CHips L MINI SHELL

CHips L pro

Current Path : /proc/3/cwd/etc/sysconfig/network-scripts/
Upload File :
Current File : //proc/3/cwd/etc/sysconfig/network-scripts/network-functions-ipv6

# network-functions-ipv6
#
# Taken from: network-functions-ipv6
# (P) & (C) 1997-2005 by Peter Bieringer <pb@bieringer.de>
#
#  You will find more information on the initscripts-ipv6 homepage at
#   http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# Version: 2006-08-03
#
#






##### Logging function
#  $1: <message> : message string
#  $2: [stdout|stderr].[err|warn[ing]|inf[o]|notice] : log level with optional channel, default is "stdout.notice"
#      [syslog.[facility.].err|warn[ing]|inf[o]|notice : syslog channel, default is "syslog.user.notice"
#  $3: <function name> : name of function which calls this log function, can be empty using ""
# return code: 0=ok 1=argument error  3=major problem
ipv6_log() {
	local message="$1"
	local level="$2"
	local name="$3"

	if [ -z "$message" ]; then
		echo $"ERROR: [ipv6_log] Missing 'message' (arg 1)" >/dev/stderr
		return 1
	fi
	if [ -z "$level" ]; then
		local level="stdout.notice"
	fi


	# Map loglevel now
	local fn=1
	local fnawk="print \$$fn"
	local t="$(echo $level | awk -F. "{ $fnawk }")"

	# Check channel, if given
	case $t in
	    'stdout'|'stderr'|'syslog')
		local channel="$t"
		local fn=$(($fn + 1))
		;;
	    *)
		local channel="stdout"
		;;
	esac

	# Check syslog facilty, if given
	if [ "$channel" = "syslog" ]; then
		local fnawk="print \$$fn"
		local t="$(echo $level | awk -F. "{ $fnawk }")"
		case $t in
		    'local0'|'local1'|'local2'|'local3'|'local4'|'local5'|'local6'|'local7'|'daemon')
			local facility="$t"
			local fn=$(($fn + 1))
			;;
		    *)
			local facility="user"
			;;
		esac
	fi

	local fnawk="print \$$fn"
	local t="$(echo $level | awk -F. "{ $fnawk }")"

	# Map priority
	[ "$t" = "inf"      ] && local t="info"
	[ "$t" = "deb"      ] && local t="debug"
	[ "$t" = "warning"  ] && local t="warn"
	[ "$t" = "error"    ] && local t="err"
	[ "$t" = "critical" ] && local t="crit"

	# Check priority, if given
	case $t in
	    'info'|'debug'|'notice'|'warn'|'err'|'crit')
			local priority="$t"
			local fn=$(($fn + 1))
			;;
		    *)
			local priority="notice"
			;;
	esac

	local fnawk="print \$$fn"
	local t="$(echo $level | awk -F. "{ $fnawk }")"
	if [ -n "$t" ]; then
		echo $"ERROR: [ipv6_log] Loglevel isn't valid '$level' (arg 2)" >/dev/stderr
		return 1
	fi

	# Generate function text
	if [ -z "$name" ]; then
		local txt_name=""
	else
		local txt_name="[$name]"
	fi

	# Log message
	case $channel in
	    'stdout'|'stderr')
		# Generate level text
		case $priority in
		    'debug')
			local txt_level=$"DEBUG    "
			;;
		    'err')
			local txt_level=$"ERROR    "
			;;
		    'warn')
			local txt_level=$"WARN     "
			;;
		    'crit')
			local txt_level=$"CRITICAL "
			;;
		    'info')
			local txt_level=$"INFO     "
			;;
		    'notice')
			local txt_level=$"NOTICE   "
			;;
		esac

