1 #!/sbin/sh
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22 #
23 # Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
24
25 # This script configures IP routing.
26
27 . /lib/svc/share/smf_include.sh
28
29 #
30 # In a shared-IP zone we need this service to be up, but all of the work
31 # it tries to do is irrelevant (and will actually lead to the service
32 # failing if we try to do it), so just bail out.
33 # In the global zone and exclusive-IP zones we proceed.
34 #
35 smf_configure_ip || exit $SMF_EXIT_OK
36
37 #
38 # If routing.conf file is in place, and has not already been read in
39 # by previous invokation of routeadm, legacy configuration is upgraded
40 # by this call to "routeadm -u". This call is also needed when
41 # a /var/svc/profile/upgrade file is found, as it may contain routeadm commands
42 # which need to be applied. Finally, routeadm starts in.ndpd by
43 # enabling the ndp service (in.ndpd), which is required for IPv6 address
44 # autoconfiguration. It would be nice if we could do this in
45 # network/loopback, but since the SMF backend is read-only at that
46 # point in boot, we cannot.
47 #
48 /sbin/routeadm -u
49
50 #
51 # Are we routing dynamically? routeadm(1M) reports this in the
52 # "current" values of ipv4/6-routing - if either are true, we are running
53 # routing daemons (or at least they are enabled to run).
54 #
55 dynamic_routing_test=`/sbin/routeadm -p | \
56 nawk '/^ipv[46]-routing [.]*/ { print $2 }' | /usr/bin/grep "current=enabled"`
57 if [ -n "$dynamic_routing_test" ]; then
58 dynamic_routing="true"
59 fi
60
61 #
62 # Configure default IPv4 routers using the local "/etc/defaultrouter"
63 # configuration file. The file can contain the hostnames or IP
64 # addresses of one or more default routers. If hostnames are used,
65 # each hostname must also be listed in the local "/etc/hosts" file
66 # because NIS is not running at the time that this script is
67 # run. Each router name or address is listed on a single line by
68 # itself in the file. Anything else on that line after the router's
69 # name or address is ignored. Lines that begin with "#" are
70 # considered comments and ignored.
71 #
72 # The default routes listed in the "/etc/defaultrouter" file will
73 # replace those added by the kernel during diskless booting. An
74 # empty "/etc/defaultrouter" file will cause the default route
75 # added by the kernel to be deleted.
76 #
77 # Note that the default router file is ignored if we received routes
78 # from a DHCP server. Our policy is to always trust DHCP over local
79 # administration.
80 #
81 smf_netstrategy
82
83 if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && \
84 [ -n "`/sbin/dhcpinfo Router`" ]; then
85 defrouters=`/sbin/dhcpinfo Router`
86 elif [ -f /etc/defaultrouter ]; then
87 defrouters=`/usr/bin/grep -v \^\# /etc/defaultrouter | \
88 /usr/bin/awk '{print $1}'`
89 if [ -n "$defrouters" ]; then
90 #
91 # We want the default router(s) listed in
92 # /etc/defaultrouter to replace the one added from the
93 # BOOTPARAMS WHOAMI response but we must avoid flushing
94 # the last route between the running system and its
95 # /usr file system.
96 #
97
98 # First, remember the original route.
99 shift $#
100 set -- `/usr/bin/netstat -rn -f inet | \
101 /usr/bin/grep '^default'`
102 route_IP="$2"
103
104 #
105 # Next, add those from /etc/defaultrouter. While doing
106 # this, if one of the routes we add is for the route
107 # previously added as a result of the BOOTPARAMS
108 # response, we will see a message of the form:
109 # "add net default: gateway a.b.c.d: entry exists"
110 #
111 do_delete=yes
112 for router in $defrouters; do
113 route_added=`/usr/sbin/route -n add default \
114 -gateway $router`
115 res=$?
116 set -- $route_added
117 [ $res -ne 0 -a "$5" = "$route_IP:" ] && do_delete=no
118 done
119
120 #
121 # Finally, delete the original default route unless it
122 # was also listed in the defaultrouter file.
123 #
124 if [ -n "$route_IP" -a $do_delete = yes ]; then
125 /usr/sbin/route -n delete default \
126 -gateway $route_IP >/dev/null
127 fi
128 else
129 /usr/sbin/route -fn > /dev/null
130 fi
131 else
132 defrouters=
133 fi
134
135 #
136 # Use routeadm(1M) to configure forwarding and launch routing daemons
137 # for IPv4 and IPv6 based on preset values. These settings only apply
138 # to the global zone. For IPv4 dynamic routing, the system will default
139 # to disabled if a default route was previously added via BOOTP, DHCP,
140 # or the /etc/defaultrouter file. routeadm also starts in.ndpd.
141 #
142 if [ "$dynamic_routing" != "true" ] && [ -z "$defrouters" ]; then
143 #
144 # No default routes were setup by "route" command above.
145 # Check the kernel routing table for any other default
146 # routes.
147 #
148 /usr/bin/netstat -rn -f inet | \
149 /usr/bin/grep default >/dev/null 2>&1 && defrouters=yes
150 fi
151
152 #
153 # The routeadm/ipv4-routing-set property is true if the administrator
154 # has run "routeadm -e/-d ipv4-routing". If not, we revert to the
155 # appropriate defaults. We no longer run "routeadm -u" on every boot
156 # however, as persistent daemon state is now controlled by SMF.
157 #
158 ipv4_routing_set=`/usr/bin/svcprop -p routeadm/ipv4-routing-set $SMF_FMRI`
159 if [ -z "$defrouters" ]; then
160 #
161 # Set default value for ipv4-routing to enabled. If routeadm -e/-d
162 # has not yet been run by the administrator, we apply this default.
163 # The -b option is project-private and informs routeadm not
164 # to treat the enable as administrator-driven.
165 #
166 /usr/sbin/svccfg -s $SMF_FMRI \
167 setprop routeadm/default-ipv4-routing = true
168 if [ "$ipv4_routing_set" = "false" ]; then
169 /sbin/routeadm -b -e ipv4-routing -u
170 fi
171 else
172 #
173 # Default router(s) have been found, so ipv4-routing default value
174 # should be disabled. If routaedm -e/d has not yet been run by
175 # the administrator, we apply this default. The -b option is
176 # project-private and informs routeadm not to treat the disable as
177 # administrator-driven.
178 #
179 /usr/sbin/svccfg -s $SMF_FMRI \
180 setprop routeadm/default-ipv4-routing = false
181 if [ "$ipv4_routing_set" = "false" ]; then
182 /sbin/routeadm -b -d ipv4-routing -u
183 fi
184 fi
185
186 #
187 # See if static routes were created by install. If so, they were created
188 # under /etc/svc/volatile. Copy them into their proper place.
189 #
190 if [ -f /etc/svc/volatile/etc/inet/static_routes ]; then
191 echo "Installing persistent routes"
192 if [ -f /etc/inet/static_routes ]; then
193 cat /etc/svc/volatile/etc/inet/static_routes | grep -v '^#' \
194 >> /etc/inet/static_routes
195 else
196 cp /etc/svc/volatile/etc/inet/static_routes \
197 /etc/inet/static_routes
198 fi
199 /usr/bin/rm /etc/svc/volatile/etc/inet/static_routes
200
201 fi
202
203 #
204 # Read /etc/inet/static_routes and add each route.
205 #
206 if [ -f /etc/inet/static_routes ]; then
207 echo "Adding persistent routes:"
208 /usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes | while read line; do
209 /usr/sbin/route add $line
210 done
211 fi
212
213 # Clear exit status.
214 exit $SMF_EXIT_OK