1#!/bin/sh 2# $FreeBSD$ 3# 4 5# PROVIDE: stf 6# REQUIRE: netif 7# KEYWORD: nojail 8 9. /etc/rc.subr 10. /etc/network.subr 11 12name="stf" 13desc="6to4 tunnel interface" 14start_cmd="stf_up" 15stop_cmd="stf_down" 16 17stf_up() 18{ 19 case ${stf_interface_ipv4addr} in 20 [Nn][Oo] | '') 21 ;; 22 *) 23 # assign IPv6 addr and interface route for 6to4 interface 24 stf_prefixlen=$((16+${stf_interface_ipv4plen:-0})) 25 OIFS="$IFS" 26 IFS=".$IFS" 27 set ${stf_interface_ipv4addr} 28 IFS="$OIFS" 29 hexfrag1=`hexprint $(($1*256 + $2))` 30 hexfrag2=`hexprint $(($3*256 + $4))` 31 ipv4_in_hexformat="${hexfrag1}:${hexfrag2}" 32 case ${stf_interface_ipv6_ifid} in 33 [Aa][Uu][Tt][Oo] | '') 34 for i in ${ipv6_network_interfaces}; do 35 laddr=`network6_getladdr ${i}` 36 case ${laddr} in 37 '') 38 ;; 39 *) 40 break 41 ;; 42 esac 43 done 44 stf_interface_ipv6_ifid=`expr "${laddr}" : \ 45 'fe80::\(.*\)%\(.*\)'` 46 case ${stf_interface_ipv6_ifid} in 47 '') 48 stf_interface_ipv6_ifid=0:0:0:1 49 ;; 50 esac 51 ;; 52 esac 53 echo "Configuring 6to4 tunnel interface: stf0." 54 ifconfig stf0 create >/dev/null 2>&1 55 ifconfig stf0 inet6 2002:${ipv4_in_hexformat}:${stf_interface_ipv6_slaid:-0}:${stf_interface_ipv6_ifid} \ 56 prefixlen ${stf_prefixlen} 57 check_startmsgs && /sbin/ifconfig stf0 58 59 # disallow packets to malicious 6to4 prefix 60 route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject 61 route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject 62 route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject 63 route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject 64 ;; 65 esac 66} 67 68stf_down() 69{ 70 echo "Removing 6to4 tunnel interface: stf0." 71 ifconfig stf0 destroy 72 route delete -inet6 2002:e000:: -prefixlen 20 ::1 73 route delete -inet6 2002:7f00:: -prefixlen 24 ::1 74 route delete -inet6 2002:0000:: -prefixlen 24 ::1 75 route delete -inet6 2002:ff00:: -prefixlen 24 ::1 76} 77 78load_rc_config $name 79run_rc_command "$1" 80