		[ -n "$txt_name" ] && local txt_name="$txt_name "

		if [ "$channel" = "stderr" ]; then
			echo "$txt_level: ${txt_name}${message}" >/dev/stderr
		elif [ "$channel" = "stdout" ]; then
			echo "$txt_level: ${txt_name}${message}"
		fi
		;;
	    'syslog')
		# note: logger resides in /usr/bin, but not used by default
		if ! [ -x /usr/bin/logger ]; then
			echo $"ERROR: [ipv6_log] Syslog is chosen, but binary 'logger' doesn't exist or isn't executable" >/dev/stderr
			return 3
		fi
		if [ -z "$txt_name" ]; then
			/usr/bin/logger -p $facility.$priority $message
		else
			/usr/bin/logger -p $facility.$priority -t "$txt_name" "$message"
		fi
		;;
	    *)
		echo $"ERROR: [ipv6_log] Cannot log to channel '$channel'" >/dev/stderr
		return 3
		;;
	esac

	return 0
}


###### Beginning of main code here, always executed on "source|. network-functions-ipv6"



###### End of main code here


##### Test for IPv6 capabilites
# $1: (optional) testflag: currently supported: "testonly" (do not load a module)
# return code: 0=ok 2=IPv6 test fails
ipv6_test() {
	local fn="ipv6_test"

	local testflag=$1

	if ! [ -f /proc/net/if_inet6 ]; then
		if [ "$testflag" = "testonly" ]; then
			return 2
		else
			modprobe ipv6

			if ! [ -f /proc/net/if_inet6 ]; then
				#	ipv6_log $"Kernel is not compiled with IPv6 support" crit $fn
				return 2
			fi
		fi
	fi

	if ! [ -d /proc/sys/net/ipv6/conf/ ]; then
		return 2
	fi

	return 0
}

##### Static IPv6 route configuration

# Set static IPv6 route
#  $1: <IPv6 network> : to route
#  $2: <IPv6 gateway> : over which $1 should be routed (if "::", gw will be skipped)
#  $3: [<Interface>] : (optional)
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem adding route
ipv6_add_route() {
	local fn="ipv6_add_route"

	local networkipv6=$1
	local gatewayipv6=$2
	local device=$3		# maybe empty

	if [ -z "$networkipv6" ]; then
		ipv6_log $"Missing parameter 'IPv6-network' (arg 1)" err $fn
		return 1
	fi

	if [ -z "$gatewayipv6" ]; then
		ipv6_log $"Missing parameter 'IPv6-gateway' (arg 2)" err $fn
		return 1
	fi

	ipv6_test || return 2

	ipv6_test_ipv6_addr_valid $networkipv6 || return 2
	ipv6_test_ipv6_addr_valid $gatewayipv6 || return 2

	if [ -z "$device" ]; then
		local returntxt="$(/sbin/ip -6 route add $networkipv6 via $gatewayipv6 metric 1 2>&1)"
	else
		if [ "$gatewayipv6" = "::" ]; then
			local returntxt="$(/sbin/ip -6 route add $networkipv6 dev $device metric 1 2>&1)"
		else
			local returntxt="$(/sbin/ip -6 route add $networkipv6 via $gatewayipv6 dev $device metric 1 2>&1)"
		fi
	fi

	if [ -n "$returntxt" ]; then
		if echo $returntxt | LC_ALL=C grep -q "File exists"; then
			# Netlink: "File exists"
			true
		elif echo $returntxt | LC_ALL=C grep -q "No route to host"; then
			# Netlink: "No route to host"
			ipv6_log $"'No route to host' adding route '$networkipv6' via gateway '$gatewayipv6' through device '$device'" warn $fn
			return 3
		else
			ipv6_log $"Unknown error" warn $fn
			return 3
		fi
	fi

	return 0
}

##### automatic tunneling configuration

## Configure automatic tunneling up
# return code: 0=ok 2=IPv6 test fails 3=major problem
ipv6_enable_autotunnel() {
	local fn="ipv6_enable_autotunnel"

	ipv6_test || return 2

	# enable IPv6-over-IPv4 tunnels
	if ipv6_test_device_status sit0; then
		true
	else
		# bring up basic tunnel device
		/sbin/ip link set sit0 up

			if ! ipv6_test_device_status sit0; then
				ipv6_log $"Tunnel device 'sit0' enabling didn't work" err $fn
				return 3
			fi

		# Set sysctls proper (regardless "default")
		/sbin/sysctl -e -w net.ipv6.conf.sit0.forwarding=1 >/dev/null 2>&1
		/sbin/sysctl -e -w net.ipv6.conf.sit0.accept_ra=0 >/dev/null 2>&1
		/sbin/sysctl -e -w net.ipv6.conf.sit0.accept_redirects=0 >/dev/null 2>&1
	fi

	return 0
}

##### Interface configuration

## Add an IPv6 address for given interface
#  $1: <Interface>
#  $2: <IPv6 address[/prefix]>
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_add_addr_on_device() {
	local fn="ipv6_add_addr_on_device"

	local device=$1
	local address=$2

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	if [ -z "$address" ]; then
		ipv6_log $"Missing parameter 'IPv6-address' (arg 2)" err $fn
		return 1
	fi

	ipv6_test || return 2

	ipv6_test_ipv6_addr_valid $address || return 1

	ipv6_test_device_status $device
	local result=$?

