diff options
| author | Richard Gallamore <ultima@FreeBSD.org> | 2017-08-08 22:06:40 +0000 |
|---|---|---|
| committer | Richard Gallamore <ultima@FreeBSD.org> | 2017-08-08 22:06:40 +0000 |
| commit | a85c20e18012dd2cf2d47478768df2141b94cd8a (patch) | |
| tree | 883075f6b15ad7856652dc4d13f721b8d382d9df /net/ndproxy/files | |
| parent | * Bump PORTREVISION (diff) | |
The ndproxy(4) kernel module implements IPv6 Neighbor Discovery
proxying with many options to handle several use-cases.
It replies to a neighbor solicitation with a specific neighbor
advertisement, in order to let the PE uplink router send further
packets to a CPE downlink router, that may or may not be the same
node that the one which runs ndproxy.
The main difference with the ndp(8) command-line tool is that, with
ndproxy(4), the host running ndp can be used only to redirect
packets to another IPv6 internal router, for instance a dedicated
one with hardware support of IPv6 routing processes.
WWW: http://www.fenyo.net/newweb/ndproxy.html
PR: 219622
Submitted by: Alexandre Fenyo (maintainer)
Reviewed by: matthew (mentor), mat
Approved by: matthew (mentor)
Differential Revision: https://reviews.freebsd.org/D11892
Notes
Notes:
svn path=/head/; revision=447578
Diffstat (limited to 'net/ndproxy/files')
| -rw-r--r-- | net/ndproxy/files/ndproxy.in | 73 | ||||
| -rw-r--r-- | net/ndproxy/files/pkg-message.in | 22 |
2 files changed, 95 insertions, 0 deletions
diff --git a/net/ndproxy/files/ndproxy.in b/net/ndproxy/files/ndproxy.in new file mode 100644 index 000000000000..548c21388903 --- /dev/null +++ b/net/ndproxy/files/ndproxy.in @@ -0,0 +1,73 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: ndproxy +# REQUIRE: NETWORKING sysctl +# KEYWORD: nojail + +. /etc/rc.subr + +name="ndproxy" +rcvar=ndproxy_enable +start_cmd="ndproxy_start" +stop_cmd="ndproxy_stop" + +ndproxy_start() +{ + echo "Starting ndproxy:" + if ! sysctl net.inet6.ndproxyconf_uplink_interface > /dev/null 2>&1; then + if ! kldload ndproxy > /dev/null 2>&1; then + echo Failure loading ndproxy. + return; + fi + fi + + sysctl net.inet6.ndproxycount=0 + + if [ -z "${ndproxy_uplink_interface}" ]; then + echo "Warning: ndproxy_uplink_interface should be defined in rc.conf (see ndproxy(4))." + fi + sysctl net.inet6.ndproxyconf_uplink_interface=${ndproxy_uplink_interface} + + if [ -z "${ndproxy_downlink_mac_address}" ]; then + echo "Warning: ndproxy_downlink_mac_address should be defined in rc.conf (see ndproxy(4))." + fi + sysctl net.inet6.ndproxyconf_downlink_mac_address=${ndproxy_downlink_mac_address} + + if [ -z "${ndproxy_uplink_ipv6_addresses}" ]; then + echo "Warning: ndproxy_uplink_ipv6_addresses should be defined in rc.conf (see ndproxy(4))." + fi + sysctl net.inet6.ndproxyconf_exception_ipv6_addresses=${ndproxy_exception_ipv6_addresses} + + # Note that ndproxy_exception_ipv6_addresses may be left empty. + + if [ -n "${ndproxy_uplink_interface}" ]; then + if ! ifconfig ${ndproxy_uplink_interface} | head -1 | grep -q PPROMISC; then + echo "Putting interface ${ndproxy_uplink_interface} into permanently promiscuous mode." + ifconfig ${ndproxy_uplink_interface} promisc + fi + fi + sysctl net.inet6.ndproxyconf_uplink_ipv6_addresses=${ndproxy_uplink_ipv6_addresses} + + echo Done. +} + +ndproxy_stop() +{ + echo "Stopping ndproxy:" + + if ! sysctl net.inet6.ndproxyconf_uplink_interface > /dev/null 2>&1; then + echo Failure unloading ndproxy. + else + if ! kldunload ndproxy > /dev/null 2>&1; then + echo Failure unloading ndproxy. + else + echo Done. + fi + fi +} + +load_rc_config $name +run_rc_command "$1" diff --git a/net/ndproxy/files/pkg-message.in b/net/ndproxy/files/pkg-message.in new file mode 100644 index 000000000000..4b65b7629f51 --- /dev/null +++ b/net/ndproxy/files/pkg-message.in @@ -0,0 +1,22 @@ +------------------------------------------------------------------------------- +IMPORTANT! MAKE SURE TO READ THE FOLLOWING! + +Please remember to reinstall this port after kernel source update. + +ndproxy is configured using four sysctl kernel states. The boot script +(%%PREFIX%%/etc/rc.d/ndproxy) can set those states using rc.conf variables. + +Here is the corresponding rc.conf variable to each sysctl kernel state: + +sysctl kernel state rc.conf corresponding variable +------------------------------------------------------------------------------- +net.inet6.ndproxyconf_uplink_interface ndproxy_uplink_interface +net.inet6.ndproxyconf_downlink_mac_address ndproxy_downlink_mac_address +net.inet6.ndproxyconf_exception_ipv6_addresses ndproxy_exception_ipv6_addresses +net.inet6.ndproxyconf_uplink_ipv6_addresses ndproxy_uplink_ipv6_addresses + +The network interface set in ndproxy_uplink_interface will be put into +permanently promiscuous mode. + +IMPORTANT! MAKE SURE TO READ THE ABOVE! +------------------------------------------------------------------------------- |