From 4ae6752949727ddc96d36ec4e1c4f9442897a870 Mon Sep 17 00:00:00 2001 From: pbldp <> Date: Sat, 3 May 2014 12:30:08 +0000 Subject: [PATCH] cosmetics --- .../Peter-Bieringer/Linux+IPv6-HOWTO.de.html | 4 +- .../Peter-Bieringer/Linux+IPv6-HOWTO.de.lyx | 1255 +------ .../Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf | Bin 520482 -> 520468 bytes .../Peter-Bieringer/Linux+IPv6-HOWTO.de.sgml | 4 +- .../Peter-Bieringer/Linux+IPv6-HOWTO.html | 4 +- .../Peter-Bieringer/Linux+IPv6-HOWTO.lyx | 3036 +---------------- .../Peter-Bieringer/Linux+IPv6-HOWTO.pdf | Bin 583941 -> 583943 bytes .../Peter-Bieringer/Linux+IPv6-HOWTO.sgml | 4 +- 8 files changed, 12 insertions(+), 4295 deletions(-) diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html index 2699346c..4a384509 100644 --- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html +++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html @@ -11619,9 +11619,9 @@ table ip6 filter { type filter hook input priority 1; icmpv6 type echo-request counter packets 0 bytes 0 accept ip6 hoplimit 1 icmpv6 type -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept ip6 hoplimit 255 icmpv6 type -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept } } \end_layout @@ -1272,7 +1270,6 @@ In Skripts oder an Ihrer Kommandozeile müssen Sie die < und > weglassen \end_layout \begin_layout Code - 1.2.3.4 \end_layout @@ -1286,7 +1283,6 @@ Kommandos, die nicht als Root-Benutzer ausgeführt werden, beginnen mit $, \end_layout \begin_layout Code - $ whoami \end_layout @@ -1295,7 +1291,6 @@ Befehle, die mit Root-Rechten ausgeführt werden, beginnen mit #, z.B. \end_layout \begin_layout Code - # whoami \end_layout @@ -1485,72 +1480,58 @@ Der erste IPv6 Netzwerk Code wurde dem Linux Kernel 2.1.8 im November 1996 \end_layout \begin_layout Code - diff -u --recursive --new-file v2.1.7/linux/include/linux/in6.h \end_layout \begin_layout Code - ¬ linux/include/linux/in6.h \end_layout \begin_layout Code - --- v2.1.7/linux/include/linux/in6.h Thu Jan 1 02:00:00 1970 \end_layout \begin_layout Code - +++ linux/include/linux/in6.h Sun Nov 3 11:04:42 1996 \end_layout \begin_layout Code - @@ -0,0 +1,99 @@ \end_layout \begin_layout Code - +/* \end_layout \begin_layout Code - + * Types and definitions for AF_INET6 \end_layout \begin_layout Code - + * Linux INET6 implementation \end_layout \begin_layout Code - + * + * Authors: \end_layout \begin_layout Code - + * Pedro Roque <******> \end_layout \begin_layout Code - + * \end_layout \begin_layout Code - + * Source: \end_layout \begin_layout Code - + * IPv6 Program Interfaces for BSD Systems \end_layout \begin_layout Code - + * \end_layout @@ -1672,7 +1653,6 @@ Wie gesagt, IPv6 Adressen sind 128 bit lang. \end_layout \begin_layout Code - 2^128-1: 340282366920938463463374607431768211455 \end_layout @@ -1696,7 +1676,6 @@ nibble \end_layout \begin_layout Code - 2^128-1: 0xffffffffffffffffffffffffffffffff \end_layout @@ -1719,7 +1698,6 @@ e Werte) entfernt: \end_layout \begin_layout Code - 2^128-1: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff \end_layout @@ -1730,7 +1708,6 @@ Eine gültige Adresse (s.u. \end_layout \begin_layout Code - 2001:0db8:0100:f101:0210:a4ff:fee3:9566 \end_layout @@ -1741,12 +1718,10 @@ Der Vereinfachung halber können führende Nullen jedes 16 bit-Blocks weggelasse \end_layout \begin_layout Code - 2001:0db8:0100:f101:0210:a4ff:fee3:9566 -> \end_layout \begin_layout Code - ¬ 2001:0db8:100:f101:210:a4ff:fee3:9566 \end_layout @@ -1769,7 +1744,6 @@ Eine Sequenz von 16 bit-Blöcken, die nur Nullen enthaltet, kann durch ein \end_layout \begin_layout Code - 2001:0db8:100:f101:0:0:0:1 -> 2001:0db8:100:f101::1 \end_layout @@ -1779,7 +1753,6 @@ Die höchstmögliche Reduktion sieht man bei der IPv6 Localhost Adresse: \end_layout \begin_layout Code - 0000:0000:0000:0000:0000:0000:0000:0001 -> ::1 \end_layout @@ -1804,12 +1777,10 @@ h ein Aprilscherz. \end_layout \begin_layout Code - # ipv6calc --addr_to_base85 2001:0db8:0100:f101:0210:a4ff:fee3:9566 \end_layout \begin_layout Code - Itu&-ZQ82s>J%s99FJXT \end_layout @@ -2022,7 +1993,6 @@ Dies ist eine spezielle Adresse für das Loopback Interface, vergleichbar \end_layout \begin_layout Code - 0000:0000:0000:0000:0000:0000:0000:0001 \end_layout @@ -2032,7 +2002,6 @@ bzw. \end_layout \begin_layout Code - ::1 \end_layout @@ -2068,7 +2037,6 @@ any \end_layout \begin_layout Code - 0000:0000:0000:0000:0000:0000:0000:0000 \end_layout @@ -2077,7 +2045,6 @@ oder: \end_layout \begin_layout Code - :: \end_layout @@ -2123,7 +2090,6 @@ Diese Adressen sind mit einer speziellen Präfixlänge von 96 definiert (a.b.c.d \end_layout \begin_layout Code - 0:0:0:0:0:ffff:a.b.c.d/96 \end_layout @@ -2132,7 +2098,6 @@ oder in komprimiertem Format: \end_layout \begin_layout Code - ::ffff:a.b.c.d/96 \end_layout @@ -2143,7 +2108,6 @@ Die IPv4 Adresse 1.2.3.4. \end_layout \begin_layout Code - ::ffff:1.2.3.4 \end_layout @@ -2172,7 +2136,6 @@ reference "tunneling-6to4" \end_layout \begin_layout Code - 0:0:0:0:0:0:a.b.c.d/96 \end_layout @@ -2181,7 +2144,6 @@ oder in komprimierter Form: \end_layout \begin_layout Code - ::a.b.c.d/96 \end_layout @@ -2266,22 +2228,18 @@ x \end_layout \begin_layout Code - fe8x: <- zurzeit als einziger in Benutzung \end_layout \begin_layout Code - fe9x: \end_layout \begin_layout Code - feax: \end_layout \begin_layout Code - febx: \end_layout @@ -2321,22 +2279,18 @@ Die Adresse beginnt mit: \end_layout \begin_layout Code - fecx: <- meistens genutzt. \end_layout \begin_layout Code - fedx: \end_layout \begin_layout Code - feex: \end_layout \begin_layout Code - fefx: \end_layout @@ -2424,12 +2378,10 @@ Die Adresse beginnt mit: \end_layout \begin_layout Code - fcxx: \end_layout \begin_layout Code - fdxx: <- zurzeit als einziger in Benutzung \end_layout @@ -2457,7 +2409,6 @@ target "http://www.goebel-consult.de/ipv6/createLULA" \end_layout \begin_layout Code - fd0f:8b72:ac90::/48 \end_layout @@ -2486,12 +2437,10 @@ Die Adresse beginnt mit (x sind hexadezimale Zeichen) \end_layout \begin_layout Code - 2xxx: \end_layout \begin_layout Code - 3xxx: \end_layout @@ -2523,7 +2472,6 @@ Diese globalen Adressen waren die Ersten definierten und auch benutzen Adressen. \end_layout \begin_layout Code - 3ffe: \end_layout @@ -2532,7 +2480,6 @@ Beispiel: \end_layout \begin_layout Code - 3ffe:ffff:100:f102::1 \end_layout @@ -2542,7 +2489,6 @@ Eine spezielle 6bone Test-Adresse, die niemals weltweit einmalig ist, beginnt \end_layout \begin_layout Code - 3ffe:ffff: \end_layout @@ -2601,7 +2547,6 @@ target "http://www.faqs.org/rfcs/rfc2893.html" \end_layout \begin_layout Code - 2002: \end_layout @@ -2611,7 +2556,6 @@ z.B. \end_layout \begin_layout Code - 2002:c0a8:0101:5::1 \end_layout @@ -2620,12 +2564,10 @@ Ein kleines Shell-Kommando kann aus einer IPv4 eine 6to4 Adresse erstellen: \end_layout \begin_layout Code - ipv4="1.2.3.4"; sla="5"; printf "2002:%02x%02x:%02x%02x:%04x::1" `echo $ipv4 \end_layout \begin_layout Code - ¬ | tr "." " "` $sla \end_layout @@ -2659,7 +2601,6 @@ Diese Adressen werden an Internet Service Provider (ISP) delegiert und beginnen \end_layout \begin_layout Code - 2001: \end_layout @@ -2702,12 +2643,10 @@ target "http://www.faqs.org/rfcs/rfc3849.html" \end_layout \begin_layout Code - 3ffe:ffff::/32 \end_layout \begin_layout Code - 2001:0DB8::/32 EXAMPLENET-WF \end_layout @@ -2732,7 +2671,6 @@ Sie beginnen immer mit (xx ist hierbei der Wert der Reichweite) \end_layout \begin_layout Code - ffxy: \end_layout @@ -2828,7 +2766,6 @@ Ein Beispiel für diese Adresse könnte sein: \end_layout \begin_layout Code - ff02::1:ff00:1234 \end_layout @@ -2897,7 +2834,6 @@ Die Subnet-Router Anycast Adresse ist ein einfaches Beispiel für eine Anycast \end_layout \begin_layout Code - 2001:0db8:100:f101:210:a4ff:fee3:9566/64 <- Node's address \end_layout @@ -2907,7 +2843,6 @@ Die Subnet-Router Anycast Adresse wird durch komplette Streichung des Suffixes \end_layout \begin_layout Code - 2001:0db8:100:f101::/64 <- subnet-router anycast address \end_layout @@ -2947,7 +2882,6 @@ Als Beispiel hat hier ein NIC folgende MAC-Adresse (48 bit): \end_layout \begin_layout Code - 00:10:a4:01:23:45 \end_layout @@ -2967,7 +2901,6 @@ target "http://standards.ieee.org/regauth/oui/tutorials/EUI64.html" \end_layout \begin_layout Code - 0210:a4ff:fe01:2345 \end_layout @@ -2979,7 +2912,6 @@ Mit einem gegebenen Präfix wird daraus die schon oben gezeigte IPv6-Adresse: \end_layout \begin_layout Code - 2001:0db8:0100:f101:0210:a4ff:fe01:2345 \end_layout @@ -3037,7 +2969,6 @@ Bei Servern ist es wahrscheinlich leichter, sich einfachere Adressen zu \end_layout \begin_layout Code - 2001:0db8:100:f101::1 \end_layout @@ -3135,7 +3066,6 @@ Ein Beispiel: \end_layout \begin_layout Code - 2001:0db8:100:1:2:3:4:5/48 \end_layout @@ -3149,7 +3079,6 @@ Netzwerk: \end_layout \begin_layout Code - 2001:0db8:0100:0000:0000:0000:0000:0000 \end_layout @@ -3158,7 +3087,6 @@ Netzmaske: \end_layout \begin_layout Code - ffff:ffff:ffff:0000:0000:0000:0000:0000 \end_layout @@ -3178,12 +3106,10 @@ Wenn z.B. \end_layout \begin_layout Code - 2001:0db8:100::/48 :: U 1 0 0 sit1 \end_layout \begin_layout Code - 2000::/3 ::192.88.99.1 UG 1 0 0 tun6to4 \end_layout @@ -3193,12 +3119,10 @@ Die gezeigten Zieladressen der IPv6 Pakete werden über die entsprechenden \end_layout \begin_layout Code - 2001:0db8:100:1:2:3:4:5/48 -> routed through device sit1 \end_layout \begin_layout Code - 2001:0db8:200:1:2:3:4:5/48 -> routed through device tun6to4 \end_layout @@ -3258,7 +3182,6 @@ Um zu überprüfen, ob ihr aktueller Kernel IPv6 unterstützt, sollten sie \end_layout \begin_layout Code - /proc/net/if_inet6 \end_layout @@ -3268,7 +3191,6 @@ Einen kleinen automatischen Test können Sie wie folgt durchführen: \end_layout \begin_layout Code - # test -f /proc/net/if_inet6 && echo "Running kernel is IPv6 ready" \end_layout @@ -3288,7 +3210,6 @@ Mit folgenden Befehl können Sie versuchen, das Modul zu laden: \end_layout \begin_layout Code - # modprobe ipv6 \end_layout @@ -3299,7 +3220,6 @@ Wenn dieser Befehl positiv verläuft, dann sollten Sie das Modul mit folgendem \end_layout \begin_layout Code - # lsmod |grep -w 'ipv6' && echo "IPv6 module successfully loaded" \end_layout @@ -3325,7 +3245,6 @@ Es ist möglich das IPv6 Modul bei Bedarf automatisch zu laden. \end_layout \begin_layout Code - alias net-pf-10 ipv6 # automatically load IPv6 module on demand \end_layout @@ -3335,7 +3254,6 @@ Mit der folgenden Zeile ist es auch möglich, das automatische Laden des \end_layout \begin_layout Code - alias net-pf-10 off # disable automatically load of IPv6 module on demand \end_layout @@ -3593,12 +3511,10 @@ Automatische Überprüfung: \end_layout \begin_layout Code - # /sbin/ifconfig -? 2>& 1|grep -qw 'inet6' && echo "utility 'ifconfig' is \end_layout \begin_layout Code - ¬ IPv6-ready" \end_layout @@ -3612,7 +3528,6 @@ route \end_layout \begin_layout Code - # /sbin/route -? 2>& 1|grep -qw 'inet6' && echo "utility 'route' is IPv6-ready" \end_layout @@ -3631,7 +3546,6 @@ Alexey N.Kuznetsov (gegenwärtig ein Betreuer des Linux Network Codes) erstellte \end_layout \begin_layout Code - # /sbin/ip 2>&1 |grep -qw 'inet6' && echo "utility 'ip' is IPv6-ready" \end_layout @@ -3697,17 +3611,14 @@ Anwendung \end_layout \begin_layout Code - # ping6 \end_layout \begin_layout Code - # ping6 \end_layout \begin_layout Code - # ping6 [-I ] \end_layout @@ -3719,7 +3630,6 @@ Einige Implementierungen unterstützen auch % Definition zusätzlich \end_layout \begin_layout Code - # ping6 % \end_layout @@ -3728,17 +3638,14 @@ Beispiel \end_layout \begin_layout Code - # ping6 -c 1 ::1 \end_layout \begin_layout Code - PING ::1(::1) from ::1 : 56 data bytes \end_layout \begin_layout Code - 64 bytes from ::1: icmp_seq=0 hops=64 time=292 usec \end_layout @@ -3747,17 +3654,14 @@ PING ::1(::1) from ::1 : 56 data bytes \end_layout \begin_layout Code - --- ::1 ping statistics --- \end_layout \begin_layout Code - 1 packets transmitted, 1 packets received, 0% packet loss \end_layout \begin_layout Code - round-trip min/avg/max/mdev = 0.292/0.292/0.292/0.000 ms \end_layout @@ -3790,12 +3694,10 @@ Wenn link-lokale Adressen für ein IPv6 ping verwendet werden, dann hat der \end_layout \begin_layout Code - # ping6 fe80::212:34ff:fe12:3456 \end_layout \begin_layout Code - connect: Invalid argument \end_layout @@ -3804,22 +3706,18 @@ In diesem Fall müssen Sie das Interface zusätzlich spezifizieren: \end_layout \begin_layout Code - # ping6 -I eth0 -c 1 fe80::2e0:18ff:fe90:9205 \end_layout \begin_layout Code - PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from \end_layout \begin_layout Code - ¬ fe80::212:34ff:fe12:3478 eth0: 56 data bytes \end_layout \begin_layout Code - 64 bytes from fe80::212:23ff:fe12:3456: icmp_seq=0 hops=64 time=445 usec \end_layout @@ -3828,17 +3726,14 @@ PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from \end_layout \begin_layout Code - --- fe80::2e0:18ff:fe90:9205 ping statistics --- \end_layout \begin_layout Code - 1 packets transmitted, 1 packets received, 0% packet loss round-trip \end_layout \begin_layout Code - ¬ min/avg/max/mdev = 0.445/0.445/0.445/0.000 ms \end_layout @@ -3849,7 +3744,6 @@ Beispiel für % Notation: \end_layout \begin_layout Code - # ping6 -c 1 fe80::2e0:18ff:fe90:9205%eth0 \end_layout @@ -3863,22 +3757,18 @@ Ein interessanter Mechanismus zum Aufspüren eines IPv6 aktiven Hosts am \end_layout \begin_layout Code - # ping6 -I eth0 ff02::1 \end_layout \begin_layout Code - PING ff02::1(ff02::1) from fe80:::2ab:cdff:feef:0123 eth0: 56 data bytes \end_layout \begin_layout Code - 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.104 ms \end_layout \begin_layout Code - 64 bytes from fe80::212:34ff:fe12:3450: icmp_seq=1 ttl=64 time=0.549 ms (DUP!) \end_layout @@ -3890,7 +3780,6 @@ Beispiel für % Notation: \end_layout \begin_layout Code - # ping6 ff02::1%eth0 \end_layout @@ -3918,51 +3807,42 @@ Dieses Programm ist normal im Paket iputils enthalten. \end_layout \begin_layout Code - # traceroute6 www.6bone.net \end_layout \begin_layout Code - traceroute to 6bone.net (3ffe:b00:c18:1::10) from 2001:0db8:0000:f101::2, 30 \end_layout \begin_layout Code - ¬ hops max, 16 byte packets \end_layout \begin_layout Code - 1 localipv6gateway (2001:0db8:0000:f101::1) 1.354 ms 1.566 ms 0.407 ms \end_layout \begin_layout Code - 2 swi6T1-T0.ipv6.switch.ch (3ffe:2000:0:400::1) 90.431 ms 91.956 ms 92.377 ms \end_layout \begin_layout Code - 3 3ffe:2000:0:1::132 (3ffe:2000:0:1::132) 118.945 ms 107.982 ms 114.557 ms \end_layout \begin_layout Code - 4 3ffe:c00:8023:2b::2 (3ffe:c00:8023:2b::2) 968.468 ms 993.392 ms 973.441 ms \end_layout \begin_layout Code - 5 3ffe:2e00:e:c::3 (3ffe:2e00:e:c::3) 507.784 ms 505.549 ms 508.928 ms \end_layout \begin_layout Code - 6 www.6bone.net (3ffe:b00:c18:1::10) 1265.85 ms * 1304.74 ms \end_layout @@ -4002,52 +3882,42 @@ iputils \end_layout \begin_layout Code - # tracepath6 www.6bone.net \end_layout \begin_layout Code - 1?: [LOCALHOST] pmtu 1480 \end_layout \begin_layout Code - 1: 3ffe:401::2c0:33ff:fe02:14 150.705ms \end_layout \begin_layout Code - 2: 3ffe:b00:c18::5 267.864ms \end_layout \begin_layout Code - 3: 3ffe:b00:c18::5 asymm 2 266.145ms pmtu 1280 \end_layout \begin_layout Code - 3: 3ffe:3900:5::2 asymm 4 346.632ms \end_layout \begin_layout Code - 4: 3ffe:28ff:ffff:4::3 asymm 5 365.965ms \end_layout \begin_layout Code - 5: 3ffe:1cff:0:ee::2 asymm 4 534.704ms \end_layout \begin_layout Code - 6: 3ffe:3800::1:1 asymm 4 578.126ms !N \end_layout \begin_layout Code - Resume: pmtu 1280 \end_layout @@ -4140,32 +4010,26 @@ IPv6 ping zur Adresse \end_layout \begin_layout Code - # tcpdump -t -n -i eth0 -s 512 -vv ip6 or proto ipv6 \end_layout \begin_layout Code - tcpdump: listening on eth0 \end_layout \begin_layout Code - 2001:0db8:100:f101:2e0:18ff:fe90:9205 > 2001:0db8:100:f101::1: icmp6: echo \end_layout \begin_layout Code - ¬ request (len 64, hlim 64) \end_layout \begin_layout Code - 2001:0db8:100:f101::1 > 2001:0db8:100:f101:2e0:18ff:fe90:9205: icmp6: echo \end_layout \begin_layout Code - ¬ reply (len 64, hlim 64) \end_layout @@ -4184,52 +4048,42 @@ IPv6 ping zur Adresse \end_layout \begin_layout Code - # tcpdump -t -n -i ppp0 -s 512 -vv ip6 or proto ipv6 \end_layout \begin_layout Code - tcpdump: listening on ppp0 \end_layout \begin_layout Code - 1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request \end_layout \begin_layout Code - ¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124) \end_layout \begin_layout Code - 5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len \end_layout \begin_layout Code - ¬ 64, hlim 61) (ttl 23, id 29887, len 124) \end_layout \begin_layout Code - 1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request \end_layout \begin_layout Code - ¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124) \end_layout \begin_layout Code - 5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len \end_layout \begin_layout Code - ¬ 64, hlim 61) (ttl 23, id 29919, len 124) \end_layout @@ -4315,7 +4169,6 @@ Jeder DNS-Server (Domain Name System) sollte aufgrund der Sicherheitsupdates \end_layout \begin_layout Code - # host -t AAAA www.join.uni-muenster.de \end_layout @@ -4324,20 +4177,17 @@ Die Ausgabe des Tests sollte etwa wie folgt sein: \end_layout \begin_layout Code - www.join.uni-muenster.de. is an alias for tolot.join.uni-muenster.de. \end_layout \begin_layout Code - tolot.join.uni-muenster.de. has AAAA address \end_layout \begin_layout Code - ¬ 2001:638:500:101:2e0:81ff:fe24:37c6 \end_layout @@ -4351,30 +4201,25 @@ IPv6 kompatible Clients sind verfügbar. \end_layout \begin_layout Code - $ telnet 3ffe:400:100::1 80 \end_layout \begin_layout Code - Trying 3ffe:400:100::1... \end_layout \begin_layout Code - Connected to 3ffe:400:100::1. \end_layout \begin_layout Code - Escape character is '^]'. \end_layout \begin_layout Code - HEAD / HTTP/1.0 \end_layout @@ -4383,47 +4228,38 @@ HEAD / HTTP/1.0 \end_layout \begin_layout Code - HTTP/1.1 200 OK \end_layout \begin_layout Code - Date: Sun, 16 Dec 2001 16:07:21 \end_layout \begin_layout Code - GMT Server: Apache/2.0.28 (Unix) \end_layout \begin_layout Code - Last-Modified: Wed, 01 Aug 2001 21:34:42 GMT \end_layout \begin_layout Code - ETag: "3f02-a4d-b1b3e080" \end_layout \begin_layout Code - Accept-Ranges: bytes \end_layout \begin_layout Code - Content-Length: 2637 \end_layout \begin_layout Code - Connection: close \end_layout \begin_layout Code - Content-Type: text/html; charset=ISO-8859-1 \end_layout @@ -4432,7 +4268,6 @@ Content-Type: text/html; charset=ISO-8859-1 \end_layout \begin_layout Code - Connection closed by foreign host. \end_layout @@ -4474,17 +4309,14 @@ he Verhaltensweisen: \end_layout \begin_layout Code - $ ssh -6 ::1 \end_layout \begin_layout Code - user@::1's password: ****** \end_layout \begin_layout Code - [user@ipv6host user]$ \end_layout @@ -5034,12 +4866,10 @@ Gebrauch: \end_layout \begin_layout Code - # ip link set dev up \end_layout \begin_layout Code - # ip link set dev down \end_layout @@ -5052,12 +4882,10 @@ Beispiel: \end_layout \begin_layout Code - # ip link set dev eth0 up \end_layout \begin_layout Code - # ip link set dev eth0 down \end_layout @@ -5071,12 +4899,10 @@ Gebrauch: \end_layout \begin_layout Code - # /sbin/ifconfig up \end_layout \begin_layout Code - # /sbin/ifconfig down \end_layout @@ -5085,12 +4911,10 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ifconfig eth0 up \end_layout \begin_layout Code - # /sbin/ifconfig eth0 down \end_layout @@ -5145,7 +4969,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 addr show dev \end_layout @@ -5154,27 +4977,22 @@ Beispiel für einen statisch konfigurierten Host: \end_layout \begin_layout Code - # /sbin/ip -6 addr show dev eth0 \end_layout \begin_layout Code - 2: eth0: \end_layout @@ -5261,22 +5070,18 @@ en (die Ausgabe wurde mit grep gefiltert) \end_layout \begin_layout Code - # /sbin/ifconfig eth0 |grep "inet6 addr:" \end_layout \begin_layout Code - inet6 addr: fe80::210:a4ff:fee3:9566/10 Scope:Link \end_layout \begin_layout Code - inet6 addr: 2001:0db8:0:f101::1/64 Scope:Global \end_layout \begin_layout Code - inet6 addr: fec0:0:0:f101::1/64 Scope:Site \end_layout @@ -5299,7 +5104,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 addr add / dev \end_layout @@ -5308,7 +5112,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 addr add 2001:0db8:0:f101::1/64 dev eth0 \end_layout @@ -5322,7 +5125,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ifconfig inet6 add / \end_layout @@ -5331,7 +5133,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ifconfig eth0 inet6 add 2001:0db8:0:f101::1/64 \end_layout @@ -5355,7 +5156,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 addr del / dev \end_layout @@ -5364,7 +5164,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 addr del 2001:0db8:0:f101::1/64 dev eth0 \end_layout @@ -5378,7 +5177,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ifconfig inet6 del / \end_layout @@ -5387,7 +5185,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ifconfig eth0 inet6 del 2001:0db8:0:f101::1/64 \end_layout @@ -5441,7 +5238,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 route show [dev ] \end_layout @@ -5451,27 +5247,22 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 route show dev eth0 \end_layout \begin_layout Code - 2001:0db8:0:f101::/64 proto kernel metric 256 mtu 1500 advmss 1440 \end_layout \begin_layout Code - fe80::/10 proto kernel metric 256 mtu 1500 advmss 1440 \end_layout \begin_layout Code - ff00::/8 proto kernel metric 256 mtu 1500 advmss 1440 \end_layout \begin_layout Code - default proto kernel metric 256 mtu 1500 advmss 1440 \end_layout @@ -5485,7 +5276,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/route -A inet6 \end_layout @@ -5496,42 +5286,34 @@ Sie sehen hier mehrere IPv6 Routen mit unterschiedlichen Adressen eines \end_layout \begin_layout Code - # /sbin/route -A inet6 |grep -w "eth0" \end_layout \begin_layout Code - 2001:0db8:0:f101 ::/64 :: UA 256 0 0 eth0 <- Interface route for global \end_layout \begin_layout Code - ¬ address \end_layout \begin_layout Code - fe80::/10 :: UA 256 0 0 eth0 <- Interface route for link-local \end_layout \begin_layout Code - ¬ address \end_layout \begin_layout Code - ff00::/8 :: UA 256 0 0 eth0 <- Interface route for all multicast \end_layout \begin_layout Code - ¬ addresses \end_layout \begin_layout Code - ::/0 :: UDA 256 0 0 eth0 <- Automatic default route \end_layout @@ -5554,12 +5336,10 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 route add / via \end_layout \begin_layout Code - ¬ [dev ] \end_layout @@ -5568,7 +5348,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 route add default via 2001:0db8:0:f101::1 \end_layout @@ -5582,12 +5361,10 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/route -A inet6 add / gw \end_layout \begin_layout Code - ¬ [dev ] \end_layout @@ -5606,7 +5383,6 @@ Im folgenden Beispiel wird eine Route für alle Adressen (default) über das \end_layout \begin_layout Code - # /sbin/route -A inet6 add default gw 2001:0db8:0:f101::1 \end_layout @@ -5631,12 +5407,10 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 route del / via \end_layout \begin_layout Code - ¬ [dev ] \end_layout @@ -5645,7 +5419,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 route del default via 2001:0db8:0:f101::1 \end_layout @@ -5659,13 +5432,11 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/route -A inet6 del / gw [dev \end_layout \begin_layout Code - ¬ ] \end_layout @@ -5674,7 +5445,6 @@ Beispiel zum entfernen der im obigen Beispiel hinzugefügten Route: \end_layout \begin_layout Code - # /sbin/route -A inet6 del default gw 2001:0db8:0:f101::1 \end_layout @@ -5698,12 +5468,10 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 route add / dev \end_layout \begin_layout Code - ¬ metric 1 \end_layout @@ -5712,7 +5480,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 route add default dev eth0 metric 1 \end_layout @@ -5755,7 +5522,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/route -A inet6 add / dev \end_layout @@ -5764,7 +5530,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/route -A inet6 add default dev eth0 \end_layout @@ -5787,7 +5552,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 route del / dev \end_layout @@ -5796,7 +5560,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 route del default dev eth0 \end_layout @@ -5810,7 +5573,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/route -A inet6 del / dev \end_layout @@ -5820,7 +5582,6 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/route -A inet6 del default dev eth0 \end_layout @@ -5860,17 +5621,14 @@ Ein client kann eine Default Route (z.B. \end_layout \begin_layout Code - # ip -6 route show | grep ^default \end_layout \begin_layout Code - default via fe80::212:34ff:fe12:3450 dev eth0 proto kernel metric 1024 expires \end_layout \begin_layout Code - ¬ 29sec mtu 1500 advmss 1440 \end_layout @@ -5967,7 +5725,6 @@ Mit dem folgenden Befehl können Sie die gelernten oder konfigurierten IPv6 \end_layout \begin_layout Code - # ip -6 neigh show [dev ] \end_layout @@ -5976,12 +5733,10 @@ Das folgende Beispiel zeigt einen Nachbar, einen erreichbaren Router: \end_layout \begin_layout Code - # ip -6 neigh show \end_layout \begin_layout Code - fe80::201:23ff:fe45:6789 dev eth0 lladdr 00:01:23:45:67:89 router nud reachable \end_layout @@ -6006,7 +5761,6 @@ Mit folgendem Befehl können Sie einen Eintrag manuell hinzufügen: \end_layout \begin_layout Code - # ip -6 neigh add lladdr dev \end_layout @@ -6015,7 +5769,6 @@ Beispiel: \end_layout \begin_layout Code - # ip -6 neigh add fec0::1 lladdr 02:01:02:03:04:05 dev eth0 \end_layout @@ -6028,7 +5781,6 @@ Sie können einen Eintrag auch löschen: \end_layout \begin_layout Code - # ip -6 neigh del lladdr dev \end_layout @@ -6037,7 +5789,6 @@ Beispiel: \end_layout \begin_layout Code - # ip -6 neigh del fec0::1 lladdr 02:01:02:03:04:05 dev eth0 \end_layout @@ -6067,28 +5818,23 @@ help \end_layout \begin_layout Code - # ip -6 neigh help \end_layout \begin_layout Code - Usage: ip neigh { add | del | change | replace } { ADDR [ lladdr LLADDR ] \end_layout \begin_layout Code - [ nud { permanent | noarp | stale | reachable } ] \end_layout \begin_layout Code - | proxy ADDR } [ dev DEV ] \end_layout \begin_layout Code - ip neigh {show|flush} [ to PREFIX ] [ dev DEV ] [ nud STATE ] \end_layout @@ -6294,27 +6040,22 @@ target "http://www.faqs.org/rfcs/rfc3056.html" \end_layout \begin_layout Code - | 3+13 | 32 | 16 | 64 bits | \end_layout \begin_layout Code - +---+------+-----------+--------+--------------------------------+ \end_layout \begin_layout Code - | FP+TLA | V4ADDR | SLA ID | Interface ID | \end_layout \begin_layout Code - | 0x2002 | | | | \end_layout \begin_layout Code - +---+------+-----------+--------+--------------------------------+ \end_layout @@ -6546,7 +6287,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show [] \end_layout @@ -6555,17 +6295,14 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show \end_layout \begin_layout Code - sit0: ipv6/ip remote any local any ttl 64 nopmtudisc \end_layout \begin_layout Code - sit1: ipv6/ip remote 195.226.187.50 local any ttl 64 \end_layout @@ -6578,7 +6315,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/route -A inet6 \end_layout @@ -6588,7 +6324,6 @@ Beispiel (Ausgabe wurde derart gefiltert, dass nur Tunnels über das virtuelle \end_layout \begin_layout Code - # /sbin/route -A inet6 | grep " \backslash Wsit0 @@ -6597,27 +6332,22 @@ W*$" \end_layout \begin_layout Code - ::/96 :: U 256 2 0 sit0 \end_layout \begin_layout Code - 2002::/16 :: UA 256 0 0 sit0 \end_layout \begin_layout Code - 2000::/3 ::193.113.58.75 UG 1 0 0 sit0 \end_layout \begin_layout Code - fe80::/10 :: UA 256 0 0 sit0 \end_layout \begin_layout Code - ff00::/8 :: UA 256 0 0 sit0 \end_layout @@ -6695,12 +6425,10 @@ ert 0 ist): \end_layout \begin_layout Code - # /sbin/ip tunnel add mode sit ttl remote \end_layout \begin_layout Code - ¬ local \end_layout @@ -6709,22 +6437,18 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ip tunnel add sit1 mode sit ttl remote \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev sit1 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev sit1 metric 1 \end_layout @@ -6733,22 +6457,18 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ip tunnel add sit2 mode sit ttl \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev sit2 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev sit2 metric 1 \end_layout @@ -6757,22 +6477,18 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ip tunnel add sit3 mode sit ttl \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev sit3 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev sit3 metric 1 \end_layout @@ -6795,7 +6511,6 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 up \end_layout @@ -6804,17 +6519,14 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 tunnel \end_layout \begin_layout Code - # /sbin/ifconfig sit1 up \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit1 \end_layout @@ -6823,17 +6535,14 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 tunnel \end_layout \begin_layout Code - # /sbin/ifconfig sit2 up \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit2 \end_layout @@ -6842,17 +6551,14 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 tunnel \end_layout \begin_layout Code - # /sbin/ifconfig sit3 up \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit3 \end_layout @@ -6881,7 +6587,6 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 up \end_layout @@ -6890,32 +6595,26 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/route -A inet6 add gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 add gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 add gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout @@ -6945,7 +6644,6 @@ Entfernen eines Tunnel-Devices: \end_layout \begin_layout Code - # /sbin/ip tunnel del \end_layout @@ -6954,17 +6652,14 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev sit1 \end_layout \begin_layout Code - # /sbin/ip link set sit1 down \end_layout \begin_layout Code - # /sbin/ip tunnel del sit1 \end_layout @@ -6973,17 +6668,14 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev sit2 \end_layout \begin_layout Code - # /sbin/ip link set sit2 down \end_layout \begin_layout Code - # /sbin/ip tunnel del sit2 \end_layout @@ -6992,17 +6684,14 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev sit3 \end_layout \begin_layout Code - # /sbin/ip link set sit3 down \end_layout \begin_layout Code - # /sbin/ip tunnel del sit3 \end_layout @@ -7023,12 +6712,10 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/route -A inet6 del dev sit3 \end_layout \begin_layout Code - # /sbin/ifconfig sit3 down \end_layout @@ -7037,12 +6724,10 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/route -A inet6 del dev sit2 \end_layout \begin_layout Code - # /sbin/ifconfig sit2 down \end_layout @@ -7051,12 +6736,10 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit1 \end_layout \begin_layout Code - # /sbin/ifconfig sit1 down \end_layout @@ -7065,7 +6748,6 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 down \end_layout @@ -7087,32 +6769,26 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/route -A inet6 del gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 del gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 del gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout @@ -7121,7 +6797,6 @@ Anwendung (drei allgemeine Beispiele): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 down \end_layout @@ -7182,7 +6857,6 @@ Angenommen, Ihre IPv4 Adresse ist: \end_layout \begin_layout Code - 1.2.3.4 \end_layout @@ -7191,7 +6865,6 @@ Dann ist das daraus resultierende 6to4 Präfix: \end_layout \begin_layout Code - 2002:0102:0304:: \end_layout @@ -7210,7 +6883,6 @@ pe Suffix kann benutzt werden) das Suffix \end_layout \begin_layout Code - 2002:0102:0304::1 \end_layout @@ -7219,7 +6891,6 @@ Zum automatischen Erstellen der Adresse können Sie folgenden Befehl nutzen: \end_layout \begin_layout Code - ipv4="1.2.3.4"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "` \end_layout @@ -7241,12 +6912,10 @@ Erstellen eines neues Tunnel-Device: \end_layout \begin_layout Code - # /sbin/ip tunnel add tun6to4 mode sit ttl remote any local \end_layout \begin_layout Code - ¬ \end_layout @@ -7255,7 +6924,6 @@ Interface aktivieren: \end_layout \begin_layout Code - # /sbin/ip link set dev tun6to4 up \end_layout @@ -7265,7 +6933,6 @@ Eine lokale 6to4 Adresse am Interface hinzufügen (Hinweis: Präfix-Länge \end_layout \begin_layout Code - # /sbin/ip -6 addr add /16 dev tun6to4 \end_layout @@ -7275,7 +6942,6 @@ Hinzufügen der (Standard-) Route zum globalen IPv6 Netz unter Verwendung \end_layout \begin_layout Code - # /sbin/ip -6 route add default via ::192.88.99.1 dev tun6to4 metric 1 \end_layout @@ -7296,7 +6962,6 @@ ip \end_layout \begin_layout Code - # /sbin/ip -6 route add default via 2002:c058:6301::1 dev tun6to4 metric 1 \end_layout @@ -7316,7 +6981,6 @@ Das allgemeine Tunnel Interface sit0 aktivieren: \end_layout \begin_layout Code - # /sbin/ifconfig sit0 up \end_layout @@ -7325,7 +6989,6 @@ Dem Interface eine lokale 6to4 Adresse hinzufügen: \end_layout \begin_layout Code - # /sbin/ifconfig sit0 add /16 \end_layout @@ -7335,7 +6998,6 @@ Hinzufügen der (Standard-) Route zum globalen IPv6 Netz unter Verwendung \end_layout \begin_layout Code - # /sbin/route -A inet6 add default gw ::192.88.99.1 dev sit0 \end_layout @@ -7352,7 +7014,6 @@ Entfernen aller Routen über dieses bestimmten Tunnel Devices: \end_layout \begin_layout Code - # /sbin/ip -6 route flush dev tun6to4 \end_layout @@ -7361,7 +7022,6 @@ Interface deaktivieren: \end_layout \begin_layout Code - # /sbin/ip link set dev tun6to4 down \end_layout @@ -7370,7 +7030,6 @@ Ein erstelltes Tunnel Device entfernen: \end_layout \begin_layout Code - # /sbin/ip tunnel del tun6to4 \end_layout @@ -7384,7 +7043,6 @@ Entfernen der (Standard-) Route über ein 6to4 Tunnel Device: \end_layout \begin_layout Code - # /sbin/route -A inet6 del default gw ::192.88.99.1 dev sit0 \end_layout @@ -7393,7 +7051,6 @@ Eine 6to4 Adresse des Interfaces entfernen: \end_layout \begin_layout Code - # /sbin/ifconfig sit0 del /16 \end_layout @@ -7403,7 +7060,6 @@ Ein allgemeines Tunnel Device deaktivieren (aber Achtung, eventuell ist \end_layout \begin_layout Code - # /sbin/ifconfig sit0 down \end_layout @@ -7451,7 +7107,6 @@ Anwendung: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show [] \end_layout @@ -7462,18 +7117,15 @@ Beispiel: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show mode any \end_layout \begin_layout Code - ip6tnl0: ipv6/ipv6 remote :: local :: encaplimit 0 hoplimit 0 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000) \end_layout \begin_layout Code - ip6tnl1: ip/ipv6 remote fd00:0:0:2::a local fd00:0:0:2::1 dev eth1 encaplimit 4 hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000) \end_layout @@ -7499,7 +7151,6 @@ Anwendung für die Erzeugung einer 4over6 Tunnel-Schnittstelle (welche danach \end_layout \begin_layout Code - # /sbin/ip tunnel add mode ip4ip6 remote local \end_layout @@ -7511,18 +7162,15 @@ Anwendung (allgemeines Beispiel für drei Tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 tunnel add ip6tnl1 mode ip4ip6 remote local \end_layout \begin_layout Code - # /sbin/ip link set dev ip6tnl1 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev ip6tnl1 metric 1 \end_layout @@ -7531,18 +7179,15 @@ Anwendung (allgemeines Beispiel für drei Tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 tunnel add ip6tnl2 mode ip4ip6 remote local \end_layout \begin_layout Code - # /sbin/ip link set dev ip6tnl2 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev ip6tnl2 metric 1 \end_layout @@ -7551,18 +7196,15 @@ Anwendung (allgemeines Beispiel für drei Tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 tunnel add ip6tnl3 mode ip4ip6 remote local \end_layout \begin_layout Code - # /sbin/ip link set dev ip6tnl3 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev ip6tnl3 metric 1 \end_layout @@ -7579,7 +7221,6 @@ Anwendung für das Löschen einer Tunnel-Schnittstelle: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del \end_layout @@ -7590,17 +7231,14 @@ Anwendung (allgemeines Beispiel für drei Tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev ip6tnl1 \end_layout \begin_layout Code - # /sbin/ip link set ip6tnl1 down \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del ip6tnl1 \end_layout @@ -7609,17 +7247,14 @@ Anwendung (allgemeines Beispiel für drei Tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev ip6tnl2 \end_layout \begin_layout Code - # /sbin/ip link set ip6tnl2 down \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del ip6tnl2 \end_layout @@ -7628,17 +7263,14 @@ Anwendung (allgemeines Beispiel für drei Tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev ip6tnl3 \end_layout \begin_layout Code - # /sbin/ip link set ip6tnl3 down \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del ip6tnl3 \end_layout @@ -7718,7 +7350,6 @@ Das /proc-Dateisystem muss im Kernel aktiviert sein. \end_layout \begin_layout Code - CONFIG_PROC_FS=y \end_layout @@ -7728,12 +7359,10 @@ Das /proc-Dateisystem muss zuerst gemountet sein. \end_layout \begin_layout Code - # mount | grep "type proc" \end_layout \begin_layout Code - none on /proc type proc (rw) \end_layout @@ -7765,12 +7394,10 @@ cat \end_layout \begin_layout Code - # cat /proc/sys/net/ipv6/conf/all/forwarding \end_layout \begin_layout Code - 0 \end_layout @@ -7792,7 +7419,6 @@ echo \end_layout \begin_layout Code - # echo "1" >/proc/sys/net/ipv6/conf/all/forwarding \end_layout @@ -7841,7 +7467,6 @@ Das sysctl-Interface muss im Kernel aktiviert sein. \end_layout \begin_layout Code - CONFIG_SYSCTL=y \end_layout @@ -7854,12 +7479,10 @@ Der Wert eines Eintrags kann nun angezeigt werden: \end_layout \begin_layout Code - # sysctl net.ipv6.conf.all.forwarding \end_layout \begin_layout Code - net.ipv6.conf.all.forwarding = 0 \end_layout @@ -7873,12 +7496,10 @@ Ein neuer Wert kann wie folgt zugewiesen werden (wenn der Eintrag beschreibbar \end_layout \begin_layout Code - # sysctl -w net.ipv6.conf.all.forwarding=1 \end_layout \begin_layout Code - net.ipv6.conf.all.forwarding = 1 \end_layout @@ -7898,12 +7519,10 @@ Anmerkung: Verwenden Sie beim setzen eines Wertes keine Leerzeichen vor \end_layout \begin_layout Code - # sysctl -w net.ipv4.ip_local_port_range="32768 61000" \end_layout \begin_layout Code - net.ipv4.ip_local_port_range = 32768 61000 \end_layout @@ -8386,12 +8005,10 @@ target "http://www.zebra.org/" \end_layout \begin_layout Code - ZEBRA: netlink-listen error: No buffer space available, type=RTM_NEWROUTE(24), \end_layout \begin_layout Code - ¬ seq=426, pid=0 \end_layout @@ -8867,27 +8484,22 @@ net/ipv6/addrconf.c \end_layout \begin_layout Code - # cat /proc/net/if_inet6 \end_layout \begin_layout Code - 00000000000000000000000000000001 01 80 10 80 lo \end_layout \begin_layout Code - +------------------------------+ ++ ++ ++ ++ ++ \end_layout \begin_layout Code - | | | | | | \end_layout \begin_layout Code - 1 2 3 4 5 6 \end_layout @@ -8981,27 +8593,22 @@ net/ipv6/route.c \end_layout \begin_layout Code - # cat /proc/net/ipv6_route \end_layout \begin_layout Code - 00000000000000000000000000000000 00 00000000000000000000000000000000 00 \end_layout \begin_layout Code - +------------------------------+ ++ +------------------------------+ ++ \end_layout \begin_layout Code - | | | | \end_layout \begin_layout Code - 1 2 3 4 \end_layout @@ -9010,22 +8617,18 @@ net/ipv6/route.c \end_layout \begin_layout Code - ¬ 00000000000000000000000000000000 ffffffff 00000001 00000001 00200200 lo \end_layout \begin_layout Code - ¬ +------------------------------+ +------+ +------+ +------+ +------+ ++ \end_layout \begin_layout Code - ¬ | | | | | | \end_layout \begin_layout Code - ¬ 5 6 7 8 9 10 \end_layout @@ -9085,27 +8688,22 @@ Statistiken über verwendete IPv6 Sockets. \end_layout \begin_layout Code - # cat /proc/net/sockstat6 \end_layout \begin_layout Code - TCP6: inuse 7 \end_layout \begin_layout Code - UDP6: inuse 2 \end_layout \begin_layout Code - RAW6: inuse 1 \end_layout \begin_layout Code - FRAG6: inuse 0 memory 0 \end_layout @@ -9299,375 +8897,307 @@ Beispiel: \end_layout \begin_layout Code - # netstat -nlptu \end_layout \begin_layout Code - Active Internet connections (only servers) \end_layout \begin_layout Code - Proto Recv-Q Send-Q Local Address Foreign Address State \end_layout \begin_layout Code - ¬ PID/Program name \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1258/rpc.statd \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:32769 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1502/rpc.mountd \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 22433/lpd Waiting \end_layout \begin_layout Code - tcp 0 0 1.2.3.1:139 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1746/smbd \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1230/portmap \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 3551/X \end_layout \begin_layout Code - tcp 0 0 1.2.3.1:8081 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 18735/junkbuster \end_layout \begin_layout Code - tcp 0 0 1.2.3.1:3128 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 18822/(squid) \end_layout \begin_layout Code - tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - tcp 0 0 ::ffff:1.2.3.1:993 :::* LISTEN \end_layout \begin_layout Code - ¬ 6742/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 :::13 :::* LISTEN \end_layout \begin_layout Code - ¬ 6742/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 ::ffff:1.2.3.1:143 :::* LISTEN \end_layout \begin_layout Code - ¬ 6742/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 :::53 :::* LISTEN \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - tcp 0 0 :::22 :::* LISTEN \end_layout \begin_layout Code - ¬ 1410/sshd \end_layout \begin_layout Code - tcp 0 0 :::6010 :::* LISTEN \end_layout \begin_layout Code - ¬ 13237/sshd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32768 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1258/rpc.statd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:2049 0.0.0.0:* \end_layout \begin_layout Code - ¬ - \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32770 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1502/rpc.mountd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32771 0.0.0.0:* \end_layout \begin_layout Code - ¬ - \end_layout \begin_layout Code - udp 0 0 1.2.3.1:137 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:137 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 1.2.3.1:138 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:138 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:33044 0.0.0.0:* \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - udp 0 0 1.2.3.1:53 0.0.0.0:* \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - udp 0 0 127.0.0.1:53 0.0.0.0:* \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - udp 0 0 0.0.0.0:67 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1530/dhcpd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:67 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1530/dhcpd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32858 0.0.0.0:* \end_layout \begin_layout Code - ¬ 18822/(squid) \end_layout \begin_layout Code - udp 0 0 0.0.0.0:4827 0.0.0.0:* \end_layout \begin_layout Code - ¬ 18822/(squid) \end_layout \begin_layout Code - udp 0 0 0.0.0.0:111 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1230/portmap \end_layout \begin_layout Code - udp 0 0 :::53 :::* \end_layout \begin_layout Code - ¬ 30734/named \end_layout @@ -9700,32 +9230,26 @@ Router Advertisement \end_layout \begin_layout Code - 15:43:49.484751 fe80::212:34ff:fe12:3450 > ff02::1: icmp6: router \end_layout \begin_layout Code - ¬ advertisement(chlim=64, router_ltime=30, reachable_time=0, \end_layout \begin_layout Code - ¬ retrans_time=0)(prefix info: AR valid_ltime=30, preffered_ltime=20, \end_layout \begin_layout Code - ¬ prefix=2002:0102:0304:1::/64)(prefix info: LAR valid_ltime=2592000, \end_layout \begin_layout Code - ¬ preffered_ltime=604800, prefix=2001:0db8:0:1::/64)(src lladdr: \end_layout \begin_layout Code - ¬ 0:12:34:12:34:50) (len 88, hlim 255) \end_layout @@ -9778,12 +9302,10 @@ Router Anfrage \end_layout \begin_layout Code - 15:44:21.152646 fe80::212:34ff:fe12:3456 > ff02::2: icmp6: router solicitation \end_layout \begin_layout Code - ¬ (src lladdr: 0:12:34:12:34:56) (len 16, hlim 255) \end_layout @@ -9852,12 +9374,10 @@ fe80:212:34ff:fe12:3456 \end_layout \begin_layout Code - 15:44:17.712338 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has \end_layout \begin_layout Code - ¬ fe80::212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, hlim 255) \end_layout @@ -9875,18 +9395,15 @@ Der Knoten will seine globale Adresse \end_layout \begin_layout Code - 15:44:21.905596 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has \end_layout \begin_layout Code - ¬ 2002:0102:0304:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, \end_layout \begin_layout Code - ¬ hlim 255) \end_layout @@ -9904,18 +9421,15 @@ Der Knoten will seine globale Adresse \end_layout \begin_layout Code - 15:44:22.304028 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has \end_layout \begin_layout Code - ¬ 2001:0db8:0:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, hlim \end_layout \begin_layout Code - ¬ 255) \end_layout @@ -9937,18 +9451,15 @@ Der Knoten möchte Pakete an die Adresse \end_layout \begin_layout Code - 13:07:47.664538 2002:0102:0304:1:2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6: \end_layout \begin_layout Code - ¬ neighbor sol: who has 2001:0db8:0:1::10(src lladdr: 0:e0:18:90:92:5) (len 32, \end_layout \begin_layout Code - ¬ hlim 255) \end_layout @@ -9965,12 +9476,10 @@ fe80::10 \end_layout \begin_layout Code - 13:11:20.870070 fe80::2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6: neighbor \end_layout \begin_layout Code - ¬ sol: who has fe80::10(src lladdr: 0:e0:18:90:92:5) (len 32, hlim 255) \end_layout @@ -10098,7 +9607,6 @@ Sie können überprüfen, ob Ihre Distribution eine permanente IPv6 Konfiguratio \end_layout \begin_layout Code - /etc/sysconfig/network-scripts/network-functions-ipv6 \end_layout @@ -10107,13 +9615,11 @@ Automatischer Test: \end_layout \begin_layout Code - # test -f /etc/sysconfig/network-scripts/network-functions-ipv6 && echo "Main \end_layout \begin_layout Code - ¬ IPv6 script library exists" \end_layout @@ -10125,17 +9631,14 @@ Die Versionsnummer der Library ist von Interesse, wenn Sie Features vermissen \end_layout \begin_layout Code - # source /etc/sysconfig/network-scripts/network-functions-ipv6 && \end_layout \begin_layout Code - ¬ getversion_ipv6_functions \end_layout \begin_layout Code - 20011124 \end_layout @@ -10179,12 +9682,10 @@ Kurze Anleitung zum aktivieren von IPv6 bei RHL 7.1, 7.2, 7.3, ... \end_layout \begin_layout Code - # modprobe -c | grep net-pf-10 \end_layout \begin_layout Code - alias net-pf-10 off \end_layout @@ -10202,7 +9703,6 @@ twork \end_layout \begin_layout Code - NETWORKING_IPV6=yes \end_layout @@ -10212,7 +9712,6 @@ Rebooten bzw. \end_layout \begin_layout Code - # service network restart \end_layout @@ -10221,12 +9720,10 @@ Nun sollte das IPv6 Modul geladen sein \end_layout \begin_layout Code - # modprobe -c | grep ipv6 \end_layout \begin_layout Code - alias net-pf-10 ipv6 \end_layout @@ -10295,7 +9792,6 @@ Editiere Datei /etc/sysconfig/network/ifcfg- und setze folgende \end_layout \begin_layout Code - IP6ADDR="/" \end_layout @@ -10331,7 +9827,6 @@ Editiere Datei /etc/sysconfig/network/ifcfg- und setze folgende \end_layout \begin_layout Code - IPADDR="/" \end_layout @@ -10386,54 +9881,44 @@ Konfiguriere die Schnittstelle (hier im Beispiel: eth0). \end_layout \begin_layout Code - iface eth0 inet6 static \end_layout \begin_layout Code - pre-up modprobe ipv6 \end_layout \begin_layout Code - address 2001:0db8:1234:5::1:1 \end_layout \begin_layout Code - # To suppress completely autoconfiguration: \end_layout \begin_layout Code - # up echo 0 > /proc/sys/net/ipv6/conf/all/autoconf \end_layout \begin_layout Code - netmask 64 \end_layout \begin_layout Code - # The router is autoconfigured and has no fixed address. \end_layout \begin_layout Code - # It is magically \end_layout \begin_layout Code - # found. (/proc/sys/net/ipv6/conf/all/accept_ra). Otherwise: \end_layout \begin_layout Code - #gateway 2001:0db8:1234:5::1 \end_layout @@ -10444,7 +9929,6 @@ Danach rebooten oder folgendes Kommando ausführen \end_layout \begin_layout Code - # ifup --force eth0 \end_layout @@ -10521,22 +10005,18 @@ Beispiel: \end_layout \begin_layout Code - # ip -6 addr show dev eth0 scope link \end_layout \begin_layout Code - 2: eth0: mtu 1500 qlen1000 \end_layout \begin_layout Code - inet6 fe80::211:d8ff:fe6b:f0f5/64 scope link \end_layout \begin_layout Code - valid_lft forever preferred_lft forever \end_layout @@ -11112,7 +10592,6 @@ Wechseln Sie in das Source-Verzeichnis: \end_layout \begin_layout Code - # cd /path/to/src \end_layout @@ -11121,12 +10600,10 @@ Entpacken sie die Kernel-Quellen und vergeben diesen einen neuen Namen \end_layout \begin_layout Code - # tar z|jxf kernel-version.tar.gz|bz2 \end_layout \begin_layout Code - # mv linux linux-version-iptables-version+IPv6 \end_layout @@ -11135,7 +10612,6 @@ Entpacken Sie die iptables Quellen \end_layout \begin_layout Code - # tar z|jxf iptables-version.tar.gz|bz2 \end_layout @@ -11148,7 +10624,6 @@ Wechseln Sie in das iptables Verzeichnis \end_layout \begin_layout Code - # cd iptables-version \end_layout @@ -11157,7 +10632,6 @@ Fügen Sie relevante Patches hinzu \end_layout \begin_layout Code - # make pending-patches KERNEL_DIR=/path/to/src/linux-version-iptables-version/ \end_layout @@ -11168,7 +10642,6 @@ Fügen Sie zusätzliche IPv6 relevante IPv6 Patches hinzu (die nach wie vor \end_layout \begin_layout Code - # make patch-o-matic KERNEL_DIR=/path/to/src/linux-version-iptables-version/ \end_layout @@ -11207,12 +10680,10 @@ REJECT.patch.ipv6 \end_layout \begin_layout Code - # make print-extensions \end_layout \begin_layout Code - Extensions found: IPv6:owner IPv6:limit IPv6:mac IPv6:multiport \end_layout @@ -11225,7 +10696,6 @@ Wechseln Sie zu den Kernel-Quellen \end_layout \begin_layout Code - # cd /path/to/src/linux-version-iptables-version/ \end_layout @@ -11234,12 +10704,10 @@ Editieren Sie das Makefile \end_layout \begin_layout Code - - EXTRAVERSION = \end_layout \begin_layout Code - + EXTRAVERSION = -iptables-version+IPv6-try \end_layout @@ -11248,99 +10716,80 @@ Starten Sie configure und aktivieren Sie IPv6 relevante Optionen \end_layout \begin_layout Code - Code maturity level options \end_layout \begin_layout Code - Prompt for development and/or incomplete code/drivers : yes \end_layout \begin_layout Code - Networking options \end_layout \begin_layout Code - Network packet filtering: yes \end_layout \begin_layout Code - The IPv6 protocol: module \end_layout \begin_layout Code - IPv6: Netfilter Configuration \end_layout \begin_layout Code - IP6 tables support: module \end_layout \begin_layout Code - All new options like following: \end_layout \begin_layout Code - limit match support: module \end_layout \begin_layout Code - MAC address match support: module \end_layout \begin_layout Code - Multiple port match support: module \end_layout \begin_layout Code - Owner match support: module \end_layout \begin_layout Code - netfilter MARK match support: module \end_layout \begin_layout Code - Aggregated address check: module \end_layout \begin_layout Code - Packet filtering: module \end_layout \begin_layout Code - REJECT target support: module \end_layout \begin_layout Code - LOG target support: module \end_layout \begin_layout Code - Packet mangling: module \end_layout \begin_layout Code - MARK target support: module \end_layout @@ -11366,7 +10815,6 @@ Benennen sie das ältere Verzeichnis um \end_layout \begin_layout Code - # mv /usr/src/linux /usr/src/linux.old \end_layout @@ -11375,7 +10823,6 @@ Erstellen Sie einen neuen symbolischen Link \end_layout \begin_layout Code - # ln -s /path/to/src/linux-version-iptables-version /usr/src/linux \end_layout @@ -11384,7 +10831,6 @@ Erstellen Sie ein neues SRPMS \end_layout \begin_layout Code - # rpm --rebuild /path/to/SRPMS/iptables-version-release.src.rpm \end_layout @@ -11406,7 +10852,6 @@ Freshen \end_layout \begin_layout Code - # rpm -Fhv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm \end_layout @@ -11423,7 +10868,6 @@ install \end_layout \begin_layout Code - # rpm -ihv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm \end_layout @@ -11442,7 +10886,6 @@ nodeps \end_layout \begin_layout Code - # rpm -ihv --nodeps /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm \end_layout @@ -11452,7 +10895,6 @@ Damit iptables die Libraries finden kann, ist es eventuell notwendig, einen \end_layout \begin_layout Code - # ln -s /lib/iptables/ /usr/lib/iptables \end_layout @@ -11469,7 +10911,6 @@ Laden Sie das Modul (falls dies im Kernel so kompiliert wurde): \end_layout \begin_layout Code - # modprobe ip6_tables \end_layout @@ -11478,12 +10919,10 @@ Laden Sie das Modul (falls dies im Kernel so kompiliert wurde): \end_layout \begin_layout Code - # [ ! -f /proc/net/ip6_tables_names ] && echo "Current kernel doesn't support \end_layout \begin_layout Code - ¬ 'ip6tables' firewalling (IPv6)!" \end_layout @@ -11500,7 +10939,6 @@ Kurze Auflistung: \end_layout \begin_layout Code - # ip6tables -L \end_layout @@ -11509,7 +10947,6 @@ Erweiterte Auflistung: \end_layout \begin_layout Code - # ip6tables -n -v --line-numbers -L \end_layout @@ -11518,7 +10955,6 @@ Auflistung angegebener Filter \end_layout \begin_layout Code - # ip6tables -n -v --line-numbers -L INPUT \end_layout @@ -11527,12 +10963,10 @@ Hinzufügen einer Log-Regel zum Input-Filter mit Optionen \end_layout \begin_layout Code - # ip6tables --table filter --append INPUT -j LOG --log-prefix "INPUT:" \end_layout \begin_layout Code - ¬ --log-level 7 \end_layout @@ -11541,7 +10975,6 @@ Hinzufügen einer Drop-Regel zum Input-Filter \end_layout \begin_layout Code - # ip6tables --table filter --append INPUT -j DROP \end_layout @@ -11550,7 +10983,6 @@ Löschen einer Regel mit Hilfe der Regelnummer \end_layout \begin_layout Code - # ip6tables --table filter --delete INPUT 1 \end_layout @@ -11569,7 +11001,6 @@ Seit Kernel-Version 2.6.20 ist die Auswertung des IPv6-Verbindungsstatus gut \end_layout \begin_layout Code - # ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT \end_layout @@ -11587,7 +11018,6 @@ Eingehender ICMPv6 Verkehr durch Tunnel erlauben \end_layout \begin_layout Code - # ip6tables -A INPUT -i sit+ -p icmpv6 -j ACCEPT \end_layout @@ -11596,7 +11026,6 @@ Ausgehenden ICMPv6 Verkehr durch Tunnel erlauben \end_layout \begin_layout Code - # ip6tables -A OUTPUT -o sit+ -p icmpv6 -j ACCEPT \end_layout @@ -11605,7 +11034,6 @@ Neuere Kernel erlauben das Spezifizieren des ICMPv6-Typs: \end_layout \begin_layout Code - # ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT \end_layout @@ -11624,12 +11052,10 @@ n Patitionen entgegenzuwirken. \end_layout \begin_layout Code - # ip6tables -A INPUT --protocol icmpv6 --icmpv6-type echo-request \end_layout \begin_layout Code - ¬ -j ACCEPT --match limit --limit 30/minute \end_layout @@ -11648,12 +11074,10 @@ Eingehende SSH Verbindungen werden von der Adresse 2001:0db8:100::1/128 \end_layout \begin_layout Code - # ip6tables -A INPUT -i sit+ -p tcp -s 2001:0db8:100::1/128 --sport 512:65535 \end_layout \begin_layout Code - ¬ --dport 22 -j ACCEPT \end_layout @@ -11668,12 +11092,10 @@ nicht mehr notwendig, wenn der IPv6-Verbindungsstatus ausgewertet wird! \end_layout \begin_layout Code - # ip6tables -A OUTPUT -o sit+ -p tcp -d 2001:0db8:100::1/128 --dport 512:65535 \end_layout \begin_layout Code - ¬ --sport 22 ! --syn -j ACCEPT \end_layout @@ -11691,7 +11113,6 @@ Akzeptiere eingehende IPv6-in-IPv4 Daten am interface ppp0 \end_layout \begin_layout Code - # iptables -A INPUT -i ppp0 -p ipv6 -j ACCEPT \end_layout @@ -11700,7 +11121,6 @@ Akzeptiere ausgehende IPv6-in-IPv4 Daten am interface ppp0 \end_layout \begin_layout Code - # iptables -A OUTPUT -o ppp0 -p ipv6 -j ACCEPT \end_layout @@ -11715,7 +11135,6 @@ Akzeptiere eingehende IPv6-in-IPv4 Daten vom Tunnel-Endpunkt 192.0.2.2 am interf \end_layout \begin_layout Code - # iptables -A INPUT -i ppp0 -p ipv6 -s 192.0.2.2 -j ACCEPT \end_layout @@ -11725,7 +11144,6 @@ Akzeptiere ausgehende IPv6-in-IPv4 Daten vom Tunnel-Endpunkt 192.0.2.2 am interf \end_layout \begin_layout Code - # iptables -A OUTPUT -o ppp0 -p ipv6 -d 192.0.2.2 -j ACCEPT \end_layout @@ -11749,7 +11167,6 @@ Blockiere eingehende TCP-Verbindungs-Anfragen zu diesem Host \end_layout \begin_layout Code - # ip6tables -I INPUT -i sit+ -p tcp --syn -j DROP \end_layout @@ -11758,7 +11175,6 @@ Blockiere eingehende TCP-Verbindungs-Anfragen zu Hosts hinter diesem Router \end_layout \begin_layout Code - # ip6tables -I FORWARD -i sit+ -p tcp --syn -j DROP \end_layout @@ -11791,7 +11207,6 @@ Blockiere eingehende UDP-Pakete, die nicht Antworten ausgehender Anfragen \end_layout \begin_layout Code - # ip6tables -I INPUT -i sit+ -p udp ! --dport 32768:60999 -j DROP \end_layout @@ -11801,7 +11216,6 @@ Blockiere eingehende UDP-Pakete, die nicht Antworten auf Anfragen von hinter \end_layout \begin_layout Code - # ip6tables -I FORWARD -i sit+ -p udp ! --dport 32768:60999 -j DROP \end_layout @@ -11830,7 +11244,6 @@ system-config-firewall \end_layout \begin_layout Code - Datei: /etc/sysconfig/ip6tables \end_layout @@ -11839,87 +11252,70 @@ Datei: /etc/sysconfig/ip6tables \end_layout \begin_layout Code - *filter :INPUT ACCEPT [0:0] \end_layout \begin_layout Code - :FORWARD ACCEPT [0:0] \end_layout \begin_layout Code - :OUTPUT ACCEPT [0:0] \end_layout \begin_layout Code - :RH-Firewall-1-INPUT - [0:0] \end_layout \begin_layout Code - -A INPUT -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A FORWARD -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -i lo -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p icmpv6 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 50 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 51 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp --dport 5353 -d ff02::fb -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp6-adm-prohibited \end_layout \begin_layout Code - COMMIT \end_layout @@ -11931,7 +11327,6 @@ Zwecks der Vollständigkeit ist hier auch die entsprechende Konfiguration \end_layout \begin_layout Code - Datei: /etc/sysconfig/iptables \end_layout @@ -11940,88 +11335,71 @@ Datei: /etc/sysconfig/iptables \end_layout \begin_layout Code - *filter :INPUT ACCEPT [0:0] \end_layout \begin_layout Code - :FORWARD ACCEPT [0:0] \end_layout \begin_layout Code - :OUTPUT ACCEPT [0:0] \end_layout \begin_layout Code - :RH-Firewall-1-INPUT - [0:0] \end_layout \begin_layout Code - -A INPUT -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A FORWARD -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -i lo -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 50 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 51 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited \end_layout \begin_layout Code - COMMIT \end_layout @@ -12044,12 +11422,10 @@ Aktivieren von IPv4 & IPv6 Firewalling \end_layout \begin_layout Code - # service iptables start \end_layout \begin_layout Code - # service ip6tables start \end_layout @@ -12060,12 +11436,10 @@ Aktivieren des automatischen Starts nach dem Reboot \end_layout \begin_layout Code - # chkconfig iptables on \end_layout \begin_layout Code - # chkconfig ip6tables on \end_layout @@ -12079,578 +11453,472 @@ Folgende Zeilen zeigen ein umfangreicheres Setup. \end_layout \begin_layout Code - # ip6tables -n -v -L \end_layout \begin_layout Code - Chain INPUT (policy DROP 0 packets, 0 bytes) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - 0 0 extIN all sit+ * ::/0 ::/0 \end_layout \begin_layout Code - 4 384 intIN all eth0 * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::1/128 ::1/128 \end_layout \begin_layout Code - 0 0 ACCEPT all lo * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `INPUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain FORWARD (policy DROP 0 packets, 0 bytes) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 int2ext all eth0 sit+ ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ext2int all sit+ eth0 ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `FORWARD-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain OUTPUT (policy DROP 0 packets, 0 bytes) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 extOUT all * sit+ ::/0 ::/0 \end_layout \begin_layout Code - 4 384 intOUT all * eth0 ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::1/128 ::1/128 \end_layout \begin_layout Code - 0 0 ACCEPT all * lo ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `OUTPUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain ext2int (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `ext2int-default:' \end_layout \begin_layout Code - 0 0 DROP tcp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP udp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain extIN (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * 3ffe:400:100::1/128 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:512:65535 dpt:22 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * 3ffe:400:100::2/128 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:512:65535 dpt:22 \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 ACCEPT udp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ udp spts:1:65535 dpts:1024:65535 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ limit: avg 5/min burst 5 LOG flags 0 level 7 prefix `extIN-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain extOUT (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 \end_layout \begin_layout Code - ¬ 2001:0db8:100::1/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 \end_layout \begin_layout Code - ¬ 2001:0db8:100::2/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1024:65535 dpts:1:65535 \end_layout \begin_layout Code - 0 0 ACCEPT udp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ udp spts:1024:65535 dpts:1:65535 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `extOUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain int2ext (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1024:65535 dpts:1:65535 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `int2ext:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `int2ext-default:' \end_layout \begin_layout Code - 0 0 DROP tcp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP udp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain intIN (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::/0 \end_layout \begin_layout Code - ¬ fe80::/ffc0:: \end_layout \begin_layout Code - 4 384 ACCEPT all * * ::/0 ff02::/16 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain intOUT (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::/0 \end_layout \begin_layout Code - ¬ fe80::/ffc0:: \end_layout \begin_layout Code - 4 384 ACCEPT all * * ::/0 ff02::/16 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `intOUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout @@ -12688,7 +11956,6 @@ Wie bei IPv4 können Systeme hinter einem Router versteckt werden mit Hilfe \end_layout \begin_layout Code - # ip6tables -t nat -A POSTROUTING -o sixxs -s fec0::/64 -j MASQUERADE \end_layout @@ -12706,7 +11973,6 @@ Eine dedizierte öffentliche IPv6-Adresse kann zu einer internen IPv6-Adresse \end_layout \begin_layout Code - # ip6tables -t nat -A PREROUTING -d 2001:db8:0:1:5054:ff:fe01:2345 -i sixxs -j DNAT --to-destination fec0::5054:ff:fe01:2345 \end_layout @@ -12725,7 +11991,6 @@ Ein dedizierter Port kann zu einem internen System weitergeleitet werden, \end_layout \begin_layout Code - # ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-desti nation [fec0::1234]:80 \end_layout @@ -12779,22 +12044,18 @@ Laden der Kernel-Module \end_layout \begin_layout Code - # modprobe nf_tables \end_layout \begin_layout Code - # modprobe nf_tables_ipv4 \end_layout \begin_layout Code - # modprobe nf_tables_ipv6 \end_layout \begin_layout Code - # modprobe nf_tables_inet \end_layout @@ -12805,17 +12066,14 @@ Erzeugen der Filter-Tabellen \end_layout \begin_layout Code - # nft add table ip filter \end_layout \begin_layout Code - # nft add table ip6 filter \end_layout \begin_layout Code - # nft add table inet filter \end_layout @@ -12826,21 +12084,18 @@ Erzeugen einer input chain in jeder Filter-Tabelle \end_layout \begin_layout Code - # nft add chain ip filter input { type filter hook input priority 1 \backslash ; } \end_layout \begin_layout Code - # nft add chain ip6 filter input { type filter hook input priority 1 \backslash ; } \end_layout \begin_layout Code - # nft add chain inet filter input { type filter hook input priority 0 \backslash ; } @@ -12866,7 +12121,6 @@ Tabelle gehören \end_layout \begin_layout Code - # nft add rule inet filter input ct state established,related counter accept \end_layout @@ -12878,13 +12132,11 @@ Erlauben von IPv4 und IPv6 ICMP echo-request (aka ping) \end_layout \begin_layout Code - # nft add rule ip filter input icmp type { echo-request } counter accept \end_layout \begin_layout Code - # nft add rule ip6 filter input icmpv6 type echo-request counter accept \end_layout @@ -12897,32 +12149,26 @@ Erlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit- \end_layout \begin_layout Code - # nft add rule ip6 filter input icmpv6 type \end_layout \begin_layout Code - ¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } \end_layout \begin_layout Code - ¬ ip6 hoplimit 1 accept \end_layout \begin_layout Code - # nft add rule ip6 filter input icmpv6 type \end_layout \begin_layout Code - ¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } \end_layout \begin_layout Code - ¬ ip6 hoplimit 255 accept \end_layout @@ -12942,7 +12188,6 @@ inet \end_layout \begin_layout Code - # nft add rule inet filter input tcp dport 22 ct state new tcp flags \backslash & @@ -12967,37 +12212,30 @@ Tabelle für IPv4 Filter \end_layout \begin_layout Code - # nft list table ip filter \end_layout \begin_layout Code - table ip filter { \end_layout \begin_layout Code - chain input { \end_layout \begin_layout Code - type filter hook input priority 1; \end_layout \begin_layout Code - icmp type { echo-request} counter packets 0 bytes 0 accept \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -13008,57 +12246,46 @@ Tabelle für IPv6 Filter \end_layout \begin_layout Code - # nft list table ip6 filter \end_layout \begin_layout Code - table ip6 filter { \end_layout \begin_layout Code - chain input { \end_layout \begin_layout Code - type filter hook input priority 1; \end_layout \begin_layout Code - icmpv6 type echo-request counter packets 0 bytes 0 accept \end_layout \begin_layout Code - ip6 hoplimit 1 icmpv6 type \end_layout \begin_layout Code - -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept \end_layout \begin_layout Code - ip6 hoplimit 255 icmpv6 type \end_layout \begin_layout Code - -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -13069,43 +12296,35 @@ Tabelle für IP unabhängigen Filter \end_layout \begin_layout Code - # nft list table inet filter \end_layout \begin_layout Code - table inet filter { \end_layout \begin_layout Code - chain input { \end_layout \begin_layout Code - type filter hook input priority 0; \end_layout \begin_layout Code - ct state established,related counter packets 44 bytes 2288 accept \end_layout \begin_layout Code - tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets 0 bytes 0 accept \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -13217,12 +12436,10 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se \end_layout \begin_layout Code - # nc6 ::1 daytime \end_layout \begin_layout Code - 13 JUL 2002 11:22:22 CEST \end_layout @@ -13244,53 +12461,43 @@ target "http://www.insecure.org/nmap/" \end_layout \begin_layout Code - # nmap -6 -sT ::1 \end_layout \begin_layout Code - Starting nmap V. 3.10ALPHA3 ( www.insecure.org/nmap/ ) \end_layout \begin_layout Code - Interesting ports on localhost6 (::1): \end_layout \begin_layout Code - (The 1600 ports scanned but not shown below are in state: closed) \end_layout \begin_layout Code - Port State Service \end_layout \begin_layout Code - 22/tcp open ssh \end_layout \begin_layout Code - 53/tcp open domain \end_layout \begin_layout Code - 515/tcp open printer \end_layout \begin_layout Code - 2401/tcp open cvspserver \end_layout \begin_layout Code - Nmap run completed -- 1 IP address (1 host up) scanned in 0.525 seconds \end_layout @@ -13313,32 +12520,26 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se \end_layout \begin_layout Code - # ./strobe ::1 strobe 1.05 (c) 1995-1999 Julian Assange . \end_layout \begin_layout Code - ::1 2401 unassigned unknown \end_layout \begin_layout Code - ::1 22 ssh Secure Shell - RSA encrypted rsh \end_layout \begin_layout Code - ::1 515 printer spooler (lpd) \end_layout \begin_layout Code - ::1 6010 unassigned unknown \end_layout \begin_layout Code - ::1 53 domain Domain Name Server \end_layout @@ -13709,27 +12910,22 @@ Beispiel für eine Ende-zu-Ende verschlüsselte Verbindung im Transport-Modus \end_layout \begin_layout Code - #!/sbin/setkey -f \end_layout \begin_layout Code - flush; \end_layout \begin_layout Code - spdflush; \end_layout \begin_layout Code - spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec esp/transport//require; \end_layout \begin_layout Code - spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec esp/transport//require; \end_layout @@ -13744,37 +12940,30 @@ Beispiel für eine Ende-zu-Ende verschlüsselte Verbindung im Tunnel-Modus \end_layout \begin_layout Code - #!/sbin/setkey -f \end_layout \begin_layout Code - flush; \end_layout \begin_layout Code - spdflush; \end_layout \begin_layout Code - spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec \end_layout \begin_layout Code - ¬ esp/tunnel/2001:db8:1:1::1-2001:db8:2:2::2/require; \end_layout \begin_layout Code - spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec \end_layout \begin_layout Code - ¬ esp/tunnel/2001:db8:2:2::2-2001:db8:1:1::1/require; \end_layout @@ -13844,22 +13033,18 @@ Datei: /etc/racoon/racoon.conf \end_layout \begin_layout Code - # Racoon IKE daemon configuration file. \end_layout \begin_layout Code - # See 'man racoon.conf' for a description of the format and entries. \end_layout \begin_layout Code - path include "/etc/racoon"; \end_layout \begin_layout Code - path pre_shared_key "/etc/racoon/psk.txt"; \end_layout @@ -13868,22 +13053,18 @@ path pre_shared_key "/etc/racoon/psk.txt"; \end_layout \begin_layout Code - listen \end_layout \begin_layout Code - { \end_layout \begin_layout Code - isakmp 2001:db8:1:1::1; \end_layout \begin_layout Code - } \end_layout @@ -13892,62 +13073,50 @@ listen \end_layout \begin_layout Code - remote 2001:db8:2:2::2 \end_layout \begin_layout Code - { \end_layout \begin_layout Code - exchange_mode main; \end_layout \begin_layout Code - lifetime time 24 hour; \end_layout \begin_layout Code - proposal \end_layout \begin_layout Code - { \end_layout \begin_layout Code - encryption_algorithm 3des; \end_layout \begin_layout Code - hash_algorithm md5; \end_layout \begin_layout Code - authentication_method pre_shared_key; \end_layout \begin_layout Code - dh_group 2; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -13956,42 +13125,34 @@ remote 2001:db8:2:2::2 \end_layout \begin_layout Code - # gateway-to-gateway \end_layout \begin_layout Code - sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any \end_layout \begin_layout Code - { \end_layout \begin_layout Code - lifetime time 1 hour; \end_layout \begin_layout Code - encryption_algorithm 3des; \end_layout \begin_layout Code - authentication_algorithm hmac_md5; \end_layout \begin_layout Code - compression_algorithm deflate; \end_layout \begin_layout Code - } \end_layout @@ -14000,37 +13161,30 @@ sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any \end_layout \begin_layout Code - sainfo address 2001:db8:2:2::2 any address 2001:db8:1:1::1 any \end_layout \begin_layout Code - { \end_layout \begin_layout Code - lifetime time 1 hour; \end_layout \begin_layout Code - encryption_algorithm 3des; \end_layout \begin_layout Code - authentication_algorithm hmac_md5; \end_layout \begin_layout Code - compression_algorithm deflate; \end_layout \begin_layout Code - } \end_layout @@ -14047,12 +13201,10 @@ Datei: /etc/racoon/psk.txt \end_layout \begin_layout Code - # file for pre-shared keys used for IKE authentication \end_layout \begin_layout Code - # format is: 'identifier' 'key' \end_layout @@ -14061,7 +13213,6 @@ Datei: /etc/racoon/psk.txt \end_layout \begin_layout Code - 2001:db8:2:2::2 verysecret \end_layout @@ -14089,100 +13240,81 @@ Zum Schluss muss der Daemon gestartet werden. \end_layout \begin_layout Code - # racoon -F -v -f /etc/racoon/racoon.conf \end_layout \begin_layout Code - Foreground mode. \end_layout \begin_layout Code - 2005-01-01 20:30:15: INFO: @(#)ipsec-tools 0.3.3 (http://ipsec-tools.sourceforge.net ) \end_layout \begin_layout Code - 2005-01-01 20:30:15: INFO: @(#)This product linked \end_layout \begin_layout Code - ¬ OpenSSL 0.9.7a Feb 19 2003 (http://www.openssl.org/) \end_layout \begin_layout Code - 2005-01-01 20:30:15: INFO: 2001:db8:1:1::1[500] used as isakmp port (fd=7) \end_layout \begin_layout Code - 2005-01-01 20:31:06: INFO: IPsec-SA request for 2001:db8:2:2::2 \end_layout \begin_layout Code - ¬ queued due to no phase1 found. \end_layout \begin_layout Code - 2005-01-01 20:31:06: INFO: initiate new phase 1 negotiation: \end_layout \begin_layout Code - ¬ 2001:db8:1:1::1[500]<=>2001:db8:2:2::2[500] \end_layout \begin_layout Code - 2005-01-01 20:31:06: INFO: begin Identity Protection mode. \end_layout \begin_layout Code - 2005-01-01 20:31:09: INFO: ISAKMP-SA established \end_layout \begin_layout Code - ¬ 2001:db8:1:1::1[500]-2001:db8:2:2::2[500] spi:da3d3693289c9698:ac039a402b2db40 1 \end_layout \begin_layout Code - 2005-01-01 20:31:09: INFO: initiate new phase 2 negotiation: \end_layout \begin_layout Code - ¬ 2001:6f8:900:94::2[0]<=>2001:db8:2:2::2[0] \end_layout \begin_layout Code - 2005-01-01 20:31:10: INFO: IPsec-SA established: \end_layout \begin_layout Code - ¬ ESP/Tunnel 2001:db8:2:2::2->2001:db8:1:1::1 spi=253935531(0xf22bfab) \end_layout \begin_layout Code - 2005-01-01 20:31:10: INFO: IPsec-SA established: \end_layout \begin_layout Code - ¬ ESP/Tunnel 2001:db8:1:1::1->2001:db8:2:2::2 spi=175002564(0xa6e53c4) \end_layout @@ -14203,12 +13335,10 @@ tcpdump \end_layout \begin_layout Code - 20:35:55.305707 2001:db8:1:1::1 > 2001:db8:2:2::2: ESP(spi=0x0a6e53c4,seq=0x3) \end_layout \begin_layout Code - 20:35:55.537522 2001:db8:2:2::2 > 2001:db8:1:1::1: ESP(spi=0x0f22bfab,seq=0x3) \end_layout @@ -14233,117 +13363,94 @@ setkey \end_layout \begin_layout Code - # setkey -D \end_layout \begin_layout Code - 2001:db8:1:1::1 2001:db8:2:2::2 \end_layout \begin_layout Code - esp mode=tunnel spi=175002564(0x0a6e53c4) reqid=0(0x00000000) \end_layout \begin_layout Code - E: 3des-cbc bd26bc45 aea0d249 ef9c6b89 7056080f 5d9fa49c 924e2edd \end_layout \begin_layout Code - A: hmac-md5 60c2c505 517dd8b7 c9609128 a5efc2db \end_layout \begin_layout Code - seq=0x00000000 replay=4 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005 \end_layout \begin_layout Code - diff: 577(s) hard: 3600(s) soft: 2880(s) \end_layout \begin_layout Code - last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 540(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 3 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=1 pid=22358 refcnt=0 \end_layout \begin_layout Code - 2001:db8:2:2::2 2001:db8:1:1::1 \end_layout \begin_layout Code - esp mode=tunnel spi=253935531(0x0f22bfab) reqid=0(0x00000000) \end_layout \begin_layout Code - E: 3des-cbc c1ddba65 83debd62 3f6683c1 20e747ac 933d203f 4777a7ce \end_layout \begin_layout Code - A: hmac-md5 3f957db9 9adddc8c 44e5739d 3f53ca0e \end_layout \begin_layout Code - seq=0x00000000 replay=4 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005 \end_layout \begin_layout Code - diff: 577(s) hard: 3600(s) soft: 2880(s) \end_layout \begin_layout Code - last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 312(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 3 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=0 pid=22358 refcnt=0 \end_layout @@ -14448,22 +13555,18 @@ Datei: /etc/ipsec.conf \end_layout \begin_layout Code - # /etc/ipsec.conf - Openswan IPsec configuration file \end_layout \begin_layout Code - # \end_layout \begin_layout Code - # Manual: ipsec.conf.5 \end_layout \begin_layout Code - version 2.0 # conforms to second version of ipsec.conf specification \end_layout @@ -14472,27 +13575,22 @@ version 2.0 # conforms to second version of ipsec.conf specification \end_layout \begin_layout Code - # basic configuration \end_layout \begin_layout Code - config setup \end_layout \begin_layout Code - # Debug-logging controls: "none" for (almost) none, "all" for lots. \end_layout \begin_layout Code - # klipsdebug=none \end_layout \begin_layout Code - # plutodebug="control parsing" \end_layout @@ -14501,12 +13599,10 @@ config setup \end_layout \begin_layout Code - #Disable Opportunistic Encryption \end_layout \begin_layout Code - include /etc/ipsec.d/examples/no_oe.conf \end_layout @@ -14515,68 +13611,55 @@ include /etc/ipsec.d/examples/no_oe.conf \end_layout \begin_layout Code - conn ipv6-p1-p2 \end_layout \begin_layout Code - connaddrfamily=ipv6 # Important for IPv6, but no longer needed since StrongSwan 4 \end_layout \begin_layout Code - left=2001:db8:1:1::1 \end_layout \begin_layout Code - right=2001:db8:2:2::2 \end_layout \begin_layout Code - authby=secret \end_layout \begin_layout Code - esp=aes128-sha1 \end_layout \begin_layout Code - ike=aes128-sha-modp1024 \end_layout \begin_layout Code - type=transport \end_layout \begin_layout Code - #type=tunnel \end_layout \begin_layout Code - compress=no \end_layout \begin_layout Code - #compress=yes \end_layout \begin_layout Code - auto=add \end_layout \begin_layout Code - #auto=up \end_layout @@ -14597,7 +13680,6 @@ Datei: /etc/ipsec.secrets \end_layout \begin_layout Code - 2001:db8:1:1::1 2001:db8:2:2::2 : PSK "verysecret" \end_layout @@ -14624,7 +13706,6 @@ Wenn die Installation von Openswan erfolgreich war, sollte ein initscript \end_layout \begin_layout Code - # /etc/rc.d/init.d/ipsec start \end_layout @@ -14644,42 +13725,34 @@ IPsec SA established \end_layout \begin_layout Code - # ipsec auto --up ipv6-peer1-peer2 \end_layout \begin_layout Code - 104 "ipv6-p1-p2" #1: STATE_MAIN_I1: initiate \end_layout \begin_layout Code - 106 "ipv6-p1-p2" #1: STATE_MAIN_I2: sent MI2, expecting MR2 \end_layout \begin_layout Code - 108 "ipv6-p1-p2" #1: STATE_MAIN_I3: sent MI3, expecting MR3 \end_layout \begin_layout Code - 004 "ipv6-p1-p2" #1: STATE_MAIN_I4: ISAKMP SA established \end_layout \begin_layout Code - 112 "ipv6-p1-p2" #2: STATE_QUICK_I1: initiate \end_layout \begin_layout Code - 004 "ipv6-p1-p2" #2: STATE_QUICK_I2: sent QI2, \end_layout \begin_layout Code - ¬ IPsec SA established {ESP=>0xa98b7710 <0xa51e1f22} \end_layout @@ -14699,117 +13772,94 @@ setkey \end_layout \begin_layout Code - # setkey -D \end_layout \begin_layout Code - 2001:db8:1:1::1 2001:db8:2:2::2 \end_layout \begin_layout Code - esp mode=transport spi=2844489488(0xa98b7710) reqid=16385(0x00004001) \end_layout \begin_layout Code - E: aes-cbc 082ee274 2744bae5 7451da37 1162b483 \end_layout \begin_layout Code - A: hmac-sha1 b7803753 757417da 477b1c1a 64070455 ab79082c \end_layout \begin_layout Code - seq=0x00000000 replay=64 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 21:16:32 2005 current: Jan 1 21:22:20 2005 \end_layout \begin_layout Code - diff: 348(s) hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - last: hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 0(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 0 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=1 pid=23825 refcnt=0 \end_layout \begin_layout Code - 2001:db8:2:2::2 2001:db8:1:1::1 \end_layout \begin_layout Code - esp mode=transport spi=2770214690(0xa51e1f22) reqid=16385(0x00004001) \end_layout \begin_layout Code - E: aes-cbc 6f59cc30 8d856056 65e07b76 552cac18 \end_layout \begin_layout Code - A: hmac-sha1 c7c7d82b abfca8b1 5440021f e0c3b335 975b508b \end_layout \begin_layout Code - seq=0x00000000 replay=64 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 21:16:31 2005 current: Jan 1 21:22:20 2005 \end_layout \begin_layout Code - diff: 349(s) hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - last: hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 0(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 0 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=0 pid=23825 refcnt=0 \end_layout @@ -14834,12 +13884,10 @@ ip \end_layout \begin_layout Code - # ip xfrm policy \end_layout \begin_layout Code - ... \end_layout @@ -14848,12 +13896,10 @@ ip \end_layout \begin_layout Code - # ip xfrm state \end_layout \begin_layout Code - ... \end_layout @@ -14903,39 +13949,32 @@ Vernünftig funktionierendes QoS ist nur an der ausgehenden Schnittstelle \end_layout \begin_layout Code - ------------------->------- \end_layout \begin_layout Code - Queue 1 \backslash \end_layout \begin_layout Code - --->--- ---->--------->--------->------------------- \end_layout \begin_layout Code - Dicke Leitung Queue 2 Queue 1 / Queue 2 / Queue 3 Dünne Leitung \end_layout \begin_layout Code - --->---- ---->--------->--------->------------------- \end_layout \begin_layout Code - Queue 3 / \end_layout \begin_layout Code - ------------------->------- \end_layout @@ -15017,7 +14056,6 @@ Definition einer root qdisc mit einer Bandbreite von 1000 MBit/s an eth1 \end_layout \begin_layout Code - # tc qdisc add dev eth1 root handle 1: cbq avpkt 1000 bandwidth 1000Mbit \end_layout @@ -15034,7 +14072,6 @@ Definition einer Klasse 1:1 mit 1 MBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:1 cbq rate 1Mbit allot 1500 bounded \end_layout @@ -15046,7 +14083,6 @@ Definition einer Klasse 1:2 mit 50 MBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:2 cbq rate 50Mbit allot 1500 bounded \end_layout @@ -15058,7 +14094,6 @@ Definition einer Klasse 1:3 mit 10 MBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:3 cbq rate 10Mbit allot 1500 bounded \end_layout @@ -15070,7 +14105,6 @@ Definition einer Klasse 1:4 mit 200 kBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:4 cbq rate 200kbit allot 1500 bounded \end_layout @@ -15100,7 +14134,6 @@ match ip dport 5001 0xffff \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ip u32 match ip protocol 6 0xff match ip dport 5001 0xffff flowid 1:1 \end_layout @@ -15120,7 +14153,6 @@ match ip6 protocol 6 0xff \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 protocol 6 0xff match ip6 dport 5001 0xffff flowid 1:2 \end_layout @@ -15136,7 +14168,6 @@ match ip6 flowlabel 0x12345 0x3ffff \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 flowlabel 12345 0x3ffff flowid 1:3 \end_layout @@ -15153,7 +14184,6 @@ handle 32 fw \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ipv6 handle 32 fw flowid 1:4 \end_layout @@ -15165,7 +14195,6 @@ Die letzte Filterdefinition benötigt auch einen Eintrag in ip6tables um \end_layout \begin_layout Code - # ip6tables -A POSTROUTING -t mangle -p tcp --dport 5003 -j MARK --set-mark 32 \end_layout @@ -15183,17 +14212,14 @@ Starten auf Serverseite in separaten Konsolen: \end_layout \begin_layout Code - # iperf -V -s -p 5001 \end_layout \begin_layout Code - # iperf -V -s -p 5002 \end_layout \begin_layout Code - # iperf -V -s -p 5003 \end_layout @@ -15204,35 +14230,29 @@ Starten auf Clientseite und Vergleichen der Ergebnisse: \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv4 -p 5001 (erwartet: 1 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv6 -p 5001 (erwartet: 50 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv4 -p 5002 (erwartet: >> 50 MBit/s && <= 1000 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv6 -p 5002 (erwartet: >> 50 MBit/s && <= 1000 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv4 -p 5003 (erwartet: >> 50 MBit/s && <= 1000 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv6 -p 5003 (erwartet: 200 kBit/s) \end_layout @@ -15316,22 +14336,18 @@ Folgende Optionen müssen geändert werden, damit IPv6 aktiviert wird \end_layout \begin_layout Code - options { \end_layout \begin_layout Code - # sure other options here, too \end_layout \begin_layout Code - listen-on-v6 { any; }; \end_layout \begin_layout Code - }; \end_layout @@ -15341,59 +14357,48 @@ Nach einem Neustart (des Dienstes) sollte z.B. \end_layout \begin_layout Code - # netstat -lnptu |grep "named \backslash W*$" \end_layout \begin_layout Code - tcp 0 0 :::53 :::* LISTEN 1234/named \end_layout \begin_layout Code - ¬ # incoming TCP requests \end_layout \begin_layout Code - udp 0 0 1.2.3.4:53 0.0.0.0:* 1234/named \end_layout \begin_layout Code - ¬ # incoming UDP requests to IPv4 1.2.3.4 \end_layout \begin_layout Code - udp 0 0 127.0.0.1:53 0.0.0.0:* 1234/named \end_layout \begin_layout Code - ¬ # incoming UDP requests to IPv4 localhost \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32868 0.0.0.0:* 1234/named \end_layout \begin_layout Code - ¬ # dynamic chosen port for outgoing queries \end_layout \begin_layout Code - udp 0 0 :::53 :::* 1234/named \end_layout \begin_layout Code - ¬ # incoming UDP request to any IPv6 \end_layout @@ -15402,7 +14407,6 @@ Ein kleiner Test sieht wie folgt aus: \end_layout \begin_layout Code - # dig localhost @::1 \end_layout @@ -15419,22 +14423,18 @@ Folgende Optionen müssen geändert werden, damit IPv6 deaktiviert wird: \end_layout \begin_layout Code - options { \end_layout \begin_layout Code - # sure other options here, too \end_layout \begin_layout Code - listen-on-v6 { none; }; \end_layout \begin_layout Code - }; \end_layout @@ -15449,67 +14449,54 @@ ACLs mit IPv6 Adressen sind realisierbar und sollten wann immer möglich \end_layout \begin_layout Code - acl internal-net { \end_layout \begin_layout Code - 127.0.0.1; \end_layout \begin_layout Code - 1.2.3.0/24; \end_layout \begin_layout Code - 2001:0db8:100::/56; \end_layout \begin_layout Code - ::1/128; \end_layout \begin_layout Code - ::ffff:1.2.3.4/128; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - acl ns-internal-net { \end_layout \begin_layout Code - 1.2.3.4; \end_layout \begin_layout Code - 1.2.3.5; \end_layout \begin_layout Code - 2001:0db8:100::4/128; \end_layout \begin_layout Code - 2001:0db8:100::5/128; \end_layout \begin_layout Code - }; \end_layout @@ -15521,32 +14508,26 @@ Diese ACLs können für Client-Anfragen und Zonentransfers zu Secondary Nameserv \end_layout \begin_layout Code - options { \end_layout \begin_layout Code - # sure other options here, too \end_layout \begin_layout Code - listen-on-v6 { none; }; \end_layout \begin_layout Code - allow-query { internal-net; }; \end_layout \begin_layout Code - allow-transfer { ns-internal-net; }; \end_layout \begin_layout Code - }; \end_layout @@ -15572,7 +14553,6 @@ Diese Option ist nicht verpflichtend, ev. \end_layout \begin_layout Code - query-source-v6 address port ; \end_layout @@ -15593,7 +14573,6 @@ Die Transfer source Adresse wird für ausgehende Zonentransfers verwendet: \end_layout \begin_layout Code - transfer-source-v6 [port port]; \end_layout @@ -15606,7 +14585,6 @@ Die Notify source Adresse wird für ausgehende notify Mitteilungen verwendet: \end_layout \begin_layout Code - notify-source-v6 [port port]; \end_layout @@ -15763,27 +14741,22 @@ Eine IPv6 Verbindung kann durch Angabe eines dedizierten Server, der abgefragt \end_layout \begin_layout Code - $ host -t aaaa www.6bone.net 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Using domain server: \end_layout \begin_layout Code - Name: 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Address: 2001:0db8:200:f101::1#53 \end_layout \begin_layout Code - Aliases: \end_layout @@ -15792,7 +14765,6 @@ Aliases: \end_layout \begin_layout Code - Host www.6bone.net. not found: 5(REFUSED) \end_layout @@ -15802,17 +14774,14 @@ Ein entsprechender Log-Eintrag sieht wie folgt aus: \end_layout \begin_layout Code - Jan 3 12:43:32 gate named[12347]: client \end_layout \begin_layout Code - ¬ 2001:0db8:200:f101:212:34ff:fe12:3456#32770: \end_layout \begin_layout Code - query denied \end_layout @@ -15831,27 +14800,22 @@ Eine erfolgreiche IPv6 Verbindung sieht wie folgt aus: \end_layout \begin_layout Code - $ host -t aaaa www.6bone.net 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Using domain server: \end_layout \begin_layout Code - Name: 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Address: 2001:0db8:200:f101::1#53 \end_layout \begin_layout Code - Aliases: \end_layout @@ -15860,14 +14824,12 @@ Aliases: \end_layout \begin_layout Code - www.6bone.net. is an alias for 6bone.net. \end_layout \begin_layout Code - 6bone.net. has AAAA address 3ffe:b00:c18:1::10 \end_layout @@ -15912,52 +14874,42 @@ Wenn Sie nun einen "eingebauten" Service wie z.B. \end_layout \begin_layout Code - # diff -u /etc/xinetd.d/daytime.orig /etc/xinetd.d/daytime \end_layout \begin_layout Code - --- /etc/xinetd.d/daytime.orig Sun Dec 16 19:00:14 2001 \end_layout \begin_layout Code - +++ /etc/xinetd.d/daytime Sun Dec 16 19:00:22 2001 \end_layout \begin_layout Code - @@ -10,5 +10,5 @@ \end_layout \begin_layout Code - protocol = tcp \end_layout \begin_layout Code - user = root \end_layout \begin_layout Code - wait = no \end_layout \begin_layout Code - - disable = yes \end_layout \begin_layout Code - + disable = no \end_layout \begin_layout Code - } \end_layout @@ -15967,27 +14919,22 @@ dann sollten Sie nach einem Neustart des xinetd-Dienstes z.B. \end_layout \begin_layout Code - # netstat -lnptu -A inet6 |grep "xinetd*" \end_layout \begin_layout Code - tcp 0 0 ::ffff:192.168.1.1:993 :::* LISTEN 12345/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 :::13 :::* LISTEN 12345/xinetd-ipv6 <- service \end_layout \begin_layout Code - ¬ daytime/tcp \end_layout \begin_layout Code - tcp 0 0 ::ffff:192.168.1.1:143 :::* LISTEN 12345/xinetd-ipv6 \end_layout @@ -16048,27 +14995,22 @@ Virtueller Host mit IPv6 Adresse \end_layout \begin_layout Code - Listen [2001:0db8:100::1]:80 \end_layout \begin_layout Code - \end_layout \begin_layout Code - ServerName ipv6only.yourdomain.yourtopleveldomain \end_layout \begin_layout Code - # ...sure more config lines \end_layout \begin_layout Code - \end_layout @@ -16077,32 +15019,26 @@ Virtueller Host mit IPv4 und IPv6 Adresse \end_layout \begin_layout Code - Listen [2001:0db8:100::2]:80 \end_layout \begin_layout Code - Listen 1.2.3.4:80 \end_layout \begin_layout Code - \end_layout \begin_layout Code - ServerName ipv6andipv4.yourdomain.yourtopleveldomain \end_layout \begin_layout Code - # ...sure more config lines \end_layout \begin_layout Code - \end_layout @@ -16111,24 +15047,20 @@ Das Ergebnis sollten nach einen Neustart des Dienstes etwa Folgendes sein: \end_layout \begin_layout Code - # netstat -lnptu |grep "httpd2 \backslash W*$" \end_layout \begin_layout Code - tcp 0 0 1.2.3.4:80 0.0.0.0:* LISTEN 12345/httpd2 \end_layout \begin_layout Code - tcp 0 0 2001:0db8:100::1:80 :::* LISTEN 12345/httpd2 \end_layout \begin_layout Code - tcp 0 0 2001:0db8:100::2:80 :::* LISTEN 12345/httpd2 \end_layout @@ -16235,52 +15167,42 @@ Die Konfigurationsdatei des radvd ist normalerweise die Datei /etc/radvd.conf. \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - AdvSendAdvert on; \end_layout \begin_layout Code - MinRtrAdvInterval 3; \end_layout \begin_layout Code - MaxRtrAdvInterval 10; \end_layout \begin_layout Code - prefix 2001:0db8:0100:f101::/64 { \end_layout \begin_layout Code - AdvOnLink on; \end_layout \begin_layout Code - AdvAutonomous on; \end_layout \begin_layout Code - AdvRouterAddr on; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - }; \end_layout @@ -16289,28 +15211,23 @@ Als Ergebnis auf der Client-Seite ergibt sich hieraus: \end_layout \begin_layout Code - # ip -6 addr show eth0 \end_layout \begin_layout Code - 3: eth0: mtu 1500 qdisc pfifo_fast qlen 100 \end_layout \begin_layout Code - inet6 2001:0db8:100:f101:2e0:12ff:fe34:1234/64 