	if [ "$result" = "0" ]; then
		true
	elif [ "$result" != "11" ]; then
		ipv6_log $"Device '$device' doesn't exist" err $fn
		return 3
	else
		/sbin/ip link set $device up

			if ! ipv6_test_device_status $device; then
				ipv6_log $"Device '$device' enabling didn't work" err $fn
				return 3
			fi
	fi

	# Extract address parts
	local prefixlength_implicit="$(echo $address | awk -F/ '{ print $2 }')"
	local address_implicit="$(echo $address | awk -F/ '{ print $1 }')"

	# Check prefix length and using '64' as default
	if [ -z "$prefixlength_implicit" ]; then
		local prefixlength_implicit="64"
		local address="$address_implicit/$prefixlength_implicit"
	fi

	/sbin/ip -6 addr replace $address dev $device
	local result=$?

	if [ $result -eq 2 ]; then
		return 0
	elif [ $result -ne 0 ]; then
		ipv6_log $"Cannot add IPv6 address '$address' on dev '$device'" err $fn
		return 3
	fi

	return 0
}


## Remove all IPv6 routes and addresses on given interface (cleanup to prevent kernel crashes)
#  $1: <Interface>
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_cleanup_device() {
	local fn="ipv6_cleanup_device"

	local device=$1

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	ipv6_test testonly || return 2

	# Remove all IPv6 routes through this device (but not "lo")
	if [ "$device" != "lo" ]; then
		/sbin/ip -6 route flush dev $device scope global >/dev/null 2>&1
		/sbin/ip -6 route flush dev $device scope site   >/dev/null 2>&1
	fi

	# Remove all IPv6 addresses on this interface
	/sbin/ip -6 addr flush dev $device scope global >/dev/null 2>&1
	/sbin/ip -6 addr flush dev $device scope site   >/dev/null 2>&1

	return 0
}


## Remove all IPv6 6to4 related routes and addresses on given interface
#  $1: <Interface>
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_cleanup_6to4_device() {
	local fn="ipv6_cleanup_6to4_device"

	local device=$1

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	ipv6_test testonly || return 2

	# Cleanup 6to4 addresses on this device
	/sbin/ip -6 addr show dev $dev scope global permanent | LC_ALL=C grep -w inet6 | awk '{ print $2}' | LC_ALL=C grep "^2002:" | while read addr; do
		/sbin/ip -6 addr del ${addr} dev ${dev}
	done

	# Get all IPv6 routes through given interface related to 6to4 and remove them
	/sbin/ip -6 route show dev $device | LC_ALL=C grep "^2002:" | while read ipv6net dummy; do
		/sbin/ip -6 route del $ipv6net dev $device
	done

	return 0
}


##### Some address test functions

## Test a given IPv6 address for validity
#  $1: <IPv6 address>
# return code: 0=ok 1=not valid
ipv6_test_ipv6_addr_valid() {
	ipcalc -cs6 $1
}


## Test a given IPv4 address for validity
#  $1: <IPv4 address>
# return code: 0=ok 1=not valid
ipv6_test_ipv4_addr_valid() {
	ipcalc -cs4 $1
}


## Test a given IPv4 address for not a private but unicast one
#  $1: <IPv4 address>
# return code: 0=ok 1=argument error 10=private or not unicast
ipv6_test_ipv4_addr_global_usable() {
	local fn="ipv6_test_ipv4_addr_global_usable"

