#!/bin/bash ############################################################################### # # # IPFire.org - A linux based firewall # # Copyright (C) 2010 Michael Tremer & Christian Schmidt # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # # # ############################################################################### RADVD_CONFIGFILE="/etc/radvd.conf" radvd_update() { # (Re-)write the configuration file if radvd_write_config; then # Reload the radvd service if it is already running if service_is_active radvd; then service_reload radvd return ${EXIT_OK} fi # Start the radvd service service_start radvd fi } radvd_clear_config() { log DEBUG "Clearing radv daemon configuration file" config_header "radv daemon configuration file" > ${RADVD_CONFIGFILE} return ${EXIT_OK} } radvd_write_config() { radvd_clear_config # Write the configuration for all zones. local zone # The return value determine if radvd is started or not local return_value=${EXIT_FALSE} for zone in $(zones_get_local); do if __radvd_config_interface ${zone}; then # We return TRUE when __radvd_config_interface returns True return_value=${EXIT_TRUE} fi done >> ${RADVD_CONFIGFILE} return ${return_value} } # This function return ${EXIT_FALSE} if no radvd config was written and ${EXIT_TRUE} in all other cases __radvd_config_interface() { local zone=${1} assert isset zone log DEBUG "Writing radvd configuration for ${zone}." # If the interface does not provide any routing information, # we can skip this whole stuff. if ! db_exists "${zone}/ipv6"; then return ${EXIT_FALSE} fi # Skip if zone is not active. local active="$(db_get "${zone}/ipv6/active")" [ "${active}" = "0" ] && return ${EXIT_FALSE} # Skip if there is no prefix or prefix is link-local. local addr="$(db_get "${zone}/ipv6/local-ip-address")" if [ -z "${addr}" ] || [ "${addr:0:5}" = "fe80:" ]; then return ${EXIT_FALSE} fi # Check if the subnet is configured by the DHCP server. local dhcpd="false" local prefix="$(ipv6_get_network "${addr}")" if isset prefix && dhcpd_subnet_match ipv6 "${prefix}"; then dhcpd="true" fi print "interface ${zone} {" print " AdvSendAdvert on;" print " MinRtrAdvInterval 3;" print " MaxRtrAdvInterval 10;" print " IgnoreIfMissing on;" if enabled dhcpd; then print " AdvManagedFlag on;" print " AdvOtherConfigFlag on;" fi print print " prefix ::/64 {" print " AdvOnLink on;" if enabled dhcpd; then print " AdvRouterAddr off;" print " AdvAutonomous off;" else print " AdvRouterAddr on;" print " AdvAutonomous on;" fi print " };" print # Add the DNS configuration. __radvd_config_dns ${zone} print "};" print return ${EXIT_TRUE} } __radvd_config_dns() { local zone=${1} # Do nothing, when this option is not enabled. enabled DNS_ADVERTISE_SERVERS || return ${EXIT_OK} # XXX it is kind of difficult to announce our local # resolver. local server servers for server in $(dns_server_list_sorted); do # Filter out non IPv6 addresses. ipv6_is_valid ${server} || continue servers="${servers} ${server}" done # Remove whitespaces. servers=$(echo ${servers}) # If there are no servers to announce, we stop right here. if ! isset servers; then log DEBUG "No servers to announce." return ${EXIT_OK} fi print " RDNSS ${servers} {" print " # Use the defaults here." print " };" print }