aboutsummaryrefslogtreecommitdiffstats
path: root/sysconfig/network-scripts/ifdown-ipv6
blob: 7bfcfb346269ad7ed1bc3e27c8d0b696ea052b6f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
#!/bin/sh
#
# ifdown-ipv6
#
#
# Taken from:
# (P) & (C) 2000-2004 by Peter Bieringer <pb@bieringer.de>
#
#  You will find more information on the initscripts-ipv6 homepage at
#   http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Version 2005-09-22
#
# Note: if called as (like normally) by /etc/sysconfig/network-scripts/ifdown
#        exit codes aren't handled by "ifdown"
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
#  DEVICE=<device>
#  IPV6INIT=yes|no: controls IPv6 configuration for this interface
#
# Optional for 6to4 tunneling:
#  IPV6TO4_RELAY=<IPv4 address>: IPv4 address of the remote 6to4 relay [default: 192.88.99.1]
#  IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ...": information to setup internal interfaces
#
# Optional for 6to4 tunneling links to trigger radvd:
#  IPV6_CONTROL_RADVD=yes|no: controls radvd triggering [optional]
#  IPV6_RADVD_PIDFILE=<file>: PID file of radvd for sending signals, default is "/var/run/radvd/radvd.pid" [optional]
#  IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd [optional, default is SIGHUP]
#
#  Required version of radvd to use 6to4 prefix recalculation
#   0.6.2p3 or newer supporting option "Base6to4Interface"
#  Required version of radvd to use dynamic ppp links
#   0.7.0 + fixes or newer
#


. /etc/sysconfig/network

cd /etc/sysconfig/network-scripts
. ./network-functions

CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config

REALDEVICE=${DEVICE%%:*}
DEVICE=$REALDEVICE

[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6


# IPv6 test, no module loaded, exit if system is not IPv6-ready
ipv6_test testonly || exit 0

# Test device status
ipv6_test_device_status $DEVICE
if [ $? != 0 -a $? != 11 ]; then
	# device doesn't exist or other problem occurs
	exit 1
fi

# Switch some sysctls to secure mode
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=0 >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=0 >/dev/null 2>&1

# Test status of tun6to4 device
ipv6_test_device_status tun6to4
if [ $? = 0 -o $? = 11 ]; then
	# Device exists
	valid6to4config="yes"

	if [ -z "$IPV6TO4_RELAY" ]; then
		IPV6TO4_RELAY="192.88.99.1"
	fi

	# Get IPv4 address from interface
	if [ -n "$IPV6TO4_IPV4ADDR" ]; then
		# Take special configured from config file (precedence 1)
		ipv4addr="$IPV6TO4_IPV4ADDR"

		# Get IPv4 address from interface first
		ipv4addrlocal="$(ipv6_get_ipv4addr_of_device $DEVICE)"
		if [ -z "$ipv4addrlocal" ]; then
			# Take configured from config file
			ipv4addrlocal="$IPADDR"
		fi
	else
		# Get IPv4 address from interface first (has precedence 2)
		ipv4addr="$(ipv6_get_ipv4addr_of_device $DEVICE)"
		if [ -z "$ipv4addr" ]; then
			# Take configured from config file (precedence 3)
			ipv4addr="$IPADDR"
		fi
		ipv4addrlocal="$ipv4addr"
	fi

	# Get local IPv4 address of dedicated tunnel
	ipv4addr6to4local="$(ipv6_get_ipv4addr_of_tunnel tun6to4 local)"

	if [ -z "$ipv4addrlocal" -o -z "$ipv4addr6to4local" ]; then
		# no IPv4 addresses given, 6to4 sure not configured
		valid6to4config="no"
	else
		# Check against configured 6to4 tunnel to see if this interface was used before
		if [ "$ipv4addrlocal" != "$ipv4addr6to4local" ]; then
			# IPv4 address of interface does't match local tunnel address, interface was not used for current 6to4 setup
			valid6to4config="no"
		fi
	fi

fi

# Shutdown of 6to4, if configured
if [ "$valid6to4config" = "yes" ]; then
	if [ -n "$IPV6TO4_ROUTING" ]; then
		# Delete routes to local networks
		for devsuf in $IPV6TO4_ROUTING; do
			dev="${devsuf%%-*}"
			ipv6_cleanup_6to4_device $dev
		done
	fi

	# Delete all configured 6to4 address
	ipv6_cleanup_6to4_tunnels tun6to4

	# Control running radvd
	ipv6_trigger_radvd down "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi

# Delete all current configured IPv6 addresses on this interface
ipv6_cleanup_device $DEVICE