	local testipv4addr_globalusable=$1


	if [ -z "$testipv4addr_globalusable" ]; then
		return 1
	fi

	# Test for a globally usable IPv4 address now
		# test 0.0.0.0/8
		/bin/ipcalc --network $testipv4addr_globalusable 255.0.0.0   | LC_ALL=C grep -q "NETWORK=0\.0\.0\.0"     && return 10
		# test 10.0.0.0/8     (RFC 1918 / private)
		/bin/ipcalc --network $testipv4addr_globalusable 255.0.0.0   | LC_ALL=C grep -q "NETWORK=10\.0\.0\.0"    && return 10
		# test 127.0.0.0/8    (loopback)
		/bin/ipcalc --network $testipv4addr_globalusable 255.0.0.0   | LC_ALL=C grep -q "NETWORK=127\.0\.0\.0"   && return 10
		# test 169.254.0.0/16 (APIPA / DHCP link local)
		/bin/ipcalc --network $testipv4addr_globalusable 255.255.0.0 | LC_ALL=C grep -q "NETWORK=169\.254\.0\.0" && return 10
		# test 172.16.0.0/12  (RFC 1918 / private)
		/bin/ipcalc --network $testipv4addr_globalusable 255.240.0.0 | LC_ALL=C grep -q "NETWORK=172\.16\.0\.0"  && return 10
		# test 192.168.0.0/16 (RFC 1918 / private)
		/bin/ipcalc --network $testipv4addr_globalusable 255.255.0.0 | LC_ALL=C grep -q "NETWORK=192\.168\.0\.0" && return 10
		# test 224.0.0.0/3    (multicast and reserved, broadcast)
		/bin/ipcalc --network $testipv4addr_globalusable 224.0.0.0   | LC_ALL=C grep -q "NETWORK=224\.0\.0\.0"   && return 10

	return 0
}


## Test a given device for status
#  $1: <Interface>
# return code: 0=ok 1=argument error 10=not exists 11=down
ipv6_test_device_status() {
	local fn="ipv6_test_device_status"

	local device=$1

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	# Test if device exists
	if [ ! -d "/sys/class/net/${device}" ]; then
		# not exists
		return 10
	fi

	# Test if device is up
	if /sbin/ip link show dev $device 2>/dev/null | LC_ALL=C grep -q "UP"; then
		# up
		return 0
	else
		# down
		return 11
	fi
}


## Create 6to4 prefix
#  $1: <IPv4 address>
# stdout: <6to4address>
# return code: 0=ok 1=argument error
ipv6_create_6to4_prefix() {
	local fn="ipv6_create_6to4_prefix"

	local ipv4addr=$1

	if [ -z "$ipv4addr" ]; then
		ipv6_log $"Missing parameter 'IPv4 address' (arg 1)" stderr.err $fn
	fi

	local major1="$(echo $ipv4addr | awk -F. '{ print $1 }')"
	local minor1="$(echo $ipv4addr | awk -F. '{ print $2 }')"
	local major2="$(echo $ipv4addr | awk -F. '{ print $3 }')"
	local minor2="$(echo $ipv4addr | awk -F. '{ print $4 }')"

	if [ -z "$major1" -o -z "$minor1" -o -z "$major2" -o -z "$minor2" ]; then
		return 1
	fi

	if [ $major1 -eq 0 ]; then
		local block1="$(printf "%x" $minor1)"
	else
		local block1="$(printf "%x%02x" $major1 $minor1)"
	fi
	if [ $major2 -eq 0 ]; then
		local block2="$(printf "%x" $minor2)"
	else
		local block2="$(printf "%x%02x" $major2 $minor2)"
	fi

	local prefix6to4="2002:$block1:$block2"

	echo "$prefix6to4"
	return 0
}


## Check and create 6to4 tunnel relay address
#  $1: <IPv4 address|IPv6to4 address>
# stdout: <tunnel relay address>
# return code: 0=ok 1=argument error
ipv6_create_6to4_relay_address() {
	local fn="ipv6_create_6to4_relay_address"

	local addr=$1

	if [ -z "$addr" ]; then
		ipv6_log $"Missing parameter 'address' (arg 1)" stderr.err $fn
		return 1
	fi

	# Check
	if ipv6_test_ipv4_addr_valid $addr ; then
		# ok, a IPv4 one
		if ipv6_test_ipv4_addr_global_usable $addr; then
			# IPv4 globally usable
			local ipv6to4_relay="::$addr"
		else
			ipv6_log $"Given address '$addr' is not a global IPv4 one (arg 1)" stderr.err $fn
			return 1
		fi
	else
		ipv6_log $"Given address '$addr' is not a valid IPv4 one (arg 1)" stderr.err $fn
		return 1
	fi

	echo "$ipv6to4_relay"

	return 0
}


##### 6to4 tunneling setup

## Configure 6to4 tunneling up
#  $1: <Interface> : only "tun6to4" is supported
#  $2: <IPv4 address> : global IPv4 address of interface (will be used to generate 6to4 prefix)
#  $3: [<IPv6 suffix>] : for 6to4 prefix (optional, default is "::1")
#  $4: [<MTU>] : MTU of tunnel device (optional, default is automatic)
#  $5: [<IPv4 address>] : local IPv4 address of tunnel interface (required in case of 6to4 behind NAT)
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_add_6to4_tunnel() {
	local fn="ipv6_add_6to4_tunnel"

	local device=$1
	local globalipv4=$2
	local globalipv6to4suffix=$3
	local mtu=$4
	local localipv4=$5

