diff options
| author | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2000-02-02 04:10:38 +0000 |
|---|---|---|
| committer | Jun-ichiro itojun Hagino <itojun@cvs.openbsd.org> | 2000-02-02 04:10:38 +0000 |
| commit | d469bc127ece5bcebc78ec03630fa44e5bbebb51 (patch) | |
| tree | 7dc560e91bb8338d2bde8327664c00a1c58930a7 /usr.sbin/rtadvd | |
| parent | 42942d73225a055c8a669d5f88a1204beb048428 (diff) | |
add -R flag (accept router renumbering). this makes rtadvd to
take the safer side (router renumbering requires certain ipsec setup).
die gracefully on SIGTERM.
Diffstat (limited to 'usr.sbin/rtadvd')
| -rw-r--r-- | usr.sbin/rtadvd/config.c | 5 | ||||
| -rw-r--r-- | usr.sbin/rtadvd/config.h | 3 | ||||
| -rw-r--r-- | usr.sbin/rtadvd/rtadvd.8 | 20 | ||||
| -rw-r--r-- | usr.sbin/rtadvd/rtadvd.c | 59 |
4 files changed, 76 insertions, 11 deletions
diff --git a/usr.sbin/rtadvd/config.c b/usr.sbin/rtadvd/config.c index 849979d4cd7..c4663bb25c9 100644 --- a/usr.sbin/rtadvd/config.c +++ b/usr.sbin/rtadvd/config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: config.c,v 1.2 1999/12/11 10:33:28 itojun Exp $ */ +/* $OpenBSD: config.c,v 1.3 2000/02/02 04:10:37 itojun Exp $ */ /* * Copyright (C) 1998 WIDE Project. @@ -66,7 +66,6 @@ #include "config.h" static void makeentry __P((char *, int, char *, int)); -static void make_packet __P((struct rainfo *)); static void get_prefix __P((struct rainfo *)); extern struct rainfo *ralist; @@ -547,7 +546,7 @@ make_prefix(struct rainfo *rai, int ifindex, struct in6_addr *addr, int plen) add_prefix(rai, &ipr); } -static void +void make_packet(struct rainfo *rainfo) { size_t packlen, lladdroptlen = 0; diff --git a/usr.sbin/rtadvd/config.h b/usr.sbin/rtadvd/config.h index 63374fe3cfa..d52b3782a00 100644 --- a/usr.sbin/rtadvd/config.h +++ b/usr.sbin/rtadvd/config.h @@ -1,4 +1,4 @@ -/* $OpenBSD: config.h,v 1.2 1999/12/11 10:33:28 itojun Exp $ */ +/* $OpenBSD: config.h,v 1.3 2000/02/02 04:10:37 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, 1998, and 1999 WIDE Project. @@ -32,3 +32,4 @@ extern void getconfig __P((char *)); extern void delete_prefix __P((struct rainfo *, struct prefix *)); extern void make_prefix __P((struct rainfo *, int, struct in6_addr *, int)); +extern void make_packet __P((struct rainfo *)); diff --git a/usr.sbin/rtadvd/rtadvd.8 b/usr.sbin/rtadvd/rtadvd.8 index 61a96d69800..b220bb92f10 100644 --- a/usr.sbin/rtadvd/rtadvd.8 +++ b/usr.sbin/rtadvd/rtadvd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: rtadvd.8,v 1.6 2000/01/12 22:51:12 itojun Exp $ +.\" $OpenBSD: rtadvd.8,v 1.7 2000/02/02 04:10:37 itojun Exp $ .\" .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. .\" All rights reserved. @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" KAME Id: rtadvd.8,v 1.2 2000/01/06 07:54:28 itojun Exp +.\" KAME Id: rtadvd.8,v 1.4 2000/02/02 03:55:44 itojun Exp .\" .Dd May 17, 1998 .Dt RTADVD 8 @@ -38,7 +38,7 @@ .Sh SYNOPSIS .Nm .Op Fl c Ar configfile -.Op Fl dDfs +.Op Fl dDfsR .Ar interface ... .Sh DESCRIPTION .Nm Rtadvd @@ -91,7 +91,21 @@ Even more debugging information is printed. Foreground mode (useful when debugging). .It Fl s Do not monitor routing table changes (static prefix). +.It Fl R +Accept router renumbering requests. +If you enable it, certain IPsec setup is suggested for security reasons. .El +.Pp +Use +.Dv SIGTERM +to kill +.Nm +gracefully. +In this case, +.Nm +will