1 #!/sbin/sh
   2 #
   3 # The contents of this file are subject to the terms of the
   4 # Common Development and Distribution License (the "License").
   5 # You may not use this file except in compliance with the License.
   6 #
   7 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   8 # or http://www.opensolaris.org/os/licensing.
   9 # See the License for the specific language governing permissions
  10 # and limitations under the License.
  11 #
  12 # When distributing Covered Code, include this CDDL HEADER in each
  13 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  14 # If applicable, add the following below this CDDL HEADER, with the
  15 # fields enclosed by brackets "[]" replaced with your own identifying
  16 # information: Portions Copyright [yyyy] [name of copyright owner]
  17 #
  18 
  19 #
  20 # Copyright (c) 1999, 2010, Oracle and/or its affiliates. All rights reserved.
  21 # Copyright 2018 Nexenta Systems, Inc.
  22 #
  23 
  24 # This script configures IP routing.
  25 
  26 . /lib/svc/share/smf_include.sh
  27 
  28 #
  29 # In a shared-IP zone we need this service to be up, but all of the work
  30 # it tries to do is irrelevant (and will actually lead to the service
  31 # failing if we try to do it), so just bail out.
  32 # In the global zone and exclusive-IP zones we proceed.
  33 #
  34 smf_configure_ip || exit $SMF_EXIT_OK
  35 
  36 #
  37 # If routing.conf file is in place, and has not already been read in
  38 # by previous invokation of routeadm, legacy configuration is upgraded
  39 # by this call to "routeadm -u".  This call is also needed when
  40 # a /var/svc/profile/upgrade file is found, as it may contain routeadm commands
  41 # which need to be applied.  Finally, routeadm starts in.ndpd by
  42 # enabling the ndp service (in.ndpd), which is required for IPv6 address
  43 # autoconfiguration. It would be nice if we could do this in
  44 # network/loopback, but since the SMF backend is read-only at that
  45 # point in boot, we cannot.
  46 #
  47 /sbin/routeadm -u
  48 
  49 #
  50 # Configure default IPv4 routers using the local "/etc/defaultrouter"
  51 # configuration file.  The file can contain the hostnames or IP
  52 # addresses of one or more default routers.  If hostnames are used,
  53 # each hostname must also be listed in the local "/etc/hosts" file
  54 # because NIS is not running at the time that this script is
  55 # run.  Each router name or address is listed on a single line by
  56 # itself in the file.  Anything else on that line after the router's
  57 # name or address is ignored.  Lines that begin with "#" are
  58 # considered comments and ignored.
  59 #
  60 # The default routes listed in the "/etc/defaultrouter" file will
  61 # replace those added by the kernel during diskless booting.  An
  62 # empty "/etc/defaultrouter" file will cause the default route
  63 # added by the kernel to be deleted.
  64 #
  65 # Note that the default router file is ignored if we received routes
  66 # from a DHCP server.  Our policy is to always trust DHCP over local
  67 # administration.
  68 #
  69 smf_netstrategy
  70 
  71 if [ "$_INIT_NET_STRATEGY" = "dhcp" ] && \
  72     [ -n "`/sbin/dhcpinfo Router`" ]; then
  73         defrouters=`/sbin/dhcpinfo Router`
  74 elif [ -f /etc/defaultrouter ]; then
  75         defrouters=`/usr/bin/grep -v \^\# /etc/defaultrouter | \
  76             /usr/bin/awk '{print $1}'`
  77         if [ -n "$defrouters" ]; then
  78                 #
  79                 # We want the default router(s) listed in
  80                 # /etc/defaultrouter to replace the one added from the
  81                 # BOOTPARAMS WHOAMI response but we must avoid flushing
  82                 # the last route between the running system and its
  83                 # /usr file system.
  84                 #
  85 
  86                 # First, remember the original route.
  87                 shift $#
  88                 set -- `/usr/bin/netstat -rn -f inet | \
  89                     /usr/bin/grep '^default'`
  90                 route_IP="$2"
  91 
  92                 #
  93                 # Next, add those from /etc/defaultrouter.  While doing
  94                 # this, if one of the routes we add is for the route
  95                 # previously added as a result of the BOOTPARAMS
  96                 # response, we will see a message of the form:
  97                 #       "add net default: gateway a.b.c.d: entry exists"
  98                 #
  99                 do_delete=yes
 100                 for router in $defrouters; do
 101                         route_added=`/usr/sbin/route -n add default \
 102                             -gateway $router`
 103                         res=$?
 104                         set -- $route_added
 105                         [ $res -ne 0 -a "$5" = "$route_IP:" ] && do_delete=no
 106                 done
 107 
 108                 #
 109                 # Finally, delete the original default route unless it
 110                 # was also listed in the defaultrouter file.
 111                 #
 112                 if [ -n "$route_IP" -a $do_delete = yes ]; then
 113                         /usr/sbin/route -n delete default \
 114                             -gateway $route_IP >/dev/null
 115                 fi
 116         else
 117                 /usr/sbin/route -fn > /dev/null
 118         fi
 119 fi
 120 
 121 #
 122 # Use routeadm(1M) to configure forwarding and launch routing daemons
 123 # for IPv4 and IPv6 based on preset values.  These settings only apply
 124 # to the global zone.  For IPv4 dynamic routing, the system will default
 125 # to disabled.
 126 #
 127 
 128 #
 129 # The routeadm/ipv4-routing-set property is true if the administrator
 130 # has run "routeadm -e/-d ipv4-routing".  If not, we revert to the
 131 # appropriate defaults.  We no longer run "routeadm -u" on every boot
 132 # however, as persistent daemon state is now controlled by SMF.
 133 #
 134 ipv4_routing_set=`/usr/bin/svcprop -p routeadm/ipv4-routing-set $SMF_FMRI`
 135 
 136 #
 137 # Set default value for ipv4-routing to disabled.  If routeadm -e/-d
 138 # has not yet been run by the administrator, we apply this default.
 139 # The -b option is project-private and informs routeadm not
 140 # to treat the enable as administrator-driven.
 141 #
 142 /usr/sbin/svccfg -s $SMF_FMRI \
 143     setprop routeadm/default-ipv4-routing = false
 144 if [ "$ipv4_routing_set" = "false" ]; then
 145         /sbin/routeadm -b -d ipv4-routing -u
 146 fi
 147 
 148 #
 149 # See if static routes were created by install. If so, they were created
 150 # under /etc/svc/volatile. Copy them into their proper place.
 151 #
 152 if [ -f /etc/svc/volatile/etc/inet/static_routes ]; then
 153         echo "Installing persistent routes"
 154         if [ -f /etc/inet/static_routes ]; then
 155                 cat /etc/svc/volatile/etc/inet/static_routes | grep -v '^#' \
 156                     >> /etc/inet/static_routes
 157         else
 158                 cp /etc/svc/volatile/etc/inet/static_routes \
 159                     /etc/inet/static_routes
 160         fi
 161         /usr/bin/rm /etc/svc/volatile/etc/inet/static_routes
 162 fi
 163 
 164 #
 165 # Read /etc/inet/static_routes and add each route.
 166 #
 167 if [ -f /etc/inet/static_routes ]; then
 168         echo "Adding persistent routes:"
 169         /usr/bin/egrep -v "^(#|$)" /etc/inet/static_routes | while read line; do
 170                 /usr/sbin/route add $line
 171         done
 172 fi
 173 
 174 # Clear exit status.
 175 exit $SMF_EXIT_OK