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	if [ -z "$globalipv4" ]; then
		ipv6_log $"Missing parameter 'global IPv4 address' (arg 2)" err $fn
		return 1
	fi

	# Check device
	if [ "$device" != "tun6to4" ]; then
		ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn
		return 1
	fi

	# Copy global IPv4 address to local if last one is not given
	if [ -z "$localipv4" ]; then
		localipv4="$globalipv4"
	fi

	ipv6_test || return 2

	# Generate 6to4 address
	local prefix6to4="$(ipv6_create_6to4_prefix $globalipv4)"
	if [ $? -ne 0 -o -z "$prefix6to4" ]; then
		return 3
	fi

	if [ -z "$globalipv6to4suffix" ]; then
		local address6to4="${prefix6to4}::1/16"
	else
		local address6to4="${prefix6to4}::${globalipv6to4suffix}/16"
	fi

		ipv6_add_tunnel_device tun6to4 0.0.0.0 $address6to4 $localipv4
		if [ $? -ne 0 ]; then
			local retval=3
		else
			local retval=0
		fi

		# Add unspecific unreachable route for local 6to4 address space
		/sbin/ip route add unreach ${prefix6to4}::/48

	# Set MTU, if given
	if [ -n "$mtu" ]; then
		ipv6_set_mtu $device $mtu
	fi

	return $retval
}


## Configure all 6to4 tunneling down
#  $1: <Interface> : only "tun6to4" is supported
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_cleanup_6to4_tunnels() {
	local fn="ipv6_cleanup_6to4_tunnels"

	local device=$1

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	# Check device
	if [ "$device" != "tun6to4" ]; then
		ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn
		return 1
	fi

	ipv6_test testonly || return 2

		ipv6_del_tunnel_device tun6to4

		# Remove all unspecific unreachable routes for local 6to4 address space
		/sbin/ip -6 route | LC_ALL=C grep "^unreachable 2002:" | LC_ALL=C grep "/48 dev lo" | while read token net rest; do
			/sbin/ip route del unreach $net
		done

	return 0
}


## Configure 6to4 tunneling down
#  $1: <Interface> : only "tun6to4" is supported
#  $2: <IPv4 address> : global address of local interface
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_del_6to4_tunnel() {
	local fn="ipv6_del_6to4_tunnel"

	local device=$1
	local localipv4=$2

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	if [ -z "$localipv4" ]; then
		ipv6_log $"Missing parameter 'local IPv4 address' (arg 2)" err $fn
		return 1
	fi

	# Check device
	if [ "$device" != "tun6to4" ]; then
		ipv6_log $"Given device '$device' is not supported (arg 1)" err $fn
		return 1
	fi

	ipv6_test || return 2

		ipv6_del_tunnel_device tun6to4
		local retval=$?

		# Remove unspecific unreachable route for local 6to4 address space
		/sbin/ip route del unreach ${prefix6to4}::/48

	return $retval
}


## Configure a static tunnel device up
#  $1: <Interface>
#  $2: <IPv4 address> : of foreign tunnel
#  $3: [<IPv6 address>] : local one of a P-t-P tunnel (optional)
#  $4: [<IPv4 address>] : local one of tunnel (optional)
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_add_tunnel_device() {
	local fn="ipv6_add_tunnel_device"

	local device=$1
	local addressipv4tunnel=$2
	local addressipv6local=$3
	local addressipv4tunnellocal=$4

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	if [ -z "$addressipv4tunnel" ]; then
		ipv6_log $"Missing parameter 'IPv4-tunnel address' (arg 2)" err $fn
		return 1
	fi

	if [ -z "$addressipv4tunnellocal" ]; then
		local addressipv4tunnellocal="any"
	fi

	ipv6_test || return 2

	if ! ipv6_test_device_status $device; then
		local ttldefault="$(/sbin/sysctl -e net.ipv4.ip_default_ttl | awk '{ print $3 }')"
		if [ -z "$ttldefault" ]; then
			local ttldefault=64
		fi

