diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
index 10d6e104..2699346c 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.de.html
@@ -11542,7 +11542,12 @@ WIDTH="100%"
COLOR="#000000"
># nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept# nft add rule ip6 filter input icmpv6 type
+¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬ ip6 hoplimit 1 accept
+# nft add rule ip6 filter input icmpv6 type
+¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬ ip6 hoplimit 255 acceptErlauben einiger wichtiger IPv6 ICMP Pakete, ohne Zähler, dafür mit Hop-Limit-Prüfung (erhöht die Sicherheit)
-Erlauben von eingehenden SSH-Verbindungen für IPv4 und IPv6 unter Nutzung der IP-Version unabhängigen Tabelle “inet”
@@ -2022,8 +2027,10 @@ table ip6 filter {
chain input {
type filter hook input priority 1;
icmpv6 type echo-request counter packets 0 bytes 0 accept
- ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
- ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+ ip6 hoplimit 1 icmpv6 type
+¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+ ip6 hoplimit 255 icmpv6 type
+¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
}
}
]]>Tabelle für IP unabhängigen Filter
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html
index 2485dfef..78e24e50 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.html
@@ -11659,7 +11659,12 @@ WIDTH="100%"
COLOR="#000000"
># nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert } ip6 hoplimit 255 accept# nft add rule ip6 filter input icmpv6 type
+¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬ ip6 hoplimit 1 accept
+# nft add rule ip6 filter input icmpv6 type
+¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+¬ ip6 hoplimit 255 accept
\end_layout
@@ -1296,6 +1298,7 @@ For real use on your system command line or in scripts this has to be replaced
\end_layout
\begin_layout Code
+
1.2.3.4
\end_layout
@@ -1308,6 +1311,7 @@ Commands executable as non-root user begin with $, e.g.
\end_layout
\begin_layout Code
+
$ whoami
\end_layout
@@ -1316,6 +1320,7 @@ Commands executable as root user begin with #, e.g.
\end_layout
\begin_layout Code
+
# whoami
\end_layout
@@ -1510,58 +1515,72 @@ The first IPv6 related network code was added to the Linux kernel 2.1.8 in
\end_layout
\begin_layout Code
+
diff -u --recursive --new-file v2.1.7/linux/include/linux/in6.h
\end_layout
\begin_layout Code
+
¬ linux/include/linux/in6.h
\end_layout
\begin_layout Code
+
--- v2.1.7/linux/include/linux/in6.h Thu Jan 1 02:00:00 1970
\end_layout
\begin_layout Code
+
+++ linux/include/linux/in6.h Sun Nov 3 11:04:42 1996
\end_layout
\begin_layout Code
+
@@ -0,0 +1,99 @@
\end_layout
\begin_layout Code
+
+/*
\end_layout
\begin_layout Code
+
+ * Types and definitions for AF_INET6
\end_layout
\begin_layout Code
+
+ * Linux INET6 implementation
\end_layout
\begin_layout Code
+
+ * + * Authors:
\end_layout
\begin_layout Code
+
+ * Pedro Roque <******>
\end_layout
\begin_layout Code
+
+ *
\end_layout
\begin_layout Code
+
+ * Source:
\end_layout
\begin_layout Code
+
+ * IPv6 Program Interfaces for BSD Systems
\end_layout
\begin_layout Code
+
+ *
\end_layout
@@ -1670,6 +1689,7 @@ As previously mentioned, IPv6 addresses are 128 bits long.
\end_layout
\begin_layout Code
+
2^128-1: 340282366920938463463374607431768211455
\end_layout
@@ -1692,6 +1712,7 @@ nibble
\end_layout
\begin_layout Code
+
2^128-1: 0xffffffffffffffffffffffffffffffff
\end_layout
@@ -1709,6 +1730,7 @@ This representation is still not very convenient (possible mix-up or loss
\end_layout
\begin_layout Code
+
2^128-1: ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff
\end_layout
@@ -1718,6 +1740,7 @@ A usable address (see address types later) is e.g.:
\end_layout
\begin_layout Code
+
2001:0db8:0100:f101:0210:a4ff:fee3:9566
\end_layout
@@ -1728,10 +1751,12 @@ For simplifications, leading zeros of each 16 bit block can be omitted:
\end_layout
\begin_layout Code
+
2001:0db8:0100:f101:0210:a4ff:fee3:9566 ->
\end_layout
\begin_layout Code
+
¬ 2001:db8:100:f101:210:a4ff:fee3:9566
\end_layout
@@ -1757,6 +1782,7 @@ ion.
\end_layout
\begin_layout Code
+
2001:0db8:100:f101:0:0:0:1 -> 2001:db8:100:f101::1
\end_layout
@@ -1766,6 +1792,7 @@ The biggest reduction is seen by the IPv6 localhost address:
\end_layout
\begin_layout Code
+
0000:0000:0000:0000:0000:0000:0000:0001 -> ::1
\end_layout
@@ -1789,10 +1816,12 @@ target "http://www.faqs.org/rfcs/rfc1924.html"
\end_layout
\begin_layout Code
+
# ipv6calc --addr_to_base85 2001:0db8:0100:f101:0210:a4ff:fee3:9566
\end_layout
\begin_layout Code
+
9R}vSQZ1W=9A_Q74Lz&R
\end_layout
@@ -2003,6 +2032,7 @@ This is a special address for the loopback interface, similiar to IPv4 with
\end_layout
\begin_layout Code
+
0000:0000:0000:0000:0000:0000:0000:0001
\end_layout
@@ -2011,6 +2041,7 @@ or compressed:
\end_layout
\begin_layout Code
+
::1
\end_layout
@@ -2046,6 +2077,7 @@ any
\end_layout
\begin_layout Code
+
0000:0000:0000:0000:0000:0000:0000:0000
\end_layout
@@ -2054,6 +2086,7 @@ or:
\end_layout
\begin_layout Code
+
::
\end_layout
@@ -2089,6 +2122,7 @@ These addresses are defined with a special prefix of length 96 (a.b.c.d is
\end_layout
\begin_layout Code
+
0:0:0:0:0:ffff:a.b.c.d/96
\end_layout
@@ -2097,6 +2131,7 @@ or in compressed format
\end_layout
\begin_layout Code
+
::ffff:a.b.c.d/96
\end_layout
@@ -2105,6 +2140,7 @@ For example, the IPv4 address 1.2.3.4 looks like this:
\end_layout
\begin_layout Code
+
::ffff:1.2.3.4
\end_layout
@@ -2133,6 +2169,7 @@ reference "tunneling-6to4"
\end_layout
\begin_layout Code
+
0:0:0:0:0:0:a.b.c.d/96
\end_layout
@@ -2141,6 +2178,7 @@ or in compressed format
\end_layout
\begin_layout Code
+
::a.b.c.d/96
\end_layout
@@ -2221,18 +2259,22 @@ x
\end_layout
\begin_layout Code
+
fe8x: <- currently the only one in use
\end_layout
\begin_layout Code
+
fe9x:
\end_layout
\begin_layout Code
+
feax:
\end_layout
\begin_layout Code
+
febx:
\end_layout
@@ -2278,18 +2320,22 @@ It begins with:
\end_layout
\begin_layout Code
+
fecx: <- most commonly used
\end_layout
\begin_layout Code
+
fedx:
\end_layout
\begin_layout Code
+
feex:
\end_layout
\begin_layout Code
+
fefx:
\end_layout
@@ -2364,10 +2410,12 @@ It begins with:
\end_layout
\begin_layout Code
+
fcxx:
\end_layout
\begin_layout Code
+
fdxx: <- currently the only one in use
\end_layout
@@ -2390,6 +2438,7 @@ target "http://www.goebel-consult.de/ipv6/createLULA"
\end_layout
\begin_layout Code
+
fd0f:8b72:ac90::/48
\end_layout
@@ -2421,10 +2470,12 @@ x
\end_layout
\begin_layout Code
+
2xxx:
\end_layout
\begin_layout Code
+
3xxx:
\end_layout
@@ -2455,6 +2506,7 @@ These were the first global addresses which were defined and in use.
\end_layout
\begin_layout Code
+
3ffe:
\end_layout
@@ -2463,6 +2515,7 @@ Example:
\end_layout
\begin_layout Code
+
3ffe:ffff:100:f102::1
\end_layout
@@ -2472,6 +2525,7 @@ A special 6bone test address which will never be globally unique begins
\end_layout
\begin_layout Code
+
3ffe:ffff:
\end_layout
@@ -2523,6 +2577,7 @@ target "http://www.faqs.org/rfcs/rfc2893.html"
\end_layout
\begin_layout Code
+
2002:
\end_layout
@@ -2531,6 +2586,7 @@ For example, representing 192.168.1.1/5:
\end_layout
\begin_layout Code
+
2002:c0a8:0101:5::1
\end_layout
@@ -2540,10 +2596,12 @@ A small shell command line can help you generating such address out of a
\end_layout
\begin_layout Code
+
ipv4="1.2.3.4"; sla="5"; printf "2002:%02x%02x:%02x%02x:%04x::1" `echo $ipv4
\end_layout
\begin_layout Code
+
¬ | tr "." " "` $sla
\end_layout
@@ -2577,6 +2635,7 @@ These addresses are delegated to Internet service providers (ISP) and begin
\end_layout
\begin_layout Code
+
2001:
\end_layout
@@ -2615,10 +2674,12 @@ target "http://www.faqs.org/rfcs/rfc3849.html"
\end_layout
\begin_layout Code
+
3fff:ffff::/32
\end_layout
\begin_layout Code
+
2001:0DB8::/32 EXAMPLENET-WF
\end_layout
@@ -2647,6 +2708,7 @@ xx
\end_layout
\begin_layout Code
+
ffxy:
\end_layout
@@ -2735,6 +2797,7 @@ An example of this address looks like
\end_layout
\begin_layout Code
+
ff02::1:ff00:1234
\end_layout
@@ -2791,6 +2854,7 @@ A simple example for an anycast address is the subnet-router anycast address.
\end_layout
\begin_layout Code
+
2001:db8:100:f101:210:a4ff:fee3:9566/64 <- Node's address
\end_layout
@@ -2800,6 +2864,7 @@ The subnet-router anycast address will be created blanking the suffix (least
\end_layout
\begin_layout Code
+
2001:db8:100:f101::/64 <- subnet-router anycast address
\end_layout
@@ -2839,6 +2904,7 @@ E.g.
\end_layout
\begin_layout Code
+
00:10:a4:01:23:45
\end_layout
@@ -2856,6 +2922,7 @@ target "http://standards.ieee.org/regauth/oui/tutorials/EUI64.html"
\end_layout
\begin_layout Code
+
0210:a4ff:fe01:2345
\end_layout
@@ -2865,6 +2932,7 @@ With a given prefix, the result is the IPv6 address shown in example above:
\end_layout
\begin_layout Code
+
2001:0db8:0100:f101:0210:a4ff:fe01:2345
\end_layout
@@ -2917,6 +2985,7 @@ For servers, it's probably easier to remember simpler addresses, this can
\end_layout
\begin_layout Code
+
2001:0db8:100:f101::1
\end_layout
@@ -3008,6 +3077,7 @@ An example:
\end_layout
\begin_layout Code
+
2001:0db8:100:1:2:3:4:5/48
\end_layout
@@ -3021,6 +3091,7 @@ Network:
\end_layout
\begin_layout Code
+
2001:0db8:0100:0000:0000:0000:0000:0000
\end_layout
@@ -3029,6 +3100,7 @@ Netmask:
\end_layout
\begin_layout Code
+
ffff:ffff:ffff:0000:0000:0000:0000:0000
\end_layout
@@ -3047,10 +3119,12 @@ For example if a routing table shows following entries (list is not complete):
\end_layout
\begin_layout Code
+
2001:0db8:100::/48 :: U 1 0 0 sit1
\end_layout
\begin_layout Code
+
2000::/3 ::192.88.99.1 UG 1 0 0 tun6to4
\end_layout
@@ -3060,10 +3134,12 @@ Shown destination addresses of IPv6 packets will be routed through shown
\end_layout
\begin_layout Code
+
2001:0db8:100:1:2:3:4:5/48 -> routed through device sit1
\end_layout
\begin_layout Code
+
2001:0db8:200:1:2:3:4:5/48 -> routed through device tun6to4
\end_layout
@@ -3127,6 +3203,7 @@ To check, whether your current running kernel supports IPv6, take a look
\end_layout
\begin_layout Code
+
/proc/net/if_inet6
\end_layout
@@ -3136,6 +3213,7 @@ A short automatical test looks like:
\end_layout
\begin_layout Code
+
# test -f /proc/net/if_inet6 && echo "Running kernel is IPv6 ready"
\end_layout
@@ -3154,6 +3232,7 @@ You can try to load the IPv6 module executing
\end_layout
\begin_layout Code
+
# modprobe ipv6
\end_layout
@@ -3164,6 +3243,7 @@ If this is successful, this module should be listed, testable with following
\end_layout
\begin_layout Code
+
# lsmod |grep -w 'ipv6' && echo "IPv6 module successfully loaded"
\end_layout
@@ -3188,6 +3268,7 @@ Its possible to automatically load the IPv6 module on demand.
\end_layout
\begin_layout Code
+
alias net-pf-10 ipv6 # automatically load IPv6 module on demand
\end_layout
@@ -3197,6 +3278,7 @@ It's also possible to disable automatically loading of the IPv6 module using
\end_layout
\begin_layout Code
+
alias net-pf-10 off # disable automatically load of IPv6 module on demand
\end_layout
@@ -3454,10 +3536,12 @@ Auto-magically check:
\end_layout
\begin_layout Code
+
# /sbin/ifconfig -? 2>& 1|grep -qw 'inet6' && echo "utility 'ifconfig' is
\end_layout
\begin_layout Code
+
¬ IPv6-ready"
\end_layout
@@ -3471,6 +3555,7 @@ route
\end_layout
\begin_layout Code
+
# /sbin/route -? 2>& 1|grep -qw 'inet6' && echo "utility 'route' is IPv6-ready"
\end_layout
@@ -3489,6 +3574,7 @@ Alexey N.
