1#!/bin/sh 2# 3# $FreeBSD$ 4# 5 6# PROVIDE: netoptions 7# REQUIRE: FILESYSTEMS 8# BEFORE: netif 9# KEYWORD: nojail 10 11. /etc/rc.subr 12. /etc/network.subr 13 14name="netoptions" 15desc="Network options setup" 16start_cmd="netoptions_start" 17stop_cmd=: 18 19_netoptions_initdone= 20netoptions_init() 21{ 22 if [ -z "${_netoptions_initdone}" ]; then 23 echo -n 'Additional TCP/IP options:' 24 _netoptions_initdone=yes 25 fi 26} 27 28netoptions_start() 29{ 30 local _af 31 32 for _af in inet inet6; do 33 afexists ${_af} && eval netoptions_${_af} 34 done 35 [ -n "${_netoptions_initdone}" ] && echo '.' 36} 37 38netoptions_inet() 39{ 40 case ${log_in_vain} in 41 [12]) 42 netoptions_init 43 echo -n " log_in_vain=${log_in_vain}" 44 ${SYSCTL} net.inet.tcp.log_in_vain=${log_in_vain} >/dev/null 45 ${SYSCTL} net.inet.udp.log_in_vain=${log_in_vain} >/dev/null 46 ;; 47 *) 48 ${SYSCTL} net.inet.tcp.log_in_vain=0 >/dev/null 49 ${SYSCTL} net.inet.udp.log_in_vain=0 >/dev/null 50 ;; 51 esac 52 53 if checkyesno tcp_extensions; then 54 ${SYSCTL} net.inet.tcp.rfc1323=1 >/dev/null 55 else 56 netoptions_init 57 echo -n " rfc1323 extensions=${tcp_extensions}" 58 ${SYSCTL} net.inet.tcp.rfc1323=0 >/dev/null 59 fi 60 61 if checkyesno tcp_keepalive; then 62 ${SYSCTL} net.inet.tcp.always_keepalive=1 >/dev/null 63 else 64 netoptions_init 65 echo -n " TCP keepalive=${tcp_keepalive}" 66 ${SYSCTL} net.inet.tcp.always_keepalive=0 >/dev/null 67 fi 68 69 if checkyesno tcp_drop_synfin; then 70 netoptions_init 71 echo -n " drop SYN+FIN packets=${tcp_drop_synfin}" 72 ${SYSCTL} net.inet.tcp.drop_synfin=1 >/dev/null 73 else 74 ${SYSCTL} net.inet.tcp.drop_synfin=0 >/dev/null 75 fi 76 77 case ${ip_portrange_first} in 78 [0-9]*) 79 netoptions_init 80 echo -n " ip_portrange_first=$ip_portrange_first" 81 ${SYSCTL} net.inet.ip.portrange.first=$ip_portrange_first >/dev/null 82 ;; 83 esac 84 85 case ${ip_portrange_last} in 86 [0-9]*) 87 netoptions_init 88 echo -n " ip_portrange_last=$ip_portrange_last" 89 ${SYSCTL} net.inet.ip.portrange.last=$ip_portrange_last >/dev/null 90 ;; 91 esac 92} 93 94netoptions_inet6() 95{ 96 if checkyesno ipv6_ipv4mapping; then 97 netoptions_init 98 echo -n " ipv4-mapped-ipv6=${ipv6_ipv4mapping}" 99 ${SYSCTL} net.inet6.ip6.v6only=0 >/dev/null 100 else 101 ${SYSCTL} net.inet6.ip6.v6only=1 >/dev/null 102 fi 103 104 if checkyesno ipv6_privacy; then 105 netoptions_init 106 echo -n " IPv6 Privacy Addresses" 107 ${SYSCTL} net.inet6.ip6.use_tempaddr=1 >/dev/null 108 ${SYSCTL} net.inet6.ip6.prefer_tempaddr=1 >/dev/null 109 fi 110 111 case $ipv6_cpe_wanif in 112 ""|[Nn][Oo]|[Nn][Oo][Nn][Ee]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0) 113 ${SYSCTL} net.inet6.ip6.no_radr=0 >/dev/null 114 ${SYSCTL} net.inet6.ip6.rfc6204w3=0 >/dev/null 115 ;; 116 *) 117 netoptions_init 118 echo -n " IPv6 CPE WANIF=${ipv6_cpe_wanif}" 119 ${SYSCTL} net.inet6.ip6.no_radr=1 >/dev/null 120 ${SYSCTL} net.inet6.ip6.rfc6204w3=1 >/dev/null 121 ;; 122 esac 123} 124 125load_rc_config $name 126run_rc_command $1 127