		# Test whether remote IPv4 address was already applied to another tunnel
		if [ "$addressipv4tunnel" != "0.0.0.0" -a "$addressipv4tunnel" != "any" ]; then
			/sbin/ip tunnel show remote $addressipv4tunnel 2>/dev/null | LC_ALL=C grep -w "ipv6/ip" | while IFS=":" read devnew rest; do
				if [ "$devnew" != "$device" ]; then
					ipv6_log $"Given remote address '$addressipv4tunnel' on tunnel device '$device' is already configured on device '$devnew'" err $fn
					return 3
				fi
			done
		fi

		/sbin/ip tunnel add $device mode sit ttl $ttldefault remote $addressipv4tunnel local $addressipv4tunnellocal
		if [ $? -ne 0 ]; then
			return 3
		fi

		# Test, whether "ip tunnel show" reports valid content
		if ! /sbin/ip tunnel show $device 2>/dev/null | LC_ALL=C grep -q -w "remote"; then
			ipv6_log $"Tunnel device '$device' creation didn't work" err $fn
			return 3
		fi

		/sbin/ip link set $device up

		if ! ipv6_test_device_status $device; then
			ipv6_log $"Tunnel device '$device' bringing up didn't work" err $fn
			return 3
		fi

		# Set sysctls proper (regardless "default")
		/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=1 >/dev/null 2>&1
		/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1
		/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=0 >/dev/null 2>&1

		if [ -n "$addressipv6local" ]; then
			# Setup P-t-P address
			ipv6_add_addr_on_device $device $addressipv6local
			if [ $? -ne 0 ]; then
				return 3
			fi
		fi
	else
		false
	fi

	return 0
}


## Configure a static tunnel device down
#  $1: <Interface>
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_del_tunnel_device() {
	local fn="ipv6_del_tunnel_device"

	local device=$1

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	ipv6_test testonly || return 2

	if ipv6_test_device_status $device; then
		ipv6_cleanup_device $device
	else
		if [ "$device" != "sit0" ]; then
			false
		fi
	fi

	if [ "$device" != "sit0" ]; then
		if /sbin/ip tunnel show $device 2>/dev/null | LC_ALL=C grep -q -w "ipv6/ip"; then
			/sbin/ip tunnel del $device

				if ipv6_test_device_status $device; then
					return 3
				fi
		else
			false
		fi
	fi

	return 0
}


## Cleanup all dedicated tunnel devices
ipv6_cleanup_tunnel_devices() {
	local fn="ipv6_cleanup_tunnel_devices"

	ipv6_test testonly || return 2

	# Find still existing tunnel devices and shutdown and delete them

	/sbin/ip tunnel show | LC_ALL=C grep -w "ipv6/ip" | awk -F: '{ print $1 }' | while read device; do
		ipv6_del_tunnel_device $device
	done

	return 0
}


## Get address of a dedicated tunnel
#  $1: <Interface>
#  $2: local|remote : local or remote address
# stdout: <IPv4 address> if available
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_get_ipv4addr_of_tunnel() {
	local fn="ipv6_get_local_ipv4_of_tunnel"

	local device=$1
	local selection=$2

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" stderr.err $fn
		return 1
	fi

	if [ -z "$selection" ]; then
		ipv6_log $"Missing parameter 'selection' (arg 2)" stderr.err $fn
		return 1
	fi
	if [ "$selection" != "local" -a "$selection" != "remote" ]; then
		ipv6_log $"Unsupported selection '$selection' specified (arg 2)" stderr.err $fn
		return 1
	fi

	ipv6_test testonly || return 2

	ipv6_test_device_status $device

	if [ $? != 0 -a $? != 11 ]; then
		# Device doesn't exist
		return 3
	fi

	# Device exists, retrieve address
	if [ "$selection" = "local" ]; then
		local tunnel_local_ipv4addr="$(/sbin/ip tunnel show $device | awk '{ print $6 }')"
	elif [ "$selection" = "remote" ]; then
		local tunnel_local_ipv4addr="$(/sbin/ip tunnel show $device | awk '{ print $4 }')"
	fi

