diff options
| author | Richard Gallamore <ultima@FreeBSD.org> | 2017-08-08 22:06:40 +0000 |
|---|---|---|
| committer | Richard Gallamore <ultima@FreeBSD.org> | 2017-08-08 22:06:40 +0000 |
| commit | a85c20e18012dd2cf2d47478768df2141b94cd8a (patch) | |
| tree | 883075f6b15ad7856652dc4d13f721b8d382d9df | |
| parent | * Bump PORTREVISION (diff) | |
The ndproxy(4) kernel module implements IPv6 Neighbor Discovery
proxying with many options to handle several use-cases.
It replies to a neighbor solicitation with a specific neighbor
advertisement, in order to let the PE uplink router send further
packets to a CPE downlink router, that may or may not be the same
node that the one which runs ndproxy.
The main difference with the ndp(8) command-line tool is that, with
ndproxy(4), the host running ndp can be used only to redirect
packets to another IPv6 internal router, for instance a dedicated
one with hardware support of IPv6 routing processes.
WWW: http://www.fenyo.net/newweb/ndproxy.html
PR: 219622
Submitted by: Alexandre Fenyo (maintainer)
Reviewed by: matthew (mentor), mat
Approved by: matthew (mentor)
Differential Revision: https://reviews.freebsd.org/D11892
| -rw-r--r-- | net/Makefile | 1 | ||||
| -rw-r--r-- | net/ndproxy/Makefile | 30 | ||||
| -rw-r--r-- | net/ndproxy/distinfo | 3 | ||||
| -rw-r--r-- | net/ndproxy/files/ndproxy.in | 73 | ||||
| -rw-r--r-- | net/ndproxy/files/pkg-message.in | 22 | ||||
| -rw-r--r-- | net/ndproxy/pkg-descr | 14 |
6 files changed, 143 insertions, 0 deletions
diff --git a/net/Makefile b/net/Makefile index 4e76a1edb702..04f069c4a201 100644 --- a/net/Makefile +++ b/net/Makefile @@ -446,6 +446,7 @@ SUBDIR += ncp SUBDIR += ndisc6 SUBDIR += ndpi + SUBDIR += ndproxy SUBDIR += nepenthes SUBDIR += nepim SUBDIR += net6 diff --git a/net/ndproxy/Makefile b/net/ndproxy/Makefile new file mode 100644 index 000000000000..545022c5f79d --- /dev/null +++ b/net/ndproxy/Makefile @@ -0,0 +1,30 @@ +# $FreeBSD$ + +PORTNAME= ndproxy +PORTVERSION= 2.0 +DISTVERSIONPREFIX= v +CATEGORIES= net ipv6 + +MAINTAINER= fbsd.bugzilla@fenyo.net +COMMENT= Implementation of IPv6 Neighbor Discovery proxy + +LICENSE= BSD2CLAUSE +LICENSE_FILE= ${WRKSRC}/LICENSE + +SUB_FILES= pkg-message + +USES= kmod +USE_RC_SUBR= ndproxy +USE_GITHUB= yes +GH_ACCOUNT= AlexandreFenyo + +PLIST_FILES= ${KMODDIR}/${PORTNAME}.ko man/man4/${PORTNAME}.4.gz + +pre-build: + (cd ${BUILD_WRKSRC}; ${MAKE} depend) + +do-install: + ${INSTALL_KLD} ${WRKSRC}/${PORTNAME}.ko ${STAGEDIR}${KMODDIR} + ${INSTALL_MAN} ${WRKSRC}/${PORTNAME}.4 ${STAGEDIR}${PREFIX}/man/man4/ + +.include <bsd.port.mk> diff --git a/net/ndproxy/distinfo b/net/ndproxy/distinfo new file mode 100644 index 000000000000..5a67bfc3a4cf --- /dev/null +++ b/net/ndproxy/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1502146291 +SHA256 (AlexandreFenyo-ndproxy-v2.0_GH0.tar.gz) = 29c626355d91fef9c13281d668b2a1f79618758c44c4aaf4b0434977ceb38588 +SIZE (AlexandreFenyo-ndproxy-v2.0_GH0.tar.gz) = 8274107 diff --git a/net/ndproxy/files/ndproxy.in b/net/ndproxy/files/ndproxy.in new file mode 100644 index 000000000000..548c21388903 --- /dev/null +++ b/net/ndproxy/files/ndproxy.in @@ -0,0 +1,73 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: ndproxy +# REQUIRE: NETWORKING sysctl +# KEYWORD: nojail + +. /etc/rc.subr + +name="ndproxy" +rcvar=ndproxy_enable +start_cmd="ndproxy_start" +stop_cmd="ndproxy_stop" + +ndproxy_start() +{ + echo "Starting ndproxy:" + if ! sysctl net.inet6.ndproxyconf_uplink_interface > /dev/null 2>&1; then + if ! kldload ndproxy > /dev/null 2>&1; then + echo Failure loading ndproxy. + return; + fi + fi + + sysctl