\end_layout
\begin_layout Code
+
# /sbin/ip 2>&1 |grep -qw 'inet6' && echo "utility 'ip' is IPv6-ready"
\end_layout
@@ -3552,14 +3638,17 @@ Usage
\end_layout
\begin_layout Code
+
# ping6
\end_layout
\begin_layout Code
+
# ping6
\end_layout
\begin_layout Code
+
# ping6 [-I ]
\end_layout
@@ -3569,6 +3658,7 @@ Some implementation also support % suffix instead of using -I ,
\end_layout
\begin_layout Code
+
# ping6 %
\end_layout
@@ -3577,14 +3667,17 @@ Example
\end_layout
\begin_layout Code
+
# ping6 -c 1 ::1
\end_layout
\begin_layout Code
+
PING ::1(::1) from ::1 : 56 data bytes
\end_layout
\begin_layout Code
+
64 bytes from ::1: icmp_seq=0 hops=64 time=292 usec
\end_layout
@@ -3593,14 +3686,17 @@ PING ::1(::1) from ::1 : 56 data bytes
\end_layout
\begin_layout Code
+
--- ::1 ping statistics ---
\end_layout
\begin_layout Code
+
1 packets transmitted, 1 packets received, 0% packet loss
\end_layout
\begin_layout Code
+
round-trip min/avg/max/mdev = 0.292/0.292/0.292/0.000 ms
\end_layout
@@ -3631,10 +3727,12 @@ Using link-local addresses for an IPv6 ping, the kernel does not know through
\end_layout
\begin_layout Code
+
# ping6 fe80::212:34ff:fe12:3456
\end_layout
\begin_layout Code
+
connect: Invalid argument
\end_layout
@@ -3643,18 +3741,22 @@ In this case you have to specify the interface additionally like shown here:
\end_layout
\begin_layout Code
+
# ping6 -I eth0 -c 1 fe80::2e0:18ff:fe90:9205
\end_layout
\begin_layout Code
+
PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from
\end_layout
\begin_layout Code
+
¬ fe80::212:34ff:fe12:3478 eth0: 56 data bytes
\end_layout
\begin_layout Code
+
64 bytes from fe80::212:23ff:fe12:3456: icmp_seq=0 hops=64 time=445 usec
\end_layout
@@ -3663,14 +3765,17 @@ PING fe80::212:23ff:fe12:3456(fe80::212:23ff:fe12:3456) from
\end_layout
\begin_layout Code
+
--- fe80::2e0:18ff:fe90:9205 ping statistics ---
\end_layout
\begin_layout Code
+
1 packets transmitted, 1 packets received, 0% packet loss round-trip
\end_layout
\begin_layout Code
+
¬ min/avg/max/mdev = 0.445/0.445/0.445/0.000 ms
\end_layout
@@ -3679,6 +3784,7 @@ Example for % notation:
\end_layout
\begin_layout Code
+
# ping6 -c 1 fe80::2e0:18ff:fe90:9205%eth0
\end_layout
@@ -3692,18 +3798,22 @@ An interesting mechanism to detect IPv6-active hosts on a link is to ping6
\end_layout
\begin_layout Code
+
# ping6 -I eth0 ff02::1
\end_layout
\begin_layout Code
+
PING ff02::1(ff02::1) from fe80:::2ab:cdff:feef:0123 eth0: 56 data bytes
\end_layout
\begin_layout Code
+
64 bytes from ::1: icmp_seq=1 ttl=64 time=0.104 ms
\end_layout
\begin_layout Code
+
64 bytes from fe80::212:34ff:fe12:3450: icmp_seq=1 ttl=64 time=0.549 ms (DUP!)
\end_layout
@@ -3713,6 +3823,7 @@ Example for % notation:
\end_layout
\begin_layout Code
+
# ping6 ff02::1%eth0
\end_layout
@@ -3743,42 +3854,51 @@ iputils
\end_layout
\begin_layout Code
+
# traceroute6 www.6bone.net
\end_layout
\begin_layout Code
+
traceroute to 6bone.net (3ffe:b00:c18:1::10) from 2001:0db8:0000:f101::2,
30
\end_layout
\begin_layout Code
+
¬ hops max, 16 byte packets
\end_layout
\begin_layout Code
+
1 localipv6gateway (2001:0db8:0000:f101::1) 1.354 ms 1.566 ms 0.407 ms
\end_layout
\begin_layout Code
+
2 swi6T1-T0.ipv6.switch.ch (3ffe:2000:0:400::1) 90.431 ms 91.956 ms 92.377 ms
\end_layout
\begin_layout Code
+
3 3ffe:2000:0:1::132 (3ffe:2000:0:1::132) 118.945 ms 107.982 ms 114.557 ms
\end_layout
\begin_layout Code
+
4 3ffe:c00:8023:2b::2 (3ffe:c00:8023:2b::2) 968.468 ms 993.392 ms 973.441
ms
\end_layout
\begin_layout Code
+
5 3ffe:2e00:e:c::3 (3ffe:2e00:e:c::3) 507.784 ms 505.549 ms 508.928 ms
\end_layout
\begin_layout Code
+
6 www.6bone.net (3ffe:b00:c18:1::10) 1265.85 ms * 1304.74 ms
\end_layout
@@ -3820,42 +3940,52 @@ iputils
\end_layout
\begin_layout Code
+
# tracepath6 www.6bone.net
\end_layout
\begin_layout Code
+
1?: [LOCALHOST] pmtu 1480
\end_layout
\begin_layout Code
+
1: 3ffe:401::2c0:33ff:fe02:14 150.705ms
\end_layout
\begin_layout Code
+
2: 3ffe:b00:c18::5 267.864ms
\end_layout
\begin_layout Code
+
3: 3ffe:b00:c18::5 asymm 2 266.145ms pmtu 1280
\end_layout
\begin_layout Code
+
3: 3ffe:3900:5::2 asymm 4 346.632ms
\end_layout
\begin_layout Code
+
4: 3ffe:28ff:ffff:4::3 asymm 5 365.965ms
\end_layout
\begin_layout Code
+
5: 3ffe:1cff:0:ee::2 asymm 4 534.704ms
\end_layout
\begin_layout Code
+
6: 3ffe:3800::1:1 asymm 4 578.126ms !N
\end_layout
\begin_layout Code
+
Resume: pmtu 1280
\end_layout
@@ -3944,26 +4074,32 @@ IPv6 ping to
\end_layout
\begin_layout Code
+
# tcpdump -t -n -i eth0 -s 512 -vv ip6 or proto ipv6
\end_layout
\begin_layout Code
+
tcpdump: listening on eth0
\end_layout
\begin_layout Code
+
2001:0db8:100:f101:2e0:18ff:fe90:9205 > 2001:0db8:100:f101::1: icmp6: echo
\end_layout
\begin_layout Code
+
¬ request (len 64, hlim 64)
\end_layout
\begin_layout Code
+
2001:0db8:100:f101::1 > 2001:0db8:100:f101:2e0:18ff:fe90:9205: icmp6: echo
\end_layout
\begin_layout Code
+
¬ reply (len 64, hlim 64)
\end_layout
@@ -3980,42 +4116,52 @@ IPv6 ping to
\end_layout
\begin_layout Code
+
# tcpdump -t -n -i ppp0 -s 512 -vv ip6 or proto ipv6
\end_layout
\begin_layout Code
+
tcpdump: listening on ppp0
\end_layout
\begin_layout Code
+
1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request
\end_layout
\begin_layout Code
+
¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124)
\end_layout
\begin_layout Code
+
5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len
\end_layout
\begin_layout Code
+
¬ 64, hlim 61) (ttl 23, id 29887, len 124)
\end_layout
\begin_layout Code
+
1.2.3.4 > 5.6.7.8: 2002:ffff:f5f8::1 > 2001:0db8:100::1: icmp6: echo request
\end_layout
\begin_layout Code
+
¬ (len 64, hlim 64) (DF) (ttl 64, id 0, len 124)
\end_layout
\begin_layout Code
+
5.6.7.8 > 1.2.3.4: 2001:0db8:100::1 > 2002:ffff:f5f8::1: icmp6: echo reply (len
\end_layout
\begin_layout Code
+
¬ 64, hlim 61) (ttl 23, id 29919, len 124)
\end_layout
@@ -4099,6 +4245,7 @@ Because of security updates in the last years every Domain Name System (DNS)
\end_layout
\begin_layout Code
+
# host -t AAAA www.join.uni-muenster.de
\end_layout
@@ -4107,17 +4254,20 @@ and should show something like following:
\end_layout
\begin_layout Code
+
www.join.uni-muenster.de.
is an alias for tolot.join.uni-muenster.de.
\end_layout
\begin_layout Code
+
tolot.join.uni-muenster.de.
has AAAA address
\end_layout
\begin_layout Code
+
¬ 2001:638:500:101:2e0:81ff:fe24:37c6
\end_layout
@@ -4131,25 +4281,30 @@ IPv6-ready telnet clients are available.
\end_layout
\begin_layout Code
+
$ telnet 3ffe:400:100::1 80
\end_layout
\begin_layout Code
+
Trying 3ffe:400:100::1...
\end_layout
\begin_layout Code
+
Connected to 3ffe:400:100::1.
\end_layout
\begin_layout Code
+
Escape character is '^]'.
\end_layout
\begin_layout Code
+
HEAD / HTTP/1.0
\end_layout
@@ -4158,38 +4313,47 @@ HEAD / HTTP/1.0
\end_layout
\begin_layout Code
+
HTTP/1.1 200 OK
\end_layout
\begin_layout Code
+
Date: Sun, 16 Dec 2001 16:07:21
\end_layout
\begin_layout Code
+
GMT Server: Apache/2.0.28 (Unix)
\end_layout
\begin_layout Code
+
Last-Modified: Wed, 01 Aug 2001 21:34:42 GMT
\end_layout
\begin_layout Code
+
ETag: "3f02-a4d-b1b3e080"
\end_layout
\begin_layout Code
+
Accept-Ranges: bytes
\end_layout
\begin_layout Code
+
Content-Length: 2637
\end_layout
\begin_layout Code
+
Connection: close
\end_layout
\begin_layout Code
+
Content-Type: text/html; charset=ISO-8859-1
\end_layout
@@ -4198,6 +4362,7 @@ Content-Type: text/html; charset=ISO-8859-1
\end_layout
\begin_layout Code
+
Connection closed by foreign host.
\end_layout
@@ -4238,14 +4403,17 @@ Current versions of openssh are IPv6-ready.
\end_layout
\begin_layout Code
+
$ ssh -6 ::1
\end_layout
\begin_layout Code
+
user@::1's password: ******
\end_layout
\begin_layout Code
+
[user@ipv6host user]$
\end_layout
@@ -4792,10 +4960,12 @@ Usage:
\end_layout
\begin_layout Code
+
# ip link set dev up
\end_layout
\begin_layout Code
+
# ip link set dev down
\end_layout
@@ -4808,10 +4978,12 @@ Example:
\end_layout
\begin_layout Code
+
# ip link set dev eth0 up
\end_layout
\begin_layout Code
+
# ip link set dev eth0 down
\end_layout
@@ -4825,10 +4997,12 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ifconfig up
\end_layout
\begin_layout Code
+
# /sbin/ifconfig down
\end_layout
@@ -4837,10 +5011,12 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ifconfig eth0 up
\end_layout
\begin_layout Code
+
# /sbin/ifconfig eth0 down
\end_layout
@@ -4891,6 +5067,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr show dev
\end_layout
@@ -4899,22 +5076,27 @@ Example for a static configured host:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr show dev eth0
\end_layout
\begin_layout Code
+
2: eth0:
\end_layout
@@ -4977,18 +5168,22 @@ Example (output filtered with grep to display only IPv6 addresses).
\end_layout
\begin_layout Code
+
# /sbin/ifconfig eth0 |grep "inet6 addr:"
\end_layout
\begin_layout Code
+
inet6 addr: fe80::210:a4ff:fee3:9566/10 Scope:Link
\end_layout
\begin_layout Code
+
inet6 addr: 2001:0db8:0:f101::1/64 Scope:Global
\end_layout
\begin_layout Code
+
inet6 addr: fec0:0:0:f101::1/64 Scope:Site
\end_layout
@@ -5010,6 +5205,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr add / dev
\end_layout
@@ -5018,6 +5214,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr add 2001:0db8:0:f101::1/64 dev eth0
\end_layout
@@ -5031,6 +5228,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ifconfig inet6 add /
\end_layout
@@ -5039,6 +5237,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ifconfig eth0 inet6 add 2001:0db8:0:f101::1/64
\end_layout
@@ -5061,6 +5260,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr del / dev
\end_layout
@@ -5069,6 +5269,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr del 2001:0db8:0:f101::1/64 dev eth0
\end_layout
@@ -5082,6 +5283,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ifconfig inet6 del /
\end_layout
@@ -5090,6 +5292,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ifconfig eth0 inet6 del 2001:0db8:0:f101::1/64
\end_layout
@@ -5142,6 +5345,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route show [dev ]
\end_layout
@@ -5151,22 +5355,27 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route show dev eth0
\end_layout
\begin_layout Code
+
2001:0db8:0:f101::/64 proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
\begin_layout Code
+
fe80::/10 proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
\begin_layout Code
+
ff00::/8 proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
\begin_layout Code
+
default proto kernel metric 256 mtu 1500 advmss 1440
\end_layout
@@ -5180,6 +5389,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6
\end_layout
@@ -5191,34 +5401,42 @@ Example (output is filtered for interface eth0).
