From ab8bbcbaf3da367884596f7a107151c3852c48bd Mon Sep 17 00:00:00 2001
From: hrs <hrs@FreeBSD.org>
Date: Mon, 13 Sep 2010 19:55:40 +0000
Subject: Split $ipv6_prefer into $ip6addrctl_policy and
 $ipv6_activate_all_interfaces.

The $ip6addrctl_policy is a variable to choose a pre-defined address
selection policy set by ip6addrctl(8).
The keyword "ipv4_prefer" sets IPv4-preferred one described in Section 10.3,
the keyword "ipv6_prefer" sets IPv6-preferred one in Section 2.1 in RFC 3484,
respectively.  When "AUTO" is specified, it attempts to read
/etc/ip6addrctl.conf first.  If it is found, it reads and installs it as
a policy table.  If not, either of the two pre-defined policy tables is
chosen automatically according to $ipv6_activate_all_interfaces.

When $ipv6_activate_all_interfaces=NO, interfaces which have no corresponding
$ifconfig_IF_ipv6 is marked as IFDISABLED for security reason.

The default values are ip6addrctl_policy=AUTO and
ipv6_activate_all_interfaces=NO.

Discussed with:	ume and bz
---
 etc/rc.d/ip6addrctl | 45 +++++++++++++++++++++++++++++++++++----------
 etc/rc.d/netif      |  3 ++-
 2 files changed, 37 insertions(+), 11 deletions(-)

(limited to 'etc/rc.d')

diff --git a/etc/rc.d/ip6addrctl b/etc/rc.d/ip6addrctl
index d3b1856..d38018c 100755
--- a/etc/rc.d/ip6addrctl
+++ b/etc/rc.d/ip6addrctl
@@ -19,8 +19,10 @@ extra_commands="status prefer_ipv6 prefer_ipv4"
 status_cmd="ip6addrctl"
 prefer_ipv6_cmd="ip6addrctl_prefer_ipv6"
 prefer_ipv4_cmd="ip6addrctl_prefer_ipv4"
+config_file="/etc/ip6addrctl.conf"
 
-set_rcvar_obsolete ipv6_enable ipv6_prefer
+set_rcvar_obsolete ipv6_enable ipv6_activate_all_interfaces
+set_rcvar_obsolete ipv6_prefer ip6addrctl_policy
 
 ip6addrctl_prefer_ipv6()
 {
@@ -53,17 +55,40 @@ ip6addrctl_start()
 	afexists inet6 || return 0
 
 	# install the policy of the address selection algorithm.
-	if [ -f /etc/ip6addrctl.conf ]; then
-		ip6addrctl flush >/dev/null 2>&1
-		ip6addrctl install /etc/ip6addrctl.conf
-		checkyesno ip6addrctl_verbose && ip6addrctl
-	else
-		if checkyesno ipv6_prefer; then
-			ip6addrctl_prefer_ipv6
+	case "${ip6addrctl_policy}" in
+	[Aa][Uu][Tt][Oo])
+		if [ -r "${config_file}" -a -s "${config_file}" ]; then
+			ip6addrctl flush >/dev/null 2>&1
+			ip6addrctl install "${config_file}"
+			checkyesno ip6addrctl_verbose && ip6addrctl
 		else
-			ip6addrctl_prefer_ipv4
+			if checkyesno ipv6_activate_all_interfaces; then
+				ip6addrctl_prefer_ipv6
+			else
+				ip6addrctl_prefer_ipv4
+			fi
 		fi
-	fi
+	;;
+	ipv4_prefer)
+		ip6addrctl_prefer_ipv4
+	;;
+	ipv6_prefer)
+		ip6addrctl_prefer_ipv6
+	;;
+	[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+		# Backward compatibility when ipv6_prefer=YES
+		ip6addrctl_prefer_ipv6
+	;;
+	[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
+		# Backward compatibility when ipv6_prefer=NO
+		ip6addrctl_prefer_ipv4
+	;;
+	*)
+		warn "\$ip6addrctl_policy is invalid: ${ip6addrctl_policy}. " \
+		    " \"ipv4_prefer\" is used instead."
+		ip6addrctl_prefer_ipv4
+	;;
+	esac
 }
 
 ip6addrctl_stop()
diff --git a/etc/rc.d/netif b/etc/rc.d/netif
index f982cfc..01da302 100755
--- a/etc/rc.d/netif
+++ b/etc/rc.d/netif
@@ -41,7 +41,8 @@ clonedown_cmd="clone_down"
 extra_commands="cloneup clonedown"
 cmdifn=
 
-set_rcvar_obsolete ipv6_enable ipv6_prefer
+set_rcvar_obsolete ipv6_enable ipv6_activate_all_interfaces
+set_rcvar_obsolete ipv6_prefer
 
 network_start()
 {
-- 
cgit v1.1