scope global dynamic \end_layout \begin_layout Code - valid_lft 2591992sec preferred_lft 604792sec \end_layout \begin_layout Code - inet6 fe80::2e0:12ff:fe34:1234/10 scope link \end_layout @@ -16337,67 +15254,54 @@ Seit der Version 0.6.2pl3 wird die automatische (Neu)-Erstellung des Präfixes \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - AdvSendAdvert on; \end_layout \begin_layout Code - MinRtrAdvInterval 3; \end_layout \begin_layout Code - MaxRtrAdvInterval 10; \end_layout \begin_layout Code - prefix 0:0:0:f101::/64 { \end_layout \begin_layout Code - AdvOnLink off; \end_layout \begin_layout Code - AdvAutonomous on; \end_layout \begin_layout Code - AdvRouterAddr on; \end_layout \begin_layout Code - Base6to4Interface ppp0; \end_layout \begin_layout Code - AdvPreferredLifetime 20; \end_layout \begin_layout Code - AdvValidLifetime 30; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - }; \end_layout @@ -16407,28 +15311,23 @@ Das Ergebnis auf Clientseite ist (unter der Annahme, dass ppp0 die lokale \end_layout \begin_layout Code - # /sbin/ip -6 addr show eth0 \end_layout \begin_layout Code - 3: eth0: mtu 1500 qdisc pfifo_fast qlen 100 \end_layout \begin_layout Code - inet6 2002:0102:0304:f101:2e0:12ff:fe34:1234/64 scope global dynamic \end_layout \begin_layout Code - valid_lft 22sec preferred_lft 12sec \end_layout \begin_layout Code - inet6 fe80::2e0:12ff:fe34:1234/10 scope link \end_layout @@ -16447,7 +15346,6 @@ Achtung: wenn keine spezielle 6to4-Unterstützung der initscripts benutzt \end_layout \begin_layout Code - # /sbin/ip -6 route add 2002:0102:0304:f101::/64 dev eth0 metric 1 \end_layout @@ -16477,107 +15375,86 @@ radvdump \end_layout \begin_layout Code - # radvdump \end_layout \begin_layout Code - Router advertisement from fe80::280:c8ff:feb9:cef9 (hoplimit 255) \end_layout \begin_layout Code - AdvCurHopLimit: 64 \end_layout \begin_layout Code - AdvManagedFlag: off \end_layout \begin_layout Code - AdvOtherConfigFlag: off \end_layout \begin_layout Code - AdvHomeAgentFlag: off \end_layout \begin_layout Code - AdvReachableTime: 0 \end_layout \begin_layout Code - AdvRetransTimer: 0 \end_layout \begin_layout Code - Prefix 2002:0102:0304:f101::/64 \end_layout \begin_layout Code - AdvValidLifetime: 30 \end_layout \begin_layout Code - AdvPreferredLifetime: 20 \end_layout \begin_layout Code - AdvOnLink: off \end_layout \begin_layout Code - AdvAutonomous: on \end_layout \begin_layout Code - AdvRouterAddr: on \end_layout \begin_layout Code - Prefix 2001:0db8:100:f101::/64 \end_layout \begin_layout Code - AdvValidLifetime: 2592000 \end_layout \begin_layout Code - AdvPreferredLifetime: 604800 \end_layout \begin_layout Code - AdvOnLink: on \end_layout \begin_layout Code - AdvAutonomous: on \end_layout \begin_layout Code - AdvRouterAddr: on \end_layout \begin_layout Code - AdvSourceLLAddress: 00 80 12 34 56 78 \end_layout @@ -16643,67 +15520,54 @@ Die Konfigurationsdatei des dhcp6s ist normalerweise /etc/dhcp6s.conf. \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - server-preference 255; \end_layout \begin_layout Code - renew-time 60; \end_layout \begin_layout Code - rebind-time 90; \end_layout \begin_layout Code - prefer-life-time 130; \end_layout \begin_layout Code - valid-life-time 200; \end_layout \begin_layout Code - allow rapid-commit; \end_layout \begin_layout Code - option dns_servers 2001:db8:0:f101::1 sub.domain.example; \end_layout \begin_layout Code - link AAA { \end_layout \begin_layout Code - range 2001:db8:0:f101::1000 to 2001:db8:0:f101::ffff/64; \end_layout \begin_layout Code - prefix 2001:db8:0:f101::/64; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - }; \end_layout @@ -16727,22 +15591,18 @@ Die Konfigurationsdatei von dhcp6c ist normalerweise /etc/dhcp6c.conf. \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - send rapid-commit; \end_layout \begin_layout Code - request domain-name-servers; \end_layout \begin_layout Code - }; \end_layout @@ -16766,7 +15626,6 @@ Starten des Servers, z.B. \end_layout \begin_layout Code - # service dhcp6s start \end_layout @@ -16784,12 +15643,10 @@ Starten des Clients im Vordergrund, z.B. \end_layout \begin_layout Code - # dhcp6c -f eth0 \end_layout \begin_layout Code - ... \end_layout @@ -16813,7 +15670,6 @@ Der Server hat einen Vordergrund und zwei Debug-Schalter (von denen beide \end_layout \begin_layout Code - # dhcp6c -d -D -f eth0 \end_layout @@ -16831,7 +15687,6 @@ Mit einem IPv6 Ping an die DHCP Multicast-Adresse kann getestet werden, \end_layout \begin_layout Code - # ping6 -I eth0 ff02::1:2 \end_layout @@ -16842,58 +15697,47 @@ Der Client hat einen Vordergrund und zwei Debug-Schalter, hier ein Beispiel: \end_layout \begin_layout Code - # dhcp6c -d -f eth0 \end_layout \begin_layout Code - Oct/03/2005 17:18:16 dhcpv6 doesn't support hardware type 776 \end_layout \begin_layout Code - Oct/03/2005 17:18:16 doesn't support sit0 address family 0 \end_layout \begin_layout Code - Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:17 status code for this address is: success \end_layout \begin_layout Code - Oct/03/2005 17:18:17 status code: success \end_layout \begin_layout Code - Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:17 assigned address 2001:db8:0:f101::1002 prefix len is not in any RAs prefix length using 64 bit instead \end_layout \begin_layout Code - Oct/03/2005 17:18:17 renew time 60, rebind time 9 \end_layout @@ -16960,32 +15804,26 @@ Erstellen einer eigenen Konfigurationsdatei /etc/dhcp/dhcpd6.conf für den \end_layout \begin_layout Code - default-lease-time 600; \end_layout \begin_layout Code - max-lease-time 7200; \end_layout \begin_layout Code - log-facility local7; \end_layout \begin_layout Code - subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Range for clients \end_layout \begin_layout Code - range6 2001:db8:0:1::129 2001:db8:0:1::254; \end_layout @@ -16994,12 +15832,10 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Range for clients requesting a temporary address \end_layout \begin_layout Code - range6 2001:db8:0:1::/64 temporary; \end_layout @@ -17008,17 +15844,14 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Additional options \end_layout \begin_layout Code - option dhcp6.name-servers fec0:0:0:1::1; \end_layout \begin_layout Code - option dhcp6.domain-search "domain.example"; \end_layout @@ -17027,12 +15860,10 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Prefix range for delegation to sub-routers \end_layout \begin_layout Code - prefix6 2001:db8:0:100:: 2001:db8:0:f00:: /56; \end_layout @@ -17041,33 +15872,27 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Example for a fixed host address \end_layout \begin_layout Code - host specialclient { \end_layout \begin_layout Code - host-identifier option dhcp6.client-id 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01: 23:45; \end_layout \begin_layout Code - fixed-address6 2001:db8:0:1::127; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -17106,7 +15931,6 @@ dhcp6c \end_layout \begin_layout Code - # hexdump -e '"%07.7_ax " 1/2 "%04x" " " 14/1 "%02x:" " \backslash n"' /var/lib/dhcpv6/dhcp6c_duid 0000000 000e 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01 @@ -17132,56 +15956,46 @@ Starte den Server im Vordergrund: \end_layout \begin_layout Code - # /usr/sbin/dhcpd -6 -d -cf /etc/dhcp/dhcpd6.conf eth1 \end_layout \begin_layout Code - Internet Systems Consortium DHCP Server 4.1.0 \end_layout \begin_layout Code - Copyright 2004-2008 Internet Systems Consortium. \end_layout \begin_layout Code - All rights reserved. \end_layout \begin_layout Code - For info, please visit http://www.isc.org/sw/dhcp/ \end_layout \begin_layout Code - Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file \end_layout \begin_layout Code - Wrote 0 leases to leases file. \end_layout \begin_layout Code - Bound to *:547 \end_layout \begin_layout Code - Listening on Socket/5/eth1/2001:db8:0:1::/64 \end_layout \begin_layout Code - Sending on Socket/5/eth1/2001:db8:0:1::/64 \end_layout @@ -17224,62 +16038,50 @@ Erstellen der Konfigurationsdatei /etc/dibbler/server.conf . \end_layout \begin_layout Code - log-level 8 \end_layout \begin_layout Code - log-mode short \end_layout \begin_layout Code - preference 0 \end_layout \begin_layout Code - iface "eth1" { \end_layout \begin_layout Code - prefered-lifetime 3600 \end_layout \begin_layout Code - valid-lifetime 7200 \end_layout \begin_layout Code - class { \end_layout \begin_layout Code - pool 2001:db8:0:1::/64 \end_layout \begin_layout Code - } \end_layout \begin_layout Code - option dns-server fec0:0:0:1::1 \end_layout \begin_layout Code - option domain domain.example \end_layout \begin_layout Code - } \end_layout @@ -17302,148 +16104,124 @@ Start Server im Vorgergrund: \end_layout \begin_layout Code - # dibbler-server run \end_layout \begin_layout Code - | Dibbler - a portable DHCPv6, version 0.7.3 (SERVER, Linux port) \end_layout \begin_layout Code - | Authors : Tomasz Mrugalski,Marek Senderski \end_layout \begin_layout Code - | Licence : GNU GPL v2 only. Developed at Gdansk University of Technology. \end_layout \begin_layout Code - | Homepage: http://klub.com.pl/dhcpv6/ \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice My pid (1789) is stored in /var/lib/dibbler/s erver.pid \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Detected iface eth0/3, MAC=54:52:00:01:23:45. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Detected iface eth1/2, MAC=54:52:00:67:89:ab. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Detected iface lo/1, MAC=00:00:00:00:00:00. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Debug Skipping database loading. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Debug Cache:server-cache.xml file: parsing started, expecting 0 entries. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Parsing /etc/dibbler/server.conf config file... \end_layout \begin_layout Code - 18:48 Server Debug Setting 0 generic option(s). \end_layout \begin_layout Code - 18:48 Server Debug 0 per-client configurations (exceptions) added. \end_layout \begin_layout Code - 18:48 Server Debug Parsing /etc/dibbler/server.conf done. \end_layout \begin_layout Code - 18:48 Server Info 0 client class(es) defined. \end_layout \begin_layout Code - 18:48 Server Debug 1 interface(s) specified in /etc/dibbler/server.conf \end_layout \begin_layout Code - 18:48 Server Info Mapping allow, deny list to class 0:0 allow/deny entries in total. \end_layout \begin_layout Code - 18:48 Server Info Interface eth1/2 configuration has been loaded. \end_layout \begin_layout Code - 18:48 Server Notice Running in stateful mode. \end_layout \begin_layout Code - 18:48 Server Info My DUID is 00:01:00:01:11:aa:6d:a7:54:52:00:67:89:ab. \end_layout \begin_layout Code - 18:48 Server Notice Creating multicast (ff02::1:2) socket on eth1/2 (eth1/2) interface. \end_layout \begin_layout Code - 18:48 Server Debug Cache: size set to 1048576 bytes, 1 cache entry size is 87 bytes, so maximum 12052 address-client pair(s) may be cached. \end_layout \begin_layout Code - 18:48 Server Notice Accepting connections. Next event in 4294967295 second(s). \end_layout @@ -17508,7 +16286,6 @@ s.allow sowie /etc/hosts.deny. \end_layout \begin_layout Code - $ man hosts.allow \end_layout @@ -17523,13 +16300,11 @@ In dieser Datei wird ein Dienst pro Zeile eingetragen, der positiv gefiltert \end_layout \begin_layout Code - sshd: 1.2.3. [2001:0db8:100:200::]/64 \end_layout \begin_layout Code - daytime-stream: 1.2.3. [2001:0db8:100:200::]/64 \end_layout @@ -17550,7 +16325,6 @@ In dieser Datei werden alle Einträge negativ gefiltert. \end_layout \begin_layout Code - ALL: ALL \end_layout @@ -17562,12 +16336,10 @@ Sie können bei Bedarf obige Standardzeile auch durch Folgende ersetzen, \end_layout \begin_layout Code - ALL: ALL: spawn (echo "Attempt from %h %a to %d at `date`" \end_layout \begin_layout Code - | tee -a /var/log/tcp.deny.log | mail root@localhost) \end_layout @@ -17590,22 +16362,18 @@ Das Logging einer abgelehnten IPv4-Verbindung zu einem durch den xinetd \end_layout \begin_layout Code - Jan 2 20:40:44 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap \end_layout \begin_layout Code - ¬ from=::ffff:1.2.3.4 \end_layout \begin_layout Code - Jan 2 20:32:06 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap \end_layout \begin_layout Code - from=2001:0db8:100:200::212:34ff:fe12:3456 \end_layout @@ -17616,27 +16384,22 @@ Das Logging einer abgelehnten IPv4-Verbindung zu einem durch den xinetd \end_layout \begin_layout Code - Jan 2 20:24:17 gate sshd[12345]: refused connect from ::ffff:1.2.3.4 \end_layout \begin_layout Code - ¬ (::ffff:1.2.3.4) \end_layout \begin_layout Code - Jan 2 20:39:33 gate sshd[12345]: refused connect \end_layout \begin_layout Code - from 2001:0db8:100:200::212:34ff:fe12:3456 \end_layout \begin_layout Code - ¬ (2001:0db8:100:200::212:34ff:fe12:3456) \end_layout @@ -17650,22 +16413,18 @@ Das Logging einer akzeptierten IPv4-Verbindung zu einem durch den xinetd \end_layout \begin_layout Code - Jan 2 20:37:50 gate xinetd-ipv6[12346]: START: daytime-stream pid=0 \end_layout \begin_layout Code - ¬ from=::ffff:1.2.3.4 \end_layout \begin_layout Code - Jan 2 20:37:56 gate xinetd-ipv6[12346]: START: daytime-stream pid=0 \end_layout \begin_layout Code - from=2001:0db8:100:200::212:34ff:fe12:3456 \end_layout @@ -17675,22 +16434,18 @@ Das Logging einer akzeptierten IPv4-Verbindung zu einem auf zwei Ports hörenden \end_layout \begin_layout Code - Jan 2 20:43:10 gate sshd[21975]: Accepted password for user from ::ffff:1.2.3.4 \end_layout \begin_layout Code - ¬ port 33381 ssh2 \end_layout \begin_layout Code - Jan 2 20:42:19 gate sshd[12345]: Accepted password for user \end_layout \begin_layout Code - from 2001:0db8:100:200::212:34ff:fe12:3456 port 33380 ssh2 \end_layout @@ -17726,7 +16481,6 @@ listen \end_layout \begin_layout Code - listen_ipv6=yes \end_layout @@ -17761,27 +16515,22 @@ Editiere die Konfigurationsdatei, üblicherweise /etc/proftpd.conf, allerdings \end_layout \begin_layout Code - \end_layout \begin_layout Code - ... \end_layout \begin_layout Code - Bind 2001:0DB8::1 \end_layout \begin_layout Code - ... \end_layout \begin_layout Code - \end_layout diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.pdf index 3c63ca42c879ab7f3f9ab95ab388fc8d9e8e34e3..10c6fb448ab7bcda0ff94e9c7c0be82cc6296544 100644 GIT binary patch delta 19867 zcmb5V1yq|s*DYK$l%mDmy%3z@R=jA@76?+j1zH>ef#OzLEI@I0cL@%~wLo!~;!e;% zwD0%b@BZtqb=O_%$*N?6{k5tJlKui z(Ki$UY-zEp=)8$U###y?)jhJJzKjFE=X%c-2!GN^&mET?etE(;7SEy@LjYYiBe~hH zYoa~Zr9StO^bi$&3VgMx+Q+{VD)i3td&2YKJmaKK&wIZMaWuEy;d;Db&u2!8Di{gz zfE5(}3ecpf)#&e&tdfMN<=6a4wNCP4OU#Y6nebE8dalX`T*eQzvHY;~nL5f9x9I{f z9^HoP&zl#ULVoFB+F=IKQF(e&W5BMwoz7PoKpk;r#dZT=Fg9LdlJ|rN;8#3Y2%08B zEaIuXPWOm+iTi~WGoy%%k0#9{UauwKN++D6;xlQ!mo*8%m#&BOFb&-bRocDPx3->A zU0kIcBMXRmh4DGdN$2`b$L1g~)RAkGvpd z)#cXXGT3K`y~v5(glhumN$koGGc1(viDr+Zzi!Cek@!g*lAU2r7;m5mn%6|-$o#>z z-SU1X1Xo<69BG|y@l~^7cnkLxXIps<9shO|`#hdofl?s}g4^೚(nJL+nM88^QMfm^_0${-+lC=!ukIam_MLLW3(9i`*QT2d0-QnT zZ;dJDIUFzFdL2qEp+Y|!)Xf=Yq`h&PWj!x9U{b1Pv4C_``cqlWBoQdz=|KbIf);PW z?VH+fihxxdd-&Pc*GJdGU`s}o$S$^U8S-H58Q@;5MczD2;Iz;>!u{SPP!A{-!WsO# z!X<-aUOrOiX-W6GnibM)&V6&z);_+qbWoklcIk|t=Uzpxfl1TzDN*ZS^sw=|S+g8d z3;`@U4~U--KCI!B*GtvZHzz+e#+$AV0;N;GT@b`YSepfx~jgqh}%$>z(g{1N! zx@=b&62H*#YqEZOk8n425H2LU2|`aDld88{Z4xlHYJB*!Vq-;$dDZ>0TsfiWxmV!T z8281d9QUh}yUkV>bm!-2&bBFr)eYduvmGCM`B9Zy2IEw@GcE3fE2;`E9pkv8H}y4c zekK_t_Ya1Y&(@C0tj;KcPHEdg*|ecgEegcjFs*yxd+VU56VX^uBrzm{;L#UIh!=9* z=nIqu&zLa+HpqfLC@M=353;20r(J+-vw}s6QgV=!x3G9V`zAZ`dNdao=cP#?Uu?p{ zrsvIqXb*E!z=ujr2X)&t(vcayHTb2|m*NhYsVEZ3L7=fwaA=$-+tUyMkb&tJvFCZZ z$*9JJrgo|CTIUXJI+=5f^Xey8;-=xL za^=+1Z~McP5qpiRE#RVVnuf^$eWgb2FJT{JNoMO0b2KL@6ileSUQ&~tNB+K4BmG^Y zPfJK>r1A?ASN)aSosd%lX=|MJmq_Vsn5zo2GuS>ZyvATqJ7D{5Lnk8vH0g&^Zm4?7 z{e|CcxC5gVCjmSi^9$`eqG7XT$I~IY=i)!j*-C0@x;&%?*kX%74`8@AncRjmv3R&%+{%Pkj(v95xGz85so>hX7#F8Gl_6} z#<)!^6i<et$5rMX)~kQ~0s zm(0M@0%>BpxmTsSsq^USvNSx(1lsG*9~Z~ss>H}r;tHcK*0*yBRB@qAOga>L^<(n4 zb#ad;mlB&sL~4l(`MSRoIvAmhKPc8Y(P6>l)YNI8g?TF%P>oVyRZ=+OzsKrXgmT33 zRgF=g*)e2!KgIia)`a2%?^4mk5WS(woqBbE3F!$(tXl{2*!o;Rx9Hk~HY(_5U9or9 zBGu@Zj8}PT4L$3LrTZP4Q>xuJ&INIj1vmcJt@h1p4-U=#tRiF6qF%vGqFwEsu{afF zZ>gmE+ESty=bK$1E?}Bh`_bW)l3!O9XOzH54S3gn za4}rM{`LcZ!;$RmK1zZ7yd?)UX}FH9q*mBaX>6EM8phm%&*Lg1s2ZFEd96tV9kq>jf59x z8@?Vdal82$p5;6;h~rOV2i)}(*Bq~Iwr`kE%7EX|m8HS2UY_k)r%NU93k057HN<@w zB*Wf8xonuuv@tnQm!wf6LiYGBLu;jj>>4SlX1Zd%*Eay}WPdlAaT?BM~Hf+bh8fq!pm_zRMN&+o+!H zLjua&RQd(h6GciJ4mNVCh9uA}3b-Tb06G?nLKw_fjDmQfB3@{9e8uQx>uCJE!u)*D zt#1J8e`X!#cYp%U8~IlPyfV_lGQ9G#g2DpQa=bDEGIG+qGA{*%UkV7x3QN$6{a;;- zFoCZv?5&)wX?eMYgal&n-?Km%7d&3idsi>H`3zz$e*9oQ7-8DHywF2od_1#^4HR?l z^=Sr1eTy0YQC-JquN=A>KAD@X<2m+5{Hf*}#h7Z_73CbIIOcqM=RPK8?9k6e*-Z1O zZ%VCS6~92uc;Rfkb$?nrf@HbrCb4z9S(m&7kB^OwEsjTEJR=j+yD-Q@@txC_vdW1C z3;a1NC#S*XsR4{&kT6?CrS?VIa*?@Zdc-0B(x**w{Q+bep;}J(mni(wnaN%U+#sz6~hs@WtbOtAl{T@#vFWE!bO2 z;?H0knD?NO#t?L4ZU9p3Ck7H&qTaNh>C_t_vAjKzfcb+xEStxCU|HZ}tz$ae6S=*j z#0tM)IM;D^Z^$y`M$;hFT;3$=RPNS{Kqi&|ECer1pxb7H-GD3Lc`H~;vM^;!@#GD! zVUi3{z!u#2Sceyv_xxr>6A$aPsT;cqe%}fUo{@I_+*lt&@$8t#vfnHz_*!dvwm7jwoDBGH2eyeEh z-2nIrE?n(I&QtPBFZlbV#URU3>>)BJR-Qs^?b*Wk;MNhtk`9cuh~y~xkQ~HzO4Pjh zj5CXIsqGyE<^^UNbUR8dtLK3ast@8GeODiPFTs1aY*#TeAfj?BwetRUQLpT_CRTmr z{UV=tVOe)nQw=O)#0y*_2O7AVI&HBC>zS?r|A2#GW%O_t@g;oN^lNtT!cVt|ky`JZ z<>?`CwB%{D(p}jGI9h~(3uG}o{SiC_mgKcqn1*1&W~_Pc*v(sYPn6CE`EoxzyzQRu zQHUyI->~}%ti5D=6X(qtzcjTN5ET#7*`5{yeK<7F{d3zp1$i~u|dwEwe@aGGsn zf%6F^hTYlu0jsr(KtwmwMTlSNl!6#Q@c4JT)g*kn%>_1E8A=9pj5*{1-5NA|@TE~{ zZ?f}ATv5R;!N>6xW8KytAVmvpdM5I1KFf3MBs4-_ywl3U%KXS=#Mi6*N4j!@en!Ff zmib5$ztgJ2>ACQ86-%wa`2MGZii0$8`(wEfh62zD+v=c!C1IBxY*c7H)Xa0>^2;F> zA7({;!5rZy34(EXe8_tETk-A}#9k*(6*EG2$Im4(R@6_JH2SR^pj}yj28d@E&m=r$gc?e6^CzQ zP~LhqoJ#JeH+Ct45rTXUZK^PIm}1G#YM$FxJPrMH_X?mr=yzQFMte6h`N;7{I70{8wcR#t+XG4zouN&`#8?A5rf+Aksd zH-CYy)j5NDM@c|iZsil~=8f=_@0}-UOYL3~3YTUUllI~m zB^bJc3w|1V0`F03waTR(a!Wm=;zO|j;|NbUB-)v9f*=e_6q_RYBP=01(}URM-$xcj z@4_0M3ZDM<$^-G%NeQR57+j+{aeP=i#g4!K-ar+$Q}5lj;&CnP1kgVD&6b_U<0eCt zmLk&_nHWf!=CF14W|J#_^9|k(%OLsBQ-lKzpIaw2%o`k);AKj)WC{x&d^%R1RbmC5V2U za-R)iBp~`>kNFx!(XP7}t_~+ppo=vFY0vD;OyU_-0AcG*KO;~z_rfKQOBEGl}k-$k#Uh%YS6s?GMM#z9iAX_0kRDb8G6Jv@* z_Y0rG$#$~}tF*W)Kd0z3B^atQe9vHlC4o)xRPOUH9zKnpEkg$HL8My?*i-IJwV{ z!oUt=g>?Ou1x@Fhgr@W)Am#^P75WMIyP;P?lPNA}Z@wb}wAj0a!IWavL$SXVZWaa& z!}a(EbbbG8aHg#jtoizwhyG=EzRv6GTJ^02{Fyay1w*(hhNjxl$Mqt!p!B>edal3H z00L8J^X{&^0Clm;xZw<+%F*dQvI_zW(FwSF&VM9FXK!vCgbeBeGBzRW!Rdwi6C+2v zNJLZr3PX72qcC(!&V6^9N%^YXfHnmFeoK*9w}Jx#Z~i6NNQ1klcomw@vQtRPSHh2h zH{guJzYN>Tr={At!=OIx9?pt@qo$q&!ZgW09z_6M<83ybAgshUUoS>^`~RRduZK4S zEnr`!!La=a&1i>ZPSD;H<%Gj!aS+e>Nx@%&jeOVr!!UshBMJ9*a|xwky@*}9If!e8 zo(QkMZn3)7UYY<8muM}nHE~`W_gH1UaY)QO_U25BRD*+;N&?U;#R4(m5R zt>$2Fjv!u|vs4V2qUQ*aINSiM@oBA|7;S==dRXuZXc8+AywK95vb)ZjBJPa)Nc`M; zV)vJduITa3u1d9FTZlDDJ+W}lO90g68^5HpeJKX&TIPA<0$J)L;rRwwBD%TsMl6}Z z2sQAQOtV8{6FxJlfJpw_O6GG(LoC-co8b`szShIAyBkdjrI_nSjiA|bvQLU`dTeWk zt*iU8QRz`84)d&Mrf#bQcXgIefu~xhjwboYwwH z(0vwP7I%mR;ln%@PXmr?D^keaejgcA{6ko!zqiw>{o>-TsN1ZJ@-q^POEl0=OM)ap z>n{z3162R<@Rrl%FAs%_75@>jVoV{C!h|7Bwq_E4lX+%v>m7qjLIYYq9Bh}3!&BEG zDB-oSDy=v+k3$5831|TlMAM@o2+B!1v1lL5`TgRp`nKlu_STR+%zh9a=V21!Jtu1N8dv%td? zZ-gyTFJ6K^D149!(ZX67?om8rx5Pk*U6{Dw1Ap?0(*nItUvY311f1aza6p;76+ZJ< z?IaX<3ove&te2evqGx-WvCt&8$_u{jVH$2YO-8dn=4xr3OWFv<3+ske0bP%NBnmAv zgZ7pgbnK=1K!jWJn;+{tw=iglY+OkWj)kXHORQ?!aKT^Qwf@Q;@Wh$(6iIB|NtKT1 zFDW4nAxZ4!5`KALP3OO~97ze+PJ&a03Di3Yo`qC;A_3u)IXTLSWy=Dfz4w`qi5o1x z{fbHrD7(E6ME$*>#DcU2YSxB;Z!sjcsB?o%!V5( zxpYgOG9kq8Lc$*NJ*?QT27Iv%IUq)uh*gvmT=qA3Ep?*UiNGHwd^9Ty5kJAdk-Mw& zZ5?OUxa2km5E(X$iT(Tcun)nQ5>Hog6gCHN^4FcX)|nMI2h{Rc--H}|eGhw2*UKV3 zFVzSBjR+%-%Ys24xWG>=E#=1#U?LE)s-{uJHt{9`5o(zB-Vw6Ke40aiamx1G&6yX3 z(732t=gch%qR15`pKA@gsHFqWX!zt#ti89V7e+%T2WUpIfyFO`t>|G~I9HmyOU* zUJ#e8-v~qi(`}d+RNAH^A&M(B%?l#W2p!3&YO+rR`t5>U=j{hAU|rAV*TeTCCBuar zHpBN@5ajd;2A;4l@(Ny4gSyh&B7E=KtgN)j5jmWZc82ZjO7)M>L?GRytc2*!I6@=g zJZTP}gy{J|^wOy(a`vwfBAI$D9Og{Gcgh5LeySh=`kaHms`v*A{#rQyWC$GksFR_Es;qw?aSs{`qa)xR=;Y2#FW%_$oK22S?hWoDXYWIwhbHMn?k9#LL zz4V_1GFD=*+9{!wCYZ(LRNGq#uh(_{0|zCDDC2m|^KdoQAqk%RR%wVcbaj9beAo;} z6&{>N-T+su33tt7&Ru0D;PBSTqJan}kTxIVTQg^LQ0XO_5e9S>s~LQ;ewA$ABx~&I zK%#vr{K0v*dCwSo9Zrvqkj#v$);$&l`5e<8;NjXS=lU@CcZ+-09axj`KijF|!oS-o zGZq3GhA&RBBXSTaDkO_b`tn{leZ#*kRjI-@Giwvcm(?vd->0B0MmSPg7RI zqroT+a6?8Qrzy<;5_}>Nnson!25zXLBEcIjsbAHizXu_CunDD^dB;d|gpiBA;fNGNo!BeRU+}SGTvV)yJ@DJkv{(2B)h+kQ0%`QFG%WxVc2$=eN6r)4fBW#f76_u=z+v_B3!6!&jSHUqoif!tTQ9_#aE1upZz@$yJDMqrYW>|yRiP-ZuF02& z18a&@D_F1x@&3@IO;j`f70E5+PoMv)B(OSyTkf;?nv*RgHrYzv?EWWW+YySVpw+tW zG@P1jAurv$S#_!^lggS~2Zmim^9{0gU4p-s#(WbDyJ7&XAF$<`rEw8^nd^koyuu%d zwCR>G>L+QJXxHBRYVTSj=eYi>8sV^cRl0(A|ME?Rdf7&}Z(kq6ttAzR>>67zlP7c{ z*S3CI4KYhw9JGo`q_kwe*!c`ow5{PTnaQg=ZV3KC`5sY(DUrtzDw3qTHxY-(_-+!z zyc@%Sn7Y`1THo@etcAZ?>eb$x=$@SwSaa3N^vNS?VlFn~!?BAIe~lO`80bpS4O*H!sTMF>0-Z_WIb3_Jm6JYx*>XO2&>-Ib9LdiaJTye>Q(kL?XVm zckl?l!E>A38LACkA%%)ED|S~^t6!1|#q@GSH)r0kkY8_e&D{76@0`FDuRIam^@8z> zcoFgN=_m2P%gLC@OFI^xS08`fT?#3A8}mvcv{Gwt0tinwXUTcpeL&kN(x@N9s?;rU z7Y~G0KvWXKysr@%?n{BC%v{6(3W!q?nnX#PXinmr&Ly^Ee_hF|HmDRE;%MjcaeYla zZuxsKC9s5GrvAWX{2{gz6``!5`1hk0OMBl)Fv*oM&*RaQ3K;nJXo`60+2hgFbjKxv zliEk(t6szNNO9m}gH*)MQ4OnHedc;D5u7Z9vtOlh+tH3}p~1v04}!$O z#>;bm>9_@L6@Nb^Q!!)Lcz7yqLhb7hj)EWX;kKK?^uQ&9434pf*h_!uNH#atQS47J z$mtm6@m#Il=4D#!d^737m{mIU@bv}?o`W+!S7%`M`c#Yl)y61;#9RNNFcXkp(I|$h zBX(&gcKy@3bTa!+s`_Wg@Kyg_;_h5|Ec%!DH5gW1!l)P)GL@seuW-&8IO#$3-|0K) z&*@nh3>d;0S|mHv8{1WA{j71+p?kXkdB___^5HhLdJJef5|=CzVrjMxV1CKsj2K!? zA)wUwt>Usnut3gqJKIYXl63sic5io_GU+*oH^^)uI2T5E-kX4BjO3v05qm{tpKHz` zm};aW%G(trYmoi8)BG8_Gv4Jk@&TLwP&w7CGrE@$=x_tpHsDPFy;0`8)G;`KG*!$) z4I3QFKQC!+z@qxS*NUsMjPf?@7Dh}L1Ky2dAvRF+fnKA?l2RP=!GI$?>UMK?Wc3W} z)OM#UeB(A1ceJtb+0n4@rSU2RDsAO>DC?d>Q%~reI|8xcNt@dTNWwwR z3JSYUXWR<@m6s`As3XfMx$jgV?D6q>1E(2Et4At zQ#cYJvfB9|QAd&k>1Vf3N*rmZ+hpBQqgI}Z1q!;OkI+fW*+0I{{Z1 z(V&;pQ7ZSJ`XssFy-?da06CPq4xs%AR1nY?^m;5?Q$x-O0*~aMYjn38+3R{fqVyg* zZ*Q|Zg;B;tTZo*A+@@s24Uv9N{>DriQg~C2BPf0LN}==AKE!ox8(6BYe7_Bv+z|Jq z&WzHfv9`eEEk_shWA0Zriivwm#bGDCW@b@MJ1xymI4xTZP)KuNcr|^%8A3g8o%`Gy zXZ9UOmYcw}a@MgE$6kPj29&N2@CMSHKNd9o{}kE(m%ti6{%W*( zQMZ8@djfs5yKk8cA-gs&0ZAI~Tw-eb7p92aQOA_;FeSF%{7M%q$En80eI@Bge8J2F zIayMK`^h?@W}o<8lGdZ@Eu$+gBOUTAi=$VY;%-+^Unz~`ZLV~akFGYkV>S0@>KQ~3 z|7tpVlIn}84@MfxCmV_%6CnE-eNDQ{&o~wMe#nvHpv|Zrz{+`qQr+S0{seagUo0qZ z6n$h__!a}WOw=4CbVR(^?sfHqM!FV=ZvlO100=?b8UVD&PZywcjR2y@56n=iMgSqi z`Eli--G6Qa%|y0mWb%e^uTtt9qZ*4`PZPh*168Z7Ss5YXDjw$|w2ZWkf1msX>%$i# zyq2QibS^gdVN(q<1csUmVr9j!{pMR;2ay=45AR?PufN^;@HF-KUMq+!89vq%>jBx2<>h@a+~&n}~*m-evO-ZFL~edDj{&7kJ; zUHtW%!|_>l*suhWw+^;vKKZy(U)=-eeI2o22XTmC7kPf5NIjP45_xGmXZ_mxUoW)x@&9v74 zAVpoEoWynokJ3*hq_oERO*nP69bSrAo%G=p%h202XEW~;`Lr_)?=bWN>!2{TJZpn- zEB<_8>rrMb&pK&USAUij$^h1p6$N)B;L88DjGz^V>_Bnb0HIJ|8vqaaOAC~y4Ily$ z3qr(@uq*6~KHUlCcRiV_Jf*%>&@-|$m1mq0{&iAQ*z#7U)fn>XCj7T8ucHOdzdO=Y z$Cdb((2i}nwW)>VR#6;jhwGwGwae!Ru+N}*)T45iqbzRcvIp{iKr*tV{@RBv7d34@ zq~TLOin+TY{)%OcdD zzpF&Sn!UDwey<0RLk{BaKmXJHgY^5)$ZB7_3R;uVg|s0Bf7cHGAH}WzgH-jnH!1}6 zWH$ro{EI`@ z@itSa6U9Gr4BjbM-A7v*nexp-lCsL!$+I&jcF^a8tY3^{PtK!{g%jNIkC9dpHOE@| z+6uvo7JAC;eO4gn={J4*8@6tW--{q$bF)M0d5=Pd;w>!7i?QP4+CRUpe1kr~)2c@H zqIXinqMWkoPb{J^|FIDISjhia$hZAinEF`gpa!Mr1W-c$wyxyW*F_)bH!&c4p)et( z-FCzH``XK_>g$ZQ<_)};QTSdclW!-1nEK(zsE1(2uMaXy(*ZBlznOJdC~n;d3@_Rx zXHUPBEc+y5JW*0p@D8L=x3v4!o~iYg(=7cYUd|1!AH8?)bj%aGRH^k&*LFbpqk$hM zN4W)BEu^?Do@k~L`JL|TfiN2b9!`#2i|*>;gm|KfO0&0r3xz#N=r3?%)<;u%O46fTQzsz~YV-lSrYIi*RMQ1AZB(MG zv)3HzqzA|6k{GQXT(9`m_;uQF@&i&JczozJ8vNaa?F)ESD3>y?0b-~;4~L{(0j(k- z4L&S%xo~m6Yeu#Yk#!M$-aLhe$fV8F+4xy~^)0z}Ch5i#oZP%+JA$OK)9Wzrm}7TU z`$ZwLu<0|!!(QSCuO!Cl)^0CrG#lRG(!SfqToMx*qX|)Nhf<~2Ubmm4bmLO#_(SZY z5-vh){tG^2_8v2OoX;Iw@$i(3DN)xzd%6Jn5S%WU!k!oZ(wTM0_888DlL5sm{$GYl z(OZc##R-1-9C<9vG|_o1n^d;rJE3gB0e|SUaWgzIe#z!j%bepC25X2HX7&ztP=6E` zXC}G`aQEc)e6JK$5Fp;js`|i zqE4njZxMMp%o}H{5WinvqSI(~;C#SW5;dzpbN?WZIWt0pQ zE(I?=7v84%%Ew<5c8T=};1Q4rNeybxBl8G+;^->w+Q%b!?lL&pYuJ^7SCZhObdsmA zCe9_zrR1~!fZ;?!8lVqC>4DHp?WPn6ot66lNnP|o&(JBScDoCNrpoW}NVW7q0C|F` zG*nKZ^SpM_j%!bD>+*YKQlP%WJ;+-&`Zlk%X+y;G&k#XzD{_+apR#tZ`tOXb_qeN< z5g5g-*g;RGmIA$wo;aiYvfC|yV5v*_tKa?G-i!)pKM+g&AqoSiam1KZroObhJk#h*AxqWg=|Z_m)P4zc9$03d88to4jS&z!t`cTEq|vhF%i8j4 zhe^3?e)|{GFO@)J_A{*v=-U<=+QzD+==WEO;CKqDSmQgxzg|F1&l-dC`zM~wo`)zI zo_!N4sm9)*mXA{T#xm#63!xg2mViIrD4+7}%s0)l!h2;Q8N3om$D6kfYUhJv)?ekF z_>;26l7DCaeW#4v)E-IxlbAJzu&nv>JP{u$Yc}%*6iS3`hcxZJzIB>R%9=_ZOnk%W z6q}eem`tB2n!pG-e29#aZ*S;SI?)3KDLwk)+kVw>s`wa?1PLEY2}lZGNnTG3|NaOW zh|?2-jD}1?0*6((rveI54GCFF2uLk3+%&Ufw%BClQ-~7w92_%OTS35AYNxY=aJG2- zjMbg;kSdHSn2wV5Emo<0o**vHWSa-dbiavk29NTTV*nC{t-K2W1DT}V~uBt z?d6wTHobvb4?@>>`*bg{6qa93wm*IO^rNGQ(&mF_^Bmb|g-+3Qe_ZXy)c6Hmucze8 zyo6G3^gcTK3j8O3OIi_}_ahEr%b9JnHHQf9poHvXsV^5aUyg~mai=l$T|S6O%sPb> zWR}rdhQj<3XvwJ}H-n~pd=rS3V~0u69^r{{*f8l<1Cm(?3!8|!^COt#mAmOO=F9=i zVEOhxhx-}f)3}|J+`nz`tXMQfLdOdrl@p^wYA4Roc`;%sp6sHb<4Un=kWA<2IWep$ zNt~ilNFE}66H2MWA%5?-#js;{2)l-zlx(hXdwSC~S^m}iYtEYTYKKwzZ?A|hG9%;_ z514Z(=(|!Z`(4NLW8_m}cP6iX!!cg_@5cgDEZbbiv)&9j!=CgzYvso9B5Jc=vsj3j zXL4AGKxD}R`N%oF`N=s|l}GNXxY1nsV`42qfd!uOM8m8#@&y9QS(@aLw)~Wl6$M%r z+LQ7{(c|J)s}5{@%CTb!0gnJF)RH&vD7f#^)QX5UizUp;CS~fjPI=APmLEwbo)}9# zOH)QEks0ya;*3(mG!`>Un>43`l}MhbFCRirmeb2BF2BR09Hr?QF>cO(mVTJ;GxuLT z^;>8+Alk*UX1yYdR8tP*Q%==9iHNp}70X&DV;W)gknejedhB~Le@OYa#I+!sxQC>m zMxK67MN(Yj7&~@X@%$4yU*np7&UDohEr$0Swb^Hj!PfoFPr5tUAh-A2Zoauy{YEBg z7C9GH$`foHZvOC?H~_7D?;rc3h?Q~{I{6mctfB~{9FmxEJBXyQLFd~Ii;#li#zXcj zp)mfx}{q4rPM$6wkrw(AfJyEDN*Q6GPq&yb%Q{D>Kc zx~=BCYStO~P*h%r=~{H~Th}O{q+^l1J=esJBE+d^xMPZxietEB%;W|q(}+j#IxqWd zAG!_33c2z%!L{z98od#vok6K|k}?6Hx=IBf_!3fagI%OT0A}ljc(`2}zl@Y@ra_@3 zkqsFFN;{Cl-_({7sziH!r19)CC_FeiVK`lQ+J00a-*dH`X@la!)}Gph(6_HglBTI_vd-Z3&j>d?Zd`V%z@pZIRI z+En7KK^~-XxOlkH$%Nc$0gcVVBqS^44Cxp~oIw9a4}L*9C7;frNGw%an-Jjz{y zi=;2}NaIcVMAZS0*w_IX9os=YWDVlotbkSKjl)xUf!38itB1E{vm}L;9yy~RbgFL5 zo}^N6l!%$ueP1;LA-);$Op)AWzH8=TyZbS{1~u2(jn6)V+(&grNSE`#T|~Q@_1M8* z*~&zvizTdL#>c?7auF`S60U{O>z;2oMOfx+Y?1y{4jkbLI>-37%Eu-VvkEy?qV2ZQ z0yDR5U1vM*9rg_TNVtYmdapsgoHo?+kwXY2nJ%p|!BdepaB{qjD&v_EA;b;dzSG42 z9SjH#w}SC9@qBn|Z#}fGf3!Y7l#d$8zIq+@55{h8a1@Ud31d(bw9#X(2U!Hr)T7O! z2_Z4r36l(BN_R?VJZu*+m}b#W5H2sKIvgGbtkH;XlnjIn5@YXEmY${+CNQ>Tm#bsm zJiVh{A%^stH?D#8;JsgJ)kmJtc)DO-v{AeHO?Q6|fq$wa4CmGgN{itK%f1>m*;W zDd>k(*kI=U!nJ2tK>8CzAPv_^G$AHwVl8P7^0X&ov(f~^)}F-LXJ{Y2Q`O0S%ly$%p}+;?R1oNTfuO6 zw)M;%xO#3DgGm3(A@kJM5t->9qJ-eLjOkO$y3f(dA4&jF+?>c=oqF~*js2t>g-e=* zA!|-fBK}T6n}|Cy)C8ZD#;Exm5D;UpGzK&7CQ-+QLLB&Wc6A+=Vq@B_OIusK zIY^D?)WTe~st=#ASHH!f7x3>P>Zc~JV$D^QOVKMvqR!iECJ0aQw@J!N<% z*{p4?*ZbV&#g2pc%x#LVaSv>x4`qaesBO3Pek9xaTm`ejtcZ=d=kTpGC}Gt&tIk$*FCP-xpuVSaYejcIg~a z_boG!kh5cvevdO%$C^$4c6s+oykI;N(%g;mjPuI^eK{xc-2Z@=h>xpmA@M4-U7RxW z^j(~(5!O6U8|6aYi7||QMlrKjzAYg>jo)Nca%tw2Ku3C;xh0NHyQHGUQn&`7&bJPg z9!9ke)g02c4n-QuwhpZrOs%#KZ683Gp9UOggI;){nzK?@UVY2vn(X1|)!sD$oC06E zcIxMQ9uOXycEK>OMLz6PTT|n`t!^I#m|ypIGoDX;y?U1B4AUnXxz|X@9xc?fK{v|r zX;F^ZVi(xgN#fKKE<@hjkKYXRme`b>BOB_Sv=YsNC!D_+KIK_4cskT;Xl0rfWit$M zl|JR^G_V=$UAMf+@IYLdg9H}F4TBs|kCR8(;8oA}kQpMdP1QIJNMe~3%h-G>07Tm) z8W!u@wBc80@D7g4UDg?1x&X_G6>7dn)_Zt?EM587!~;e|Up|?HTk|vPQ^ojvbN_$! z)BiX?%m)c-EKLa4Y1a>yMX}>e$jPQ9o=|Sv8}dlIwkqn#-L|u3d3A68B(nK>VI}YT z$gA)Kb)(d5pTiz*af0!BY%$XDdKC6{2Kq>yW#R8Vw)uWydqLvmBp1@0djQ<0{L}%m z%b)yu7#s<|`sD%0cWHw@rUj5z?1z4lN6DrbVJZN@-yB2e%zbL}u*l7AFPK6Mey1AP zL_GbSDrOx)HZ$F}zS~1#vgnef@SI$=!5(X2u-3l$8TA|MGZWb?;i)@h=)+7cg99DVOor0&(uju=hqe6)WNa)-)L9XjT-p_t|!q0*(0f_LxGH zgy-4Ve~M(5cmz13y{XCn6sc&5L)SQW9_!bJZnno*Y_5lq*sc}F6vANcNLpw3=_9g= z-jPya5?W{7c%Kol{RshWkB|U)M8`)^JpM+H9vbcqiohhffsx{IU3l{l8}3LZ zsC2iJwZgFWg3KyZNTu0;iJv2+iY0n7Ewm$*>38w-q@1}IHI@YeDp>|{yef$X{exPT z@w`>BiIL`h?q3upEge`29+*G7#fw#)CFJzJ5VsU(5G-Q1WaC3Pdk&79Bc5$r*#pwb zSN1}h&!?4ax80kq#Xy#*PO`7ojH1c!Q?A+p5?OH+Vo?(s=yoRJAAE<(iOfU_67q~mE!6-_7R~E3T6>Pav zn^pu#+ZIMKdu)Wnka52`e>`ceWjvq04|gXTiQ!KOS~x-$YnnVlf8Agoa@BpRD+zxG z8H@8xa1FJA()}_b!&~4Q+kgHDv#hvWECrAgx_jN%O<^FaRu}%)BepJNoJ(@P5H4ir z{U^xIp*DJ&zO9$L#{&l346txQBeSIq{4%c7<)*H}BKL3Sa}OVHd5IdaybkH*NZ1+` z$K=8gE%DO_VoZ(DYu&zQBATFX(@W{SmXl1&-URi8Yh`dSmw~<{)EyL5mL}vcV&Lc6 zDgB|jJG}}g%{bsmEhUXsODq*6jXWqo*dc0JT;wie`5gSVD4EXqIRkhnT#xS@sj4yi zM(aCaJZs22Mq+G+5+t47HvCY>S%4zMtFnIcN8TF$q>d^{l;6X7DIyS_`ybe|Ucopn#1dCojFXDYyr3^KW<7#0~an+gFig7MvF^(dX#a1SM}2A`Km+aW02!r*8ilEodH;cRZ~3Ppl2baQ!6OA=@V^yW3?tH-kawQDYF&n z`T53F1ic#p)Vo<7&RD*A9nKNn2*^K*A&KlQdw%pG&KO$!_xkX0&;f+PQ?u}ft%j$_ zo1lyTf)kH#M!ZyuB4%2=O6%SCY<2bC0WZ9wT3#hRd#nkk7d1Q<;?H>AEyx-+8doB& zAYBViqaVK>qJN!7|B^b7u5tdTJFTMoPPz8tRrKPy=y7Ih`?z&Xi8wZT!mejul4o2^ z<44^Gl}9JURi>gFtfJebRD0nWy_gmWy_^FGLDJ}b4x`U1Ab1Y%dFwXgixF3b%5Qa_ zqfqL!{G(9Je=xs`pC13JW>W=W15*p^Xpq@W+l)P352674Pv(1)aDbG zcu-Nm)7OG;=F^nm6K1nV4`Ywi)Oz?; zoi^E@`3U#9iAESs*it$n)fvWmx*|^4I>ICjY3ERCywhs-O~4`dmSj!#r#7b~9F|_8 z%pOd?8tSFJ2v)kjyy!{mn`lqqr@_tYp1%^pn^;|v9t?p(goZ<_5SLo;f3DL+#ygt0 zZgshjKC038mzgKYepceGX*JoJQ?j=PTamxvoJ!ZYx4O{v1;8ilsqKmecjCjh(f6GY z38>j3;^e!@0QsqV+o2_<*oK=E;vO@0Ihok9Ta}p7LulYt)&6o{>yNqUGnyN>4m~8{ zd_PkARuZ#pZ_X~-8x*{?U0i9b5=ms9!h6y#-)oVOiZd3vps}YjB2;~#A7Zo@8(SbcaN+~Q2NT%fRJ03&o{8F42U0RV_b z$TQ4O(h@+{F0{8?qo1YexbU3)(x0Ik(Qbc{F+|j68`19nvtAj~o*;iG32ByEN23Sg zdHDT&_TNQ#9D;ZrbW=98Co;vuQtN^GF^JlV=O{KLicM0pf$p^MPz71@0YuCmj&|`s zC<8S-{l*c^p{6T_x9imbT1X{2e}PZfUzDYB90w(D;*N;h}6^lMrn z2&Jx2yNgKLqG)rKk_HACm0qc1D{AXU%Nb}((#I2xB zQ-ye&kF1T}@L}}euCNS0l7voANHjUZH=In;(d%T! zK4)X(zu?tkB!Bi~(h$9lX6*Cb9@<;38pTVC(j77SLZcGdt|&7m+*vAT>Z|s?X&T5k zCVaL~PPgSQs=+Aw7_cE2OTQ9)_?91nq8t2m&N`EeIrlPGItD#{=S_Lo-Kr(;j-3xj z3-SINdTt`O#yWs*@7pPczK;&)P(daT92dyCo3>@zu%Z9gPtVB?gCDB`oh**TZd~KjQ+9hUR_uJ{WOOCq6PMHX!zJRtf|+dO=}9w|>%( zAwDN}bcCN_FrXW66b+k!Tz=AZy7M--1Ne=2=GQss{ho5WWiY`r*X5wik#f7{6?oi| z60>xUrJ(LQ(H!6i7C99hZ?Y$PPoy7w1`@h4YfEu?rr^!ue=^hKtf4g+?A!J53{(#W6KJ|H$|&%TDhL|J(Vrt4=U9fXR6m< zB{F5$0I4^bUC%F4IXv6W?kaFRd(zP=(X(eZI%Z3W)=U2rTcLXTM)Vq4@=|nv!KUtD z3ptuyZ7g>`ae<-2T`Ep#PR~(2oMYywMn??avD{)VpL_x<7&BrFYCR+au)k)-_GfG5{1lVKArh;P;#Hn6XHi4rwFXvo~Y8Q9)iV3y| zc+FE>0qpljh){qyHG|5Y;6&*wCOiSDplh^^z$t~Nn%ic;7pxJB5yY?>R5_j#6_S<#*<9{a-W(4))NhN(1ny17kC*_bE3rG(jF;~qa=NnzP+E_j zX<`tbLTvL9D*zIIFk+eIVb$n2_kTaoSM_MQJ^5hCwDm!69Vthxw3G4iJnANx?|~Fi zpiaoDNOho@eljh*SRrwwQA2c^D{AFdnPeY}N_8Te<9uxEDTPj2AI#8sR>Oi5Z5E@` zu+>aV*8`kL!&56gW&G>B+;)<3pG-n!QMFEF7S1Q4flk>3)4CrVI-cJkaiz_k)n#T; zO=09woDZj!0*8@*UoL8)d<)Z-9vlk0*1+FI3$&jWZmWC_r->qUq$;)Ygp4oeQQ6Kb z?~K$5!z*d$=YehgN=}1hH;o#tBhJ0V(_%6WI-zUjJ|vBb)oGg5AJ29^cywRWt`1SQ z%GPffO5!!#rOyM7{jZzS1UcjK(4mTg22A=qU{B4PTxo}~Nuh$?|&&~RHO!1Y|!1Q>1pZSaW70O$H^z^+`R2JF2y?C8NGvm0~M z`VBt0GjF|@75hJ|RsYZO?dH`^^Pc}8HUGP`mNB^)JYu}3ut?Q&uWG?RaOqkw)uPJw zf|0_$IxFDrm;{$`k&|F+l-?K_^uWxdd51~caO=>Cn7?54uWk#3Rxdoaty;I9T%Z0_ Zn+-}ezbEC+Pl9)Th=Rai!H4%l{tisSqMZN$ delta 19644 zcma&N1yoyK@IP2I1&Xz}yA}yv+}*W6kwTF|3$#G7KyY^p?oyywaff1s25*5D3GN;w z_y)eemH+OZvwKe7=UwK`y)Q3wXFfCcJ(5>w3sz|T>roO}AyFh4FTt*JLIfSxMn~~z zg19oE_`J1kHbC4QB%0|+ zp&H6=Q#yTXN>(fI#y~Z|`(qOcM*X;nu?)cQs!n?$h?uAPuqb8GB1WFVFFkfvr2V^T zT()l`+#Rj|84++MlE;&TSCQrY@HO3@Z$WS((g{j7iq68nOwlo!G+x{4XW9tuuPqlIx^IwqGh-nJoc<~G0i zmuPc3zt?&1No} zBC(^6$OtEV*EkyN01f^J7$g+74Voj9<|u~84Cwu{^2HzdfwHj6XdEnp-g^WM2(ZH9 z-%t7@F1t(;@_j6hg+S0E$aFB4{nE%j)RZNavall@>N}PqYKz2q90!q7mk`%|h*X#bY+=k60m z0jG-Zzj@JZmum%_KKvy!I$zAf**vYm=VcF1F5_v}$~&yE4H}aC+#_#ge5k+5I4v@? z*2noqxR42#(`=;TyM&cyG*+&1bIak3{#urpKAg0n<=r(d$;T9|QX{k~YVP@jug zwD3(ge;Y@)J`*6f-eSR!wMh!;Q-clZxq=Nub?rN zIC{(64&PMmsaQN%aK>Mb?EZP_94n2((MkNnt)Jx7I!s~|Wsam~QD#n9JGt`@i5i;R z2g~pwoOZB^%lhE{vVfQ75To4C5jVZc0N$9-M)ugqvc^JLOsF$HJ--#>0E0|eP@^_p zK&5k=n4)jssQZP|SKPNbajP8hW*XW?9(l7lkAEL!MA=J5y70F zHc;Er*htm)cL#Sdea-Th(^;kR^N^0>-8sCR+K&K?!M;{tu-U=lT;6zUNQv)$LvAq2 zmwVJM2g5=EsNIqjmdW)1i?b=jzfkjUN1elzLeQ%N*|~y0=ak({V*%t$UR1#CM37lZ zxjlHZvm{huv*h*lyV0&~{(HWoXvH63mQK^vP4#OF3Gw}Bz9?N}07ERe!HOikpFnhn z7vWg~sO$1D0wtS?Fk6I`RHKRp*Y{s;CgEw~T{y&!u!HCsi=WarwQLB+4UyBn8Qtrx zkb5c8!5<QIH2})96dI z1#gsB5JEUAJNUJl^QsU*=cdt9Hf?3;qIFZR1YjH+D37*bslxF1gp+;zLyQ z8y6CSCE*6LHB-(zrex+dRU0+Nua^U!Z)1Adirske>b;&Pcv=yO*3qJ=-zsuHk+y-^ zY^WLn6feL9#Rglh?5dTqQB|W?%n%{TnSuTRE?XAazyF$hi6NV*rca$B#yW2C0&es^ zBrj1z`oF3IWZYS@)_)Qnm~JUQ>uXa~&7qX)Z8`4vb@fDnA_CoFK`)qAm;o_};tIk*j%N~NZ z;|ugNiGSdS?7s>Xt6#~Fe)U!O@|iH)uL*tqxEp)3ULbTl>Ee_d{ZBjl-z$pTB`UF< z1wo%JFs#%1UMMd3@{O_%UVkO2Fhlk4g~|2!K5INd=YN))seknoO?Ql@Bn&DAw<4B{ z6dFyI(nN~CIN7iGPK8QgcRaJpPN?=aHi;<1Uc}wkW8d}Px8!P@Lz zj;o4y5PiC{S6~z-fOD_{453i zA_NvHNLVfVV4SW)ucl)XO!c{(M|NTN9lkc{)3-r^S8C<}U4sMO0{cwh@ly%xrbL*y zNK<*;XX_!1zO`Mk$>`=0!$sg7O;X1fs~Kl!n5fw5hLYXgVnx(=_|i}XPE1_KsQRaD zcK&{d?uXc}mh;Kl%k&ly6xHOtY@qjfD=Q)O?gid|0B4%Zkw?N3#L!I(D`YXRCK z60vT{^7{AazEr`q7;~i)mtVR@KRqW5E*%oZth}G7NE8Uf@@`0_0sqyYzs6|2p{LQh zpG>;}%eqjI^A!nL0UHc;d0%}7N?ilUXfpXAz+1EzVO-zPkOw;Qz-Z$7hFP=5#t#%0 z5ai_LW98*#Wyj{xaDFHM*3E{FO$ds;a7nYDiQ|Oibhg_k*YJw(E+SFTW>&u#!_#zg=%XgJIcXPZl$qrfMDi0rG1P zctjqGxZ-|WuhLn%It5^o8{A(vex2-tZKkDjsxzGNU4{3S zE7o!N{k&*lGM(c5i}q45oleg(L_FY<;rtJDw!0TZdbwgP?-F}rw(<+eSTlIZ;8%-9 zKaAB$2{M2ZoQie&fNC#GmjqyFovOAHS<5~Hr1@evn+Wq01KzP-j80(?;d#_}_eG8~ zCHy&2WM>YMg);aHdDT(nGN+x8>0c{|!&NCKQo{d$HTF%7R%Fkfu)z?%bp6GUJQ;)wb0*! zh+BL(WGvaa`yS@ZnJbPcnC;qItyuHv*59)@hyO)+w>D1Nf45Etd*A7!j%@H+1Zds) z>g-v>o-C|f=akKMQEmGCWcBD`JLh3Vn1hcOY&gz&`mJE1rCWR_cTraNpEI1PVIND7 zjZkNt+>A@)6|z?6dS{@>D{vo$IPL5sl_tAcFZqSjB5&0KcO z;P`Kk-S10Cw_xY^_Xu(xm!LyJiyPy1FaBI={S9n>NyNua572RH?L@yl_(R1)w~?h{ zcjx9@4=Js1pl@7tWOV?!ti)1X&{$td=+8LB-V#4)S^}LGf`OZ`M7gRIL>S}>Rff_c zoK6(N8Otn=*jJ$BwnTlLo#Vo55mw&47g>h_{Mfb4WphNIBwtJ_5`veaOm1V1U!Jd( zTGcvVtv{D~x~z4=tUYW8=_mxWg0HA8`sjr2iLy54hKz>3h4F(rnfVD@>s(@a1gb4_ z!f-(OUct8v0!IqZ8i71A0X&IPOl{AM5LDE*!|5^OeWYTMk1IC{@zK^ij1q(kO5hOA zPe0^?DQ<8zkC0m6CD?i_al_pITev)(ybKDa%QP_R&Iai9kw5rQ(xT`>&a;oyBK~pd zj_GK#s21YpoV@xDElMBDL)guk@`H2?$CfcH_UzTtd6tPSep@E5IePYziZO<*OLc^J zfMQK1b*2uN(P$SYY18^?lRLRduFs{+R{(fCQ-_z&+1BAPNq&RsG8u<6`r^Yz-GyeCrBlFXNuRn?*A2tjflbPn zw`i_nL{p!x{d?i3{2O>**Xs0?rECs@IV8nG+$fRJMG`i;%?dTs9x0`pj7t}c-+WN8 zItY~jT_b4tE`CUM_JZ)!8ftQRRzSI4Pw-Auz;~w-8}!8-&R7bBS9CI2qeH zirBatP8}Z6wZB}~so91KvMW*4H_Qv0=vun(PNq`l14}G)L|4+;S21&GsTEy0&6k7PMt#J68}JKQ*wGuH~WGbhH}40kfU=hpQo1 zXp5DF{@ykx6tNWPJE5a3y2vMFf}CeVoivS*7dekU3pH|yR?d><9trZwvGsR;t(mGV zqyKJY0qXGxAjc}0B?YfV@hW^KuB$50d|NsOWCVhjT$2-G36ylZmgf3ALdh|XBY94E z9@nW+uSW)X2qG3dMrbWs6vJ@Wy{RmEOI?R3(*;EJ=lGhe07g|NSs!dyXQz>CSwc5L zI%F^il_t-1jXC|aLGk(*DV9fc3*Izb!7`3dxLZ-ur{k1xgN2R6r=JyOx&25BNSpbF zw-7fTD}17P=M;u58D_eT2Bp>>A{}bTZFy0SC;$^UrW^k}R+!kgJ_vN^WUJ|bQv8G~ zeBOWiV6|G;M^?yXOm@p5cdpOniDWnDkX)1LoJ}y`w?@N`xEWfMD>W|7+9ygS16w^g}R9=j?ItywNg+1<``-hCAEc-`K3)1Gl1K4f~C# zHP|CFtne#6GQ(*9)NVT0kwmWCp4%fg;P}q)9rmJ0Dq(CZABG);^L(Ls^e~>&m`VGf zQc!K3I)5%$rgqk&J}mV=2V3)fyebcNxAV(WEj z)BKJqU+=Y5APJ(j^kz}G`ld2@jNWdCdaCp)b;H#u<%9B@$!S) z@a8p3B5WG|_eF_0u2IX7K15}rex`8MZ-Bm6x83iSM;Zv!j8WWcPyDUt13M>gWp z%CF~WI>Q6R5hb%-`>Ro8;+7oe&exZ3IF*O;og;7OWF$AU${rYEpVtE1r+VkBw+D+o zQOWpy@gNh)b)8C{zeSEEcC7jSV?twxTdx*;9Xr;frn(45s%pYtz0+E-Mb2r5peio@ z4HZU?qRN$9(dS1hwjtR;Z)ZQ#>VCR=bBo?R2+0b>2&$3d-#ZU_*ttJ6&8(4QH9&-% z?sr^Zml&;vwn!7JVIA&u4o_DT)(D@{+LHc zCIyZ~c>GP$uX3GZe$zk1P`m0k;!oK#=JEr_niO}QxB~RSCkg@kcE}KlbUhPWlFuMb z9Np`*w!Dn71SJQaI?Tv^^H+zN{0(6(l;=kZ3?bxQ?QuNM*~g-V|BaD~75M*8BU8^#kZw$OzgImx-D_=4i>4D*0`)vszM;F z&6n#TBbX~^=3&T}>qs|dx4E&QwgGpV?X?4}SE+Bn&1VN$$-(o@L!hdVTTo;lbvASp z%_V*;Auv-ieJpH=H`iIkBZx0Iu3JY^?1^wRveolR5|((tWFtA#gC&WzX{)yZS3$&% zY4(_Xg>LG(WQ>iD#FRrfy+wLAO(&_pK{xBPU!Ip&g}>*Ai@#ZNHH9uzLpPCm_~uSM z<-7DTNM1L1lOjaS4%uAB&dm_G8vPGskNV1`_ zatiqf(oqMbBQ4Amx&7dxCoTW>xjp_aWNRZAV9ukHj@B;F^R%_$lwVQ_wYr;sX~H}~ zMlA{Gg7%HYc_CxrB=0KZ;`ox}vt8$&Q~QKpCtKqGlv9TPl~c7z5pje)uZB0l40*Bs z-`fahS3wDH9!o088Ai7k$qTp-zM3|$ksCM#stqcCH{DAvsiao?$em+l(cGcm+cuX` zE%r_sAKCMZ$y^%JoTRn*L)^W@opYddsG|LfYgC!QS||1lf`L_-zq%K<^XJf`pKhKi z&M5v}Fm=g9<{!rIi~dqK|01@o2)u`wf0X0FPVLcW*o%1l7M?7o^5>^JCvZQszsF#iJHw zbCX9JUGse|cuOOB)RLMCvLpf5*!t9hXL)Ym&!uXblo#R1Agh$TM*R?DH*toLc`DI0 zolc@KR4{KAKrPBzoxUqwi!TaQGY1O$ThZ3rX_)f~2UyX%(d4#UI-&GS9`1OZWVH|z zUAOl(tpPT^Xz#%z*}VqlQ6ha8x0O$lTV5c$bO-)G3(g1C?`08@qIy92Q4a zy4)j5JWL;460rbnkl0dZExGEvZ22XQg`^Zk^#fk5p7)X=N%OW3#tX|D;@U7~+c4nP zJWfQWtIge;UpZR9L+wv-L9wZclu$M8rKIj5_YGwBQ@YI2GJs5fB*l`~IQU&+cuvZZ z#gsN^eO|U*>A!L++wF4*Iqi**#hOXG&4*Jn$x?ik0CJS;oH0DQhzCdP{9Pr~pCiC4 z_Z0xroJySiO>jw=i_8JsyB3zubtF6&$p2tc#c(K z<>6LW!4=3@U4m2q4tn5*9Sx>O`g(I&psQCpPo06WNiB--DzTMCG^g46zEywvbGJ}Obec0E?b)IE<iN*Y4;NSZv)MIJd5N5blbY;u9gpAns`|28)e(ArBrt1E$A#<-$H z_RNy8qgN>^3~qd%uBdXID~bZyqe^*>UNNXK>~UDOA}d69O1(36QUrss9A8T5r*Ex) zb!2o$^&6%%KnZE|O;)*`1Edy0ndy;c{KjDSI>zrzx(c;o1(i;*;tM~K_t$humB5@} z8@Zt4a!|_F__m5ORsag?oI=?>BS`K7Rwap4j z0O(Le`d+c;_TDm$=ueP0(k_#~mv^ zy>HMQFBgwGY^#E-!Yf#xcN#%)YZ4B{VQL#l{`5#V#Bjw)hA*u7jLu`vAxsc{mdF~U zGYmAACYG1TBl$~jLlexlqqEBLc4S8AA^Dj@xvi{qS(X9%W`0=9c$3eg8F#-|zBCAElYUnu{cR3)oB8@6~B|+_YsK!z_{n1!P~m z32}6xcIwtZK5}%SJdg%;B9>|uYRd?No@&Z-{UHB@ha#IE|FZsBg50fg)K7?V(a##? z4rE}R{<)%jh<{Y*bo5-AE~8g3KJ-~~55;R7WODJrKc)stsF#E-tg;5TQ4V9zUv(DC zAU=d@4;<+5H9&kXRHBCTT!w2e49$fAujj1@s?stURhXy<3hT0%2uA6$_#6MI@h6bH zC;xrLEaFyK-Op`|vPL{yOh+@l8I!w9Vj{Sk`Gi$JBs?*zrRSXWP}#%r&dmsXHvmgd zvjVrqoRn4lZrU<@Gbxru>wox;cg`1WHgAIkx9AQgFy{3zGvA8UZ$CSC>RkNg8vwax z;l4;QIjHzP?_u4-)AAW+x!zeg>`R++Jz#97)Ta4srZx9RJBn~Vxl_-_W;Bm{jLtB_ zX28WVig>Wn5m}BjrFaN(=S@6}^ys;HkE17=^D=dN7``_2_$*A7E@IRWXYRY)A-41+OI6kHeS6uoHi&7s%@LCz0TjiwBf*N*Pl(+9z3dB;=Cbsrn-mN4f7?8)zB z=&Ga{1$qpcF=v)B=YwsVF`Aa~=0ivjG$zY5^I?D^0-7FcPt=b`L^(2`=*=Tk^B-Udl6EfBlk%U1xgqq6G;gy2?Nn|}j zC(ISIz{8t!i{s#1hrd$y`Dd;C~Qm|}Ru2>% zhKh#{rzwi7n})Mk`FRkYW&rTv%Q0Yk>J;KuKbi$nT@O(FzuCiukYedM(GuUA07d&i zN|zS}bQy_>;OiNN8YAYQZ;mN0m8DBB?PWjy(fG&VVQRWWFVA_V=2@*}5OmTlI<6>A zaNBJ>o0)ub3}#*j;Pnv352GzwFEP9c-K7fvv=91Ukd22*OTPI|lhIdK;a$5x$I> z?ulJn11h-nX@;=W_VmqfZ2WwPZ!7ZYNB6GA)ypKVqt|LhLS0!oZCQ#fSqF{tkS)iZo=e6+ndwc>xh@2PlIPc$z&A@yUf`w8yLY328nGw+sq0o3jsQX~v#e z5}o&-a{(O4;>@0L39>TZUrI&Pz>=R)2+p}1HRk%ex?rqnw^2EO@eT!bY^CRR!sRI< zN+z~W#nX~+QeZqIitWSUM&!pFjOI3d718#`)Du%;D`$#K8$V6Q1C8=ytgB@4O%&WT zgk(>J7SXdKiMjF)Yh+~S3@5PzS`-26Y? zp$Gqn%Dh|66Qg<=w>`w;h(=NxxGqfnG63>#7oY;}4AOI<*jav-72@hb!`-c5@2`gR zc^3?de5|S;g3WlsODqDtT=oHn^utSrx+kR5N_&Nef*B@@$r}F#RCVA(Ely5iwDszy=wRWUltKW zs{_ytepqq@UeQ0Tb#OeA61yhIb?cQw(dgdW#>q)!0Xiz`Aj>TF#M!>juF5G+wFQfk z607g6Z=AV41alF53>VbKad*Kw?G$_ylIa34L9W_R$dRE%2I>Akytd_sP+i`Jch~p} z_T_SpyVBNdLMatBJMQ4UVT+;3I-X6+HCBwl0luMzQusO~zXJfo=x>MJv_kmX0jmE$ zR#4{nv!*4X`GB@@RG1v+e9-mL6B=1$tS0CbWWThy|NND>BS!c4`frX4ql%JV(vfH$ z!Tyi_W&{$S0ZYodCp9esaCoJ~;r{+2rfQWO=CbBJaa*r?=ASDMwiX7@%-+Zo|N2F^R zJTpel+q}CeX!&MlY_~hUDp%Nl;*FFuDq4%*BIGumw|0&x0%2SVYNMSBy7`X-cfNpf#Y zW65@J>@iyWueNSZxQ6?BKEYom6c1$`$JFYKj9;kNIi=cuWFNUw%Ww}FvA=&G+gWZOAE{Zo>w;5It1PVT zN-58yc{(L;4K+N{%|Iz%SgZa*+0}a4a{njjfVBxyv7oF_b;q8O$gncp%_wA=n$q)~ z@3kT3FW`_S`OCo@QJWenz1`%V&(Lx`q%i+M_~t=4we=v(dk}g(2-{ylp7sJ*!JI)h z$X*RJ9hAewce~DUBcfJ%3j3wBiE9X08?B?HK!#XTqix(^6GLcvi`s~9Q z5ufT$iRP;}?E_d|8cowBPQEe=e$`^FDaeF0JYd+AWMSP}<@>eP;GnkOFV&C6Wn7#M zHW-cHx>Jc~zoVKOTK>ZRU<~8}bC%fj*MCb(C7$|jWn!rQEAl;3%2~3$WfndwrJN{t zuh?Gw*s)`8OwCnMX!ED;n|G?g*om07$S>LtO7a&<)ugwC$ZF8jw&oGrp__Zii zsA^HjHz}$6^wle=lRl!4(8Q`|V*5=DqArc>bq*7LE~KLm@ET0g*QvDUBLF+K58s-= zn{rj5lo$B(Ml;dQ(W=f0v!E&~Ck>>WlauE0Ri%`*gz9;Dn6^al4!u5pzW38Va$jj= z&%Q>|@ZhkB(nRSYg zU!}cD2CV>Brw)^f;1>g&gFh9`IAYD4rdjh6iX}0Cai4Je z`ucGR_=%gO)ivg^ft;Vj`hw-D`Oko)pIGHNZOsyIhPs{~ej@y=auRl@nAX-!*LOw1 z3%;u{KUD9?4?FYe`PzGB!n;&s&ZF5;8+sPj9slD>lsBX1j>*2IObTOwV0tDxTBn zakmVN9w!r|b<2-HLGI9w3+mrvN^TKH0yMZd;Da;+5UxRh61W)V;4#Vbr;SJD?swPI zB%%(WW8#wzpvKA5zGp+$1WAk$laz3Vh)K0%bKO&i&>aaJ`E6!Z9v$y>#cJ*{bBx-_tg+TDdPjk2@mnJ%DO7Bvn&oo zJ$HzuaRn+RAwfc~1=3&2l(VX6KC>M16Zm6VRiIvpgDDA9Y`GqwO-0W2G2d?jE z{%)UyjfUXmJ>*yy*3-yz*`JH$DrO&5J`$)B*C1$_T3Bk?^k=7`d;uq;7Y(0(0_;m7$_BPRK#kt47-!<-eisE?!Cmf)AE>1KYfqG3*4R;C$T-w`Y;6_1$|3WvQs#LM+WFK(k=r&|WfoJyRg;M64*+muSW=CGS?NfKXn@^*AYRr2;Tunp0uef{Z# zeZ2s?L>o~_cdTvVgTMqE#|cVG&tnQUp3#1F(=aX;Kcbn$oM3tWyx3gTWE4 z`!*T7P@k;$$5#e&1150cDOvF#n}p&vP&H1+J35r+l=_de*#FF=-xAFML5_QFlgw5) zp;G3eIK;1-qjM6SXqPNrxJJ%A#^&`PdYGG{!I*tc3C2{+O52CILsTJPSf?v&QXG($ zLP>`{USZgRQD0`@5d3XEHF@zCn87zDSL=d(5B5$Ilb$kO=jJW_u6u1#ps|6uSeU0TYM@(h#3|)!gTo?dqh)w@D?DYXet>Ec-RkPA=I`k= z9&q`K2EmfZDm7K98{M0nl8$LymF=Lpw*xPAM#?LJTyA1%fPWl@m92Ls?zat*CKX>F z;B`Z!K}E^5;l5AhakQoY1x3kUZxMFio6Qvo^jZT~iwfmN2a*qe$YxETD~*S%M)f_7 z4nZFU)$3B6Diy68Bi~n4%^GTiR4ST-8x@@k?`91pLMwr}4X@aJKM9+w_L-hR8?k*V zESq+6KK@ad<=Cqv{D9rq7$DNL^YTN?MD5Bv1#Y7={Xb&sLa@3j>{Nc!TDlK_?jy~3 z;J*k%>7j|wMne^&t3eZW0~BrfFIS++iW4vzg?Q41mLI69w%vt!PNY$qBqiU0&#B)I z%THNI*X)dr4kG<#L zjb|@RLokaHK#c?$DuO-~+%zbP5=(H;>Vx|rKN@$m&=jll6|B>G3(bgUKjISAc;JbNG zO9T%7lVD`(r@jD#;q;4)p)-;}WX9K2R@(b&;m7sW^qAv{dxe>oN<73P#rg>O5G|{F zl|8A5Th@-zT(=~@e`(2gm6XT7fMxD#x>vCK>$d}RvuQW2)K-g}#FG8VGud>8x!+Z` zw{j3sWV_|SGrea{%)_N*BdWi&fbl8VxmM413F-P-bwLc^{?a7rNUb7-yua3&%J!^O zI7AqDHf4M@aF4#J_sLG+PQ*|3Kui9zi1K2}fNq$zqbAqsiI-%;=8OLol2{hC@ag2~ zZ{B^ltSdTozHvNuIz`AoPW=Ex9bL`=M7hd96@L{Q-m)=}uHF$7I}2C^s1m6n@gwPX zu0BDMl~frW3l^`6|Bw~e&5Cd#@#{TSn}v5ax>vh6%X-8~=xIdfDsOX<(36vVkt7OX z4e{mMm`n80-D9<`ubkByI5PRePrmv-rRUwVVgt-1V5DIxT=;|n)>)=F9R-Q3co58Ot*o5^=dxUt` z`WUiumXX)ol>vLP@r9RFuyjxm-1H(^Zp5aC;P*WD_)W$fZfNGld0;|Gi^;fQrWm?n z%0{d|N^y&Io}Q4$^Z)i_WN4hn4(fEkOjeXR)e6q!mlQ7L7qPQPKH1m@ z5<-aff$&r$Y$IXU0Carn(!!WA>0Z&~tg3o{shTGLeg?MKN&Kw(BddZK`#+B-#Q)01 zHAB8|)H{YcSEF#$>*Z%-@9W#oFvI+weEqLSFW>AMIXVm#C8u7(jTC#8wth_fb{_6T}T+}M1t1?M06nG z)dOs|qm$8hKSfb|$}8(nh#E~`8T^FtQ3T1G1fb(RN9|K2#XuN!HBcj^kf=!jB^asp z^gP@$?&u1sn%qrEF%12EeS?J=r&ryFFYTtePf5oZK) zM!QswSDL?daqR!XTh$;-`#B_aIWjvB(qToqMOXC|rE;IRHJS6Y$!HH_)qvAMrp+hh zd_6Kq#bJ|YkoC{*n@=JtAFoW`(tuHXM~MHea0&<;^=YpmDLVd4)Tr;tns<2ZpdEcE zb#54$9SF-R{MaUZqTh%flMse#9l~k#TIr@TqJtPe@%MDcu`$gLYkRcH-^8uoIn|$3 zjq95c;$yXI>dxI4B5)+8iBIh#2=3F0IPPL;>(RF+Rw4pZpJ|tb@Np%-HwHtBxO1am zFBVd9Rmw{Q)hQaZ^Fy$?^zHLyqm&!`2qEclBAg`&`1pT;EaacZMDo8B2v$hwod{P*v=r;p&=(l`xN;KgTkwFw z%y))SUTUt1Dx!BUB{5M<3N|G$>0lbVtS854`1ihg{b?f_H+iIEA z_bu5Vo6YMp1aheofj}aB<903GP5eI2LH%{wTS)3}fDG z+~wF8ML6*6@2I_`twa6PBWeL&A^ck3y(mVelwog+**#O>P2v`W zaSlW{o9nvhf$tvlPe7dVmSuvp4hc%DR>dt|DgXN%=p_$P|O5u_r&B}*$ePDe{xN{I^A61v66K6O1z@Z>^)UiUKKjB zR9?mViXIm(U>L9|Pf?MNc~V1p-fcb$XsDqTXBzh;zzZ0}pg_JkBZ8SjWB)CPtkL(m zRbL}3HU)0HlXzy4-%M^eJ~f6JYSQshIV&ivseh51K?GZ z5{cvX!|v8wwvFzq)JJKug#b#5ky@t@X9zX)J-@^&3D@HdOe0}Q^wn}oiK%gWWp``J zKDk$8-Fe%JaianhJPU|vHLn24xV_VKyalC7N&M+k8-FKXw_Q#e3-Ikp3c}{o_FQsN zYi`K9{|IrUK^!6fYYr)C0dEAtqG+#N$=B%!Z;e={}Fv1_fXe}dY2m(dbN|N zKeq0v_Rv4(2}kOwWOUX^M@s6RCKT|P`xE)1Z@~$4Eg0hq;)r~K!C6S~egKyTu+0J^ z@y$b1SG*`(X2l9dTKJ>ClLs?6%GV+qgY???@8X5H%5B0-Emn^Ijt`dnHV(Tu!JiA7 zl`=MF0ZQxkA%4otB1`vug#BcUSAHbS@p{D5kee-~8B?={=SG3*Tb_d1!*SmVOtqU+veF)zM6woMuT zMmL(HtlLEqB7q#rETGn8>@cG1n5tM8`7V{OE;+pz`qIXhou6_L^%y&T+2E_kEV zQ|AOaX`M<_cbaw{hz@ZWcQv@%5dB`58?Se1QJb&1elC>?wtLcKb z4?}oLl6-`|(r?5ahNOx5J+Z1n(1*WYp`mpMCtsmKaR?t;W~H|c@~Qet&k{Hz2St&> zDFF*-0l;;Yl-w+3U7`fePV*kUHoWa^J*&#N1FpjJsA$cUCOsnip$rK@;5796|}dNU0bTs>TP}Xzv6eQo`pL>w!TC>z{g|& zB=NV@^~d8TtA7SJJBT*c-qUY}kcksB^eqOk^b8)IG$ic{F$UrqEa3MF$F|QSp+Ie~ zO?>5#4GjqL+MO8xyC0CMOFe|Ucd<=*LLrh{*DawS>IriA$-CE(fPJ%~Ed~Wrl-8%? z#Cj8B%w?BN#|8RZkwd$r^c$5v<=;42%7tZvw;d9%x(tzS9NaqS*=nUMYSU^Z&?->s z-D*WA8q;e3TcNOO{3~wwq(U;c+|Ra$bCsu%Mx#eUDd#{mPM_Oxk;^NZ=&3v-L5Tf7 zc*SI%Q88Eb@Kz1SNT9*SM?-Q3Lz`jS6csB2 zTSvp~$%@HhqvEM5hpRVSV z$c4~$*o*t6_}f*Sw!S-i{5V?sT~maY?dPbL#Tf5r(v{RY2c-2Jd`kJ3)_#zl@-LFf zcSm?-T_W7TG`)zkDRlc)>c6z_IU#A42lU)#JjTe6T*dd)s*xS=(2n;IHS#cN6{^@} zuHa%e^nFfF5>bJA%on9TVdU(-hF zH{>T@?QfjlQ34HZ*---ae=x(c&DzD~r?4eir8T*EU&cn6M!V~BU}GkeY`gS#-{1p#H>pgw*LO0IzYBm*xc|0lTRce)9TM+? zz(NqCMdaqVD=WVTBMLrZK{=rG#_3x?Lk)^h5a7lsnRQ$0Tx(^lF^Kiv>4Vzjea|6| z1;$z)rd9K;d3eHk13}OpzI1f86gsf}?rGoGD{BI@on5+t$=qNvMKHD%y01jv(q-L} zP9NoFPy8h%q?-&0Jx2)2{OE*Z;i^CxBm^CUkA$59^N|psb0mD=k8&g|{?Bvu@g<1y zskq}FTGs8($Z#2P+rOAv%K%S2o+ak?z@{bkAxh+br4aNpcVww~zal;P%)Pe$=I5`L zc!(=K&!(*TXh?e&j@M%cZ2e8=uNDx*^^)6eNpUpL;eXVju%E`-T*8})=A)0Zw9w;& zDWD0i4M1UeVI%nGs*UxRO{x5~jCKhP^W*tUx230-8zd`mVh@vhV*|(v3=qgCEG=vV zaIM1IctZ_s5lu4L@TIVr1mX&1f)+}rN=P>xe454=(&--licxN{%bMt5O@XrgxoIy zNVvj@DZ|?db_EE$=nd`YPGr9gNw0;xjtHp7DKewmmlcn{nJvt(UH_oyi$mtn{YRy4{>qQX;@{ZsKe{gw&IpZF zH)bQ>ngP)Gd~|$xg8ttotds1+ChX&j0)1Ab7xbyko=zfh9?cqcEC!Xhqa@WYq3{Pqr1m;l=tZCi{!E}HKF)c~{|N;6IL9@E(_vaH+w8b+ z+H6+}iQ_)sZ%Pr+zUd1a3#`HS`RoRO@URIi)1LIAld*Ikxi_OgidFz( z6o&ys{Q7D6Kb{fWPO4l9YxXPp{7PT>v;ez>T&@5LQH&wks{mTmMIT7#DnJDFTpWT} z1u%i>3@MN6eO$k>ex|V^PKYAd4So~)n!1S4N+Z64fHPn|`1NkD+{p+{qO%jmuDbv% z%v1fIULL2i>y}*-R>yP;HjmM$IZ}kH)zmA(9c%Iw;ilp2Po%EuJfEBOfg=rgXe}Nv3%mS63pnF;nqY-VtrY64KSOyp_(Vn2wf! zmZ*f4m^rBtEe(a*ly^}9rO9&4b(2QW984_2JBqDqsb%wGO|F+wL8;>vb(o2~n?U&FYh6Y4;i)tWgPSg>X;3#RG@gbuC@yv1PN%k19p4jx zWXs#Z6_R5)`$N?YT*~hKOEVXC&gH%lY`d!}a*9}1Z#2oUt^+=IwG^m=v$Vqo39-JO zA$kcdoLgGH!Fma_P=kkYz9&)DSz7eq%_vBuoiV6#LOD#|)(i1L9d`4eTDL5HDNbBr z^ALu2?!D6l**m!Vh;Cc1*6CFFBL+>{F?d6K?l(EE8}J;1SHtJ3=eTZj-hdQm3#O29 zX8wmr|)4Yz&`Qr$ZJTe^d@ntZ9z?Vb92>uX8$PHDS|h=-q)VhC0s9wVR0bot zJrM-F4IWPFzijY{sJU{Ke(;)&jHnss1Y7v;nGIPI0UJ`;!(j>|jO9~Ma# z6P2}8m{=*Kdaf};y7#TUTpW>APNUb#7cCzMwSl2V+ub!jS^)a~%9p7)Ih62me-OQn z+8^2`R9^5?*4PXdKiwNwuM@L`B*rnYVKtI6A|b*AUSAebYA5dI608qj za_C!vk-cMmd}1jiwFh2-j(;PmgKq8rY@#>Y1LBFvr$oyH1}7mD6pLhnwp1j!m!-P zDDr2g;5x z;#|gXvs7gzAmS@y_~|I_LtN}mjP0YC$zd8nPshm9X^)ytF9e=(ihCzoG&~CGd1b^| zLvwQ?sUjMElf2PZlpC|47US)>KXKtj#Tc%!ItvxN)JMB*$!`9NF_SUCPrOrKI#WR5 zoSC}&we)%`1s*pg`&tSVHVbUYq^}gRyiveh%)Y_O&%6NGiv=NcQaM!a86dqzZ(f0t z@%kTmuOE59$Rw1a3O0u4MJ*gx$bJ|FJjCouRzBpSs(~PzPBONW@1q7vuia5vy$8I- z>_%4pgJd93%znzsKbZ`i5DWf6CxzR|s{*B=9Td*@Q}cn+nUdzWj$}SsQRO-YRBoQL zgaR)nM&mpgooReKc~X!RU^JV4w}i16vJz6@SyQ?wsX43J!lck$y~#RBt>%q7s+*aQ{}02ig=Cm{ zG0lZ9VEW8}9hlBD;DcMkSW9{0n?