diff options
author | shin <shin@FreeBSD.org> | 2000-01-06 12:40:54 +0000 |
---|---|---|
committer | shin <shin@FreeBSD.org> | 2000-01-06 12:40:54 +0000 |
commit | 9b5932fc47f3a7c965da9d2e15425aabc7f7dd26 (patch) | |
tree | bffabec553873cccf6ad30da0425fe8c806387da /usr.sbin/rrenumd | |
parent | f1787f2960aaad85fe0cce147b1d910ca08c1055 (diff) | |
download | FreeBSD-src-9b5932fc47f3a7c965da9d2e15425aabc7f7dd26.zip FreeBSD-src-9b5932fc47f3a7c965da9d2e15425aabc7f7dd26.tar.gz |
libipsec and IPsec related apps. (and some KAME related man pages)
Reviewed by: freebsd-arch, cvs-committers
Obtained from: KAME project
Diffstat (limited to 'usr.sbin/rrenumd')
-rw-r--r-- | usr.sbin/rrenumd/Makefile | 41 | ||||
-rw-r--r-- | usr.sbin/rrenumd/lexer.l | 248 | ||||
-rw-r--r-- | usr.sbin/rrenumd/parser.y | 637 | ||||
-rw-r--r-- | usr.sbin/rrenumd/rrenumd.8 | 95 | ||||
-rw-r--r-- | usr.sbin/rrenumd/rrenumd.c | 460 | ||||
-rw-r--r-- | usr.sbin/rrenumd/rrenumd.conf.5 | 330 | ||||
-rw-r--r-- | usr.sbin/rrenumd/rrenumd.h | 57 |
7 files changed, 1868 insertions, 0 deletions
diff --git a/usr.sbin/rrenumd/Makefile b/usr.sbin/rrenumd/Makefile new file mode 100644 index 0000000..990ddab --- /dev/null +++ b/usr.sbin/rrenumd/Makefile @@ -0,0 +1,41 @@ +# Copyright (c) 1996 WIDE Project. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modifications, are permitted provided that the above copyright notice +# and this paragraph are duplicated in all such forms and that any +# documentation, advertising materials, and other materials related to +# such distribution and use acknowledge that the software was developed +# by the WIDE Project, Japan. The name of the Project may not be used to +# endorse or promote products derived from this software without +# specific prior written permission. THIS SOFTWARE IS PROVIDED ``AS IS'' +# AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT +# LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE. +# $FreeBSD$ + +PROG= rrenumd +SRCS= rrenumd.c parser.y lexer.l +YFLAGS+= -d + +CC= gcc + +CFLAGS+= -DINET6 -DIPSEC -I${.OBJDIR} +LDADD+= -lipsec -lcompat +DPADD+= ${LIBIPSEC} ${LIBCOMPAT} +LDADD+= -ll -ly +DPADD+= ${LIBL} ${LIBY} + +MAN5= rrenumd.conf.5 +MAN8= rrenumd.8 + +SRCS+=y.tab.h +y.tab.h: parser.y + +.if defined(YACCDEBUG) +CFLAGS+= -DYYDEBUG +YFLAGS+= -t -v +.endif + +.include <bsd.prog.mk> + +CLEANFILES+= y.tab.h diff --git a/usr.sbin/rrenumd/lexer.l b/usr.sbin/rrenumd/lexer.l new file mode 100644 index 0000000..80429af --- /dev/null +++ b/usr.sbin/rrenumd/lexer.l @@ -0,0 +1,248 @@ +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +%{ +#include <sys/param.h> +#include <sys/ioctl.h> +#include <sys/socket.h> + +#include <string.h> + +#include <net/if.h> +#include <net/if_var.h> + +#include <netinet/in.h> +#include <netinet/in_var.h> +#include <netinet/icmp6.h> +#include "y.tab.h" + +int lineno = 1; + +#define LINEBUF_SIZE 1000 +char linebuf[LINEBUF_SIZE]; +%} + +/* common section */ +nl \n +ws [ \t]+ +digit [0-9] +letter [0-9A-Za-z] +hexdigit [0-9A-Fa-f] +special [()+\|\?\*,] +dot \. +hyphen \- +colon \: +slash \/ +bcl \{ +ecl \} +semi \; +usec {dot}{digit}{1,6} +comment \#.* +qstring \"[^"]*\" +decstring {digit}+ +hexpair {hexdigit}{hexdigit} +hexstring 0[xX]{hexdigit}+ +octetstring {octet}({dot}{octet})+ +ipv4addr {digit}{1,3}({dot}{digit}{1,3}){0,3} +ipv6addr {hexdigit}{0,4}({colon}{hexdigit}{0,4}){2,7} +ipaddrmask {slash}{digit}{1,3} +keyword {letter}{letter}+ +name {letter}(({letter}|{digit}|{hyphen})*({letter}|{digit}))* +hostname {name}(({dot}{name})+{dot}?)? + +timeval {digit}{0,2} +days d{timeval} +hours h{timeval} +minutes m{timeval} +seconds s{timeval} + +mprefix match_prefix|match-prefix +uprefix use_prefix|use-prefix + +%% + /* rrenumd keywords */ +debug { + return(DEBUG_CMD); + } +dest { + return(DEST_CMD); + } +retry { + return(RETRY_CMD); + } +seqnum { + return(SEQNUM_CMD); + } +add { + yylval.num = RPM_PCO_ADD; + return(ADD); + } +change { + yylval.num = RPM_PCO_CHANGE; + return(CHANGE); + } +setglobal { + yylval.num = RPM_PCO_SETGLOBAL; + return(SETGLOBAL); + } +{mprefix} { + return(MATCH_PREFIX_CMD); + } +maxlen { + return(MAXLEN_CMD); + } +minlen { + return(MINLEN_CMD); + } +{uprefix} { + return(USE_PREFIX_CMD); + } +keeplen { + return(KEEPLEN_CMD); + } + +vltime { + return(VLTIME_CMD); + } +pltime { + return(PLTIME_CMD); + } +raf_onlink { + return(RAF_ONLINK_CMD); + } +raf_auto { + return(RAF_AUTO_CMD); + } +rrf_decrvalid { + return(RAF_DECRVALID_CMD); + } +rrf_decrprefd { + return(RAF_DECRPREFD_CMD); + } +{days} { + yytext++; + yylval.num = atoi(yytext); + return(DAYS); + } +{hours} { + yytext++; + yylval.num = atoi(yytext); + return(HOURS); + } +{minutes} { + yytext++; + yylval.num = atoi(yytext); + return(MINUTES); + } +{seconds} { + yytext++; + yylval.num = atoi(yytext); + return(SECONDS); + } +infinity { + return(INFINITY); + } + +on { + yylval.num = 1; + return(ON); + } +off { + yylval.num = 0; + return(OFF); + } + + /* basic rules */ +{ws} ; +{nl} { + lineno++; + } +{semi} { + return EOS; + } +{bcl} { + return BCL; + } +{ecl} { + return ECL; + } +{qstring} { + yylval.cs.cp = yytext; + yylval.cs.len = yyleng; + return QSTRING; + } +{decstring} { + yylval.cs.cp = yytext; + yylval.cs.len = yyleng; + return DECSTRING; + } +{name} { + yylval.cs.cp = yytext; + yylval.cs.len = yyleng; + return NAME; + } +{ipv6addr} { + memset(&yylval.addr6, 0, sizeof(struct in6_addr)); + if (inet_pton(AF_INET6, yytext, + &yylval.addr6) == 1) { + return IPV6ADDR; + } else { + return ERROR; + } + } +{ipaddrmask} { + yytext++; + yylval.num = atoi(yytext); + return(PREFIXLEN); + } +{hostname} { + yylval.cs.cp = yytext; + yylval.cs.len = yyleng; + return HOSTNAME; + } +%% + +int parse(FILE **fp) +{ + yyin = *fp; + + if(yyparse()) + return(-1); + + return(0); + +} + +void +yyerror(const char *s) +{ + printf("%s: at %s in line %d\n", s, yytext, lineno); +} diff --git a/usr.sbin/rrenumd/parser.y b/usr.sbin/rrenumd/parser.y new file mode 100644 index 0000000..eecc7bb --- /dev/null +++ b/usr.sbin/rrenumd/parser.y @@ -0,0 +1,637 @@ +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +%{ +#include <sys/param.h> +#include <sys/ioctl.h> +#include <sys/socket.h> +#include <sys/uio.h> + +#include <net/if.h> +#include <net/if_var.h> + +#include <netinet/in.h> +#include <netinet/in_var.h> +#include <netinet/icmp6.h> + +#include <netdb.h> +#include <string.h> + +#include "rrenumd.h" + +struct config_is_set { + u_short cis_dest : 1; +} cis; + +struct dst_list *dl_head; +struct payload_list *pl_head, ple_cur; +u_int retry; +char errbuf[LINE_MAX]; + +extern int lineno; +extern void yyerror __P((const char *s)); +static struct payload_list * pllist_lookup __P((int seqnum)); +static void pllist_enqueue __P((struct payload_list *pl_entry)); + +#define MAX_RETRYNUM 10 /* upper limit of retry in this rrenumd program */ +#define MAX_SEQNUM 256 /* upper limit of seqnum in this rrenumd program */ +#define NOSPEC -1 + +%} + +%union { + u_long num; + struct { + char *cp; + int len; + } cs; + struct in_addr addr4; + struct in6_addr addr6; + struct { + struct in6_addr addr; + u_char plen; + } prefix; + struct dst_list *dl; + struct payload_list *pl; + struct sockaddr *sa; +} + +%token <num> ADD CHANGE SETGLOBAL +%token DEBUG_CMD DEST_CMD RETRY_CMD SEQNUM_CMD +%token MATCH_PREFIX_CMD MAXLEN_CMD MINLEN_CMD +%token USE_PREFIX_CMD KEEPLEN_CMD +%token VLTIME_CMD PLTIME_CMD +%token RAF_ONLINK_CMD RAF_AUTO_CMD RAF_DECRVALID_CMD RAF_DECRPREFD_CMD +%token <num> DAYS HOURS MINUTES SECONDS INFINITY +%token <num> ON OFF +%token BCL ECL EOS ERROR +%token <cs> NAME HOSTNAME QSTRING DECSTRING +%token <addr4> IPV4ADDR +%token <addr6> IPV6ADDR +%token <num> PREFIXLEN + +%type <num> retrynum seqnum rrenum_cmd +%type <num> prefixlen maxlen minlen keeplen vltime pltime +%type <num> lifetime days hours minutes seconds +%type <num> decstring +%type <num> raf_onlink raf_auto raf_decrvalid raf_decrprefd flag +%type <dl> dest_addrs dest_addr sin6 +%type <pl> rrenum_statement +%type <cs> ifname +%type <prefix> prefixval + +%% +config: + /* empty */ + | statements + ; + +statements: + statement + | statements statement + ; + +statement: + debug_statement + | destination_statement + | rrenum_statement_without_seqnum + | rrenum_statement_with_seqnum + | error EOS + { + yyerrok; + } + | EOS + ; + +debug_statement: + DEBUG_CMD flag EOS + { +#ifdef YYDEBUG + yydebug = $2; +#endif /* YYDEBUG */ + } + ; + +destination_statement: + DEST_CMD dest_addrs retrynum EOS + { + dl_head = $2; + retry = $3; + } + ; + +dest_addrs: + dest_addr + | dest_addrs dest_addr + { + $2->dl_next = $1; + $$ = $2; + } + ; + +dest_addr : + sin6 + { + with_v6dest = 1; + } + | sin6 ifname + { + struct sockaddr_in6 *sin6; + + sin6 = (struct sockaddr_in6 *)$1->dl_dst; + sin6->sin6_scope_id = if_nametoindex($2.cp); + with_v6dest = 1; + $$ = $1; + } + | HOSTNAME + { + struct sockaddr_storage *ss; + struct addrinfo hints, *res; + int error; + + memset(&hints, 0, sizeof(hints)); + hints.ai_flags = AI_CANONNAME; + hints.ai_family = AF_INET6; + hints.ai_socktype = SOCK_RAW; + hints.ai_protocol = 0; + error = getaddrinfo($1.cp, 0, &hints, &res); + if (error) { + sprintf(errbuf, "name resolution failed for %s" + ":%s", $1, gai_strerror(error)); + yyerror(errbuf); + } + ss = (struct sockaddr_storage *)malloc(sizeof(*ss)); + memset(ss, 0, sizeof(*ss)); + memcpy(ss, res->ai_addr, res->ai_addr->sa_len); + freeaddrinfo(res); + + $$ = (struct dst_list *) + malloc(sizeof(struct dst_list)); + memset($$, 