8354 sync regcomp(3C) with upstream (fix make catalog)
[unleashed/tickless.git] / usr / src / cmd / svc / milestone / net-iptun
blobf912d6ee9a02ca2ad045b116e6cc901b95a66cad
1 #!/sbin/sh
3 # CDDL HEADER START
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
20 # CDDL HEADER END
23 # Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 # Use is subject to license terms.
26 # This service configures IP tunnel links and IP interfaces over IP
27 # tunnels.
30 . /lib/svc/share/smf_include.sh
33 # Configure tunnels which were deferred by /lib/svc/method/net-physical (the
34 # svc:/network/physical service) since it depends on the tunnel source
35 # addresses being available.
37 # WARNING: you may wish to turn OFF forwarding if you haven't already, because
38 # of various possible security vulnerabilities when configuring tunnels for
39 # Virtual Private Network (VPN) construction.
41 # Also, if names are used in the /etc/hostname*.* files, those names have to
42 # be in either DNS (and DNS is used) or in /etc/hosts, because this file is
43 # executed before NIS is started.
47 # get_tunnel_links: print the names of the tunnel links currently configured
48 # on the running system.
50 get_tunnel_links ()
52 /sbin/dladm show-iptun -p -o link
55 # plumb_tunnel <intf_name> <net_type> <intf_file>
56 plumb_tunnel ()
58 /sbin/ifconfig $1 $2 plumb
59 while read ifcmds; do
60 if [ -n "$ifcmds" ]; then
61 /sbin/ifconfig $1 $2 $ifcmds
63 done < $3 > /dev/null
64 /sbin/ifconfig $1 $2 up
67 case "$1" in
68 start)
69 # First, bring up tunnel links
70 /sbin/dladm up-iptun
73 # Get the list of IP tunnel interfaces we'll need to configure. These
74 # are comprised of IP interfaces over the tunnels we've just brought
75 # up in the above dladm command, and the implicit tunnels named "ip.*"
76 # that we'll also create for backward compatibility. When we build
77 # the list of implicit tunnels, we have to make sure that they're not
78 # different kinds of links that are simply named "ip.*".
80 tunnel_links=`get_tunnel_links`
81 implicit_tunnel_names=`/usr/bin/ls -1 /etc/hostname.ip*.*[0-9] \
82 /etc/hostname6.ip*.*[0-9] 2> /dev/null | /usr/bin/cut -f2- -d. | \
83 /usr/bin/sort -u`
84 for intf_name in $implicit_tunnel_names; do
85 /sbin/dladm show-link -pP $intf_name > /dev/null 2>&1
86 if [ $? -ne 0 ]; then
87 implicit_tunnels="$implicit_tunnels $intf_name"
89 done
90 tunnel_interfaces=`for intf in $tunnel_links $implicit_tunnels; do \
91 echo $intf; done | /usr/bin/sort -u`
93 for intf_name in $tunnel_interfaces; do
94 if [ -f /etc/hostname.$intf_name ]; then
95 plumb_tunnel $intf_name inet /etc/hostname.$intf_name
97 if [ -f /etc/hostname6.$intf_name ]; then
98 plumb_tunnel $intf_name inet6 /etc/hostname6.$intf_name
101 # Configure IP tunnel interfaces set up using ipadm
103 state=`/sbin/ipadm show-if -p -o state $intf_name`
104 if [ $? -ne 0 ] || [ "$state" != "disabled" ]; then
106 # skip if not managed my ipadm or if not a persistent
107 # interface
109 continue;
110 elif [ -f /etc/hostname.$intf_name ] ||\
111 [ -f /etc/hostname6.$intf_name ]; then
112 echo "found /etc/hostname.$intf_name or "\
113 "/etc/hostname6.$intfi_name, ignoring ipadm "\
114 "configuration" > /dev/msglog
115 continue;
116 else
117 # Enable the interface managed by ipadm
118 /sbin/ipadm enable-if -t $intf_name
120 done
123 # Set 6to4 Relay Router communication support policy and, if
124 # applicable, the destination Relay Router IPv4 address. See
125 # /etc/default/inetinit for setting and further info on
126 # ACCEPT6TO4RELAY and RELAY6TO4ADDR. If ACCEPT6TO4RELAY=NO, the
127 # default value in the kernel will be used.
129 [ -f /etc/default/inetinit ] && . /etc/default/inetinit
130 ACCEPT6TO4RELAY=`echo "$ACCEPT6TO4RELAY" | /usr/bin/tr '[A-Z]' '[a-z]'`
131 if [ "$ACCEPT6TO4RELAY" = yes ]; then
132 if [ "$RELAY6TO4ADDR" ]; then
133 /usr/sbin/6to4relay -e -a $RELAY6TO4ADDR
134 else
135 /usr/sbin/6to4relay -e
140 stop)
141 tunnel_links=`get_tunnel_links`
143 # Unplumb IP interfaces
144 for tun in $tunnel_links; do
145 /sbin/ifconfig $tun unplumb > /dev/null 2>&1
146 /sbin/ifconfig $tun inet6 unplumb > /dev/null 2>&1
147 /sbin/ipadm disable-if -t $tun > /dev/null 2>&1
148 done
150 # Take down the IP tunnel links
151 /sbin/dladm down-iptun
155 echo "Usage: $0 { start | stop }"
156 exit 1
158 esac
160 exit $SMF_EXIT_OK