xref: /freebsd/libexec/rc/rc.d/netoptions (revision 357378bbdedf24ce2b90e9bd831af4a9db3ec70a)
1#!/bin/sh
2#
3#
4
5# PROVIDE: netoptions
6# REQUIRE: FILESYSTEMS
7# BEFORE: netif
8# KEYWORD: nojailvnet
9
10. /etc/rc.subr
11. /etc/network.subr
12
13name="netoptions"
14desc="Network options setup"
15start_cmd="netoptions_start"
16stop_cmd=:
17
18_netoptions_initdone=
19netoptions_init()
20{
21	if [ -z "${_netoptions_initdone}" ]; then
22		echo -n 'Additional TCP/IP options:'
23		_netoptions_initdone=yes
24	fi
25}
26
27netoptions_start()
28{
29	local _af
30
31	for _af in inet inet6; do
32		afexists ${_af} && eval netoptions_${_af}
33	done
34	[ -n "${_netoptions_initdone}" ] && echo '.'
35}
36
37netoptions_inet()
38{
39	case ${log_in_vain} in
40	[12])
41		netoptions_init
42		echo -n " log_in_vain=${log_in_vain}"
43		${SYSCTL} net.inet.tcp.log_in_vain=${log_in_vain} >/dev/null
44		${SYSCTL} net.inet.udp.log_in_vain=${log_in_vain} >/dev/null
45		;;
46	*)
47		${SYSCTL} net.inet.tcp.log_in_vain=0 >/dev/null
48		${SYSCTL} net.inet.udp.log_in_vain=0 >/dev/null
49		;;
50	esac
51
52	if checkyesno tcp_extensions; then
53		${SYSCTL} net.inet.tcp.rfc1323=1 >/dev/null
54	else
55		netoptions_init
56		echo -n " rfc1323 extensions=${tcp_extensions}"
57		${SYSCTL} net.inet.tcp.rfc1323=0 >/dev/null
58	fi
59
60	if checkyesno tcp_keepalive; then
61		${SYSCTL} net.inet.tcp.always_keepalive=1 >/dev/null
62	else
63		netoptions_init
64		echo -n " TCP keepalive=${tcp_keepalive}"
65		${SYSCTL} net.inet.tcp.always_keepalive=0 >/dev/null
66	fi
67
68	if checkyesno tcp_drop_synfin; then
69		netoptions_init
70		echo -n " drop SYN+FIN packets=${tcp_drop_synfin}"
71		${SYSCTL} net.inet.tcp.drop_synfin=1 >/dev/null
72	else
73		${SYSCTL} net.inet.tcp.drop_synfin=0 >/dev/null
74	fi
75
76	case ${ip_portrange_first} in
77	[0-9]*)
78		netoptions_init
79		echo -n " ip_portrange_first=$ip_portrange_first"
80		${SYSCTL} net.inet.ip.portrange.first=$ip_portrange_first >/dev/null
81		;;
82	esac
83
84	case ${ip_portrange_last} in
85	[0-9]*)
86		netoptions_init
87		echo -n " ip_portrange_last=$ip_portrange_last"
88		${SYSCTL} net.inet.ip.portrange.last=$ip_portrange_last >/dev/null
89		;;
90	esac
91}
92
93netoptions_inet6()
94{
95	if checkyesno ipv6_ipv4mapping; then
96		netoptions_init
97		echo -n " ipv4-mapped-ipv6=${ipv6_ipv4mapping}"
98		${SYSCTL} net.inet6.ip6.v6only=0 >/dev/null
99	else
100		${SYSCTL} net.inet6.ip6.v6only=1 >/dev/null
101	fi
102
103	if checkyesno ipv6_privacy; then
104		netoptions_init
105		echo -n " IPv6 Privacy Addresses"
106		${SYSCTL} net.inet6.ip6.use_tempaddr=1 >/dev/null
107		${SYSCTL} net.inet6.ip6.prefer_tempaddr=1 >/dev/null
108	fi
109
110	case $ipv6_cpe_wanif in
111	""|[Nn][Oo]|[Nn][Oo][Nn][Ee]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
112		${SYSCTL} net.inet6.ip6.no_radr=0 >/dev/null
113		${SYSCTL} net.inet6.ip6.rfc6204w3=0 >/dev/null
114	;;
115	*)
116		netoptions_init
117		echo -n " IPv6 CPE WANIF=${ipv6_cpe_wanif}"
118		${SYSCTL} net.inet6.ip6.no_radr=1 >/dev/null
119		${SYSCTL} net.inet6.ip6.rfc6204w3=1 >/dev/null
120	;;
121	esac
122}
123
124load_rc_config $name
125
126# doesn't make sense to run in a svcj: config setting
127netoptions_svcj="NO"
128
129run_rc_command $1
130