0, sizeof(struct dst_list)); + $$->dl_dst = (struct sockaddr *)ss; + } + ; + +sin6: + IPV6ADDR + { + struct sockaddr_in6 *sin6; + + sin6 = (struct sockaddr_in6 *)malloc(sizeof(*sin6)); + memset(sin6, 0, sizeof(*sin6)); + sin6->sin6_len = sizeof(*sin6); + sin6->sin6_family = AF_INET6; + sin6->sin6_addr = $1; + + $$ = (struct dst_list *) + malloc(sizeof(struct dst_list)); + memset($$, 0, sizeof(struct dst_list)); + $$->dl_dst = (struct sockaddr *)sin6; + } + +ifname: + NAME + { + $$.cp = strdup($1.cp); + $$.len = $1.len; + } + | QSTRING + { + $1.cp[$1.len - 1] = 0; + $$.cp = strdup(&$1.cp[1]); + $$.len = $1.len - 2; + } + ; + +retrynum: + /* empty */ + { + $$ = 2; + } + | RETRY_CMD decstring + { + if ($2 > MAX_RETRYNUM) + $2 = MAX_RETRYNUM; + $$ = $2; + } + ; + +rrenum_statement_with_seqnum: + SEQNUM_CMD seqnum + { + if (pllist_lookup($2)) { + sprintf(errbuf, "duplicate seqnum %d specified" + " at %d", $2, lineno); + yyerror(errbuf); + } + } + BCL rrenum_statement EOS ECL EOS + { + $5->pl_irr.rr_seqnum = $2; + pllist_enqueue($5); + } + ; + +seqnum: + /* empty */ + { + $$ = 0; + } + | decstring + { + if ($1 > MAX_SEQNUM) { + sprintf(errbuf, "seqnum %d is illegal for this" + " program. should be between 0 and %d", + $1, MAX_SEQNUM); + yyerror(errbuf); + } + $$ = $1; + } + ; + +rrenum_statement_without_seqnum: + rrenum_statement EOS + { + if (pllist_lookup(0)) { + sprintf(errbuf, "duplicate seqnum %d specified" + " at %d", 0, lineno); + yyerror(errbuf); + } + $1->pl_irr.rr_seqnum = 0; + pllist_enqueue($1); + } + ; + +rrenum_statement: + match_prefix_definition use_prefix_definition + { + $$ = (struct payload_list *) + malloc(sizeof(struct payload_list)); + memcpy($$, &ple_cur, sizeof(ple_cur)); + } + ; + +match_prefix_definition: + rrenum_cmd MATCH_PREFIX_CMD prefixval maxlen minlen + { + struct icmp6_router_renum *irr; + struct rr_pco_match *rpm; + + irr = (struct icmp6_router_renum *)&ple_cur.pl_irr; + rpm = (struct rr_pco_match *)(irr + 1); + memset(rpm, 0, sizeof(*rpm)); + + rpm->rpm_code = $1; + rpm->rpm_prefix = $3.addr; + rpm->rpm_matchlen = $3.plen; + rpm->rpm_maxlen = $4; + rpm->rpm_minlen = $5; + } + ; + +rrenum_cmd: + /* empty */ + { + $$ = RPM_PCO_ADD; + } + | ADD + | CHANGE + | SETGLOBAL + ; + +prefixval: + IPV6ADDR prefixlen + { + $$.addr = $1; + $$.plen = $2; + } + ; + +prefixlen: + /* empty */ + { + $$ = 64; + } + | PREFIXLEN + ; + +maxlen: + /* empty */ + { + $$ = 128; + } + | MAXLEN_CMD decstring + { + if ($2 > 128) + $2 = 128; + $$ = $2; + } + ; + +minlen: + /* empty */ + { + $$ = 0; + } + | MINLEN_CMD decstring + { + if ($2 > 128) + $2 = 128; + $$ = $2; + } + ; + +use_prefix_definition: + /* empty */ + { + struct icmp6_router_renum *irr; + struct rr_pco_match *rpm; + struct rr_pco_use *rpu; + + irr = (struct icmp6_router_renum *)&ple_cur.pl_irr; + rpm = (struct rr_pco_match *)(irr + 1); + rpu = (struct rr_pco_use *)(rpm + 1); + memset(rpu, 0, sizeof(*rpu)); + } + | USE_PREFIX_CMD prefixval keeplen use_prefix_values + { + struct icmp6_router_renum *irr; + struct rr_pco_match *rpm; + struct rr_pco_use *rpu; + + irr = (struct icmp6_router_renum *)&ple_cur.pl_irr; + rpm = (struct rr_pco_match *)(irr + 1); + rpu = (struct rr_pco_use *)(rpm + 1); + + rpu->rpu_prefix = $2.addr; + rpu->rpu_uselen = $2.plen; + rpu->rpu_keeplen = $3; + } + ; + +use_prefix_values: + /* empty */ + { + struct icmp6_router_renum *irr; + struct rr_pco_match *rpm; + struct rr_pco_use *rpu; + + irr = (struct icmp6_router_renum *)&ple_cur.pl_irr; + rpm = (struct rr_pco_match *)(irr + 1); + rpu = (struct rr_pco_use *)(rpm + 1); + memset(rpu, 0, sizeof(*rpu)); + + rpu->rpu_vltime = DEF_VLTIME; + rpu->rpu_pltime = DEF_PLTIME; + rpu->rpu_ramask = 0; + rpu->rpu_flags = 0; + } + | BCL vltime pltime raf_onlink raf_auto raf_decrvalid raf_decrprefd ECL + { + struct icmp6_router_renum *irr; + struct rr_pco_match *rpm; + struct rr_pco_use *rpu; + + irr = (struct icmp6_router_renum *)&ple_cur.pl_irr; + rpm = (struct rr_pco_match *)(irr + 1); + rpu = (struct rr_pco_use *)(rpm + 1); + memset(rpu, 0, sizeof(*rpu)); + + rpu->rpu_vltime = $2; + rpu->rpu_pltime = $3; + if ($4 == NOSPEC) + rpu->rpu_ramask &= + ~ICMP6_RR_PCOUSE_RAFLAGS_ONLINK; + else { + rpu->rpu_ramask |= + ICMP6_RR_PCOUSE_RAFLAGS_ONLINK; + if ($4 == ON) + rpu->rpu_raflags |= + ICMP6_RR_PCOUSE_RAFLAGS_ONLINK; + else + rpu->rpu_raflags &= + ~ICMP6_RR_PCOUSE_RAFLAGS_ONLINK; + } + if ($5 == NOSPEC) + rpu->rpu_ramask &= + ICMP6_RR_PCOUSE_RAFLAGS_AUTO; + else { + rpu->rpu_ramask |= + ICMP6_RR_PCOUSE_RAFLAGS_AUTO; + if ($5 == ON) + rpu->rpu_raflags |= + ICMP6_RR_PCOUSE_RAFLAGS_AUTO; + else + rpu->rpu_raflags &= + ~ICMP6_RR_PCOUSE_RAFLAGS_AUTO; + } + rpu->rpu_flags = 0; + if ($6 == ON) + rpu->rpu_flags |= + ICMP6_RR_PCOUSE_FLAGS_DECRVLTIME; + if ($7 == ON) + rpu->rpu_flags |= + ICMP6_RR_PCOUSE_FLAGS_DECRPLTIME; + } + ; + +keeplen: + /* empty */ + { + $$ = 0; + } + | KEEPLEN_CMD decstring + { + if ($2 > 128) + $2 = 128; + $$ = $2; + } + ; + + +vltime: + /* empty */ + { + $$ = DEF_VLTIME; + } + | VLTIME_CMD lifetime + { + $$ = htonl($2); + } + ; + +pltime: + /* empty */ + { + $$ = DEF_PLTIME; + } + | PLTIME_CMD lifetime + { + $$ = htonl($2); + } + +raf_onlink: + /* empty */ + { + $$ = NOSPEC; + } + | RAF_ONLINK_CMD flag + { + $$ = $2; + } + ; + +raf_auto: + /* empty */ + { + $$ = NOSPEC; + } + | RAF_AUTO_CMD flag + { + $$ = $2; + } + ; + +raf_decrvalid: + /* empty */ + { + $$ = NOSPEC; + } + | RAF_DECRVALID_CMD flag + { + $$ = $2; + } + ; + +raf_decrprefd: + /* empty */ + { + $$ = NOSPEC; + } + | RAF_DECRPREFD_CMD flag + { + $$ = $2; + } + ; + +flag: + ON + | OFF + ; + +lifetime: + decstring + | INFINITY + { + $$ = 0xffffffff; + } + | days hours minutes seconds + { + int d, h, m, s; + + d = $1 * 24 * 60 * 60; + h = $2 * 60 * 60; + m = $3 * 60; + s = $4; + $$ = d + h + m + s; + } + ; + +days: + /* empty */ + { + $$ = 0; + } + | DAYS + ; + +hours: + /* empty */ + { + $$ = 0; + } + | HOURS + ; + +minutes: + /* empty */ + { + $$ = 0; + } + | MINUTES + ; + +seconds: + /* empty */ + { + $$ = 0; + } + | SECONDS + ; + +decstring: + DECSTRING + { + int dval; + + dval = atoi($1.cp); + $$ = dval; + } + ; + +%% + +static struct payload_list * +pllist_lookup(int seqnum) +{ + struct payload_list *pl; + for (pl = pl_head; pl && pl->pl_irr.rr_seqnum != seqnum; + pl = pl->pl_next) + continue; + return (pl); +} + +static void +pllist_enqueue(struct payload_list *pl_entry) +{ + struct payload_list *pl, *pl_last; + if (pl_head == NULL) { + pl_head = pl_entry; + return; + } + for (pl = pl_head; + pl && pl->pl_irr.rr_seqnum < pl_entry->pl_irr.rr_seqnum; + pl_last = pl, pl = pl->pl_next) + continue; + pl_last->pl_next = pl_entry; + + return; +} diff --git a/usr.sbin/rrenumd/rrenumd.8 b/usr.sbin/rrenumd/rrenumd.8 new file mode 100644 index 0000000..aa7ae6b --- /dev/null +++ b/usr.sbin/rrenumd/rrenumd.8 @@ -0,0 +1,95 @@ +.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the project nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id: rrenumd.8,v 1.1.1.1 1999/08/08 23:31:38 itojun Exp $ +.\" $FreeBSD$ +.\" +.Dd Sep 7, 1998 +.Dt RRENUMD 8 +.Os KAME +.Sh NAME +.Nm rrenumd +.Nd router renumbering daemon +.Sh SYNOPSIS +.Nm +.Oo +.Fl c Ar conf_file | Fl s +.Oc +.Op Fl P Ar policy +.Op Fl df +.Sh DESCRIPTION +.Nm Rrenumd +assigns prefixes to subnets inside the site, or renumbers them. +.Pp +The program will daemonize itself on invocation. +It reads configuration information from standard input if +.Fl s +is specified, or from +.Ar conf_file +if +.Fl c Ar conf_file +is specified. +.Pp +The contents of configuration information are described in +.Xr rrenumd.conf 5 . +.Pp +After successful configuration, +.Nm +sends router renumbering +messages periodically to configured destinations. +Messages contain prefixes configured to be renumbered. +.Bl -tag -width indent +.\" +.It Fl d +Debug mode. +.It Fl f +Foreground mode. +Do not become daemon. +.It Fl s +Script mode. +Configuration information is obtained from standard input. +.It Fl P Ar policy +.Ar policy +specifies IPsec policy for the rrenumd session. +For details please refer to +.Xr ipsec 4 +and +.Xr ipsec_set_policy 3 . +.It Fl c Ar conf_file +Specify a configuration file where configuration information is kept. +.Sh RETURN VALUES +The program exits with 0 on success, and non-zero on failures. +.El +.Sh SEE ALSO +.Xr daemon 3 +.Xr rrenumd.conf 5 , +.Sh HISTORY +The +.Nm +command first appeared in KAME IPv6 protocol stack kit. +.\" .Sh BUGS +.\" (to be written) diff --git a/usr.sbin/rrenumd/rrenumd.c b/usr.sbin/rrenumd/rrenumd.c new file mode 100644 index 0000000..ced5afc --- /dev/null +++ b/usr.sbin/rrenumd/rrenumd.c @@ -0,0 +1,460 @@ +/* + * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include <sys/param.h> +#include <sys/socket.h> +#include <sys/uio.h> +#include <sys/time.h> + +#include <string.h> + +#include <net/route.h> + +#include <netinet/in_systm.h> +#include <netinet/in.h> +#include <netinet/ip.h> +#include <netinet/ip6.h> +#include <netinet/icmp6.h> + +#ifdef IPSEC +#include <netinet6/ipsec.h> +#endif + +#include <stdio.h> +#include <errno.h> +#include <stdlib.h> +#include <unistd.h> +#include <syslog.h> + +#include "rrenumd.h" + +#define LL_ALLROUTERS "ff02::2" +#define SL_ALLROUTERS "ff05::2" + +#ifndef IN6_IS_SCOPE_LINKLOCAL +#define IN6_IS_SCOPE_LINKLOCAL(a) \ + ((IN6_IS_ADDR_LINKLOCAL(a)) || \ + (IN6_IS_ADDR_MC_LINKLOCAL(a))) +#endif /* IN6_IS_SCOPE_LINKLOCAL */ + +struct flags { + u_long debug : 1; + u_long fg : 1; +#ifdef IPSEC +#ifdef IPSEC_POLICY_IPSEC + u_long policy : 1; +#endif /* IPSEC_POLICY_IPSEC */ +#endif /*IPSEC*/ +}; + +struct msghdr sndmhdr; +struct msghdr rcvmhdr; +struct sockaddr_in6 from; +struct sockaddr_in6 sin6_ll_allrouters; + +int s6; +int with_v6dest; +struct in6_addr prefix; /* ADHOC */ +int prefixlen = 64; /* ADHOC */ + +extern int parse(FILE **fp); + +/* Print usage. Don't call this after daemonized. */ +static void +show_usage() +{ + fprintf(stderr, "usage: rrenumd [-c conf_file|-s] [-df" +#ifdef IPSEC +#ifdef IPSEC_POLICY_IPSEC + "] [-P policy" +#endif /* IPSEC_POLICY_IPSEC */ +#endif /* IPSEC */ + "]\n"); + exit(1); +} + +void +init_sin6(struct sockaddr_in6 *sin6, const char *addr_ascii) +{ + memset(sin6, 0, sizeof(*sin6)); + sin6->sin6_len = sizeof(*sin6); + sin6->sin6_family = AF_INET6; + if (inet_pton(AF_INET6, addr_ascii, &sin6->sin6_addr) != 1) + ; /* XXX do something */ +} + +void +init_globals() +{ + static struct iovec rcviov; + static u_char rprdata[4500]; /* maximal MTU of connected links */ + static u_char rcvcmsgbuf[CMSG_SPACE(sizeof(struct in6_pktinfo)) + + CMSG_SPACE(sizeof(int))]; + static u_char sndcmsgbuf[CMSG_SPACE(sizeof(struct in6_pktinfo)) + + CMSG_SPACE(sizeof(int))]; + + /* init ll_allrouters */ + init_sin6(&sin6_ll_allrouters, LL_ALLROUTERS); + + /* initialize msghdr for receiving packets */ + rcviov.iov_base = (caddr_t)rprdata; + rcviov.iov_len = sizeof(rprdata); + rcvmhdr.msg_namelen = sizeof(struct sockaddr_in6); + rcvmhdr.msg_iov = &rcviov; + rcvmhdr.msg_iovlen = 1; + rcvmhdr.msg_control = (caddr_t)rcvcmsgbuf; + rcvmhdr.msg_controllen = sizeof(rcvcmsgbuf); + + /* initialize msghdr for sending packets */ + sndmhdr.msg_namelen = sizeof(struct sockaddr_in6); + sndmhdr.msg_iovlen = 1; + sndmhdr.msg_control = (caddr_t)sndcmsgbuf; + sndmhdr.msg_controllen = sizeof(sndcmsgbuf); +} + +void +config(FILE **fpp) +{ + struct payload_list *pl; + struct iovec *iov; + struct icmp6_router_renum *irr; + struct rr_pco_match *rpm; + + if (parse(fpp) < 0) { + syslog(LOG_ERR, "<%s> parse failed", __FUNCTION__); + exit(1); + } + + /* initialize fields not configured by parser */ + for (pl = pl_head; pl; pl = pl->pl_next) { + iov = (struct iovec *)&pl->pl_sndiov; + irr = (struct icmp6_router_renum *)&pl->pl_irr; + rpm = (struct rr_pco_match *)&pl->pl_rpm; + + irr->rr_type = ICMP6_ROUTER_RENUMBERING; + irr->rr_code = 0; + /* + * now we don't support multiple PCOs in a rr message. + * so segment number is not supported. + */ + /* TODO: rr flags config in parser */ + irr->rr_flags |= ICMP6_RR_FLAGS_SPECSITE; + /* TODO: max delay config in parser */ + + /* + * means only 1 use_prefix is contained as router-renum-05.txt. + * now we don't support multiple PCOs in a rr message, + * nor multiple use_prefix in one PCO. + */ + rpm->rpm_len = 4*1 +3; + rpm->rpm_ordinal = 0; + iov->iov_base = (caddr_t)irr; + iov->iov_len = sizeof(struct icmp6_router_renum) + + sizeof(struct rr_pco_match) + + sizeof(struct rr_pco_use); + } +} + +void +sock6_open(struct flags *flags +#ifdef IPSEC_POLICY_IPSEC + , char *policy +#endif /* IPSEC_POLICY_IPSEC */ + ) +{ + struct icmp6_filter filt; + int on, optval; + + if (with_v6dest == 0) + return; + if (with_v6dest && + (s6 = socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6)) < 0) { + syslog(LOG_ERR, "<%s> socket(v6): %s", __FUNCTION__, + strerror(errno)); + exit(1); + } + + /* join all routers multicast addresses, not necessary? */ + + /* set icmpv6 filter */ + ICMP6_FILTER_SETBLOCKALL(&filt); + ICMP6_FILTER_SETPASS(ICMP6_ROUTER_RENUMBERING, &filt); + if (setsockopt(s6, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, + sizeof(filt)) < 0) { + syslog(LOG_ERR, "<%s> IICMP6_FILTER: %s", + __FUNCTION__, strerror(errno)); + exit(1); + } + + /* specify to tell receiving interface */ + on = 1; + if (setsockopt(s6, IPPROTO_IPV6, IPV6_PKTINFO, &on, + sizeof(on)) < 0) { + syslog(LOG_ERR, "<%s> IPV6_PKTINFO: %s", + __FUNCTION__, strerror(errno)); + exit(1); + } + +#ifdef IPSEC +#ifdef IPSEC_POLICY_IPSEC + if (flags->policy) { + char *buf; + buf = ipsec_set_policy(policy, strlen(policy)); + if (buf == NULL) + errx(1, ipsec_strerror()); + /* XXX should handle in/out bound policy. */ + if (setsockopt(s6, IPPROTO_IPV6, IPV6_IPSEC_POLICY, + buf, ipsec_get_policylen(buf)) < 0) + err(1, NULL); + free(buf); + } +#endif /* IPSEC_POLICY_IPSEC */ +#endif /* IPSEC */ + + return; +} + +void +rrenum_output(struct payload_list *pl, struct dst_list *dl) +{ + int i, msglen = 0; + struct cmsghdr *cm; + struct in6_pktinfo *pi; + struct icmp6_router_renum *rr; + struct sockaddr_in6 *sin6 = NULL; + + sndmhdr.msg_name = (caddr_t)dl->dl_dst; + if (dl->dl_dst->sa_family == AF_INET6) + sin6 = (struct sockaddr_in6 *)dl->dl_dst; + + if (sin6 != NULL && + IN6_IS_SCOPE_LINKLOCAL(&sin6->sin6_addr)) { + int