forked from vanhauser-thc/thc-ipv6
-
Notifications
You must be signed in to change notification settings - Fork 0
/
thc-ipv6-setup.sh
executable file
·126 lines (110 loc) · 3.49 KB
/
thc-ipv6-setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/bin/bash
ON=1
OK=""
test "$1" = "on" && { shift ; }
test "$1" = "enable" && { shift ; }
test "$1" = "en" && { shift ; }
test "$1" = "ea" && { shift ; }
test "$1" = "off" && { ON=0 ; shift ; }
test "$1" = "no" && { ON=0 ; shift ; }
test "$1" = "non" && { ON=0 ; shift ; }
test "$1" = "disable" && { ON=0 ; shift ; }
test "$1" = "dis" && { ON=0 ; shift ; }
test "$2" = "off" && { ON=0 ; shift ; }
test "$2" = "no" && { ON=0 ; shift ; }
test "$2" = "non" && { ON=0 ; shift ; }
test "$2" = "disable" && { ON=0 ; shift ; }
test "$2" = "dis" && { ON=0 ; shift ; }
test "$1" = "-h" -o "$1" = "help" -o "$1" = "--help" -o -z "$1" && {
echo "Syntax: $0 [no] command [options]"
echo
echo Available commands:
echo "" ipv6 - enable ipv6 "(option: interface)"
echo "" ra - "enables everything router advertisement (RA) (option: interface)"
echo "" autoconf - perform autoconfiguration "(option: interface)"
echo "" route - enables default route on RA "(option: interface)"
echo "" dad - enable duplicate address detection "(option: interface)"
echo "" privacy - enable the temporary address privacy extension "(option: interface)"
echo "" forward - enables or disables forwarding
echo "" redirfilter - sets ip6table to prevent sedning redirects "(option: interface)"
echo "" src - enables or disables source routing and routing
echo "" fwreset - reset the ipv6 firewalls
echo
echo prepend the keyword \"no\" to use reverse the function of the command
OK=1
}
test "$1" = "srcroute" -o "$1" = "sourceroute" -o "$1" = "src" && {
for i in /proc/sys/net/ipv6/conf/*; do
echo $ON > $i/accept_source_route
echo $ON > $i/forwarding
done
OK=1
}
test "$1" = "route" -o "$1" = "routing" -o "$1" = "forward" -o "$1" = "forwarding" && {
for i in /proc/sys/net/ipv6/conf/*; do
echo $ON > $i/forwarding
done
OK=1
}
test "$1" = "dad" && {
INT=$2
test -z "$2" && INT=all
echo $ON > /proc/sys/net/ipv6/conf/$INT/accept_dad
echo $ON > /proc/sys/net/ipv6/conf/$INT/dad_transmits
OK=1
}
test "$1" = "redirfilter" -o "$1" = "redir" && {
INT=""
test -n "$2" && INT="-o $2"
ip6tables -I OUTPUT $INT -p icmpv6 --icmpv6-type redirect -j DROP
OK=1
}
test "$1" = "autoconf" -o "$1" = "autoconfig" -o "$1" = "autoconfiguration" -o "$1" = "slaac" && {
INT=$2
test -z "$2" && INT=all
echo $ON > /proc/sys/net/ipv6/conf/$INT/autoconf
OK=1
}
test "$1" = "privacy" -o "$1" = "priv" -o "$1" = "tempaddr" -o "$1" = "tempaddress" && {
INT=$2
test -z "$2" && INT=all
echo $ON > /proc/sys/net/ipv6/conf/$INT/use_tempaddr
OK=1
}
test "$1" = "firewall" -o "$1" = "fwreset" -o "$1" = "resetfw" && {
ip6tables -F
ip6tables -X
ip6tables -Z
ip6tables -P INPUT ACCEPT
ip6tables -P FORWARD ACCEPT
ip6tables -P OUTPUT ACCEPT
OK=1
}
test "$1" = "route" -o "$1" = "routes" && {
INT=$2
test -z "$2" && INT=all
echo $ON > /proc/sys/net/ipv6/conf/$INT/accept_ra_defrtr
OK=1
}
test "$1" = "ra" && {
INT=$2
test -z "$2" && INT=all
echo $ON > /proc/sys/net/ipv6/conf/$INT/accept_ra
echo $ON > /proc/sys/net/ipv6/conf/$INT/accept_ra_defrtr
echo $ON > /proc/sys/net/ipv6/conf/$INT/accept_ra_pinfo
echo $ON > /proc/sys/net/ipv6/conf/$INT/autoconf
OK=1
}
test "$1" = "ipv6" -o "$1" = "ip6" && {
INT="$2"
test -z "$2" && {
INT=all
test "$ON" = 0 && modprobe -v ipv6
test "$ON" = 1 && rmmod ipv6
}
test "$ON" = 0 && RON=1
test "$ON" = 1 && RON=0
echo $RON > /proc/sys/net/ipv6/conf/$INT/disable_ipv6
OK=1
}
test -z "$OK" && { echo Error: unknown command: $1 ; exit 1 ; }