xref: /freebsd/libexec/rc/rc.d/netoptions (revision e9b1dc32c9bd2ebae5f9e140bfa0e0321bc366b5)
1#!/bin/sh
2#
3# $FreeBSD$
4#
5
6# PROVIDE: netoptions
7# REQUIRE: FILESYSTEMS
8# BEFORE: netif
9# KEYWORD: nojail
10
11. /etc/rc.subr
12. /etc/network.subr
13
14name="netoptions"
15desc="Network options setup"
16start_cmd="netoptions_start"
17stop_cmd=:
18
19_netoptions_initdone=
20netoptions_init()
21{
22	if [ -z "${_netoptions_initdone}" ]; then
23		echo -n 'Additional TCP/IP options:'
24		_netoptions_initdone=yes
25	fi
26}
27
28netoptions_start()
29{
30	local _af
31
32	for _af in inet inet6; do
33		afexists ${_af} && eval netoptions_${_af}
34	done
35	[ -n "${_netoptions_initdone}" ] && echo '.'
36}
37
38netoptions_inet()
39{
40	case ${log_in_vain} in
41	[12])
42		netoptions_init
43		echo -n " log_in_vain=${log_in_vain}"
44		${SYSCTL} net.inet.tcp.log_in_vain=${log_in_vain} >/dev/null
45		${SYSCTL} net.inet.udp.log_in_vain=${log_in_vain} >/dev/null
46		;;
47	*)
48		${SYSCTL} net.inet.tcp.log_in_vain=0 >/dev/null
49		${SYSCTL} net.inet.udp.log_in_vain=0 >/dev/null
50		;;
51	esac
52
53	if checkyesno tcp_extensions; then
54		${SYSCTL} net.inet.tcp.rfc1323=1 >/dev/null
55	else
56		netoptions_init
57		echo -n " rfc1323 extensions=${tcp_extensions}"
58		${SYSCTL} net.inet.tcp.rfc1323=0 >/dev/null
59	fi
60
61	if checkyesno tcp_keepalive; then
62		${SYSCTL} net.inet.tcp.always_keepalive=1 >/dev/null
63	else
64		netoptions_init
65		echo -n " TCP keepalive=${tcp_keepalive}"
66		${SYSCTL} net.inet.tcp.always_keepalive=0 >/dev/null
67	fi
68
69	if checkyesno tcp_drop_synfin; then
70		netoptions_init
71		echo -n " drop SYN+FIN packets=${tcp_drop_synfin}"
72		${SYSCTL} net.inet.tcp.drop_synfin=1 >/dev/null
73	else
74		${SYSCTL} net.inet.tcp.drop_synfin=0 >/dev/null
75	fi
76
77	case ${ip_portrange_first} in
78	[0-9]*)
79		netoptions_init
80		echo -n " ip_portrange_first=$ip_portrange_first"
81		${SYSCTL} net.inet.ip.portrange.first=$ip_portrange_first >/dev/null
82		;;
83	esac
84
85	case ${ip_portrange_last} in
86	[0-9]*)
87		netoptions_init
88		echo -n " ip_portrange_last=$ip_portrange_last"
89		${SYSCTL} net.inet.ip.portrange.last=$ip_portrange_last >/dev/null
90		;;
91	esac
92}
93
94netoptions_inet6()
95{
96	if checkyesno ipv6_ipv4mapping; then
97		netoptions_init
98		echo -n " ipv4-mapped-ipv6=${ipv6_ipv4mapping}"
99		${SYSCTL} net.inet6.ip6.v6only=0 >/dev/null
100	else
101		${SYSCTL} net.inet6.ip6.v6only=1 >/dev/null
102	fi
103
104	if checkyesno ipv6_privacy; then
105		netoptions_init
106		echo -n " IPv6 Privacy Addresses"
107		${SYSCTL} net.inet6.ip6.use_tempaddr=1 >/dev/null
108		${SYSCTL} net.inet6.ip6.prefer_tempaddr=1 >/dev/null
109	fi
110
111	case $ipv6_cpe_wanif in
112	""|[Nn][Oo]|[Nn][Oo][Nn][Ee]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
113		${SYSCTL} net.inet6.ip6.no_radr=0 >/dev/null
114		${SYSCTL} net.inet6.ip6.rfc6204w3=0 >/dev/null
115	;;
116	*)
117		netoptions_init
118		echo -n " IPv6 CPE WANIF=${ipv6_cpe_wanif}"
119		${SYSCTL} net.inet6.ip6.no_radr=1 >/dev/null
120		${SYSCTL} net.inet6.ip6.rfc6204w3=1 >/dev/null
121	;;
122	esac
123}
124
125load_rc_config $name
126run_rc_command $1
127