[apple/network_cmds.git] / ip6conf.tproj / ip6config

#!/usr/bin/perl
#
#	Copyright (c) 2002 Apple Computer, Inc. All rights reserved.
#
# @APPLE_LICENSE_HEADER_START@
# 
# "Portions Copyright (c) 2002 Apple Computer, Inc.  All Rights
# Reserved.  This file contains Original Code and/or Modifications of
# Original Code as defined in and that are subject to the Apple Public
# Source License Version 1.0 (the 'License').  You may not use this file
# except in compliance with the License.  Please obtain a copy of the
# License at http://www.apple.com/publicsource and read it before using
# this file.
# 
# The Original Code and all software distributed under the License are
# distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
# EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
# INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT.  Please see the
# License for the specific language governing rights and limitations
# under the License."
# 
# @APPLE_LICENSE_HEADER_END@
#
#	Setup IPv6 for Darwin
#		- Startup/shutdown IPv6 on the given interface
#		- Startup/shutdown 6to4 on the given interface
#		- Start/stop router advertisement.
#
#	Setup 6to4 IPv6, for NetBSD (and maybe others)
#
#	(c) Copyright 2000 Hubert Feyrer <hubert@feyrer.de>
#


# Directory for conf file
$etcdir="/private/etc";
require "$etcdir/6to4.conf";

use Getopt::Std;

###########################################################################
sub do_6to4_setup
{
	#
	# Some sanity checks - check for link-local address and stf
	#
	if (`ifconfig -a | grep fe80: | wc -l` <= 0 or
		`ifconfig -a | grep stf | wc -l` <= 0) {
		die "$0: It seems your kernel does not support IPv6 or 6to4 (stf).\n";
	}
	
	#
	# Take the requested interface from the user
	# Figure out addressing, etc.
	#
	$localadr4 = `ifconfig $ARGV[1] inet | grep inet | grep -v "10.*.*.*"| \
			grep -v "172.[^16-31].*.*" | grep -v "192.168.*.*" | \
			grep -v "169.254.*.*" | grep -v alias`;
	$localadr4 =~ s/^.*inet\s*//;
	$localadr4 =~ s/\s.*$//;
	chomp($localadr4);
	
	@l4c = split('\.', $localadr4);
	$prefix = sprintf("2002:%02x%02x:%02x%02x", @l4c[0..3]);
		
	$localadr6 = sprintf("$prefix:%04x", $v6_net);
	
	#
	# Anycast is default in 6to4.conf file
	#
	if ($peer eq "6to4-anycast") {
		# magic values from rfc 3068
		$remoteadr4 =  "192.88.99.1";
		$remoteadr6 =  "2002:c058:6301::";
	} 
	else {
		chomp($remoteadr4 = `host $peer`);
		$remoteadr4 =~ s/^.*address //;
	
		chomp($remoteadr6 = `host -t AAAA $peer`);
		$remoteadr6 =~ s/^.*address //;
	}
	
}

###########################################################################
sub do_usage
{
    print "Usage: $0 \n";
    print "	start-v6 all | stop-v6 all\n";
    print "	start-v6 [interface] | stop-v6 [interface]\n";
    print "	start-stf [interface] | stop-stf\n";
    print "	start-rtadvd | stop-rtadvd\n";
}
###########################################################################

#
# Process options - just help for now
#
getopts('h');

if ($opt_h) {
    do_usage;
    exit 0;
}

#
# Handle commands
#

# Start IPv6
if ($ARGV[0] eq "start-v6" or $ARGV[0] eq "v6-start") {
	if ($ARGV[1] eq "all") {
		print "Starting IPv6 on all interfaces.\n";
		system "ip6 -a";
	}
	else {
		print "Starting IPv6 on $ARGV[1].\n";
		system "ip6 -u $ARGV[1]";
	}
}

# Stop IPv6
elsif ($ARGV[0] eq "stop-v6" or $ARGV[0] eq "v6-stop") {
	if ($ARGV[1] eq "all") {
		print "Stopping IPv6 on all interfaces.\n";
		system "ip6 -x";
	}
	else {
		print "Stopping IPv6 on $ARGV[1].\n";
		system "ip6 -d $ARGV[1]";
	}
}

# Start 6to4
elsif ($ARGV[0] eq "start-stf" or $ARGV[0] eq "stf-start") {
	do_6to4_setup;
	print "Starting 6to4 on $ARGV[1].\n";
	system "ifconfig stf0 inet6 $localadr6:$hostbits6 prefixlen $v6_prefixlen alias";
	system "route add -inet6 default $remoteadr6";
	if ($in_if ne "") {
	    system "ifconfig $in_if inet6 $prefix:$v6_innernet:$hostbits6";
	}
}

# Stop 6to4
elsif ($ARGV[0] eq "stop-stf" or $ARGV[0] eq "stf-stop") {
	print "Stopping 6to4.\n";
	system "ifconfig stf0 down";
	$cmd="ifconfig stf0 inet6 " .
	     "| grep inet6 " .
	     "| sed -e 's/inet6//' " .
		   "-e 's/prefix.*//g' " .
		   "-e 's/^[ 	]*//' " .
		   "-e 's/[ 	]*\$//'";
	foreach $ip ( split('\s+', `$cmd`)) {
		system "ifconfig stf0 inet6 -alias $ip";
	}
	system "route delete -inet6 default";
}

