summaryrefslogtreecommitdiff
path: root/etc
diff options
context:
space:
mode:
Diffstat (limited to 'etc')
-rw-r--r--etc/netstart26
1 files changed, 13 insertions, 13 deletions
diff --git a/etc/netstart b/etc/netstart
index bb0c1d1e372..3a5f286ff28 100644
--- a/etc/netstart
+++ b/etc/netstart
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $OpenBSD: netstart,v 1.97 2004/05/29 07:01:03 deraadt Exp $
+# $OpenBSD: netstart,v 1.98 2004/10/20 21:17:34 deraadt Exp $
# Returns true if $1 contains only alphanumerics
isalphanumeric() {
@@ -203,28 +203,28 @@ if ifconfig lo0 inet6 >/dev/null 2>&1; then
ip6kernel=YES
# Disallow link-local unicast dest without outgoing scope identifiers.
- route -q add -inet6 fe80:: -prefixlen 10 ::1 -reject > /dev/null
+ route -qn add -inet6 fe80:: -prefixlen 10 ::1 -reject > /dev/null
# Disallow site-local unicast dest without outgoing scope identifiers.
# If you configure site-locals without scope id (it is permissible
# config for routers that are not on scope boundary), you may want
# to comment the line out.
- route -q add -inet6 fec0:: -prefixlen 10 ::1 -reject > /dev/null
+ route -qn add -inet6 fec0:: -prefixlen 10 ::1 -reject > /dev/null
# Disallow "internal" addresses to appear on the wire.
- route -q add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
+ route -qn add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
# Disallow packets to malicious IPv4 compatible prefix.
- route -q add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject > /dev/null
- route -q add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
- route -q add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
- route -q add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
+ route -qn add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject > /dev/null
+ route -qn add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
+ route -qn add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
+ route -qn add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
# Disallow packets to malicious 6to4 prefix.
- route -q add -inet6 2002:e000:: -prefixlen 20 ::1 -reject > /dev/null
- route -q add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject > /dev/null
- route -q add -inet6 2002:0000:: -prefixlen 24 ::1 -reject > /dev/null
- route -q add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject > /dev/null
+ route -qn add -inet6 2002:e000:: -prefixlen 20 ::1 -reject > /dev/null
+ route -qn add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject > /dev/null
+ route -qn add -inet6 2002:0000:: -prefixlen 24 ::1 -reject > /dev/null
+ route -qn add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject > /dev/null
# Completely disallow packets to IPv4 compatible prefix.
# This may conflict with RFC1933 under following circumstances:
@@ -239,7 +239,7 @@ if ifconfig lo0 inet6 >/dev/null 2>&1; then
# asked to forward it.
# Due to rare use of IPv4 compatible addresses, and security issues
# with it, we disable it by default.
- route -q add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
+ route -qn add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
rtsolif=""
else