1 #!/sbin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # 23 # Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved. 24 25 # This script configures IP routing. 26 27 . /lib/svc/share/smf_include.sh 28 29 # 30 # In a shared-IP zone we need this service to be up, but all of the work 31 # it tries to do is irrelevant (and will actually lead to the service 32 # failing if we try to do it), so just bail out. 33 # In the global zone and exclusive-IP zones we proceed. 34 # 35 smf_configure_ip || exit $SMF_EXIT_OK 36 37 # 38 # If routing.conf file is in place, and has not already been read in 39 # by previous invokation of routeadm, legacy configuration is upgraded 40 # by this call to "routeadm -u". This call is also needed when 41 # a /var/svc/profile/upgrade file is found, as it may contain routeadm commands 42 # which need to be applied. Finally, routeadm starts in.ndpd by 43 # enabling the ndp service (in.ndpd), which is required for IPv6 address 44 # autoconfiguration. It would be nice if we could do this in 45 # network/loopback, but since the SMF backend is read-only at that 46 # point in boot, we cannot. 47 # 48 /sbin/routeadm -u 49 50 # 51 # Are we routing dynamically? routeadm(1M) reports this in the 52 # "current" values of ipv4/6-routing - if either are true, we are running 53 # routing daemons (or at least they are enabled to run). 54 # 55 dynamic_routing_test=`/sbin/routeadm -p | \ 56 nawk '/^ipv[46]-routing [.]*/ { print $2 }' | /usr/bin/grep "current=enabled"` 57 if [ -n "$dynamic_routing_test" ]; then 58 dynamic_routing="true" 59 fi 60 61 # 62 # Configure default IPv4 routers using the local "/etc/defaultrouter" 63 # configuration file. The file can contain the hostnames or IP 64 # addresses of one or more default routers. If hostnames are used, 65 # each hostname must also be listed in the local "/etc/hosts" file 66 # because NIS is not running at the time that this script is 67 # run. Each router name or address is listed on a single line by 68 # itself in the file. Anything else on that line after the router's 69 # name or address is ignored. Lines that begin with "#" are 70 # considered comments and ignored. 71 # 72 # The default routes listed in the "/etc/defaultrouter" file will 73 # replace those added by the kernel during diskless booting. An 74 # empty "/etc/defaultrouter" file will cause the default route 75 # added by the kernel to be deleted. 76 # 77 # Note that the default router file is ignored if we received routes 78 # from a DHCP server. Our policy is to always trust DHCP over local 79 # administration. 80 # 81 smf_netstrategy 82 83 if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && \ 84 [ -n "`/sbin/dhcpinfo Router`" ]; then 85 defrouters=`/sbin/dhcpinfo Router` 86 elif [ -f /etc/defaultrouter ]; then 87 defrouters=`/usr/bin/grep -v \^\# /etc/defaultrouter | \ 88 /usr/bin/awk '{print $1}'` 89 if [ -n "$defrouters" ]; then 90 # 91 # We want the default router(s) listed in 92 # /etc/defaultrouter to replace the one added from the 93 # BOOTPARAMS WHOAMI response but we must avoid flushing 94 # the last route between the running system and its 95 # /usr file system. 96 # 97 98 # First, remember the original route. 99 shift $# 100 set -- `/usr/bin/netstat -rn -f inet | \ 101 /usr/bin/grep '^default'` 102 route_IP="$2" 103 104 # 105 # Next, add those from /etc/defaultrouter. While doing 106 # this, if one of the routes we add is for the route 107 # previously added as a result of the BOOTPARAMS 108 # response, we will see a message of the form: 109 # "add net default: gateway a.b.c.d: entry exists" 110 # 111 do_delete=yes 112 for router in $defrouters; do 113 route_added=`/usr/sbin/route -n add default \ 114 -gateway $router` 115 res=$? 116 set -- $route_added 117 [ $res -ne 0 -a "$5" = "$route_IP:" ] && do_delete=no 118 done 119 120 # 121 # Finally, delete the original default route unless it 122 # was also listed in the defaultrouter file. 123 # 124 if [ -n "$route_IP" -a $do_delete = yes ]; then 125 /usr/sbin/route -n delete default \ 126 -gateway $route_IP >/dev/null 127 fi 128 else 129 /usr/sbin/route -fn > /dev/null 130 fi 131 else 132 defrouters= 133 fi 134 135 # 136 # Use routeadm(1M) to configure forwarding and launch routing daemons 137 # for IPv4 and IPv6 based on preset values. These settings only apply 138 # to the global zone. For IPv4 dynamic routing, the system will default 139 # to disabled if a default route was previously added via BOOTP, DHCP, 140 # or the /etc/defaultrouter file. routeadm also starts in.ndpd. 141 # 142 if [ "$dynamic_routing" != "true" ] && [ -z "$defrouters" ]; then 143 # 144 # No default routes were setup by "route" command above. 145 # Check the kernel routing table for any other default 146 # routes. 147 # 148 /usr/bin/netstat -rn -f inet | \ 149 /usr/bin/grep default >/dev/null 2>&1 && defrouters=yes 150 fi 151 152 # 153 # The routeadm/ipv4-routing-set property is true if the administrator 154 # has run "routeadm -e/-d ipv4-routing". If not, we revert to the 155 # appropriate defaults. We no longer run "routeadm -u" on every boot 156 # however, as persistent daemon state is now controlled by SMF. 157 # 158 ipv4_routing_set=`/usr/bin/svcprop -p routeadm/ipv4-routing-set $SMF_FMRI` 159 if [ -z "$defrouters" ]; then 160 # 161 # Set default value for ipv4-routing to enabled. If routeadm -e/-d 162 # has not yet been run by the administrator, we apply this default. 163 # The -b option is project-private and informs routeadm not 164 # to treat the enable as administrator-driven. 165 # 166 /usr/sbin/svccfg -s $SMF_FMRI \ 167 setprop routeadm/default-ipv4-routing = true 168 if [ "$ipv4_routing_set" = "false" ]; then 169 /sbin/routeadm -b -e ipv4-routing -u 170 fi 171 else 172 # 173 # Default router(s) have been found, so ipv4-routing default value 174 # should be disabled. If routaedm -e/d has not yet been run by 175 # the administrator, we apply this default. The -b option is 176 # project-private and informs routeadm not to treat the disable as 177 # administrator-driven. 178 # 179 /usr/sbin/svccfg -s $SMF_FMRI \ 180 setprop routeadm/default-ipv4-routing = false 181 if [ "$ipv4_routing_set" = "false" ]; then 182 /sbin/routeadm -b -d ipv4-routing -u 183 fi 184 fi 185 186 # 187 # See if static routes were created by install. If so, they were created 188 # under /etc/svc/volatile. Copy them into their proper place. 189 # 190 if [ -f /etc/svc/volatile/etc/inet/static_routes ]; then 191 echo "Installing persistent routes" 192 if [ -f /etc/inet/static_routes ]; then 193 cat /etc/svc/volatile/etc/inet/static_routes | grep -v '^#' \ 194 >> /etc/inet/static_routes 195 else 196 cp /etc/svc/volatile/etc/inet/static_routes \ 197 /etc/inet/static_routes 198 fi 199 /usr/bin/rm /etc/svc/volatile/etc/inet/static_routes 200 201 fi 202 203 # 204 # Read /etc/inet/static_routes and add each route. 205 # 206 if [ -f /etc/inet/static_routes ]; then 207 echo "Adding persistent routes:" 208 /usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes | while read line; do 209 /usr/sbin/route add $line 210 done 211 fi 212 213 # Clear exit status. 214 exit $SMF_EXIT_OK