# Start router advertisement
elsif ($ARGV[0] eq "rtadvd-start" or $ARGV[0] eq "start-rtadvd") {
	print "WARNING: Setting up router advertisement should be done with great care\n";
	print "because of a number of security issues. You should make sure this is\n";
	print "allowed on your network and possibly fine-tune rtadvd.conf.\n";
	print "\n";
	print "Are you sure you want to start router advertisement (yes/no) ?: ";
	while (<STDIN>) {
		chomp;
		if ($_ eq "yes" or $_ eq "y") {
			if ( -f "/var/run/rtadvd.pid" ) {
				print "rtadvd already running!\n";
			} else {
				print "Starting router advertisement.\n";
				system "sysctl -w net.inet6.ip6.forwarding=1";
				system "sysctl -w net.inet6.ip6.accept_rtadv=0";
				shift @ARGV;
				system "rtadvd @ARGV";
			}
			last;
		}
		elsif ($_ eq "no" or $_ eq "n") {
			print "Router advertisement startup aborted.\n";
			last;
		}
		else {
			print "Invalid entry! Try again.\n";
			print "Are you sure you want to start router advertisement? (yes/no): ";
		}
	}
}

# Stop router advertisement
elsif ($ARGV[0] eq "rtadvd-stop" or $ARGV[0] eq "stop-rtadvd") {
    if ( -f "/var/run/rtadvd.pid" ) {
		print "Stopping router advertisement.\n";
		$pid = `cat /var/run/rtadvd.pid`;
		system "kill -TERM $pid";
		system "rm -f /var/run/rtadvd.pid";
		system "rm -f /var/run/6to4-rtadvd.conf.$pid";
    } else {
		print "no rtadvd running!\n";
    }
}
else {
	do_usage;
}
Commit	Line	Data
7ba0088d A	1	#!/usr/bin/perl
	2	#
	3	# Copyright (c) 2002 Apple Computer, Inc. All rights reserved.
	4	#
	5	# @APPLE_LICENSE_HEADER_START@
	6	#
	7	# "Portions Copyright (c) 2002 Apple Computer, Inc. All Rights
	8	# Reserved. This file contains Original Code and/or Modifications of
	9	# Original Code as defined in and that are subject to the Apple Public
	10	# Source License Version 1.0 (the 'License'). You may not use this file
	11	# except in compliance with the License. Please obtain a copy of the
	12	# License at http://www.apple.com/publicsource and read it before using
	13	# this file.
	14	#
	15	# The Original Code and all software distributed under the License are
	16	# distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
	17	# EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
	18	# INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
	19	# FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
	20	# License for the specific language governing rights and limitations
	21	# under the License."
	22	#
	23	# @APPLE_LICENSE_HEADER_END@
	24	#
	25	# Setup IPv6 for Darwin
	26	# - Startup/shutdown IPv6 on the given interface
	27	# - Startup/shutdown 6to4 on the given interface
	28	# - Start/stop router advertisement.
	29	#
	30	# Setup 6to4 IPv6, for NetBSD (and maybe others)
	31	#
	32	# (c) Copyright 2000 Hubert Feyrer <hubert@feyrer.de>
	33	#
	34
	35
	36	# Directory for conf file
	37	$etcdir="/private/etc";
	38	require "$etcdir/6to4.conf";
	39
	40	use Getopt::Std;
	41
	42	###########################################################################
	43	sub do_6to4_setup
	44	{
	45	#
	46	# Some sanity checks - check for link-local address and stf
	47	#
	48	if (`ifconfig -a \| grep fe80: \| wc -l` <= 0 or
	49	`ifconfig -a \| grep stf \| wc -l` <= 0) {
	50	die "$0: It seems your kernel does not support IPv6 or 6to4 (stf).\n";
	51	}
	52
	53	#
	54	# Take the requested interface from the user
	55	# Figure out addressing, etc.
	56	#
ac2f15b3 A	57	$localadr4 = `ifconfig $ARGV[1] inet \| grep inet \| grep -v "10...*"\| \
	58	grep -v "172.[^16-31].." \| grep -v "192.168.." \| \
	59	grep -v "169.254.." \| grep -v alias`;
7ba0088d A	60	$localadr4 =~ s/^.inet\s//;
	61	$localadr4 =~ s/\s.*$//;
	62	chomp($localadr4);
	63
	64	@l4c = split('\.', $localadr4);
	65	$prefix = sprintf("2002:%02x%02x:%02x%02x", @l4c[0..3]);
	66
	67	$localadr6 = sprintf("$prefix:%04x", $v6_net);
	68
	69	#
	70	# Anycast is default in 6to4.conf file
