1 #!/sbin/sh
   2 #
   3 # CDDL HEADER START
   4 #
   5 # The contents of this file are subject to the terms of the
   6 # Common Development and Distribution License (the "License").
   7 # You may not use this file except in compliance with the License.
   8 #
   9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10 # or http://www.opensolaris.org/os/licensing.
  11 # See the License for the specific language governing permissions
  12 # and limitations under the License.
  13 #
  14 # When distributing Covered Code, include this CDDL HEADER in each
  15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16 # If applicable, add the following below this CDDL HEADER, with the
  17 # fields enclosed by brackets "[]" replaced with your own identifying
  18 # information: Portions Copyright [yyyy] [name of copyright owner]
  19 #
  20 # CDDL HEADER END
  21 #
  22 #
  23 # Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  24 
  25 # This script configures IP routing.
  26 
  27 . /lib/svc/share/smf_include.sh
  28 
  29 #
  30 # In a shared-IP zone we need this service to be up, but all of the work
  31 # it tries to do is irrelevant (and will actually lead to the service 
  32 # failing if we try to do it), so just bail out. 
  33 # In the global zone and exclusive-IP zones we proceed.
  34 #
  35 smf_configure_ip || exit $SMF_EXIT_OK
  36 
  37 #
  38 # If routing.conf file is in place, and has not already been read in
  39 # by previous invokation of routeadm, legacy configuration is upgraded
  40 # by this call to "routeadm -u".  This call is also needed when
  41 # a /var/svc/profile/upgrade file is found, as it may contain routeadm commands
  42 # which need to be applied.  Finally, routeadm starts in.ndpd by
  43 # enabling the ndp service (in.ndpd), which is required for IPv6 address
  44 # autoconfiguration. It would be nice if we could do this in
  45 # network/loopback, but since the SMF backend is read-only at that
  46 # point in boot, we cannot.
  47 #
  48 /sbin/routeadm -u
  49 
  50 #
  51 # Are we routing dynamically? routeadm(1M) reports this in the
  52 # "current" values of ipv4/6-routing - if either are true, we are running
  53 # routing daemons (or at least they are enabled to run).
  54 #
  55 dynamic_routing_test=`/sbin/routeadm -p | \
  56 nawk '/^ipv[46]-routing [.]*/ { print $2 }'  | /usr/bin/grep "current=enabled"`
  57 if [ -n "$dynamic_routing_test" ]; then
  58         dynamic_routing="true"
  59 fi
  60 
  61 #
  62 # Configure default IPv4 routers using the local "/etc/defaultrouter"
  63 # configuration file.  The file can contain the hostnames or IP
  64 # addresses of one or more default routers.  If hostnames are used,
  65 # each hostname must also be listed in the local "/etc/hosts" file
  66 # because NIS is not running at the time that this script is
  67 # run.  Each router name or address is listed on a single line by
  68 # itself in the file.  Anything else on that line after the router's
  69 # name or address is ignored.  Lines that begin with "#" are
  70 # considered comments and ignored.
  71 #
  72 # The default routes listed in the "/etc/defaultrouter" file will
  73 # replace those added by the kernel during diskless booting.  An
  74 # empty "/etc/defaultrouter" file will cause the default route
  75 # added by the kernel to be deleted.
  76 #
  77 # Note that the default router file is ignored if we received routes
  78 # from a DHCP server.  Our policy is to always trust DHCP over local
  79 # administration.
  80 #
  81 smf_netstrategy
  82 
  83 if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && \
  84     [ -n "`/sbin/dhcpinfo Router`" ]; then
  85         defrouters=`/sbin/dhcpinfo Router`
  86 elif [ -f /etc/defaultrouter ]; then
  87         defrouters=`/usr/bin/grep -v \^\# /etc/defaultrouter | \
  88             /usr/bin/awk '{print $1}'`
  89         if [ -n "$defrouters" ]; then
  90                 #
  91                 # We want the default router(s) listed in
  92                 # /etc/defaultrouter to replace the one added from the
  93                 # BOOTPARAMS WHOAMI response but we must avoid flushing
  94                 # the last route between the running system and its
  95                 # /usr file system.
  96                 #
  97 
  98                 # First, remember the original route.
  99                 shift $#
 100                 set -- `/usr/bin/netstat -rn -f inet | \
 101                     /usr/bin/grep '^default'`
 102                 route_IP="$2"
 103 
 104                 #
 105                 # Next, add those from /etc/defaultrouter.  While doing
 106                 # this, if one of the routes we add is for the route
 107                 # previously added as a result of the BOOTPARAMS
 108                 # response, we will see a message of the form:
 109                 #       "add net default: gateway a.b.c.d: entry exists"
 110                 #
 111                 do_delete=yes
 112                 for router in $defrouters; do
 113                         route_added=`/usr/sbin/route -n add default \
 114                             -gateway $router`
 115                         res=$?
