#!/bin/sh
#
# Configure routing and miscellaneous network tunables
#
# $FreeBSD: stable/8/etc/rc.d/routing 232906 2012-03-12 22:13:17Z bz $
#

# PROVIDE: routing
# REQUIRE: netif ppp
# KEYWORD: nojail

. /etc/rc.subr
. /etc/network.subr

name="routing"
start_cmd="routing_start"
stop_cmd="routing_stop"
extra_commands="options static"
static_cmd="static_start"
options_cmd="options_start"

routing_start()
{
	static_start
	options_start
}

routing_stop()
{
	route -n flush
}

static_start()
{
	case ${defaultrouter} in
	[Nn][Oo] | '')
		;;
	*)
		static_routes="default ${static_routes}"
		route_default="default ${defaultrouter}"
		;;
	esac

	# Setup static routes. This should be done before router discovery.
	#
	if [ -n "${static_routes}" ]; then
		for i in ${static_routes}; do
			eval route_args=\$route_${i}
			route add ${route_args}
		done
	fi
	# Now ATM static routes
	#
	if [ -n "${natm_static_routes}" ]; then
		for i in ${natm_static_routes}; do
			eval route_args=\$route_${i}
			atmconfig natm add ${route_args}
		done
	fi

	# Disallow "internal" addresses to appear on the wire if inet6
	# is enabled.
	if afexists inet6; then
		local fibs i

		# Get the number of FIBs supported.
		fibs=`sysctl -n net.fibs`
		: ${fibs:=1}

		# disallow "internal" addresses to appear on the wire
		route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
		route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
		i=1
		if test ${i} -lt ${fibs}; then
			printf "Also installing reject routes for FIBs"
			while test ${i} -lt ${fibs}; do
				setfib -F ${i} route -q add -inet6 \
				    ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject
				setfib -F ${i} route -q add -inet6 \
				    ::0.0.0.0 -prefixlen 96 ::1 -reject
				printf " %d" ${i}
				i=$((i + 1))
			done
			printf "\n"
		fi
	fi
}

_ropts_initdone=
ropts_init()
{
	if [ -z "${_ropts_initdone}" ]; then
		echo -n 'Additional routing options:'
		_ropts_initdone=yes
	fi
}

options_start()
{
	case ${icmp_bmcastecho} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' broadcast ping responses=YES'
		sysctl net.inet.icmp.bmcastecho=1 >/dev/null
		;;
	esac

	case ${icmp_drop_redirect} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' ignore ICMP redirect=YES'
		sysctl net.inet.icmp.drop_redirect=1 >/dev/null
		;;
	esac

	case ${icmp_log_redirect} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' log ICMP redirect=YES'
		sysctl net.inet.icmp.log_redirect=1 >/dev/null
		;;
	esac

	case ${gateway_enable} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' IP gateway=YES'
		sysctl net.inet.ip.forwarding=1 >/dev/null
		;;
	esac

	case ${forward_sourceroute} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' do source routing=YES'
		sysctl net.inet.ip.sourceroute=1 >/dev/null
		;;
	esac

	case ${accept_sourceroute} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' accept source routing=YES'
		sysctl net.inet.ip.accept_sourceroute=1 >/dev/null
		;;
	esac

	case ${ipxgateway_enable} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' IPX gateway=YES'
		sysctl net.ipx.ipx.ipxforwarding=1 >/dev/null
		;;
	esac

	case ${arpproxy_all} in
	[Yy][Ee][Ss])
		ropts_init
		echo -n ' ARP proxyall=YES'
		sysctl net.link.ether.inet.proxyall=1 >/dev/null
		;;
	esac

	 [ -n "${_ropts_initdone}" ] && echo '.'
}

load_rc_config $name
run_rc_command "$1"