	71	#
	72	if ($peer eq "6to4-anycast") {
	73	# magic values from rfc 3068
	74	$remoteadr4 = "192.88.99.1";
	75	$remoteadr6 = "2002:c058:6301::";
	76	}
	77	else {
	78	chomp($remoteadr4 = `host $peer`);
	79	$remoteadr4 =~ s/^.*address //;
	80
	81	chomp($remoteadr6 = `host -t AAAA $peer`);
	82	$remoteadr6 =~ s/^.*address //;
	83	}
	84
	85	}
	86
	87	###########################################################################
	88	sub do_usage
	89	{
	90	print "Usage: $0 \n";
	91	print " start-v6 all \| stop-v6 all\n";
	92	print " start-v6 [interface] \| stop-v6 [interface]\n";
	93	print " start-stf [interface] \| stop-stf\n";
	94	print " start-rtadvd \| stop-rtadvd\n";
	95	}
	96	###########################################################################
	97
	98	#
	99	# Process options - just help for now
	100	#
	101	getopts('h');
	102
	103	if ($opt_h) {
	104	do_usage;
	105	exit 0;
	106	}
	107
	108	#
	109	# Handle commands
	110	#
	111
	112	# Start IPv6
	113	if ($ARGV[0] eq "start-v6" or $ARGV[0] eq "v6-start") {
	114	if ($ARGV[1] eq "all") {
	115	print "Starting IPv6 on all interfaces.\n";
	116	system "ip6 -a";
	117	}
	118	else {
	119	print "Starting IPv6 on $ARGV[1].\n";
	120	system "ip6 -u $ARGV[1]";
	121	}
	122	}
	123
124	# Stop IPv6
125	elsif ($ARGV[0] eq "stop-v6" or $ARGV[0] eq "v6-stop") {
126	if ($ARGV[1] eq "all") {
127	print "Stopping IPv6 on all interfaces.\n";
128	system "ip6 -x";
129	}
130	else {
131	print "Stopping IPv6 on $ARGV[1].\n";
132	system "ip6 -d $ARGV[1]";
133	}
134	}
135
136	# Start 6to4
137	elsif ($ARGV[0] eq "start-stf" or $ARGV[0] eq "stf-start") {
138	do_6to4_setup;
139	print "Starting 6to4 on $ARGV[1].\n";
140	system "ifconfig stf0 inet6 $localadr6:$hostbits6 prefixlen $v6_prefixlen alias";
141	system "route add -inet6 default $remoteadr6";
142	if ($in_if ne "") {
143	system "ifconfig $in_if inet6 $prefix:$v6_innernet:$hostbits6";
144	}
145	}
146
147	# Stop 6to4
148	elsif ($ARGV[0] eq "stop-stf" or $ARGV[0] eq "stf-stop") {
149	print "Stopping 6to4.\n";
150	system "ifconfig stf0 down";
151	$cmd="ifconfig stf0 inet6 " .
152	"\| grep inet6 " .
153	"\| sed -e 's/inet6//' " .
154	"-e 's/prefix.*//g' " .
155	"-e 's/^[ ]*//' " .
156	"-e 's/[ ]*\$//'";
157	foreach $ip ( split('\s+', `$cmd`)) {
158	system "ifconfig stf0 inet6 -alias $ip";
159	}
160	system "route delete -inet6 default";
161	}
162
163	# Start router advertisement
164	elsif ($ARGV[0] eq "rtadvd-start" or $ARGV[0] eq "start-rtadvd") {
165	print "WARNING: Setting up router advertisement should be done with great care\n";
166	print "because of a number of security issues. You should make sure this is\n";
167	print "allowed on your network and possibly fine-tune rtadvd.conf.\n";
168	print "\n";
169	print "Are you sure you want to start router advertisement (yes/no) ?: ";
170	while (<STDIN>) {
171	chomp;
172	if ($_ eq "yes" or $_ eq "y") {
173	if ( -f "/var/run/rtadvd.pid" ) {
174	print "rtadvd already running!\n";
175	} else {
176	print "Starting router advertisement.\n";
177	system "sysctl -w net.inet6.ip6.forwarding=1";
178	system "sysctl -w net.inet6.ip6.accept_rtadv=0";
179	shift @ARGV;
180	system "rtadvd @ARGV";
181	}
182	last;
183	}
184	elsif ($_ eq "no" or $_ eq "n") {
185	print "Router advertisement startup aborted.\n";
186	last;
187	}
188	else {
189	print "Invalid entry! Try again.\n";
190	print "Are you sure you want to start router advertisement? (yes/no): ";
191	}
192	}
193	}
194
195	# Stop router advertisement
196	elsif ($ARGV[0] eq "rtadvd-stop" or $ARGV[0] eq "stop-rtadvd") {
197	if ( -f "/var/run/rtadvd.pid" ) {
198	print "Stopping router advertisement.\n";
199	$pid = `cat /var/run/rtadvd.pid`;
200	system "kill -TERM $pid";
201	system "rm -f /var/run/rtadvd.pid";
202	system "rm -f /var/run/6to4-rtadvd.conf.$pid";
203	} else {
204	print "no rtadvd running!\n";
205	}
206	}
207	else {
208	do_usage;
209	}