Indent.

2014-04-29 09:58:18 +00:00 · 2014-04-29 09:58:18 +00:00 · a270487d77
parent 4f67388957
commit a270487d77
1 changed files with 210 additions and 210 deletions
--- a/etc/rc.d/network
+++ b/etc/rc.d/network
@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: network,v 1.65 2014/04/29 09:56:16 uebayasi Exp $
+# $NetBSD: network,v 1.66 2014/04/29 09:58:18 uebayasi Exp $
 #

 # PROVIDE: network
@ -116,87 +116,87 @@ network_start_ipv6_route()
 {
 	# IPv6 routing setups, and host/router mode selection.
 	#
-		# We have IPv6 support in kernel.
+	# We have IPv6 support in kernel.

-		# disallow link-local unicast dest without outgoing scope
-		# identifiers.
-		#
-		/sbin/route -q add -inet6 fe80:: -prefixlen 10 ::1 -reject
+	# disallow link-local unicast dest without outgoing scope
+	# identifiers.
+	#
+	/sbin/route -q add -inet6 fe80:: -prefixlen 10 ::1 -reject

-		# disallow the use of the RFC3849 documentation address
-		#
-		/sbin/route -q add -inet6 2001:db8:: -prefixlen 32 ::1 -reject
+	# disallow the use of the RFC3849 documentation address
+	#
+	/sbin/route -q add -inet6 2001:db8:: -prefixlen 32 ::1 -reject

-		# IPv6 site-local scoped address prefix (fec0::/10)
-		# has been deprecated by RFC3879.
-		#
-		if [ -n "$ip6sitelocal" ]; then
-			warn "\$ip6sitelocal is no longer valid"
+	# IPv6 site-local scoped address prefix (fec0::/10)
+	# has been deprecated by RFC3879.
+	#
+	if [ -n "$ip6sitelocal" ]; then
+		warn "\$ip6sitelocal is no longer valid"
+	fi
+
+	# disallow "internal" addresses to appear on the wire.
+	#
+	/sbin/route -q add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
+
+	# disallow packets to malicious IPv4 compatible prefix
+	#
+	/sbin/route -q add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject
+	/sbin/route -q add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject
+	/sbin/route -q add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject
+	/sbin/route -q add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject
+
+	# disallow packets to malicious 6to4 prefix
+	#
+	/sbin/route -q add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
+	/sbin/route -q add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject
+	/sbin/route -q add -inet6 2002:0000:: -prefixlen 24 ::1 -reject
+	/sbin/route -q add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject
+
+	# Completely disallow packets to IPv4 compatible prefix.
+	# This may conflict with RFC1933 under following circumstances:
+	# (1) An IPv6-only KAME node tries to originate packets to IPv4
+	#     compatible destination.  The KAME node has no IPv4
+	#     compatible support.  Under RFC1933, it should transmit
+	#     native IPv6 packets toward IPv4 compatible destination,
+	#     hoping it would reach a router that forwards the packet
+	#     toward auto-tunnel interface.
+	# (2) An IPv6-only node originates a packet to IPv4 compatible
+	#     destination.  A KAME node is acting as an IPv6 router, and
+	#     asked to forward it.
+	# Due to rare use of IPv4 compatible address, and security
+	# issues with it, we disable it by default.
+	#
+	/sbin/route -q add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
+
+	/sbin/sysctl -qw net.inet6.ip6.forwarding=0
+	/sbin/sysctl -qw net.inet6.ip6.accept_rtadv=0
+
+	case $ip6mode in
+	router)
+		echo 'IPv6 mode: router'
+		/sbin/sysctl -qw net.inet6.ip6.forwarding=1
+
+		# disallow unique-local unicast forwarding without
+		# explicit configuration.
+		if ! checkyesno ip6uniquelocal; then
+			/sbin/route -q add -inet6 fc00:: -prefixlen 7 \
+			    ::1 -reject
 		fi
+		;;

-		# disallow "internal" addresses to appear on the wire.
-		#
-		/sbin/route -q add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
+	autohost)
+		echo 'IPv6 mode: autoconfigured host'
+		/sbin/sysctl -qw net.inet6.ip6.accept_rtadv=1
+		;;