transmit router advertisement with router lifetime 0 +to all the interfaces +.Pq according to RFC2461 6.2.5 . .Sh RETURN VALUES The program exits with 0 on success, and non-zero on failures. .Sh FILES diff --git a/usr.sbin/rtadvd/rtadvd.c b/usr.sbin/rtadvd/rtadvd.c index cebb3daa5b0..e00eaa98947 100644 --- a/usr.sbin/rtadvd/rtadvd.c +++ b/usr.sbin/rtadvd/rtadvd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rtadvd.c,v 1.2 1999/12/11 10:33:29 itojun Exp $ */ +/* $OpenBSD: rtadvd.c,v 1.3 2000/02/02 04:10:37 itojun Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -68,7 +68,7 @@ struct iovec sndiov[2]; struct sockaddr_in6 from; struct sockaddr_in6 sin6_allnodes = {sizeof(sin6_allnodes), AF_INET6}; int sock, rtsock; -int accept_rr = 1; +int accept_rr = 0; int dflag = 0, sflag = 0; u_char *conffile = NULL; @@ -109,6 +109,7 @@ u_int32_t ndopt_flags[] = { }; int main __P((int, char *[])); +static void die __P((int)); static void sock_open __P((void)); static void rtsock_open __P((void)); static void rtadvd_input __P((void)); @@ -141,7 +142,7 @@ main(argc, argv) openlog(*argv, LOG_NDELAY|LOG_PID, LOG_DAEMON); /* get command line options and arguments */ - while ((ch = getopt(argc, argv, "c:dDfs")) != -1) { + while ((ch = getopt(argc, argv, "c:dDfRs")) != -1) { switch(ch) { case 'c': conffile = optarg; @@ -155,15 +156,19 @@ main(argc, argv) case 'f': fflag = 1; break; + case 'R': + accept_rr = 1; + break; case 's': sflag = 1; + break; } } argc -= optind; argv += optind; if (argc == 0) { fprintf(stderr, - "usage: rtadvd [-c conffile] [-d|D] [-f] [-s]" + "usage: rtadvd [-dDfsR] [-c conffile] " "interfaces...\n"); exit(1); } @@ -205,6 +210,8 @@ main(argc, argv) maxfd = rtsock; } + signal(SIGTERM, die); + while (1) { struct fd_set select_fd = fdset; /* reinitialize */ @@ -234,6 +241,32 @@ main(argc, argv) } static void +die(sig) + int sig; +{ + struct rainfo *ra; + int i; + const int retrans = MAX_FINAL_RTR_ADVERTISEMENTS; + + if (dflag > 1) { + syslog(LOG_DEBUG, "<%s> cease to be an advertising router\n", + __FUNCTION__); + } + + for (ra = ralist; ra; ra = ra->next) { + ra->lifetime = 0; + make_packet(ra); + } + for (i = 0; i < retrans; i++) { + for (ra = ralist; ra; ra = ra->next) + ra_output(ra); + sleep(MIN_DELAY_BETWEEN_RAS); + } + exit(0); + /*NOTREACHED*/ +} + +static void rtmsg_input() { int n, type, ifindex, plen; @@ -1054,21 +1087,39 @@ sock_open() /* specify to tell receiving interface */ on = 1; +#ifdef IPV6_RECVPKTINFO + if (setsockopt(sock, IPPROTO_IPV6, IPV6_RECVPKTINFO, &on, + sizeof(on)) < 0) { + syslog(LOG_ERR, "<%s> IPV6_RECVPKTINFO: %s", + __FUNCTION__, strerror(errno)); + exit(1); + } +#else /* old adv. API */ if (setsockopt(sock, IPPROTO_IPV6, IPV6_PKTINFO, &on, sizeof(on)) < 0) { syslog(LOG_ERR, "<%s> IPV6_PKTINFO: %s", __FUNCTION__, strerror(errno)); exit(1); } +#endif on = 1; /* specify to tell value of hoplimit field of received IP6 hdr */ +#ifdef IPV6_RECVHOPLIMIT + if (setsockopt(sock, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &on, + sizeof(on)) < 0) { + syslog(LOG_ERR, "<%s> IPV6_RECVHOPLIMIT: %s", + __FUNCTION__, strerror(errno)); + exit(1); + } +#else /* old adv. API */ if (setsockopt(sock, IPPROTO_IPV6, IPV6_HOPLIMIT, &on, sizeof(on)) < 0) { syslog(LOG_ERR, "<%s> IPV6_HOPLIMIT: %s", __FUNCTION__, strerror(errno)); exit(1); } +#endif ICMP6_FILTER_SETBLOCKALL(&filt); ICMP6_FILTER_SETPASS(ND_ROUTER_SOLICIT, &filt); |