net.inet6.ndproxycount=0 + + if [ -z "${ndproxy_uplink_interface}" ]; then + echo "Warning: ndproxy_uplink_interface should be defined in rc.conf (see ndproxy(4))." + fi + sysctl net.inet6.ndproxyconf_uplink_interface=${ndproxy_uplink_interface} + + if [ -z "${ndproxy_downlink_mac_address}" ]; then + echo "Warning: ndproxy_downlink_mac_address should be defined in rc.conf (see ndproxy(4))." + fi + sysctl net.inet6.ndproxyconf_downlink_mac_address=${ndproxy_downlink_mac_address} + + if [ -z "${ndproxy_uplink_ipv6_addresses}" ]; then + echo "Warning: ndproxy_uplink_ipv6_addresses should be defined in rc.conf (see ndproxy(4))." + fi + sysctl net.inet6.ndproxyconf_exception_ipv6_addresses=${ndproxy_exception_ipv6_addresses} + + # Note that ndproxy_exception_ipv6_addresses may be left empty. + + if [ -n "${ndproxy_uplink_interface}" ]; then + if ! ifconfig ${ndproxy_uplink_interface} | head -1 | grep -q PPROMISC; then + echo "Putting interface ${ndproxy_uplink_interface} into permanently promiscuous mode." + ifconfig ${ndproxy_uplink_interface} promisc + fi + fi + sysctl net.inet6.ndproxyconf_uplink_ipv6_addresses=${ndproxy_uplink_ipv6_addresses} + + echo Done. +} + +ndproxy_stop() +{ + echo "Stopping ndproxy:" + + if ! sysctl net.inet6.ndproxyconf_uplink_interface > /dev/null 2>&1; then + echo Failure unloading ndproxy. + else + if ! kldunload ndproxy > /dev/null 2>&1; then + echo Failure unloading ndproxy. + else + echo Done. + fi + fi +} + +load_rc_config $name +run_rc_command "$1" diff --git a/net/ndproxy/files/pkg-message.in b/net/ndproxy/files/pkg-message.in new file mode 100644 index 000000000000..4b65b7629f51 --- /dev/null +++ b/net/ndproxy/files/pkg-message.in @@ -0,0 +1,22 @@ +------------------------------------------------------------------------------- +IMPORTANT! MAKE SURE TO READ THE FOLLOWING! + +Please remember to reinstall this port after kernel source update. + +ndproxy is configured using four sysctl kernel states. The boot script +(%%PREFIX%%/etc/rc.d/ndproxy) can set those states using rc.conf variables. + +Here is the corresponding rc.conf variable to each sysctl kernel state: + +sysctl kernel state rc.conf corresponding variable +------------------------------------------------------------------------------- +net.inet6.ndproxyconf_uplink_interface ndproxy_uplink_interface +net.inet6.ndproxyconf_downlink_mac_address ndproxy_downlink_mac_address +net.inet6.ndproxyconf_exception_ipv6_addresses ndproxy_exception_ipv6_addresses +net.inet6.ndproxyconf_uplink_ipv6_addresses ndproxy_uplink_ipv6_addresses + +The network interface set in ndproxy_uplink_interface will be put into +permanently promiscuous mode. + +IMPORTANT! MAKE SURE TO READ THE ABOVE! +------------------------------------------------------------------------------- diff --git a/net/ndproxy/pkg-descr b/net/ndproxy/pkg-descr new file mode 100644 index 000000000000..694a323f0ad5 --- /dev/null +++ b/net/ndproxy/pkg-descr @@ -0,0 +1,14 @@ +The ndproxy(4) kernel module implements IPv6 Neighbor Discovery +proxying with many options to handle several use-cases. + +It replies to a neighbor solicitation with a specific neighbor +advertisement, in order to let the PE uplink router send further +packets to a CPE downlink router, that may or may not be the same +node that the one which runs ndproxy. + +The main difference with the ndp(8) command-line tool is that, with +ndproxy(4), the host running ndp can be used only to redirect +packets to another IPv6 internal router, for instance a dedicated +one with hardware support of IPv6 routing processes. + +WWW: http://www.fenyo.net/newweb/ndproxy.html |