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 |grep -w "eth0"
\end_layout
\begin_layout Code
+
2001:0db8:0:f101 ::/64 :: UA 256 0 0 eth0 <- Interface route for global
\end_layout
\begin_layout Code
+
¬ address
\end_layout
\begin_layout Code
+
fe80::/10 :: UA 256 0 0 eth0 <- Interface route for link-local
\end_layout
\begin_layout Code
+
¬ address
\end_layout
\begin_layout Code
+
ff00::/8 :: UA 256 0 0 eth0 <- Interface route for all multicast
\end_layout
\begin_layout Code
+
¬ addresses
\end_layout
\begin_layout Code
+
::/0 :: UDA 256 0 0 eth0 <- Automatic default route
\end_layout
@@ -5241,10 +5459,12 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add / via
\end_layout
\begin_layout Code
+
¬ [dev ]
\end_layout
@@ -5253,6 +5473,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add default via 2001:0db8:0:f101::1
\end_layout
@@ -5266,10 +5487,12 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add / gw
\end_layout
\begin_layout Code
+
¬ [dev ]
\end_layout
@@ -5287,6 +5510,7 @@ Following shown example adds a default route through gateway
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add default gw 2001:0db8:0:f101::1
\end_layout
@@ -5310,10 +5534,12 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del / via
\end_layout
\begin_layout Code
+
¬ [dev ]
\end_layout
@@ -5322,6 +5548,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del default via 2001:0db8:0:f101::1
\end_layout
@@ -5335,10 +5562,12 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del / gw [dev
\end_layout
\begin_layout Code
+
¬ ]
\end_layout
@@ -5347,6 +5576,7 @@ Example for removing upper added route again:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del default gw 2001:0db8:0:f101::1
\end_layout
@@ -5369,10 +5599,12 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add / dev
\end_layout
\begin_layout Code
+
¬ metric 1
\end_layout
@@ -5381,6 +5613,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add default dev eth0 metric 1
\end_layout
@@ -5423,6 +5656,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add / dev
\end_layout
@@ -5431,6 +5665,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add default dev eth0
\end_layout
@@ -5453,6 +5688,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del / dev
\end_layout
@@ -5461,6 +5697,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del default dev eth0
\end_layout
@@ -5474,6 +5711,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del / dev
\end_layout
@@ -5483,6 +5721,7 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del default dev eth0
\end_layout
@@ -5521,14 +5760,17 @@ Client can setup a default route like prefix
\end_layout
\begin_layout Code
+
# ip -6 route show | grep ^default
\end_layout
\begin_layout Code
+
default via fe80::212:34ff:fe12:3450 dev eth0 proto kernel metric 1024 expires
\end_layout
\begin_layout Code
+
¬ 29sec mtu 1500 advmss 1440
\end_layout
@@ -5610,6 +5852,7 @@ With following command you can display the learnt or configured IPv6 neighbors
\end_layout
\begin_layout Code
+
# ip -6 neigh show [dev ]
\end_layout
@@ -5618,10 +5861,12 @@ The following example shows one neighbor, which is a reachable router
\end_layout
\begin_layout Code
+
# ip -6 neigh show
\end_layout
\begin_layout Code
+
fe80::201:23ff:fe45:6789 dev eth0 lladdr 00:01:23:45:67:89 router nud reachable
\end_layout
@@ -5646,6 +5891,7 @@ With following command you are able to manually add an entry
\end_layout
\begin_layout Code
+
# ip -6 neigh add lladdr dev
\end_layout
@@ -5654,6 +5900,7 @@ Example:
\end_layout
\begin_layout Code
+
# ip -6 neigh add fec0::1 lladdr 02:01:02:03:04:05 dev eth0
\end_layout
@@ -5666,6 +5913,7 @@ Like adding also an entry can be deleted:
\end_layout
\begin_layout Code
+
# ip -6 neigh del lladdr dev
\end_layout
@@ -5674,6 +5922,7 @@ Example:
\end_layout
\begin_layout Code
+
# ip -6 neigh del fec0::1 lladdr 02:01:02:03:04:05 dev eth0
\end_layout
@@ -5703,23 +5952,28 @@ help
\end_layout
\begin_layout Code
+
# ip -6 neigh help
\end_layout
\begin_layout Code
+
Usage: ip neigh { add | del | change | replace } { ADDR [ lladdr LLADDR
]
\end_layout
\begin_layout Code
+
[ nud { permanent | noarp | stale | reachable } ]
\end_layout
\begin_layout Code
+
| proxy ADDR } [ dev DEV ]
\end_layout
\begin_layout Code
+
ip neigh {show|flush} [ to PREFIX ] [ dev DEV ] [ nud STATE ]
\end_layout
@@ -5909,22 +6163,27 @@ target "http://www.faqs.org/rfcs/rfc3056.html"
\end_layout
\begin_layout Code
+
| 3+13 | 32 | 16 | 64 bits |
\end_layout
\begin_layout Code
+
+---+------+-----------+--------+--------------------------------+
\end_layout
\begin_layout Code
+
| FP+TLA | V4ADDR | SLA ID | Interface ID |
\end_layout
\begin_layout Code
+
| 0x2002 | | | |
\end_layout
\begin_layout Code
+
+---+------+-----------+--------+--------------------------------+
\end_layout
@@ -6135,6 +6394,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel show []
\end_layout
@@ -6143,14 +6403,17 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel show
\end_layout
\begin_layout Code
+
sit0: ipv6/ip remote any local any ttl 64 nopmtudisc
\end_layout
\begin_layout Code
+
sit1: ipv6/ip remote 195.226.187.50 local any ttl 64
\end_layout
@@ -6163,6 +6426,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6
\end_layout
@@ -6172,6 +6436,7 @@ Example (output is filtered to display only tunnels through virtual interface
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 | grep "
\backslash
Wsit0
@@ -6180,22 +6445,27 @@ W*$"
\end_layout
\begin_layout Code
+
::/96 :: U 256 2 0 sit0
\end_layout
\begin_layout Code
+
2002::/16 :: UA 256 0 0 sit0
\end_layout
\begin_layout Code
+
2000::/3 ::193.113.58.75 UG 1 0 0 sit0
\end_layout
\begin_layout Code
+
fe80::/10 :: UA 256 0 0 sit0
\end_layout
\begin_layout Code
+
ff00::/8 :: UA 256 0 0 sit0
\end_layout
@@ -6261,10 +6531,12 @@ Usage for creating a tunnel device (but it's not up afterward, also a TTL
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel add mode sit ttl remote
\end_layout
\begin_layout Code
+
¬ local
\end_layout
@@ -6273,18 +6545,22 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel add sit1 mode sit ttl remote
\end_layout
\begin_layout Code
+
¬ local
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev sit1 up
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add dev sit1 metric 1
\end_layout
@@ -6293,18 +6569,22 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel add sit2 mode sit ttl
\end_layout
\begin_layout Code
+
¬ local
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev sit2 up
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add dev sit2 metric 1
\end_layout
@@ -6313,18 +6593,22 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel add sit3 mode sit ttl
\end_layout
\begin_layout Code
+
¬ local
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev sit3 up
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add dev sit3 metric 1
\end_layout
@@ -6345,6 +6629,7 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 up
\end_layout
@@ -6353,14 +6638,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 tunnel
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit1 up
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add dev sit1
\end_layout
@@ -6369,14 +6657,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 tunnel
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit2 up
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add dev sit2
\end_layout
@@ -6385,14 +6676,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 tunnel
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit3 up
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add dev sit3
\end_layout
@@ -6418,6 +6712,7 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 up
\end_layout
@@ -6426,26 +6721,32 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add gw
\end_layout
\begin_layout Code
+
¬ :: dev sit0
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add gw
\end_layout
\begin_layout Code
+
¬ :: dev sit0
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add gw
\end_layout
\begin_layout Code
+
¬ :: dev sit0
\end_layout
@@ -6474,6 +6775,7 @@ Usage for removing a tunnel device:
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel del
\end_layout
@@ -6482,14 +6784,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del dev sit1
\end_layout
\begin_layout Code
+
# /sbin/ip link set sit1 down
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel del sit1
\end_layout
@@ -6498,14 +6803,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del dev sit2
\end_layout
\begin_layout Code
+
# /sbin/ip link set sit2 down
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel del sit2
\end_layout
@@ -6514,14 +6822,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del dev sit3
\end_layout
\begin_layout Code
+
# /sbin/ip link set sit3 down
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel del sit3
\end_layout
@@ -6540,10 +6851,12 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del dev sit3
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit3 down
\end_layout
@@ -6552,10 +6865,12 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del dev sit2
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit2 down
\end_layout
@@ -6564,10 +6879,12 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add dev sit1
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit1 down
\end_layout
@@ -6576,6 +6893,7 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 down
\end_layout
@@ -6597,26 +6915,32 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del gw
\end_layout
\begin_layout Code
+
¬ :: dev sit0
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del gw
\end_layout
\begin_layout Code
+
¬ :: dev sit0
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del gw
\end_layout
\begin_layout Code
+
¬ :: dev sit0
\end_layout
@@ -6625,6 +6949,7 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 down
\end_layout
@@ -6683,6 +7008,7 @@ Assuming your IPv4 address is
\end_layout
\begin_layout Code
+
1.2.3.4
\end_layout
@@ -6691,6 +7017,7 @@ the generated 6to4 prefix will be
\end_layout
\begin_layout Code
+
2002:0102:0304::
\end_layout
@@ -6709,6 +7036,7 @@ Local 6to4 gateways should (but it's not a must, you can choose an arbitrary
\end_layout
\begin_layout Code
+
2002:0102:0304::1
\end_layout
@@ -6718,6 +7046,7 @@ Use e.g.
\end_layout
\begin_layout Code
+
ipv4="1.2.3.4"; printf "2002:%02x%02x:%02x%02x::1" `echo $ipv4 | tr "." " "`
\end_layout
@@ -6739,10 +7068,12 @@ Create a new tunnel device
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel add tun6to4 mode sit ttl remote any local
\end_layout
\begin_layout Code
+
¬
\end_layout
@@ -6751,6 +7082,7 @@ Bring interface up
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev tun6to4 up
\end_layout
@@ -6759,6 +7091,7 @@ Add local 6to4 address to interface (note: prefix length 16 is important!)
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr add /16 dev tun6to4
\end_layout
@@ -6768,6 +7101,7 @@ Add (default) route to the global IPv6 network using the all-6to4-routers
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add default via ::192.88.99.1 dev tun6to4 metric 1
\end_layout
@@ -6786,6 +7120,7 @@ ip
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add default via 2002:c058:6301::1 dev tun6to4 metric
1
\end_layout
@@ -6812,6 +7147,7 @@ Bring generic tunnel interface sit0 up
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 up
\end_layout
@@ -6820,6 +7156,7 @@ Add local 6to4 address to interface
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 add /16
\end_layout
@@ -6829,6 +7166,7 @@ Add (default) route to the global IPv6 network using the all-6to4-relays
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 add default gw ::192.88.99.1 dev sit0
\end_layout
@@ -6845,6 +7183,7 @@ Remove all routes through this dedicated tunnel device
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route flush dev tun6to4
\end_layout
@@ -6853,6 +7192,7 @@ Shut down interface
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev tun6to4 down
\end_layout
@@ -6861,6 +7201,7 @@ Remove created tunnel device
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel del tun6to4
\end_layout
@@ -6897,6 +7238,7 @@ Remove (default) route through the 6to4 tunnel interface
\end_layout
\begin_layout Code
+
# /sbin/route -A inet6 del default gw ::192.88.99.1 dev sit0
\end_layout
@@ -6905,6 +7247,7 @@ Remove local 6to4 address to interface
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 del /16
\end_layout
@@ -6914,6 +7257,7 @@ Shut down generic tunnel device (take care about this, perhaps it's still
\end_layout
\begin_layout Code
+
# /sbin/ifconfig sit0 down
\end_layout
@@ -6953,6 +7297,7 @@ Usage:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel show []
\end_layout
@@ -6961,23 +7306,28 @@ Example:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel show mode any
\end_layout
\begin_layout Code
+
ip6tnl0: ipv6/ipv6 remote :: local :: encaplimit 0 hoplimit 0 tclass 0x00
\end_layout
\begin_layout Code
+
¬ flowlabel 0x00000 (flowinfo 0x00000000)
\end_layout
\begin_layout Code
+
ip6tnl1: ip/ipv6 remote fd00:0:0:2::a local fd00:0:0:2::1 dev eth1 encaplimit
4
\end_layout
\begin_layout Code
+
¬ hoplimit 64 tclass 0x00 flowlabel 0x00000 (flowinfo 0x00000000)
\end_layout
@@ -6994,10 +7344,12 @@ Usage for creating a 4over6 tunnel device (but it's not up afterward)
\end_layout
\begin_layout Code
+
# /sbin/ip tunnel add mode ip4ip6 remote
\end_layout
\begin_layout Code
+
¬ local
\end_layout
@@ -7006,18 +7358,22 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel add ip6tnl1 mode ip4ip6 remote
\end_layout
\begin_layout Code
+
¬ local
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev ip6tnl1 up
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add dev ip6tnl1 metric 1
\end_layout
@@ -7026,18 +7382,22 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel add ip6tnl2 mode ip4ip6 remote
\end_layout
\begin_layout Code
+
¬ local
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev ip6tnl2 up
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add dev ip6tnl2 metric 1
\end_layout
@@ -7046,18 +7406,22 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel add ip6tnl3 mode ip4ip6 remote
\end_layout
\begin_layout Code
+
¬ local
\end_layout
\begin_layout Code
+
# /sbin/ip link set dev ip6tnl3 up
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add dev ip6tnl3 metric 1
\end_layout
@@ -7070,6 +7434,7 @@ Usage for removing a tunnel device:
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel del
\end_layout
@@ -7078,14 +7443,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del dev ip6tnl1
\end_layout
\begin_layout Code
+
# /sbin/ip link set ip6tnl1 down
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel del ip6tnl1
\end_layout
@@ -7094,14 +7462,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del dev ip6tnl2
\end_layout
\begin_layout Code
+
# /sbin/ip link set ip6tnl2 down
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel del ip6tnl2
\end_layout
@@ -7110,14 +7481,17 @@ Usage (generic example for three tunnels):
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route del dev ip6tnl3
\end_layout
\begin_layout Code
+
# /sbin/ip link set ip6tnl3 down
\end_layout
\begin_layout Code
+
# /sbin/ip -6 tunnel del ip6tnl3
\end_layout
@@ -7210,6 +7584,7 @@ The /proc-filesystem had to be enabled in kernel, means on compiling following
\end_layout
\begin_layout Code
+
CONFIG_PROC_FS=y
\end_layout
@@ -7218,10 +7593,12 @@ The /proc-filesystem was mounted before, which can be tested using
\end_layout
\begin_layout Code
+
# mount | grep "type proc"
\end_layout
\begin_layout Code
+
none on /proc type proc (rw)
\end_layout
@@ -7252,10 +7629,12 @@ cat
\end_layout
\begin_layout Code
+
# cat /proc/sys/net/ipv6/conf/all/forwarding
\end_layout
\begin_layout Code
+
0
\end_layout
@@ -7276,6 +7655,7 @@ echo
\end_layout
\begin_layout Code
+
# echo "1" >/proc/sys/net/ipv6/conf/all/forwarding
\end_layout
@@ -7331,6 +7711,7 @@ The sysctl-interface had to be enabled in kernel, means on compiling following
\end_layout
\begin_layout Code
+
CONFIG_SYSCTL=y
\end_layout
@@ -7343,10 +7724,12 @@ The value of an entry can be retrieved now:
\end_layout
\begin_layout Code
+
# sysctl net.ipv6.conf.all.forwarding
\end_layout
\begin_layout Code
+
net.ipv6.conf.all.forwarding = 0
\end_layout
@@ -7359,10 +7742,12 @@ A new value can be set (if entry is writable):
\end_layout
\begin_layout Code
+
# sysctl -w net.ipv6.conf.all.forwarding=1
\end_layout
\begin_layout Code
+
net.ipv6.conf.all.forwarding = 1
\end_layout
@@ -7380,10 +7765,12 @@ Note: Don't use spaces around the
\end_layout
\begin_layout Code
+
# sysctl -w net.ipv4.ip_local_port_range="32768 61000"
\end_layout
\begin_layout Code
+
net.ipv4.ip_local_port_range = 32768 61000
\end_layout
@@ -7851,10 +8238,12 @@ target "http://www.zebra.org/"
\end_layout
\begin_layout Code
+
ZEBRA: netlink-listen error: No buffer space available, type=RTM_NEWROUTE(24),
\end_layout
\begin_layout Code
+
¬ seq=426, pid=0
\end_layout
@@ -8326,22 +8715,27 @@ net/ipv6/addrconf.c
\end_layout
\begin_layout Code
+
# cat /proc/net/if_inet6
\end_layout
\begin_layout Code
+
00000000000000000000000000000001 01 80 10 80 lo
\end_layout
\begin_layout Code
+
+------------------------------+ ++ ++ ++ ++ ++
\end_layout
\begin_layout Code
+
| | | | | |
\end_layout
\begin_layout Code
+
1 2 3 4 5 6
\end_layout
@@ -8432,22 +8826,27 @@ net/ipv6/route.c
\end_layout
\begin_layout Code
+
# cat /proc/net/ipv6_route
\end_layout
\begin_layout Code
+
00000000000000000000000000000000 00 00000000000000000000000000000000 00
\end_layout
\begin_layout Code
+
+------------------------------+ ++ +------------------------------+ ++
\end_layout
\begin_layout Code
+
| | | |
\end_layout
\begin_layout Code
+
1 2 3 4
\end_layout
@@ -8456,18 +8855,22 @@ net/ipv6/route.c
\end_layout
\begin_layout Code
+
¬ 00000000000000000000000000000000 ffffffff 00000001 00000001 00200200 lo
\end_layout
\begin_layout Code
+
¬ +------------------------------+ +------+ +------+ +------+ +------+ ++
\end_layout
\begin_layout Code
+
¬ | | | | | |
\end_layout
\begin_layout Code
+
¬ 5 6 7 8 9 10
\end_layout
@@ -8527,22 +8930,27 @@ Statistics about used IPv6 sockets.