	if [ $? != 0 ]; then
		return 3
	fi

	if [ "$tunnel_local_ipv4addr" = "any" ]; then
		local tunnel_local_ipv4addr="0.0.0.0"
	fi

	echo "$tunnel_local_ipv4addr"

	return 0
}


## Get IPv4 address of a device
#  $1: <Interface>
# stdout: <IPv4 address> if available
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem (more than one IPv4 address applied)
ipv6_get_ipv4addr_of_device() {
	local fn="ipv6_get_ipv4addr_of_device"

	local device=$1

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" stderr.err $fn
		return 1
	fi

	ipv6_test_device_status $device

	if [ $? != 0 -a $? != 11 ]; then
		# Device doesn't exist
		return 3
	fi

	# Device exists, retrieve the first address only
	local ipv4addr="$(/sbin/ip -o -4 addr show dev $device | awk '{ print $4 }' | awk -F/ '{ print $1; exit }')"

	if [ $? != 0 ]; then
		return 3
	fi

	if [ "$ipv4addr" = "any" ]; then
		local ipv4addr="0.0.0.0"
	fi

	echo "$ipv4addr"

	return 0
}


## Set IPv6 MTU for a device
#  $1: <Interface>
#  $2: <IPv6 MTU>
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_set_mtu() {
	local fn="ipv6_set_mtu"

	local device=$1
	local ipv6_mtu=$2

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	if [ -z "$ipv6_mtu" ]; then
		ipv6_log $"Missing parameter 'IPv6 MTU' (arg 2)" err $fn
		return 1
	fi

	# Check range
	if [ $ipv6_mtu -lt 1280 -o $ipv6_mtu -gt 65535 ]; then
		ipv6_log $"Given IPv6 MTU '$ipv6_mtu' is out of range" err $fn
		return 1
	fi

	ipv6_test testonly || return 2

	# Set value
	/sbin/ip link set dev $device mtu $ipv6_mtu

	return 0
}


## Set a default route
#  $1: <IPv6 address> : gateway, can also contain scope suffix (device name), cause a warning if not matching with $2 (but will have precedence)
#  $2: <gateway device>: gateway device (optional in case of $1 is a global address or $1 contains scope suffix)
#  $3: <check device>: (optional) device to check scope and gateway device against (setup is skipped, if not matching)
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_set_default_route() {
	local fn="ipv6_set_default_route"

	local address=$1
	local device=$2
	local device_check=$3

	ipv6_test testonly || return 2

	# Map the unspecified address to nothing
	if [ "$address" = "::" ]; then
		local address=""
	fi

	if [ -n "$address" ]; then
		local addressgw=$(echo $address | awk -F% '{ print $1 }')
		local device_scope=$(echo $address | awk -F% '{ print $2 }')

		if [ -z "$addressgw" ]; then
			ipv6_log $"Given IPv6 default gateway '$address' is not in proper format" err $fn
			return 3
		fi

		# Scope device has precedence
		if [ -n "$device_scope" -a -n "$device" -a "$device_scope" != "$device" ]; then
			ipv6_log $"Given IPv6 default gateway '$address' has scope '$device_scope' defined, given default gateway device '$device' will be not used" inf $fn
			local device=""
		fi

		# Link local addresses require a device
		if echo $addressgw | LC_ALL=C grep -qi "^fe80:"; then
			if [ -z "$device_scope" ]; then
				if [ -z "$device" ]; then
					ipv6_log $"Given IPv6 default gateway '$address' is link-local, but no scope or gateway device is specified" err $fn
					return 3
				fi
			fi
		fi

		# Check whether the route belongs to the specific given interface
		if [ -n "$device_check" ]; then
			# Check whether scope device matches given check device
			if [ -n "$device_scope" -a "$device_check" != "$device_scope" ]; then
				# scope device != specific given -> skip
				return 0
			elif [ -n "$device" -a "$device_check" != "$device" ]; then
				# gateway device != specific given -> skip
				return 0
			fi
		fi

		# Set device now, if not given
		if [ -z "$device" ]; then
			local device="$device_scope"
		fi

		if [ -z "$device" ]; then
			# Note: this can cause a warning and a not installed route, if given address is not reachable on the link
			ipv6_add_route ::/0 $addressgw
		else
			ipv6_add_route ::/0 $addressgw $device
		fi
	elif [ -n "$device" ]; then
		# Check whether the route belongs to the specific given interface
		if [ -n "$device_check" -a "$device_check" != "$device" ]; then
			# gateway device != specific given -> skip
			return 0
		fi

		ipv6_test_route_requires_next_hop $device
		local result=$?

