From owner-svn-src-all@FreeBSD.ORG Thu Dec 27 20:59:23 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 637EA249; Thu, 27 Dec 2012 20:59:23 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 2E05F8FC14; Thu, 27 Dec 2012 20:59:23 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qBRKxNSN055745; Thu, 27 Dec 2012 20:59:23 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qBRKxMfo055743; Thu, 27 Dec 2012 20:59:22 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201212272059.qBRKxMfo055743@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Thu, 27 Dec 2012 20:59:22 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r244750 - in head: share/man/man4 sys/net X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Dec 2012 20:59:23 -0000 Author: ae Date: Thu Dec 27 20:59:22 2012 New Revision: 244750 URL: http://svnweb.freebsd.org/changeset/base/244750 Log: Add net.link.stf.permit_rfc1918 sysctl variable. It can be used to allow the use of private IPv4 addresses with stf(4). MFC after: 2 weeks Modified: head/share/man/man4/stf.4 head/sys/net/if_stf.c Modified: head/share/man/man4/stf.4 ============================================================================== --- head/share/man/man4/stf.4 Thu Dec 27 20:52:39 2012 (r244749) +++ head/share/man/man4/stf.4 Thu Dec 27 20:59:22 2012 (r244750) @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 23, 2011 +.Dd December 28, 2012 .Dt STF 4 .Os .Sh NAME @@ -180,6 +180,22 @@ Note, however, there are other security If you wish to use the configuration, you must not advertise your 6to4 address to others. .\" +.Sh SYSCTL VARIABLES +The following +.Xr sysctl 8 +variables can be used to control the behavior of the +.Nm stf . +The default value is shown next to each variable. +.Bl -tag -width indent +.It Va net.link.stf.permit_rfc1918 : No 0 +The RFC3056 requires the use of globally unique 32-bit IPv4 +addresses. This sysctl variable controls the behaviour of this +requirement. When it set to not 0, +.Nm stf +allows the use of private IPv4 addresses described in the RFC1918. +This may be useful for an Intranet environment or when some mechanisms +of network address translation (NAT) are used. +.El .Sh EXAMPLES Note that .Li 8504:0506 Modified: head/sys/net/if_stf.c ============================================================================== --- head/sys/net/if_stf.c Thu Dec 27 20:52:39 2012 (r244749) +++ head/sys/net/if_stf.c Thu Dec 27 20:59:22 2012 (r244750) @@ -127,6 +127,10 @@ static int stf_route_cache = 1; SYSCTL_INT(_net_link_stf, OID_AUTO, route_cache, CTLFLAG_RW, &stf_route_cache, 0, "Caching of IPv4 routes for 6to4 Output"); +static int stf_permit_rfc1918 = 0; +SYSCTL_INT(_net_link_stf, OID_AUTO, permit_rfc1918, CTLFLAG_RW, + &stf_permit_rfc1918, 0, "Permit the use of private IPv4 addresses"); + #define STFUNIT 0 #define IN6_IS_ADDR_6TO4(x) (ntohs((x)->s6_addr16[0]) == 0x2002) @@ -581,9 +585,10 @@ isrfc1918addr(in) * returns 1 if private address range: * 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 */ - if ((ntohl(in->s_addr) & 0xff000000) >> 24 == 10 || + if (stf_permit_rfc1918 == 0 && ( + (ntohl(in->s_addr) & 0xff000000) >> 24 == 10 || (ntohl(in->s_addr) & 0xfff00000) >> 16 == 172 * 256 + 16 || - (ntohl(in->s_addr) & 0xffff0000) >> 16 == 192 * 256 + 168) + (ntohl(in->s_addr) & 0xffff0000) >> 16 == 192 * 256 + 168)) return 1; return 0;