then
return 2
fi
# Test for a globally usable IPv4 address now
# test 0.0.0.0/8
ipcalc --network $testipv4addr_globalusable 255.0.0.0 | grep -q "NETWORK=0\.0\.0\.0" && return 1
# test 10.0.0.0/8 (private)
ipcalc --network $testipv4addr_globalusable 255.0.0.0 | grep -q "NETWORK=10\.0\.0\.0" && return 1
# test 127.0.0.0/8 (loopback)
ipcalc --network $testipv4addr_globalusable 255.0.0.0 | grep -q "NETWORK=127\.0\.0\.0" && return 1
# test 169.254.0.0/16 (DHCP link local)
ipcalc --network $testipv4addr_globalusable 255.255.0.0 | grep -q "NETWORK=169\.254\.0\.0" && return 1
# test 172.16.0.0/12 (private)
ipcalc --network $testipv4addr_globalusable 255.240.0.0 | grep -q "NETWORK=172\.16\.0\.0" && return 1
# test 192.168.0.0/16 (private)
ipcalc --network $testipv4addr_globalusable 255.255.0.0 | grep -q "NETWORK=192\.168\.0\.0" && return 1
# test 224.0.0.0/3 (multicast and reserved, broadcast)
ipcalc --network $testipv4addr_globalusable 224.0.0.0 | grep -q "NETWORK=224\.0\.0\.0" && return 1
return 0
}
## Test a given device for status
# $1: device name
# Return code =0:UP 1:not UP 2:not exists
test_interface_status() {
local device=$1
if [ -z "$device" ]; then
echo $"Missing parameter 'device'"
echo $"Usage: ifdown_ipv6to4_all interfacename"
return 1
fi
# Test if device exists
if ! LC_ALL=C ifconfig $device >/dev/null 2>&1 ; then
return 2
fi
# Test if device is up
if LC_ALL=C ifconfig $device 2>&1 | grep -q "UP "; then
return 0
else
return 1
fi
}
## Build 6to4 prefix
# $1: IPv4 address
# RetVal: 6to4address
# Returncode 0=ok 1=failure 2=general problem
create6to4prefix() {
local ipv4addr=$1
local major1="`echo $ipv4addr | awk -F. '{ print $1 }'`"
local minor1="`echo $ipv4addr | awk -F. '{ print $2 }'`"
local major2="`echo $ipv4addr | awk -F. '{ print $3 }'`"
local minor2="`echo $ipv4addr | awk -F. '{ print $4 }'`"
if [ -z "$major1" -o -z "$minor1" -o -z "$major2" -o -z "$minor2" ]; then
return 2
fi
if [ $major1 -eq 0 ]; then
local block1="`printf "%x" $minor1`"
else
local block1="`printf "%x%02x" $major1 $minor1`"
fi
if [ $major2 -eq 0 ]; then
local block2="`printf "%x" $minor2`"
else
local block2="`printf "%x%02x" $major2 $minor2`"
fi
local prefix6to4="2002:$block1:$block2"
echo "$prefix6to4"
return 0
}
##### 6to4 tunneling setup
## Configure 6to4 tunneling up
# $1: Interface (not needed - dummy)
# $2: global IPv4 address of local interface
# $3: IPv6 suffix for 6to4 prefix (optional, default is "1")
# ReturnCodes 0=ok 1=failure 2=general problem
ifup_ipv6to4() {
local device=$1 # dummy
local localipv4=$2
local localipv6to4suffix=$3
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
ifupdown_ipv6to4_usage
return 1
fi
if [ -z "$localipv4" ]; then
echo $"Missing parameter 'local IPv4 address' (arg 2)"
ifupdown_ipv6to4_usage
return 1
fi
test_ipv6 || return 2
# Generate 6to4 address
local prefix6to4="`create6to4prefix $localipv4`"
if [ $? -ne 0 -o -z "$prefix6to4" ]; then
return 2
fi
if [ -z "$localipv6to4suffix" ]; then
local address6to4="${prefix6to4}::1/16"
else
local address6to4="${prefix6to4}::${localipv6to4suffix}/16"
fi
# Enable general IPv6-over-IPv4 tunneling
ifup_ipv6_autotunnel
ifup_ipv6_real sit0 $address6to4
if [ $? -ne 0 ]; then
return 2
fi
return 0
}
## Configure all 6to4 tunneling down
# $1: Interface (not needed - dummy)
# ReturnCodes 0=ok 1=failure 2=general problem
ifdown_ipv6to4_all() {
local device=$1 # dummy
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
test_ipv6 || return 2
# Get all configured 6to4 addresses and delete them
LC_ALL=C ip addr show dev sit0 | grep inet6 | awk '{ print $2 }' | grep "^2002:" | while read ipv6to4addr; do
ifdown_ipv6_real sit0 $ipv6to4addr
done
# Try to disable general IPv6-over-IPv4 tunneling
ifdown_ipv6_autotunnel
}
## Configure 6to4 tunneling down
# $1: Interface (not needed - dummy)
# $2: global IPv4 address of local interface
# ReturnCodes 0=ok 1=failure 2=general problem
ifdown_ipv6to4() {