-		# disallow packets to malicious IPv4 compatible prefix
-		#
-		/sbin/route -q add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject
-		/sbin/route -q add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject
-		/sbin/route -q add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject
-		/sbin/route -q add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject
+	host)	
+		echo 'IPv6 mode: host'
+		;;

-		# disallow packets to malicious 6to4 prefix
-		#
-		/sbin/route -q add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
-		/sbin/route -q add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject
-		/sbin/route -q add -inet6 2002:0000:: -prefixlen 24 ::1 -reject
-		/sbin/route -q add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject
+	*)	warn "invalid \$ip6mode value "\"$ip6mode\"
+		;;

-		# Completely disallow packets to IPv4 compatible prefix.
-		# This may conflict with RFC1933 under following circumstances:
-		# (1) An IPv6-only KAME node tries to originate packets to IPv4
-		#     compatible destination.  The KAME node has no IPv4
-		#     compatible support.  Under RFC1933, it should transmit
-		#     native IPv6 packets toward IPv4 compatible destination,
-		#     hoping it would reach a router that forwards the packet
-		#     toward auto-tunnel interface.
-		# (2) An IPv6-only node originates a packet to IPv4 compatible
-		#     destination.  A KAME node is acting as an IPv6 router, and
-		#     asked to forward it.
-		# Due to rare use of IPv4 compatible address, and security
-		# issues with it, we disable it by default.
-		#
-		/sbin/route -q add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
-
-		/sbin/sysctl -qw net.inet6.ip6.forwarding=0
-		/sbin/sysctl -qw net.inet6.ip6.accept_rtadv=0
-
-		case $ip6mode in
-		router)
-			echo 'IPv6 mode: router'
-			/sbin/sysctl -qw net.inet6.ip6.forwarding=1
-
-			# disallow unique-local unicast forwarding without
-			# explicit configuration.
-			if ! checkyesno ip6uniquelocal; then
-				/sbin/route -q add -inet6 fc00:: -prefixlen 7 \
-				    ::1 -reject
-			fi
-			;;
-
-		autohost)
-			echo 'IPv6 mode: autoconfigured host'
-			/sbin/sysctl -qw net.inet6.ip6.accept_rtadv=1
-			;;
-
-		host)	
-			echo 'IPv6 mode: host'
-			;;
-
-		*)	warn "invalid \$ip6mode value "\"$ip6mode\"
-			;;
-
-		esac
+	esac
 }

 network_start_interfaces()
@ -233,112 +233,112 @@ network_start_interfaces()
 	# You can put shell script fragment into /etc/ifconfig.xxN by
 	# starting a line with "!".  Refer to ifconfig.if(5) for details.
 	#
-		ifaces="$(/sbin/ifconfig -l)"
-		if checkyesno auto_ifconfig; then
-			tmp="$ifaces"
-			for cloner in $(/sbin/ifconfig -C); do
-				for int in /etc/ifconfig.${cloner}[0-9]*; do
-					[ ! -f $int ] && break
-					tmp="$tmp ${int##*.}"
-				done
+	ifaces="$(/sbin/ifconfig -l)"
+	if checkyesno auto_ifconfig; then
+		tmp="$ifaces"
+		for cloner in $(/sbin/ifconfig -C); do
+			for int in /etc/ifconfig.${cloner}[0-9]*; do
+				[ ! -f $int ] && break
+				tmp="$tmp ${int##*.}"
 			done
-		else
-			tmp="$net_interfaces"
+		done
+	else
+		tmp="$net_interfaces"
+	fi
+	echo -n 'Configuring network interfaces:'
+	for int in $tmp; do
+		eval argslist=\$ifconfig_$int
+
+		# Skip interfaces that do not have explicit
+		# configuration information.  If auto_ifconfig is
+		# false then also warn about such interfaces.
+		#
+		if [ -z "$argslist" ] && ! [ -f /etc/ifconfig.$int ]
+		then
+			if ! checkyesno auto_ifconfig; then
+				echo
+				warn \
+		"/etc/ifconfig.$int missing and ifconfig_$int not set;"
+				warn "interface $int not configured."
+			fi
+			continue
 		fi
-		echo -n 'Configuring network interfaces:'
-		for int in $tmp; do
-			eval argslist=\$ifconfig_$int