hoplimit = 255; + + cm = CMSG_FIRSTHDR(&sndmhdr); + /* specify the outgoing interface */ + cm->cmsg_level = IPPROTO_IPV6; + cm->cmsg_type = IPV6_PKTINFO; + cm->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); + pi = (struct in6_pktinfo *)CMSG_DATA(cm); + memset(&pi->ipi6_addr, 0, sizeof(pi->ipi6_addr)); /*XXX*/ + pi->ipi6_ifindex = sin6->sin6_scope_id; + msglen += CMSG_SPACE(sizeof(struct in6_pktinfo)); + + /* specify the hop limit of the packet if dest is link local */ + /* not defined by router-renum-05.txt, but maybe its OK */ + cm = CMSG_NXTHDR(&sndmhdr, cm); + cm->cmsg_level = IPPROTO_IPV6; + cm->cmsg_type = IPV6_HOPLIMIT; + cm->cmsg_len = CMSG_LEN(sizeof(int)); + memcpy(CMSG_DATA(cm), &hoplimit, sizeof(int)); + msglen += CMSG_SPACE(sizeof(int)); + } + sndmhdr.msg_controllen = msglen; + if (sndmhdr.msg_controllen == 0) + sndmhdr.msg_control = 0; + + sndmhdr.msg_iov = &pl->pl_sndiov; + i = sendmsg(s6, &sndmhdr, 0); + + if (i < 0 || i != sndmhdr.msg_iov->iov_len) + syslog(LOG_ERR, "<%s> sendmsg: %s", __FUNCTION__, + strerror(errno)); +} + +void +rrenum_snd_eachdst(struct payload_list *pl) +{ + struct dst_list *dl; + + for (dl = dl_head; dl; dl = dl->dl_next) { + rrenum_output(pl, dl); + } +} + +void +rrenum_snd_fullsequence() +{ + struct payload_list *pl; + + for (pl = pl_head; pl; pl = pl->pl_next) { + rrenum_snd_eachdst(pl); + } +} + +void +rrenum_input(int s) +{ + int i; + struct icmp6_router_renum *rr; + + /* get message */ + if ((i = recvmsg(s, &rcvmhdr, 0)) < 0) { + syslog(LOG_ERR, "<%s> recvmsg: %s", __FUNCTION__, + strerror(errno)); + return; + } + if (i < sizeof(struct icmp6_router_renum)) { + syslog(LOG_ERR, "<%s> packet size(%d) is too short", + __FUNCTION__, i); + return; + } + rr = (struct icmp6_router_renum *)rcvmhdr.msg_iov->iov_base; + + switch(rr->rr_code) { + case ICMP6_ROUTER_RENUMBERING_COMMAND: + /* COMMAND will be processed by rtadvd */ + break; + case ICMP6_ROUTER_RENUMBERING_RESULT: + /* TODO: receiving result message */ + break; + default: + syslog(LOG_ERR, "<%s> received unknown code %d" + __FUNCTION__, rr->rr_code); + break; + } +} + +int +main(int argc, char *argv[]) +{ + char *cfile = NULL; + FILE *fp = stdin; + fd_set fdset; + struct timeval timeout; + int ch, i, maxfd = 0, send_counter = 0; + struct flags flags; + struct payload_list *pl; +#ifdef IPSEC_POLICY_IPSEC + char *policy = NULL; +#endif + + memset(&flags, 0, sizeof(flags)); + openlog(*argv, LOG_PID, LOG_DAEMON); + + /* get options */ + while ((ch = getopt(argc, argv, "c:sdf" +#ifdef IPSEC +#ifdef IPSEC_POLICY_IPSEC + "P:" +#endif /* IPSEC_POLICY_IPSEC */ +#endif /* IPSEC */ + )) != -1){ + switch (ch) { + case 'c': + if((fp = fopen(optarg, "r")) == NULL) { + syslog(LOG_ERR, + "<%s> config file %s open failed", + __FUNCTION__, optarg); + exit(1); + } + break; + case 's': + fp = stdin; + break; + case 'd': + flags.debug = 1; + break; + case 'f': + flags.fg = 1; + break; +#ifdef IPSEC +#ifdef IPSEC_POLICY_IPSEC + case 'P': + flags.policy = 1; + policy = strdup(optarg); + break; +#endif /* IPSEC_POLICY_IPSEC */ +#endif /*IPSEC*/ + default: + show_usage(); + } + } + argc -= optind; + argv += optind; + + /* set log level */ + if (flags.debug == 0) + (void)setlogmask(LOG_UPTO(LOG_ERR)); + if (flags.debug == 1) + (void)setlogmask(LOG_UPTO(LOG_INFO)); + + /* init global variables */ + init_globals(); + + config(&fp); + + sock6_open(&flags +#ifdef IPSEC_POLICY_IPSEC + , policy +#endif /* IPSEC_POLICY_IPSEC */ + ); + + if (!flags.fg) + daemon(0, 0); + + FD_ZERO(&fdset); + if (with_v6dest) { + FD_SET(s6, &fdset); + if (s6 > maxfd) + maxfd = s6; + } + + /* ADHOC: timeout each 30seconds */ + memset(&timeout, 0, sizeof(timeout)); + timeout.tv_sec = 30; + + /* init temporal payload_list and send_counter*/ + pl = pl_head; + send_counter = retry + 1; + while (1) { + struct fd_set select_fd = fdset; /* reinitialize */ + + if ((i = select(maxfd + 1, &select_fd, NULL, NULL, + &timeout)) < 0){ + syslog(LOG_ERR, "<%s> select: %s", + __FUNCTION__, strerror(errno)); + continue; + } + if (i == 0) { /* timeout */ + if (pl == NULL) + exit(0); + rrenum_snd_eachdst(pl); + send_counter--; + if (send_counter == 0) { + pl = pl->pl_next; + send_counter = retry + 1; + } + } + if (FD_ISSET(s6, &select_fd)) + rrenum_input(s6); + } +} diff --git a/usr.sbin/rrenumd/rrenumd.conf.5 b/usr.sbin/rrenumd/rrenumd.conf.5 new file mode 100644 index 0000000..76453cb --- /dev/null +++ b/usr.sbin/rrenumd/rrenumd.conf.5 @@ -0,0 +1,330 @@ +.\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. Neither the name of the project nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id: rrenumd.conf.5,v 1.1.1.1 1999/08/08 23:31:39 itojun Exp $ +.\" $FreeBSD$ +.\" +.Dd Nov 5, 1998 +.Dt RRENUMD.CONF 5 +.Os KAME +.Sh NAME +.