\end_layout
\begin_layout Code
+
# cat /proc/net/sockstat6
\end_layout
\begin_layout Code
+
TCP6: inuse 7
\end_layout
\begin_layout Code
+
UDP6: inuse 2
\end_layout
\begin_layout Code
+
RAW6: inuse 1
\end_layout
\begin_layout Code
+
FRAG6: inuse 0 memory 0
\end_layout
@@ -8724,307 +9132,375 @@ Example:
\end_layout
\begin_layout Code
+
# netstat -nlptu
\end_layout
\begin_layout Code
+
Active Internet connections (only servers)
\end_layout
\begin_layout Code
+
Proto Recv-Q Send-Q Local Address Foreign Address State
\end_layout
\begin_layout Code
+
¬ PID/Program name
\end_layout
\begin_layout Code
+
tcp 0 0 0.0.0.0:32768 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 1258/rpc.statd
\end_layout
\begin_layout Code
+
tcp 0 0 0.0.0.0:32769 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 1502/rpc.mountd
\end_layout
\begin_layout Code
+
tcp 0 0 0.0.0.0:515 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 22433/lpd Waiting
\end_layout
\begin_layout Code
+
tcp 0 0 1.2.3.1:139 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 1746/smbd
\end_layout
\begin_layout Code
+
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 1230/portmap
\end_layout
\begin_layout Code
+
tcp 0 0 0.0.0.0:6000 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 3551/X
\end_layout
\begin_layout Code
+
tcp 0 0 1.2.3.1:8081 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 18735/junkbuster
\end_layout
\begin_layout Code
+
tcp 0 0 1.2.3.1:3128 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 18822/(squid)
\end_layout
\begin_layout Code
+
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN
\end_layout
\begin_layout Code
+
¬ 30734/named
\end_layout
\begin_layout Code
+
tcp 0 0 ::ffff:1.2.3.1:993 :::* LISTEN
\end_layout
\begin_layout Code
+
¬ 6742/xinetd-ipv6
\end_layout
\begin_layout Code
+
tcp 0 0 :::13 :::* LISTEN
\end_layout
\begin_layout Code
+
¬ 6742/xinetd-ipv6
\end_layout
\begin_layout Code
+
tcp 0 0 ::ffff:1.2.3.1:143 :::* LISTEN
\end_layout
\begin_layout Code
+
¬ 6742/xinetd-ipv6
\end_layout
\begin_layout Code
+
tcp 0 0 :::53 :::* LISTEN
\end_layout
\begin_layout Code
+
¬ 30734/named
\end_layout
\begin_layout Code
+
tcp 0 0 :::22 :::* LISTEN
\end_layout
\begin_layout Code
+
¬ 1410/sshd
\end_layout
\begin_layout Code
+
tcp 0 0 :::6010 :::* LISTEN
\end_layout
\begin_layout Code
+
¬ 13237/sshd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:32768 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1258/rpc.statd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:2049 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ -
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:32770 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1502/rpc.mountd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:32771 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ -
\end_layout
\begin_layout Code
+
udp 0 0 1.2.3.1:137 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1751/nmbd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:137 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1751/nmbd
\end_layout
\begin_layout Code
+
udp 0 0 1.2.3.1:138 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1751/nmbd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:138 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1751/nmbd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:33044 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 30734/named
\end_layout
\begin_layout Code
+
udp 0 0 1.2.3.1:53 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 30734/named
\end_layout
\begin_layout Code
+
udp 0 0 127.0.0.1:53 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 30734/named
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:67 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1530/dhcpd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:67 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1530/dhcpd
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:32858 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 18822/(squid)
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:4827 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 18822/(squid)
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:111 0.0.0.0:*
\end_layout
\begin_layout Code
+
¬ 1230/portmap
\end_layout
\begin_layout Code
+
udp 0 0 :::53 :::*
\end_layout
\begin_layout Code
+
¬ 30734/named
\end_layout
@@ -9056,26 +9532,32 @@ Router advertisement
\end_layout
\begin_layout Code
+
15:43:49.484751 fe80::212:34ff:fe12:3450 > ff02::1: icmp6: router
\end_layout
\begin_layout Code
+
¬ advertisement(chlim=64, router_ltime=30, reachable_time=0,
\end_layout
\begin_layout Code
+
¬ retrans_time=0)(prefix info: AR valid_ltime=30, preffered_ltime=20,
\end_layout
\begin_layout Code
+
¬ prefix=2002:0102:0304:1::/64)(prefix info: LAR valid_ltime=2592000,
\end_layout
\begin_layout Code
+
¬ preffered_ltime=604800, prefix=2001:0db8:0:1::/64)(src lladdr:
\end_layout
\begin_layout Code
+
¬ 0:12:34:12:34:50) (len 88, hlim 255)
\end_layout
@@ -9128,10 +9610,12 @@ Router solicitation
\end_layout
\begin_layout Code
+
15:44:21.152646 fe80::212:34ff:fe12:3456 > ff02::2: icmp6: router solicitation
\end_layout
\begin_layout Code
+
¬ (src lladdr: 0:12:34:12:34:56) (len 16, hlim 255)
\end_layout
@@ -9199,10 +9683,12 @@ fe80::212:34ff:fe12:3456
\end_layout
\begin_layout Code
+
15:44:17.712338 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has
\end_layout
\begin_layout Code
+
¬ fe80::212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32, hlim 255)
\end_layout
@@ -9219,15 +9705,18 @@ Node wants to configure its global address
\end_layout
\begin_layout Code
+
15:44:21.905596 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has
\end_layout
\begin_layout Code
+
¬ 2002:0102:0304:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len
32,
\end_layout
\begin_layout Code
+
¬ hlim 255)
\end_layout
@@ -9244,15 +9733,18 @@ Node wants to configure its global address
\end_layout
\begin_layout Code
+
15:44:22.304028 :: > ff02::1:ff12:3456: icmp6: neighbor sol: who has
\end_layout
\begin_layout Code
+
¬ 2001:0db8:0:1:212:34ff:fe12:3456(src lladdr: 0:12:34:12:34:56) (len 32,
hlim
\end_layout
\begin_layout Code
+
¬ 255)
\end_layout
@@ -9273,15 +9765,18 @@ Node wants to send packages to
\end_layout
\begin_layout Code
+
13:07:47.664538 2002:0102:0304:1:2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6:
\end_layout
\begin_layout Code
+
¬ neighbor sol: who has 2001:0db8:0:1::10(src lladdr: 0:e0:18:90:92:5) (len
32,
\end_layout
\begin_layout Code
+
¬ hlim 255)
\end_layout
@@ -9298,10 +9793,12 @@ fe80::10
\end_layout
\begin_layout Code
+
13:11:20.870070 fe80::2e0:18ff:fe90:9205 > ff02::1:ff00:10: icmp6: neighbor
\end_layout
\begin_layout Code
+
¬ sol: who has fe80::10(src lladdr: 0:e0:18:90:92:5) (len 32, hlim 255)
\end_layout
@@ -9423,6 +9920,7 @@ You can test, whether your Linux distribution contain support for persistent
\end_layout
\begin_layout Code
+
/etc/sysconfig/network-scripts/network-functions-ipv6
\end_layout
@@ -9431,11 +9929,13 @@ Auto-magically test:
\end_layout
\begin_layout Code
+
# test -f /etc/sysconfig/network-scripts/network-functions-ipv6 && echo
"Main
\end_layout
\begin_layout Code
+
¬ IPv6 script library exists"
\end_layout
@@ -9445,14 +9945,17 @@ The version of the library is important if you miss some features.
\end_layout
\begin_layout Code
+
# source /etc/sysconfig/network-scripts/network-functions-ipv6 &&
\end_layout
\begin_layout Code
+
¬ getversion_ipv6_functions
\end_layout
\begin_layout Code
+
20011124
\end_layout
@@ -9491,10 +9994,12 @@ Check whether running system has already IPv6 module loaded
\end_layout
\begin_layout Code
+
# modprobe -c | grep net-pf-10
\end_layout
\begin_layout Code
+
alias net-pf-10 off
\end_layout
@@ -9512,6 +10017,7 @@ off
\end_layout
\begin_layout Code
+
NETWORKING_IPV6=yes
\end_layout
@@ -9520,6 +10026,7 @@ Reboot or restart networking using
\end_layout
\begin_layout Code
+
# service network restart
\end_layout
@@ -9528,10 +10035,12 @@ Now IPv6 module should be loaded
\end_layout
\begin_layout Code
+
# modprobe -c | grep ipv6
\end_layout
\begin_layout Code
+
alias net-pf-10 ipv6
\end_layout
@@ -9591,6 +10100,7 @@ Edit file /etc/sysconfig/network/ifcfg- and setup following
\end_layout
\begin_layout Code
+
IP6ADDR="/"
\end_layout
@@ -9616,6 +10126,7 @@ Edit file /etc/sysconfig/network/ifcfg- and setup following
\end_layout
\begin_layout Code
+
IPADDR="/"
\end_layout
@@ -9656,44 +10167,54 @@ Configure your interface.
\end_layout
\begin_layout Code
+
iface eth0 inet6 static
\end_layout
\begin_layout Code
+
pre-up modprobe ipv6
\end_layout
\begin_layout Code
+
address 2001:0db8:1234:5::1:1
\end_layout
\begin_layout Code
+
# To suppress completely autoconfiguration:
\end_layout
\begin_layout Code
+
# up echo 0 > /proc/sys/net/ipv6/conf/all/autoconf
\end_layout
\begin_layout Code
+
netmask 64
\end_layout
\begin_layout Code
+
# The router is autoconfigured and has no fixed address.
\end_layout
\begin_layout Code
+
# It is magically
\end_layout
\begin_layout Code
+
# found.
(/proc/sys/net/ipv6/conf/all/accept_ra).
Otherwise:
\end_layout
\begin_layout Code
+
#gateway 2001:0db8:1234:5::1
\end_layout
@@ -9702,6 +10223,7 @@ And you reboot or you just
\end_layout
\begin_layout Code
+
# ifup --force eth0
\end_layout
@@ -9772,18 +10294,22 @@ Example:
\end_layout
\begin_layout Code
+
# ip -6 addr show dev eth0 scope link
\end_layout
\begin_layout Code
+
2: eth0: mtu 1500 qlen1000
\end_layout
\begin_layout Code
+
inet6 fe80::211:d8ff:fe6b:f0f5/64 scope link
\end_layout
\begin_layout Code
+
valid_lft forever preferred_lft forever
\end_layout
@@ -10294,6 +10820,7 @@ Change to source directory:
\end_layout
\begin_layout Code
+
# cd /path/to/src
\end_layout
@@ -10302,10 +10829,12 @@ Unpack and rename kernel sources
\end_layout
\begin_layout Code
+
# tar z|jxf kernel-version.tar.gz|bz2
\end_layout
\begin_layout Code
+
# mv linux linux-version-iptables-version+IPv6
\end_layout
@@ -10314,6 +10843,7 @@ Unpack iptables sources
\end_layout
\begin_layout Code
+
# tar z|jxf iptables-version.tar.gz|bz2
\end_layout
@@ -10326,6 +10856,7 @@ Change to iptables directory
\end_layout
\begin_layout Code
+
# cd iptables-version
\end_layout
@@ -10334,6 +10865,7 @@ Apply pending patches
\end_layout
\begin_layout Code
+
# make pending-patches KERNEL_DIR=/path/to/src/linux-version-iptables-version/
\end_layout
@@ -10344,6 +10876,7 @@ Apply additional IPv6 related patches (still not in the vanilla kernel included)
\end_layout
\begin_layout Code
+
# make patch-o-matic KERNEL_DIR=/path/to/src/linux-version-iptables-version/
\end_layout
@@ -10382,10 +10915,12 @@ Check IPv6 extensions
\end_layout
\begin_layout Code
+
# make print-extensions
\end_layout
\begin_layout Code
+
Extensions found: IPv6:owner IPv6:limit IPv6:mac IPv6:multiport
\end_layout
@@ -10398,6 +10933,7 @@ Change to kernel sources
\end_layout
\begin_layout Code
+
# cd /path/to/src/linux-version-iptables-version/
\end_layout
@@ -10406,10 +10942,12 @@ Edit Makefile
\end_layout
\begin_layout Code
+
- EXTRAVERSION =
\end_layout
\begin_layout Code
+
+ EXTRAVERSION = -iptables-version+IPv6-try
\end_layout
@@ -10418,80 +10956,99 @@ Run configure, enable IPv6 related
\end_layout
\begin_layout Code
+
Code maturity level options
\end_layout
\begin_layout Code
+
Prompt for development and/or incomplete code/drivers
: yes
\end_layout
\begin_layout Code
+
Networking options
\end_layout
\begin_layout Code
+
Network packet filtering: yes
\end_layout
\begin_layout Code
+
The IPv6 protocol: module
\end_layout
\begin_layout Code
+
IPv6: Netfilter Configuration
\end_layout
\begin_layout Code
+
IP6 tables support: module
\end_layout
\begin_layout Code
+
All new options like following:
\end_layout
\begin_layout Code
+
limit match support: module
\end_layout
\begin_layout Code
+
MAC address match support: module
\end_layout
\begin_layout Code
+
Multiple port match support: module
\end_layout
\begin_layout Code
+
Owner match support: module
\end_layout
\begin_layout Code
+
netfilter MARK match support: module
\end_layout
\begin_layout Code
+
Aggregated address check: module
\end_layout
\begin_layout Code
+
Packet filtering: module
\end_layout
\begin_layout Code
+
REJECT target support: module
\end_layout
\begin_layout Code
+
LOG target support: module
\end_layout
\begin_layout Code
+
Packet mangling: module
\end_layout
\begin_layout Code
+
MARK target support: module
\end_layout
@@ -10518,6 +11075,7 @@ Rename older directory
\end_layout
\begin_layout Code
+
# mv /usr/src/linux /usr/src/linux.old
\end_layout
@@ -10526,6 +11084,7 @@ Create a new softlink
\end_layout
\begin_layout Code
+
# ln -s /path/to/src/linux-version-iptables-version /usr/src/linux
\end_layout
@@ -10534,6 +11093,7 @@ Rebuild SRPMS
\end_layout
\begin_layout Code
+
# rpm --rebuild /path/to/SRPMS/iptables-version-release.src.rpm
\end_layout
@@ -10547,6 +11107,7 @@ On RH 7.1 systems, normally, already an older version is installed, therefore
\end_layout
\begin_layout Code
+
# rpm -Fhv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm
\end_layout
@@ -10555,6 +11116,7 @@ If not already installed, use "install"
\end_layout
\begin_layout Code
+
# rpm -ihv /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm
\end_layout
@@ -10565,6 +11127,7 @@ ts don't fit.