-			# Skip interfaces that do not have explicit
-			# configuration information.  If auto_ifconfig is
-			# false then also warn about such interfaces.
-			#
-			if [ -z "$argslist" ] && ! [ -f /etc/ifconfig.$int ]
-			then
-				if ! checkyesno auto_ifconfig; then
-					echo
-					warn \
-			"/etc/ifconfig.$int missing and ifconfig_$int not set;"
-					warn "interface $int not configured."
-				fi
-				continue
+		echo -n " $int"
+
+		# Create the interface if necessary.
+		# If the interface did not exist before,
+		# then also resync ipf(4).
+		#
+		if intmissing $int $ifaces; then
+			if /sbin/ifconfig $int create && \
+			   checkyesno ipfilter; then
+				/sbin/ipf -y >/dev/null
 			fi
+		fi

-			echo -n " $int"
-
-			# Create the interface if necessary.
-			# If the interface did not exist before,
-			# then also resync ipf(4).
-			#
-			if intmissing $int $ifaces; then
-				if /sbin/ifconfig $int create && \
-				   checkyesno ipfilter; then
-					/sbin/ipf -y >/dev/null
-				fi
-			fi
-
-			# If $ifconfig_xxN is empty, then use
-			# /etc/ifconfig.xxN, which we know exists due to
-			# an earlier test.
-			#
-			# If $ifconfig_xxN is non-empty and contains a
-			# newline, then just use it as is.  (This allows
-			# semicolons through unmolested.)
-			#
-			# If $ifconfig_xxN is non-empty and does not
-			# contain a newline, then convert all semicolons
-			# to newlines.
-			#
-			case "$argslist" in
-			'')
-				cat /etc/ifconfig.$int
+		# If $ifconfig_xxN is empty, then use
+		# /etc/ifconfig.xxN, which we know exists due to
+		# an earlier test.
+		#
+		# If $ifconfig_xxN is non-empty and contains a
+		# newline, then just use it as is.  (This allows
+		# semicolons through unmolested.)
+		#
+		# If $ifconfig_xxN is non-empty and does not
+		# contain a newline, then convert all semicolons
+		# to newlines.
+		#
+		case "$argslist" in
+		'')
+			cat /etc/ifconfig.$int
+			;;
+		*"${nl}"*)
+			echo "$argslist"
+			;;
+		*)
+			(
+				set -o noglob
+				IFS=';'; set -- $argslist
+				#echo >&2 "[$#] [$1] [$2] [$3] [$4]"
+				IFS="$nl"; echo "$*"
+			)
+			;;
+		esac |
+		collapse_backslash_newline |
+		while read -r args; do
+			case "$args" in
+			''|"#"*|create)
 				;;
-			*"${nl}"*)
-				echo "$argslist"
+			"!"*)
+				# Run arbitrary command in a subshell.
+				( eval "${args#*!}" )
+				;;
+			dhcp)
+				if ! checkyesno dhcpcd; then
+					/sbin/dhcpcd -n \
+						${dhcpcd_flags} $int
+				fi
 				;;
 			*)
+				# Pass args to ifconfig.  Note
+				# that args may contain embedded
+				# shell metacharacters, such as
+				# "ssid 'foo;*>bar'". We eval
+				# one more time so that things
+				# like ssid "Columbia University" work.
 				(
 					set -o noglob
-					IFS=';'; set -- $argslist
-					#echo >&2 "[$#] [$1] [$2] [$3] [$4]"
-					IFS="$nl"; echo "$*"
+					eval set -- $args
+					#echo >&2 "[$#] [$1] [$2] [$3]"
+					/sbin/ifconfig $int "$@"
 				)
 				;;
-			esac |
-			collapse_backslash_newline |
-			while read -r args; do
-				case "$args" in
-				''|"#"*|create)
-					;;
-				"!"*)
-					# Run arbitrary command in a subshell.
-					( eval "${args#*!}" )
-					;;
-				dhcp)
-					if ! checkyesno dhcpcd; then
-						/sbin/dhcpcd -n \
-							${dhcpcd_flags} $int
-					fi
-					;;
-				*)
-					# Pass args to ifconfig.  Note
-					# that args may contain embedded
-					# shell metacharacters, such as
-					# "ssid 'foo;*>bar'". We eval
-					# one more time so that things
-					# like ssid "Columbia University" work.
-					(
-						set -o noglob
-						eval set -- $args
-						#echo >&2 "[$#] [$1] [$2] [$3]"
-						/sbin/ifconfig $int "$@"
-					)
-					;;
-				esac
-			done
-			configured_interfaces="$configured_interfaces $int"
+			esac
 		done
-		echo "."
+		configured_interfaces="$configured_interfaces $int"
+	done
+	echo "."
 }