<*XzW_&=b2H%c%-R|7^&ODRk(8eulyd3mU#ZL& z&%gnZ6tL=d1g~06-F3#_{g*wxRq%d(S|u9ZhsZ>q%Te!5m1?RR*UcH|Su^SLs4L)& z&)8=|2c@O5mC2KX{h2s9n6(kQU}2=;8hS09xoZ|&&AdJfh9Cykg*Jy^YHHimO|}_p uliq2AQry2FTabelle für IP unabhängigen Filter diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html index 78e24e50..f62cbedc 100644 --- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html +++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html @@ -11736,9 +11736,9 @@ table ip6 filter { type filter hook input priority 1; icmpv6 type echo-request counter packets 0 bytes 0 accept ip6 hoplimit 1 icmpv6 type -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept ip6 hoplimit 255 icmpv6 type -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept } } \end_layout @@ -1298,7 +1296,6 @@ For real use on your system command line or in scripts this has to be replaced \end_layout \begin_layout Code - 1.2.3.4 \end_layout @@ -1311,7 +1308,6 @@ Commands executable as non-root user begin with $, e.g. \end_layout \begin_layout Code - $ whoami \end_layout @@ -1320,7 +1316,6 @@ Commands executable as root user begin with #, e.g. \end_layout \begin_layout Code - # whoami \end_layout @@ -1515,72 +1510,58 @@ The first IPv6 related network code was added to the Linux kernel 2.1.8 in \end_layout \begin_layout Code - diff -u --recursive --new-file v2.1.7/linux/include/linux/in6.h \end_layout \begin_layout Code - ¬ linux/include/linux/in6.h \end_layout \begin_layout Code - --- v2.1.7/linux/include/linux/in6.h Thu Jan 1 02:00:00 1970 \end_layout \begin_layout Code - +++ linux/include/linux/in6.h Sun Nov 3 11:04:42 1996 \end_layout \begin_layout Code - @@ -0,0 +1,99 @@ \end_layout \begin_layout Code - +/* \end_layout \begin_layout Code - + * Types and definitions for AF_INET6 \end_layout \begin_layout Code - + * Linux INET6 implementation \end_layout \begin_layout Code - + * + * Authors: \end_layout \begin_layout Code - + * Pedro Roque <******> \end_layout \begin_layout Code - + * \end_layout \begin_layout Code - + * Source: \end_layout \begin_layout Code - + * IPv6 Program Interfaces for BSD Systems \end_layout \begin_layout Code - + * \end_layout @@ -1689,7 +1670,6 @@ As previously mentioned, IPv6 addresses are 128 bits long. \end_layout \begin_layout Code - 2^128-1: 340282366920938463463374607431768211455 \end_layout @@ -1712,7 +1692,6 @@ nibble \end_layout \begin_layout Code - 2^128-1: 0xffffffffffffffffffffffffffffffff \end_layout @@ -1730,7 +1709,6 @@ This representation is still not very convenient (possible mix-up or loss \end_layout \begin_layout Code - 2^128-1: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff \end_layout @@ -1740,7 +1718,6 @@ A usable address (see address types later) is e.g.: \end_layout \begin_layout Code - 2001:0db8:0100:f101:0210:a4ff:fee3:9566 \end_layout @@ -1751,12 +1728,10 @@ For simplifications, leading zeros of each 16 bit block can be omitted: \end_layout \begin_layout Code - 2001:0db8:0100:f101:0210:a4ff:fee3:9566 -> \end_layout \begin_layout Code - ¬ 2001:db8:100:f101:210:a4ff:fee3:9566 \end_layout @@ -1782,7 +1757,6 @@ ion. \end_layout \begin_layout Code - 2001:0db8:100:f101:0:0:0:1 -> 2001:db8:100:f101::1 \end_layout @@ -1792,7 +1766,6 @@ The biggest reduction is seen by the IPv6 localhost address: \end_layout \begin_layout Code - 0000:0000:0000:0000:0000:0000:0000:0001 -> ::1 \end_layout @@ -1816,12 +1789,10 @@ target "http://www.faqs.org/rfcs/rfc1924.html" \end_layout \begin_layout Code - # ipv6calc --addr_to_base85 2001:0db8:0100:f101:0210:a4ff:fee3:9566 \end_layout \begin_layout Code - 9R}vSQZ1W=9A_Q74Lz&R \end_layout @@ -2032,7 +2003,6 @@ This is a special address for the loopback interface, similiar to IPv4 with \end_layout \begin_layout Code - 0000:0000:0000:0000:0000:0000:0000:0001 \end_layout @@ -2041,7 +2011,6 @@ or compressed: \end_layout \begin_layout Code - ::1 \end_layout @@ -2077,7 +2046,6 @@ any \end_layout \begin_layout Code - 0000:0000:0000:0000:0000:0000:0000:0000 \end_layout @@ -2086,7 +2054,6 @@ or: \end_layout \begin_layout Code - :: \end_layout @@ -2122,7 +2089,6 @@ These addresses are defined with a special prefix of length 96 (a.b.c.d is \end_layout \begin_layout Code - 0:0:0:0:0:ffff:a.b.c.d/96 \end_layout @@ -2131,7 +2097,6 @@ or in compressed format \end_layout \begin_layout Code - ::ffff:a.b.c.d/96 \end_layout @@ -2140,7 +2105,6 @@ For example, the IPv4 address 1.2.3.4 looks like this: \end_layout \begin_layout Code - ::ffff:1.2.3.4 \end_layout @@ -2169,7 +2133,6 @@ reference "tunneling-6to4" \end_layout \begin_layout Code - 0:0:0:0:0:0:a.b.c.d/96 \end_layout @@ -2178,7 +2141,6 @@ or in compressed format \end_layout \begin_layout Code - ::a.b.c.d/96 \end_layout @@ -2259,22 +2221,18 @@ x \end_layout \begin_layout Code - fe8x: <- currently the only one in use \end_layout \begin_layout Code - fe9x: \end_layout \begin_layout Code - feax: \end_layout \begin_layout Code - febx: \end_layout @@ -2320,22 +2278,18 @@ It begins with: \end_layout \begin_layout Code - fecx: <- most commonly used \end_layout \begin_layout Code - fedx: \end_layout \begin_layout Code - feex: \end_layout \begin_layout Code - fefx: \end_layout @@ -2410,12 +2364,10 @@ It begins with: \end_layout \begin_layout Code - fcxx: \end_layout \begin_layout Code - fdxx: <- currently the only one in use \end_layout @@ -2438,7 +2390,6 @@ target "http://www.goebel-consult.de/ipv6/createLULA" \end_layout \begin_layout Code - fd0f:8b72:ac90::/48 \end_layout @@ -2470,12 +2421,10 @@ x \end_layout \begin_layout Code - 2xxx: \end_layout \begin_layout Code - 3xxx: \end_layout @@ -2506,7 +2455,6 @@ These were the first global addresses which were defined and in use. \end_layout \begin_layout Code - 3ffe: \end_layout @@ -2515,7 +2463,6 @@ Example: \end_layout \begin_layout Code - 3ffe:ffff:100:f102::1 \end_layout @@ -2525,7 +2472,6 @@ A special 6bone test address which will never be globally unique begins \end_layout \begin_layout Code - 3ffe:ffff: \end_layout @@ -2577,7 +2523,6 @@ target "http://www.faqs.org/rfcs/rfc2893.html" \end_layout \begin_layout Code - 2002: \end_layout @@ -2586,7 +2531,6 @@ For example, representing 192.168.1.1/5: \end_layout \begin_layout Code - 2002:c0a8:0101:5::1 \end_layout @@ -2596,12 +2540,10 @@ A small shell command line can help you generating such address out of a \end_layout \begin_layout Code - ipv4="1.2.3.4"; sla="5"; printf "2002:%02x%02x:%02x%02x:%04x::1" `echo $ipv4 \end_layout \begin_layout Code - ¬ | tr "." " "` $sla \end_layout @@ -2635,7 +2577,6 @@ These addresses are delegated to Internet service providers (ISP) and begin \end_layout \begin_layout Code - 2001: \end_layout @@ -2674,12 +2615,10 @@ target "http://www.faqs.org/rfcs/rfc3849.html" \end_layout \begin_layout Code - 3fff:ffff::/32 \end_layout \begin_layout Code - 2001:0DB8::/32 EXAMPLENET-WF \end_layout @@ -2708,7 +2647,6 @@ xx \end_layout \begin_layout Code - ffxy: \end_layout @@ -2797,7 +2735,6 @@ An example of this address looks like \end_layout \begin_layout Code - ff02::1:ff00:1234 \end_layout @@ -2854,7 +2791,6 @@ A simple example for an anycast address is the subnet-router anycast address. \end_layout \begin_layout Code - 2001:db8:100:f101:210:a4ff:fee3:9566/64 <- Node's address \end_layout @@ -2864,7 +2800,6 @@ The subnet-router anycast address will be created blanking the suffix (least \end_layout \begin_layout Code - 2001:db8:100:f101::/64 <- subnet-router anycast address \end_layout @@ -2904,7 +2839,6 @@ E.g. \end_layout \begin_layout Code - 00:10:a4:01:23:45 \end_layout @@ -2922,7 +2856,6 @@ target "http://standards.ieee.org/regauth/oui/tutorials/EUI64.html" \end_layout \begin_layout Code - 0210:a4ff:fe01:2345 \end_layout @@ -2932,7 +2865,6 @@ With a given prefix, the result is the IPv6 address shown in example above: \end_layout \begin_layout Code - 2001:0db8:0100:f101:0210:a4ff:fe01:2345 \end_layout @@ -2985,7 +2917,6 @@ For servers, it's probably easier to remember simpler addresses, this can \end_layout \begin_layout Code - 2001:0db8:100:f101::1 \end_layout @@ -3077,7 +3008,6 @@ An example: \end_layout \begin_layout Code - 2001:0db8:100:1:2:3:4:5/48 \end_layout @@ -3091,7 +3021,6 @@ Network: \end_layout \begin_layout Code - 2001:0db8:0100:0000:0000:0000:0000:0000 \end_layout @@ -3100,7 +3029,6 @@ Netmask: \end_layout \begin_layout Code - ffff:ffff:ffff:0000:0000:0000:0000:0000 \end_layout @@ -3119,12 +3047,10 @@ For example if a routing table shows following entries (list is not complete): \end_layout \begin_layout Code - 2001:0db8:100::/48 :: U 1 0 0 sit1 \end_layout \begin_layout Code - 2000::/3 ::192.88.99.1 UG 1 0 0 tun6to4 \end_layout @@ -3134,12 +3060,10 @@ Shown destination addresses of IPv6 packets will be routed through shown \end_layout \begin_layout Code - 2001:0db8:100:1:2:3:4:5/48 -> routed through device sit1 \end_layout \begin_layout Code - 2001:0db8:200:1:2:3:4:5/48 -> routed through device tun6to4 \end_layout @@ -3203,7 +3127,6 @@ To check, whether your current running kernel supports IPv6, take a look \end_layout \begin_layout Code - /proc/net/if_inet6 \end_layout @@ -3213,7 +3136,6 @@ A short automatical test looks like: \end_layout \begin_layout Code - # test -f /proc/net/if_inet6 && echo "Running kernel is IPv6 ready" \end_layout @@ -3232,7 +3154,6 @@ You can try to load the IPv6 module executing \end_layout \begin_layout Code - # modprobe ipv6 \end_layout @@ -3243,7 +3164,6 @@ If this is successful, this module should be listed, testable with following \end_layout \begin_layout Code - # lsmod |grep -w 'ipv6' && echo "IPv6 module successfully loaded" \end_layout @@ -3268,7 +3188,6 @@ Its possible to automatically load the IPv6 module on demand. \end_layout \begin_layout Code - alias net-pf-10 ipv6 # automatically load IPv6 module on demand \end_layout @@ -3278,7 +3197,6 @@ It's also possible to disable automatically loading of the IPv6 module using \end_layout \begin_layout Code - alias net-pf-10 off # disable automatically load of IPv6 module on demand \end_layout @@ -3536,12 +3454,10 @@ Auto-magically check: \end_layout \begin_layout Code - # /sbin/ifconfig -? 2>& 1|grep -qw 'inet6' && echo "utility 'ifconfig' is \end_layout \begin_layout Code - ¬ IPv6-ready" \end_layout @@ -3555,7 +3471,6 @@ route \end_layout \begin_layout Code - # /sbin/route -? 2>& 1|grep -qw 'inet6' && echo "utility 'route' is IPv6-ready" \end_layout @@ -3574,7 +3489,6 @@ Alexey N. \end_layout \begin_layout Code - # /sbin/ip 2>&1 |grep -qw 'inet6' && echo "utility 'ip' is IPv6-ready" \end_layout @@ -3638,17 +3552,14 @@ Usage \end_layout \begin_layout Code - # ping6 \end_layout \begin_layout Code - # ping6 \end_layout \begin_layout Code - # ping6 [-I ] \end_layout @@ -3658,7 +3569,6 @@ Some implementation also support % suffix instead of using -I , \end_layout \begin_layout Code - # ping6 % \end_layout @@ -3667,17 +3577,14 @@ Example \end_layout \begin_layout Code - # ping6 -c 1 ::1 \end_layout \begin_layout Code - PING ::1(::1) from ::1 : 56 data bytes \end_layout \begin_layout Code - 64 bytes from ::1: icmp_seq=0 hops=64 time=292 usec \end_layout @@ -3686,17 +3593,14 @@ PING ::1(::1) from ::1 : 56 data bytes \end_layout \begin_layout Code - --- ::1 ping statistics --- \end_layout \begin_layout Code - 1 packets transmitted, 1 packets received, 0% packet loss \end_layout \begin_layout Code - round-trip min/avg/max/mdev = 0.292/0.292/0.292/0.000 ms \end_layout @@ -3727,12 +3631,10 @@ Using link-local addresses for an IPv6 ping, the kernel does not know through \end_layout \begin_layout Code - # ping6 fe80::212:34ff:fe12:3456 \end_layout \begin_layout Code - connect: Invalid argument \end_layout @@ -3741,22 +3643,18 @@ In this case you have to specify the interface additionally like shown here: \end_layout \begin_layout Code - # ping6 -I eth0 -c 1 fe80::2e0:18ff:fe90:9205 \end_layout \begin_layout Code - PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from \end_layout \begin_layout Code - ¬ fe80::212:34ff:fe12:3478 eth0: 56 data bytes \end_layout \begin_layout Code - 64 bytes from fe80::212:23ff:fe12:3456: icmp_seq=0 hops=64 time=445 usec \end_layout @@ -3765,17 +3663,14 @@ PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from \end_layout \begin_layout Code - --- fe80::2e0:18ff:fe90:9205 ping statistics --- \end_layout \begin_layout Code - 1 packets transmitted, 1 packets received, 0% packet loss round-trip \end_layout \begin_layout Code - ¬ min/avg/max/mdev = 0.445/0.445/0.445/0.000 ms \end_layout @@ -3784,7 +3679,6 @@ Example for % notation: \end_layout \begin_layout Code - # ping6 -c 1 fe80::2e0:18ff:fe90:9205%eth0 \end_layout @@ -3798,22 +3692,18 @@ An interesting mechanism to detect IPv6-active hosts on a link is to ping6 \end_layout \begin_layout Code - # ping6 -I eth0 ff02::1 \end_layout \begin_layout Code - PING ff02::1(ff02::1) from fe80:::2ab:cdff:feef:0123 eth0: 56 data bytes \end_layout \begin_layout Code - 64 bytes from ::1: icmp_seq=1 ttl=64 time=0.104 ms \end_layout \begin_layout Code - 64 bytes from fe80::212:34ff:fe12:3450: icmp_seq=1 ttl=64 time=0.549 ms (DUP!) \end_layout @@ -3823,7 +3713,6 @@ Example for % notation: \end_layout \begin_layout Code - # ping6 ff02::1%eth0 \end_layout @@ -3854,51 +3743,42 @@ iputils \end_layout \begin_layout Code - # traceroute6 www.6bone.net \end_layout \begin_layout Code - traceroute to 6bone.net (3ffe:b00:c18:1::10) from 2001:0db8:0000:f101::2, 30 \end_layout \begin_layout Code - ¬ hops max, 16 byte packets \end_layout \begin_layout Code - 1 localipv6gateway (2001:0db8:0000:f101::1) 1.354 ms 1.566 ms 0.407 ms \end_layout \begin_layout Code - 2 swi6T1-T0.ipv6.switch.ch (3ffe:2000:0:400::1) 90.431 ms 91.956 ms 92.377 ms \end_layout \begin_layout Code - 3 3ffe:2000:0:1::132 (3ffe:2000:0:1::132) 118.945 ms 107.982 ms 114.557 ms \end_layout \begin_layout Code - 4 3ffe:c00:8023:2b::2 (3ffe:c00:8023:2b::2) 968.468 ms 993.392 ms 973.441 ms \end_layout \begin_layout Code - 5 3ffe:2e00:e:c::3 (3ffe:2e00:e:c::3) 507.784 ms 505.549 ms 508.928 ms \end_layout \begin_layout Code - 6 www.6bone.net (3ffe:b00:c18:1::10) 1265.85 ms * 1304.74 ms \end_layout @@ -3940,52 +3820,42 @@ iputils \end_layout \begin_layout Code - # tracepath6 www.6bone.net \end_layout \begin_layout Code - 1?: [LOCALHOST] pmtu 1480 \end_layout \begin_layout Code - 1: 3ffe:401::2c0:33ff:fe02:14 150.705ms \end_layout \begin_layout Code - 2: 3ffe:b00:c18::5 267.864ms \end_layout \begin_layout Code - 3: 3ffe:b00:c18::5 asymm 2 266.145ms pmtu 1280 \end_layout \begin_layout Code - 3: 3ffe:3900:5::2 asymm 4 346.632ms \end_layout \begin_layout Code - 4: 3ffe:28ff:ffff:4::3 asymm 5 365.965ms \end_layout \begin_layout Code - 5: 3ffe:1cff:0:ee::2 asymm 4 534.704ms \end_layout \begin_layout Code - 6: 3ffe:3800::1:1 asymm 4 578.126ms !N \end_layout \begin_layout Code - Resume: pmtu 1280 \end_layout @@ -4074,32 +3944,26 @@ IPv6 ping to \end_layout \begin_layout Code - # tcpdump -t -n -i eth0 -s 512 -vv ip6 or proto ipv6 \end_layout \begin_layout Code - tcpdump: listening on eth0 \end_layout \begin_layout Code - 2001:0db8:100:f101:2e0:18ff:fe90:9205 > 2001:0db8:100:f101::1: icmp6: echo \end_layout \begin_layout Code - ¬ request (len 64, hlim 64) \end_layout \begin_layout Code - 2001:0db8:100:f101::1 > 2001:0db8:100:f101:2e0:18ff:fe90:9205: icmp6: echo \end_layout \begin_layout Code - ¬ reply (len 64, hlim 64) \end_layout @@ -4116,52 +3980,42 @@ IPv6 ping to \end_layout \begin_layout Code - # tcpdump -t -n -i ppp0 -s 512 -vv ip6 or proto ipv6 \end_layout \begin_layout Code - tcpdump: listening on ppp0 \end_layout \begin_layout Code - 1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request \end_layout \begin_layout Code - ¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124) \end_layout \begin_layout Code - 5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len \end_layout \begin_layout Code - ¬ 64, hlim 61) (ttl 23, id 29887, len 124) \end_layout \begin_layout Code - 1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request \end_layout \begin_layout Code - ¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124) \end_layout \begin_layout Code - 5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len \end_layout \begin_layout Code - ¬ 64, hlim 61) (ttl 23, id 29919, len 124) \end_layout @@ -4245,7 +4099,6 @@ Because of security updates in the last years every Domain Name System (DNS) \end_layout \begin_layout Code - # host -t AAAA www.join.uni-muenster.de \end_layout @@ -4254,20 +4107,17 @@ and should show something like following: \end_layout \begin_layout Code - www.join.uni-muenster.de. is an alias for tolot.join.uni-muenster.de. \end_layout \begin_layout Code - tolot.join.uni-muenster.de. has AAAA address \end_layout \begin_layout Code - ¬ 2001:638:500:101:2e0:81ff:fe24:37c6 \end_layout @@ -4281,30 +4131,25 @@ IPv6-ready telnet clients are available. \end_layout \begin_layout Code - $ telnet 3ffe:400:100::1 80 \end_layout \begin_layout Code - Trying 3ffe:400:100::1... \end_layout \begin_layout Code - Connected to 3ffe:400:100::1. \end_layout \begin_layout Code - Escape character is '^]'. \end_layout \begin_layout Code - HEAD / HTTP/1.0 \end_layout @@ -4313,47 +4158,38 @@ HEAD / HTTP/1.0 \end_layout \begin_layout Code - HTTP/1.1 200 OK \end_layout \begin_layout Code - Date: Sun, 16 Dec 2001 16:07:21 \end_layout \begin_layout Code - GMT Server: Apache/2.0.28 (Unix) \end_layout \begin_layout Code - Last-Modified: Wed, 01 Aug 2001 21:34:42 GMT \end_layout \begin_layout Code - ETag: "3f02-a4d-b1b3e080" \end_layout \begin_layout Code - Accept-Ranges: bytes \end_layout \begin_layout Code - Content-Length: 2637 \end_layout \begin_layout Code - Connection: close \end_layout \begin_layout Code - Content-Type: text/html; charset=ISO-8859-1 \end_layout @@ -4362,7 +4198,6 @@ Content-Type: text/html; charset=ISO-8859-1 \end_layout \begin_layout Code - Connection closed by foreign host. \end_layout @@ -4403,17 +4238,14 @@ Current versions of openssh are IPv6-ready. \end_layout \begin_layout Code - $ ssh -6 ::1 \end_layout \begin_layout Code - user@::1's password: ****** \end_layout \begin_layout Code - [user@ipv6host user]$ \end_layout @@ -4960,12 +4792,10 @@ Usage: \end_layout \begin_layout Code - # ip link set dev up \end_layout \begin_layout Code - # ip link set dev down \end_layout @@ -4978,12 +4808,10 @@ Example: \end_layout \begin_layout Code - # ip link set dev eth0 up \end_layout \begin_layout Code - # ip link set dev eth0 down \end_layout @@ -4997,12 +4825,10 @@ Usage: \end_layout \begin_layout Code - # /sbin/ifconfig up \end_layout \begin_layout Code - # /sbin/ifconfig down \end_layout @@ -5011,12 +4837,10 @@ Example: \end_layout \begin_layout Code - # /sbin/ifconfig eth0 up \end_layout \begin_layout Code - # /sbin/ifconfig eth0 down \end_layout @@ -5067,7 +4891,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 addr show dev \end_layout @@ -5076,27 +4899,22 @@ Example for a static configured host: \end_layout \begin_layout Code - # /sbin/ip -6 addr show dev eth0 \end_layout \begin_layout Code - 2: eth0: \end_layout @@ -5168,22 +4977,18 @@ Example (output filtered with grep to display only IPv6 addresses). \end_layout \begin_layout Code - # /sbin/ifconfig eth0 |grep "inet6 addr:" \end_layout \begin_layout Code - inet6 addr: fe80::210:a4ff:fee3:9566/10 Scope:Link \end_layout \begin_layout Code - inet6 addr: 2001:0db8:0:f101::1/64 Scope:Global \end_layout \begin_layout Code - inet6 addr: fec0:0:0:f101::1/64 Scope:Site \end_layout @@ -5205,7 +5010,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 addr add / dev \end_layout @@ -5214,7 +5018,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 addr add 2001:0db8:0:f101::1/64 dev eth0 \end_layout @@ -5228,7 +5031,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ifconfig inet6 add / \end_layout @@ -5237,7 +5039,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ifconfig eth0 inet6 add 2001:0db8:0:f101::1/64 \end_layout @@ -5260,7 +5061,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 addr del / dev \end_layout @@ -5269,7 +5069,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 addr del 2001:0db8:0:f101::1/64 dev eth0 \end_layout @@ -5283,7 +5082,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ifconfig inet6 del / \end_layout @@ -5292,7 +5090,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ifconfig eth0 inet6 del 2001:0db8:0:f101::1/64 \end_layout @@ -5345,7 +5142,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 route show [dev ] \end_layout @@ -5355,27 +5151,22 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 route show dev eth0 \end_layout \begin_layout Code - 2001:0db8:0:f101::/64 proto kernel metric 256 mtu 1500 advmss 1440 \end_layout \begin_layout Code - fe80::/10 proto kernel metric 256 mtu 1500 advmss 1440 \end_layout \begin_layout Code - ff00::/8 proto kernel metric 256 mtu 1500 advmss 1440 \end_layout \begin_layout Code - default proto kernel metric 256 mtu 1500 advmss 1440 \end_layout @@ -5389,7 +5180,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/route -A inet6 \end_layout @@ -5401,42 +5191,34 @@ Example (output is filtered for interface eth0). \end_layout \begin_layout Code - # /sbin/route -A inet6 |grep -w "eth0" \end_layout \begin_layout Code - 2001:0db8:0:f101 ::/64 :: UA 256 0 0 eth0 <- Interface route for global \end_layout \begin_layout Code - ¬ address \end_layout \begin_layout Code - fe80::/10 :: UA 256 0 0 eth0 <- Interface route for link-local \end_layout \begin_layout Code - ¬ address \end_layout \begin_layout Code - ff00::/8 :: UA 256 0 0 eth0 <- Interface route for all multicast \end_layout \begin_layout Code - ¬ addresses \end_layout \begin_layout Code - ::/0 :: UDA 256 0 0 eth0 <- Automatic default route \end_layout @@ -5459,12 +5241,10 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 route add / via \end_layout \begin_layout Code - ¬ [dev ] \end_layout @@ -5473,7 +5253,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 route add default via 2001:0db8:0:f101::1 \end_layout @@ -5487,12 +5266,10 @@ Usage: \end_layout \begin_layout Code - # /sbin/route -A inet6 add / gw \end_layout \begin_layout Code - ¬ [dev ] \end_layout @@ -5510,7 +5287,6 @@ Following shown example adds a default route through gateway \end_layout \begin_layout Code - # /sbin/route -A inet6 add default gw 2001:0db8:0:f101::1 \end_layout @@ -5534,12 +5310,10 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 route del / via \end_layout \begin_layout Code - ¬ [dev ] \end_layout @@ -5548,7 +5322,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 route del default via 2001:0db8:0:f101::1 \end_layout @@ -5562,12 +5335,10 @@ Usage: \end_layout \begin_layout Code - # /sbin/route -A inet6 del / gw [dev \end_layout \begin_layout Code - ¬ ] \end_layout @@ -5576,7 +5347,6 @@ Example for removing upper added route again: \end_layout \begin_layout Code - # /sbin/route -A inet6 del default gw 2001:0db8:0:f101::1 \end_layout @@ -5599,12 +5369,10 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 route add / dev \end_layout \begin_layout Code - ¬ metric 1 \end_layout @@ -5613,7 +5381,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 route add default dev eth0 metric 1 \end_layout @@ -5656,7 +5423,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/route -A inet6 add / dev \end_layout @@ -5665,7 +5431,6 @@ Example: \end_layout \begin_layout Code - # /sbin/route -A inet6 add default dev eth0 \end_layout @@ -5688,7 +5453,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 route del / dev \end_layout @@ -5697,7 +5461,6 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 route del default dev eth0 \end_layout @@ -5711,7 +5474,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/route -A inet6 del / dev \end_layout @@ -5721,7 +5483,6 @@ Example: \end_layout \begin_layout Code - # /sbin/route -A inet6 del default dev eth0 \end_layout @@ -5760,17 +5521,14 @@ Client can setup a default route like prefix \end_layout \begin_layout Code - # ip -6 route show | grep ^default \end_layout \begin_layout Code - default via fe80::212:34ff:fe12:3450 dev eth0 proto kernel metric 1024 expires \end_layout \begin_layout Code - ¬ 29sec mtu 1500 advmss 1440 \end_layout @@ -5852,7 +5610,6 @@ With following command you can display the learnt or configured IPv6 neighbors \end_layout \begin_layout Code - # ip -6 neigh show [dev ] \end_layout @@ -5861,12 +5618,10 @@ The following example shows one neighbor, which is a reachable router \end_layout \begin_layout Code - # ip -6 neigh show \end_layout \begin_layout Code - fe80::201:23ff:fe45:6789 dev eth0 lladdr 00:01:23:45:67:89 router nud reachable \end_layout @@ -5891,7 +5646,6 @@ With following command you are able to manually add an entry \end_layout \begin_layout Code - # ip -6 neigh add lladdr dev \end_layout @@ -5900,7 +5654,6 @@ Example: \end_layout \begin_layout Code - # ip -6 neigh add fec0::1 lladdr 02:01:02:03:04:05 dev eth0 \end_layout @@ -5913,7 +5666,6 @@ Like adding also an entry can be deleted: \end_layout \begin_layout Code - # ip -6 neigh del lladdr dev \end_layout @@ -5922,7 +5674,6 @@ Example: \end_layout \begin_layout Code - # ip -6 neigh del fec0::1 lladdr 02:01:02:03:04:05 dev eth0 \end_layout @@ -5952,28 +5703,23 @@ help \end_layout \begin_layout Code - # ip -6 neigh help \end_layout \begin_layout Code - Usage: ip neigh { add | del | change | replace } { ADDR [ lladdr LLADDR ] \end_layout \begin_layout Code - [ nud { permanent | noarp | stale | reachable } ] \end_layout \begin_layout Code - | proxy ADDR } [ dev DEV ] \end_layout \begin_layout Code - ip neigh {show|flush} [ to PREFIX ] [ dev DEV ] [ nud STATE ] \end_layout @@ -6163,27 +5909,22 @@ target "http://www.faqs.org/rfcs/rfc3056.html" \end_layout \begin_layout Code - | 3+13 | 32 | 16 | 64 bits | \end_layout \begin_layout Code - +---+------+-----------+--------+--------------------------------+ \end_layout \begin_layout Code - | FP+TLA | V4ADDR | SLA ID | Interface ID | \end_layout \begin_layout Code - | 0x2002 | | | | \end_layout \begin_layout Code - +---+------+-----------+--------+--------------------------------+ \end_layout @@ -6394,7 +6135,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show [] \end_layout @@ -6403,17 +6143,14 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show \end_layout \begin_layout Code - sit0: ipv6/ip remote any local any ttl 64 nopmtudisc \end_layout \begin_layout Code - sit1: ipv6/ip remote 195.226.187.50 local any ttl 64 \end_layout @@ -6426,7 +6163,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/route -A inet6 \end_layout @@ -6436,7 +6172,6 @@ Example (output is filtered to display only tunnels through virtual interface \end_layout \begin_layout Code - # /sbin/route -A inet6 | grep " \backslash Wsit0 @@ -6445,27 +6180,22 @@ W*$" \end_layout \begin_layout Code - ::/96 :: U 256 2 0 sit0 \end_layout \begin_layout Code - 2002::/16 :: UA 256 0 0 sit0 \end_layout \begin_layout Code - 2000::/3 ::193.113.58.75 UG 1 0 0 sit0 \end_layout \begin_layout Code - fe80::/10 :: UA 256 0 0 sit0 \end_layout \begin_layout Code - ff00::/8 :: UA 256 0 0 sit0 \end_layout @@ -6531,12 +6261,10 @@ Usage for creating a tunnel device (but it's not up afterward, also a TTL \end_layout \begin_layout Code - # /sbin/ip tunnel add mode sit ttl remote \end_layout \begin_layout Code - ¬ local \end_layout @@ -6545,22 +6273,18 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip tunnel add sit1 mode sit ttl remote \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev sit1 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev sit1 metric 1 \end_layout @@ -6569,22 +6293,18 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip tunnel add sit2 mode sit ttl \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev sit2 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev sit2 metric 1 \end_layout @@ -6593,22 +6313,18 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip tunnel add sit3 mode sit ttl \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev sit3 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev sit3 metric 1 \end_layout @@ -6629,7 +6345,6 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 up \end_layout @@ -6638,17 +6353,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 tunnel \end_layout \begin_layout Code - # /sbin/ifconfig sit1 up \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit1 \end_layout @@ -6657,17 +6369,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 tunnel \end_layout \begin_layout Code - # /sbin/ifconfig sit2 up \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit2 \end_layout @@ -6676,17 +6385,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 tunnel \end_layout \begin_layout Code - # /sbin/ifconfig sit3 up \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit3 \end_layout @@ -6712,7 +6418,6 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 up \end_layout @@ -6721,32 +6426,26 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/route -A inet6 add gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 add gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 add gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout @@ -6775,7 +6474,6 @@ Usage for removing a tunnel device: \end_layout \begin_layout Code - # /sbin/ip tunnel del \end_layout @@ -6784,17 +6482,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev sit1 \end_layout \begin_layout Code - # /sbin/ip link set sit1 down \end_layout \begin_layout Code - # /sbin/ip tunnel del sit1 \end_layout @@ -6803,17 +6498,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev sit2 \end_layout \begin_layout Code - # /sbin/ip link set sit2 down \end_layout \begin_layout Code - # /sbin/ip tunnel del sit2 \end_layout @@ -6822,17 +6514,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev sit3 \end_layout \begin_layout Code - # /sbin/ip link set sit3 down \end_layout \begin_layout Code - # /sbin/ip tunnel del sit3 \end_layout @@ -6851,12 +6540,10 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/route -A inet6 del dev sit3 \end_layout \begin_layout Code - # /sbin/ifconfig sit3 down \end_layout @@ -6865,12 +6552,10 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/route -A inet6 del dev sit2 \end_layout \begin_layout Code - # /sbin/ifconfig sit2 down \end_layout @@ -6879,12 +6564,10 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/route -A inet6 add dev sit1 \end_layout \begin_layout Code - # /sbin/ifconfig sit1 down \end_layout @@ -6893,7 +6576,6 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 down \end_layout @@ -6915,32 +6597,26 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/route -A inet6 del gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 del gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout \begin_layout Code - # /sbin/route -A inet6 del gw \end_layout \begin_layout Code - ¬ :: dev sit0 \end_layout @@ -6949,7 +6625,6 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ifconfig sit0 down \end_layout @@ -7008,7 +6683,6 @@ Assuming your IPv4 address is \end_layout \begin_layout Code - 1.2.3.4 \end_layout @@ -7017,7 +6691,6 @@ the generated 6to4 prefix will be \end_layout \begin_layout Code - 2002:0102:0304:: \end_layout @@ -7036,7 +6709,6 @@ Local 6to4 gateways should (but it's not a must, you can choose an arbitrary \end_layout \begin_layout Code - 2002:0102:0304::1 \end_layout @@ -7046,7 +6718,6 @@ Use e.g. \end_layout \begin_layout Code - ipv4="1.2.3.4"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "` \end_layout @@ -7068,12 +6739,10 @@ Create a new tunnel device \end_layout \begin_layout Code - # /sbin/ip tunnel add tun6to4 mode sit ttl remote any local \end_layout \begin_layout Code - ¬ \end_layout @@ -7082,7 +6751,6 @@ Bring interface up \end_layout \begin_layout Code - # /sbin/ip link set dev tun6to4 up \end_layout @@ -7091,7 +6759,6 @@ Add local 6to4 address to interface (note: prefix length 16 is important!) \end_layout \begin_layout Code - # /sbin/ip -6 addr add /16 dev tun6to4 \end_layout @@ -7101,7 +6768,6 @@ Add (default) route to the global IPv6 network using the all-6to4-routers \end_layout \begin_layout Code - # /sbin/ip -6 route add default via ::192.88.99.1 dev tun6to4 metric 1 \end_layout @@ -7120,7 +6786,6 @@ ip \end_layout \begin_layout Code - # /sbin/ip -6 route add default via 2002:c058:6301::1 dev tun6to4 metric 1 \end_layout @@ -7147,7 +6812,6 @@ Bring generic tunnel interface sit0 up \end_layout \begin_layout Code - # /sbin/ifconfig sit0 up \end_layout @@ -7156,7 +6820,6 @@ Add local 6to4 address to interface \end_layout \begin_layout Code - # /sbin/ifconfig sit0 add /16 \end_layout @@ -7166,7 +6829,6 @@ Add (default) route to the global IPv6 network using the all-6to4-relays \end_layout \begin_layout Code - # /sbin/route -A inet6 add default gw ::192.88.99.1 dev sit0 \end_layout @@ -7183,7 +6845,6 @@ Remove all routes through this dedicated tunnel device \end_layout \begin_layout Code - # /sbin/ip -6 route flush dev tun6to4 \end_layout @@ -7192,7 +6853,6 @@ Shut down interface \end_layout \begin_layout Code - # /sbin/ip link set dev tun6to4 down \end_layout @@ -7201,7 +6861,6 @@ Remove created tunnel device \end_layout \begin_layout Code - # /sbin/ip tunnel del tun6to4 \end_layout @@ -7238,7 +6897,6 @@ Remove (default) route through the 6to4 tunnel interface \end_layout \begin_layout Code - # /sbin/route -A inet6 del default gw ::192.88.99.1 dev sit0 \end_layout @@ -7247,7 +6905,6 @@ Remove local 6to4 address to interface \end_layout \begin_layout Code - # /sbin/ifconfig sit0 del /16 \end_layout @@ -7257,7 +6914,6 @@ Shut down generic tunnel device (take care about this, perhaps it's still \end_layout \begin_layout Code - # /sbin/ifconfig sit0 down \end_layout @@ -7297,7 +6953,6 @@ Usage: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show [] \end_layout @@ -7306,28 +6961,23 @@ Example: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel show mode any \end_layout \begin_layout Code - ip6tnl0: ipv6/ipv6 remote :: local :: encaplimit 0 hoplimit 0 tclass 0x00 \end_layout \begin_layout Code - ¬ flowlabel 0x00000 (flowinfo 0x00000000) \end_layout \begin_layout Code - ip6tnl1: ip/ipv6 remote fd00:0:0:2::a local fd00:0:0:2::1 dev eth1 encaplimit 4 \end_layout \begin_layout Code - ¬ hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000) \end_layout @@ -7344,12 +6994,10 @@ Usage for creating a 4over6 tunnel device (but it's not up afterward) \end_layout \begin_layout Code - # /sbin/ip tunnel add mode ip4ip6 remote \end_layout \begin_layout Code - ¬ local \end_layout @@ -7358,22 +7006,18 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 tunnel add ip6tnl1 mode ip4ip6 remote \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev ip6tnl1 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev ip6tnl1 metric 1 \end_layout @@ -7382,22 +7026,18 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 tunnel add ip6tnl2 mode ip4ip6 remote \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev ip6tnl2 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev ip6tnl2 metric 1 \end_layout @@ -7406,22 +7046,18 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 tunnel add ip6tnl3 mode ip4ip6 remote \end_layout \begin_layout Code - ¬ local \end_layout \begin_layout Code - # /sbin/ip link set dev ip6tnl3 up \end_layout \begin_layout Code - # /sbin/ip -6 route add dev ip6tnl3 metric 1 \end_layout @@ -7434,7 +7070,6 @@ Usage for removing a tunnel device: \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del \end_layout @@ -7443,17 +7078,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev ip6tnl1 \end_layout \begin_layout Code - # /sbin/ip link set ip6tnl1 down \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del ip6tnl1 \end_layout @@ -7462,17 +7094,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev ip6tnl2 \end_layout \begin_layout Code - # /sbin/ip link set ip6tnl2 down \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del ip6tnl2 \end_layout @@ -7481,17 +7110,14 @@ Usage (generic example for three tunnels): \end_layout \begin_layout Code - # /sbin/ip -6 route del dev ip6tnl3 \end_layout \begin_layout Code - # /sbin/ip link set ip6tnl3 down \end_layout \begin_layout Code - # /sbin/ip -6 tunnel del ip6tnl3 \end_layout @@ -7584,7 +7210,6 @@ The /proc-filesystem had to be enabled in kernel, means on compiling following \end_layout \begin_layout Code - CONFIG_PROC_FS=y \end_layout @@ -7593,12 +7218,10 @@ The /proc-filesystem was mounted before, which can be tested using \end_layout \begin_layout Code - # mount | grep "type proc" \end_layout \begin_layout Code - none on /proc type proc (rw) \end_layout @@ -7629,12 +7252,10 @@ cat \end_layout \begin_layout Code - # cat /proc/sys/net/ipv6/conf/all/forwarding \end_layout \begin_layout Code - 0 \end_layout @@ -7655,7 +7276,6 @@ echo \end_layout \begin_layout Code - # echo "1" >/proc/sys/net/ipv6/conf/all/forwarding \end_layout @@ -7711,7 +7331,6 @@ The sysctl-interface had to be enabled in kernel, means on compiling following \end_layout \begin_layout Code - CONFIG_SYSCTL=y \end_layout @@ -7724,12 +7343,10 @@ The value of an entry can be retrieved now: \end_layout \begin_layout Code - # sysctl net.ipv6.conf.all.forwarding \end_layout \begin_layout Code - net.ipv6.conf.all.forwarding = 0 \end_layout @@ -7742,12 +7359,10 @@ A new value can be set (if entry is writable): \end_layout \begin_layout Code - # sysctl -w net.ipv6.conf.all.forwarding=1 \end_layout \begin_layout Code - net.ipv6.conf.all.forwarding = 1 \end_layout @@ -7765,12 +7380,10 @@ Note: Don't use spaces around the \end_layout \begin_layout Code - # sysctl -w net.ipv4.ip_local_port_range="32768 61000" \end_layout \begin_layout Code - net.ipv4.ip_local_port_range = 32768 61000 \end_layout @@ -8238,12 +7851,10 @@ target "http://www.zebra.org/" \end_layout \begin_layout Code - ZEBRA: netlink-listen error: No buffer space available, type=RTM_NEWROUTE(24), \end_layout \begin_layout Code - ¬ seq=426, pid=0 \end_layout @@ -8715,27 +8326,22 @@ net/ipv6/addrconf.c \end_layout \begin_layout Code - # cat /proc/net/if_inet6 \end_layout \begin_layout Code - 00000000000000000000000000000001 01 80 10 80 lo \end_layout \begin_layout Code - +------------------------------+ ++ ++ ++ ++ ++ \end_layout \begin_layout Code - | | | | | | \end_layout \begin_layout Code - 1 2 3 4 5 6 \end_layout @@ -8826,27 +8432,22 @@ net/ipv6/route.c \end_layout \begin_layout Code - # cat /proc/net/ipv6_route \end_layout \begin_layout Code - 00000000000000000000000000000000 00 00000000000000000000000000000000 00 \end_layout \begin_layout Code - +------------------------------+ ++ +------------------------------+ ++ \end_layout \begin_layout Code - | | | | \end_layout \begin_layout Code - 1 2 3 4 \end_layout @@ -8855,22 +8456,18 @@ net/ipv6/route.c \end_layout \begin_layout Code - ¬ 00000000000000000000000000000000 ffffffff 00000001 00000001 00200200 lo \end_layout \begin_layout Code - ¬ +------------------------------+ +------+ +------+ +------+ +------+ ++ \end_layout \begin_layout Code - ¬ | | | | | | \end_layout \begin_layout Code - ¬ 5 6 7 8 9 10 \end_layout @@ -8930,27 +8527,22 @@ Statistics about used IPv6 sockets. \end_layout \begin_layout Code - # cat /proc/net/sockstat6 \end_layout \begin_layout Code - TCP6: inuse 7 \end_layout \begin_layout Code - UDP6: inuse 2 \end_layout \begin_layout Code - RAW6: inuse 1 \end_layout \begin_layout Code - FRAG6: inuse 0 memory 0 \end_layout @@ -9132,375 +8724,307 @@ Example: \end_layout \begin_layout Code - # netstat -nlptu \end_layout \begin_layout Code - Active Internet connections (only servers) \end_layout \begin_layout Code - Proto Recv-Q Send-Q Local Address Foreign Address State \end_layout \begin_layout Code - ¬ PID/Program name \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1258/rpc.statd \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:32769 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1502/rpc.mountd \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 22433/lpd Waiting \end_layout \begin_layout Code - tcp 0 0 1.2.3.1:139 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1746/smbd \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 1230/portmap \end_layout \begin_layout Code - tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 3551/X \end_layout \begin_layout Code - tcp 0 0 1.2.3.1:8081 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 18735/junkbuster \end_layout \begin_layout Code - tcp 0 0 1.2.3.1:3128 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 18822/(squid) \end_layout \begin_layout Code - tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - tcp 0 0 ::ffff:1.2.3.1:993 :::* LISTEN \end_layout \begin_layout Code - ¬ 6742/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 :::13 :::* LISTEN \end_layout \begin_layout Code - ¬ 6742/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 ::ffff:1.2.3.1:143 :::* LISTEN \end_layout \begin_layout Code - ¬ 6742/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 :::53 :::* LISTEN \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - tcp 0 0 :::22 :::* LISTEN \end_layout \begin_layout Code - ¬ 1410/sshd \end_layout \begin_layout Code - tcp 0 0 :::6010 :::* LISTEN \end_layout \begin_layout Code - ¬ 13237/sshd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32768 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1258/rpc.statd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:2049 0.0.0.0:* \end_layout \begin_layout Code - ¬ - \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32770 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1502/rpc.mountd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32771 0.0.0.0:* \end_layout \begin_layout Code - ¬ - \end_layout \begin_layout Code - udp 0 0 1.2.3.1:137 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:137 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 1.2.3.1:138 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:138 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1751/nmbd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:33044 0.0.0.0:* \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - udp 0 0 1.2.3.1:53 0.0.0.0:* \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - udp 0 0 127.0.0.1:53 0.0.0.0:* \end_layout \begin_layout Code - ¬ 30734/named \end_layout \begin_layout Code - udp 0 0 0.0.0.0:67 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1530/dhcpd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:67 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1530/dhcpd \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32858 0.0.0.0:* \end_layout \begin_layout Code - ¬ 18822/(squid) \end_layout \begin_layout Code - udp 0 0 0.0.0.0:4827 0.0.0.0:* \end_layout \begin_layout Code - ¬ 18822/(squid) \end_layout \begin_layout Code - udp 0 0 0.0.0.0:111 0.0.0.0:* \end_layout \begin_layout Code - ¬ 1230/portmap \end_layout \begin_layout Code - udp 0 0 :::53 :::* \end_layout \begin_layout Code - ¬ 30734/named \end_layout @@ -9532,32 +9056,26 @@ Router advertisement \end_layout \begin_layout Code - 15:43:49.484751 fe80::212:34ff:fe12:3450 > ff02::1: icmp6: router \end_layout \begin_layout Code - ¬ advertisement(chlim=64, router_ltime=30, reachable_time=0, \end_layout \begin_layout Code - ¬ retrans_time=0)(prefix info: AR valid_ltime=30, preffered_ltime=20, \end_layout \begin_layout Code - ¬ prefix=2002:0102:0304:1::/64)(prefix info: LAR valid_ltime=2592000, \end_layout \begin_layout Code - ¬ preffered_ltime=604800, prefix=2001:0db8:0:1::/64)(src lladdr: \end_layout \begin_layout Code - ¬ 0:12:34:12:34:50) (len 88, hlim 255) \end_layout @@ -9610,12 +9128,10 @@ Router solicitation \end_layout \begin_layout Code - 15:44:21.152646 fe80::212:34ff:fe12:3456 > ff02::2: icmp6: router solicitation \end_layout \begin_layout Code - ¬ (src lladdr: 0:12:34:12:34:56) (len 16, hlim 255) \end_layout @@ -9683,12 +9199,10 @@ fe80::212:34ff:fe12:3456 \end_layout \begin_layout Code - 15:44:17.712338 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has \end_layout \begin_layout Code - ¬ fe80::212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, hlim 255) \end_layout @@ -9705,18 +9219,15 @@ Node wants to configure its global address \end_layout \begin_layout Code - 15:44:21.905596 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has \end_layout \begin_layout Code - ¬ 2002:0102:0304:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, \end_layout \begin_layout Code - ¬ hlim 255) \end_layout @@ -9733,18 +9244,15 @@ Node wants to configure its global address \end_layout \begin_layout Code - 15:44:22.304028 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has \end_layout \begin_layout Code - ¬ 2001:0db8:0:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, hlim \end_layout \begin_layout Code - ¬ 255) \end_layout @@ -9765,18 +9273,15 @@ Node wants to send packages to \end_layout \begin_layout Code - 13:07:47.664538 2002:0102:0304:1:2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6: \end_layout \begin_layout Code - ¬ neighbor sol: who has 2001:0db8:0:1::10(src lladdr: 0:e0:18:90:92:5) (len 32, \end_layout \begin_layout Code - ¬ hlim 255) \end_layout @@ -9793,12 +9298,10 @@ fe80::10 \end_layout \begin_layout Code - 13:11:20.870070 fe80::2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6: neighbor \end_layout \begin_layout Code - ¬ sol: who has fe80::10(src lladdr: 0:e0:18:90:92:5) (len 32, hlim 255) \end_layout @@ -9920,7 +9423,6 @@ You can test, whether your Linux distribution contain support for persistent \end_layout \begin_layout Code - /etc/sysconfig/network-scripts/network-functions-ipv6 \end_layout @@ -9929,13 +9431,11 @@ Auto-magically test: \end_layout \begin_layout Code - # test -f /etc/sysconfig/network-scripts/network-functions-ipv6 && echo "Main \end_layout \begin_layout Code - ¬ IPv6 script library exists" \end_layout @@ -9945,17 +9445,14 @@ The version of the library is important if you miss some features. \end_layout \begin_layout Code - # source /etc/sysconfig/network-scripts/network-functions-ipv6 && \end_layout \begin_layout Code - ¬ getversion_ipv6_functions \end_layout \begin_layout Code - 20011124 \end_layout @@ -9994,12 +9491,10 @@ Check whether running system has already IPv6 module loaded \end_layout \begin_layout Code - # modprobe -c | grep net-pf-10 \end_layout \begin_layout Code - alias net-pf-10 off \end_layout @@ -10017,7 +9512,6 @@ off \end_layout \begin_layout Code - NETWORKING_IPV6=yes \end_layout @@ -10026,7 +9520,6 @@ Reboot or restart networking using \end_layout \begin_layout Code - # service network restart \end_layout @@ -10035,12 +9528,10 @@ Now IPv6 module should be loaded \end_layout \begin_layout Code - # modprobe -c | grep ipv6 \end_layout \begin_layout Code - alias net-pf-10 ipv6 \end_layout @@ -10100,7 +9591,6 @@ Edit file /etc/sysconfig/network/ifcfg- and setup following \end_layout \begin_layout Code - IP6ADDR="/" \end_layout @@ -10126,7 +9616,6 @@ Edit file /etc/sysconfig/network/ifcfg- and setup following \end_layout \begin_layout Code - IPADDR="/" \end_layout @@ -10167,54 +9656,44 @@ Configure your interface. \end_layout \begin_layout Code - iface eth0 inet6 static \end_layout \begin_layout Code - pre-up modprobe ipv6 \end_layout \begin_layout Code - address 2001:0db8:1234:5::1:1 \end_layout \begin_layout Code - # To suppress completely autoconfiguration: \end_layout \begin_layout Code - # up echo 0 > /proc/sys/net/ipv6/conf/all/autoconf \end_layout \begin_layout Code - netmask 64 \end_layout \begin_layout Code - # The router is autoconfigured and has no fixed address. \end_layout \begin_layout Code - # It is magically \end_layout \begin_layout Code - # found. (/proc/sys/net/ipv6/conf/all/accept_ra). Otherwise: \end_layout \begin_layout Code - #gateway 2001:0db8:1234:5::1 \end_layout @@ -10223,7 +9702,6 @@ And you reboot or you just \end_layout \begin_layout Code - # ifup --force eth0 \end_layout @@ -10294,22 +9772,18 @@ Example: \end_layout \begin_layout Code - # ip -6 addr show dev eth0 scope link \end_layout \begin_layout Code - 2: eth0: mtu 1500 qlen1000 \end_layout \begin_layout Code - inet6 fe80::211:d8ff:fe6b:f0f5/64 scope link \end_layout \begin_layout Code - valid_lft forever preferred_lft forever \end_layout @@ -10820,7 +10294,6 @@ Change to source directory: \end_layout \begin_layout Code - # cd /path/to/src \end_layout @@ -10829,12 +10302,10 @@ Unpack and rename kernel sources \end_layout \begin_layout Code - # tar z|jxf kernel-version.tar.gz|bz2 \end_layout \begin_layout Code - # mv linux linux-version-iptables-version+IPv6 \end_layout @@ -10843,7 +10314,6 @@ Unpack iptables sources \end_layout \begin_layout Code - # tar z|jxf iptables-version.tar.gz|bz2 \end_layout @@ -10856,7 +10326,6 @@ Change to iptables directory \end_layout \begin_layout Code - # cd iptables-version \end_layout @@ -10865,7 +10334,6 @@ Apply pending patches \end_layout \begin_layout Code - # make pending-patches KERNEL_DIR=/path/to/src/linux-version-iptables-version/ \end_layout @@ -10876,7 +10344,6 @@ Apply additional IPv6 related patches (still not in the vanilla kernel included) \end_layout \begin_layout Code - # make patch-o-matic KERNEL_DIR=/path/to/src/linux-version-iptables-version/ \end_layout @@ -10915,12 +10382,10 @@ Check IPv6 extensions \end_layout \begin_layout Code - # make print-extensions \end_layout \begin_layout Code - Extensions found: IPv6:owner IPv6:limit IPv6:mac IPv6:multiport \end_layout @@ -10933,7 +10398,6 @@ Change to kernel sources \end_layout \begin_layout Code - # cd /path/to/src/linux-version-iptables-version/ \end_layout @@ -10942,12 +10406,10 @@ Edit Makefile \end_layout \begin_layout Code - - EXTRAVERSION = \end_layout \begin_layout Code - + EXTRAVERSION = -iptables-version+IPv6-try \end_layout @@ -10956,99 +10418,80 @@ Run configure, enable IPv6 related \end_layout \begin_layout Code - Code maturity level options \end_layout \begin_layout Code - Prompt for development and/or incomplete code/drivers : yes \end_layout \begin_layout Code - Networking options \end_layout \begin_layout Code - Network packet filtering: yes \end_layout \begin_layout Code - The IPv6 protocol: module \end_layout \begin_layout Code - IPv6: Netfilter Configuration \end_layout \begin_layout Code - IP6 tables support: module \end_layout \begin_layout Code - All new options like following: \end_layout \begin_layout Code - limit match support: module \end_layout \begin_layout Code - MAC address match support: module \end_layout \begin_layout Code - Multiple port match support: module \end_layout \begin_layout Code - Owner match support: module \end_layout \begin_layout Code - netfilter MARK match support: module \end_layout \begin_layout Code - Aggregated address check: module \end_layout \begin_layout Code - Packet filtering: module \end_layout \begin_layout Code - REJECT target support: module \end_layout \begin_layout Code - LOG target support: module \end_layout \begin_layout Code - Packet mangling: module \end_layout \begin_layout Code - MARK target support: module \end_layout @@ -11075,7 +10518,6 @@ Rename older directory \end_layout \begin_layout Code - # mv /usr/src/linux /usr/src/linux.old \end_layout @@ -11084,7 +10526,6 @@ Create a new softlink \end_layout \begin_layout Code - # ln -s /path/to/src/linux-version-iptables-version /usr/src/linux \end_layout @@ -11093,7 +10534,6 @@ Rebuild SRPMS \end_layout \begin_layout Code - # rpm --rebuild /path/to/SRPMS/iptables-version-release.src.rpm \end_layout @@ -11107,7 +10547,6 @@ On RH 7.1 systems, normally, already an older version is installed, therefore \end_layout \begin_layout Code - # rpm -Fhv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm \end_layout @@ -11116,7 +10555,6 @@ If not already installed, use "install" \end_layout \begin_layout Code - # rpm -ihv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm \end_layout @@ -11127,7 +10565,6 @@ ts don't fit. \end_layout \begin_layout Code - # rpm -ihv --nodeps /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm \end_layout @@ -11137,7 +10574,6 @@ Perhaps it's necessary to create a softlink for iptables libraries where \end_layout \begin_layout Code - # ln -s /lib/iptables/ /usr/lib/iptables \end_layout @@ -11154,7 +10590,6 @@ Load module, if so compiled \end_layout \begin_layout Code - # modprobe ip6_tables \end_layout @@ -11163,12 +10598,10 @@ Check for capability \end_layout \begin_layout Code - # [ ! -f /proc/net/ip6_tables_names ] && echo "Current kernel doesn't support \end_layout \begin_layout Code - ¬ 'ip6tables' firewalling (IPv6)!" \end_layout @@ -11185,7 +10618,6 @@ Short \end_layout \begin_layout Code - # ip6tables -L \end_layout @@ -11194,7 +10626,6 @@ Extended \end_layout \begin_layout Code - # ip6tables -n -v --line-numbers -L \end_layout @@ -11203,7 +10634,6 @@ List specified filter \end_layout \begin_layout Code - # ip6tables -n -v --line-numbers -L INPUT \end_layout @@ -11212,12 +10642,10 @@ Insert a log rule at the input filter with options \end_layout \begin_layout Code - # ip6tables --table filter --append INPUT -j LOG --log-prefix "INPUT:" \end_layout \begin_layout Code - ¬ --log-level 7 \end_layout @@ -11226,7 +10654,6 @@ Insert a drop rule at the input filter \end_layout \begin_layout Code - # ip6tables --table filter --append INPUT -j DROP \end_layout @@ -11235,7 +10662,6 @@ Delete a rule by number \end_layout \begin_layout Code - # ip6tables --table filter --delete INPUT 1 \end_layout @@ -11249,7 +10675,6 @@ Since kernel version 2.6.20 IPv6 connection tracking is well supported and \end_layout \begin_layout Code - # ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT \end_layout @@ -11267,7 +10692,6 @@ Accept incoming ICMPv6 through tunnels \end_layout \begin_layout Code - # ip6tables -A INPUT -i sit+ -p icmpv6 -j ACCEPT \end_layout @@ -11276,7 +10700,6 @@ Allow outgoing ICMPv6 through tunnels \end_layout \begin_layout Code - # ip6tables -A OUTPUT -o sit+ -p icmpv6 -j ACCEPT \end_layout @@ -11285,7 +10708,6 @@ Newer kernels allow specifying of ICMPv6 types: \end_layout \begin_layout Code - # ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT \end_layout @@ -11303,12 +10725,10 @@ Because it can happen (author already saw it to times) that an ICMPv6 storm \end_layout \begin_layout Code - # ip6tables -A INPUT --protocol icmpv6 --icmpv6-type echo-request \end_layout \begin_layout Code - ¬ -j ACCEPT --match limit --limit 30/minute \end_layout @@ -11326,12 +10746,10 @@ Allow incoming SSH from 2001:0db8:100::1/128 \end_layout \begin_layout Code - # ip6tables -A INPUT -i sit+ -p tcp -s 2001:0db8:100::1/128 --sport 512:65535 \end_layout \begin_layout Code - ¬ --dport 22 -j ACCEPT \end_layout @@ -11344,12 +10762,10 @@ no longer needed if connection tracking is used! \end_layout \begin_layout Code - # ip6tables -A OUTPUT -o sit+ -p tcp -d 2001:0db8:100::1/128 --dport 512:65535 \end_layout \begin_layout Code - ¬ --sport 22 ! --syn -j ACCEPT \end_layout @@ -11371,7 +10787,6 @@ Accept incoming IPv6-in-IPv4 on interface ppp0 \end_layout \begin_layout Code - # iptables -A INPUT -i ppp0 -p ipv6 -j ACCEPT \end_layout @@ -11380,7 +10795,6 @@ Allow outgoing IPv6-in-IPv4 to interface ppp0 \end_layout \begin_layout Code - # iptables -A OUTPUT -o ppp0 -p ipv6 -j ACCEPT \end_layout @@ -11394,7 +10808,6 @@ Accept incoming IPv6-in-IPv4 on interface ppp0 from tunnel endpoint 192.0.2.2 \end_layout \begin_layout Code - # iptables -A INPUT -i ppp0 -p ipv6 -s 192.0.2.2 -j ACCEPT \end_layout @@ -11403,7 +10816,6 @@ Allow outgoing IPv6-in-IPv4 to interface ppp0 to tunnel endpoint 192.0.2.2 \end_layout \begin_layout Code - # iptables -A OUTPUT -o ppp0 -p ipv6 -d 192.0.2.2 -j ACCEPT \end_layout @@ -11426,7 +10838,6 @@ Block incoming TCP connection requests to this host \end_layout \begin_layout Code - # ip6tables -I INPUT -i sit+ -p tcp --syn -j DROP \end_layout @@ -11435,7 +10846,6 @@ Block incoming TCP connection requests to hosts behind this router \end_layout \begin_layout Code - # ip6tables -I FORWARD -i sit+ -p tcp --syn -j DROP \end_layout @@ -11468,7 +10878,6 @@ Block incoming UDP packets which cannot be responses of outgoing requests \end_layout \begin_layout Code - # ip6tables -I INPUT -i sit+ -p udp ! --dport 32768:60999 -j DROP \end_layout @@ -11478,7 +10887,6 @@ Block incoming UDP packets which cannot be responses of forwarded requests \end_layout \begin_layout Code - # ip6tables -I FORWARD -i sit+ -p udp ! --dport 32768:60999 -j DROP \end_layout @@ -11506,7 +10914,6 @@ tracking \end_layout \begin_layout Code - File: /etc/sysconfig/ip6tables \end_layout @@ -11515,87 +10922,70 @@ File: /etc/sysconfig/ip6tables \end_layout \begin_layout Code - *filter :INPUT ACCEPT [0:0] \end_layout \begin_layout Code - :FORWARD ACCEPT [0:0] \end_layout \begin_layout Code - :OUTPUT ACCEPT [0:0] \end_layout \begin_layout Code - :RH-Firewall-1-INPUT - [0:0] \end_layout \begin_layout Code - -A INPUT -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A FORWARD -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -i lo -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p icmpv6 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 50 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 51 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp --dport 5353 -d ff02::fb -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp6-adm-prohibited \end_layout \begin_layout Code - COMMIT \end_layout @@ -11604,7 +10994,6 @@ For completeness also the IPv4 configuration is shown here: \end_layout \begin_layout Code - File: /etc/sysconfig/iptables \end_layout @@ -11613,88 +11002,71 @@ File: /etc/sysconfig/iptables \end_layout \begin_layout Code - *filter :INPUT ACCEPT [0:0] \end_layout \begin_layout Code - :FORWARD ACCEPT [0:0] \end_layout \begin_layout Code - :OUTPUT ACCEPT [0:0] \end_layout \begin_layout Code - :RH-Firewall-1-INPUT - [0:0] \end_layout \begin_layout Code - -A INPUT -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A FORWARD -j RH-Firewall-1-INPUT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -i lo -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 50 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p 51 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT \end_layout \begin_layout Code - -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited \end_layout \begin_layout Code - COMMIT \end_layout @@ -11711,12 +11083,10 @@ Activate IPv4 & IPv6 firewalling \end_layout \begin_layout Code - # service iptables start \end_layout \begin_layout Code - # service ip6tables start \end_layout @@ -11725,12 +11095,10 @@ Enable automatic start after reboot \end_layout \begin_layout Code - # chkconfig iptables on \end_layout \begin_layout Code - # chkconfig ip6tables on \end_layout @@ -11749,578 +11117,472 @@ but still stateless filter \end_layout \begin_layout Code - # ip6tables -n -v -L \end_layout \begin_layout Code - Chain INPUT (policy DROP 0 packets, 0 bytes) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - 0 0 extIN all sit+ * ::/0 ::/0 \end_layout \begin_layout Code - 4 384 intIN all eth0 * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::1/128 ::1/128 \end_layout \begin_layout Code - 0 0 ACCEPT all lo * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `INPUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain FORWARD (policy DROP 0 packets, 0 bytes) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 int2ext all eth0 sit+ ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ext2int all sit+ eth0 ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `FORWARD-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain OUTPUT (policy DROP 0 packets, 0 bytes) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 extOUT all * sit+ ::/0 ::/0 \end_layout \begin_layout Code - 4 384 intOUT all * eth0 ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::1/128 ::1/128 \end_layout \begin_layout Code - 0 0 ACCEPT all * lo ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `OUTPUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain ext2int (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `ext2int-default:' \end_layout \begin_layout Code - 0 0 DROP tcp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP udp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain extIN (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * 3ffe:400:100::1/128 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:512:65535 dpt:22 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * 3ffe:400:100::2/128 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:512:65535 dpt:22 \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 ACCEPT udp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ udp spts:1:65535 dpts:1024:65535 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ limit: avg 5/min burst 5 LOG flags 0 level 7 prefix `extIN-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain extOUT (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 \end_layout \begin_layout Code - ¬ 2001:0db8:100::1/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 \end_layout \begin_layout Code - ¬ 2001:0db8:100::2/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02 \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1024:65535 dpts:1:65535 \end_layout \begin_layout Code - 0 0 ACCEPT udp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ udp spts:1024:65535 dpts:1:65535 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `extOUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain int2ext (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT icmpv6 * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 ACCEPT tcp * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ tcp spts:1024:65535 dpts:1:65535 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `int2ext:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `int2ext-default:' \end_layout \begin_layout Code - 0 0 DROP tcp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP udp * * ::/0 ::/0 \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain intIN (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::/0 \end_layout \begin_layout Code - ¬ fe80::/ffc0:: \end_layout \begin_layout Code - 4 384 ACCEPT all * * ::/0 ff02::/16 \end_layout \begin_layout Code - \end_layout \begin_layout Code - Chain intOUT (1 references) \end_layout \begin_layout Code - pkts bytes target prot opt in out source destination \end_layout \begin_layout Code - ¬ \end_layout \begin_layout Code - 0 0 ACCEPT all * * ::/0 \end_layout \begin_layout Code - ¬ fe80::/ffc0:: \end_layout \begin_layout Code - 4 384 ACCEPT all * * ::/0 ff02::/16 \end_layout \begin_layout Code - 0 0 LOG all * * ::/0 ::/0 \end_layout \begin_layout Code - ¬ LOG flags 0 level 7 prefix `intOUT-default:' \end_layout \begin_layout Code - 0 0 DROP all * * ::/0 ::/0 \end_layout @@ -12350,7 +11612,6 @@ Like in IPv4 clients behind a router can be hided by using IPv6 masquerading \end_layout \begin_layout Code - # ip6tables -t nat -A POSTROUTING -o sixxs -s fec0::/64 -j MASQUERADE \end_layout @@ -12364,7 +11625,6 @@ A dedicated public IPv6 address can be forwarded to an internal IPv6 address, \end_layout \begin_layout Code - # ip6tables -t nat -A PREROUTING -d 2001:db8:0:1:5054:ff:fe01:2345 -i sixxs -j DNAT --to-destination fec0::5054:ff:fe01:2345 \end_layout @@ -12378,7 +11638,6 @@ A dedicated specified port can be forwarded to an internal system, e.g. \end_layout \begin_layout Code - # ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-desti nation [fec0::1234]:80 \end_layout @@ -12418,22 +11677,18 @@ Load kernel modules \end_layout \begin_layout Code - # modprobe nf_tables \end_layout \begin_layout Code - # modprobe nf_tables_ipv4 \end_layout \begin_layout Code - # modprobe nf_tables_ipv6 \end_layout \begin_layout Code - # modprobe nf_tables_inet \end_layout @@ -12442,17 +11697,14 @@ Create filter tables \end_layout \begin_layout Code - # nft add table ip filter \end_layout \begin_layout Code - # nft add table ip6 filter \end_layout \begin_layout Code - # nft add table inet filter \end_layout @@ -12461,21 +11713,18 @@ Create input chain in each filter table \end_layout \begin_layout Code - # nft add chain ip filter input { type filter hook input priority 1 \backslash ; } \end_layout \begin_layout Code - # nft add chain ip6 filter input { type filter hook input priority 1 \backslash ; } \end_layout \begin_layout Code - # nft add chain inet filter input { type filter hook input priority 0 \backslash ; } @@ -12494,7 +11743,6 @@ Allow packets which are related to existing connection tracking entries \end_layout \begin_layout Code - # nft add rule inet filter input ct state established,related counter accept \end_layout @@ -12504,13 +11752,11 @@ Allow IPv4 and IPv6 ICMP echo-request (aka ping) \end_layout \begin_layout Code - # nft add rule ip filter input icmp type { echo-request } counter accept \end_layout \begin_layout Code - # nft add rule ip6 filter input icmpv6 type echo-request counter accept \end_layout @@ -12521,32 +11767,26 @@ Allow some important IPv6 ICMP traffic, without counter, but checking hop-limit \end_layout \begin_layout Code - # nft add rule ip6 filter input icmpv6 type \end_layout \begin_layout Code - ¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } \end_layout \begin_layout Code - ¬ ip6 hoplimit 1 accept \end_layout \begin_layout Code - # nft add rule ip6 filter input icmpv6 type \end_layout \begin_layout Code - ¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } \end_layout \begin_layout Code - ¬ ip6 hoplimit 255 accept \end_layout @@ -12564,7 +11804,6 @@ inet \end_layout \begin_layout Code - # nft add rule inet filter input tcp dport 22 ct state new tcp flags \backslash & @@ -12585,37 +11824,30 @@ Table for IPv4 filter \end_layout \begin_layout Code - # nft list table ip filter \end_layout \begin_layout Code - table ip filter { \end_layout \begin_layout Code - chain input { \end_layout \begin_layout Code - type filter hook input priority 1; \end_layout \begin_layout Code - icmp type { echo-request} counter packets 0 bytes 0 accept \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -12624,57 +11856,46 @@ Table for IPv6 filter \end_layout \begin_layout Code - # nft list table ip6 filter \end_layout \begin_layout Code - table ip6 filter { \end_layout \begin_layout Code - chain input { \end_layout \begin_layout Code - type filter hook input priority 1; \end_layout \begin_layout Code - icmpv6 type echo-request counter packets 0 bytes 0 accept \end_layout \begin_layout Code - ip6 hoplimit 1 icmpv6 type \end_layout \begin_layout Code - -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept \end_layout \begin_layout Code - ip6 hoplimit 255 icmpv6 type \end_layout \begin_layout Code - -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -12683,43 +11904,35 @@ Table for IP version aware filter \end_layout \begin_layout Code - # nft list table inet filter \end_layout \begin_layout Code - table inet filter { \end_layout \begin_layout Code - chain input { \end_layout \begin_layout Code - type filter hook input priority 0; \end_layout \begin_layout Code - ct state established,related counter packets 44 bytes 2288 accept \end_layout \begin_layout Code - tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets 0 bytes 0 accept \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -12827,12 +12040,10 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se \end_layout \begin_layout Code - # nc6 ::1 daytime \end_layout \begin_layout Code - 13 JUL 2002 11:22:22 CEST \end_layout @@ -12854,53 +12065,43 @@ target "http://www.insecure.org/nmap/" \end_layout \begin_layout Code - # nmap -6 -sT ::1 \end_layout \begin_layout Code - Starting nmap V. 3.10ALPHA3 ( www.insecure.org/nmap/ ) \end_layout \begin_layout Code - Interesting ports on localhost6 (::1): \end_layout \begin_layout Code - (The 1600 ports scanned but not shown below are in state: closed) \end_layout \begin_layout Code - Port State Service \end_layout \begin_layout Code - 22/tcp open ssh \end_layout \begin_layout Code - 53/tcp open domain \end_layout \begin_layout Code - 515/tcp open printer \end_layout \begin_layout Code - 2401/tcp open cvspserver \end_layout \begin_layout Code - Nmap run completed -- 1 IP address (1 host up) scanned in 0.525 seconds \end_layout @@ -12923,32 +12124,26 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se \end_layout \begin_layout Code - # ./strobe ::1 strobe 1.05 (c) 1995-1999 Julian Assange . \end_layout \begin_layout Code - ::1 2401 unassigned unknown \end_layout \begin_layout Code - ::1 22 ssh Secure Shell - RSA encrypted rsh \end_layout \begin_layout Code - ::1 515 printer spooler (lpd) \end_layout \begin_layout Code - ::1 6010 unassigned unknown \end_layout \begin_layout Code - ::1 53 domain Domain Name Server \end_layout @@ -13243,27 +12438,22 @@ Example for an end-to-end encrypted connection in transport mode \end_layout \begin_layout Code - #!/sbin/setkey -f \end_layout \begin_layout Code - flush; \end_layout \begin_layout Code - spdflush; \end_layout \begin_layout Code - spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec esp/transport//require; \end_layout \begin_layout Code - spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec esp/transport//require; \end_layout @@ -13276,37 +12466,30 @@ Example for a end-to-end encrypted connection in tunnel mode \end_layout \begin_layout Code - #!/sbin/setkey -f \end_layout \begin_layout Code - flush; \end_layout \begin_layout Code - spdflush; \end_layout \begin_layout Code - spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec \end_layout \begin_layout Code - ¬ esp/tunnel/2001:db8:1:1::1-2001:db8:2:2::2/require; \end_layout \begin_layout Code - spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec \end_layout \begin_layout Code - ¬ esp/tunnel/2001:db8:2:2::2-2001:db8:1:1::1/require; \end_layout @@ -13368,22 +12551,18 @@ File: /etc/racoon/racoon.conf \end_layout \begin_layout Code - # Racoon IKE daemon configuration file. \end_layout \begin_layout Code - # See 'man racoon.conf' for a description of the format and entries. \end_layout \begin_layout Code - path include "/etc/racoon"; \end_layout \begin_layout Code - path pre_shared_key "/etc/racoon/psk.txt"; \end_layout @@ -13392,22 +12571,18 @@ path pre_shared_key "/etc/racoon/psk.txt"; \end_layout \begin_layout Code - listen \end_layout \begin_layout Code - { \end_layout \begin_layout Code - isakmp 2001:db8:1:1::1; \end_layout \begin_layout Code - } \end_layout @@ -13416,62 +12591,50 @@ listen \end_layout \begin_layout Code - remote 2001:db8:2:2::2 \end_layout \begin_layout Code - { \end_layout \begin_layout Code - exchange_mode main; \end_layout \begin_layout Code - lifetime time 24 hour; \end_layout \begin_layout Code - proposal \end_layout \begin_layout Code - { \end_layout \begin_layout Code - encryption_algorithm 3des; \end_layout \begin_layout Code - hash_algorithm md5; \end_layout \begin_layout Code - authentication_method pre_shared_key; \end_layout \begin_layout Code - dh_group 2; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -13480,42 +12643,34 @@ remote 2001:db8:2:2::2 \end_layout \begin_layout Code - # gateway-to-gateway \end_layout \begin_layout Code - sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any \end_layout \begin_layout Code - { \end_layout \begin_layout Code - lifetime time 1 hour; \end_layout \begin_layout Code - encryption_algorithm 3des; \end_layout \begin_layout Code - authentication_algorithm hmac_md5; \end_layout \begin_layout Code - compression_algorithm deflate; \end_layout \begin_layout Code - } \end_layout @@ -13524,37 +12679,30 @@ sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any \end_layout \begin_layout Code - sainfo address 2001:db8:2:2::2 any address 2001:db8:1:1::1 any \end_layout \begin_layout Code - { \end_layout \begin_layout Code - lifetime time 1 hour; \end_layout \begin_layout Code - encryption_algorithm 3des; \end_layout \begin_layout Code - authentication_algorithm hmac_md5; \end_layout \begin_layout Code - compression_algorithm deflate; \end_layout \begin_layout Code - } \end_layout @@ -13567,12 +12715,10 @@ File: /etc/racoon/psk.txt \end_layout \begin_layout Code - # file for pre-shared keys used for IKE authentication \end_layout \begin_layout Code - # format is: 'identifier' 'key' \end_layout @@ -13581,7 +12727,6 @@ File: /etc/racoon/psk.txt \end_layout \begin_layout Code - 2001:db8:2:2::2 verysecret \end_layout @@ -13605,104 +12750,84 @@ At least the daemon needs to be started. \end_layout \begin_layout Code - # racoon -F -v -f /etc/racoon/racoon.conf \end_layout \begin_layout Code - Foreground mode. \end_layout \begin_layout Code - 2005-01-01 20:30:15: INFO: @(#)ipsec-tools 0.3.3 \end_layout \begin_layout Code - ¬ (http://ipsec-tools.sourceforge.net) \end_layout \begin_layout Code - 2005-01-01 20:30:15: INFO: @(#)This product linked \end_layout \begin_layout Code - ¬ OpenSSL 0.9.7a Feb 19 2003 (http://www.openssl.org/) \end_layout \begin_layout Code - 2005-01-01 20:30:15: INFO: 2001:db8:1:1::1[500] used as isakmp port (fd=7) \end_layout \begin_layout Code - 2005-01-01 20:31:06: INFO: IPsec-SA request for 2001:db8:2:2::2 \end_layout \begin_layout Code - ¬ queued due to no phase1 found. \end_layout \begin_layout Code - 2005-01-01 20:31:06: INFO: initiate new phase 1 negotiation: \end_layout \begin_layout Code - ¬ 2001:db8:1:1::1[500]<=>2001:db8:2:2::2[500] \end_layout \begin_layout Code - 2005-01-01 20:31:06: INFO: begin Identity Protection mode. \end_layout \begin_layout Code - 2005-01-01 20:31:09: INFO: ISAKMP-SA established \end_layout \begin_layout Code - ¬ 2001:db8:1:1::1[500]-2001:db8:2:2::2[500] spi:da3d3693289c9698:ac039a402b2db40 1 \end_layout \begin_layout Code - 2005-01-01 20:31:09: INFO: initiate new phase 2 negotiation: \end_layout \begin_layout Code - ¬ 2001:6f8:900:94::2[0]<=>2001:db8:2:2::2[0] \end_layout \begin_layout Code - 2005-01-01 20:31:10: INFO: IPsec-SA established: \end_layout \begin_layout Code - ¬ ESP/Tunnel 2001:db8:2:2::2->2001:db8:1:1::1 spi=253935531(0xf22bfab) \end_layout \begin_layout Code - 2005-01-01 20:31:10: INFO: IPsec-SA established: \end_layout \begin_layout Code - ¬ ESP/Tunnel 2001:db8:1:1::1->2001:db8:2:2::2 spi=175002564(0xa6e53c4) \end_layout @@ -13720,12 +12845,10 @@ tcpdump \end_layout \begin_layout Code - 20:35:55.305707 2001:db8:1:1::1 > 2001:db8:2:2::2: ESP(spi=0x0a6e53c4,seq=0x3) \end_layout \begin_layout Code - 20:35:55.537522 2001:db8:2:2::2 > 2001:db8:1:1::1: ESP(spi=0x0f22bfab,seq=0x3) \end_layout @@ -13746,117 +12869,94 @@ setkey \end_layout \begin_layout Code - # setkey -D \end_layout \begin_layout Code - 2001:db8:1:1::1 2001:db8:2:2::2 \end_layout \begin_layout Code - esp mode=tunnel spi=175002564(0x0a6e53c4) reqid=0(0x00000000) \end_layout \begin_layout Code - E: 3des-cbc bd26bc45 aea0d249 ef9c6b89 7056080f 5d9fa49c 924e2edd \end_layout \begin_layout Code - A: hmac-md5 60c2c505 517dd8b7 c9609128 a5efc2db \end_layout \begin_layout Code - seq=0x00000000 replay=4 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005 \end_layout \begin_layout Code - diff: 577(s) hard: 3600(s) soft: 2880(s) \end_layout \begin_layout Code - last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 540(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 3 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=1 pid=22358 refcnt=0 \end_layout \begin_layout Code - 2001:db8:2:2::2 2001:db8:1:1::1 \end_layout \begin_layout Code - esp mode=tunnel spi=253935531(0x0f22bfab) reqid=0(0x00000000) \end_layout \begin_layout Code - E: 3des-cbc c1ddba65 83debd62 3f6683c1 20e747ac 933d203f 4777a7ce \end_layout \begin_layout Code - A: hmac-md5 3f957db9 9adddc8c 44e5739d 3f53ca0e \end_layout \begin_layout Code - seq=0x00000000 replay=4 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005 \end_layout \begin_layout Code - diff: 577(s) hard: 3600(s) soft: 2880(s) \end_layout \begin_layout Code - last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 312(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 3 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=0 pid=22358 refcnt=0 \end_layout @@ -13949,22 +13049,18 @@ File: /etc/ipsec.conf \end_layout \begin_layout Code - # /etc/ipsec.conf - Openswan IPsec configuration file \end_layout \begin_layout Code - # \end_layout \begin_layout Code - # Manual: ipsec.conf.5 \end_layout \begin_layout Code - version 2.0 # conforms to second version of ipsec.conf specification \end_layout @@ -13973,27 +13069,22 @@ version 2.0 # conforms to second version of ipsec.conf specification \end_layout \begin_layout Code - # basic configuration \end_layout \begin_layout Code - config setup \end_layout \begin_layout Code - # Debug-logging controls: "none" for (almost) none, "all" for lots. \end_layout \begin_layout Code - # klipsdebug=none \end_layout \begin_layout Code - # plutodebug="control parsing" \end_layout @@ -14002,12 +13093,10 @@ config setup \end_layout \begin_layout Code - #Disable Opportunistic Encryption \end_layout \begin_layout Code - include /etc/ipsec.d/examples/no_oe.conf \end_layout @@ -14016,68 +13105,55 @@ include /etc/ipsec.d/examples/no_oe.conf \end_layout \begin_layout Code - conn ipv6-p1-p2 \end_layout \begin_layout Code - connaddrfamily=ipv6 # Important for IPv6, but no longer needed since StrongSwan 4 \end_layout \begin_layout Code - left=2001:db8:1:1::1 \end_layout \begin_layout Code - right=2001:db8:2:2::2 \end_layout \begin_layout Code - authby=secret \end_layout \begin_layout Code - esp=aes128-sha1 \end_layout \begin_layout Code - ike=aes128-sha-modp1024 \end_layout \begin_layout Code - type=transport \end_layout \begin_layout Code - #type=tunnel \end_layout \begin_layout Code - compress=no \end_layout \begin_layout Code - #compress=yes \end_layout \begin_layout Code - auto=add \end_layout \begin_layout Code - #auto=up \end_layout @@ -14094,7 +13170,6 @@ File: /etc/ipsec.secrets \end_layout \begin_layout Code - 2001:db8:1:1::1 2001:db8:2:2::2 : PSK "verysecret" \end_layout @@ -14116,7 +13191,6 @@ If installation of Openswan was successfully, an initscript should exist \end_layout \begin_layout Code - # /etc/rc.d/init.d/ipsec start \end_layout @@ -14134,42 +13208,34 @@ IPsec SA established \end_layout \begin_layout Code - # ipsec auto --up ipv6-peer1-peer2 \end_layout \begin_layout Code - 104 "ipv6-p1-p2" #1: STATE_MAIN_I1: initiate \end_layout \begin_layout Code - 106 "ipv6-p1-p2" #1: STATE_MAIN_I2: sent MI2, expecting MR2 \end_layout \begin_layout Code - 108 "ipv6-p1-p2" #1: STATE_MAIN_I3: sent MI3, expecting MR3 \end_layout \begin_layout Code - 004 "ipv6-p1-p2" #1: STATE_MAIN_I4: ISAKMP SA established \end_layout \begin_layout Code - 112 "ipv6-p1-p2" #2: STATE_QUICK_I1: initiate \end_layout \begin_layout Code - 004 "ipv6-p1-p2" #2: STATE_QUICK_I2: sent QI2, \end_layout \begin_layout Code - ¬ IPsec SA established {ESP=>0xa98b7710 <0xa51e1f22} \end_layout @@ -14187,117 +13253,94 @@ setkey \end_layout \begin_layout Code - # setkey -D \end_layout \begin_layout Code - 2001:db8:1:1::1 2001:db8:2:2::2 \end_layout \begin_layout Code - esp mode=transport spi=2844489488(0xa98b7710) reqid=16385(0x00004001) \end_layout \begin_layout Code - E: aes-cbc 082ee274 2744bae5 7451da37 1162b483 \end_layout \begin_layout Code - A: hmac-sha1 b7803753 757417da 477b1c1a 64070455 ab79082c \end_layout \begin_layout Code - seq=0x00000000 replay=64 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 21:16:32 2005 current: Jan 1 21:22:20 2005 \end_layout \begin_layout Code - diff: 348(s) hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - last: hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 0(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 0 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=1 pid=23825 refcnt=0 \end_layout \begin_layout Code - 2001:db8:2:2::2 2001:db8:1:1::1 \end_layout \begin_layout Code - esp mode=transport spi=2770214690(0xa51e1f22) reqid=16385(0x00004001) \end_layout \begin_layout Code - E: aes-cbc 6f59cc30 8d856056 65e07b76 552cac18 \end_layout \begin_layout Code - A: hmac-sha1 c7c7d82b abfca8b1 5440021f e0c3b335 975b508b \end_layout \begin_layout Code - seq=0x00000000 replay=64 flags=0x00000000 state=mature \end_layout \begin_layout Code - created: Jan 1 21:16:31 2005 current: Jan 1 21:22:20 2005 \end_layout \begin_layout Code - diff: 349(s) hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - last: hard: 0(s) soft: 0(s) \end_layout \begin_layout Code - current: 0(bytes) hard: 0(bytes) soft: 0(bytes) \end_layout \begin_layout Code - allocated: 0 hard: 0 soft: 0 \end_layout \begin_layout Code - sadb_seq=0 pid=23825 refcnt=0 \end_layout @@ -14319,12 +13362,10 @@ ip \end_layout \begin_layout Code - # ip xfrm policy \end_layout \begin_layout Code - ... \end_layout @@ -14333,12 +13374,10 @@ ip \end_layout \begin_layout Code - # ip xfrm state \end_layout \begin_layout Code - ... \end_layout @@ -14385,39 +13424,32 @@ Proper working QoS is only possible on the outgoing interface of a router \end_layout \begin_layout Code - -------------->------- \end_layout \begin_layout Code - Queue 1 \backslash \end_layout \begin_layout Code - --->--- ---->--------->--------->--------------- \end_layout \begin_layout Code - Big pipe Queue 2 Queue 1 / Queue 2 / Queue 3 Thin Pipe \end_layout \begin_layout Code - --->---- ---->--------->--------->--------------- \end_layout \begin_layout Code - Queue 3 / \end_layout \begin_layout Code - -------------->------- \end_layout @@ -14486,7 +13518,6 @@ Define root qdisc with a bandwidth of 1000 MBit/s on eth1 \end_layout \begin_layout Code - # tc qdisc add dev eth1 root handle 1: cbq avpkt 1000 bandwidth 1000Mbit \end_layout @@ -14499,7 +13530,6 @@ Define a class 1:1 with 1 MBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:1 cbq rate 1Mbit allot 1500 bounded \end_layout @@ -14509,7 +13539,6 @@ Define a class 1:2 with 50 MBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:2 cbq rate 50Mbit allot 1500 bounded \end_layout @@ -14519,7 +13548,6 @@ Define a class 1:3 with 10 MBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:3 cbq rate 10Mbit allot 1500 bounded \end_layout @@ -14529,7 +13557,6 @@ Define a class 1:4 with 200 kBit/s \end_layout \begin_layout Code - # tc class add dev eth1 parent 1: classid 1:4 cbq rate 200kbit allot 1500 bounded \end_layout @@ -14555,7 +13582,6 @@ match ip dport 5001 0xffff \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ip u32 match ip protocol 6 0xff match ip dport 5001 0xffff flowid 1:1 \end_layout @@ -14573,7 +13599,6 @@ match ip6 protocol 6 0xff \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 protocol 6 0xff match ip6 dport 5001 0xffff flowid 1:2 \end_layout @@ -14587,7 +13612,6 @@ match ip6 flowlabel 12345 0x3ffff \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 flowlabel 12345 0x3ffff flowid 1:3 \end_layout @@ -14601,7 +13625,6 @@ handle 32 fw \end_layout \begin_layout Code - # tc filter add dev eth1 parent 1: protocol ipv6 handle 32 fw flowid 1:4 \end_layout @@ -14611,7 +13634,6 @@ The last filter definition requires an entry in the ip6tables to mark a \end_layout \begin_layout Code - # ip6tables -A POSTROUTING -t mangle -p tcp --dport 5003 -j MARK --set-mark 32 \end_layout @@ -14625,17 +13647,14 @@ Start on server side each one one separate console: \end_layout \begin_layout Code - # iperf -V -s -p 5001 \end_layout \begin_layout Code - # iperf -V -s -p 5002 \end_layout \begin_layout Code - # iperf -V -s -p 5003 \end_layout @@ -14644,35 +13663,29 @@ Start on client side and compare results: \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv4 -p 5001 (expected: 1 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv6 -p 5001 (expected: 50 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv4 -p 5002 (expected: >> 50 MBit/s && <= 1000 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv6 -p 5002 (expected: >> 50 MBit/s && <= 1000 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv4 -p 5003 (expected: >> 50 MBit/s && <= 1000 MBit/s) \end_layout \begin_layout Code - # iperf -V -c SERVER-IPv6 -p 5003 (expected: 200 kBit/s) \end_layout @@ -14748,22 +13761,18 @@ To enable IPv6 for listening, following options are requested to change \end_layout \begin_layout Code - options { \end_layout \begin_layout Code - # sure other options here, too \end_layout \begin_layout Code - listen-on-v6 { any; }; \end_layout \begin_layout Code - }; \end_layout @@ -14772,59 +13781,48 @@ This should result after restart in e.g. \end_layout \begin_layout Code - # netstat -lnptu |grep "named \backslash W*$" \end_layout \begin_layout Code - tcp 0 0 :::53 :::* LISTEN 1234/named \end_layout \begin_layout Code - ¬ # incoming TCP requests \end_layout \begin_layout Code - udp 0 0 1.2.3.4:53 0.0.0.0:* 1234/named \end_layout \begin_layout Code - ¬ # incoming UDP requests to IPv4 1.2.3.4 \end_layout \begin_layout Code - udp 0 0 127.0.0.1:53 0.0.0.0:* 1234/named \end_layout \begin_layout Code - ¬ # incoming UDP requests to IPv4 localhost \end_layout \begin_layout Code - udp 0 0 0.0.0.0:32868 0.0.0.0:* 1234/named \end_layout \begin_layout Code - ¬ # dynamic chosen port for outgoing queries \end_layout \begin_layout Code - udp 0 0 :::53 :::* 1234/named \end_layout \begin_layout Code - ¬ # incoming UDP request to any IPv6 \end_layout @@ -14833,7 +13831,6 @@ And a simple test looks like \end_layout \begin_layout Code - # dig localhost @::1 \end_layout @@ -14850,22 +13847,18 @@ To disable IPv6 for listening, following options are requested to change \end_layout \begin_layout Code - options { \end_layout \begin_layout Code - # sure other options here, too \end_layout \begin_layout Code - listen-on-v6 { none; }; \end_layout \begin_layout Code - }; \end_layout @@ -14879,67 +13872,54 @@ IPv6 enabled ACLs are possible and should be used whenever it's possible. \end_layout \begin_layout Code - acl internal-net { \end_layout \begin_layout Code - 127.0.0.1; \end_layout \begin_layout Code - 1.2.3.0/24; \end_layout \begin_layout Code - 2001:0db8:100::/56; \end_layout \begin_layout Code - ::1/128; \end_layout \begin_layout Code - ::ffff:1.2.3.4/128; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - acl ns-internal-net { \end_layout \begin_layout Code - 1.2.3.4; \end_layout \begin_layout Code - 1.2.3.5; \end_layout \begin_layout Code - 2001:0db8:100::4/128; \end_layout \begin_layout Code - 2001:0db8:100::5/128; \end_layout \begin_layout Code - }; \end_layout @@ -14951,32 +13931,26 @@ This ACLs can be used e.g. \end_layout \begin_layout Code - options { \end_layout \begin_layout Code - # sure other options here, too \end_layout \begin_layout Code - listen-on-v6 { none; }; \end_layout \begin_layout Code - allow-query { internal-net; }; \end_layout \begin_layout Code - allow-transfer { ns-internal-net; }; \end_layout \begin_layout Code - }; \end_layout @@ -15001,7 +13975,6 @@ This option is not required, but perhaps needed: \end_layout \begin_layout Code - query-source-v6 address port ; \end_layout @@ -15022,7 +13995,6 @@ Transfer source address is used for outgoing zone transfers: \end_layout \begin_layout Code - transfer-source-v6 [port port]; \end_layout @@ -15035,7 +14007,6 @@ Notify source address is used for outgoing notify messages: \end_layout \begin_layout Code - notify-source-v6 [port port]; \end_layout @@ -15188,27 +14159,22 @@ Specifying a dedicated server for the query, an IPv6 connect can be forced: \end_layout \begin_layout Code - $ host -t aaaa www.6bone.net 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Using domain server: \end_layout \begin_layout Code - Name: 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Address: 2001:0db8:200:f101::1#53 \end_layout \begin_layout Code - Aliases: \end_layout @@ -15217,7 +14183,6 @@ Aliases: \end_layout \begin_layout Code - Host www.6bone.net. not found: 5(REFUSED) \end_layout @@ -15227,17 +14192,14 @@ Related log entry looks like following: \end_layout \begin_layout Code - Jan 3 12:43:32 gate named[12347]: client \end_layout \begin_layout Code - ¬ 2001:0db8:200:f101:212:34ff:fe12:3456#32770: \end_layout \begin_layout Code - query denied \end_layout @@ -15255,27 +14217,22 @@ A successful IPv6 connect looks like following: \end_layout \begin_layout Code - $ host -t aaaa www.6bone.net 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Using domain server: \end_layout \begin_layout Code - Name: 2001:0db8:200:f101::1 \end_layout \begin_layout Code - Address: 2001:0db8:200:f101::1#53 \end_layout \begin_layout Code - Aliases: \end_layout @@ -15284,14 +14241,12 @@ Aliases: \end_layout \begin_layout Code - www.6bone.net. is an alias for 6bone.net. \end_layout \begin_layout Code - 6bone.net. has AAAA address 3ffe:b00:c18:1::10 \end_layout @@ -15335,52 +14290,42 @@ If you enable a built-in service like e.g. \end_layout \begin_layout Code - # diff -u /etc/xinetd.d/daytime.orig /etc/xinetd.d/daytime \end_layout \begin_layout Code - --- /etc/xinetd.d/daytime.orig Sun Dec 16 19:00:14 2001 \end_layout \begin_layout Code - +++ /etc/xinetd.d/daytime Sun Dec 16 19:00:22 2001 \end_layout \begin_layout Code - @@ -10,5 +10,5 @@ \end_layout \begin_layout Code - protocol = tcp \end_layout \begin_layout Code - user = root \end_layout \begin_layout Code - wait = no \end_layout \begin_layout Code - - disable = yes \end_layout \begin_layout Code - + disable = no \end_layout \begin_layout Code - } \end_layout @@ -15389,27 +14334,22 @@ After restarting the xinetd you should get a positive result like: \end_layout \begin_layout Code - # netstat -lnptu -A inet6 |grep "xinetd*" \end_layout \begin_layout Code - tcp 0 0 ::ffff:192.168.1.1:993 :::* LISTEN 12345/xinetd-ipv6 \end_layout \begin_layout Code - tcp 0 0 :::13 :::* LISTEN 12345/xinetd-ipv6 <- service \end_layout \begin_layout Code - ¬ daytime/tcp \end_layout \begin_layout Code - tcp 0 0 ::ffff:192.168.1.1:143 :::* LISTEN 12345/xinetd-ipv6 \end_layout @@ -15464,27 +14404,22 @@ Virtual host listen on an IPv6 address only \end_layout \begin_layout Code - Listen [2001:0db8:100::1]:80 \end_layout \begin_layout Code - \end_layout \begin_layout Code - ServerName ipv6only.yourdomain.yourtopleveldomain \end_layout \begin_layout Code - # ...sure more config lines \end_layout \begin_layout Code - \end_layout @@ -15493,32 +14428,26 @@ Virtual host listen on an IPv6 and on an IPv4 address \end_layout \begin_layout Code - Listen [2001:0db8:100::2]:80 \end_layout \begin_layout Code - Listen 1.2.3.4:80 \end_layout \begin_layout Code - \end_layout \begin_layout Code - ServerName ipv6andipv4.yourdomain.yourtopleveldomain \end_layout \begin_layout Code - # ...sure more config lines \end_layout \begin_layout Code - \end_layout @@ -15527,24 +14456,20 @@ This should result after restart in e.g. \end_layout \begin_layout Code - # netstat -lnptu |grep "httpd2 \backslash W*$" \end_layout \begin_layout Code - tcp 0 0 1.2.3.4:80 0.0.0.0:* LISTEN 12345/httpd2 \end_layout \begin_layout Code - tcp 0 0 2001:0db8:100::1:80 :::* LISTEN 12345/httpd2 \end_layout \begin_layout Code - tcp 0 0 2001:0db8:100::2:80 :::* LISTEN 12345/httpd2 \end_layout @@ -15644,52 +14569,42 @@ Radvd's config file is normally /etc/radvd.conf. \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - AdvSendAdvert on; \end_layout \begin_layout Code - MinRtrAdvInterval 3; \end_layout \begin_layout Code - MaxRtrAdvInterval 10; \end_layout \begin_layout Code - prefix 2001:0db8:0100:f101::/64 { \end_layout \begin_layout Code - AdvOnLink on; \end_layout \begin_layout Code - AdvAutonomous on; \end_layout \begin_layout Code - AdvRouterAddr on; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - }; \end_layout @@ -15698,28 +14613,23 @@ This results on client side in \end_layout \begin_layout Code - # ip -6 addr show eth0 \end_layout \begin_layout Code - 3: eth0: mtu 1500 qdisc pfifo_fast qlen 100 \end_layout \begin_layout Code - inet6 2001:0db8:100:f101:2e0:12ff:fe34:1234/64 scope global dynamic \end_layout \begin_layout Code - valid_lft 2591992sec preferred_lft 604792sec \end_layout \begin_layout Code - inet6 fe80::2e0:12ff:fe34:1234/10 scope link \end_layout @@ -15742,67 +14652,54 @@ Version since 0.6.2pl3 support the automatic (re)-generation of the prefix \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - AdvSendAdvert on; \end_layout \begin_layout Code - MinRtrAdvInterval 3; \end_layout \begin_layout Code - MaxRtrAdvInterval 10; \end_layout \begin_layout Code - prefix 0:0:0:f101::/64 { \end_layout \begin_layout Code - AdvOnLink off; \end_layout \begin_layout Code - AdvAutonomous on; \end_layout \begin_layout Code - AdvRouterAddr on; \end_layout \begin_layout Code - Base6to4Interface ppp0; \end_layout \begin_layout Code - AdvPreferredLifetime 20; \end_layout \begin_layout Code - AdvValidLifetime 30; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - }; \end_layout @@ -15812,28 +14709,23 @@ This results on client side in (assuming, ppp0 has currently 1.2.3.4 as local \end_layout \begin_layout Code - # /sbin/ip -6 addr show eth0 \end_layout \begin_layout Code - 3: eth0: mtu 1500 qdisc pfifo_fast qlen 100 \end_layout \begin_layout Code - inet6 2002:0102:0304:f101:2e0:12ff:fe34:1234/64 scope global dynamic \end_layout \begin_layout Code - valid_lft 22sec preferred_lft 12sec \end_layout \begin_layout Code - inet6 fe80::2e0:12ff:fe34:1234/10 scope link \end_layout @@ -15850,7 +14742,6 @@ Additional note: if you do not used special 6to4 support in initscripts, \end_layout \begin_layout Code - # /sbin/ip -6 route add 2002:0102:0304:f101::/64 dev eth0 metric 1 \end_layout @@ -15877,107 +14768,86 @@ radvdump \end_layout \begin_layout Code - # radvdump \end_layout \begin_layout Code - Router advertisement from fe80::280:c8ff:feb9:cef9 (hoplimit 255) \end_layout \begin_layout Code - AdvCurHopLimit: 64 \end_layout \begin_layout Code - AdvManagedFlag: off \end_layout \begin_layout Code - AdvOtherConfigFlag: off \end_layout \begin_layout Code - AdvHomeAgentFlag: off \end_layout \begin_layout Code - AdvReachableTime: 0 \end_layout \begin_layout Code - AdvRetransTimer: 0 \end_layout \begin_layout Code - Prefix 2002:0102:0304:f101::/64 \end_layout \begin_layout Code - AdvValidLifetime: 30 \end_layout \begin_layout Code - AdvPreferredLifetime: 20 \end_layout \begin_layout Code - AdvOnLink: off \end_layout \begin_layout Code - AdvAutonomous: on \end_layout \begin_layout Code - AdvRouterAddr: on \end_layout \begin_layout