\" +.Nm rrenumd.conf +.Nd configuration file for router renumbering daemon +.\" +.Sh DESCRIPTION +The rrenumd config file describes how the router renumbering packet +must be constructed and to which destinations it should be sent. +This file consists of a sequence of statements terminated by a semi-colon (`;'). +Statements are composed of tokens +separated by white space, which can be any combination of blanks, tabs +and newlines. +This structure simplifies identification of +the parts of the configuration associated with each other. +Lines beginning with +.Ql # +are comments. +.\" +.Sh Meta Syntax +Keywords and special characters that the parser expects exactly are +displayed using the +.Ic bold +font. +Parameters are specifying with +.Ar underline . +Parameters shown in +square brackets (`[' and `]') are used to show optional +keywords and parameters. +The vertical bar (`|') is used to indicate +between a choice of optional parameters. +Parentheses (`(' and +`)') are used to group keywords and parameters when necessary. +.\" +.Sh Interface specification +There are some statements that may or have to specify interface. +Interfaces are specified in the form of "name unit", such as +.Ar lo0 +and +.Ar ep1. +.\" +.Sh Configuration Statements +.Bl -tag -width Ds +.\" +.It Ic debug on|off ; +Enables configuration file parser debugging. +If +.Ic on +is specified, +then debugging is enabled, +If +.Ic off +is specified, +then debugging is disabled. It is disabled by default. +.\" +.It Ic dest Ar dest-list Op Ar retrycmd ; +Specifies destinations to which router renumbering messages should be +sent. +.Ar dest-list +can be any combination of single or multiple numerical IPv6 addrs, +or Full Qualified Domain Names. +.Ar retrycmd +has following syntax. + +.\" +.Bl -tag -width Ds -compact +.It Ic retry Ar retry-num +.Ar retry-num +specifies how many router renumbering messages are sent repeatedly. +.El +.It Op Ic add|change|setglobal +.Cm match-prefix Ar match-prefix-val +.Op /match-prefix-len +.Op Cm maxlen Ar maxlen-val +.Op Cm minlen Ar minlen-val +.Op Cm use-prefix Ar use-prefix-val +.Op /use-prefix-len +.Op Cm keeplen Ar keeplen-val +.Op Ar use-prefix-values ; +.Pp +Specifies contents of sending router renumbering message with seqnum 0. +If +.Cm add|change|setglobal +is not specified, then +.Cm add +is assumed. +.Ar use-prefix-values +has following syntax. +.Pp +{ +.Op Cm vltime Ar vltime-val +.Op Cm pltime Ar pltime-val +.Op Cm raf_onlink Cm on|off +.Op Cm raf_auto Cm on|off +.Op Cm rrf_decrprefd Cm on|off +.Op Cm rrf_decrvalid Cm on|off +} +.Pp +Each value has following meaning. +.Pp +.Bl -tag -width Ds -compact +.It Cm match-prefix Ar match-prefix-val Op /match-prefix-len +Specify +.Ar match-prefix-val +that is used for matching with preassigned prefixes to which +.Cm add|change|setglobal +command should be applied. +.Ar /match-prefix-len +Specify the starting part of +.Ar match-prefix-val +to be used for matching with preassigned prefixes, as decimal bit number. +.It Cm maxlen Ar maxlen-val +Specify the maximum length of prefixes which is allowed to be +matched to +.Ar match-prefix-val , +as decimal bit number. +.It Cm minlen Ar minlen-val +Specify the minimum length of prefixes which is allowed to be matched to +.Ar match-prefix-val , +as decimal bit number. +.It Cm use-prefix Ar use-prefix-val Op /usr-prefix-len +Specify +.Ar use-prefix-val +that is used for prefixes to be added on +.Cm add|change|setglobal +command. +.Ar /use-prefix-len +Specify the starting part of +.Ar use-prefix-val +copied to the starting part of prefixes to be added on +.Cm add|change|setglobal +command, as decimal bit number. +.It Cm keeplen Ar keeplen-val +Specify the midium part of +.Ar use-prefix-val +just next to the starting part specified by +.Ar use-prefix-len +, as decimal bit number. +Contiguous bits part in the same bit position of an existent prefix +matched with +.Ar match-prefix-val +is copied to the same bit position of prefixes to be added. +.It Cm vltime Ar vmtime-val +Assign an +.Ar time +as prefix valid life time for a prefix to be added. +Valid value for +.Ar time +is decimal seconds number or special format as "d00h00m00s00", +where 00 can take any decimal number, and "d" means days, "h" means hours, +"m" means minutes, "s" means seconds. And alternatively, special keyword +"infinity" can be also be specified. +.It Cm pltime Ar pltime-val +Assign an +.Ar time +as prefix preferred life time for a prefix to be added. +Valid value for +.Ar time +is same as for +.Ar vltime-val . +.It Cm raf_onlink Cm on|off +Let the prefix to be added to have on-link or off-link nature +for the assigned interface. If +.Cm on +is specified, the prefix have on-link