 network_start_aliases()
@ -433,33 +433,33 @@ network_start_ipv6_autoconf()
 {
 	# IPv6 interface autoconfiguration.
 	#
-		# wait till DAD is completed. always invoke it in case
-		# if are configured manually by ifconfig
+	# wait till DAD is completed. always invoke it in case
+	# if are configured manually by ifconfig
+	#
+	echo 'Waiting for DAD completion for' \
+	    'statically configured addresses...'
+	dadcount=$(/sbin/sysctl -n net.inet6.ip6.dad_count 2>/dev/null)
+	sleep $dadcount
+	sleep 1
+
+	if checkyesno rtsol; then
+		if [ "$ip6mode" = "autohost" ]; then
+			echo 'Sending router solicitation...'
+			/sbin/rtsol $rtsol_flags
+		else
+			echo
+			warn \
+		    "ip6mode must be set to 'autohost' to use rtsol."
+		fi
+
+		# wait till DAD is completed, for global addresses
+		# configured by router advert message.
 		#
 		echo 'Waiting for DAD completion for' \
-		    'statically configured addresses...'
-		dadcount=$(/sbin/sysctl -n net.inet6.ip6.dad_count 2>/dev/null)
+		    'addresses configured by router advert message...'
 		sleep $dadcount
 		sleep 1
-
-		if checkyesno rtsol; then
-			if [ "$ip6mode" = "autohost" ]; then
-				echo 'Sending router solicitation...'
-				/sbin/rtsol $rtsol_flags
-			else
-				echo
-				warn \
-			    "ip6mode must be set to 'autohost' to use rtsol."
-			fi
-
-			# wait till DAD is completed, for global addresses
-			# configured by router advert message.
-			#
-			echo 'Waiting for DAD completion for' \
-			    'addresses configured by router advert message...'
-			sleep $dadcount
-			sleep 1
-		fi
+	fi
 }

 network_start_local()
@ -515,27 +515,27 @@ network_stop_interfaces()
 	# down interfaces
 	#
 	echo -n 'Downing network interfaces:'
-		if checkyesno auto_ifconfig; then
-			tmp=$(/sbin/ifconfig -l)
-		else
-			tmp="$net_interfaces"
-		fi
-		for int in $tmp; do
-			eval args=\$ifconfig_$int
-			if [ -n "$args" ] || [ -f /etc/ifconfig.$int ]; then
-				echo -n " $int"
-				if [ -f /var/run/dhcpcd-$int.pid ]; then
-					/sbin/dhcpcd -k $int 2> /dev/null
-				fi
-				/sbin/ifconfig $int down
-				if /sbin/ifconfig $int destroy 2>/dev/null && \
-				   checkyesno ipfilter; then
-					# resync ipf(4)
-					/sbin/ipf -y >/dev/null
-				fi
+	if checkyesno auto_ifconfig; then
+		tmp=$(/sbin/ifconfig -l)
+	else
+		tmp="$net_interfaces"
+	fi
+	for int in $tmp; do
+		eval args=\$ifconfig_$int
+		if [ -n "$args" ] || [ -f /etc/ifconfig.$int ]; then
+			echo -n " $int"
+			if [ -f /var/run/dhcpcd-$int.pid ]; then
+				/sbin/dhcpcd -k $int 2> /dev/null
 			fi
-		done
-		echo "."
+			/sbin/ifconfig $int down
+			if /sbin/ifconfig $int destroy 2>/dev/null && \
+			   checkyesno ipfilter; then
+				# resync ipf(4)
+				/sbin/ipf -y >/dev/null
+			fi
+		fi
+	done
+	echo "."
 }

 network_stop_route()