#!/bin/bash ############################################################################### # # # IPFire.org - A linux based firewall # # Copyright (C) 2010 Michael Tremer & Christian Schmidt # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation, either version 3 of the License, or # # (at your option) any later version. # # # # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # # # ############################################################################### . /usr/lib/network/header-config HOOK_CONFIG_SETTINGS="HOOK PRIVACY_EXTENSIONS" # Privacy Extensions are disabled by default PRIVACY_EXTENSIONS="off" hook_check_config_settings() { assert isbool PRIVACY_EXTENSIONS } hook_parse_cmdline() { local arg while read arg; do case "${arg}" in --privacy-extensions=*) local val="$(cli_get_val "${arg}")" if enabled val; then PRIVACY_EXTENSIONS="on" else PRIVACY_EXTENSIONS="off" fi ;; esac done <<< "$(args "$@")" } hook_new() { local zone="${1}" shift if zone_config_hook_is_configured ${zone} "ipv6-auto"; then log ERROR "You can configure the ipv6-auto hook only once for a zone" return ${EXIT_ERROR} fi if ! hook_parse_cmdline "$@"; then # Return an error if the parsing of the cmd line fails return ${EXIT_ERROR} fi zone_config_settings_write "${zone}" "${HOOK}" exit ${EXIT_OK} } hook_up() { local zone=${1} shift if ! device_exists ${zone}; then error "Zone '${zone}' doesn't exist." exit ${EXIT_ERROR} fi zone_config_settings_read "${zone}" "${HOOK}" # Enable IPv6 auto-configuration ipv6_device_autoconf_enable "${zone}" # Set up privacy extensions (RFC3041) if enabled PRIVACY_EXTENSIONS; then ipv6_device_privacy_extensions_enable "${zone}" else ipv6_device_privacy_extensions_disable "${zone}" fi exit ${EXIT_OK} } hook_down() { local zone=${1} local config=${2} shift 2 if ! device_exists ${zone}; then error "Zone '${zone}' doesn't exist." exit ${EXIT_ERROR} fi # Disable IPv6 auto-configuration ipv6_device_autoconf_disable "${zone}" exit ${EXIT_OK} } hook_status() { local zone=${1} local config=${2} shift 2 if ! device_exists ${zone}; then error "Zone '${zone}' doesn't exist." exit ${EXIT_ERROR} fi zone_config_settings_read "${zone}" "${config}" local addresses=$(ipv6_device_get_addresses "${zone}" --scope="global") local status if isset addresses; then status="${MSG_HOOK_UP}" else status="${MSG_HOOK_DOWN}" fi cli_statusline 3 "${HOOK}" "${status}" if enabled PRIVACY_EXTENSIONS; then cli_print_fmt1 3 "Privacy Extensions enabled" cli_space fi local addr for addr in ${addresses}; do cli_print_fmt1 3 "IPv6 address" "${addr}" done cli_space exit ${EXIT_OK} }