local device=$1 # dummy
local localipv4=$2
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
if [ -z "$localipv4" ]; then
echo $"Missing parameter 'local IPv4 address' (arg 2)"
return 1
fi
test_ipv6 || return 2
# generate 6to4 address
local prefix6to4="`create6to4prefix $localipv4`"
echo $"Generated 6to4 prefix '$prefix6to4' from '$localipv4'"
if [ $? -ne 0 -o -z "$prefix6to4" ]; then
return 2
fi
if [ -z "$localipv6to4suffix" ]; then
local address6to4="$prefix6to4::1/16"
else
local address6to4="${prefix6to4}::${localipv6to4suffix}/16"
fi
ifdown_ipv6_real sit0 $address6to4
if [ $? -ne 0 ]; then
return 2
fi
# Try to disable general IPv6-over-IPv4 tunneling
ifdown_ipv6_autotunnel
if [ $? -ne 0 ]; then
return 2
fi
return 0
}
##### static tunnel device configuration
## Configure a static tunnel device up
# $1: Interface
# $2: IPv4 address of foreign tunnel
# $3: Local IPv6 address of a P-t-P tunnel (optional)
ifup_ipv6_tunneldev() {
local device=$1
local addressipv4tunnel=$2
local addressipv6local=$3
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
if [ -z "$addressipv4tunnel" ]; then
echo $"Missing parameter 'IPv4-tunnel address' (arg 2)"
return 1
fi
test_ipv6 || return 2
if ! test_interface_status $device; then
local ttldefault="`sysctl net.ipv4.ip_default_ttl | awk '{ print $3 }'`"
if [ -z "$ttldefault" ]; then
local ttldefault=64
fi
# Test whether remote IPv4 address was already applied to another tunnel (does not catch IPv4 addresses with leading 0's)
LC_ALL=C ip tunnel show | grep $addressipv4tunnel | while read dev type tag remote tag local tag ttl rest; do
local devnew="`echo $dev | sed 's/:$//g'`"
if [ "$remote" = "$addressipv4tunnel" ]; then
echo $"Given remote address '$addressipv4tunnel' on tunnel device '$device' is already configured on device '$devnew' - FATAL ERROR!"
return 2
fi
done
if [ $? -ne 0 ]; then
return 2
fi
ip tunnel add $device mode sit ttl $ttldefault remote $addressipv4tunnel
# Test, whether "ip tunnel show" works without error
ip tunnel show $device >/dev/null 2>&1
if [ $? -ne 0 ]; then
echo $"Tunnel device '$device' creation didn't work - ERROR!"
return 2
fi
# Test, whether "ip tunnel show" reports valid content
if ! ip tunnel show $device | grep -q "remote"; then
echo $"Tunnel device '$device' creation didn't work - ERROR!"
return 2
fi
ifconfig $device up
if ! test_interface_status $device; then
echo $"Tunnel device '$device' bringing up didn't work - ERROR!"
return 2
fi
# Set sysctls proper (regardless "default")
sysctl -w net.ipv6.conf.$device.forwarding=1 >/dev/null
sysctl -w net.ipv6.conf.$device.accept_ra=0 >/dev/null
sysctl -w net.ipv6.conf.$device.accept_redirects=0 >/dev/null
if [ ! -z "$addressipv6local" ]; then
# Setup P-t-P address
ifup_ipv6_real $device $addressipv6local
if [ $? -ne 0 ]; then
return 2
fi
fi
else
false
fi
return 0
}
## Configure a static tunnel device down
# $1: Interface
ifdown_ipv6_tunneldev() {
local device=$1
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
test_ipv6 || return 2
if test_interface_status $device; then
ifdown_ipv6_real_all $device
else
if [ "$device" != "sit0" ]; then
false
fi
fi
if [ "$device" != "sit0" ]; then
if ip tunnel | grep -q "^$device:" ; then
ip tunnel del $device
if test_interface_status $device; then
false
fi
else
false
fi
fi
return 0
}
## Set IPv6 MTU for a device
# $1: Interface
# $2: IPv6 MTU
ipv6_set_mtu() {
local device=$1
local ipv6_mtu=$2
if [ -z "$device" ]; then
echo $"Missing parameter 'device' (arg 1)"
return 1
fi
if [ -z "$ipv6_mtu" ]; then
echo $"Missing parameter 'IPv6 MTU' (arg 2)"
return 1
fi
# Check range
if [ $ipv6_mtu -lt 1280 -o $ipv6_mtu -gt 65535 ]; then
echo $"Given IPv6 MTU is out of range"
return 1
fi
sysctl -w net.ipv6.conf.$device.mtu=$ipv6_mtu >/dev/null
}