mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2025-01-23 01:14:52 +01:00
bd57d5b0f5
Some suggestions from: rwatson, Ruben de Groot <mail25@bzerk.org>
70 lines
1.6 KiB
Bash
Executable File
70 lines
1.6 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $NetBSD: rtadvd,v 1.5 2002/03/22 04:34:00 thorpej Exp $
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: rtadvd
|
|
# REQUIRE: DAEMON
|
|
# BEFORE: LOGIN
|
|
# KEYWORD: FreeBSD nojail
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="rtadvd"
|
|
rcvar=`set_rcvar`
|
|
command="/usr/sbin/${name}"
|
|
start_precmd="rtadvd_precmd"
|
|
|
|
rtadvd_precmd()
|
|
{
|
|
if ! checkyesno ipv6_gateway_enable ; then
|
|
warn \
|
|
"${name} cannot be used on IPv6 host, only on an IPv6 router."
|
|
return 1
|
|
fi
|
|
|
|
# This should be enabled with a great care.
|
|
# You may want to fine-tune /etc/rtadvd.conf.
|
|
#
|
|
# And if you wish your rtadvd to receive and process
|
|
# router renumbering messages, specify your Router Renumbering
|
|
# security policy by -R option.
|
|
#
|
|
# See `man 3 ipsec_set_policy` for IPsec policy specification
|
|
# details.
|
|
# (CAUTION: This enables your routers prefix renumbering
|
|
# from another machine, so if you enable this, do it with
|
|
# enough care.)
|
|
#
|
|
# If specific interfaces haven't been specified,
|
|
# get a list of interfaces and enable it on them
|
|
#
|
|
case ${rtadvd_interfaces} in
|
|
'')
|
|
for i in `ifconfig -l` ; do
|
|
case $i in
|
|
lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*)
|
|
continue
|
|
;;
|
|
*)
|
|
rtadvd_interfaces="${rtadvd_interfaces} ${i}"
|
|
;;
|
|
esac
|
|
done
|
|
;;
|
|
esac
|
|
command_args="${rtadvd_interfaces}"
|
|
|
|
# Enable Router Renumbering, unicast case
|
|
# (use correct src/dst addr)
|
|
# rtadvd -R "in ipsec ah/transport/fec0:0:0:1::1-fec0:0:0:10::1/require" ${ipv6_network_interfaces}
|
|
# Enable Router Renumbering, multicast case
|
|
# (use correct src addr)
|
|
# rtadvd -R "in ipsec ah/transport/ff05::2-fec0:0:0:10::1/require" ${ipv6_network_interfaces}
|
|
return 0
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|