[BACK]Return to netstart CVS log [TXT][DIR] Up to [local] / src / etc

Diff for /src/etc/netstart between version 1.66 and 1.67

version 1.66, 2000/03/17 17:40:31 version 1.67, 2000/03/18 19:45:45
Line 40 
Line 40 
 ifconfig lo0 inet localhost  ifconfig lo0 inet localhost
   
 # use loopback, not the wire  # use loopback, not the wire
 route -n add -host $hostname localhost  route -n add -host $hostname localhost > /dev/null
 route -n add -net 127 127.0.0.1 -reject  route -n add -net 127 127.0.0.1 -reject > /dev/null
   
 if ifconfig lo0 inet6 >/dev/null 2>&1; then  if ifconfig lo0 inet6 >/dev/null 2>&1; then
         # IPv6 configurations.          # IPv6 configurations.
         ip6kernel=YES          ip6kernel=YES
   
         # disallow link-local unicast dest without outgoing scope identifiers.          # disallow link-local unicast dest without outgoing scope identifiers.
         route add -inet6 fe80:: -prefixlen 10 ::1 -reject          route add -inet6 fe80:: -prefixlen 10 ::1 -reject > /dev/null
   
         # disallow site-local unicast dest without outgoing scope identifiers..          # disallow site-local unicast dest without outgoing scope identifiers..
         # If you configure site-locals without scope id (it is permissible          # If you configure site-locals without scope id (it is permissible
         # config for routers that are not on scope boundary), you may want          # config for routers that are not on scope boundary), you may want
         # to comment the line out.          # to comment the line out.
         route add -inet6 fec0:: -prefixlen 10 ::1 -reject          route add -inet6 fec0:: -prefixlen 10 ::1 -reject > /dev/null
   
         # disallow "internal" addresses to appear on the wire.          # disallow "internal" addresses to appear on the wire.
         route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject          route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
   
         # disallow packets to malicious IPv4 compatible prefix.          # disallow packets to malicious IPv4 compatible prefix.
         route add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject          route add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject > /dev/null
         route add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject          route add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
         route add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject          route add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
         route add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject          route add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
   
         # disallow packets to malicious 6to4 prefix.          # disallow packets to malicious 6to4 prefix.
         route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject          route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject > /dev/null
         route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject          route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject > /dev/null
         route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject          route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject > /dev/null
         route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject          route add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject > /dev/null
   
         # Completely disallow packets to IPv4 compatible prefix.          # Completely disallow packets to IPv4 compatible prefix.
         # This may conflict with RFC1933 under following circumstances:          # This may conflict with RFC1933 under following circumstances:
Line 84 
Line 84 
         #     asked to forward it.          #     asked to forward it.
         # Due to rare use of IPv4 compatible address, and security issues          # Due to rare use of IPv4 compatible address, and security issues
         # with it, we disable it by default.          # with it, we disable it by default.
         route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject          route add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
   
         rtsolif=""          rtsolif=""
 else  else
Line 245 
Line 245 
 #          Any other combination                -reject         config error  #          Any other combination                -reject         config error
 case "$multicast_host:$multicast_router" in  case "$multicast_host:$multicast_router" in
 NO:NO)  NO:NO)
         route -n add -net 224.0.0.0/4 -interface 127.0.0.1 -reject;;          route -n add -net 224.0.0.0/4 -interface 127.0.0.1 -reject> /dev/null
           ;;
 NO:YES)  NO:YES)
         ;;          ;;
 *:NO)  *:NO)
Line 258 
Line 259 
 /^      inet /p  /^      inet /p
 EOF  EOF
         fi`          fi`
         route -n add -net 224.0.0.0/4 -interface $2;;          route -n add -net 224.0.0.0/4 -interface $2 > /dev/null
           ;;
 *:*)  *:*)
         echo 'config error, multicasting disabled until rc.conf is fixed'          echo 'config error, multicasting disabled until rc.conf is fixed'
         route -n add -net 224.0.0.0/4 -interface 127.0.0.1 -reject;;          route -n add -net 224.0.0.0/4 -interface 127.0.0.1 -reject > /dev/null
           ;;
 esac  esac
   
 # Configure NAT after configuring network interfaces  # Configure NAT after configuring network interfaces
Legend:
Removed from v.1.66  
changed lines
  Added in v.1.67