\end_layout
\begin_layout Code
+
# rpm -ihv --nodeps /path/to/RPMS/cpu/iptables*-version-release.cpu.rpm
\end_layout
@@ -10574,6 +11137,7 @@ Perhaps it's necessary to create a softlink for iptables libraries where
\end_layout
\begin_layout Code
+
# ln -s /lib/iptables/ /usr/lib/iptables
\end_layout
@@ -10590,6 +11154,7 @@ Load module, if so compiled
\end_layout
\begin_layout Code
+
# modprobe ip6_tables
\end_layout
@@ -10598,10 +11163,12 @@ Check for capability
\end_layout
\begin_layout Code
+
# [ ! -f /proc/net/ip6_tables_names ] && echo "Current kernel doesn't support
\end_layout
\begin_layout Code
+
¬ 'ip6tables' firewalling (IPv6)!"
\end_layout
@@ -10618,6 +11185,7 @@ Short
\end_layout
\begin_layout Code
+
# ip6tables -L
\end_layout
@@ -10626,6 +11194,7 @@ Extended
\end_layout
\begin_layout Code
+
# ip6tables -n -v --line-numbers -L
\end_layout
@@ -10634,6 +11203,7 @@ List specified filter
\end_layout
\begin_layout Code
+
# ip6tables -n -v --line-numbers -L INPUT
\end_layout
@@ -10642,10 +11212,12 @@ Insert a log rule at the input filter with options
\end_layout
\begin_layout Code
+
# ip6tables --table filter --append INPUT -j LOG --log-prefix "INPUT:"
\end_layout
\begin_layout Code
+
¬ --log-level 7
\end_layout
@@ -10654,6 +11226,7 @@ Insert a drop rule at the input filter
\end_layout
\begin_layout Code
+
# ip6tables --table filter --append INPUT -j DROP
\end_layout
@@ -10662,6 +11235,7 @@ Delete a rule by number
\end_layout
\begin_layout Code
+
# ip6tables --table filter --delete INPUT 1
\end_layout
@@ -10675,6 +11249,7 @@ Since kernel version 2.6.20 IPv6 connection tracking is well supported and
\end_layout
\begin_layout Code
+
# ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
\end_layout
@@ -10692,6 +11267,7 @@ Accept incoming ICMPv6 through tunnels
\end_layout
\begin_layout Code
+
# ip6tables -A INPUT -i sit+ -p icmpv6 -j ACCEPT
\end_layout
@@ -10700,6 +11276,7 @@ Allow outgoing ICMPv6 through tunnels
\end_layout
\begin_layout Code
+
# ip6tables -A OUTPUT -o sit+ -p icmpv6 -j ACCEPT
\end_layout
@@ -10708,6 +11285,7 @@ Newer kernels allow specifying of ICMPv6 types:
\end_layout
\begin_layout Code
+
# ip6tables -A INPUT -p icmpv6 --icmpv6-type echo-request -j ACCEPT
\end_layout
@@ -10725,10 +11303,12 @@ Because it can happen (author already saw it to times) that an ICMPv6 storm
\end_layout
\begin_layout Code
+
# ip6tables -A INPUT --protocol icmpv6 --icmpv6-type echo-request
\end_layout
\begin_layout Code
+
¬ -j ACCEPT --match limit --limit 30/minute
\end_layout
@@ -10746,10 +11326,12 @@ Allow incoming SSH from 2001:0db8:100::1/128
\end_layout
\begin_layout Code
+
# ip6tables -A INPUT -i sit+ -p tcp -s 2001:0db8:100::1/128 --sport 512:65535
\end_layout
\begin_layout Code
+
¬ --dport 22 -j ACCEPT
\end_layout
@@ -10762,10 +11344,12 @@ no longer needed if connection tracking is used!
\end_layout
\begin_layout Code
+
# ip6tables -A OUTPUT -o sit+ -p tcp -d 2001:0db8:100::1/128 --dport 512:65535
\end_layout
\begin_layout Code
+
¬ --sport 22 ! --syn -j ACCEPT
\end_layout
@@ -10787,6 +11371,7 @@ Accept incoming IPv6-in-IPv4 on interface ppp0
\end_layout
\begin_layout Code
+
# iptables -A INPUT -i ppp0 -p ipv6 -j ACCEPT
\end_layout
@@ -10795,6 +11380,7 @@ Allow outgoing IPv6-in-IPv4 to interface ppp0
\end_layout
\begin_layout Code
+
# iptables -A OUTPUT -o ppp0 -p ipv6 -j ACCEPT
\end_layout
@@ -10808,6 +11394,7 @@ Accept incoming IPv6-in-IPv4 on interface ppp0 from tunnel endpoint 192.0.2.2
\end_layout
\begin_layout Code
+
# iptables -A INPUT -i ppp0 -p ipv6 -s 192.0.2.2 -j ACCEPT
\end_layout
@@ -10816,6 +11403,7 @@ Allow outgoing IPv6-in-IPv4 to interface ppp0 to tunnel endpoint 192.0.2.2
\end_layout
\begin_layout Code
+
# iptables -A OUTPUT -o ppp0 -p ipv6 -d 192.0.2.2 -j ACCEPT
\end_layout
@@ -10838,6 +11426,7 @@ Block incoming TCP connection requests to this host
\end_layout
\begin_layout Code
+
# ip6tables -I INPUT -i sit+ -p tcp --syn -j DROP
\end_layout
@@ -10846,6 +11435,7 @@ Block incoming TCP connection requests to hosts behind this router
\end_layout
\begin_layout Code
+
# ip6tables -I FORWARD -i sit+ -p tcp --syn -j DROP
\end_layout
@@ -10878,6 +11468,7 @@ Block incoming UDP packets which cannot be responses of outgoing requests
\end_layout
\begin_layout Code
+
# ip6tables -I INPUT -i sit+ -p udp ! --dport 32768:60999 -j DROP
\end_layout
@@ -10887,6 +11478,7 @@ Block incoming UDP packets which cannot be responses of forwarded requests
\end_layout
\begin_layout Code
+
# ip6tables -I FORWARD -i sit+ -p udp ! --dport 32768:60999 -j DROP
\end_layout
@@ -10914,6 +11506,7 @@ tracking
\end_layout
\begin_layout Code
+
File: /etc/sysconfig/ip6tables
\end_layout
@@ -10922,70 +11515,87 @@ File: /etc/sysconfig/ip6tables
\end_layout
\begin_layout Code
+
*filter :INPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
+
:FORWARD ACCEPT [0:0]
\end_layout
\begin_layout Code
+
:OUTPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
+
:RH-Firewall-1-INPUT - [0:0]
\end_layout
\begin_layout Code
+
-A INPUT -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
+
-A FORWARD -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p icmpv6 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d ff02::fb -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -m state --state NEW -p tcp --dport 22 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp6-adm-prohibited
\end_layout
\begin_layout Code
+
COMMIT
\end_layout
@@ -10994,6 +11604,7 @@ For completeness also the IPv4 configuration is shown here:
\end_layout
\begin_layout Code
+
File: /etc/sysconfig/iptables
\end_layout
@@ -11002,71 +11613,88 @@ File: /etc/sysconfig/iptables
\end_layout
\begin_layout Code
+
*filter :INPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
+
:FORWARD ACCEPT [0:0]
\end_layout
\begin_layout Code
+
:OUTPUT ACCEPT [0:0]
\end_layout
\begin_layout Code
+
:RH-Firewall-1-INPUT - [0:0]
\end_layout
\begin_layout Code
+
-A INPUT -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
+
-A FORWARD -j RH-Firewall-1-INPUT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT
\end_layout
\begin_layout Code
+
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
\end_layout
\begin_layout Code
+
COMMIT
\end_layout
@@ -11083,10 +11711,12 @@ Activate IPv4 & IPv6 firewalling
\end_layout
\begin_layout Code
+
# service iptables start
\end_layout
\begin_layout Code
+
# service ip6tables start
\end_layout
@@ -11095,10 +11725,12 @@ Enable automatic start after reboot
\end_layout
\begin_layout Code
+
# chkconfig iptables on
\end_layout
\begin_layout Code
+
# chkconfig ip6tables on
\end_layout
@@ -11117,472 +11749,578 @@ but still stateless filter
\end_layout
\begin_layout Code
+
# ip6tables -n -v -L
\end_layout
\begin_layout Code
+
Chain INPUT (policy DROP 0 packets, 0 bytes)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
0 0 extIN all sit+ * ::/0 ::/0
\end_layout
\begin_layout Code
+
4 384 intIN all eth0 * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 ACCEPT all * * ::1/128 ::1/128
\end_layout
\begin_layout Code
+
0 0 ACCEPT all lo * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `INPUT-default:'
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain FORWARD (policy DROP 0 packets, 0 bytes)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 int2ext all eth0 sit+ ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 ext2int all sit+ eth0 ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `FORWARD-default:'
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 extOUT all * sit+ ::/0 ::/0
\end_layout
\begin_layout Code
+
4 384 intOUT all * eth0 ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 ACCEPT all * * ::1/128 ::1/128
\end_layout
\begin_layout Code
+
0 0 ACCEPT all * lo ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `OUTPUT-default:'
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain ext2int (1 references)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `ext2int-default:'
\end_layout
\begin_layout Code
+
0 0 DROP tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 DROP udp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain extIN (1 references)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * 3ffe:400:100::1/128 ::/0
\end_layout
\begin_layout Code
+
¬ tcp spts:512:65535 dpt:22
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * 3ffe:400:100::2/128 ::/0
\end_layout
\begin_layout Code
+
¬ tcp spts:512:65535 dpt:22
\end_layout
\begin_layout Code
+
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ tcp spts:1:65535 dpts:1024:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
+
0 0 ACCEPT udp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ udp spts:1:65535 dpts:1024:65535
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ limit: avg 5/min burst 5 LOG flags 0 level 7 prefix `extIN-default:'
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain extOUT (1 references)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * ::/0
\end_layout
\begin_layout Code
+
¬ 2001:0db8:100::1/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * ::/0
\end_layout
\begin_layout Code
+
¬ 2001:0db8:100::2/128tcp spt:22 dpts:512:65535 flags:!0x16/0x02
\end_layout
\begin_layout Code
+
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ tcp spts:1024:65535 dpts:1:65535
\end_layout
\begin_layout Code
+
0 0 ACCEPT udp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ udp spts:1024:65535 dpts:1:65535
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `extOUT-default:'
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain int2ext (1 references)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 ACCEPT icmpv6 * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 ACCEPT tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ tcp spts:1024:65535 dpts:1:65535
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `int2ext:'
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `int2ext-default:'
\end_layout
\begin_layout Code
+
0 0 DROP tcp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 DROP udp * * ::/0 ::/0
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain intIN (1 references)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 ACCEPT all * * ::/0
\end_layout
\begin_layout Code
+
¬ fe80::/ffc0::
\end_layout
\begin_layout Code
+
4 384 ACCEPT all * * ::/0 ff02::/16
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
Chain intOUT (1 references)
\end_layout
\begin_layout Code
+
pkts bytes target prot opt in out source destination
\end_layout
\begin_layout Code
+
¬
\end_layout
\begin_layout Code
+
0 0 ACCEPT all * * ::/0
\end_layout
\begin_layout Code
+
¬ fe80::/ffc0::
\end_layout
\begin_layout Code
+
4 384 ACCEPT all * * ::/0 ff02::/16
\end_layout
\begin_layout Code
+
0 0 LOG all * * ::/0 ::/0
\end_layout
\begin_layout Code
+
¬ LOG flags 0 level 7 prefix `intOUT-default:'
\end_layout
\begin_layout Code
+
0 0 DROP all * * ::/0 ::/0
\end_layout
@@ -11612,6 +12350,7 @@ Like in IPv4 clients behind a router can be hided by using IPv6 masquerading
\end_layout
\begin_layout Code
+
# ip6tables -t nat -A POSTROUTING -o sixxs -s fec0::/64 -j MASQUERADE
\end_layout
@@ -11625,6 +12364,7 @@ A dedicated public IPv6 address can be forwarded to an internal IPv6 address,
\end_layout
\begin_layout Code
+
# ip6tables -t nat -A PREROUTING -d 2001:db8:0:1:5054:ff:fe01:2345 -i sixxs
-j DNAT --to-destination fec0::5054:ff:fe01:2345
\end_layout
@@ -11638,6 +12378,7 @@ A dedicated specified port can be forwarded to an internal system, e.g.