		if [ $result = 0 ]; then
			ipv6_log $"Given IPv6 default device '$device' requires an explicit nexthop" err $fn
			return 3
		elif [ $result != 10 ]; then
			ipv6_log $"Given IPv6 default device '$device' doesn't exist or isn't up" err $fn
			return 3
		fi

		ipv6_add_route ::/0 :: $device
	else
		ipv6_log $"No parameters given to setup a default route" err $fn
		return 3
	fi

	return 0
}


## Resolve need of explicit next hop for an interface
#  $1: <Interface>
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem 10=needs no explicit hop
ipv6_test_route_requires_next_hop() {
	local fn="ipv6_test_route_requires_next_hop"

	local device=$1

	if [ -z "$device" ]; then
		ipv6_log $"Missing parameter 'device' (arg 1)" err $fn
		return 1
	fi

	ipv6_test testonly || return 2

	ipv6_test_device_status $device

	if [ $? != 0 ]; then
		return 3
	fi

	if [ "$device" = "sit0" ]; then
		return 10
	fi

	if /sbin/ip -o link show $device 2>/dev/null |  LC_ALL=C grep -q "POINTOPOINT"; then
		return 10
	fi

	return 0
}


## Trigger radvd
#  $1: up|down : device reason for triggering (coming up or going down)
#  $2: [startstop|restart|reload|SIGHUP] : triger mechanism (default is "SIGHUP")
#        "startstop" : reason=up -> start, reason=down -> stop
#  $3: [<filename>] : alternative pid file  [optional]
# return code: 0=ok 1=argument error 2=IPv6 test fails 3=major problem
ipv6_trigger_radvd() {
	local fn="ipv6_trigger_radvd"

	local reason=$1
	local mechanism=$2
	local pidfile=$3

	if [ -z "$reason" ]; then
		ipv6_log $"No reason given for sending trigger to radvd" err $fn
		return 1
	fi

	if [ "$reason" != "up" -a "$reason" != "down" ]; then
		ipv6_log $"Unsupported reason '$reason' for sending trigger to radvd" err $fn
		return 1
	fi

	if [ -z "$mechanism" ]; then
		# Take default
		local mechanism="SIGHUP"
	fi

	if [ -z "$pidfile" ]; then
		local pidfile="/var/run/radvd/radvd.pid"
	fi

	# Print message and select action
	case $mechanism in
	    'startstop')
		case $reason in
		    up)
			local action="start"
			;;
		    down)
			local action="stop"
			;;
		esac
		;;
	    'reload'|'restart'|'SIGHUP')
		local action="$mechanism"
		;;
	    *)
		ipv6_log $"Unsupported mechanism '$mechanism' for sending trigger to radvd" err $fn
		return 3
		;;
	esac

	# PID file needed?
	if [ "$action" = "SIGHUP" ]; then
		if ! [ -f "$pidfile" ]; then
			if [ "$reason" = "down" ]; then
				# be quiet because triggering may have been disabled
				true
			else
				ipv6_log $"Given pidfile '$pidfile' doesn't exist, cannot send trigger to radvd" err $fn
			fi
			return 3
		fi

		# Get PID
		local pid="$(cat $pidfile)"
		if [ -z "$pid" ]; then
			# pidfile empty - strange
			ipv6_log $"Pidfile '$pidfile' is empty, cannot send trigger to radvd" err $fn
			return 3
		fi
	fi


	# Do action
	case $action in
	    'SIGHUP')
		kill -HUP $pid
		;;
	    'reload'|'restart'|'stop'|'start')
			if ! /sbin/chkconfig --list radvd >/dev/null 2>&1; then
				if [ "$reason" = "down" ]; then
					# be quiet because triggering may have been disabled
					true
				else
					ipv6_log $"radvd not (properly) installed, triggering failed" err $fn
				fi
				return 3
			else
				/sbin/service radvd $action >/dev/null 2>&1
			fi
		;;
	    *)
		# Normally not reached, "action" is set above to proper value
		;;
	esac

	return 0
}

Copyright 2K16 - 2K18 Indonesian Hacker Rulez