#!/bin/sh # # (c) 1999,2000,2001,2002,2003,2004,2005,2014 - Tom Eastep (teastep@shorewall.net) # # On most distributions, this file should be called /etc/init.d/shorewall. # # Complete documentation is available at http://shorewall.org # # This program is part of Shorewall. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by the # Free Software Foundation, either version 2 of the license or, at your # option, any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, see . # # Commands are: # # ipv6 start Starts ipv6 # ipv6 restart Restarts ipv6 # ipv6 reload Restarts ipv6 # ipv6 stop Stops ipv6 # ipv6 status Displays ipv6 status # # chkconfig: 2345 4 99 # description: Configure a 6to4 tunnel ### BEGIN INIT INFO # Provides: ipv6 # Required-Start: boot.udev # Required-Stop: # Default-Start: 2 3 5 # Default-Stop: 0 1 6 # Description: starts and stops ipv6 ### END INIT INFO ################################################################################ # Interfaces to be configured # # External Interface # SIT="sit1" # # If the external interface is a 6to4 tunnel (sit device) then specify the # IPv4 address here. Otherwise, leave this variable enpty # ADDRESS4=206.124.146.180 # # Internal interfaces of the firewall -- space separated # INTERFACES="eth0" # # Bits 48-63 of the first internal interface address. Will be incremented # for each additional internal interface. # SLA=1 # # Default Gateway -- for 6to4, this is ::192.88.99.1 # GATEWAY=::192.88.99.1 # # For 6to4 configurations, the ADDRESS6 variable is calculated as follows. # # For other configurations, you need to specify ADDRESS6. # # ADDRESS6 is assumed to be a 48-bit prefix. If not, then the logic for # addressing on the internal networks needs to be replaced below. # ADDRESS6=$(printf 2002:%02x%02x:%02x%02x $(echo $ADDRESS4 | tr '.' ' ')) # # The global address of $SIT # SITADDR=${ADDRESS6}::1 ################################################################################ # Give Usage Information # ################################################################################ usage() { echo "Usage: $0 start|stop|reload|restart|status" exit 1 } ################################################################################ # Start IPv6 ################################################################################ do_start() { local interface if [ -n "$SIT" ]; then if [ -n "$ADDRESS4" ]; then # # 6to4 -- create tunnel # modprobe sit /sbin/ip tunnel add $SIT mode sit ttl 64 remote any local $ADDRESS4 fi # # Configure the external IP address # /sbin/ip -6 addr add ${SITADDR} dev $SIT [ -n "$ADDRESS4" ] && /sbin/ip link set dev $SIT up [ -n "$GATEWAY" ] && /sbin/ip -6 route add default via $GATEWAY dev $SIT metric 1 fi for interface in $INTERFACES ; do /sbin/ip -6 addr add ${ADDRESS6}:$SLA::1/64 dev $interface SLA=$(($SLA + 1 )) done } ################################################################################ # Stop IPv6 ################################################################################ do_stop() { local interface local device device=1 local original_sla original_sli=$SLA if [ -n "$SIT" ]; then if [ -n "$ADDRESS4" ]; then /sbin/ip link set $SIT down else /sbin/ip -6 addr del ${SITADDR} dev $SIT [ -n "$GATEWAY" ] && /sbin/ip -6 route del default via $GATEWAY dev $SIT metric 1 fi [ -n "$ADDRESS4" ] && /sbin/ip tunnel del $SIT fi for interface in $INTERFACES; do /sbin/ip -6 addr del ${ADDRESS6}:$SLA::1/64 dev $interface SLA=$(($SLA + 1 )) done SLA=$original_sla #In case this is a restart/reload } ################################################################################ # E X E C U T I O N B E G I N S H E R E # ################################################################################ command="$1" case "$command" in start) do_start ;; stop) do_stop ;; restart|reload) do_stop do_start ;; status) /sbin/ip -6 addr list /sbin/ip -6 route list ;; *) usage ;; esac