Code - Prefix 2001:0db8:100:f101::/64 \end_layout \begin_layout Code - AdvValidLifetime: 2592000 \end_layout \begin_layout Code - AdvPreferredLifetime: 604800 \end_layout \begin_layout Code - AdvOnLink: on \end_layout \begin_layout Code - AdvAutonomous: on \end_layout \begin_layout Code - AdvRouterAddr: on \end_layout \begin_layout Code - AdvSourceLLAddress: 00 80 12 34 56 78 \end_layout @@ -16029,67 +14899,54 @@ dhcp6s's config file is normally /etc/dhcp6s.conf. \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - server-preference 255; \end_layout \begin_layout Code - renew-time 60; \end_layout \begin_layout Code - rebind-time 90; \end_layout \begin_layout Code - prefer-life-time 130; \end_layout \begin_layout Code - valid-life-time 200; \end_layout \begin_layout Code - allow rapid-commit; \end_layout \begin_layout Code - option dns_servers 2001:db8:0:f101::1 sub.domain.example; \end_layout \begin_layout Code - link AAA { \end_layout \begin_layout Code - range 2001:db8:0:f101::1000 to 2001:db8:0:f101::ffff/64; \end_layout \begin_layout Code - prefix 2001:db8:0:f101::/64; \end_layout \begin_layout Code - }; \end_layout \begin_layout Code - }; \end_layout @@ -16107,22 +14964,18 @@ dhcp6c's config file is normally /etc/dhcp6c.conf. \end_layout \begin_layout Code - interface eth0 { \end_layout \begin_layout Code - send rapid-commit; \end_layout \begin_layout Code - request domain-name-servers; \end_layout \begin_layout Code - }; \end_layout @@ -16139,7 +14992,6 @@ Start server, e.g. \end_layout \begin_layout Code - # service dhcp6s start \end_layout @@ -16152,7 +15004,6 @@ Start client in foreground, e.g. \end_layout \begin_layout Code - # dhcp6c -f eth0 \end_layout @@ -16170,7 +15021,6 @@ The server has one foreground and two debug toggles (both should be used \end_layout \begin_layout Code - # dhcp6s -d -D -f eth0 \end_layout @@ -16184,7 +15034,6 @@ As general debugging for test whether the IPv6 DHCP server is reable on \end_layout \begin_layout Code - # ping6 -I eth0 ff02::1:2 \end_layout @@ -16193,63 +15042,51 @@ The client has one foreground and two debug toggles, here is an example: \end_layout \begin_layout Code - # dhcp6c -d -f eth0 \end_layout \begin_layout Code - Oct/03/2005 17:18:16 dhcpv6 doesn't support hardware type 776 \end_layout \begin_layout Code - Oct/03/2005 17:18:16 doesn't support sit0 address family 0 \end_layout \begin_layout Code - Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:17 status code for this address is: success \end_layout \begin_layout Code - Oct/03/2005 17:18:17 status code: success \end_layout \begin_layout Code - Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error \end_layout \begin_layout Code - Oct/03/2005 17:18:17 assigned address 2001:db8:0:f101::1002 prefix len is not \end_layout \begin_layout Code - ¬ in any RAs prefix length using 64 bit instead \end_layout \begin_layout Code - Oct/03/2005 17:18:17 renew time 60, rebind time 9 \end_layout @@ -16300,32 +15137,26 @@ Create a dedicated configuration file /etc/dhcp/dhcpd6.conf for the IPv6 \end_layout \begin_layout Code - default-lease-time 600; \end_layout \begin_layout Code - max-lease-time 7200; \end_layout \begin_layout Code - log-facility local7; \end_layout \begin_layout Code - subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Range for clients \end_layout \begin_layout Code - range6 2001:db8:0:1::129 2001:db8:0:1::254; \end_layout @@ -16334,12 +15165,10 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Range for clients requesting a temporary address \end_layout \begin_layout Code - range6 2001:db8:0:1::/64 temporary; \end_layout @@ -16348,17 +15177,14 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Additional options \end_layout \begin_layout Code - option dhcp6.name-servers fec0:0:0:1::1; \end_layout \begin_layout Code - option dhcp6.domain-search "domain.example"; \end_layout @@ -16367,12 +15193,10 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Prefix range for delegation to sub-routers \end_layout \begin_layout Code - prefix6 2001:db8:0:100:: 2001:db8:0:f00:: /56; \end_layout @@ -16381,33 +15205,27 @@ subnet6 2001:db8:0:1::/64 { \end_layout \begin_layout Code - # Example for a fixed host address \end_layout \begin_layout Code - host specialclient { \end_layout \begin_layout Code - host-identifier option dhcp6.client-id 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01: 23:45; \end_layout \begin_layout Code - fixed-address6 2001:db8:0:1::127; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } \end_layout @@ -16443,7 +15261,6 @@ dhcp6c \end_layout \begin_layout Code - # hexdump -e '"%07.7_ax " 1/2 "%04x" " " 14/1 "%02x:" " \backslash n"' /var/lib/dhcpv6/dhcp6c_duid 0000000 000e 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01 @@ -16463,56 +15280,46 @@ Start server in foreground: \end_layout \begin_layout Code - # /usr/sbin/dhcpd -6 -d -cf /etc/dhcp/dhcpd6.conf eth1 \end_layout \begin_layout Code - Internet Systems Consortium DHCP Server 4.1.0 \end_layout \begin_layout Code - Copyright 2004-2008 Internet Systems Consortium. \end_layout \begin_layout Code - All rights reserved. \end_layout \begin_layout Code - For info, please visit http://www.isc.org/sw/dhcp/ \end_layout \begin_layout Code - Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file \end_layout \begin_layout Code - Wrote 0 leases to leases file. \end_layout \begin_layout Code - Bound to *:547 \end_layout \begin_layout Code - Listening on Socket/5/eth1/2001:db8:0:1::/64 \end_layout \begin_layout Code - Sending on Socket/5/eth1/2001:db8:0:1::/64 \end_layout @@ -16545,68 +15352,55 @@ Create a dedicated configuration file /etc/dibbler/server.conf . \end_layout \begin_layout Code - log-level 8 \end_layout \begin_layout Code - log-mode short \end_layout \begin_layout Code - preference 0 \end_layout \begin_layout Code - iface "eth1" { \end_layout \begin_layout Code - // also ranges can be defines, instead of exact values t1 1800-2000 t2 2700-3000 \end_layout \begin_layout Code - prefered-lifetime 3600 \end_layout \begin_layout Code - valid-lifetime 7200 \end_layout \begin_layout Code - class { \end_layout \begin_layout Code - pool 2001:6f8:12d8:1::/64 \end_layout \begin_layout Code - } \end_layout \begin_layout Code - option dns-server fec0:0:0:1::1 \end_layout \begin_layout Code - option domain domain.example \end_layout \begin_layout Code - } \end_layout @@ -16623,148 +15417,124 @@ Start server in foreground: \end_layout \begin_layout Code - # dibbler-server run \end_layout \begin_layout Code - | Dibbler - a portable DHCPv6, version 0.7.3 (SERVER, Linux port) \end_layout \begin_layout Code - | Authors : Tomasz Mrugalski,Marek Senderski \end_layout \begin_layout Code - | Licence : GNU GPL v2 only. Developed at Gdansk University of Technology. \end_layout \begin_layout Code - | Homepage: http://klub.com.pl/dhcpv6/ \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice My pid (1789) is stored in /var/lib/dibbler/s erver.pid \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Detected iface eth0/3, MAC=54:52:00:01:23:45. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Detected iface eth1/2, MAC=54:52:00:67:89:ab. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Detected iface lo/1, MAC=00:00:00:00:00:00. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Debug Skipping database loading. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Debug Cache:server-cache.xml file: parsing started, expecting 0 entries. \end_layout \begin_layout Code - 2009.05.28 10:18:48 Server Notice Parsing /etc/dibbler/server.conf config file... \end_layout \begin_layout Code - 18:48 Server Debug Setting 0 generic option(s). \end_layout \begin_layout Code - 18:48 Server Debug 0 per-client configurations (exceptions) added. \end_layout \begin_layout Code - 18:48 Server Debug Parsing /etc/dibbler/server.conf done. \end_layout \begin_layout Code - 18:48 Server Info 0 client class(es) defined. \end_layout \begin_layout Code - 18:48 Server Debug 1 interface(s) specified in /etc/dibbler/server.conf \end_layout \begin_layout Code - 18:48 Server Info Mapping allow, deny list to class 0:0 allow/deny entries in total. \end_layout \begin_layout Code - 18:48 Server Info Interface eth1/2 configuration has been loaded. \end_layout \begin_layout Code - 18:48 Server Notice Running in stateful mode. \end_layout \begin_layout Code - 18:48 Server Info My DUID is 00:01:00:01:11:aa:6d:a7:54:52:00:67:89:ab. \end_layout \begin_layout Code - 18:48 Server Notice Creating multicast (ff02::1:2) socket on eth1/2 (eth1/2) interface. \end_layout \begin_layout Code - 18:48 Server Debug Cache: size set to 1048576 bytes, 1 cache entry size is 87 bytes, so maximum 12052 address-client pair(s) may be cached. \end_layout \begin_layout Code - 18:48 Server Notice Accepting connections. Next event in 4294967295 second(s). \end_layout @@ -16826,7 +15596,6 @@ tcp_wrapper is controlled by two files name /etc/hosts.allow and /etc/hosts.deny \end_layout \begin_layout Code - $ man hosts.allow \end_layout @@ -16840,13 +15609,11 @@ In this file, each service which should be positive filtered (means connects \end_layout \begin_layout Code - sshd: 1.2.3. [2001:0db8:100:200::]/64 \end_layout \begin_layout Code - daytime-stream: 1.2.3. [2001:0db8:100:200::]/64 \end_layout @@ -16867,7 +15634,6 @@ This file contains all negative filter entries and should normally deny \end_layout \begin_layout Code - ALL: ALL \end_layout @@ -16879,12 +15645,10 @@ If this node is a more sensible one you can replace the standard line above \end_layout \begin_layout Code - ALL: ALL: spawn (echo "Attempt from %h %a to %d at `date`" \end_layout \begin_layout Code - | tee -a /var/log/tcp.deny.log | mail root@localhost) \end_layout @@ -16907,22 +15671,18 @@ A refused connection via IPv4 to an xinetd covered daytime service produces \end_layout \begin_layout Code - Jan 2 20:40:44 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap \end_layout \begin_layout Code - ¬ from=::ffff:1.2.3.4 \end_layout \begin_layout Code - Jan 2 20:32:06 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap \end_layout \begin_layout Code - from=2001:0db8:100:200::212:34ff:fe12:3456 \end_layout @@ -16932,27 +15692,22 @@ A refused connection via IPv4 to an dual-listen sshd produces a line like \end_layout \begin_layout Code - Jan 2 20:24:17 gate sshd[12345]: refused connect from ::ffff:1.2.3.4 \end_layout \begin_layout Code - ¬ (::ffff:1.2.3.4) \end_layout \begin_layout Code - Jan 2 20:39:33 gate sshd[12345]: refused connect \end_layout \begin_layout Code - from 2001:0db8:100:200::212:34ff:fe12:3456 \end_layout \begin_layout Code - ¬ (2001:0db8:100:200::212:34ff:fe12:3456) \end_layout @@ -16966,22 +15721,18 @@ A permitted connection via IPv4 to an xinetd covered daytime service produces \end_layout \begin_layout Code - Jan 2 20:37:50 gate xinetd-ipv6[12346]: START: daytime-stream pid=0 \end_layout \begin_layout Code - ¬ from=::ffff:1.2.3.4 \end_layout \begin_layout Code - Jan 2 20:37:56 gate xinetd-ipv6[12346]: START: daytime-stream pid=0 \end_layout \begin_layout Code - from=2001:0db8:100:200::212:34ff:fe12:3456 \end_layout @@ -16991,22 +15742,18 @@ A permitted connection via IPv4 to an dual-listen sshd produces a line like \end_layout \begin_layout Code - Jan 2 20:43:10 gate sshd[21975]: Accepted password for user from ::ffff:1.2.3.4 \end_layout \begin_layout Code - ¬ port 33381 ssh2 \end_layout \begin_layout Code - Jan 2 20:42:19 gate sshd[12345]: Accepted password for user \end_layout \begin_layout Code - from 2001:0db8:100:200::212:34ff:fe12:3456 port 33380 ssh2 \end_layout @@ -17030,7 +15777,6 @@ Edit the configuration file, ususally /etc/vsftpd/vsftpd.conf, and adjust \end_layout \begin_layout Code - listen_ipv6=yes \end_layout @@ -17058,27 +15804,22 @@ Edit the configuration file, ususally /etc/proftpd.conf, but take care, not \end_layout \begin_layout Code - \end_layout \begin_layout Code - ... \end_layout \begin_layout Code - Bind 2001:0DB8::1 \end_layout \begin_layout Code - ... \end_layout \begin_layout Code - \end_layout @@ -17278,37 +16019,30 @@ struct sockaddr_in \end_layout \begin_layout Code - struct sockaddr_in \end_layout \begin_layout Code - { \end_layout \begin_layout Code - sa_family_t sin_family; \end_layout \begin_layout Code - in_port_t sin_port; \end_layout \begin_layout Code - struct in_addr sin_addr; \end_layout \begin_layout Code - /* Plus some padding for alignment */ \end_layout \begin_layout Code - }; \end_layout @@ -17360,42 +16094,34 @@ struct sockaddr_in6 \end_layout \begin_layout Code - struct sockaddr_in6 \end_layout \begin_layout Code - { \end_layout \begin_layout Code - sa_family_t sin6_family; \end_layout \begin_layout Code - in_port_t sin6_port; \end_layout \begin_layout Code - uint32_t sin6_flowinfo; \end_layout \begin_layout Code - struct in6_addr sin6_addr; \end_layout \begin_layout Code - uint32_t sin6_scope_id; \end_layout \begin_layout Code - }; \end_layout @@ -17509,7 +16235,6 @@ fe80::1%eth1 \end_layout \begin_layout Code - Host A (fe80::1) ---- eth0 ---- Host B ---- eth1 ---- Host C (fe80::1) \end_layout @@ -17618,32 +16343,26 @@ recvfrom(2) \end_layout \begin_layout Code - ssize_t recvfrom( int s, \end_layout \begin_layout Code - void *buf, \end_layout \begin_layout Code - size_t len, \end_layout \begin_layout Code - int flags, \end_layout \begin_layout Code - struct sockaddr *from, \end_layout \begin_layout Code - socklen_t *fromlen ); \end_layout @@ -17669,104 +16388,84 @@ struct sockaddr_storage \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Read a message from a remote peer, and return a buffer pointer to \end_layout \begin_layout Code - ** the caller. \end_layout \begin_layout Code - ** \end_layout \begin_layout Code - ** 's' is the file descriptor for the socket. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - char *rcvMsg( int s ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - static char bfr[ 1025 ]; /* Where the msg is stored. */ \end_layout \begin_layout Code - ssize_t count; \end_layout \begin_layout Code - struct sockaddr_storage ss; /* Where the peer adr goes. */ \end_layout \begin_layout Code - socklen_t sslen; \end_layout \begin_layout Code - sslen = sizeof( ss ); \end_layout \begin_layout Code - count = recvfrom( s, \end_layout \begin_layout Code - bfr, \end_layout \begin_layout Code - sizeof( bfr ) - 1, \end_layout \begin_layout Code - 0, \end_layout \begin_layout Code - (struct sockaddr*) &ss, \end_layout \begin_layout Code - &sslen ); \end_layout \begin_layout Code - bfr[ count ] = ' \backslash 0'; /* Null-terminates the message. @@ -17774,12 +16473,10 @@ char *rcvMsg( int s ) \end_layout \begin_layout Code - return bfr; \end_layout \begin_layout Code - } /* End rcvMsg() */ \end_layout @@ -17846,22 +16543,18 @@ getaddrinfo(3) \end_layout \begin_layout Code - int getaddrinfo( const char *node, \end_layout \begin_layout Code - const char *service, \end_layout \begin_layout Code - const struct addrinfo *hints, \end_layout \begin_layout Code - struct addrinfo **res ); \end_layout @@ -17920,57 +16613,46 @@ struct addrinfo \end_layout \begin_layout Code - struct addrinfo \end_layout \begin_layout Code - { \end_layout \begin_layout Code - int ai_flags; \end_layout \begin_layout Code - int ai_family; \end_layout \begin_layout Code - int ai_socktype; \end_layout \begin_layout Code - int ai_protocol; \end_layout \begin_layout Code - socklen_t ai_addrlen; \end_layout \begin_layout Code - struct sockaddr *ai_addr; \end_layout \begin_layout Code - char *ai_canonname; \end_layout \begin_layout Code - struct addrinfo *ai_next; \end_layout \begin_layout Code - }; \end_layout @@ -18379,37 +17061,30 @@ struct sockaddr \end_layout \begin_layout Code - int getnameinfo( const struct sockaddr *sa, \end_layout \begin_layout Code - socklen_t salen, \end_layout \begin_layout Code - char *host, \end_layout \begin_layout Code - size_t hostlen, \end_layout \begin_layout Code - char *serv, \end_layout \begin_layout Code - size_t servlen, \end_layout \begin_layout Code - int flags ); \end_layout @@ -18508,7 +17183,6 @@ For security reasons that this author won't pretend to understand, "IPv4 \end_layout \begin_layout Code - ::ffff:192.0.2.1 \end_layout @@ -18579,22 +17253,18 @@ It is possible to assign a hostname to an IPv6 network address in \end_layout \begin_layout Code - ::1 localhost \end_layout \begin_layout Code - 127.0.0.1 localhost \end_layout \begin_layout Code - fe80::2c0:8cff:fe01:2345 pt141 \end_layout \begin_layout Code - 192.0.2.1 pt141 \end_layout @@ -18699,7 +17369,6 @@ The server code is found in file tod6d.c (time-of-day IPv6 daemon). \end_layout \begin_layout Code - tod6d [-v] [service] \end_layout @@ -18726,314 +17395,257 @@ The server handles both TCP and UDP requests on the network. \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * File: tod6d.c \end_layout \begin_layout Code - * Description: Contains source code for an IPv6-capable 'daytime' server. \end_layout \begin_layout Code - * Author: John Wenker, Sr. Software Engineer, \end_layout \begin_layout Code - * Performance Technologies, San Diego, USA \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** System header files. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #include /* errno declaration & error codes. */ \end_layout \begin_layout Code - #include /* getaddrinfo(3) et al. */ \end_layout \begin_layout Code - #include /* sockaddr_in & sockaddr_in6 definition. */ \end_layout \begin_layout Code - #include /* printf(3) et al. */ \end_layout \begin_layout Code - #include /* exit(2). */ \end_layout \begin_layout Code - #include /* String manipulation & memory functions. */ \end_layout \begin_layout Code - #include /* poll(2) and related definitions. */ \end_layout \begin_layout Code - #include /* Socket functions (socket(2), bind(2), etc). */ \end_layout \begin_layout Code - #include /* time(2) & ctime(3). */ \end_layout \begin_layout Code - #include /* getopt(3), read(2), etc. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Constants. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #define DFLT_SERVICE "daytime" /* Default service name. */ \end_layout \begin_layout Code - #define INVALID_DESC -1 /* Invalid file descriptor. */ \end_layout \begin_layout Code - #define MAXCONNQLEN 3 /* Max nbr of connection requests to queue. */ \end_layout \begin_layout Code - #define MAXTCPSCKTS 2 /* One TCP socket for IPv4 & one for IPv6. */ \end_layout \begin_layout Code - #define MAXUDPSCKTS 2 /* One UDP socket for IPv4 & one for IPv6. */ \end_layout \begin_layout Code - #define VALIDOPTS "v" /* Valid command options. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Simple boolean type definition. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - typedef enum { false = 0, true } boolean; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Prototypes for internal helper functions. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static int openSckt( const char *service, \end_layout \begin_layout Code - const char *protocol, \end_layout \begin_layout Code - int desc[ ], \end_layout \begin_layout Code - size_t *descSize ); \end_layout \begin_layout Code - static void tod( int tSckt[ ], \end_layout \begin_layout Code - size_t tScktSize, \end_layout \begin_layout Code - int uSckt[ ], \end_layout \begin_layout Code - size_t uScktSize ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Global (within this file only) data objects. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static char hostBfr[ NI_MAXHOST ]; /* For use w/getnameinfo(3). */ \end_layout \begin_layout Code - static const char *pgmName; /* Program name w/o dir prefix. */ \end_layout \begin_layout Code - static char servBfr[ NI_MAXSERV ]; /* For use w/getnameinfo(3). */ \end_layout \begin_layout Code - static boolean verbose = false; /* Verbose mode indication. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Usage macro for command syntax violations. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #define USAGE \backslash \end_layout \begin_layout Code - { \backslash \end_layout \begin_layout Code - fprintf( stderr, \backslash \end_layout \begin_layout Code - "Usage: %s [-v] [service] \backslash n", @@ -19042,44 +17654,37 @@ n", \end_layout \begin_layout Code - pgmName ); \backslash \end_layout \begin_layout Code - exit( 127 ); \backslash \end_layout \begin_layout Code - } /* End USAGE macro. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Macro to terminate the program if a system call error occurs. The system \end_layout \begin_layout Code - ** call must be one of the usual type that returns -1 on error. This macro is \end_layout \begin_layout Code - ** a modified version of a macro authored by Dr. V. Vinge, SDSU Dept. @@ -19087,66 +17692,56 @@ n", \end_layout \begin_layout Code - ** Computer Science (retired)... best professor I ever had. I hear he writes \end_layout \begin_layout Code - ** great science fiction in addition to robust code, too. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #define CHK(expr) \backslash \end_layout \begin_layout Code - do \backslash \end_layout \begin_layout Code - { \backslash \end_layout \begin_layout Code - if ( (expr) == -1 ) \backslash \end_layout \begin_layout Code - { \backslash \end_layout \begin_layout Code - fprintf( stderr, \backslash \end_layout \begin_layout Code - "%s (line %d): System call ERROR - %s. \backslash n", @@ -19155,35 +17750,30 @@ n", \end_layout \begin_layout Code - pgmName, \backslash \end_layout \begin_layout Code - __LINE__, \backslash \end_layout \begin_layout Code - strerror( errno ) ); \backslash \end_layout \begin_layout Code - exit( 1 ); \backslash \end_layout \begin_layout Code - } /* End IF system call failed. */ \backslash @@ -19191,436 +17781,352 @@ n", \end_layout \begin_layout Code - } while ( false ) \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: main \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Set up a time-of-day server and handle network requests. This server \end_layout \begin_layout Code - * handles both TCP and UDP requests. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * The usual argc and argv parameters to a main() function. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: \end_layout \begin_layout Code - * This is a daemon program and never returns. However, in the degenerate \end_layout \begin_layout Code - * case where no sockets are created, the function returns zero. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - int main( int argc, \end_layout \begin_layout Code - char *argv[ ] ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - int opt; \end_layout \begin_layout Code - const char *service = DFLT_SERVICE; \end_layout \begin_layout Code - int tSckt[ MAXTCPSCKTS ]; /* Array of TCP socket descriptors. */ \end_layout \begin_layout Code - size_t tScktSize = MAXTCPSCKTS; /* Size of uSckt (# of elements). */ \end_layout \begin_layout Code - int uSckt[ MAXUDPSCKTS ]; /* Array of UDP socket descriptors. */ \end_layout \begin_layout Code - size_t uScktSize = MAXUDPSCKTS; /* Size of uSckt (# of elements). */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Set the program name (w/o directory prefix). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - pgmName = strrchr( argv[ 0 ], '/' ); \end_layout \begin_layout Code - pgmName = pgmName == NULL ? argv[ 0 ] : pgmName + 1; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Process command options. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - opterr = 0; /* Turns off "invalid option" error messages. */ \end_layout \begin_layout Code - while ( ( opt = getopt( argc, argv, VALIDOPTS ) ) >= 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - switch ( opt ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case 'v': /* Verbose mode. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - verbose = true; \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - default: \end_layout \begin_layout Code - { \end_layout \begin_layout Code - USAGE; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End SWITCH on command option. */ \end_layout \begin_layout Code - } /* End WHILE processing options. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Process command line arguments. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - switch ( argc - optind ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case 0: break; \end_layout \begin_layout Code - case 1: service = argv[ optind ]; break; \end_layout \begin_layout Code - default: USAGE; \end_layout \begin_layout Code - } /* End SWITCH on number of command line arguments. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Open both a TCP and UDP socket, for both IPv4 & IPv6, on which to receive \end_layout \begin_layout Code - ** service requests. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ( openSckt( service, "tcp", tSckt, &tScktSize ) < 0 ) || \end_layout \begin_layout Code - ( openSckt( service, "udp", uSckt, &uScktSize ) < 0 ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - exit( 1 ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Run the time-of-day server. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ( tScktSize > 0 ) || ( uScktSize > 0 ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - tod( tSckt, /* tod() never returns. */ \end_layout \begin_layout Code - tScktSize, \end_layout \begin_layout Code - uSckt, \end_layout \begin_layout Code - uScktSize ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Since tod() never returns, execution only gets here if no sockets were \end_layout \begin_layout Code - ** created. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s: No sockets opened... terminating. \backslash @@ -19628,354 +18134,286 @@ n", \end_layout \begin_layout Code - pgmName ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - return 0; \end_layout \begin_layout Code - } /* End main() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: openSckt \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Open passive (server) sockets for the indicated inet service & protocol. \end_layout \begin_layout Code - * Notice in the last sentence that "sockets" is plural. During the interim \end_layout \begin_layout Code - * transition period while everyone is switching over to IPv6, the server \end_layout \begin_layout Code - * application has to open two sockets on which to listen for connections... \end_layout \begin_layout Code - * one for IPv4 traffic and one for IPv6 traffic. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * service - Pointer to a character string representing the well-known port \end_layout \begin_layout Code - * on which to listen (can be a service name or a decimal number). \end_layout \begin_layout Code - * protocol - Pointer to a character string representing the transport layer \end_layout \begin_layout Code - * protocol (only "tcp" or "udp" are valid). \end_layout \begin_layout Code - * desc - Pointer to an array into which the socket descriptors are \end_layout \begin_layout Code - * placed when opened. \end_layout \begin_layout Code - * descSize - This is a value-result parameter. On input, it contains the \end_layout \begin_layout Code - * max number of descriptors that can be put into 'desc' (i.e. the \end_layout \begin_layout Code - * number of elements in the array). Upon return, it will contain \end_layout \begin_layout Code - * the number of descriptors actually opened. Any unused slots in \end_layout \begin_layout Code - * 'desc' are set to INVALID_DESC. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: \end_layout \begin_layout Code - * 0 on success, -1 on error. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - static int openSckt( const char *service, \end_layout \begin_layout Code - const char *protocol, \end_layout \begin_layout Code - int desc[ ], \end_layout \begin_layout Code - size_t *descSize ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct addrinfo *ai; \end_layout \begin_layout Code - int aiErr; \end_layout \begin_layout Code - struct addrinfo *aiHead; \end_layout \begin_layout Code - struct addrinfo hints = { .ai_flags = AI_PASSIVE, /* Server mode. \end_layout \begin_layout Code - ¬ */ \end_layout \begin_layout Code - .ai_family = PF_UNSPEC }; /* IPv4 or IPv6. \end_layout \begin_layout Code - ¬ */ \end_layout \begin_layout Code - size_t maxDescs = *descSize; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Initialize output parameters. When the loop completes, *descSize is 0. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - while ( *descSize > 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - desc[ --( *descSize ) ] = INVALID_DESC; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Check which protocol is selected (only TCP and UDP are valid). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( strcmp( protocol, "tcp" ) == 0 ) /* TCP protocol. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - hints.ai_socktype = SOCK_STREAM; \end_layout \begin_layout Code - hints.ai_protocol = IPPROTO_TCP; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - else if ( strcmp( protocol, "udp" ) == 0 ) /* UDP protocol. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - hints.ai_socktype = SOCK_DGRAM; \end_layout \begin_layout Code - hints.ai_protocol = IPPROTO_UDP; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - else /* Invalid protocol. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - Unknown transport " \end_layout \begin_layout Code - "layer protocol \backslash "%s @@ -19986,235 +18424,191 @@ n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - protocol ); \end_layout \begin_layout Code - return -1; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Look up the service's well-known port number. Notice that NULL is being \end_layout \begin_layout Code - ** passed for the 'node' parameter, and that the AI_PASSIVE flag is set in \end_layout \begin_layout Code - ** 'hints'. Thus, the program is requesting passive address information. \end_layout \begin_layout Code - ** The network address is initialized to :: (all zeros) for IPv6 records, or \end_layout \begin_layout Code - ** 0.0.0.0 for IPv4 records. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ( aiErr = getaddrinfo( NULL, \end_layout \begin_layout Code - service, \end_layout \begin_layout Code - &hints, \end_layout \begin_layout Code - &aiHead ) ) != 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - %s. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - gai_strerror( aiErr ) ); \end_layout \begin_layout Code - return -1; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** For each of the address records returned, attempt to set up a passive \end_layout \begin_layout Code - ** socket. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - for ( ai = aiHead; \end_layout \begin_layout Code - ( ai != NULL ) && ( *descSize < maxDescs ); \end_layout \begin_layout Code - ai = ai->ai_next ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - if ( verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the current address info. Start with the protocol- \end_layout \begin_layout Code - ** independent fields first. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "Setting up a passive socket based on the " \end_layout \begin_layout Code - "following address info: \backslash n" \end_layout \begin_layout Code - " ai_flags = 0x%02X \backslash n" \end_layout \begin_layout Code - " ai_family = %d (PF_INET = %d, PF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM = %d) \backslash @@ -20222,7 +18616,6 @@ n" \end_layout \begin_layout Code - " ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP = %d) \backslash @@ -20230,629 +18623,512 @@ n" \end_layout \begin_layout Code - " ai_addrlen = %d (sockaddr_in = %d, " \end_layout \begin_layout Code - "sockaddr_in6 = %d) \backslash n", \end_layout \begin_layout Code - ai->ai_flags, \end_layout \begin_layout Code - ai->ai_family, \end_layout \begin_layout Code - PF_INET, \end_layout \begin_layout Code - PF_INET6, \end_layout \begin_layout Code - ai->ai_socktype, \end_layout \begin_layout Code - SOCK_STREAM, \end_layout \begin_layout Code - SOCK_DGRAM, \end_layout \begin_layout Code - ai->ai_protocol, \end_layout \begin_layout Code - IPPROTO_TCP, \end_layout \begin_layout Code - IPPROTO_UDP, \end_layout \begin_layout Code - ai->ai_addrlen, \end_layout \begin_layout Code - sizeof( struct sockaddr_in ), \end_layout \begin_layout Code - sizeof( struct sockaddr_in6 ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Now display the protocol-specific formatted socket address. Note \end_layout \begin_layout Code - ** that the program is requesting that getnameinfo(3) convert the \end_layout \begin_layout Code - ** host & service into numeric strings. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - getnameinfo( ai->ai_addr, \end_layout \begin_layout Code - ai->ai_addrlen, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - sizeof( hostBfr ), \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - sizeof( servBfr ), \end_layout \begin_layout Code - NI_NUMERICHOST | NI_NUMERICSERV ); \end_layout \begin_layout Code - switch ( ai->ai_family ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case PF_INET: /* IPv4 address record. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct sockaddr_in *p = (struct sockaddr_in*) ai->ai_addr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " ai_addr = sin_family: %d (AF_INET = %d, " \end_layout \begin_layout Code - "AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " sin_addr: %s \backslash n" \end_layout \begin_layout Code - " sin_port: %s \backslash n", \end_layout \begin_layout Code - p->sin_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv4. */ \end_layout \begin_layout Code - case PF_INET6: /* IPv6 address record. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct sockaddr_in6 *p = (struct sockaddr_in6*) ai->ai_addr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " ai_addr = sin6_family: %d (AF_INET = %d, " \end_layout \begin_layout Code - "AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " sin6_addr: %s \backslash n" \end_layout \begin_layout Code - " sin6_port: %s \backslash n" \end_layout \begin_layout Code - " sin6_flowinfo: %d \backslash n" \end_layout \begin_layout Code - " sin6_scope_id: %d \backslash n", \end_layout \begin_layout Code - p->sin6_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - p->sin6_flowinfo, \end_layout \begin_layout Code - p->sin6_scope_id ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv6. */ \end_layout \begin_layout Code - default: /* Can never get here, but just for completeness. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - Unknown protocol family (%d). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - ai->ai_family ); \end_layout \begin_layout Code - freeaddrinfo( aiHead ); \end_layout \begin_layout Code - return -1; \end_layout \begin_layout Code - } /* End DEFAULT case (unknown protocol family). */ \end_layout \begin_layout Code - } /* End SWITCH on protocol family. */ \end_layout \begin_layout Code - } /* End IF verbose mode. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Create a socket using the info in the addrinfo structure. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - CHK( desc[ *descSize ] = socket( ai->ai_family, \end_layout \begin_layout Code - ai->ai_socktype, \end_layout \begin_layout Code - ai->ai_protocol ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Here is the code that prevents "IPv4 mapped addresses", as discussed \end_layout \begin_layout Code - ** in Section 22.1.3.1. If an IPv6 socket was just created, then set the \end_layout \begin_layout Code - ** IPV6_V6ONLY socket option. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ai->ai_family == PF_INET6 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - #if defined( IPV6_V6ONLY ) \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Disable IPv4 mapped addresses. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - int v6Only = 1; \end_layout \begin_layout Code - CHK( setsockopt( desc[ *descSize ], \end_layout \begin_layout Code - IPPROTO_IPV6, \end_layout \begin_layout Code - IPV6_V6ONLY, \end_layout \begin_layout Code - &v6Only, \end_layout \begin_layout Code - sizeof( v6Only ) ) ); \end_layout \begin_layout Code - #else \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** IPV6_V6ONLY is not defined, so the socket option can't be set and \end_layout \begin_layout Code - ** thus IPv4 mapped addresses can't be disabled. Print a warning \end_layout \begin_layout Code - ** message and close the socket. Design note: If the \end_layout \begin_layout Code - ** #if...#else...#endif construct were removed, then this program \end_layout \begin_layout Code - ** would not compile (because IPV6_V6ONLY isn't defined). That's an \end_layout \begin_layout Code - ** acceptable approach; IPv4 mapped addresses are certainly disabled \end_layout \begin_layout Code - ** if the program can't build! However, since this program is also \end_layout \begin_layout Code - ** designed to work for IPv4 sockets as well as IPv6, I decided to \end_layout \begin_layout Code - ** allow the program to compile when IPV6_V6ONLY is not defined, and \end_layout \begin_layout Code - ** turn it into a run-time warning rather than a compile-time error. \end_layout \begin_layout Code - ** IPv4 mapped addresses are still disabled because _all_ IPv6 traffic \end_layout \begin_layout Code - ** is disabled (all IPv6 sockets are closed here), but at least this \end_layout \begin_layout Code - ** way the server can still service IPv4 network traffic. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): WARNING - Cannot set IPV6_V6ONLY socket " \end_layout \begin_layout Code - "option. Closing IPv6 %s socket. \backslash @@ -20860,690 +19136,556 @@ n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - ai->ai_protocol == IPPROTO_TCP ? "TCP" : "UDP" ); \end_layout \begin_layout Code - CHK( close( desc[ *descSize ] ) ); \end_layout \begin_layout Code - continue; /* Go to top of FOR loop w/o updating *descSize! */ \end_layout \begin_layout Code - #endif /* IPV6_V6ONLY */ \end_layout \begin_layout Code - } /* End IF this is an IPv6 socket. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Bind the socket. Again, the info from the addrinfo structure is used. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - CHK( bind( desc[ *descSize ], \end_layout \begin_layout Code - ai->ai_addr, \end_layout \begin_layout Code - ai->ai_addrlen ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** If this is a TCP socket, put the socket into passive listening mode \end_layout \begin_layout Code - ** (listen is only valid on connection-oriented sockets). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ai->ai_socktype == SOCK_STREAM ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - CHK( listen( desc[ *descSize ], \end_layout \begin_layout Code - MAXCONNQLEN ) ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Socket set up okay. Bump index to next descriptor array element. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - *descSize += 1; \end_layout \begin_layout Code - } /* End FOR each address info structure returned. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Dummy check for unused address records. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( verbose && ( ai != NULL ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): WARNING - Some address records were " \end_layout \begin_layout Code - "not processed due to insufficient array space. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__ ); \end_layout \begin_layout Code - } /* End IF verbose and some address records remain unprocessed. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Clean up. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - freeaddrinfo( aiHead ); \end_layout \begin_layout Code - return 0; \end_layout \begin_layout Code - } /* End openSckt() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: tod \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Listen on a set of sockets and send the current time-of-day to any \end_layout \begin_layout Code - * clients. This function never returns. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * tSckt - Array of TCP socket descriptors on which to listen. \end_layout \begin_layout Code - * tScktSize - Size of the tSckt array (nbr of elements). \end_layout \begin_layout Code - * uSckt - Array of UDP socket descriptors on which to listen. \end_layout \begin_layout Code - * uScktSize - Size of the uSckt array (nbr of elements). \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: None. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - static void tod( int tSckt[ ], \end_layout \begin_layout Code - size_t tScktSize, \end_layout \begin_layout Code - int uSckt[ ], \end_layout \begin_layout Code - size_t uScktSize ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - char bfr[ 256 ]; \end_layout \begin_layout Code - ssize_t count; \end_layout \begin_layout Code - struct pollfd *desc; \end_layout \begin_layout Code - size_t descSize = tScktSize + uScktSize; \end_layout \begin_layout Code - int idx; \end_layout \begin_layout Code - int newSckt; \end_layout \begin_layout Code - struct sockaddr *sadr; \end_layout \begin_layout Code - socklen_t sadrLen; \end_layout \begin_layout Code - struct sockaddr_storage sockStor; \end_layout \begin_layout Code - int status; \end_layout \begin_layout Code - size_t timeLen; \end_layout \begin_layout Code - char *timeStr; \end_layout \begin_layout Code - time_t timeVal; \end_layout \begin_layout Code - ssize_t wBytes; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Allocate memory for the poll(2) array. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - desc = malloc( descSize * sizeof( struct pollfd ) ); \end_layout \begin_layout Code - if ( desc == NULL ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - %s. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - strerror( ENOMEM ) ); \end_layout \begin_layout Code - exit( 1 ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Initialize the poll(2) array. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - for ( idx = 0; idx < descSize; idx++ ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - desc[ idx ].fd = idx < tScktSize ? tSckt[ idx ] \end_layout \begin_layout Code - : uSckt[ idx - tScktSize ]; \end_layout \begin_layout Code - desc[ idx ].events = POLLIN; \end_layout \begin_layout Code - desc[ idx ].revents = 0; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Main time-of-day server loop. Handles both TCP & UDP requests. This is \end_layout \begin_layout Code - ** an interative server, and all requests are handled directly within the \end_layout \begin_layout Code - ** main loop. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - while ( true ) /* Do forever. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Wait for activity on one of the sockets. The DO..WHILE construct is \end_layout \begin_layout Code - ** used to restart the system call in the event the process is \end_layout \begin_layout Code - ** interrupted by a signal. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - do \end_layout \begin_layout Code - { \end_layout \begin_layout Code - status = poll( desc, \end_layout \begin_layout Code - descSize, \end_layout \begin_layout Code - -1 /* Wait indefinitely for input. */ ); \end_layout \begin_layout Code - } while ( ( status < 0 ) && ( errno == EINTR ) ); \end_layout \begin_layout Code - CHK( status ); /* Check for a bona fide system call error. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Get the current time. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - timeVal = time( NULL ); \end_layout \begin_layout Code - timeStr = ctime( &timeVal ); \end_layout \begin_layout Code - timeLen = strlen( timeStr ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Indicate that there is new network activity. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - char *s = malloc( timeLen+1 ); \end_layout \begin_layout Code - strcpy( s, timeStr ); \end_layout \begin_layout Code - s[ timeLen-1 ] = ' \backslash 0'; /* Overwrite ' @@ -21553,913 +19695,743 @@ n' in date string. \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s: New network activity on %s. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - s ); \end_layout \begin_layout Code - free( s ); \end_layout \begin_layout Code - } /* End IF verbose. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Process sockets with input available. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - for ( idx = 0; idx < descSize; idx++ ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - switch ( desc[ idx ].revents ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case 0: /* No activity on this socket; try the next. */ \end_layout \begin_layout Code - continue; \end_layout \begin_layout Code - case POLLIN: /* Network activity. Go process it. */ \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - default: /* Invalid poll events. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - Invalid poll event (0x%02X). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - desc[ idx ].revents ); \end_layout \begin_layout Code - exit( 1 ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End SWITCH on returned poll events. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Determine if this is a TCP request or UDP request. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( idx < tScktSize ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** TCP connection requested. Accept it. Notice the use of \end_layout \begin_layout Code - ** the sockaddr_storage data type. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - sadrLen = sizeof( sockStor ); \end_layout \begin_layout Code - sadr = (struct sockaddr*) &sockStor; \end_layout \begin_layout Code - CHK( newSckt = accept( desc[ idx ].fd, \end_layout \begin_layout Code - sadr, \end_layout \begin_layout Code - &sadrLen ) ); \end_layout \begin_layout Code - CHK( shutdown( newSckt, /* Server never recv's anything. */ \end_layout \begin_layout Code - SHUT_RD ) ); \end_layout \begin_layout Code - if ( verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the socket address of the remote client. Begin with \end_layout \begin_layout Code - ** the address-independent fields. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "Sockaddr info for new TCP client: \backslash n" \end_layout \begin_layout Code - " sa_family = %d (AF_INET = %d, AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " addr len = %d (sockaddr_in = %d, " \end_layout \begin_layout Code - "sockaddr_in6 = %d) \backslash n", \end_layout \begin_layout Code - sadr->sa_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - sadrLen, \end_layout \begin_layout Code - sizeof( struct sockaddr_in ), \end_layout \begin_layout Code - sizeof( struct sockaddr_in6 ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the address-specific fields. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - getnameinfo( sadr, \end_layout \begin_layout Code - sadrLen, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - sizeof( hostBfr ), \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - sizeof( servBfr ), \end_layout \begin_layout Code - NI_NUMERICHOST | NI_NUMERICSERV ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Notice that we're switching on an address family now, not a \end_layout \begin_layout Code - ** protocol family. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - switch ( sadr->sa_family ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case AF_INET: /* IPv4 address. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct sockaddr_in *p = (struct sockaddr_in*) sadr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " sin_addr = sin_family: %d \backslash n" \end_layout \begin_layout Code - " sin_addr: %s \backslash n" \end_layout \begin_layout Code - " sin_port: %s \backslash n", \end_layout \begin_layout Code - p->sin_family, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv4. */ \end_layout \begin_layout Code - case AF_INET6: /* IPv6 address. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct sockaddr_in6 *p = (struct sockaddr_in6*) sadr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " sin6_addr = sin6_family: %d \backslash n" \end_layout \begin_layout Code - " sin6_addr: %s \backslash n" \end_layout \begin_layout Code - " sin6_port: %s \backslash n" \end_layout \begin_layout Code - " sin6_flowinfo: %d \backslash n" \end_layout \begin_layout Code - " sin6_scope_id: %d \backslash n", \end_layout \begin_layout Code - p->sin6_family, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - p->sin6_flowinfo, \end_layout \begin_layout Code - p->sin6_scope_id ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv6. */ \end_layout \begin_layout Code - default: /* Can never get here, but for completeness. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - Unknown address " \end_layout \begin_layout Code - "family (%d). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - sadr->sa_family ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End DEFAULT case (unknown address family). */ \end_layout \begin_layout Code - } /* End SWITCH on address family. */ \end_layout \begin_layout Code - } /* End IF verbose mode. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Send the TOD to the client. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - wBytes = timeLen; \end_layout \begin_layout Code - while ( wBytes > 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - do \end_layout \begin_layout Code - { \end_layout \begin_layout Code - count = write( newSckt, \end_layout \begin_layout Code - timeStr, \end_layout \begin_layout Code - wBytes ); \end_layout \begin_layout Code - } while ( ( count < 0 ) && ( errno == EINTR ) ); \end_layout \begin_layout Code - CHK( count ); /* Check for a bona fide error. */ \end_layout \begin_layout Code - wBytes -= count; \end_layout \begin_layout Code - } /* End WHILE there is data to send. */ \end_layout \begin_layout Code - CHK( close( newSckt ) ); \end_layout \begin_layout Code - } /* End IF this was a TCP connection request. */ \end_layout \begin_layout Code - else \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** This is a UDP socket, and a datagram is available. The funny \end_layout \begin_layout Code - ** thing about UDP requests is that this server doesn't require any \end_layout \begin_layout Code - ** client input; but it can't send the TOD unless it knows a client \end_layout \begin_layout Code - ** wants the data, and the only way that can occur with UDP is if \end_layout \begin_layout Code - ** the server receives a datagram from the client. Thus, the \end_layout \begin_layout Code - ** server must receive _something_, but the content of the datagram \end_layout \begin_layout Code - ** is irrelevant. Read in the datagram. Again note the use of \end_layout \begin_layout Code - ** sockaddr_storage to receive the address. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - sadrLen = sizeof( sockStor ); \end_layout \begin_layout Code - sadr = (struct sockaddr*) &sockStor; \end_layout \begin_layout Code - CHK( count = recvfrom( desc[ idx ].fd, \end_layout \begin_layout Code - bfr, \end_layout \begin_layout Code - sizeof( bfr ), \end_layout \begin_layout Code - 0, \end_layout \begin_layout Code - sadr, \end_layout \begin_layout Code - &sadrLen ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display whatever was received on stdout. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - ssize_t rBytes = count; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s: UDP datagram received (%d bytes). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - count ); \end_layout \begin_layout Code - while ( count > 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fputc( bfr[ rBytes - count-- ], \end_layout \begin_layout Code - stdout ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - if ( bfr[ rBytes-1 ] != ' \backslash n' ) \end_layout \begin_layout Code - fputc( ' \backslash n', stdout ); /* Newline also flushes stdout. @@ -22467,493 +20439,403 @@ n', stdout ); /* Newline also flushes stdout. \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the socket address of the remote client. Address- \end_layout \begin_layout Code - ** independent fields first. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "Remote client's sockaddr info: \backslash n" \end_layout \begin_layout Code - " sa_family = %d (AF_INET = %d, AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " addr len = %d (sockaddr_in = %d, " \end_layout \begin_layout Code - "sockaddr_in6 = %d) \backslash n", \end_layout \begin_layout Code - sadr->sa_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - sadrLen, \end_layout \begin_layout Code - sizeof( struct sockaddr_in ), \end_layout \begin_layout Code - sizeof( struct sockaddr_in6 ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the address-specific information. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - getnameinfo( sadr, \end_layout \begin_layout Code - sadrLen, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - sizeof( hostBfr ), \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - sizeof( servBfr ), \end_layout \begin_layout Code - NI_NUMERICHOST | NI_NUMERICSERV ); \end_layout \begin_layout Code - switch ( sadr->sa_family ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case AF_INET: /* IPv4 address. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct sockaddr_in *p = (struct sockaddr_in*) sadr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " sin_addr = sin_family: %d \backslash n" \end_layout \begin_layout Code - " sin_addr: %s \backslash n" \end_layout \begin_layout Code - " sin_port: %s \backslash n", \end_layout \begin_layout Code - p->sin_family, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv4 address. */ \end_layout \begin_layout Code - case AF_INET6: /* IPv6 address. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct sockaddr_in6 *p = (struct sockaddr_in6*) sadr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " sin6_addr = sin6_family: %d \backslash n" \end_layout \begin_layout Code - " sin6_addr: %s \backslash n" \end_layout \begin_layout Code - " sin6_port: %s \backslash n" \end_layout \begin_layout Code - " sin6_flowinfo: %d \backslash n" \end_layout \begin_layout Code - " sin6_scope_id: %d \backslash n", \end_layout \begin_layout Code - p->sin6_family, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - p->sin6_flowinfo, \end_layout \begin_layout Code - p->sin6_scope_id ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv6 address. */ \end_layout \begin_layout Code - default: /* Can never get here, but for completeness. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - Unknown address " \end_layout \begin_layout Code - "family (%d). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - sadr->sa_family ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End DEFAULT case (unknown address family). */ \end_layout \begin_layout Code - } /* End SWITCH on address family. */ \end_layout \begin_layout Code - } /* End IF verbose mode. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Send the time-of-day to the client. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - wBytes = timeLen; \end_layout \begin_layout Code - while ( wBytes > 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - do \end_layout \begin_layout Code - { \end_layout \begin_layout Code - count = sendto( desc[ idx ].fd, \end_layout \begin_layout Code - timeStr, \end_layout \begin_layout Code - wBytes, \end_layout \begin_layout Code - 0, \end_layout \begin_layout Code - sadr, /* Address & address length */ \end_layout \begin_layout Code - sadrLen ); /* received in recvfrom(). */ \end_layout \begin_layout Code - } while ( ( count < 0 ) && ( errno == EINTR ) ); \end_layout \begin_layout Code - CHK( count ); /* Check for a bona fide error. */ \end_layout \begin_layout Code - wBytes -= count; \end_layout \begin_layout Code - } /* End WHILE there is data to send. */ \end_layout \begin_layout Code - } /* End ELSE a UDP datagram is available. */ \end_layout \begin_layout Code - desc[ idx ].revents = 0; /* Clear the returned poll events. */ \end_layout \begin_layout Code - } /* End FOR each socket descriptor. */ \end_layout \begin_layout Code - } /* End WHILE forever. */ \end_layout \begin_layout Code - } /* End tod() */ \end_layout @@ -22968,7 +20850,6 @@ The TCP client code is found in file tod6tc.c (time-of-day IPv6 TCP client). \end_layout \begin_layout Code - tod6tc [-v] [-s scope_id] [host [service]] \end_layout @@ -23009,265 +20890,216 @@ The TCP client source code contained in tod6tc.c follows: \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * File: tod6tc.c \end_layout \begin_layout Code - * Description: Contains source code for an IPv6-capable 'daytime' TCP client. \end_layout \begin_layout Code - * Author: John Wenker, Sr. Software Engineer \end_layout \begin_layout Code - * Performance Technologies, San Diego, USA \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** System header files. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #include /* errno declaration and error codes. */ \end_layout \begin_layout Code - #include /* if_nametoindex(3). */ \end_layout \begin_layout Code - #include /* getaddrinfo(3) and associated definitions. */ \end_layout \begin_layout Code - #include /* sockaddr_in and sockaddr_in6 definitions. */ \end_layout \begin_layout Code - #include /* printf(3) et al. */ \end_layout \begin_layout Code - #include /* exit(2). */ \end_layout \begin_layout Code - #include /* String manipulation and memory functions. */ \end_layout \begin_layout Code - #include /* Socket functions (socket(2), connect(2), etc). */ \end_layout \begin_layout Code - #include /* getopt(3), read(2), etc. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Constants & macros. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #define DFLT_HOST "localhost" /* Default server name. */ \end_layout \begin_layout Code - #define DFLT_SCOPE_ID "eth0" /* Default scope identifier. */ \end_layout \begin_layout Code - #define DFLT_SERVICE "daytime" /* Default service name. */ \end_layout \begin_layout Code - #define INVALID_DESC -1 /* Invalid file (socket) descriptor. */ \end_layout \begin_layout Code - #define MAXBFRSIZE 256 /* Max bfr sz to read remote TOD. */ \end_layout \begin_layout Code - #define VALIDOPTS "s:v" /* Valid command options. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Type definitions (for convenience). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - typedef enum { false = 0, true } boolean; \end_layout \begin_layout Code - typedef struct sockaddr_in sockaddr_in_t; \end_layout \begin_layout Code - typedef struct sockaddr_in6 sockaddr_in6_t; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Prototypes for internal helper functions. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static int openSckt( const char *host, \end_layout \begin_layout Code - const char *service, \end_layout \begin_layout Code - unsigned int scopeId ); \end_layout \begin_layout Code - static void tod( int sckt ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Global (within this file only) data objects. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static const char *pgmName; /* Program name (w/o directory). */ \end_layout \begin_layout Code - static boolean verbose = false; /* Verbose mode. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Usage macro. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #define USAGE \backslash @@ -23275,7 +21107,6 @@ static boolean verbose = false; /* Verbose mode. \end_layout \begin_layout Code - { \backslash @@ -23283,7 +21114,6 @@ static boolean verbose = false; /* Verbose mode. \end_layout \begin_layout Code - fprintf( stderr, \backslash @@ -23291,7 +21121,6 @@ static boolean verbose = false; /* Verbose mode. \end_layout \begin_layout Code - "Usage: %s [-v] [-s scope_id] [host [service]] \backslash n", @@ -23300,7 +21129,6 @@ n", \end_layout \begin_layout Code - pgmName ); \backslash @@ -23308,7 +21136,6 @@ n", \end_layout \begin_layout Code - exit( 127 ); \backslash @@ -23316,24 +21143,20 @@ n", \end_layout \begin_layout Code - } /* End USAGE macro. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** This "macro" (even though it's really a function) is loosely based on the \end_layout \begin_layout Code - ** CHK() macro by Dr. V. Vinge (see server code). @@ -23341,669 +21164,540 @@ n", \end_layout \begin_layout Code - ** a boolean expression indicating the return code from one of the usual system \end_layout \begin_layout Code - ** calls that returns -1 on error. If a system call error occurred, an alert \end_layout \begin_layout Code - ** is written to stderr. It returns a boolean value indicating success/failure \end_layout \begin_layout Code - ** of the system call. \end_layout \begin_layout Code - ** \end_layout \begin_layout Code - ** Example: if ( !SYSCALL( "write", \end_layout \begin_layout Code - ** count = write( fd, bfr, size ) ) ) \end_layout \begin_layout Code - ** { \end_layout \begin_layout Code - ** // Error processing... but SYSCALL() will have already taken \end_layout \begin_layout Code - ** // care of dumping an error alert to stderr. \end_layout \begin_layout Code - ** } \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static __inline boolean SYSCALL( const char *syscallName, \end_layout \begin_layout Code - int lineNbr, \end_layout \begin_layout Code - int status ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - if ( ( status == -1 ) && verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): System call failed ('%s') - %s. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - lineNbr, \end_layout \begin_layout Code - syscallName, \end_layout \begin_layout Code - strerror( errno ) ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - return status != -1; /* True if the system call was successful. */ \end_layout \begin_layout Code - } /* End SYSCALL() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: main \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Connect to a remote time-of-day service and write the remote host's TOD to \end_layout \begin_layout Code - * stdout. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * The usual argc & argv parameters to a main() program. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: \end_layout \begin_layout Code - * This function always returns zero. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - int main( int argc, \end_layout \begin_layout Code - char *argv[ ] ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - const char *host = DFLT_HOST; \end_layout \begin_layout Code - int opt; \end_layout \begin_layout Code - int sckt; \end_layout \begin_layout Code - unsigned int scopeId = if_nametoindex( DFLT_SCOPE_ID ); \end_layout \begin_layout Code - const char *service = DFLT_SERVICE; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Determine the program name (w/o directory prefix). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - pgmName = (const char*) strrchr( argv[ 0 ], '/' ); \end_layout \begin_layout Code - pgmName = pgmName == NULL ? argv[ 0 ] : pgmName+1; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Process command line options. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - opterr = 0; /* Turns off "invalid option" error messages. */ \end_layout \begin_layout Code - while ( ( opt = getopt( argc, argv, VALIDOPTS ) ) != -1 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - switch ( opt ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case 's': /* Scope identifier (IPv6 kluge). */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - scopeId = if_nametoindex( optarg ); \end_layout \begin_layout Code - if ( scopeId == 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s: Unknown network interface (%s). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - optarg ); \end_layout \begin_layout Code - USAGE; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - case 'v': /* Verbose mode. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - verbose = true; \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - default: \end_layout \begin_layout Code - { \end_layout \begin_layout Code - USAGE; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End SWITCH on command option. */ \end_layout \begin_layout Code - } /* End WHILE processing command options. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Process command arguments. At the end of the above loop, optind is the \end_layout \begin_layout Code - ** index of the first NON-option argv element. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - switch ( argc - optind ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case 2: /* Both host & service are specified on the command line. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - service = argv[ optind + 1 ]; \end_layout \begin_layout Code - /***** Fall through *****/ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - case 1: /* Host is specified on the command line. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - host = argv[ optind ]; \end_layout \begin_layout Code - /***** Fall through *****/ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - case 0: /* Use default host & service. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - default: \end_layout \begin_layout Code - { \end_layout \begin_layout Code - USAGE; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End SWITCH on number of command arguments. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Open a connection to the indicated host/service. \end_layout \begin_layout Code - ** \end_layout \begin_layout Code - ** Note that if all three of the following conditions are met, then the \end_layout \begin_layout Code - ** scope identifier remains unresolved at this point. \end_layout \begin_layout Code - ** 1) The default network interface is unknown for some reason. \end_layout \begin_layout Code - ** 2) The -s option was not used on the command line. \end_layout \begin_layout Code - ** 3) An IPv6 "scoped address" was not specified for the hostname on the \end_layout \begin_layout Code - ** command line. \end_layout \begin_layout Code - ** If the above three conditions are met, then only an IPv4 socket can be \end_layout \begin_layout Code - ** opened (connect(2) fails without the scope ID properly set for IPv6 \end_layout \begin_layout Code - ** sockets). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ( sckt = openSckt( host, \end_layout \begin_layout Code - service, \end_layout \begin_layout Code - scopeId ) ) == INVALID_DESC ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s: Sorry... a connection could not be established. \backslash @@ -24011,646 +21705,524 @@ n", \end_layout \begin_layout Code - pgmName ); \end_layout \begin_layout Code - exit( 1 ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Get the remote time-of-day. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - tod( sckt ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Close the connection and terminate. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - (void) SYSCALL( "close", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - close( sckt ) ); \end_layout \begin_layout Code - return 0; \end_layout \begin_layout Code - } /* End main() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: openSckt \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Sets up a TCP connection to a remote server. Getaddrinfo(3) is used to \end_layout \begin_layout Code - * perform lookup functions and can return multiple address records (i.e. a \end_layout \begin_layout Code - * list of 'struct addrinfo' records). This function traverses the list and \end_layout \begin_layout Code - * tries to establish a connection to the remote server. The function ends \end_layout \begin_layout Code - * when either a connection has been established or all records in the list \end_layout \begin_layout Code - * have been processed. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * host - A pointer to a character string representing the hostname or IP \end_layout \begin_layout Code - * address (IPv4 or IPv6) of the remote server. \end_layout \begin_layout Code - * service - A pointer to a character string representing the service name or \end_layout \begin_layout Code - * well-known port number. \end_layout \begin_layout Code - * scopeId - For IPv6 sockets only. This is the index corresponding to the \end_layout \begin_layout Code - * network interface on which to set up the connection. This \end_layout \begin_layout Code - * parameter is ignored for IPv4 sockets or when an IPv6 "scoped \end_layout \begin_layout Code - * address" is specified in 'host' (i.e. where the colon-hex \end_layout \begin_layout Code - * network address is augmented with the scope ID). \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: \end_layout \begin_layout Code - * Returns the socket descriptor for the connection, or INVALID_DESC if all \end_layout \begin_layout Code - * address records have been processed and a connection could not be \end_layout \begin_layout Code - * established. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - static int openSckt( const char *host, \end_layout \begin_layout Code - const char *service, \end_layout \begin_layout Code - unsigned int scopeId ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct addrinfo *ai; \end_layout \begin_layout Code - int aiErr; \end_layout \begin_layout Code - struct addrinfo *aiHead; \end_layout \begin_layout Code - struct addrinfo hints; \end_layout \begin_layout Code - sockaddr_in6_t *pSadrIn6; \end_layout \begin_layout Code - int sckt; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Initialize the 'hints' structure for getaddrinfo(3). \end_layout \begin_layout Code - ** \end_layout \begin_layout Code - ** Notice that the 'ai_family' field is set to PF_UNSPEC, indicating to \end_layout \begin_layout Code - ** return both IPv4 and IPv6 address records for the host/service. Most of \end_layout \begin_layout Code - ** the time, the user isn't going to care whether an IPv4 connection or an \end_layout \begin_layout Code - ** IPv6 connection is established; the user simply wants to exchange data \end_layout \begin_layout Code - ** with the remote host and doesn't care how it's done. Sometimes, however, \end_layout \begin_layout Code - ** the user might want to explicitly specify the type of underlying socket. \end_layout \begin_layout Code - ** It is left as an exercise for the motivated reader to add a command line \end_layout \begin_layout Code - ** option allowing the user to specify the IP protocol, and then process the \end_layout \begin_layout Code - ** list of addresses accordingly (it's not that difficult). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - memset( &hints, 0, sizeof( hints ) ); \end_layout \begin_layout Code - hints.ai_family = PF_UNSPEC; /* IPv4 or IPv6 records (don't care). */ \end_layout \begin_layout Code - hints.ai_socktype = SOCK_STREAM; /* Connection-oriented byte stream. */ \end_layout \begin_layout Code - hints.ai_protocol = IPPROTO_TCP; /* TCP transport layer protocol only. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Look up the host/service information. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ( aiErr = getaddrinfo( host, \end_layout \begin_layout Code - service, \end_layout \begin_layout Code - &hints, \end_layout \begin_layout Code - &aiHead ) ) != 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - %s. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - gai_strerror( aiErr ) ); \end_layout \begin_layout Code - return INVALID_DESC; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Go through the list and try to open a connection. Continue until either \end_layout \begin_layout Code - ** a connection is established or the entire list is exhausted. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - for ( ai = aiHead, sckt = INVALID_DESC; \end_layout \begin_layout Code - ( ai != NULL ) && ( sckt == INVALID_DESC ); \end_layout \begin_layout Code - ai = ai->ai_next ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** IPv6 kluge. Make sure the scope ID is set. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ai->ai_family == PF_INET6 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr; \end_layout \begin_layout Code - if ( pSadrIn6->sin6_scope_id == 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - pSadrIn6->sin6_scope_id = scopeId; \end_layout \begin_layout Code - } /* End IF the scope ID wasn't set. */ \end_layout \begin_layout Code - } /* End IPv6 kluge. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the address info for the remote host. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Temporary character string buffers for host & service. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - char hostBfr[ NI_MAXHOST ]; \end_layout \begin_layout Code - char servBfr[ NI_MAXSERV ]; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the address information just fetched. Start with the \end_layout \begin_layout Code - ** common (protocol-independent) stuff first. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "Address info: \backslash n" \end_layout \begin_layout Code - " ai_flags = 0x%02X \backslash n" \end_layout \begin_layout Code - " ai_family = %d (PF_INET = %d, PF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM = %d) \backslash @@ -24658,7 +22230,6 @@ n" \end_layout \begin_layout Code - " ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP = %d) \backslash @@ -24666,751 +22237,608 @@ n" \end_layout \begin_layout Code - " ai_addrlen = %d (sockaddr_in = %d, " \end_layout \begin_layout Code - "sockaddr_in6 = %d) \backslash n", \end_layout \begin_layout Code - ai->ai_flags, \end_layout \begin_layout Code - ai->ai_family, \end_layout \begin_layout Code - PF_INET, \end_layout \begin_layout Code - PF_INET6, \end_layout \begin_layout Code - ai->ai_socktype, \end_layout \begin_layout Code - SOCK_STREAM, \end_layout \begin_layout Code - SOCK_DGRAM, \end_layout \begin_layout Code - ai->ai_protocol, \end_layout \begin_layout Code - IPPROTO_TCP, \end_layout \begin_layout Code - IPPROTO_UDP, \end_layout \begin_layout Code - ai->ai_addrlen, \end_layout \begin_layout Code - sizeof( struct sockaddr_in ), \end_layout \begin_layout Code - sizeof( struct sockaddr_in6 ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the protocol-specific formatted address. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - getnameinfo( ai->ai_addr, \end_layout \begin_layout Code - ai->ai_addrlen, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - sizeof( hostBfr ), \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - sizeof( servBfr ), \end_layout \begin_layout Code - NI_NUMERICHOST | NI_NUMERICSERV ); \end_layout \begin_layout Code - switch ( ai->ai_family ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case PF_INET: /* IPv4 address record. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - sockaddr_in_t *pSadrIn = (sockaddr_in_t*) ai->ai_addr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " ai_addr = sin_family: %d (AF_INET = %d, " \end_layout \begin_layout Code - "AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " sin_addr: %s \backslash n" \end_layout \begin_layout Code - " sin_port: %s \backslash n", \end_layout \begin_layout Code - pSadrIn->sin_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv4 record. */ \end_layout \begin_layout Code - case PF_INET6: /* IPv6 address record. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " ai_addr = sin6_family: %d (AF_INET = %d, " \end_layout \begin_layout Code - "AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " sin6_addr: %s \backslash n" \end_layout \begin_layout Code - " sin6_port: %s \backslash n" \end_layout \begin_layout Code - " sin6_flowinfo: %d \backslash n" \end_layout \begin_layout Code - " sin6_scope_id: %d \backslash n", \end_layout \begin_layout Code - pSadrIn6->sin6_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - pSadrIn6->sin6_flowinfo, \end_layout \begin_layout Code - pSadrIn6->sin6_scope_id ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv6 record. */ \end_layout \begin_layout Code - default: /* Can never get here, but just for completeness. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - Unknown protocol family (%d). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - ai->ai_family ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End DEFAULT case (unknown protocol family). */ \end_layout \begin_layout Code - } /* End SWITCH on protocol family. */ \end_layout \begin_layout Code - } /* End IF verbose mode. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Create a socket. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( !SYSCALL( "socket", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - sckt = socket( ai->ai_family, \end_layout \begin_layout Code - ai->ai_socktype, \end_layout \begin_layout Code - ai->ai_protocol ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - sckt = INVALID_DESC; \end_layout \begin_layout Code - continue; /* Try the next address record in the list. */ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Connect to the remote host. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( !SYSCALL( "connect", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - connect( sckt, \end_layout \begin_layout Code - ai->ai_addr, \end_layout \begin_layout Code - ai->ai_addrlen ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - (void) close( sckt ); /* Could use SYSCALL() again here, but why? */ \end_layout \begin_layout Code - sckt = INVALID_DESC; \end_layout \begin_layout Code - continue; /* Try the next address record in the list. */ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End FOR each address record returned by getaddrinfo(3). */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Clean up & return. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - freeaddrinfo( aiHead ); \end_layout \begin_layout Code - return sckt; \end_layout \begin_layout Code - } /* End openSckt() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: tod \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Receive the time-of-day from the remote server and write it to stdout. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * sckt - The socket descriptor for the connection. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: None. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - static void tod( int sckt ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - char bfr[ MAXBFRSIZE+1 ]; \end_layout \begin_layout Code - int inBytes; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** The client never sends anything, so shut down the write side of the \end_layout \begin_layout Code - ** connection. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( !SYSCALL( "shutdown", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - shutdown( sckt, SHUT_WR ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - return; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Read the time-of-day from the remote host. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - do \end_layout \begin_layout Code - { \end_layout \begin_layout Code - if ( !SYSCALL( "read", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - inBytes = read( sckt, \end_layout \begin_layout Code - bfr, \end_layout \begin_layout Code - MAXBFRSIZE ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - return; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - bfr[ inBytes ] = ' \backslash 0'; /* Null-terminate the received string. @@ -25418,23 +22846,19 @@ static void tod( int sckt ) \end_layout \begin_layout Code - fputs( bfr, stdout ); /* Null string if EOF (inBytes == 0). */ \end_layout \begin_layout Code - } while ( inBytes > 0 ); \end_layout \begin_layout Code - fflush( stdout ); \end_layout \begin_layout Code - } /* End tod() */ \end_layout @@ -25451,7 +22875,6 @@ The UDP client code is found in file tod6uc.c (time-of-day IPv6 UDP client). \end_layout \begin_layout Code - tod6uc [-v] [-s scope_id] [host [service]] \end_layout @@ -25492,265 +22915,216 @@ The UDP client source code contained in tod6uc.c follows: \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * File: tod6uc.c \end_layout \begin_layout Code - * Description: Contains source code for an IPv6-capable 'daytime' UDP client. \end_layout \begin_layout Code - * Author: John Wenker, Sr. Software Engineer \end_layout \begin_layout Code - * Performance Technologies, San Diego, USA \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** System header files. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #include /* errno declaration and error codes. */ \end_layout \begin_layout Code - #include /* if_nametoindex(3). */ \end_layout \begin_layout Code - #include /* getaddrinfo(3) and associated definitions. */ \end_layout \begin_layout Code - #include /* sockaddr_in and sockaddr_in6 definitions. */ \end_layout \begin_layout Code - #include /* printf(3) et al. */ \end_layout \begin_layout Code - #include /* exit(2). */ \end_layout \begin_layout Code - #include /* String manipulation and memory functions. */ \end_layout \begin_layout Code - #include /* Socket functions (socket(2), connect(2), etc). */ \end_layout \begin_layout Code - #include /* getopt(3), recvfrom(2), sendto(2), etc. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Constants & macros. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #define DFLT_HOST "localhost" /* Default server name. */ \end_layout \begin_layout Code - #define DFLT_SCOPE_ID "eth0" /* Default scope identifier. */ \end_layout \begin_layout Code - #define DFLT_SERVICE "daytime" /* Default service name. */ \end_layout \begin_layout Code - #define INVALID_DESC -1 /* Invalid file (socket) descriptor. */ \end_layout \begin_layout Code - #define MAXBFRSIZE 256 /* Max bfr sz to read remote TOD. */ \end_layout \begin_layout Code - #define VALIDOPTS "s:v" /* Valid command options. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Type definitions (for convenience). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - typedef enum { false = 0, true } boolean; \end_layout \begin_layout Code - typedef struct sockaddr_in sockaddr_in_t; \end_layout \begin_layout Code - typedef struct sockaddr_in6 sockaddr_in6_t; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Prototypes for internal helper functions. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static int openSckt( const char *host, \end_layout \begin_layout Code - const char *service, \end_layout \begin_layout Code - unsigned int scopeId ); \end_layout \begin_layout Code - static void tod( int sckt ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Global (within this file only) data objects. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static const char *pgmName; /* Program name (w/o directory). */ \end_layout \begin_layout Code - static boolean verbose = false; /* Verbose mode. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Usage macro. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - #define USAGE \backslash @@ -25758,7 +23132,6 @@ static boolean verbose = false; /* Verbose mode. \end_layout \begin_layout Code - { \backslash @@ -25766,7 +23139,6 @@ static boolean verbose = false; /* Verbose mode. \end_layout \begin_layout Code - fprintf( stderr, \backslash @@ -25774,7 +23146,6 @@ static boolean verbose = false; /* Verbose mode. \end_layout \begin_layout Code - "Usage: %s [-v] [-s scope_id] [host [service]] \backslash n", @@ -25783,7 +23154,6 @@ n", \end_layout \begin_layout Code - pgmName ); \backslash @@ -25791,7 +23161,6 @@ n", \end_layout \begin_layout Code - exit( 127 ); \backslash @@ -25799,24 +23168,20 @@ n", \end_layout \begin_layout Code - } /* End USAGE macro. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** This "macro" (even though it's really a function) is loosely based on the \end_layout \begin_layout Code - ** CHK() macro by Dr. V. Vinge (see server code). @@ -25824,1316 +23189,1065 @@ n", \end_layout \begin_layout Code - ** a boolean expression indicating the return code from one of the usual system \end_layout \begin_layout Code - ** calls that returns -1 on error. If a system call error occurred, an alert \end_layout \begin_layout Code - ** is written to stderr. It returns a boolean value indicating success/failure \end_layout \begin_layout Code - ** of the system call. \end_layout \begin_layout Code - ** \end_layout \begin_layout Code - ** Example: if ( !SYSCALL( "write", \end_layout \begin_layout Code - ** count = write( fd, bfr, size ) ) ) \end_layout \begin_layout Code - ** { \end_layout \begin_layout Code - ** // Error processing... but SYSCALL() will have already taken \end_layout \begin_layout Code - ** // care of dumping an error alert to stderr. \end_layout \begin_layout Code - ** } \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - static __inline boolean SYSCALL( const char *syscallName, \end_layout \begin_layout Code - int lineNbr, \end_layout \begin_layout Code - int status ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - if ( ( status == -1 ) && verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): System call failed ('%s') - %s. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - lineNbr, \end_layout \begin_layout Code - syscallName, \end_layout \begin_layout Code - strerror( errno ) ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - return status != -1; /* True if the system call was successful. */ \end_layout \begin_layout Code - } /* End SYSCALL() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: main \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Connect to a remote time-of-day service and write the remote host's TOD to \end_layout \begin_layout Code - * stdout. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * The usual argc & argv parameters to a main() program. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: \end_layout \begin_layout Code - * This function always returns zero. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - int main( int argc, \end_layout \begin_layout Code - char *argv[ ] ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - const char *host = DFLT_HOST; \end_layout \begin_layout Code - int opt; \end_layout \begin_layout Code - int sckt; \end_layout \begin_layout Code - unsigned int scopeId = if_nametoindex( DFLT_SCOPE_ID ); \end_layout \begin_layout Code - const char *service = DFLT_SERVICE; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Determine the program name (w/o directory prefix). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - pgmName = (const char*) strrchr( argv[ 0 ], '/' ); \end_layout \begin_layout Code - pgmName = pgmName == NULL ? argv[ 0 ] : pgmName+1; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Process command line options. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - opterr = 0; /* Turns off "invalid option" error messages. */ \end_layout \begin_layout Code - while ( ( opt = getopt( argc, argv, VALIDOPTS ) ) != -1 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - switch ( opt ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case 's': /* Scope identifier (IPv6 kluge). */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - scopeId = if_nametoindex( optarg ); \end_layout \begin_layout Code - if ( scopeId == 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s: Unknown network interface (%s). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - optarg ); \end_layout \begin_layout Code - USAGE; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - case 'v': /* Verbose mode. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - verbose = true; \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - default: \end_layout \begin_layout Code - { \end_layout \begin_layout Code - USAGE; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End SWITCH on command option. */ \end_layout \begin_layout Code - } /* End WHILE processing command options. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Process command arguments. At the end of the above loop, optind is the \end_layout \begin_layout Code - ** index of the first NON-option argv element. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - switch ( argc - optind ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case 2: /* Both host & service are specified on the command line. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - service = argv[ optind + 1 ]; \end_layout \begin_layout Code - /***** Fall through *****/ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - case 1: /* Host is specified on the command line. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - host = argv[ optind ]; \end_layout \begin_layout Code - /***** Fall through *****/ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - case 0: /* Use default host & service. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - default: \end_layout \begin_layout Code - { \end_layout \begin_layout Code - USAGE; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End SWITCH on number of command arguments. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Open a connection to the indicated host/service. \end_layout \begin_layout Code - ** \end_layout \begin_layout Code - ** Note that if all three of the following conditions are met, then the \end_layout \begin_layout Code - ** scope identifier remains unresolved at this point. \end_layout \begin_layout Code - ** 1) The default network interface is unknown for some reason. \end_layout \begin_layout Code - ** 2) The -s option was not used on the command line. \end_layout \begin_layout Code - ** 3) An IPv6 "scoped address" was not specified for the hostname on the \end_layout \begin_layout Code - ** command line. \end_layout \begin_layout Code - ** If the above three conditions are met, then only an IPv4 socket can be \end_layout \begin_layout Code - ** opened (connect(2) fails without the scope ID properly set for IPv6 \end_layout \begin_layout Code - ** sockets). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ( sckt = openSckt( host, \end_layout \begin_layout Code - service, \end_layout \begin_layout Code - scopeId ) ) == INVALID_DESC ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s: Sorry... a connectionless socket could " \end_layout \begin_layout Code - "not be set up. \backslash n", \end_layout \begin_layout Code - pgmName ); \end_layout \begin_layout Code - exit( 1 ); \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Get the remote time-of-day. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - tod( sckt ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Close the connection and terminate. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - (void) SYSCALL( "close", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - close( sckt ) ); \end_layout \begin_layout Code - return 0; \end_layout \begin_layout Code - } /* End main() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: openSckt \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Sets up a UDP socket to a remote server. Getaddrinfo(3) is used to \end_layout \begin_layout Code - * perform lookup functions and can return multiple address records (i.e. a \end_layout \begin_layout Code - * list of 'struct addrinfo' records). This function traverses the list and \end_layout \begin_layout Code - * tries to establish a connection to the remote server. The function ends \end_layout \begin_layout Code - * when either a connection has been established or all records in the list \end_layout \begin_layout Code - * have been processed. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * host - A pointer to a character string representing the hostname or IP \end_layout \begin_layout Code - * address (IPv4 or IPv6) of the remote server. \end_layout \begin_layout Code - * service - A pointer to a character string representing the service name or \end_layout \begin_layout Code - * well-known port number. \end_layout \begin_layout Code - * scopeId - For IPv6 sockets only. This is the index corresponding to the \end_layout \begin_layout Code - * network interface on which to exchange datagrams. This \end_layout \begin_layout Code - * parameter is ignored for IPv4 sockets or when an IPv6 "scoped \end_layout \begin_layout Code - * address" is specified in 'host' (i.e. where the colon-hex \end_layout \begin_layout Code - * network address is augmented with the scope ID). \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: \end_layout \begin_layout Code - * Returns the socket descriptor for the connection, or INVALID_DESC if all \end_layout \begin_layout Code - * address records have been processed and a socket could not be initialized. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - static int openSckt( const char *host, \end_layout \begin_layout Code - const char *service, \end_layout \begin_layout Code - unsigned int scopeId ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - struct addrinfo *ai; \end_layout \begin_layout Code - int aiErr; \end_layout \begin_layout Code - struct addrinfo *aiHead; \end_layout \begin_layout Code - struct addrinfo hints; \end_layout \begin_layout Code - sockaddr_in6_t *pSadrIn6; \end_layout \begin_layout Code - int sckt; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Initialize the 'hints' structure for getaddrinfo(3). \end_layout \begin_layout Code - ** \end_layout \begin_layout Code - ** Notice that the 'ai_family' field is set to PF_UNSPEC, indicating to \end_layout \begin_layout Code - ** return both IPv4 and IPv6 address records for the host/service. Most of \end_layout \begin_layout Code - ** the time, the user isn't going to care whether an IPv4 connection or an \end_layout \begin_layout Code - ** IPv6 connection is established; the user simply wants to exchange data \end_layout \begin_layout Code - ** with the remote host and doesn't care how it's done. Sometimes, however, \end_layout \begin_layout Code - ** the user might want to explicitly specify the type of underlying socket. \end_layout \begin_layout Code - ** It is left as an exercise for the motivated reader to add a command line \end_layout \begin_layout Code - ** option allowing the user to specify the IP protocol, and then process the \end_layout \begin_layout Code - ** list of addresses accordingly (it's not that difficult). \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - memset( &hints, 0, sizeof( hints ) ); \end_layout \begin_layout Code - hints.ai_family = PF_UNSPEC; /* IPv4 or IPv6 records (don't care). */ \end_layout \begin_layout Code - hints.ai_socktype = SOCK_DGRAM; /* Connectionless communication. */ \end_layout \begin_layout Code - hints.ai_protocol = IPPROTO_UDP; /* UDP transport layer protocol only. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Look up the host/service information. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ( aiErr = getaddrinfo( host, \end_layout \begin_layout Code - service, \end_layout \begin_layout Code - &hints, \end_layout \begin_layout Code - &aiHead ) ) != 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - %s. \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - gai_strerror( aiErr ) ); \end_layout \begin_layout Code - return INVALID_DESC; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Go through the list and try to open a connection. Continue until either \end_layout \begin_layout Code - ** a connection is established or the entire list is exhausted. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - for ( ai = aiHead, sckt = INVALID_DESC; \end_layout \begin_layout Code - ( ai != NULL ) && ( sckt == INVALID_DESC ); \end_layout \begin_layout Code - ai = ai->ai_next ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** IPv6 kluge. Make sure the scope ID is set. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( ai->ai_family == PF_INET6 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr; \end_layout \begin_layout Code - if ( pSadrIn6->sin6_scope_id == 0 ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - pSadrIn6->sin6_scope_id = scopeId; \end_layout \begin_layout Code - } /* End IF the scope ID wasn't set. */ \end_layout \begin_layout Code - } /* End IPv6 kluge. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the address info for the remote host. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( verbose ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Temporary character string buffers for host & service. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - char hostBfr[ NI_MAXHOST ]; \end_layout \begin_layout Code - char servBfr[ NI_MAXSERV ]; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the address information just fetched. Start with the \end_layout \begin_layout Code - ** common (protocol-independent) stuff first. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "Address info: \backslash n" \end_layout \begin_layout Code - " ai_flags = 0x%02X \backslash n" \end_layout \begin_layout Code - " ai_family = %d (PF_INET = %d, PF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM = %d) \backslash @@ -27141,7 +24255,6 @@ n" \end_layout \begin_layout Code - " ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP = %d) \backslash @@ -27149,748 +24262,606 @@ n" \end_layout \begin_layout Code - " ai_addrlen = %d (sockaddr_in = %d, " \end_layout \begin_layout Code - "sockaddr_in6 = %d) \backslash n", \end_layout \begin_layout Code - ai->ai_flags, \end_layout \begin_layout Code - ai->ai_family, \end_layout \begin_layout Code - PF_INET, \end_layout \begin_layout Code - PF_INET6, \end_layout \begin_layout Code - ai->ai_socktype, \end_layout \begin_layout Code - SOCK_STREAM, \end_layout \begin_layout Code - SOCK_DGRAM, \end_layout \begin_layout Code - ai->ai_protocol, \end_layout \begin_layout Code - IPPROTO_TCP, \end_layout \begin_layout Code - IPPROTO_UDP, \end_layout \begin_layout Code - ai->ai_addrlen, \end_layout \begin_layout Code - sizeof( struct sockaddr_in ), \end_layout \begin_layout Code - sizeof( struct sockaddr_in6 ) ); \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Display the protocol-specific formatted address. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - getnameinfo( ai->ai_addr, \end_layout \begin_layout Code - ai->ai_addrlen, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - sizeof( hostBfr ), \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - sizeof( servBfr ), \end_layout \begin_layout Code - NI_NUMERICHOST | NI_NUMERICSERV ); \end_layout \begin_layout Code - switch ( ai->ai_family ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - case PF_INET: /* IPv4 address record. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - sockaddr_in_t *pSadrIn = (sockaddr_in_t*) ai->ai_addr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " ai_addr = sin_family: %d (AF_INET = %d, " \end_layout \begin_layout Code - "AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " sin_addr: %s \backslash n" \end_layout \begin_layout Code - " sin_port: %s \backslash n", \end_layout \begin_layout Code - pSadrIn->sin_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv4 record. */ \end_layout \begin_layout Code - case PF_INET6: /* IPv6 address record. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr; \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - " ai_addr = sin6_family: %d (AF_INET = %d, " \end_layout \begin_layout Code - "AF_INET6 = %d) \backslash n" \end_layout \begin_layout Code - " sin6_addr: %s \backslash n" \end_layout \begin_layout Code - " sin6_port: %s \backslash n" \end_layout \begin_layout Code - " sin6_flowinfo: %d \backslash n" \end_layout \begin_layout Code - " sin6_scope_id: %d \backslash n", \end_layout \begin_layout Code - pSadrIn6->sin6_family, \end_layout \begin_layout Code - AF_INET, \end_layout \begin_layout Code - AF_INET6, \end_layout \begin_layout Code - hostBfr, \end_layout \begin_layout Code - servBfr, \end_layout \begin_layout Code - pSadrIn6->sin6_flowinfo, \end_layout \begin_layout Code - pSadrIn6->sin6_scope_id ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End CASE of IPv6 record. */ \end_layout \begin_layout Code - default: /* Can never get here, but just for completeness. */ \end_layout \begin_layout Code - { \end_layout \begin_layout Code - fprintf( stderr, \end_layout \begin_layout Code - "%s (line %d): ERROR - Unknown protocol family (%d). \backslash n", \end_layout \begin_layout Code - pgmName, \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - ai->ai_family ); \end_layout \begin_layout Code - break; \end_layout \begin_layout Code - } /* End DEFAULT case (unknown protocol family). */ \end_layout \begin_layout Code - } /* End SWITCH on protocol family. */ \end_layout \begin_layout Code - } /* End IF verbose mode. */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Create a socket. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( !SYSCALL( "socket", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - sckt = socket( ai->ai_family, \end_layout \begin_layout Code - ai->ai_socktype, \end_layout \begin_layout Code - ai->ai_protocol ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - sckt = INVALID_DESC; \end_layout \begin_layout Code - continue; /* Try the next address record in the list. */ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Set the target destination for the remote host on this socket. That \end_layout \begin_layout Code - ** is, this socket only communicates with the specified host. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( !SYSCALL( "connect", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - connect( sckt, \end_layout \begin_layout Code - ai->ai_addr, \end_layout \begin_layout Code - ai->ai_addrlen ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - (void) close( sckt ); /* Could use SYSCALL() again here, but why? */ \end_layout \begin_layout Code - sckt = INVALID_DESC; \end_layout \begin_layout Code - continue; /* Try the next address record in the list. */ \end_layout \begin_layout Code - } \end_layout \begin_layout Code - } /* End FOR each address record returned by getaddrinfo(3). */ \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Clean up & return. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - freeaddrinfo( aiHead ); \end_layout \begin_layout Code - return sckt; \end_layout \begin_layout Code - } /* End openSckt() */ \end_layout \begin_layout Code - /****************************************************************************** \end_layout \begin_layout Code - * Function: tod \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Description: \end_layout \begin_layout Code - * Receive the time-of-day from the remote server and write it to stdout. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Parameters: \end_layout \begin_layout Code - * sckt - The socket descriptor for the connection. \end_layout \begin_layout Code - * \end_layout \begin_layout Code - * Return Value: None. \end_layout \begin_layout Code - ******************************************************************************/ \end_layout \begin_layout Code - static void tod( int sckt ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - char bfr[ MAXBFRSIZE+1 ]; \end_layout \begin_layout Code - int inBytes; \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Send a datagram to the server to wake it up. The content isn't \end_layout \begin_layout Code - ** important, but something must be sent to let it know we want the TOD. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( !SYSCALL( "write", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - write( sckt, "Are you there?", 14 ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - return; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - /* \end_layout \begin_layout Code - ** Read the time-of-day from the remote host. \end_layout \begin_layout Code - */ \end_layout \begin_layout Code - if ( !SYSCALL( "read", \end_layout \begin_layout Code - __LINE__, \end_layout \begin_layout Code - inBytes = read( sckt, \end_layout \begin_layout Code - bfr, \end_layout \begin_layout Code - MAXBFRSIZE ) ) ) \end_layout \begin_layout Code - { \end_layout \begin_layout Code - return; \end_layout \begin_layout Code - } \end_layout \begin_layout Code - bfr[ inBytes ] = ' \backslash 0'; /* Null-terminate the received string. @@ -27898,18 +24869,15 @@ static void tod( int sckt ) \end_layout \begin_layout Code - fputs( bfr, stdout ); /* Null string if EOF (inBytes == 0). */ \end_layout \begin_layout Code - fflush( stdout ); \end_layout \begin_layout Code - } /* End tod() */ \end_layout diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf index 3f61c903841c13787b7278c9501e0d81abb9822f..062138e0933addb51176bf68685dfe40a817b164 100644 GIT binary patch delta 23057 zcmce81z1$kzpaQg2uOz@AxIA0Eg%ij2-4k1!@yCH?gojG7Lbq-siD)6Zlq%XL1K`O zH{iYR-v4|5_wIe)eeZqWKI_}F>zp}z)?Vwk&w-FphOkkFx3wsbS<>9BP+02aSy0AN zfV?nbB2rVDrD662LPhy;a5>YuV__J?Q zd{#jGB2iG<5U!);HE6gTGLx1TGoEiXS0OK5HRISE-ejv8PAQAQOAWQAf0lxH_eMgB zc{IG8%w~?S`iCiq_ac8-QfQAio({8b5KznvGC=?$m1f_>f`o~qrDRptSbDmcyYLSb zE>6ZbJm-pEIyC1*6zQiQmC2?>qXyVY*4w(gJ2!oxWwGo%_QA3VQmSQ87r>#ijwmG_ zZmLj?x}V(09aZ+HfW64iC`xlJM(FMAuNl&JtNGZ$AG)ff(91e_m|jBG}M4JrAi|Ey~NA+1H3wRO=KmAe8T~4uie!3wwwlz6C2F9N2`{kGC4$<@cR4b zMxGQLGObCg)N2+jYBIdE#pr&xX+XD!FZbxB%9=@1k?3$dRlwwYy|00hl05jJaAozpABF;XjG*v6+Ee|Zg96Bf8)?yN(rwsedhSJ|i)m!T(d z{$grje$^A+-c)H~pQEAP88Ea!Kc`k{wiqfv+kzp-FWUV2^PK-sTXri4#!WDJr0dG5 z;(PN8&0K$G2^+l|6wVWSskC-c6rwOs4iw~ZzuuDr6;JYRl?bE!FJcrKWw0{p%=`vnml3| zu}Vl|hoxU$`qjNj@i@3rQu>Swm+{8F7p=Dblfz2Un62+fX+ zSH^$nC6WQwN@?00gYG2ma(RsfjvVHqO|m%~hDY~ge^o^l}bCa|MRC5?3mPUB`33AK?=ncW1jZz#nUNji!oW>y~^(ifo*D5 z)gH46@XC<&vx9!Hs@uuV*fnXsfhpL99z-VlkCg`jM)8Qugy$Ip>kM&|9qsLU(@`M9 zWiq(}(~iDxS83gI7r;R%`3d1(lJ_rs8MdmCXWn+C>)%t=rlw5%WLJpgHL+`adhNSm zjrKYQGD;m23KtFY9K9)@gbF^}=CJsyV(~a~)+sHs>#PvVgjv5oAQZ=oX!sIr(48lP z{pFJxfNk-tS0O-;-EzQK-r3&|!DpncnKk>+uZgJmUa)=kF4MK6%WruOw!*GLW+ngZfW)p`$~$G?A$O%hJj3743qB3DFt zSwpo$6F|pO{*_A^KM|gdL-;gbk9lwLXP!?gQ;sE>efdY-DBwX+{>3NJ^S?bxd~ zTK2MD=}^6d9G51&S-@pfdQ-#L>Y(}MM;{59*i%d`g9mF|hP`WObp5e#1yUF-|`; zO+IA6M^kgB!7YFE2$IUUjyT|+W#C&9e-8zs&n-adrApVkSTzCA9m&_nIUM-l>SkHV zxf}1@OA667VXNVp}Leb!zQn>K`K_xHXgQ5czE~(c#{sum;uIlf9?63v?*^1*S@QGfTvbGh;B}UG%gj(MG&pY3lj;fC9<}*2^&XwA|G1 z9nwJY23&v2$?IT-v*-X-hKYOv0q0OgFjB0KgJu!ETowd2PlgI94 zI~!5y0=y?u3?^Mi)b602)u_{KD}nYvX!s(<28vMMR9~76O;9Ho<5Z0|uI(kX6I`6$ zyCk&84NZa(xhC!ro1`CnFFqUGe{9o3l)Wt4ONLJZI;37igXY78+V)O?3Pkt!@Fk4wehS7vNuKGSyx_ZQgM%f(SZd6Z!QERWRL&g--|B`EN^! z5F4;CR3QbvALN3u=(PbT`*f3?%YSGI6$D?LQl`5sKVA%kDvaz!oocfmAIe0~QvV6| zljy!KN#0|GP~Q|xOBS9Uf(_Fnug0*U1O@?M%^isD!Rxi}+$0yp{9wB3*>hx@@>PfR zGBeg=brP`m+4wqh_q84B;&Ujj))!#5?<87X6+m{2K;|SMRYpnv{qBh3AjJ^%xid~gx7o}6F*T^r zf~U$hF#CgyIR`TWb~fJU4ROKKnhcojCF`YHPW}QpMg$DiN3zUGl6*I{_@e}kmnj5` z!1UVdgGzt_iO1_@D>xK7o5ic(1S6KB?Q4(3Jpz-0x8^q4PMZfkiTX*R_``noZfwKe()Ii-5R^#LJ|Y>>c|Ep61@ipc(-Le^(pEL zx8L{GDdTyso=W%i7WyKg1V2LY3t$hdingBwAx|;CA^N>|K>|6T_t_vq+yZ&;PR_DE zN|a9Aj)p4HdvSn;9L=wb*;}#{q5h5;Oc?wE=JR%i!G+r72N^)BejOAiPfN?S8q&J* zeZO0)N4j;{J@3>9LV@DnTOR{5cIKY$SC8z5{`QQZ-T4#T1jb4}6b8Nn&7JJQ#E=Kq zKA8p&*-l@bI&*Rn?7G`n@Nqd+5A)avWtwFZjTYRuy4*VC-WH zoSH`hhr)A#&4ZtV?4hrq4lvdD_tYhMdcW2?(THKM(`0y|J z{5$`W4^q|{_aejXZ8t;ZIY8hRkw)0w&_;GnV=ZqAI&fNxdXD+BV!r|V+~w zXa}8#h3$tA=?wSAUvP^pBR2Nkm=P>ut5HT#+P)7#r+Ev&S6-72HVNj5xCHCUWjsjP z$2dG#{eCP+jVB?m+Z+^NzeJX68u5d2&on3Bd0f^LAxn&jEB@16{8 zS;he>&@Hi-eQI&3B=!l}=A{77DjLi2+1}~O@~SEE#ib4u4~F^P91>?9m-dx}_@eoH zeH;nQ>Ekq6&UTZW6%}Y zO;f*H>>kEho`Ou|bJz6BP!}`=CiQw$5+Kv(gBy$JR;23|Lt#EU-j~D93K|0wUT9j= z4DQQiF$4^D2t$3~>}CR;NX`krV7M9VM3d;3JdgDyvZJ!5zO?NH{%Ceg-opDuU-*LgaHPY3gqJT3PsO3pz8B~6TE6f@8cxA!?h;Wa*G zlh6ywKS*{Pb~$aHiC(agZ(BI%?;r7L=r&E;w31s;I&|pjdQ-=m)c%xyxq?gZc`WF@e}(~$;VFFrC-<+9IYR*p zn{pevwoC3IJbv#Q@Q}=BVS$Sd{X`Kx`&kng*!vT$>5Lv|_>kfMF#(kL>yBma9aQ4q zZzpWQO@4?AzfBq%E}i3x`4G{dL?!-1?EZ^0FqGRb(ib^pzEkAl{kLxJ1j}QH?(An49693*s!=oUenXA4nUr zy0m3L(ENl)fwB5$bJJNf(ep{YcxgKrpu=Kofw=0YS>PAmJdh4vsLziC)}duI2wU99 zE-Y<7a%f`8wqVA=r<3elfD2gc5QX*~D7@^xF4y1jRDBvqKtF|GId&-oyIIGtE)rkV z6GQNYzCW2N=o6^xO%bZ!gXKo$?`2=56n!Pa;hw zpDLX&+)pB{D*s?q_RtX3gwYc%2^)D;iQYRSLhRUqY)YASUbG^Ov5HqN$mv8Ue3XGG zPXL)$g|hsD?yg3W%L-ZT)L$XRLPurhdiRM**OLMbmc@q%Ib2;Xotb(dA6XUuG9*xR z5T5GD*R4IjsCFp#y`#tpLt>gVl%`5&&cl zO~RM|Ft%j6l_W|W5sWYNV(mBb4((z?)@Xe@wRaXP4uls7eQ%K8+hN&Vj{7hY*>rx% zonJ7|8p;A3yEuWd&DYS7cc|$H{I$1iOMuqS;_pM>smH!O$lkvZ4J{Ne%WfwE18mNJ z_#W9?e1#~D(DRyO|2@cjKb!)8KN|TPQn)k_JHwF><~w{#0c!S<&7jR@f3d={`f+i; zp^>IxDEe*7D&nk1q50=Ze!(^P%XIyXV+1WAbP@e?UHN135QY2N!x~&o@b8Eh&b;5v z&>-F`35Kwgsz_u_K}-YX~Ks#}VBJ#&>#{ z*2O@UK4&Tl@lH%Yz#dm64H@{ZiEeOC|0v#+zoY3;Q%|4phVgVS9O}5nUW0XvXaG|Q zciyh7Sw8ZIFyzuY)Pm?k3gWZL7st$MeGGSQ6p}R3_g4~A9T{P#>tkRw8iwAC16i9> zK<2y8C!YlP>55P+&+5I_)hOAxzk1jmi1ecz@?uS!h?oSS_XO+MCX9dn@>J24@lFwk zNQV0Ehzfnyh54G%jLM|TgO>NvsQ?83#S8kKgiG%;qvaSrp1t+}s2-TkKvZlgDro)( z7_<9%c}e&xW&>>}Km_fZ&xREvr!aF_pr=5(s`7ck)_Z0r}RCuNhjI($8(>_Kv zk~FI25+2pPaO!}hs>}r9sm1{O`PT#yYl?zXnPd*w8~t{;v28(W!=uQ`hN3a6ONH3G zxg&P7cF048zPp&~O7ojgoAUDp#xLV6uj;Kx zJDh^YxT+H#9spB9lxt2IU#O-6YqE4EJLPrk^q~vO-7?W76eIg1AS$7DZ&B0JtF+*KS3J zJ2`X*gdg$H1h0bK64kiX+Y}`r!O^mJddNxjLMg*ns1ttZ%{U5Y&ss&~!WFP;D4?tE zfCTlKHx1{01Y%!wL+)D_{2F}9f#5N^<=SPaFG2a-EZyi zZ0FOb2&UQt!1p;-V0$xK{TcY1;ANIC#_z+1Aj-g=W{i`wpPYD-R$n`j-c$7Q{TTuA z#T)893u~z_pe9Z7z^-Tvjh*j=!KXDoZ@Qs7F)pV_Rs3dd;#DV1txkdQI=W}Ws~*4e zB!jTZ8|>D6@FuF=*ezdwC+v61={sat_B~CC1>(O0EF*-JT>yd zH?gwL)!)g)FhapKF>?;3hSY5CTUm2BF1yDGfg=ns{(uvn+y#6?{kEs~0e31#xRy#M zJmYrm%qg#98*sc3EJe$A?$dpRLZbK9$I#mi-nvgDW$&UsIBM3i7=nO$BkFwWdl&shQAdVFlKIAhR=krbFiszvbb)|7Q8Zbb zxYI;P(zPp66p@-pGQR(pYZz9YZl?*j9AJr6iiM$Q*~WIVZi?I}M#oiz@8G_KHRHY$ zw67o2pYi53w69hE*3H0CyO!fWKc?AlNTgUmvMuh^=p}C0&$wkQ2wUXxU$Suwx!#ct zAZv88fxg!ROMt0k`TX%BugU~}E~9T4YV4TI-^YCsNqSRXU8=vs9BA@o+FgRjfxH5K zyIQXAxjw#KE#2-O=x|3mcR2xS zP3j;F=7I6|@vX?{=MBh&ETcEJ=b&123xBMLRAjJy=ZCp)#}JGwKX!V9^7jcA19CLV&7II6{~Ptk9aA0bk^-`|>h zM>^)?=eJfgX2^lY?~ZcK8@T`+ChD4|ZiX*zaT~ikw}$5M%q^oJ#V42fHg*6RBP^^x zo{n*>SB!?z{I#Nok0bwDQC5r1zgG0s!@uz!B9z1BH zut$m1^1=P?Fa0q?kyq|`CX7=gMdmkIt2nu96E@w~zBrKYJ-NzAW6_W^1Xx|hXI*}t zmK59aOUNE)T#zB`P&Hm;Ez;z${kcGPl^BFumfY73 z)ZKxoA2xJTVFSE@XM7Ov#@tnyPaZFru-VI%yX@nYJQJt+gevL3dn*ehHVWk-d!MG50qp+1beO%dTxsylu>o?D6BpzBL zqx}9{WXvclZt{TpuRfmYaMibaLBma`Cm%jjGF)82ZZjMyrS)oehWgk5k?}k4>$b&xw$4m%lfd~oaSvX_$4DSk0Db(sqPe#C2_$U7Udc-B|80HmE+H&Bpo{qmvC>Bbl*x!AKDSOFxtulJ#NA(LYcV)fj0IH(I zX|+=w_^t3r>N+a3-hdMLCxqL&j zGN4oe##wGLIrbykns~CPmy#@Y`uyoN*)LRcX(^7Kx367sJ*rM#zyJO*qFH^)XOYbZ zxlQ}@bI2bJG@7HR-it@dsK-)#zi5MOTjHSSVp$=GC1Gf7hw3-HlVv(Fl%b1t|A3A2 z5-rM4TC-z|4q<_nH)mJY)7bu|Aij3Oc9yjCVoX{<2G22+dc1@5Q?TDOHeMCp*UpF2 zSjfE~MJMg|?Il1CEcRv1xbFw5++llIf8MnkO_O5szH>VTF2di?4Uv{B2#9IRv z!+-S@kXj3*KS?{6J{VnJ&p4G%OuqC0*inU0ikI1q-Z~85_ipw|(Z>(htrJs$;SYvt)MTGA86_?wTRx_0h$mFqpcP@Q(W$?>>m}IVW zy-sJ(zASWX(v~?caPPS*MJ+}>G_-!{rG(D{eu@TK-N&duodVOSBK?wp4+rg02q1(m z(kf{?b-h#=5WexN%$1krEaZpV8gfUiAou=cC;F%NF&bzSRaiXnA(Yd&!k6=Q0|KAEJO7(XwDVmcZc{l{N4R~G#v~+xavzRV!`nJ`^Ft? zK6oxm9L=aR5--{t9wYSONtmqM8 zc+vW%M6B29CRHr@l9vzeh~cl?M*bMDsi3g!N!#6k+*v~z&w7b9XT0ut!Nf%T8)J`w zM^=Marhk*#!chN(u&*TZ9(?U8s~M7X;(i$T9~J`t`KJH3TawYGp11@5iEI4F6E~PI zR9=)kQus(b@C0qW>b`ErD}4+)u&?H!@(ttlq_8UADbh!hdhOQX zlje4!6A!Mvw#jWPAc?M8iJnR>C&|}?fUKl-HI0V^Q(YC_L#f(RdG$THZ`kGg1UVfJ zkINb*=W1=fZq=y#K7~~De=V;<{jfwXTUmiV*UqDlV=(<8IXWO#epK8QQ|xSsVnpFN z+UGDl4J@i$>{2r#%O^PeRTOVDa11{_+%{w5YZI7$hzxgjg669*D9u1S!N|8AFo2~e z)IpuD4`MsGg&s05F(S8NI6k?6v?EOIkK$?5npl%pieu< zFzkUlP(VIffnTK_`0Dpy7*aqqtO9+~lVL_ z-fOv19=f6+(!_m;$r-bT4%adwh?!=73asg+{;`8IPHy?#mH=es6X{NK+-#omVP zW72dI`Ctz%2{*q@+s8HrI;nhc_M{G*0#r|w0|o210{izu1$U9Dhx31z)Hrw5IOl26 zzDTf~t^f9k-SjFCqIP`8B!u&!FkmO;fKK--H(J@p`vOw6?edZid{y$^+Yf~ve0WCX zsVcDW;3_tza+w2MNdmZ|eGV3r{a(~sh0X2IZ8q81wzFbCjgIk=L~L_K+%_z2pNZvc z0?=OpXaZl_q*V^tvrYz~w_wkElguu#T1I5f)&5r!@L%Zc0Z=D2d%I_P{TCAG|D>~_ z+vhZ{c}y~Zu=FFPfHZpb(vMsKDc^!QU0M}sxRhtCd9QW98`&JCI0tQRN2mVS?EQ&4 zT8y}t^;XN3;&+?452pI^Q`@X;g*FCtTk-5+Dv?|k_dKk;Zk}`Id|{qOy8H?5b8>!K zwN3V{{g2=M9MZ-<5_uY2Y#tg5WhGzc-!KMlqoj(1+Nv@1kIz#pgGuv`!=3*_2bI=d zgGmIeE#qc|xDVqlw)=j&N4EUPD3r~Wq@vx^_MPrG6v13P=XR%WsNTyoKf}Cy?%las z=6&Lvc6T2X&@xGLsNg>7!aGO7vVy!Pb2!y4QgK0!puXe(1>7w|iLFo0ZdPEcV&q?g^0m`g2<3+>4QGc{_`|xoDzwow0fk*0k4v($K}uI*c=s>fb!YSU;BA+H~g)8dDm#r4UAG zt-B&07-v}U7fDpjMZPrV=?u85oC7uePQwp!Y)6Syb3&qA9}9G9`IP4~Ga@|w2C|xx zK^-BkE*{joTk?Znk0$6=hn60Q~I$dyT!Zw|*xVf1H2)nukp_DOS3SbWK*1iWx`sI`qptwmq|t zSSUx`CxuQyRzbLCWr8Rb3o1>1ombnvYRvs^0UCd-pE|$xc`#|eUhdxaYiGb=Wmjh` zfE!nn=17OB|0_U-@u}*aD`xw=H#FL zMhS{Z=FW3VeF*NaB(ngX&+4In`m6qVq3@rku_qUd!b@5}44%n-&F!e6Pqr0Z>GBM}dm}InTA;za2qm07xK6VM)iazTu zSyGN}Cf)&Yk84)7c1Lp|axX9FbxmY9qrQO&(?Bc8T{NhyQC`T4R%4fg%ahq&`V=+!loCe8-#b`iuCgvt zDGUCrEhpN3dnHE;T3ao}qyFlJCpl>i^_YwRq~u6KYb&5=^g^ZZBtyxCIc33|Rm&RJ zZ?5F%tJYS*tACOhwK7EF8RNe8y4^V|4=14-U6KEjR3wvgy9E*y`UtR@RQjLNfVRrQ zxO-yc%!ge9B7WK+;SYnwDgQq0F{pr&)_hqXPQ` zTs+}kO@!`QR6h+^>=jc!hsLp_+J(=g{Gwyh9lZ>I0VM@z7q&Bu1OB5>=3OLIswdv; zdv~!B6rIc^uGNb_OoHwyUgXpw;rib2uK4`I*sgfpg4Qqbm<6p3aq)$*RU~LFUnze} zWRyhQs9!R6`{ zOC|C0dhv0Q`G;6SNTi(zx_{)UM>K-?V2gaEB)!POqZnE9E*n|X;~_GzMc!EAT4XU^ zG_4+WRf`1R4zFsJGIUwSw9}DbE*T)8c)btmQr2P_lg&tt9V1IzBLl<(KWY|D^zyw# zLhX4v(*QCT!Bb9J#DAhnWc7+er7Xnm@D>JCw5&h;9Q#mIy6R)X+z+}k5}PxW_`xxO zm42=N8r@n#H!WDVWP8Fi)#A@9E};F3pExqS_=G;MJweeYgJ)Y&Iw;NI_^y#LgEA5> zj^BL}(k}V9i0Sk8tzva>PUHDCms0&}B=m$Si{@RrgCDN>hb^pdilX8tMaelK>8i81 z+zChYn};P(T*BNuvFEJ>l|xG-_Pdf3@=?0KILZVxYR{R-8D5nGpii^=!`uEJpMPq6 zTno{We2_0yMjMRsaYCK0amhHSJ!fL1lsendt$8nTZRqmA2W=5?W+GVESTdnn?riU= zRhIc`etf$~_iqu0>LV&u*}3W0Xdb+{P8Ndmja!qd_0El+W2(H}@--s@UQ;MBjdlg? z=J_agR83eDfa<5;^NNS{fgHvrxX$yLjKG0H`rUZQF#g1o_P&fKQE8^w{My#!pQ&t& zLyx3l(a_GsV#D{1Am)A(VX`>tG1EFsuU=gJLyz7yy*!Uz$6JuS1(+@pv~@K-dfAbX zl$S}oN?2#!aH)PHlJo5Rp_Od?HPGd(8U4Z`eVZa~rsRk`F5(u1OW5d`az`!1HX!y! z)RhW}CN9w!1ThDAiih4eD(QTb#V{f9o-J;*5I5FnEi0XllZ_{z2hX>CU56^BQY_xb+?X8VEV#<=;G^3Nuvxrv<$N|0E!mMYjvJ}W% zq)(RE>Ka9H@7?ef3OywKe{;0%Kl$d}v`YQdH^ZWIVHk>s4!Z}X+5t=C{MxCYmj^15&;m>7WnkQHYsX{RF4DA#_4vdMQ2AGk*v=tv!cR zdcq9=Cy&DJq?LiF1C5@dRMJKLz}2Zvm`rriJT5nv7h9Kte#=YwW<81>W2-9v6t~|x zJq>ykE5=sg{wX87I`Z{;6w}65rv51jJ38{!dK6v8R_4Asb_Z9xixP40iAp`nFFcTm z=0B`86J;vel{_z72B`nAx{sHsC{^;Xv6%|&7%T>wqwRvFrkhOE54418vC$D)R{E#)czYLeDk|(x# zKwxm(d8}IaS`@)xH$2F6D!=F+B z`SPN-U!CvQNE&X9l&)6mxW96s*-jkYUZlk@B&<#mE9Z_#BQEC#Zo%^w9Bx51?Or)I zNUze;L8YJMVlq93?YMmM#h*~cx0B>x<+u0;9Yc(Tb*+?@Z)wV3u^W2!)M*x_@Ra9< z#SZH#)qgOZQ;O4dcQA|?)mKW^&8xMibZS9evwNz}=KHFDOeshAur{$6dG7ySM44oX zwNKa6D*ua?MdDc^e#f3QeYVG3*c-Yc z9rF7*?k|!eeC}Ai-+|#={qy+T*0;Ik#z7E5MiAtI;0D#FcRK+*luU)=m!$UDBamcEgvMaRAoWJONr>`)+%QqG6@EvvhGbdj$7u-SG_$h2Jr; z$`O2v>B+`olmJY(%xYaTdJW7YXZY%_>=B)4mx(AR>5v<@gq0W*iQ$>)`Lc zoUd23bI6L`h~eWOscKYAdYyz)sJd>-Za1bh>@!tM8cpS-6#Onv^~1pj4?w`_ey~jD z(FQ*S+N^eF^7Z&$#EaO2hVHS>D;qP)d$YA9$b~q3tJ$A!V~^%ul4a(@r-gBIt3&2X z6%SjB$RYmN=C;l><_~^r`G&XGlhMh~8HbSD`ad?e+*KX6o%Ud32{?Ey)=W{SiXQsM zPeadgLiHqZH0{Rea@=yZDC{Humo1ib#<` z6~FgU3jYhy1DhoMEEwXRA}m+k`3Luw$F#)@+5DAEi`TA_H`V$tSbQa)4r;B4{TmeC zFVb#H4p)yjO~E`TnV4n` zlOCwNPz5~Nm^L6xexyWN>PZtHGXxBfKa(vWpM(E-n`aQXf1RF|t z^(9?3#nAA)d$m4fW!fI9{COxRLUBq;KgimI8 z{g$6I8^#wGq6>j9E;Xr5^*;SaY1ekOd=9)$?w_2x+2SOtL7dwAwglJXs_|dw{-zG=dpM5MNV}bBDpb5 zPNE6P*JqH}Df(lljs@h9{|4M>2K5exFbUG*ujxLYGnzQ8DSvG`M=AEuNx?u+H10Z~ z4-FQ&+$gi=GDyG#hKmTBfAFmcXx1j=shap?_IEnT+A%0my_^jnCB<9y8=C7ILq5Ge z#FdBFkCI2Xx35t|kF<>pD(6TSa_cuUT~Z}{4u0rRrB8CR+KQdT6I^N@FLn#^!F-h3 zv`8ozc@l$e$ET1lO^G*Zi!9%^&1J{liO*KsM7OWPx>HA-XeKC+TE=3mGA_oo=Z)wJeflGn24+K@#8 zleCr@m$f(&n8dWq;<1&@TN#g)BP|sZ*k77OAU^`F#0=>=o0_=BoITfjt#M@1r z#{}-h-qI?Wlfw(tyhWarg1y9Bs020n_|huT66oAS=MTCVZRhuXaNigNzj0UbnZ#J6 zcF!Jq{%K#FSVuoSa+Ry0Vdm4uMy6@s8-zF)Ps15E`P-kD)W|ajVud~yY( z^{3kc7dmS+MDxSt$=7L_U;xbxoz$L8*_UdylV(F4V~(c+*L3;P^Vz z=ic*=RH|XlFh;A)lQ0lYCS8xEO9=V<798{OKQ!SeQ~q>4uLPxWYre*Qb9{pE@Uj#=RMykW)k%Q5;TU24^9o#<)4wfd-?r9w(_)V z2Hn|YuBGdw=kHCv~prgt;^7#v^F;|47YNkORaO$ zpX@O+m7fkqtl-ZH8q%fYvqKRT6d;*%nWcVWXVek=Okx~ zEcfm1q+BVoKNZeMetfO99F@Dwcdi(X<`PPNsrt;&!^#PkQpc?~>1AYK=wjvcEv0T* zcT&L6V9wFXsUoGWL3c9sm4TtXl~X}VU4ri9v4O#yjg?b;N*#snF*9A9Sk-~fF>`LT z9O!G)!0aMx)8;;zaw2N=Mp4?IeoPHOl%>gSCcM~~rS(~ORE*+Gcfi3m%QuB~Ic!c% z*97M%55s~v`gzi=ub;k>uK&(^W6ZcfUq?DInK%3DUn=Rxg;iUn`sMFt}CxMlwf}P@P1zaw{*G=?_ z1HUho(z)Bjm{NPg4<}3&!y>@^Bt6l3U4D<)#8_F|6%HapzNF6f|7iPR03K5$Z;8PhK@KQd7b>EsUUw(gWiVlhyIYddc6@cniz_GezEzNF8* z)?K~pduIhZaQtpmjWYKD&12qjvmPHGRu5;Df$QKK4zT4;wC{e`ujsAcNI2W=`bAtd zxT`obblhb^P|3?w+pFLuB85_L zZ$*QlOu%OiA(f#v;GtQRMB_K$pyFG;Rq%pYT!h1A)W(>XaO4>);^J#hKDo+*Vu%{6 zM`S>;l}7f^JM3&i|MuU+J6M1KT^Esz*vsah=N5nnI8XEojxLi`0PqAHBu+O?v~3X- zgajEK6-@YhSG7-(SUTKvRYat(RUOgUDw(zcsc`1^J~9C+8rDd_Jb0hs)$&DCiH|9g zx!eRyT`85I(v|LC$W8eCmmHYBXOt~Cf}965NW?8~Y|3moFMFUu1o<(cqHu;ak{#Z^ zpC?LJL?oL*(1o=nPS?U*aPs~rhhQ4(U3UBe(Wt-7-MQ`{5A;IFgxTr__|xe#pwDwm z+7&3XlU8{0#z0d*lvug>fm_3~HlUuI$u8~bIS)%}ci>Ee-OP5c6)StxRW-~wb@%%t z_Xbv$i&MQ76ooG;kyiKFiA)V*LEjIoG})8PGwywVpwHCCgOV!e-QW{+UPHT@Yk5&U z4HA{+FkJph%{$OnL!G~e4=`D^UcOjOo9L*<*4IV(o@`JAt0o#pCZ3p7yIPfeD@qRK zGpjsyA}fPDP_I;A9(yl&AWJKC=LrXjeVpx2<$>#!${s{dZ2%=luUNnUdoS^oz6Dtg z!mgH@2=P2WJ*o0ZYJZJNj@2PMu(xc18F-)jeBu1lF}bsgua-X$U2Bq^eAOaJ)mo1; z$z%mwk#$5%AOE838FdLF7lWYXug^KOzxs46!X*z4VAH3ZfTFUu+6&UQwCJNqRz$p5 zKuxu*GfbRtUh%&`sS+x?BG6Zv2z&r@agjt}s;!5F=r@w|z7#XK-ZqKBs2eYx*DO0O zGi}ki@T_Vqo6iHvyz)opT;9Fg+@*WVy}5hRwvRaW3jY(1-~JKd#a25TBj^HPPukZ> zVw82ynmpf8*(WuZy#IxEzZAVIP-+Kb;7LmIm99wO6I0agu~Es>p$^9Gx4RF}*@LL6 z%-Y^gRT0eN`td4~i+{t=qZM<1t)p=)0;ViNSvZB$kFUD`Y@QT%X+y_du^ z%$Df89KJ}nw7tJT$-^bEdixBufc#1KJr;BY?k66o-LFn#pgsb~#ujg}QMJiGcHARD z|HLH~@=pH@IC*rNt0e5&LtY7jwwtH<9t(7Kce#w`lr;eQitW_%b>i%0(~6$u%2Xty z&hbenW1F7Y4eO2x+C`Zukg{olc3gIJUFr%QfLD^T29gX`@?4ZHfyLtsbg#+dm|I$v z_A2u(bc9-azM^)VOF#3Ty9aE9)UB{fhbM>lF(40d4W0Oap(QDxvgCrKW z$;!6ET|C^*#wxMVpYA#co0HJpi*cYq7G@xkQ$z7`u-p7L*&k;82!F##wDnZQ^S`)%F5jfw~Ind~Gf0q3$BNmV>@8+SQ+y_Ab&6nu%)zUJiQNR3KCnf$hg} zv;?&T*nyCOYuCpnxr{6(z5>_9@39LNx6^1s6-}Z(xrdk={CVNQ@p;fdF`MnPk|wYN zc@Kg%C1p=)!?7Kb#vv*z7<~0rB6`nq3gy+_$L;It!Lj9*d#6I;_R&6&l_FbQm~<9X za)1U&suj0E)YuTqsvaS|zNaO?mL!=((!Re=$V5+r%-rln_)RDFS{6y4Fk8I4?i2WDsX>ExSvB{CZP4BfVy_v|ef6%QtRu)2 zQ6TuI4YHp0HXz^Cy-8y}Xy)l{Ts1=e;fD?m!*UWpN(;wMOB_$z+MmJ5)!QImc~;3( zVj@Z-86K`&Afudk{s)2&S!3<;o6c0+7DVr0?)oGj&i?$ zOemf;_L^0^!`4qrc4>YL<Px(xbeKQXS%14THjU>Gd?fr}DoOn|*cJ0(Fn^Dr z1w7V5@vMaZz~>8AA4|BC#9=Dg3!_1%_2L_^OQoG(ZX`QUx3O1ina4lB&0u>?eDlTG zDRe_ToR(hQ5U+CS`Qa7bJ%Zm(Lm^1}4{suMQeg%xwx1YVvM0q(3>WZ^H&50gW^)gL zf@Y+pS6?;NWm=yKq=V^HQGT+|@-G+Ot3z*_`haWVUf)x_Z_pgiNWE_8kB!&egrQlOmfs;=l{it?9hiAX*@!wiE^Pr}(ZH+gyOd_L-5C)k7NC-58L`G#El|h*W6e2-D z(8v@(j({KnQAmJ*A~Q-WgN$h~fV6;t2r@&ABn}B-Tm%;^={Rv zulD!bYwbE!`=3*FzU3M&e9bpe1(Bi6iP%#|5uSyeI1xMpkBgcm|*1ljEciS(PR88qV^>W{mG zt!B7~-^usgxMv+F^2sLW&!j-jhVUshBaE*}yOf;> z^Yk$sEG2!EA@Ev5F74f!OVMnHUjxjFg-d|I!W&+1YyV^+?KH+D!|M&`^mVDwbnlPA z1dBPh9S1oCOh^h`k=1$vX!q>=mv?8f{vOSly*O{wXQ;2EWQaknyfF*4}sD~bUEAB{6-EC`~P zC5=T>&I-v-{~RaYnpQ5qYgI8+z`{iErNyXdYOHvx6(im;hK;!uAg68@hjS!xapdp7R##mCd`T;^LDs)U`NEGGUD}dA_|!^Na!JMM>OFyX4o}6!&iUucE$9biV&i{RlZE+ zbMbQ-8v4~mO8t8dh1ly_Wy!cd&kf4hw}aT!_1iILNHfMX`$_U*+sH^mOm|`JdYkp# zUc}#5jbLCo3F@{Ge#1D>X_D<*IkGbd%U?Z3X0{tt?SF1n}uChx!ac^;*tHfh5`IOnfMd`i<%lnEOf_lgbZa>r9czwHT|rjk3#0bFK?38ODLI$zrO<0tCPqCz7Vw_bNtUA~D_PYuArk-Hie* zCr!96+{rMe8BBWg>5a}Vs0WZ*syRphCVwga#T&5n-Zzx%#)0Q2*&`JraiTH)x+j!* znm$NwX+MQ@dh+h?tR1yU*Vc?K4jU`rPlz6?%2x3Iv{-3(z^rp|?3|vB7r(}YO|kY+ zG~)^2oznmn*Vh4E)$q4oQg%Gx)|okOlcnt*omZK?&%b(6Z>f^B;o@(HVR6;yr8)Oa zOY^yTw=P|sKNFpIpEQYXFcp80?dpGRS@{(1lAQm7QhT_bK^4UCymEk7#8d0$hS{VW zaQ`NT|CvG)&huPFN;E&a7 zhaDeiatqgs)pys&M&GHXsLrV^89Lw{I**TEz(oET>R+E)JesABl*5v%IWC-MXC~rPxe8bD&CfBRvbH z(6oMXf1mjY+pzq;_s8!jZA3gse~TUoTturU?4e*-H?Eu=Fm&GV*Sph7jTld8aaciv z>tThhRPXVG;9pHnEA@x*gs1i^A}aN;-wax@9v0t9{b?-Wo$U%*wjLJwj|ScfP;GmDkLE*RF24M(osUy}=X;uO!9akEI#H)>}x z1wu%G(3k!CI&4b(n6p#vqRLd|x6rq*f?OT5yV`xf@o!>{w~6+%#`jAX6iT0PC**TX zdLX4l1y?8q%PJND&c6RnDe}hfLu)*^y-sqjaJF_?ywCGgB}G!!^+u#q#LkZuXcIY~ z2MQH!1DEAU=6$*&6q$MVlhkZ+d?@+#_Jm`V98i8sIU>)%` zeeVPC{NT&3- zvh?79y`gQhE;ei+!rQQY|MNN-mC2%1>8j}+IVm0-En7vAo*P&+w8b}l@4!Avl}!r| zHHbZO2;e4im7Vo&x?Rjk4Zd_$9n0$JF-mqEXqx58@eOWzb^tvPgwO$@`;!9*sXnwdAw%s<#xM2*{3KR8dc#- zsQwQ?;9ne?zLScqPGTeFT2J<-a-sGqe1{$>@<~-cN!{n2%PZ`D#$vbD{|5s9s((Wr zV#qGi2cieggq-c(cXTmfO$84Cq1Vj3UnH<-DE z_#^ziGJUqsO##sAn@0adRj=qAYN=~Y%ctqVVbSbO;mJV3Ven?^IxTfBd;R6X^^N&q zO1e=L>}AsKh?LubJl%XmO1#R4m1;u$>Uz8V3yP3_!@@)$J1eSje{Ytd?068%`Z*LCL;cK<^<^ z;`BdktrO-9*EhrLO^_vmBK#!b|rlbG%2O&A2To&Lq)qr9+ncJB1R5Q+w!zYto6Pf+Aa z1`$ig3{aG&`3ogQFh!^foti0}mw4lq6Forrvt$R3*!9uFh1noUllf+>-=l$K%db0e zR?RG&`df?Ok&`*Y4;($2@zUnO+X+H6SsHbefJ^QAn11FHPP`kp*5!xY|JZY&?64|C z+w>;)f|I8yckjoZ)xoS=Gj9PC%zp0Lc}^6fxjE8s8xQeeCl0*@nid086NAHU*l%RP zqnMtWm@Z}V))61}Oe79ag>XYq62ND73GVA;2`)WC!l^qw>|)2%YvjXThG!b7o*(BY zqKyZgjy(L+tH0Xtj*wPKht%_X`HHmkt8eyvYCZgXJh)Jy!))Yke`K9@ZAd;1*EFzCARLsdipy$)02foX9>dOku3 z{SV?W@)905{l32??4qa0$b(*=!$%(SBc@*0fl55m{sIF3cBvksaINK98JMH>1|f9R z>5I?LFC>%y0dct=7u89=1rE}-Jm*F0D-FgIj|gTdDqj&(t}VBRXez#*OssXYwK>J8 zZcs-oAd!VQSMF`Vw8<{9SuN3yK*R4&-p|qe;<5Jdwby|)(zBU5e_!Oivt;9t-yZfC zezL|LxPu`{imXY2KW65NF;vKh4wBTHonlD}WJuYNIax=5UM`1uinKPzo-@*fAf3%| z?~s<=xjKyMB=CKDYZ4SemohT=0x#T{@(X($=BFP=|U*2U+(Cm>HJsHU`f+K_$_6%@3?? zC3)-Mbm@ZWxLb5VIROL@Fn;(Z2`9l2bi%nX1V#Q=;RjyuZZBr@aoQ%rP3sF{SSfWl zk!Cl;K}hR-?hauASOgV;%}HF7RA%K1Q6=->P3$ik~4FkrHlAN*kicD32c zJpUH_ev(!hQJV}+gf}K>Zozxxa?_CZq9h5nb0MR)j;PB%eUl`_w(QQwvI=ofi}w?5aPnhG+}eVm6ppqasQ%Bg zU+@DTr>8E+3xvyE6qLi2E$&?8|3So|O?JXxxW?(1nPa{_>IaDlWJTF?SgpYjva;Vf k%F7xqC-Gw;cg}wu7%+D7#JyS+R20%R+6@NVxY+LgFXd9>?*IS* delta 22965 zcmce-1ymeOxF#GRxCVC!E+K;jmjHoa0fM_*LU4i(H0}~y!{8*igrFI8@MIta3GNnx z4X!)z-M#njp1c3v{qO$&In~dpsj9cCyQ<%Mp0~Rv;wN+1Pv*ccD0H03t^=Hn3Y;jv zP=JaEQWA1=dh@b&SHXe<4(khtXPkE2l2=!6F&NZ1R9-8`)>##Y3XXGi`Uwn6mOaEE zLlg|N7mFmdVNZ)yXVtmStZSRWcd1gGH;RJuTU6G%aPnP|~D3-Cb|BOWDa}Hq& z0!1uQ0S_uNQAjSgl zjRTXXC1`FGk1#!(+_RpY+_L2y3Q4+t2AoJ=kw9LA-xh{mn!mwwO7?I6J>_7jGbGQG zwa&ud8K8)F_`U8^=r{XVp;sTo2U zs0I%XsGbO-Il-MuKpX@WN7~%&u{v2&n_7L zTrCu|#S%sxTKK6{9B!-LTpmlkR&f}c&icwRWFhqOcvc|Ta{kq#``izT+yb4CU+P`I6Y}4lzWA3yU(PorIm&)7{k5E%_rut|auhvd z=+Ouz=~HJSok_=;6F(4by&%+yeETB8f(He8pf+0Ypph%1h@>x0p>n4edZCe_WT!WK zq0v%O==dF4T<(H5F0X$)aLh;fJNEl>;5RHa{jV1q1;B6-!SaNX6Q9H~ZwAU5#*Jq2 zF)e&$tEZ+mfTD!+J9#gBU{WBD*5!{2yk*P0PxfnNCXoT<+0Uz1!SDF}_=>GMP!`RC zAtsPP2H*Mln(rFdR(GQVXDxpY?i}X>Ua@p{uM}3F%9Mh(A3eVxjf@`-2R?UBCn27T z))F>TG6ga?O*9)s;5x%(QQJv%4UvDBaeT7ia&C!O*!%kLh8obQhPb;uP)6!SlVvIU zG&%mHC`OT2k**6m)=jJ0%2#UJe|e(&7T1X4h1mO#Ra)8NuquxW+g0PQ4(J_A;@Nbk z+xoSck6ILMectH$C^HZKm`P3Ah)uDjtX6Cmp5p@g(M8*-L{mN+OC8udig_RE?84G3 z4=Ln}%)9!VuE*AAE&&8S->zL7;e4euR%M4m;Z(6f3dl%gZWg?Y5+z5e#5uf7S4PJF zr%cBNn-g1)`R|5jBduPrtD?cEgw_c)4*$ES4a!STbe2hFBWyzt9!U~LHrIyezzSq> zY8L_CR4a}?MSr~~)`O-ByS}~%L1S&roM{5zZzQD;Lf(G-%NF45ysOK@y>D#FB|Y=q zh@aM2@JP^99;H{K7|jA#l%FPNzjjSuV+6YKXF*A))av;0^DZqM9b)!yxc?VnUQN{C z`s`WBb6HJ8$FV1piaB0SUuY;Kurtih_MgT91PSANW%5dj^_}QLb3!!|v`4d8#8mp~ zhgY8FMI3MD1<40|oW)CZ-!Y%PN%)w8uw{Iml+AjslN{}+P}Q`^Dw9#h#2E2AD{)sf z!s_Mn@BU&7OQ98=8aN?lS;zHDokb~qjCn<>CQv)UtO=dR#jm`FxrL|~Fs~YM>4Nvs zK$V4f=fTsk^O%t^OzO>$xI-7aIlP$J1D=O|aR_}Qu-m8k7%VdMw7=b2i{}Ua=gp56 zoMA6BfG_TZyn7!h5$2=_W)OP3J3U?{F)<{aWest_H_I&eKq?dp;9Xj&XOt=5?Bdt^ zx9_x@oXqnifa`M#^8enpc?QIN>BR{|3GvVX|3U+{H&d+7`)@#zs zzbJK&+bFHgq56pdbSQ1_w4t(k@2mBY-g&_Fw3(tZr8XyON)QSO-;3vLc#Z+d@iozd zYcWsB6|r2o$3JnA6jWT= zmy(jw0PvKDlaohDSs9q1xHUMwj`^8%G3p1#PDx9vxLKlGFtMd7QdSW<(nZW!q;=y! zpDZ}8E9=7=!>Uu8sVDXw*IHr5xPQ((59X{(@`IfT&2Zf%-z|!FP7YUu#(`gfg)?+C zzI$cviMf+lpH&^2SlL<#Ebu_fhj~7%w0`#rGe9#spWipJod9G_Mo&eTT6<S<& ztWa95TEMWIf~mX`*=9@(N)G+53cL9nyhjgdxhk5Hc3kx9Nw?rSQKvc2MSR}6>!=p6 zubnNkkPtFp)~A9{TZ5>AKCQ&)!&FEH)Q`cg z%b(3Pm&OR7++bII(yK2qpm;C3IdFp0nL~6+-@k<3xSqTy}`K#PaqCA0nKVkOY{X3ZWdc^^0?UB640m(Wq0;Z%J4nMB?4IoW- z_dl*^IYUS@1K9#jmgNBgoW=Z)zYR8V22c z6~(ZF2thg=ka8$G1hfr32_c0%yz!1OAmBdBI(HJ#>*9ingDZ!}Yr^5bPgZ!=4fXp@ z)ArZ|@a1{RjbHu(-dR*d;Dd2atOV+bg$_k$0@^w&g5N@^p?`*7eOM}AY3&{EvW3cl z^)ihZ``Ck|O)VxmbfxxG89)LK`SG9^(0h-Y2VA90t(_t)YxNpZ_D#%pLruW0?-qEy zy6L6Za}!<-e;eu8Fj-mgS(loEQ*=SBgt}0q^fVaY_nt>23YWlpc}9BBCoo*-5({s= z?i(9kaS6W5XbmU3M8i`@`*>H<;rri~#XDo!#fDCK%p|ni`VrtN0%>}r`;h|)ZQF7^ ztoIIRw&@p274&VmF%d-Y_(k*J2G{1wV_PiWk8m=0pU9PBxGhu!h1OhwX>N6_Shs8lY4D|c30cIA5kO;8d*$FR0rM zySvY1*ls@ubvhC^H;LD4KlBFI$}LR6a5 zhXGb#S4}Lcgl=r82xn0S`x5DbDO53N%q1LTX*M|AZ2*mQFM^ATz$x}}Sclop!r|f@ zimMCgP5tcWFX#C{oih z2@8ze!-0mxzG3gc4RBTX%VqfTfZ1U)HN8)NEX7S0Jath~!iM&!5j_7+fu5JyeD7>^ zRk3Z>vS#RnG)D5$OXX@YieYv|B`*b@>AU*09xs|xLy{BwCdZB%#rbJs?)_1G!pM~5)4A95HkEZVZ%)MRO zEiN0(=!`1`ZlDTSBc$eej%D=shay|31F5BDJh75+-&#v zOQ^*z5H1N$G`{yUih=jJ&4eci(WSVYdq3L~VYbV}Tp}{-VZ8S<nB*}_Wr)H?Z9%+cmT!4gup_VIJEyj@ipwGL4T(qjx~UYY4U*c zq`DaFYWrcujO=of6hbJf@Rc8#BLi1GQ25oSci%QU&A2RXH6!}^549A7W!$IAYGhUn zDpK!c%XLys26jc&NWU}32PbY)A$R?jM0f--^V^GZ%Ui?m8*?^ASpb!E|9*2Ub(C2Y z=G^cGou4(*{WRj?m>$dr`>wo3=f*g3@5~h#x6h2b;(L(vSA7gl{6(h91=iV7nXi4h zT*GnJz~NXj;J?`~#&+DkyA(tDLecuiBnFZks7op?TOc4yqNS8tGs1m&JY7DU%Sk!# zqmU1>#bC)U3O;?HQ`^QY;Xoemj{c4xLX7GXNwwYsk}wJwJ(B<0bC+WDQ}3?39=xmf zlF6U+auNZSlAz&4@_6;azUXVbmp90nqBvh2-xo(-q2ZI0;Zvza+O*cY>n;Z;0cS?Y zV&oorKrnQPoE`@O2zT_-BvKe0vq8$60gGn{om#+gO^c`-l!=@@I;p*u?(M(G8S+hl zx9;w{Bdsq2;eWr^7+#l6wM(s%lrNRuS@S`f@X8U@$W?w6@{fPc^M$;X9;r{Yf4-S;*8ff#3QA=y+;<~5A><0odwmy_a&hZmCtkd zBKG))7-1W^-e&}N8>Hs`L93=r18mquzmWF^E%c5JrP5ovCo{7dyEja%&Zq@&v(MWc@XTzSf@mT2fA`63 z@!zchF)QDOE5eZX%)H95qXv8<$@`4SU3_N|p~epmY9{eK5alKWx@YnI&PeB6NZdh! z`#zJDQt(;K%k$ZE{C@~B-MRbTQ6VI7ms}sp`2A)tdZ}&+9OSv&^ke&+2_i&t7Tx)& zrC<`+rDwBA_z_g?;BfeW)!9SfPLrD1QxTGZ4kgTJ`}k~W7ln~`>j6KL2*r89R01z^ z4J^`*!XL^<8$ncHycSa=)q^KfjS$5q=v#WpFNkPfrjqK2ebF*N5k`5>i7^?wb_%Eq zONgaSmr%*1TY3n0+Y-jQzjw!J7U-T7U)S8}QtwaM+{=K7>>VwF-2M@!2wM@_&xfd{ zhcIksOaximy89n-+BYW{(6yMHe@M}(A)Hx024;FQ2D5ZN8z+{=%D*Q?#N!zko_ah@ z@Z&*UThWR|bd}V3H{Ocj?w;!4S>gzrV zyKN*X=H-Hji-Mc!Jon`_`z-z!PL$eMlzg^0w2}Rt=&zRAvpX(UJqW zv3}s&l4&F4gN^N+g7F|jyZH{oPe^0@Rob}&^Y4Q`cXGOxduH5y6!G+4ffC;{BY+U4 z!Z$%GP&#n*n@v=A_MK%dRk?ozC`|BI&nzxJSWQCipTLjhyQnQQ?PAP|+HMXOA=uQDL@=#Q7S$8ztHvHD^26?zI83L7IKo9HAF(Iktb0y%ZiF=Ei&T89LB@erbne1C zOYVRu>EqwXrE~HLpWr?141jun|3`!lG(`Il5gar#(co|r$km1dZefwvIP0%PdMWy7 z_~|1oMI4;u`HJs^s2QnNQO6sRZVGmUrY-%C!)8P3=p#|gjq}-Cf>hq@MH(qHK7556 zlfW3TAT_wJ?P2;k?cSo%I$6`;#tWe{9t1UM%s1N+CEtB~1co4DpdI;ig1l*f{UoG1 zqcJZP?m!P7Xan%Q&f3;HDTZ5J64WgSrR?S-Fu_jk7!bah#m5k@<<8RKm-`tYQv``^ z-q~2?TGdYs27wh6r+Kc&G0AtPKs zmJTv>CL`LMH$}01o|B3RLW+$p0%#-zY^t$?3$v`Qbn)TL)_saJk_7K2V~%$PTbkJ~ zxzzmk+rj+PL4%~Ofq`U2fJQXAl z)@h?~Q;=SEaY{9MhXD7o6`>~VeJ@)ZBC!}V6=4l7Y^ljCy+DPg;X>GcnZ-0rAlA*cN*bHIdhrYDRw7k z+CoI-t1h5;(J)iJ<&dz>%3(MC&W(BVn($^~-GlQ`AKpH|7~kOx$pcOnRblVJt{C&f z$oS&f`80O`+U^dJ7F2q-!mjz$jGk+!!@L>rN^~d~5Sz;3z5c@eJcl^Nv zpLE*Th=h>egBvDpF8@%YOli=plc_loN+s$%yEXJ8~p4BUMs#Me3RJ8W$II1PAR(Oc(ZDtazv4 zO746V$yXT6=xTC&J@2!Yw=q>ReME*R`W|h$6Z}BHTwlm}l7PE6o}Iq9_tNO14LSs| z@j60n7I7ajic%c|;Gs5*$@9$_M7R%H)_G2zuc?4hp8n3vx_|!+BH9Pn@SM~WuCngP z=rup?0LNW7adCo+kDf@_&0{i*u9Eq|kwK$kOzzpYJ4dC=?HDRr)%1DD6hIBIz42{} zI}X)2a9i;n=rV&R0H{8vk+DOP4_IpVg#n}j2JPW)sVf-C-^EO z`7VO4hQzbeX$s9RALXPoz&;esg@~ZjLIf2l4`?GuT!_^=--w|3h~OeMfMBPv3(C_j z)+Rh8+Z%`caY4(8|J_Qq3Ryxj22!1Xyn<{-9aPJjdS&opYh}s5vza=FW?1 z)0_0(bMP()z^oNv#~SGLNA-P|v?^#PvVwmY!tK8$KrbY6LU0#Fr5ZbUn$QRrA4#CY zFVDsO*DpS6QGe2!9$RpT2&le2zb2o;@UvhL?0VhFna($d#Q=2KPN9l^3aZq=eP4sW zZ6UrB_^}4pvzvYj7r%z^M2?v@FvJCmp!-pzoFqoy(!-okEf?w^&*^`3iHZ;+HIQ*& zj0^VDZn7pEq}rJcw6zb)cEL4V5}FNabs^mCMzarz*vF#pCh^8W2876mpZhqb-87MH z0PbF1293joG7#AB|6-T>IApnasJ#9lgoX3G7OIcoLj0pcvwD@Wg!&u9s(6AEd%kuIFBvb72BD3oz~~yN zW!oII>Ad%|ZN3=S z0{i(T3jkT&OTO~||GW_R|81oIaG+>lp#9_pRS|M>JCya&k)f7%^(ME9vex91eD*nl+P&BJgM z28a-dwM*Mi-YgdTN3Q>IaN*`WuQyumM@D>#a_AKi_!`(W`8Z`3B-V_$*%r8~c^F@1 zd46>YeTw*7gXY=wbPC_k93l;TGI{{ zZ}jRVd@!!_5?%j^0nQIL4V*fE-LG&3^b|H$Ny!6l8^Hvj6ZU=C_PX$c=FO{k^4(2X ze97B^XYAGMMZb{L>i%*`P%!AnO*8q3ob)6Hd@+t-?%|gdp>2G}iqI#3ee1hf6hFr4 z`~+D+o|mVtUua$~xClOI>?DbtHzXV{e)FXqLqa=U!C?<~e4edx>x5pXuP&pq@Q-grp9JwXFC+bRPXO+HnIB0}A{D~@xg6`Yzr?n=#dDY<++&1HU zeg1`9WoAHOzcIN_#{Ie|G&`jt*|(Mb*b890;7dNvL-2hL`s+ee02B801$92N4|=(e zH@~Sre*L>lvR(&b<2HHg@#?En$j1?^zQ?}rpG^^@bQ<<|eJ!%~cucKy+GVl7ie@Lz zj89fWFZ7)CT`1S5@K+y#p1cd^`4B=qh0~ycIg>~KwVPlHyVYEHC+OSA1LP|$!7daL z04rjVmo})-1uwoETLill8F2ZWVLJzbQN2o&J=wHJ?z4U-KRL+GmzT>sX z|1B;8XwJyzyTm_SIhl?5CoOz;Y*9aKU3ztwYE}N9QnE^GvdXEvOoh7gjhddsOOIAv z8G^5}%sFV^e@dMUo)K}+df@hSzsg^k83D4;J~c%K|P z21GZbPRP&~*o>L!hh;P@^E#NAd%8Y*7ZEaoO7C$X^`(>hOo;Qm^tPqvR^qDQ$5S(i zW0gKG^%0lHf{wjk`3F`fr?LM+0{$z;WB#r$4(Go+PXE78!2g*s?0{G?k93d`eXRyn zw~I?3-@%-xB1BNTL*Y~K+o^|C{lUT!&^V<5kaS$BF^Ed=Q0GN!MOt(GCimRK(QzuC z?9qf~iX!zs8KkQ%;mn3z0{d9Go!lcL;<?}8L7!hl%7HcFagM;)gA$wiuTAbH`}$ld>> zrV_#F0~SSc0+U^E)VitqyA4DzH}bKeLAWlDo_5+aq3SJB8%NNL;PJSSILUC&hKsvU z>~{KlKXBY9qVKfwMpa*;l8B(#CpPVL@J3tcGV;c(o2y8Q4t@vfKS7nmsr$w_gZm%D z{Whg|6TAxCHBH2QjgqP~(0)a8&^Ef35xyByfl3$WIAg(Jzw0p8Jed~3)`TjyGW{j> zIKA6&MCo_+t2*fmlEU+vM+K?-g7&L_P8+YMH!oN%0KtMS;_EtM-4Kc+*oyyww^>^m zD2ttRelABdW`oi;*CX~3Co47gy;B6(2w2V{6*xJW)5W?$)tI?C}fIz7J* zi}B$ktIq3mcpVm1`g|Q0&VLfHf$H<}0>*RPr1t+M5Iq91-Ci(o|9b`r9|k2Et=wse7Wfnor0DHSt#h@LU7aIB&+_%GrRG(KlsOU)=EWVUbyQ5Ve1tw z!v=bp^_2XR`Hi)5g%%O*n<6M1&y!91-Zxb?{OFEx|6b`kg>t#bBG`%E^iYpc?AJt> zt_Ti$vh~_`;@dIzQi0D3G+J>|pQz)sjfO~W9S)`El-F99h-ib{QD6VBnB*TK0scoO z$qDn;`7hp5u+@bRhjZ_^f;2hMRyH)(%r}h(DXKXO*EP#K1DjL!Ec^vpI-9ESq4aa+ zijzQi$|JYW%Df^^*Nmo9TwOoETD+XrCI^$`Orv6S6@w$P`7xgA;D)yse+}A;(pqmW zmOaZt`q6>+_t6y>?X(wimLBA9Y2HoJPX?H(&yYv%e!X^ipw=adoT$gtd%Im|BM9yM z(@&P@6(O%Q&_)M5Db-{JGvrG%CTei}4atCm2QwaaTe{m7=-=Hx-h4&qCt0&gg6#yO zwtBW>bvfaDOK`TYa?IWZ*y@6=1W!Bhr%;iSEI#+c@Z=V!`>rMwOFh#meHzntx|q5% zedTk=;-B-B>H)2iiQ@QR(6AOXK|NC=T?`v4t^N^XY*Q1eq@F30e)!&Z@bu&}8!zDe zbZzE1h0~pLVXbsHP362!(x$+8n>vFzy#=MDuNaIAIeZTc>K$+{oR>OF@!4an_Hcp+R5O6spxNRcE2_2>YSapv`7E;BQ@$9f2|(d z$zZ$b`J_tcJUD45hQy$nWhXWCTT+c)*RgVwDV>MpK}ubf-o)`>jVaXxcek&Nel^~o zREux?6@Xs&e^7c?SPpk>TVNgNl-@-5Cs6zh*W9j8xp-16rSch0yjB0=;)%bM3Ix7< zWsoC{yJNR80RNE;2|KGN0^&zAW|E55lqJBb4o}!-o6WGts1Ws9og0)soKq01PsQdy zd~GV~rD(VY4$_cP;B%yO--u%Ir9p&D&k>@5rCEabHs;X>KE&&=0P+TS!HGeIRLqE- z>-m$X5ZGFM6F9!<1#UvXx7_9Pz3=U#WJ}iCnaWA4PI4LH%)V%4NAp@+-%5Y_sTZH- zD(^|A&iiqFJ58@_#NtYaHe%rb;-8PmwKDmwMrPEC8$T+ukN-z0bMRLui%*+C{0b3m zICGvucV@%S|C7W|c6cvC1ye-ob;bUDN@r}sLI+AL4@+{BwTCC(g=Bm>#~L2>kgELm z3Cv*Oo5}(jT+zTE@X)OM_X#NlK`jRJeX}Y*p$Tu&kNg<~o^D-Au^Ih5^&hS;+PloK z%nZ*kX{NWdWc|L-m!q83o{;vcppE^n-%lv}-^&)3b7nyLQT6kTd1v*cg-b!z3uN&> zbs^6iPd)t98&7}vs#l&0`l@H19(k)L+(FoB_2S#4tDaJCZ_PG}lhdvn)2RjAOFs*s zT5IE5O*^uP?~7oIbfMpq^;CtN;$JD+0k>jG0f*Hv<`~2!r3}}PJ*)jsBI@T`DVu;= z)NV?KTGUpGqFU7I{{Zq49~9N(-M0={wl2{QyyLyNl39Rd!m!U7C6+y&%Xb+N-At7Z-{i6zy zB#o#)_=zlfT~f623&wKZ3_3tdij7-`ocKdcK$5axA zmDi=y_M>mV*^FaE>n@;Ly(m9M*P)>|^k?wE(rFAjso#ESPHKNl0`NZgazXWiVwRhC zs$R@6wJ@0{{?sJtDz2TjdQn{J_D_K>MMKM{arw%pZ{NQzk1;g)wf#>~v65wBls!#r zS)fyRzT-}T5yf1~=7fCX)0Q_SQ}#mBy;X*JuPNdL_1_6HI$BZWw_uGouq)jRRKxzn zbXHy_tuoN!CL03C{+P7W*P&J2&p$nteVZWzHW@U-f$qRx}ItPtFqp(ClXXW?sD($ayG2;dc&5i@)VpcihSg+xzmPjuVxNj zjCye}w;Zv1CR#o*?AC_s533dT>8q+DVOR+;!REtGrMKd{)m~ZFmruHi@IQD^!1wjB z(#`qpt+ya`;V`9S?vw znZzg0f1lgxqZN4NHJnnGn|!fUK!&hLy4vpc)cuvdt$HeiT7E7oxvs5w zb69Dq#5g}`KVThx0`!Rd<{?6}YLtl$9jCGB@k{O8)xl`hquMaF$?;2lysH!5q(?Pp zYUAOT8uV8Oy>($m8LcYzNt~$ zI_sbGG7C*@G<{Q*wsh7D^)eGoZMb}OVoIuhu3LJvEXy3fp#pqNZB~6!Wj1uev-GHJ zOl?wpQc>1*Ff#P0j7)9b`J`H`>4c~1QN1>`dEt}VxvGPatVi|I)P~k4_3^4s@#y2v zCZn4NW#ofjG)jskIOlx&kpFP#Nkfj+4QWhGOvnti>;VmqlM( zp}mpDI*G{Oc#_0mDOGdkABo+ueEN9(CVDy|V~6`KLjeU}{Gp7dFPMW~dsC{X#?<11 zXvKSNHv%hp_L|7b6Pcr|`g6t4?%^&gOo4EVF_^v3E40v5{$8o9+%C#cqWD88yg9?? zkE#GgvXjk$@o*hkLvsdT&i&S%uTZyQ-4dtr%g31C^#wu{V>a@RKY~|tH=9xv-SL&S zidPO&m_*r=+_U^Qa#Yq?_H&S5zt7~vek2(XWls=Y%1Lf@*Yr?R-9UbJpIUTuQR1!f zI5)Y}eOZG2hkKp7n&*!wM2-j?2{}2*QSPYX>?9l3%f?5kVv@ix_CbzrQ*TE5r4XlM zRPty}VhJ0yuJGGB2f@5AwY0IUj>g#3d(@M`u7z=Lcs0Jf7BDT`h4;QP*RU^~Z&N6I zPUDdDb771wfp*0`rZfT*)Ft@fi!04e@Ep;Y&#BDtf+QB(fDpZ!GDHITA~UE}?26h7 zy!$3Hzu719Q4@tGBgTShFr}j(zGdED{K&+H#^;3=D}RfQ*228K1>Vx&dGVfXK0aXUe%oz?-&FEW)x9?VrB0B;$@(b2<7_9WtQ#!B&0h{EX z(i0SLSAwrB#nO+0TT&`KQ4AcvDKscuk3VHCH&NDY4ZJIwD~|g4HvX+%?06MrdE9=r z=WqSLb+ywrRt-bFZ`0$($-&y$^Jafh>!#7I-|M}IBQ@c(I0b87BukTk3b8p>F21z< z!O`eNx4vu7tx(o#>9X$_$p>^~3Ab9FRo8gIyv;23qI*{;TEv*CtCN00#2C~`wZJea z_xe%vw}g>$c9;);?@lzr8gG(pV}KIE-I7eEv<134KeLe>PNqrvDNWTZ{<+(SUtw+V zV1P2b+{>3=VR73xH#X>NfjE`bJ9#fn4|bT1o1NzLB>@84$ zCd79uI9i{P;hR-~@%_udbkR}ut?CubNs+zyTEHU9B}+S)szixwv+>o@D4T6En-~KL ziBhs5ue;!ATy}g?b2jnu|f8maydsHQ=hBKlKm+E@|wo&45zt=O!HjJl}z(MSxn3L z>ZES1Gufr?t520|Enk1ujR&slb~=&mAc0lB9QsFhCCv!dtb^%U{&jp}GgN5z>#?=w z#c6$$2*zDxZnBdg_F+uezbHx-4g&)BFU9`LoF3HAJ1wqK7o zfIYO2!$txt@Vs1MUw16hNNH3#TGxN6l8vyDxHy%g^2HlgWe367Ka$R@>fAnt0|G=J z7nH3SF))+u7!}Z7ii3PGQhJ{sWbLOj8(`8-Jg?=tDP6!z=0_{D43xM71vEiw4F)9S zjXsFOuorw@h(e7&Vvj7}wtDW5r{NH2h^z$iMgvVxP#SojSE9T{RzEMp`xK2bcn61g zAM64-&|Xk!;G(^?2$WDc=mN19x1Uuniy(W;MJeX{w=Vx}luV>?Pmetka_)e|o(r$1 z!VU?cNYJoQ+DY#TP)dBlnZ(NVypD(+s11`nB~7x{z%?)fCyL{TjZ{y$D10 z{W+8MS-th=PGZTl&Ds|UtiDf1t&ro6T1C;T9O)PIX%0V{(1&URZM#?OTCTjKN=}_! z|GsS$j*7OvCZ`IQ%|8ZrgZ%1Cx*D+>wDcvyM)jdNYvLBlB;8-B5vZCQmt z$0CD<6yP8L@%Zl5b+*E+Y^R{dL$6Ld`&UcY%^$dp;qsm|ZIMxW&K_Y1{uGwac|Vq2 zo_G#r;k+JCAGHPT*aAh?stN-cu}OS{tXA~Oy`(9zoE%j3>io74YgOTa45uW%F&3*5 zrCyfgSS2gZW4f^F}hPDY<{f1DQgpdra3U=f7_y)?u zdCgBP9l14LbS5<+B@vRL{3>Pd754T)iu4OrGxlP$TlXs}pMXe|pO&|Bv2jn;2g{uL zqA_KzENnC{#HnwkhAGK;&VfkR5hf?7eD7xDFd^(u*}~t1bnQMY6$(Q3xNof=!=V@d{ddvT>-Wb-@sx5C}cD`mTp4-!ihh1)`xajO9mz!g0<(y7Kgztem( ze8zm(J){^HzxE50rE`&chz%irxVErFIJ-I7i*5mL0??D_$jMVK&Y5Q<>PK1XIgWv8 z4Sx+LzSY~!ew*1&2ok!Ec`lW61k zBCX+Cf8xZ-AUod1Q7o-tTz^8>%77-;#*sIzp;CY1tEEA9l#L@>T0@xr1i7UFO@xgj zZCZng{)DH6L3XH(BXL^8GyRDPa|4=S8%M0P27LVqA#;Olzy=@%LVDgD6_P0Z-qMPn z{bBl>0j8OxrSvgD#PH1v)+L+rxrLuyjp-$-M;ItyQ!(~Oq-}*YC{=sQH?#sdtFX^YwxGoDddJ8CK zOl85Qcr9QiORkkDIJUMX+Wpm+zLD#*9K-gm9(034WTp7`BlQ<^)qc*-ZG%w4~< z=zW05(5Gh})C*yyV>@)L;1Pdi@$(AzDv6NM?DOT9{_Mv6%^%JZRHx*4P3+ zg1q;8_=#iH6hW`Q-cG1djX0;DHa(~tyoclPn(GPU=b9tA>{Z+DYau;-8Dop%=-k2Y;g`rEU0auF^~E(uA3nNNF%R$zD`p|9{fd0# znQCHTqZB63MaDxEvTT%GXLqaKHalbPsv4F*Nv7McP5Itr6a&LpPoG!ok-!e*xoT0P zM+wvVNPBH0TLDu4`XMNmWvuqEyaGCQYFbJ{00}yq=Y{cZjM@=8=5%~Axz==i%u-JQ z5Q~kpzXW}tA>E(kI!F_hZEQrTY+rBD4&l|G{lr@4^-hv%=8{$q9{ZsV_`8`)^CL9F7M#IR$v% z9`_RZAZ06071Ks+GrtsE&sm)LU{9KQUMRlu8jo!+PZpC*tOwf7 z|0$m0d02epH*+tnlO|~zie=Zw^vFMjUBlX`q(eYBH?MzitY4qk22>dB`Ehxz^;57 zsysiv)oyC9H(n*h!2zX8HD0e(f15}`AEi$aUHbbKn80`V%bLF8tESEPK5Oq$I*KvZ zf>_+;rX%|F`IVo3#=Z%-JIDc5_FT6lk=@Hm`~#!u%sI|UKwbO(lU)9^*l*~y3>23( zTi=Y+Qoe&@SxtkRj7b-(Z}u#bJPis!$(9B?=^wMxDg%s5y6UDtLpwIVp-=eI%aiI7 z+DQqYN84yVAu-Q=UKpfp z4)J|}a18N-EG0nOm z^K9Oe=*f?_;&|j*4Rq*;nHjZU?7xm1jA>3VS5oz~TMr@nUz+7YDwWe!LC3m|!X4XH zLO@K_bgY7ND?Ua+W7vbx5YRHe7ijlVh^KE~r^vlOjP%FqC{LpFz zI*lT)v3g9I9JeSg18Vm`A=;WJt*HlSD1Sh?X*c5#!er9xuOyp|SXB$*DA$$?&c_A- zt3K1Dde{x+aXY$Yhcwy6-|)$m{YxI1KR~t0;LYD#$^_Mf8_IQOP7@$@zf={#+hUgo zVwc#T19;;UCpVPEAdzdB!;IN&!hweNW+Q6#0!~}N*umx2sQSVU?(?u46{2d`MOy&L z?q$?Z^^|~uqvQez>2=X2yL|h|F@?jDaDY&59R2mtW~nT4_|GHiVF6r6TKUp|?#(w; zWNu02;X!NB&g~6JEgtB3G|1EMtN;(H2mwvt1Q?_jef5A<_xFIvl*)G8GajBX?U;pL z$Cv|;c0k0}F&zPk^Jb(!D9*27vM^BBxx6j#C zbq>2Bl0-dWRX{-0HOZbG0Cu`!0Z}{{p=T=ZC>e9iEL9%JT)FjaSBVr{DwVx8yE4E- zBq&`YE!KB&$I|szIUL)2Vy_!-gfKSQiL4MqjNxnP?4MNt{(u$|UAE7Tl@`5`SK~x- z`(s2_yWEe%XPkp6%^+cvhGuAd!2vXs63){7Irxv<{XAJe&sDDgOJ3ckyejkL38F^A z>+hyA>Mg8(oWzLEfY#r&WYl+B{@9IbmV}M`y=?GKVe>|zNYY+mAXt!Z!kB3JO~hv> z*OTK&lGq%rKx9=s^xV`Zo z?Rf2fTtH||Mu|=W$RnybUOVZcnPC~T>vt`a(p(eGx^fNmNUofyUhG{;&u@-DW-Osg zRob2(Kf~o}dNKSvkz<3H&+gp&hwTedikQ1pKHx6IJlOnh*g!G&&nIf2hA%`j5Pc!S2}m!x z8TN$ADrrIwWv|q+$&{0S!KHDNq2#YOaA0-YF`I_^AM2CE^z>7UZkDSfK+x9Yj}zJ( zI1b6b%s3MmMrOOVjq|Key9JCGY!bhmH3(%Q_}qM6`nf7=by*!^!$Zxj(q;GHz5n|6vf6Q;#ZYhwkcUVEhjoh^oZ9 zhgsI%R)bc2Y~tVdHOtmcX>Hv4o~=S)ea&5KEXO`<;1ik6MA0yjK?kL6J$Mfx(=zer zk({ENZU_!!m8-{h%1CKj_@;G#fVVu!Jxm<=<5uyECFi)OS@r<0ZI(gGz^*wxYz&JT za3|-SoOLVU0jH;=)7HkG=yoLiHY(P@;N*xPGnWF?RWt+M_+8bJH8<+Aul+F%ZN}g- zH_?P1$ejJu!2XkbxC07xM$_)@EowVy$1@|dw$RdqmWzU^`a9Q)+LjhV;ZR}8G_-}X zu&ko1#n!W+u+GMK857NbomXdHJD*Mg_n!|w|JQF_YkJRgcV=BBIHgS9mG*-w%ZQyZ6Jmz|FMva}O)Q!8rbb?NEn3uM*Z$tEH zud#L#UH|;gpAzQpiJ$$5iM9DzOP%#4JZmz;6EGFf&rNBJ>rr1Z*JWFqyfw}!H-Dxv zE^zwGt499osN`Wou6 zP^CB6*g_Y|%8B%|lnYx1Mf3$y6_nwlSWmH#FehiC0<6T@10{Hj zob}oSUs12x;t`LJ6tyQY;$CWhZz(@a)Q;S|y@(<4Qt!wv$n&Wg-rqXPmWTR;>y6LH z*XvgfpA});XH>n2`Kw50_eRQ;Fo!dou(A+~S`81~|55(&2B2YO?MJ*lg|W5*Vv^MQ zVYAO~xqBr?UeS|S$GPOx&xP~iEV*)$-@Ixl#Lc+7%INHcS z+0)%~oL*!}tSqgsVvM&KYe@rDlAPz+!4Rj0x~=mgSDojRLm(%Oi(ZQlJTul1A||xM zNg2n0aUx#0I)SxP@-kk0oi>D|$4=2eRbzLP1;3p;W7$CaFuyq*5@c*KBK{iL9h+1G zswNe#Ay@Rz`5#e%EA(!NW*K>^d6z`b`jcbRf18s5wC+ zRnG4b)HaHItx0`GVR|Ew$NJSx9p44pIh}~l>+Qqmmw$wn-P8DiTJz2D`57dPx~cr~ zXXp6(GdT07dJ5xjoLnIs^Xy~GaPt~! zSv=aH!EPEno=kfZO0H51xvb?9`oZmQr`b>-&E4C+|EqiP;LvW`vz&@g{?=rX zU|J1^Om0)-2nYK1wVj)^un9-4Ld_KdvIQE}zV%jt)3p8JEr`Y$HU4NS9 zaJu69SZaploKEz9AJ?Kj$%M@^bWc=4cG8|jRD6oDB3H?U zI4)Fv0;Cb-r~aXr`BT=n>}^XK3p49$+9eUlJz@PJBW)Bq6cvU ziHgP*XGxL3p3$#Y@AHFDs}m`sphY|c$MfEIa}!LoB+G7~bzp@TH$nIR)z&sjU4 zp^9wD1RHV+OS$61t$XPBrt)ce6u<3{9_Q>h>D_c6|2lMrF+?kf9OP z%)j;+y|tZ9m-`2^Lk1v2{i>OnJw{fxvpZzSQ1@zPP)|K>ACk90Ay>sG;COpqDTXJ} ztZZ`aN99mAx@mKd5y*OWRDIA**>&g;vvX=Rto0E$N^&vam&iTS0oPD@^R$8Q{D;(c z7LOdN?`)}nwO+tYm9eX$n?b{yD$&PKW}bjN7b!W#Wzp@TiN1`3J>ePH%3W4rHfr^q z6p`#1cx%mx;*tGCN15*4IcFjtv81zVXF^A7bxt2;5gj9fYqCy4Me@YE9j*p!gnnZ1AUm107BcgL+$cicV&?%=eHj#|GYw9HUZNU1dA0E z_XN#N+m!UMns3^cP~!GtZG&NUB`&hq-XOef2~4)ENBv(QSy{v*ml&8`eowK8mP=7XMvmBP)t)d?pbi%9{0uD<^GgijZ#bVaxlc(Gz(@&amgL3riP&sQ&W zdFq${X=7?`H0RkCL8$%2e^*<9@7>l!4f}VH4^sIr{&Gn~=Z!QyrR`c|(WQW~L3z<{ zo~YGk{ob1QS50PeM8|lA9tzQnYZ2&fEs1)LMeTnIf&crZitF|B8!@X5qEm$`vaLAY z#0p8b>}ajjOwPtJRH4VVX#2znjc%=Q+^_GTG%#!W?>Ju;M!cO}{w1%$E z7H-*dy3`%QMn3AC*S1%G5(0l}UP4t9zVi9v)v3ce4*XP{wExg=5EU+I8~0Q*eeFsn zcL<_<-Z?LYSBz_Dw62Z>m-7cSD=%pOC+MXB{1Np99YgCXdKh&4B()wgj-D?2yu$Zu zt{k~|roZ6cDkey~XPPAB&U?)f3%=5yqWQ7snIl+u!A6fluItrE5gvTJZP`d8GIW`) z)yt24`6^VOF(RiQdGjM(LX{s|-!%e)0+Bk)bc!9ifIS@!CVqbE>_xN~uc<&UU*d+- zNVUcR>&Db+Y3!U~%=n&sbV3RDbKke8k6=>17VKiu@BL55bn<73{V|p%95>c;Im|1 zYMZI`d*vu6%m4stc+eD=vhE~qClnWCu0I*he7ItqwOFV(t2;Yd$9?tFZto^H^xHWcKx0uz1O=*SOd}YTA_WJ$na}!B`!9S+HU~g z4zAW}y16aiTx=X`?=YtyUfp~1y$uyoo^##r)^P#Q6j63ySOsV5gv%DrSRkl8#VYNo z0&kruZ&U55A#EuNn_E22IsKGDjwg70(ysm8Gh(1&v@)*l)I!vQfAPSFas@B-sQP!$ z;DIiwf|=S+)dOAKz9|aOk9Ue%cbEpu=vm#8iGQ_@fd9d43`%AKRE6oMwnFi_%FXGW z?tyFB3Yp?plKy`m9~J4`mugg^8i;47KbbCj*X7zD5cnzm|KZ`lln>D40_Bw*Zvw^4t-i>-?2^3l4@f9H6{cwK z;f&aj(!Qc9@{8*AWW`KXi^JE?DXCjnSR~o8m}(9K590x-AmGuxxRagn?@Qt?i}Ov1 zwed0VuF3~rF&l&;E21A1p933&=S6@S){Sg?d!grfcZ~;rw1>B8ROBE77nX^oBH)ZY zOUG+E;KSOAj9p9Cu^rk=Cu123!U0ffp z?C$L+QSL}4!!^o6yF;z+kSn|LY}Ra))w3KT4?Bt*;gKoPSnW zju!8BSavwo(=11xmo|s@q&b!*ryXB}voy=(88+8`hhA>pS z$FVn53FO?pOQ>QeoyFTnxjkw-RR=i9?g#BQ*qxhxk)e_rW%IH^{6%0^VjjtV;C1iBa|NCx#Jj`KMwI82b}2 z2OIov&1GNa<<1ehI9K=Mt)kB4aIWvq_T~M$p8$$NA=`tOP|P+rL&!8ovrcI*2X{6{ zGwRf%_Lw?lZ-(QNZA5$c(&=Ye3mnlpl{k(;{wP6_13@cEaBiFA6ma&U4>)mLmmKrk z|FY!i)n<=YtKvv3omj;g@J^4nCx|F+{{kFo^xQ=#nidNr6i$m7ihka>>ix)vK)5|4 zCQmpwBZgcTnC`-smD{b`zchY(X~?@&_7FEfwH@p*a?`P=TEIKN!}O?k6M&A_QrA;y ap=dYGaVuebModZkFm#)mnvIj~w*LaIs!-Da diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml index 3548b37b..470c5350 100644 --- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml +++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml @@ -2035,9 +2035,9 @@ table ip6 filter { type filter hook input priority 1; icmpv6 type echo-request counter packets 0 bytes 0 accept ip6 hoplimit 1 icmpv6 type -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept ip6 hoplimit 255 icmpv6 type -¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept +¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept } } ]]>Table for IP version aware filter