diff options
| author | dougb <dougb@FreeBSD.org> | 2010-04-09 01:35:09 +0000 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2010-04-09 01:35:09 +0000 |
| commit | 2ae521fa83381fb37d51c9fbaa4bf010e9118a70 (patch) | |
| tree | 04c99d982a6edeed63d52af2b85b3cad62c33907 /etc/network.subr | |
| parent | 4f086c2604dc3f689c57c6e0619187d74ddb1ca2 (diff) | |
| download | FreeBSD-src-2ae521fa83381fb37d51c9fbaa4bf010e9118a70.zip FreeBSD-src-2ae521fa83381fb37d51c9fbaa4bf010e9118a70.tar.gz | |
Improve the handling of IPv6 configuration in rc.d. The ipv6_enable
and ipv6_ifconfig_<interface> options have already been deprecated,
these changes do not alter that.
With these changes any value set for ipv6_enable will emit a
warning. In order to avoid a POLA violation for the deprecation
of the option ipv6_enable=NO will still disable configuration
for all interfaces other than lo0. ipv6_enable=YES will not have
any effect, but will emit an additional warning. Support and
warnings for this option will be removed in FreeBSD 10.x.
Consistent with the current code, in order for IPv6 to be configured
on an interface (other than lo0) an ifconfig_<interface>_ipv6
option will have to be added to /etc/rc.conf[.local].
1. Clean up and minor optimizations for the following functions:
ifconfig_up (the ipv6 elements)
ipv6if
ipv6_autoconfif
get_if_var
_ifconfig_getargs
The cleanups generally were to move the "easy" tests earlier in the
functions, and consolidate duplicate code.
2. Stop overloading ipv6_prefer with the ability to disable IPv6
configuration.
3. Remove noafif() which was only ever called from ipv6_autoconfif.
Instead, simplify and integrate the tests into that function, and
convert the test to use is_wired_interface() instead of listing
wireless interfaces explicitly.
4. Integrate backwards compatibility for ipv6_ifconfig_<interface>
into _ifconfig_getargs. This dramatically simplifies the code in
all of the callers, and avoids a lot of other code duplication.
5. In rc.d/netoptions, add code for an ipv6_privacy option to use
RFC 4193 style pseudo-random addresses (this is what windows does
by default, FYI).
6. Add support for the [NO]RTADV options in ifconfig_getargs() and
ipv6_autoconfif(). In the latter, include support for the explicit
addition of [-]accept_rtadv in ifconfig_<interface>_ipv6 as is done
in the current code.
7. In rc.d/netif add a warning if $ipv6_enable is set, and remove
the set_rcvar_obsolete for it. Also remove the latter from
rc.d/ip6addrctl.
8. In /etc/defaults/rc.conf:
Add an example for RTADV configuration.
Set ipv6_network_interfaces to AUTO.
Switch ipv6_prefer to YES. If ipv6_enable is not set this will have
no effect.
Add a default for ipv6_privacy (NO).
9. Document all of this in rc.conf.5.
Diffstat (limited to 'etc/network.subr')
| -rw-r--r-- | etc/network.subr | 199 |
1 files changed, 78 insertions, 121 deletions
diff --git a/etc/network.subr b/etc/network.subr index fbf3ff9..52c99db 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -96,44 +96,32 @@ ifconfig_up() # inet6 specific if afexists inet6; then if ipv6if $1; then - if checkyesno ipv6_gateway_enable; then - _ipv6_opts="-accept_rtadv" - fi - else - if checkyesno ipv6_prefer; then - _ipv6_opts="-ifdisabled" - else - _ipv6_opts="ifdisabled" + # Implicitly handles ipv6_gateway_enable + _ipv6_opts='-ifdisabled -accept_rtadv' + + if ipv6_autoconfif $1; then + _ipv6_opts='-ifdisabled accept_rtadv' fi - # backward compatibility: $ipv6_enable - case $ipv6_enable in - [Yy][Ee][Ss]) - _ipv6_opts="${_ipv6_opts} accept_rtadv" - ;; - esac - fi + ifconfig $1 inet6 $_ipv6_opts - if [ -n "${_ipv6_opts}" ]; then - ifconfig $1 inet6 ${_ipv6_opts} - fi + # ifconfig_IF_ipv6 + ifconfig_args=`ifconfig_getargs $1 ipv6` - # ifconfig_IF_ipv6 - ifconfig_args=`ifconfig_getargs $1 ipv6` - if [ -n "${ifconfig_args}" ]; then - ifconfig $1 inet6 -ifdisabled - ifconfig $1 ${ifconfig_args} - _cfg=0 - fi + if [ -n "$ifconfig_args" ]; then + ifconfig $1 $ifconfig_args + _cfg=0 + fi + else + # Remove in FreeBSD 10.x + # Explicit test is necessary here to avoid nonexistence error + case "$ipv6_enable" in + [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) + warn "Interface $1 will NOT be configured for IPv6" + ;; + esac - # backward compatiblity: $ipv6_ifconfig_IF - ifconfig_args=`get_if_var $1 ipv6_ifconfig_IF` - if [ -n "${ifconfig_args}" ]; then - warn "\$ipv6_ifconfig_$1 is obsolete." \ - " Use ifconfig_$1_ipv6 instead." - ifconfig $1 inet6 -ifdisabled - ifconfig $1 inet6 ${ifconfig_args} - _cfg=0 + ifconfig $1 inet6 ifdisabled fi fi @@ -194,7 +182,7 @@ ifconfig_down() # $default if given. get_if_var() { - local _if _punct _var _default prefix suffix + local _if _punct _punct_c _var _default prefix suffix if [ $# -ne 2 -a $# -ne 3 ]; then err 3 'USAGE: get_if_var name var [default]' @@ -219,7 +207,7 @@ get_if_var() # outside this file. _ifconfig_getargs() { - local _ifn _af + local _ifn _af value _ifn=$1 _af=${2+_$2} @@ -227,7 +215,18 @@ _ifconfig_getargs() return 1 fi - get_if_var $_ifn ifconfig_IF$_af "$ifconfig_DEFAULT" + value=`get_if_var $_ifn ifconfig_IF$_af "$ifconfig_DEFAULT"` + + # Remove in FreeBSD 10.x + if [ "$_af" = _ipv6 -a -z "$value" ]; then + value=`get_if_var $_ifn ipv6_ifconfig_IF "$ifconfig_DEFAULT"` + if [ -n "$value" ]; then + warn "\$ipv6_ifconfig_$1 is obsolete." \ + " Use ifconfig_$1_ipv6 instead." + fi + fi + + echo $value } # ifconfig_getargs if [af] @@ -249,6 +248,8 @@ ifconfig_getargs() [Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;; [Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;; [Ww][Pp][Aa]) ;; + [Rr][Tt][Aa][Dd][Vv]) ;; + [Nn][Oo][Rr][Tt][Aa][Dd][Vv]) ;; *) _args="$_args $_arg" ;; @@ -372,77 +373,45 @@ afexists() esac } -# noafif if -# Returns 0 if the interface has no af configuration and 1 otherwise. -noafif() -{ - local _if - _if=$1 - - case $_if in - pflog[0-9]*|\ - pfsync[0-9]*|\ - an[0-9]*|\ - ath[0-9]*|\ - ipw[0-9]*|\ - iwi[0-9]*|\ - iwn[0-9]*|\ - ral[0-9]*|\ - wi[0-9]*|\ - wl[0-9]*|\ - wpi[0-9]*) - return 0 - ;; - esac - - return 1 -} - # ipv6if if # Returns 0 if the interface should be configured for IPv6 and # 1 otherwise. ipv6if() { - local _if _tmpargs i - _if=$1 - if ! afexists inet6; then return 1 fi # lo0 is always IPv6-enabled - case $_if in + case $1 in lo0) return 0 ;; esac - # True if $ifconfig_IF_ipv6 is defined. - _tmpargs=`_ifconfig_getargs $_if ipv6` - if [ -n "${_tmpargs}" ]; then - return 0 - fi - - # backward compatibility: True if $ipv6_ifconfig_IF is defined. - _tmpargs=`get_if_var $_if ipv6_ifconfig_IF` - if [ -n "${_tmpargs}" ]; then - return 0 - fi + local _if _tmpargs i + _if=$1 - case "${ipv6_network_interfaces}" in - [Aa][Uu][Tt][Oo]) - return 0 - ;; + case "$ipv6_network_interfaces" in ''|[Nn][Oo][Nn][Ee]) return 1 ;; + $_if|"$_if "*|*" $_if"|*" $_if "*|[Aa][Uu][Tt][Oo]) + # True if $ifconfig_IF_ipv6 is defined. + _tmpargs=`_ifconfig_getargs $_if ipv6` + ;; esac - for i in ${ipv6_network_interfaces}; do - if [ "$i" = "$_if" ]; then - return 0 - fi - done + if [ -n "$_tmpargs" ]; then + # Remove in FreeBSD 10.x + # Explicit test is necessary here to avoid nonexistence error + case "$ipv6_enable" in + [Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0) + ;; + *) return 0 + ;; + esac + fi return 1 } @@ -452,15 +421,24 @@ ipv6if() # Stateless Address Configuration, 1 otherwise. ipv6_autoconfif() { + case $1 in + lo0|\ + stf[0-9]*|\ + faith[0-9]*|\ + lp[0-9]*|\ + sl[0-9]*|\ + pflog[0-9]*|\ + pfsync[0-9]*) + return 1 + ;; + esac + local _if _tmpargs _arg _if=$1 if ! ipv6if $_if; then return 1 fi - if noafif $_if; then - return 1 - fi if checkyesno ipv6_gateway_enable; then return 1 fi @@ -468,45 +446,24 @@ ipv6_autoconfif() if [ -n "${_tmpargs}" ]; then return 1 fi + if ! is_wired_interface $_if; then + case $_if in + wlan[0-9]*) ;; # Allow test to continue + *) return 1 + ;; + esac + fi - case $_if in - lo0|\ - stf[0-9]*|\ - faith[0-9]*|\ - lp[0-9]*|\ - sl[0-9]*|\ - pflog[0-9]*|\ - pfsync[0-9]*) + _tmpargs=`_ifconfig_getargs $_if ipv6` + case "$_tmpargs" in + *inet6\ *|*[Nn][Oo][Rr][Tt][Aa][Dd][Vv]*|*-accept_rtadv*) return 1 ;; - esac - - # backward compatibility: $ipv6_enable - case $ipv6_enable in - [Yy][Ee][Ss]) + *[Rr][Tt][Aa][Dd][Vv]*|*accept_rtadv*) return 0 ;; esac - _tmpargs=`_ifconfig_getargs $_if ipv6` - for _arg in $_tmpargs; do - case $_arg in - accept_rtadv) - return 0 - ;; - esac - done - - # backward compatibility: $ipv6_ifconfig_IF - _tmpargs=`get_if_var $_if ipv6_ifconfig_IF` - for _arg in $_tmpargs; do - case $_arg in - accept_rtadv) - return 0 - ;; - esac - done - return 1 } |