\end_layout
\begin_layout Code
+
# ip6tables -t nat -A PREROUTING -i sixxs -p tcp --dport 8080 -j DNAT --to-desti
nation [fec0::1234]:80
\end_layout
@@ -11677,18 +12418,22 @@ Load kernel modules
\end_layout
\begin_layout Code
+
# modprobe nf_tables
\end_layout
\begin_layout Code
+
# modprobe nf_tables_ipv4
\end_layout
\begin_layout Code
+
# modprobe nf_tables_ipv6
\end_layout
\begin_layout Code
+
# modprobe nf_tables_inet
\end_layout
@@ -11697,14 +12442,17 @@ Create filter tables
\end_layout
\begin_layout Code
+
# nft add table ip filter
\end_layout
\begin_layout Code
+
# nft add table ip6 filter
\end_layout
\begin_layout Code
+
# nft add table inet filter
\end_layout
@@ -11713,18 +12461,21 @@ Create input chain in each filter table
\end_layout
\begin_layout Code
+
# nft add chain ip filter input { type filter hook input priority 1
\backslash
; }
\end_layout
\begin_layout Code
+
# nft add chain ip6 filter input { type filter hook input priority 1
\backslash
; }
\end_layout
\begin_layout Code
+
# nft add chain inet filter input { type filter hook input priority 0
\backslash
; }
@@ -11743,6 +12494,7 @@ Allow packets which are related to existing connection tracking entries
\end_layout
\begin_layout Code
+
# nft add rule inet filter input ct state established,related counter accept
\end_layout
@@ -11752,11 +12504,13 @@ Allow IPv4 and IPv6 ICMP echo-request (aka ping)
\end_layout
\begin_layout Code
+
# nft add rule ip filter input icmp type { echo-request } counter accept
\end_layout
\begin_layout Code
+
# nft add rule ip6 filter input icmpv6 type echo-request counter accept
\end_layout
@@ -11767,10 +12521,33 @@ Allow some important IPv6 ICMP traffic, without counter, but checking hop-limit
\end_layout
\begin_layout Code
-# nft add rule ip6 filter input icmpv6 type { nd-neighbor-solicit, nd-router-adv
-ert, nd-neighbor-advert } ip6 hoplimit 1 accept # nft add rule ip6 filter
- input icmpv6 type { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert
- } ip6 hoplimit 255 accept
+
+# nft add rule ip6 filter input icmpv6 type
+\end_layout
+
+\begin_layout Code
+
+¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+\end_layout
+
+\begin_layout Code
+
+¬ ip6 hoplimit 1 accept
+\end_layout
+
+\begin_layout Code
+
+# nft add rule ip6 filter input icmpv6 type
+\end_layout
+
+\begin_layout Code
+
+¬ { nd-neighbor-solicit, nd-router-advert, nd-neighbor-advert }
+\end_layout
+
+\begin_layout Code
+
+¬ ip6 hoplimit 255 accept
\end_layout
\begin_layout Standard
@@ -11787,6 +12564,7 @@ inet
\end_layout
\begin_layout Code
+
# nft add rule inet filter input tcp dport 22 ct state new tcp flags
\backslash
&
@@ -11807,30 +12585,37 @@ Table for IPv4 filter
\end_layout
\begin_layout Code
+
# nft list table ip filter
\end_layout
\begin_layout Code
+
table ip filter {
\end_layout
\begin_layout Code
+
chain input {
\end_layout
\begin_layout Code
+
type filter hook input priority 1;
\end_layout
\begin_layout Code
+
icmp type { echo-request} counter packets 0 bytes 0 accept
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -11839,40 +12624,57 @@ Table for IPv6 filter
\end_layout
\begin_layout Code
+
# nft list table ip6 filter
\end_layout
\begin_layout Code
+
table ip6 filter {
\end_layout
\begin_layout Code
+
chain input {
\end_layout
\begin_layout Code
+
type filter hook input priority 1;
\end_layout
\begin_layout Code
+
icmpv6 type echo-request counter packets 0 bytes 0 accept
\end_layout
\begin_layout Code
- ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
- nd-router-advert} accept
+
+ ip6 hoplimit 1 icmpv6 type
\end_layout
\begin_layout Code
- ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit,
- nd-router-advert} accept
+
+¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
\end_layout
\begin_layout Code
+
+ ip6 hoplimit 255 icmpv6 type
+\end_layout
+
+\begin_layout Code
+
+¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+\end_layout
+
+\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -11881,35 +12683,43 @@ Table for IP version aware filter
\end_layout
\begin_layout Code
+
# nft list table inet filter
\end_layout
\begin_layout Code
+
table inet filter {
\end_layout
\begin_layout Code
+
chain input {
\end_layout
\begin_layout Code
+
type filter hook input priority 0;
\end_layout
\begin_layout Code
+
ct state established,related counter packets 44 bytes 2288 accept
\end_layout
\begin_layout Code
+
tcp dport ssh ct state new tcp flags & (syn | ack) == syn counter packets
0 bytes 0 accept
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -12017,10 +12827,12 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se
\end_layout
\begin_layout Code
+
# nc6 ::1 daytime
\end_layout
\begin_layout Code
+
13 JUL 2002 11:22:22 CEST
\end_layout
@@ -12042,43 +12854,53 @@ target "http://www.insecure.org/nmap/"
\end_layout
\begin_layout Code
+
# nmap -6 -sT ::1
\end_layout
\begin_layout Code
+
Starting nmap V.
3.10ALPHA3 ( www.insecure.org/nmap/ )
\end_layout
\begin_layout Code
+
Interesting ports on localhost6 (::1):
\end_layout
\begin_layout Code
+
(The 1600 ports scanned but not shown below are in state: closed)
\end_layout
\begin_layout Code
+
Port State Service
\end_layout
\begin_layout Code
+
22/tcp open ssh
\end_layout
\begin_layout Code
+
53/tcp open domain
\end_layout
\begin_layout Code
+
515/tcp open printer
\end_layout
\begin_layout Code
+
2401/tcp open cvspserver
\end_layout
\begin_layout Code
+
Nmap run completed -- 1 IP address (1 host up) scanned in 0.525 seconds
\end_layout
@@ -12101,26 +12923,32 @@ target "http://www.bieringer.de/linux/IPv6/status/IPv6+Linux-status-apps.html#se
\end_layout
\begin_layout Code
+
# ./strobe ::1 strobe 1.05 (c) 1995-1999 Julian Assange .
\end_layout
\begin_layout Code
+
::1 2401 unassigned unknown
\end_layout
\begin_layout Code
+
::1 22 ssh Secure Shell - RSA encrypted rsh
\end_layout
\begin_layout Code
+
::1 515 printer spooler (lpd)
\end_layout
\begin_layout Code
+
::1 6010 unassigned unknown
\end_layout
\begin_layout Code
+
::1 53 domain Domain Name Server
\end_layout
@@ -12415,22 +13243,27 @@ Example for an end-to-end encrypted connection in transport mode
\end_layout
\begin_layout Code
+
#!/sbin/setkey -f
\end_layout
\begin_layout Code
+
flush;
\end_layout
\begin_layout Code
+
spdflush;
\end_layout
\begin_layout Code
+
spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec esp/transport//require;
\end_layout
\begin_layout Code
+
spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec esp/transport//require;
\end_layout
@@ -12443,30 +13276,37 @@ Example for a end-to-end encrypted connection in tunnel mode
\end_layout
\begin_layout Code
+
#!/sbin/setkey -f
\end_layout
\begin_layout Code
+
flush;
\end_layout
\begin_layout Code
+
spdflush;
\end_layout
\begin_layout Code
+
spdadd 2001:db8:1:1::1 2001:db8:2:2::2 any -P out ipsec
\end_layout
\begin_layout Code
+
¬ esp/tunnel/2001:db8:1:1::1-2001:db8:2:2::2/require;
\end_layout
\begin_layout Code
+
spdadd 2001:db8:2:2::2 2001:db8:1:1::1 any -P in ipsec
\end_layout
\begin_layout Code
+
¬ esp/tunnel/2001:db8:2:2::2-2001:db8:1:1::1/require;
\end_layout
@@ -12528,18 +13368,22 @@ File: /etc/racoon/racoon.conf
\end_layout
\begin_layout Code
+
# Racoon IKE daemon configuration file.
\end_layout
\begin_layout Code
+
# See 'man racoon.conf' for a description of the format and entries.
\end_layout
\begin_layout Code
+
path include "/etc/racoon";
\end_layout
\begin_layout Code
+
path pre_shared_key "/etc/racoon/psk.txt";
\end_layout
@@ -12548,18 +13392,22 @@ path pre_shared_key "/etc/racoon/psk.txt";
\end_layout
\begin_layout Code
+
listen
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
isakmp 2001:db8:1:1::1;
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -12568,50 +13416,62 @@ listen
\end_layout
\begin_layout Code
+
remote 2001:db8:2:2::2
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
exchange_mode main;
\end_layout
\begin_layout Code
+
lifetime time 24 hour;
\end_layout
\begin_layout Code
+
proposal
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
encryption_algorithm 3des;
\end_layout
\begin_layout Code
+
hash_algorithm md5;
\end_layout
\begin_layout Code
+
authentication_method pre_shared_key;
\end_layout
\begin_layout Code
+
dh_group 2;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -12620,34 +13480,42 @@ remote 2001:db8:2:2::2
\end_layout
\begin_layout Code
+
# gateway-to-gateway
\end_layout
\begin_layout Code
+
sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
lifetime time 1 hour;
\end_layout
\begin_layout Code
+
encryption_algorithm 3des;
\end_layout
\begin_layout Code
+
authentication_algorithm hmac_md5;
\end_layout
\begin_layout Code
+
compression_algorithm deflate;
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -12656,30 +13524,37 @@ sainfo address 2001:db8:1:1::1 any address 2001:db8:2:2::2 any
\end_layout
\begin_layout Code
+
sainfo address 2001:db8:2:2::2 any address 2001:db8:1:1::1 any
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
lifetime time 1 hour;
\end_layout
\begin_layout Code
+
encryption_algorithm 3des;
\end_layout
\begin_layout Code
+
authentication_algorithm hmac_md5;
\end_layout
\begin_layout Code
+
compression_algorithm deflate;
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -12692,10 +13567,12 @@ File: /etc/racoon/psk.txt
\end_layout
\begin_layout Code
+
# file for pre-shared keys used for IKE authentication
\end_layout
\begin_layout Code
+
# format is: 'identifier' 'key'
\end_layout
@@ -12704,6 +13581,7 @@ File: /etc/racoon/psk.txt
\end_layout
\begin_layout Code
+
2001:db8:2:2::2 verysecret
\end_layout
@@ -12727,84 +13605,104 @@ At least the daemon needs to be started.
\end_layout
\begin_layout Code
+
# racoon -F -v -f /etc/racoon/racoon.conf
\end_layout
\begin_layout Code
+
Foreground mode.
\end_layout
\begin_layout Code
+
2005-01-01 20:30:15: INFO: @(#)ipsec-tools 0.3.3
\end_layout
\begin_layout Code
+
¬ (http://ipsec-tools.sourceforge.net)
\end_layout
\begin_layout Code
+
2005-01-01 20:30:15: INFO: @(#)This product linked
\end_layout
\begin_layout Code
+
¬ OpenSSL 0.9.7a Feb 19 2003 (http://www.openssl.org/)
\end_layout
\begin_layout Code
+
2005-01-01 20:30:15: INFO: 2001:db8:1:1::1[500] used as isakmp port (fd=7)
\end_layout
\begin_layout Code
+
2005-01-01 20:31:06: INFO: IPsec-SA request for 2001:db8:2:2::2
\end_layout
\begin_layout Code
+
¬ queued due to no phase1 found.
\end_layout
\begin_layout Code
+
2005-01-01 20:31:06: INFO: initiate new phase 1 negotiation:
\end_layout
\begin_layout Code
+
¬ 2001:db8:1:1::1[500]<=>2001:db8:2:2::2[500]
\end_layout
\begin_layout Code
+
2005-01-01 20:31:06: INFO: begin Identity Protection mode.
\end_layout
\begin_layout Code
+
2005-01-01 20:31:09: INFO: ISAKMP-SA established
\end_layout
\begin_layout Code
+
¬ 2001:db8:1:1::1[500]-2001:db8:2:2::2[500] spi:da3d3693289c9698:ac039a402b2db40
1
\end_layout
\begin_layout Code
+
2005-01-01 20:31:09: INFO: initiate new phase 2 negotiation:
\end_layout
\begin_layout Code
+
¬ 2001:6f8:900:94::2[0]<=>2001:db8:2:2::2[0]
\end_layout
\begin_layout Code
+
2005-01-01 20:31:10: INFO: IPsec-SA established:
\end_layout
\begin_layout Code
+
¬ ESP/Tunnel 2001:db8:2:2::2->2001:db8:1:1::1 spi=253935531(0xf22bfab)
\end_layout
\begin_layout Code
+
2005-01-01 20:31:10: INFO: IPsec-SA established:
\end_layout
\begin_layout Code
+
¬ ESP/Tunnel 2001:db8:1:1::1->2001:db8:2:2::2 spi=175002564(0xa6e53c4)
\end_layout
@@ -12822,10 +13720,12 @@ tcpdump
\end_layout
\begin_layout Code
+
20:35:55.305707 2001:db8:1:1::1 > 2001:db8:2:2::2: ESP(spi=0x0a6e53c4,seq=0x3)
\end_layout
\begin_layout Code
+
20:35:55.537522 2001:db8:2:2::2 > 2001:db8:1:1::1: ESP(spi=0x0f22bfab,seq=0x3)
\end_layout
@@ -12846,94 +13746,117 @@ setkey
\end_layout
\begin_layout Code
+
# setkey -D
\end_layout
\begin_layout Code
+
2001:db8:1:1::1 2001:db8:2:2::2
\end_layout
\begin_layout Code
+
esp mode=tunnel spi=175002564(0x0a6e53c4) reqid=0(0x00000000)
\end_layout
\begin_layout Code
+
E: 3des-cbc bd26bc45 aea0d249 ef9c6b89 7056080f 5d9fa49c 924e2edd
\end_layout
\begin_layout Code
+
A: hmac-md5 60c2c505 517dd8b7 c9609128 a5efc2db
\end_layout
\begin_layout Code
+
seq=0x00000000 replay=4 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
+
created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005
\end_layout
\begin_layout Code
+
diff: 577(s) hard: 3600(s) soft: 2880(s)
\end_layout
\begin_layout Code
+
last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
+
current: 540(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
+
allocated: 3 hard: 0 soft: 0
\end_layout
\begin_layout Code
+
sadb_seq=1 pid=22358 refcnt=0
\end_layout
\begin_layout Code
+
2001:db8:2:2::2 2001:db8:1:1::1
\end_layout
\begin_layout Code
+
esp mode=tunnel spi=253935531(0x0f22bfab) reqid=0(0x00000000)
\end_layout
\begin_layout Code
+
E: 3des-cbc c1ddba65 83debd62 3f6683c1 20e747ac 933d203f 4777a7ce
\end_layout
\begin_layout Code
+
A: hmac-md5 3f957db9 9adddc8c 44e5739d 3f53ca0e
\end_layout
\begin_layout Code
+
seq=0x00000000 replay=4 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
+
created: Jan 1 20:31:10 2005 current: Jan 1 20:40:47 2005
\end_layout
\begin_layout Code
+
diff: 577(s) hard: 3600(s) soft: 2880(s)
\end_layout
\begin_layout Code
+
last: Jan 1 20:35:05 2005 hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
+
current: 312(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
+
allocated: 3 hard: 0 soft: 0
\end_layout
\begin_layout Code
+
sadb_seq=0 pid=22358 refcnt=0
\end_layout
@@ -13026,18 +13949,22 @@ File: /etc/ipsec.conf
\end_layout
\begin_layout Code
+
# /etc/ipsec.conf - Openswan IPsec configuration file
\end_layout
\begin_layout Code
+
#
\end_layout
\begin_layout Code
+
# Manual: ipsec.conf.5
\end_layout
\begin_layout Code
+
version 2.0 # conforms to second version of ipsec.conf specification
\end_layout
@@ -13046,22 +13973,27 @@ version 2.0 # conforms to second version of ipsec.conf specification