 116                         set -- $route_added
 117                         [ $res -ne 0 -a "$5" = "$route_IP:" ] && do_delete=no
 118                 done
 119 
 120                 #
 121                 # Finally, delete the original default route unless it
 122                 # was also listed in the defaultrouter file.
 123                 #
 124                 if [ -n "$route_IP" -a $do_delete = yes ]; then
 125                         /usr/sbin/route -n delete default \
 126                             -gateway $route_IP >/dev/null
 127                 fi
 128         else
 129                 /usr/sbin/route -fn > /dev/null
 130         fi
 131 else
 132         defrouters=
 133 fi
 134 
 135 #
 136 # Use routeadm(1M) to configure forwarding and launch routing daemons
 137 # for IPv4 and IPv6 based on preset values.  These settings only apply
 138 # to the global zone.  For IPv4 dynamic routing, the system will default
 139 # to disabled if a default route was previously added via BOOTP, DHCP,
 140 # or the /etc/defaultrouter file.  routeadm also starts in.ndpd.
 141 #
 142 if [ "$dynamic_routing" != "true"  ] && [ -z "$defrouters" ]; then
 143         #
 144         # No default routes were setup by "route" command above.
 145         # Check the kernel routing table for any other default
 146         # routes.
 147         #
 148         /usr/bin/netstat -rn -f inet | \
 149             /usr/bin/grep default >/dev/null 2>&1 && defrouters=yes
 150 fi
 151 
 152 #
 153 # The routeadm/ipv4-routing-set property is true if the administrator
 154 # has run "routeadm -e/-d ipv4-routing".  If not, we revert to the
 155 # appropriate defaults.  We no longer run "routeadm -u" on every boot
 156 # however, as persistent daemon state is now controlled by SMF.
 157 #
 158 ipv4_routing_set=`/usr/bin/svcprop -p routeadm/ipv4-routing-set $SMF_FMRI`
 159 if [ -z "$defrouters" ]; then
 160         #
 161         # Set default value for ipv4-routing to enabled.  If routeadm -e/-d
 162         # has not yet been run by the administrator, we apply this default.
 163         # The -b option is project-private and informs routeadm not
 164         # to treat the enable as administrator-driven.
 165         #
 166         /usr/sbin/svccfg -s $SMF_FMRI \
 167             setprop routeadm/default-ipv4-routing = true
 168         if [ "$ipv4_routing_set" = "false" ]; then
 169                 /sbin/routeadm -b -e ipv4-routing -u
 170         fi
 171 else
 172         #
 173         # Default router(s) have been found,  so ipv4-routing default value
 174         # should be disabled.  If routaedm -e/d has not yet been run by
 175         # the administrator, we apply this default.  The -b option is
 176         # project-private and informs routeadm not to treat the disable as
 177         # administrator-driven.
 178         #
 179         /usr/sbin/svccfg -s $SMF_FMRI \
 180             setprop routeadm/default-ipv4-routing = false
 181         if [ "$ipv4_routing_set" = "false" ]; then
 182                 /sbin/routeadm -b -d ipv4-routing -u
 183         fi
 184 fi
 185 
 186 #
 187 # See if static routes were created by install. If so, they were created
 188 # under /etc/svc/volatile. Copy them into their proper place.
 189 #
 190 if [ -f /etc/svc/volatile/etc/inet/static_routes ]; then
 191         echo "Installing persistent routes"
 192         if [ -f /etc/inet/static_routes ]; then
 193                 cat /etc/svc/volatile/etc/inet/static_routes | grep -v '^#' \
 194                     >> /etc/inet/static_routes
 195         else
 196                 cp /etc/svc/volatile/etc/inet/static_routes \
 197                     /etc/inet/static_routes
 198         fi
 199         /usr/bin/rm /etc/svc/volatile/etc/inet/static_routes
 200         
 201 fi
 202 
 203 #
 204 # Read /etc/inet/static_routes and add each route.
 205 #
 206 if [ -f /etc/inet/static_routes ]; then
 207         echo "Adding persistent routes:"
 208         /usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes | while read line; do
 209                 /usr/sbin/route add $line
 210         done
 211 fi
 212 
 213 # Clear exit status.
 214 exit $SMF_EXIT_OK