nature. (e.g. the prefix +belong to the link) If +.Cm off +is specified, the prefix have off-link nature. (e.g. the +prefix does not belong to the link) +.It Cm raf_auto Cm on|off +Enable or disable the autonomous address auto configuration +for the prefix to be added. If +.Cm on +is specified, autonomous address auto configuration is +enabled. If +.Cm off +is specified, it is disabled. +.It Cm rrf_decrprefd Cm on|off +Enable or disable the decrementation of the pltime. If +.Cm on +is specified, decrementation of the pltime is enabled. If +.Cm off +is specified, decrementation of the pltime is disabled. +.It Cm rrf_decrvalid Cm on|off +Enable or disable the decrementation of the vltime. If +.Cm on +is specified, decrementation of the vltime is enabled. If +.Cm off +is specified, decrementation of the vltime is disabled. +.El +.\" +.It seqnum Ar seqnum-val { Ar rrenum-cmd } ; +Specifies contents of sending router renumbering message with some +specific seqnum. Multiple of this statement can be specified if they +have different +.Ar seqnum-val +each other. +.Ar rrenum-cmd +has just same syntax with above add|change|setglobal statement. +.El +.\" +.Sh EXAMPLE +For each configuration file example shown below, we suppose +every IPv6 subnet has its own prefix beginning with +fec0:0:0::/48 and with its own subnet number. (in this case, +subnet number is 7th and 8th octet value of the prefix) +.Pp +If you want to assigne prefixes beginning with fec0:1:1::/48 +to each subnet, then following configuration will be enough, +if each of your routers supports IPv6 multicast forwarding. +The subnet number of the existing fec0:0:0::/48 prefix and the +newly assigned fec0:1:1::/48 prefix will be same. +.\" +.Bd -literal -offset indent +dest ff05::2; + +add match-prefix fec0:0:0:: /48 use-prefix fec0:1:1:: /48 keeplen 16; +.Ed +.\" + +If your routers don't support IPv6 multicast forwarding, +you'll need to specify each destination at +.Cm dest +command. +.\" +.Bd -literal -offset indent +dest fec0:0:0:1:260:8ff:fe24:fb3a fec0:0:0:2:200:eff:fe2e:dfe1 fec0:0:0:3:5254:ff:fedc:5217; + +add match-prefix fec0:0:0:: /48 use-prefix fec0:1:1:: /48 keeplen 16; +.Ed +.\" + +If you are going to do renumbering, then following procedure will be natural. +.Bl -enum -offset indent +.It +Assigne new prefix. +.It +Set old prefix lifetimes to some appropriate transition +period. In the followng example we use 1 week for valid +lifetime, and 0 for preferred lifetime. +Also, enable old prefix lifetime expiration. +(By default, it is static and does not expire) +.It +After the transition period, old prefixes should become +invalid, and may have been deleted. +To make sure that they are deleted, send new router +renumbering message, which specifies old prefixes as match +prefix, and no use prefix. +.El +.\" + +The following configuration file will do 1 and 2. +.\" +.Bd -literal -offset indent +dest ff05::2; + +seqnum 0 { + add match-prefix fec0:0:0:: /48 use-prefix fec0:2:2:: /48 keeplen 16; + }; + +seqnum 1 { + change match-prefix fec0:1:1:: /48 use-prefix fec0:1:1:: /48 keeplen 16 vltime d7 pltime 0 rrf_decrvalid on rrf_decrprefd on; + }; +.Ed +.\" + +And the following configuration file will do 3. (should be +used for the router renumbering message to be sent 1 week +afterward) +.\" +.Bd -literal -offset indent +dest ff05::2; + +change match-prefix fec0:1:1:: /48; +.Ed +.\" + +In the above example, only +.Cm add +and +.Cm change +commands are used, and there is no example for +.Cm setglobal +command. +.Cm setglobal +command is almost same with +.Cm change +command except that it deletes all pre-defined IPv6 global address. + +.Sh SEE ALSO +.Xr rrenumd 8 +.Xr prefix 8 +.Sh HISTORY +The +.Nm +configuration file was first appeared in KAME IPv6 protocol stack kit. +.\" .Sh BUGS +.\" (to be written) diff --git a/usr.sbin/rrenumd/rrenumd.h b/usr.sbin/rrenumd/rrenumd.h new file mode 100644 index 0000000..dae2cd0 --- /dev/null +++ b/usr.sbin/rrenumd/rrenumd.h @@ -0,0 +1,57 @@ +/* + * Copyright (C) 1998 WIDE Project. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by WIDE Project and + * its contributors. + * 4. Neither the name of the project nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +struct dst_list { + struct dst_list *dl_next; + struct sockaddr *dl_dst; +}; + +extern struct dst_list *dl_head; + +struct payload_list { + struct payload_list *pl_next; + struct iovec pl_sndiov; + struct icmp6_router_renum pl_irr; + struct rr_pco_match pl_rpm; + /* currently, support only 1 rr_pco_use field per packet */ + struct rr_pco_use pl_rpu; +}; + +extern struct payload_list *pl_head; +extern u_int retry; +extern int with_v4dest, with_v6dest; + +#define DEF_VLTIME 2592000 +#define DEF_PLTIME 604800 |