\end_layout
\begin_layout Code
+
# basic configuration
\end_layout
\begin_layout Code
+
config setup
\end_layout
\begin_layout Code
+
# Debug-logging controls: "none" for (almost) none, "all" for lots.
\end_layout
\begin_layout Code
+
# klipsdebug=none
\end_layout
\begin_layout Code
+
# plutodebug="control parsing"
\end_layout
@@ -13070,10 +14002,12 @@ config setup
\end_layout
\begin_layout Code
+
#Disable Opportunistic Encryption
\end_layout
\begin_layout Code
+
include /etc/ipsec.d/examples/no_oe.conf
\end_layout
@@ -13082,55 +14016,68 @@ include /etc/ipsec.d/examples/no_oe.conf
\end_layout
\begin_layout Code
+
conn ipv6-p1-p2
\end_layout
\begin_layout Code
+
connaddrfamily=ipv6 # Important for IPv6, but no longer needed
since StrongSwan 4
\end_layout
\begin_layout Code
+
left=2001:db8:1:1::1
\end_layout
\begin_layout Code
+
right=2001:db8:2:2::2
\end_layout
\begin_layout Code
+
authby=secret
\end_layout
\begin_layout Code
+
esp=aes128-sha1
\end_layout
\begin_layout Code
+
ike=aes128-sha-modp1024
\end_layout
\begin_layout Code
+
type=transport
\end_layout
\begin_layout Code
+
#type=tunnel
\end_layout
\begin_layout Code
+
compress=no
\end_layout
\begin_layout Code
+
#compress=yes
\end_layout
\begin_layout Code
+
auto=add
\end_layout
\begin_layout Code
+
#auto=up
\end_layout
@@ -13147,6 +14094,7 @@ File: /etc/ipsec.secrets
\end_layout
\begin_layout Code
+
2001:db8:1:1::1 2001:db8:2:2::2 : PSK "verysecret"
\end_layout
@@ -13168,6 +14116,7 @@ If installation of Openswan was successfully, an initscript should exist
\end_layout
\begin_layout Code
+
# /etc/rc.d/init.d/ipsec start
\end_layout
@@ -13185,34 +14134,42 @@ IPsec SA established
\end_layout
\begin_layout Code
+
# ipsec auto --up ipv6-peer1-peer2
\end_layout
\begin_layout Code
+
104 "ipv6-p1-p2" #1: STATE_MAIN_I1: initiate
\end_layout
\begin_layout Code
+
106 "ipv6-p1-p2" #1: STATE_MAIN_I2: sent MI2, expecting MR2
\end_layout
\begin_layout Code
+
108 "ipv6-p1-p2" #1: STATE_MAIN_I3: sent MI3, expecting MR3
\end_layout
\begin_layout Code
+
004 "ipv6-p1-p2" #1: STATE_MAIN_I4: ISAKMP SA established
\end_layout
\begin_layout Code
+
112 "ipv6-p1-p2" #2: STATE_QUICK_I1: initiate
\end_layout
\begin_layout Code
+
004 "ipv6-p1-p2" #2: STATE_QUICK_I2: sent QI2,
\end_layout
\begin_layout Code
+
¬ IPsec SA established {ESP=>0xa98b7710 <0xa51e1f22}
\end_layout
@@ -13230,94 +14187,117 @@ setkey
\end_layout
\begin_layout Code
+
# setkey -D
\end_layout
\begin_layout Code
+
2001:db8:1:1::1 2001:db8:2:2::2
\end_layout
\begin_layout Code
+
esp mode=transport spi=2844489488(0xa98b7710) reqid=16385(0x00004001)
\end_layout
\begin_layout Code
+
E: aes-cbc 082ee274 2744bae5 7451da37 1162b483
\end_layout
\begin_layout Code
+
A: hmac-sha1 b7803753 757417da 477b1c1a 64070455 ab79082c
\end_layout
\begin_layout Code
+
seq=0x00000000 replay=64 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
+
created: Jan 1 21:16:32 2005 current: Jan 1 21:22:20 2005
\end_layout
\begin_layout Code
+
diff: 348(s) hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
+
last: hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
+
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
+
allocated: 0 hard: 0 soft: 0
\end_layout
\begin_layout Code
+
sadb_seq=1 pid=23825 refcnt=0
\end_layout
\begin_layout Code
+
2001:db8:2:2::2 2001:db8:1:1::1
\end_layout
\begin_layout Code
+
esp mode=transport spi=2770214690(0xa51e1f22) reqid=16385(0x00004001)
\end_layout
\begin_layout Code
+
E: aes-cbc 6f59cc30 8d856056 65e07b76 552cac18
\end_layout
\begin_layout Code
+
A: hmac-sha1 c7c7d82b abfca8b1 5440021f e0c3b335 975b508b
\end_layout
\begin_layout Code
+
seq=0x00000000 replay=64 flags=0x00000000 state=mature
\end_layout
\begin_layout Code
+
created: Jan 1 21:16:31 2005 current: Jan 1 21:22:20 2005
\end_layout
\begin_layout Code
+
diff: 349(s) hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
+
last: hard: 0(s) soft: 0(s)
\end_layout
\begin_layout Code
+
current: 0(bytes) hard: 0(bytes) soft: 0(bytes)
\end_layout
\begin_layout Code
+
allocated: 0 hard: 0 soft: 0
\end_layout
\begin_layout Code
+
sadb_seq=0 pid=23825 refcnt=0
\end_layout
@@ -13339,10 +14319,12 @@ ip
\end_layout
\begin_layout Code
+
# ip xfrm policy
\end_layout
\begin_layout Code
+
...
\end_layout
@@ -13351,10 +14333,12 @@ ip
\end_layout
\begin_layout Code
+
# ip xfrm state
\end_layout
\begin_layout Code
+
...
\end_layout
@@ -13401,32 +14385,39 @@ Proper working QoS is only possible on the outgoing interface of a router
\end_layout
\begin_layout Code
+
-------------->-------
\end_layout
\begin_layout Code
+
Queue 1
\backslash
\end_layout
\begin_layout Code
+
--->--- ---->--------->--------->---------------
\end_layout
\begin_layout Code
+
Big pipe Queue 2 Queue 1 / Queue 2 / Queue 3 Thin Pipe
\end_layout
\begin_layout Code
+
--->---- ---->--------->--------->---------------
\end_layout
\begin_layout Code
+
Queue 3 /
\end_layout
\begin_layout Code
+
-------------->-------
\end_layout
@@ -13495,6 +14486,7 @@ Define root qdisc with a bandwidth of 1000 MBit/s on eth1
\end_layout
\begin_layout Code
+
# tc qdisc add dev eth1 root handle 1: cbq avpkt 1000 bandwidth 1000Mbit
\end_layout
@@ -13507,6 +14499,7 @@ Define a class 1:1 with 1 MBit/s
\end_layout
\begin_layout Code
+
# tc class add dev eth1 parent 1: classid 1:1 cbq rate 1Mbit allot 1500
bounded
\end_layout
@@ -13516,6 +14509,7 @@ Define a class 1:2 with 50 MBit/s
\end_layout
\begin_layout Code
+
# tc class add dev eth1 parent 1: classid 1:2 cbq rate 50Mbit allot 1500
bounded
\end_layout
@@ -13525,6 +14519,7 @@ Define a class 1:3 with 10 MBit/s
\end_layout
\begin_layout Code
+
# tc class add dev eth1 parent 1: classid 1:3 cbq rate 10Mbit allot 1500
bounded
\end_layout
@@ -13534,6 +14529,7 @@ Define a class 1:4 with 200 kBit/s
\end_layout
\begin_layout Code
+
# tc class add dev eth1 parent 1: classid 1:4 cbq rate 200kbit allot 1500
bounded
\end_layout
@@ -13559,6 +14555,7 @@ match ip dport 5001 0xffff
\end_layout
\begin_layout Code
+
# tc filter add dev eth1 parent 1: protocol ip u32 match ip protocol
6 0xff match ip dport 5001 0xffff flowid 1:1
\end_layout
@@ -13576,6 +14573,7 @@ match ip6 protocol 6 0xff
\end_layout
\begin_layout Code
+
# tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 protocol
6 0xff match ip6 dport 5001 0xffff flowid 1:2
\end_layout
@@ -13589,6 +14587,7 @@ match ip6 flowlabel 12345 0x3ffff
\end_layout
\begin_layout Code
+
# tc filter add dev eth1 parent 1: protocol ipv6 u32 match ip6 flowlabel
12345 0x3ffff flowid 1:3
\end_layout
@@ -13602,6 +14601,7 @@ handle 32 fw
\end_layout
\begin_layout Code
+
# tc filter add dev eth1 parent 1: protocol ipv6 handle 32 fw flowid 1:4
\end_layout
@@ -13611,6 +14611,7 @@ The last filter definition requires an entry in the ip6tables to mark a
\end_layout
\begin_layout Code
+
# ip6tables -A POSTROUTING -t mangle -p tcp --dport 5003 -j MARK --set-mark
32
\end_layout
@@ -13624,14 +14625,17 @@ Start on server side each one one separate console:
\end_layout
\begin_layout Code
+
# iperf -V -s -p 5001
\end_layout
\begin_layout Code
+
# iperf -V -s -p 5002
\end_layout
\begin_layout Code
+
# iperf -V -s -p 5003
\end_layout
@@ -13640,29 +14644,35 @@ Start on client side and compare results:
\end_layout
\begin_layout Code
+
# iperf -V -c SERVER-IPv4 -p 5001 (expected: 1 MBit/s)
\end_layout
\begin_layout Code
+
# iperf -V -c SERVER-IPv6 -p 5001 (expected: 50 MBit/s)
\end_layout
\begin_layout Code
+
# iperf -V -c SERVER-IPv4 -p 5002 (expected: >> 50 MBit/s && <= 1000
MBit/s)
\end_layout
\begin_layout Code
+
# iperf -V -c SERVER-IPv6 -p 5002 (expected: >> 50 MBit/s && <= 1000
MBit/s)
\end_layout
\begin_layout Code
+
# iperf -V -c SERVER-IPv4 -p 5003 (expected: >> 50 MBit/s && <= 1000
MBit/s)
\end_layout
\begin_layout Code
+
# iperf -V -c SERVER-IPv6 -p 5003 (expected: 200 kBit/s)
\end_layout
@@ -13738,18 +14748,22 @@ To enable IPv6 for listening, following options are requested to change
\end_layout
\begin_layout Code
+
options {
\end_layout
\begin_layout Code
+
# sure other options here, too
\end_layout
\begin_layout Code
+
listen-on-v6 { any; };
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -13758,48 +14772,59 @@ This should result after restart in e.g.
\end_layout
\begin_layout Code
+
# netstat -lnptu |grep "named
\backslash
W*$"
\end_layout
\begin_layout Code
+
tcp 0 0 :::53 :::* LISTEN 1234/named
\end_layout
\begin_layout Code
+
¬ # incoming TCP requests
\end_layout
\begin_layout Code
+
udp 0 0 1.2.3.4:53 0.0.0.0:* 1234/named
\end_layout
\begin_layout Code
+
¬ # incoming UDP requests to IPv4 1.2.3.4
\end_layout
\begin_layout Code
+
udp 0 0 127.0.0.1:53 0.0.0.0:* 1234/named
\end_layout
\begin_layout Code
+
¬ # incoming UDP requests to IPv4 localhost
\end_layout
\begin_layout Code
+
udp 0 0 0.0.0.0:32868 0.0.0.0:* 1234/named
\end_layout
\begin_layout Code
+
¬ # dynamic chosen port for outgoing queries
\end_layout
\begin_layout Code
+
udp 0 0 :::53 :::* 1234/named
\end_layout
\begin_layout Code
+
¬ # incoming UDP request to any IPv6
\end_layout
@@ -13808,6 +14833,7 @@ And a simple test looks like
\end_layout
\begin_layout Code
+
# dig localhost @::1
\end_layout
@@ -13824,18 +14850,22 @@ To disable IPv6 for listening, following options are requested to change
\end_layout
\begin_layout Code
+
options {
\end_layout
\begin_layout Code
+
# sure other options here, too
\end_layout
\begin_layout Code
+
listen-on-v6 { none; };
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -13849,54 +14879,67 @@ IPv6 enabled ACLs are possible and should be used whenever it's possible.
\end_layout
\begin_layout Code
+
acl internal-net {
\end_layout
\begin_layout Code
+
127.0.0.1;
\end_layout
\begin_layout Code
+
1.2.3.0/24;
\end_layout
\begin_layout Code
+
2001:0db8:100::/56;
\end_layout
\begin_layout Code
+
::1/128;
\end_layout
\begin_layout Code
+
::ffff:1.2.3.4/128;
\end_layout
\begin_layout Code
+
};
\end_layout
\begin_layout Code
+
acl ns-internal-net {
\end_layout
\begin_layout Code
+
1.2.3.4;
\end_layout
\begin_layout Code
+
1.2.3.5;
\end_layout
\begin_layout Code
+
2001:0db8:100::4/128;
\end_layout
\begin_layout Code
+
2001:0db8:100::5/128;
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -13908,26 +14951,32 @@ This ACLs can be used e.g.
\end_layout
\begin_layout Code
+
options {
\end_layout
\begin_layout Code
+
# sure other options here, too
\end_layout
\begin_layout Code
+
listen-on-v6 { none; };
\end_layout
\begin_layout Code
+
allow-query { internal-net; };
\end_layout
\begin_layout Code
+
allow-transfer { ns-internal-net; };
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -13952,6 +15001,7 @@ This option is not required, but perhaps needed:
\end_layout
\begin_layout Code
+
query-source-v6 address port ;
\end_layout
@@ -13972,6 +15022,7 @@ Transfer source address is used for outgoing zone transfers:
\end_layout
\begin_layout Code
+
transfer-source-v6 [port port];
\end_layout
@@ -13984,6 +15035,7 @@ Notify source address is used for outgoing notify messages:
\end_layout
\begin_layout Code
+
notify-source-v6 [port port];
\end_layout
@@ -14136,22 +15188,27 @@ Specifying a dedicated server for the query, an IPv6 connect can be forced:
\end_layout
\begin_layout Code
+
$ host -t aaaa www.6bone.net 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
+
Using domain server:
\end_layout
\begin_layout Code
+
Name: 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
+
Address: 2001:0db8:200:f101::1#53
\end_layout
\begin_layout Code
+
Aliases:
\end_layout
@@ -14160,6 +15217,7 @@ Aliases:
\end_layout
\begin_layout Code
+
Host www.6bone.net.
not found: 5(REFUSED)
\end_layout
@@ -14169,14 +15227,17 @@ Related log entry looks like following:
\end_layout
\begin_layout Code
+
Jan 3 12:43:32 gate named[12347]: client
\end_layout
\begin_layout Code
+
¬ 2001:0db8:200:f101:212:34ff:fe12:3456#32770:
\end_layout
\begin_layout Code
+
query denied
\end_layout
@@ -14194,22 +15255,27 @@ A successful IPv6 connect looks like following:
\end_layout
\begin_layout Code
+
$ host -t aaaa www.6bone.net 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
+
Using domain server:
\end_layout
\begin_layout Code
+
Name: 2001:0db8:200:f101::1
\end_layout
\begin_layout Code
+
Address: 2001:0db8:200:f101::1#53
\end_layout
\begin_layout Code
+
Aliases:
\end_layout
@@ -14218,12 +15284,14 @@ Aliases:
\end_layout
\begin_layout Code
+
www.6bone.net.
is an alias for 6bone.net.
\end_layout
\begin_layout Code
+
6bone.net.
has AAAA address 3ffe:b00:c18:1::10
\end_layout
@@ -14267,42 +15335,52 @@ If you enable a built-in service like e.g.
\end_layout
\begin_layout Code
+
# diff -u /etc/xinetd.d/daytime.orig /etc/xinetd.d/daytime
\end_layout
\begin_layout Code
+
--- /etc/xinetd.d/daytime.orig Sun Dec 16 19:00:14 2001
\end_layout
\begin_layout Code
+
+++ /etc/xinetd.d/daytime Sun Dec 16 19:00:22 2001
\end_layout
\begin_layout Code
+
@@ -10,5 +10,5 @@
\end_layout
\begin_layout Code
+
protocol = tcp
\end_layout
\begin_layout Code
+
user = root
\end_layout
\begin_layout Code
+
wait = no
\end_layout
\begin_layout Code
+
- disable = yes
\end_layout
\begin_layout Code
+
+ disable = no
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -14311,22 +15389,27 @@ After restarting the xinetd you should get a positive result like:
\end_layout
\begin_layout Code
+
# netstat -lnptu -A inet6 |grep "xinetd*"
\end_layout
\begin_layout Code
+
tcp 0 0 ::ffff:192.168.1.1:993 :::* LISTEN 12345/xinetd-ipv6
\end_layout
\begin_layout Code
+
tcp 0 0 :::13 :::* LISTEN 12345/xinetd-ipv6 <- service
\end_layout
\begin_layout Code
+
¬ daytime/tcp
\end_layout
\begin_layout Code
+
tcp 0 0 ::ffff:192.168.1.1:143 :::* LISTEN 12345/xinetd-ipv6
\end_layout
@@ -14381,22 +15464,27 @@ Virtual host listen on an IPv6 address only
\end_layout
\begin_layout Code
+
Listen [2001:0db8:100::1]:80
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
ServerName ipv6only.yourdomain.yourtopleveldomain
\end_layout
\begin_layout Code
+
# ...sure more config lines
\end_layout
\begin_layout Code
+
\end_layout
@@ -14405,26 +15493,32 @@ Virtual host listen on an IPv6 and on an IPv4 address
\end_layout
\begin_layout Code
+
Listen [2001:0db8:100::2]:80
\end_layout
\begin_layout Code
+
Listen 1.2.3.4:80
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
ServerName ipv6andipv4.yourdomain.yourtopleveldomain
\end_layout
\begin_layout Code
+
# ...sure more config lines
\end_layout
\begin_layout Code
+
\end_layout
@@ -14433,20 +15527,24 @@ This should result after restart in e.g.
\end_layout
\begin_layout Code
+
# netstat -lnptu |grep "httpd2
\backslash
W*$"
\end_layout
\begin_layout Code
+
tcp 0 0 1.2.3.4:80 0.0.0.0:* LISTEN 12345/httpd2
\end_layout
\begin_layout Code
+
tcp 0 0 2001:0db8:100::1:80 :::* LISTEN 12345/httpd2
\end_layout
\begin_layout Code
+
tcp 0 0 2001:0db8:100::2:80 :::* LISTEN 12345/httpd2
\end_layout
@@ -14546,42 +15644,52 @@ Radvd's config file is normally /etc/radvd.conf.
\end_layout
\begin_layout Code
+
interface eth0 {
\end_layout
\begin_layout Code
+
AdvSendAdvert on;
\end_layout
\begin_layout Code
+
MinRtrAdvInterval 3;
\end_layout
\begin_layout Code
+
MaxRtrAdvInterval 10;
\end_layout
\begin_layout Code
+
prefix 2001:0db8:0100:f101::/64 {
\end_layout
\begin_layout Code
+
AdvOnLink on;
\end_layout
\begin_layout Code
+
AdvAutonomous on;
\end_layout
\begin_layout Code
+
AdvRouterAddr on;
\end_layout
\begin_layout Code
+
};
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -14590,23 +15698,28 @@ This results on client side in
\end_layout
\begin_layout Code
+
# ip -6 addr show eth0
\end_layout
\begin_layout Code
+
3: eth0: mtu 1500 qdisc pfifo_fast qlen 100
\end_layout
\begin_layout Code
+
inet6 2001:0db8:100:f101:2e0:12ff:fe34:1234/64 scope global dynamic
\end_layout
\begin_layout Code
+
valid_lft 2591992sec preferred_lft 604792sec
\end_layout
\begin_layout Code
+
inet6 fe80::2e0:12ff:fe34:1234/10 scope link
\end_layout
@@ -14629,54 +15742,67 @@ Version since 0.6.2pl3 support the automatic (re)-generation of the prefix
\end_layout
\begin_layout Code
+
interface eth0 {
\end_layout
\begin_layout Code
+
AdvSendAdvert on;
\end_layout
\begin_layout Code
+
MinRtrAdvInterval 3;
\end_layout
\begin_layout Code
+
MaxRtrAdvInterval 10;
\end_layout
\begin_layout Code
+
prefix 0:0:0:f101::/64 {
\end_layout
\begin_layout Code
+
AdvOnLink off;
\end_layout
\begin_layout Code
+
AdvAutonomous on;
\end_layout
\begin_layout Code
+
AdvRouterAddr on;
\end_layout
\begin_layout Code
+
Base6to4Interface ppp0;
\end_layout
\begin_layout Code
+
AdvPreferredLifetime 20;
\end_layout
\begin_layout Code
+
AdvValidLifetime 30;
\end_layout
\begin_layout Code
+
};
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -14686,23 +15812,28 @@ This results on client side in (assuming, ppp0 has currently 1.2.3.4 as local
\end_layout
\begin_layout Code
+
# /sbin/ip -6 addr show eth0
\end_layout
\begin_layout Code
+
3: eth0: mtu 1500 qdisc pfifo_fast qlen 100
\end_layout
\begin_layout Code
+
inet6 2002:0102:0304:f101:2e0:12ff:fe34:1234/64 scope global dynamic
\end_layout
\begin_layout Code
+
valid_lft 22sec preferred_lft 12sec
\end_layout
\begin_layout Code
+
inet6 fe80::2e0:12ff:fe34:1234/10 scope link
\end_layout
@@ -14719,6 +15850,7 @@ Additional note: if you do not used special 6to4 support in initscripts,
\end_layout
\begin_layout Code
+
# /sbin/ip -6 route add 2002:0102:0304:f101::/64 dev eth0 metric 1
\end_layout
@@ -14745,86 +15877,107 @@ radvdump
\end_layout
\begin_layout Code
+
# radvdump
\end_layout
\begin_layout Code
+
Router advertisement from fe80::280:c8ff:feb9:cef9 (hoplimit 255)
\end_layout
\begin_layout Code
+
AdvCurHopLimit: 64
\end_layout
\begin_layout Code
+
AdvManagedFlag: off
\end_layout
\begin_layout Code
+
AdvOtherConfigFlag: off
\end_layout
\begin_layout Code
+
AdvHomeAgentFlag: off
\end_layout
\begin_layout Code
+
AdvReachableTime: 0
\end_layout
\begin_layout Code
+
AdvRetransTimer: 0
\end_layout
\begin_layout Code
+
Prefix 2002:0102:0304:f101::/64
\end_layout
\begin_layout Code
+
AdvValidLifetime: 30
\end_layout
\begin_layout Code
+
AdvPreferredLifetime: 20
\end_layout
\begin_layout Code
+
AdvOnLink: off
\end_layout
\begin_layout Code
+
AdvAutonomous: on
\end_layout
\begin_layout Code
+
AdvRouterAddr: on
\end_layout
\begin_layout Code
+
Prefix 2001:0db8:100:f101::/64
\end_layout
\begin_layout Code
+
AdvValidLifetime: 2592000
\end_layout
\begin_layout Code
+
AdvPreferredLifetime: 604800
\end_layout
\begin_layout Code
+
AdvOnLink: on
\end_layout
\begin_layout Code
+
AdvAutonomous: on
\end_layout
\begin_layout Code
+
AdvRouterAddr: on
\end_layout
\begin_layout Code
+
AdvSourceLLAddress: 00 80 12 34 56 78
\end_layout
@@ -14876,54 +16029,67 @@ dhcp6s's config file is normally /etc/dhcp6s.conf.
\end_layout
\begin_layout Code
+
interface eth0 {
\end_layout
\begin_layout Code
+
server-preference 255;
\end_layout
\begin_layout Code
+
renew-time 60;
\end_layout
\begin_layout Code
+
rebind-time 90;
\end_layout
\begin_layout Code
+
prefer-life-time 130;
\end_layout
\begin_layout Code
+
valid-life-time 200;
\end_layout
\begin_layout Code
+
allow rapid-commit;
\end_layout
\begin_layout Code
+
option dns_servers 2001:db8:0:f101::1 sub.domain.example;
\end_layout
\begin_layout Code
+
link AAA {
\end_layout
\begin_layout Code
+
range 2001:db8:0:f101::1000 to 2001:db8:0:f101::ffff/64;
\end_layout
\begin_layout Code
+
prefix 2001:db8:0:f101::/64;
\end_layout
\begin_layout Code
+
};
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -14941,18 +16107,22 @@ dhcp6c's config file is normally /etc/dhcp6c.conf.
\end_layout
\begin_layout Code
+
interface eth0 {
\end_layout
\begin_layout Code
+
send rapid-commit;
\end_layout
\begin_layout Code
+
request domain-name-servers;
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -14969,6 +16139,7 @@ Start server, e.g.
\end_layout
\begin_layout Code
+
# service dhcp6s start
\end_layout
@@ -14981,6 +16152,7 @@ Start client in foreground, e.g.
\end_layout
\begin_layout Code
+
# dhcp6c -f eth0
\end_layout
@@ -14998,6 +16170,7 @@ The server has one foreground and two debug toggles (both should be used
\end_layout
\begin_layout Code
+
# dhcp6s -d -D -f eth0
\end_layout
@@ -15011,6 +16184,7 @@ As general debugging for test whether the IPv6 DHCP server is reable on
\end_layout
\begin_layout Code
+
# ping6 -I eth0 ff02::1:2
\end_layout
@@ -15019,51 +16193,63 @@ The client has one foreground and two debug toggles, here is an example:
\end_layout
\begin_layout Code
+
# dhcp6c -d -f eth0
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:16 dhcpv6 doesn't support hardware type 776
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:16 doesn't support sit0 address family 0
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:16 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:17 status code for this address is: success
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:17 status code: success
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:17 netlink_recv_rtgenmsg error
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:17 assigned address 2001:db8:0:f101::1002 prefix len is
not
\end_layout
\begin_layout Code
+
¬ in any RAs prefix length using 64 bit instead
\end_layout
\begin_layout Code
+
Oct/03/2005 17:18:17 renew time 60, rebind time 9
\end_layout
@@ -15114,26 +16300,32 @@ Create a dedicated configuration file /etc/dhcp/dhcpd6.conf for the IPv6
\end_layout
\begin_layout Code
+
default-lease-time 600;
\end_layout
\begin_layout Code
+
max-lease-time 7200;
\end_layout
\begin_layout Code
+
log-facility local7;
\end_layout
\begin_layout Code
+
subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
+
# Range for clients
\end_layout
\begin_layout Code
+
range6 2001:db8:0:1::129 2001:db8:0:1::254;
\end_layout
@@ -15142,10 +16334,12 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
+
# Range for clients requesting a temporary address
\end_layout
\begin_layout Code
+
range6 2001:db8:0:1::/64 temporary;
\end_layout
@@ -15154,14 +16348,17 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
+
# Additional options
\end_layout
\begin_layout Code
+
option dhcp6.name-servers fec0:0:0:1::1;
\end_layout
\begin_layout Code
+
option dhcp6.domain-search "domain.example";
\end_layout
@@ -15170,10 +16367,12 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
+
# Prefix range for delegation to sub-routers
\end_layout
\begin_layout Code
+
prefix6 2001:db8:0:100:: 2001:db8:0:f00:: /56;
\end_layout
@@ -15182,27 +16381,33 @@ subnet6 2001:db8:0:1::/64 {
\end_layout
\begin_layout Code
+
# Example for a fixed host address
\end_layout
\begin_layout Code
+
host specialclient {
\end_layout
\begin_layout Code
+
host-identifier option dhcp6.client-id 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01:
23:45;
\end_layout
\begin_layout Code
+
fixed-address6 2001:db8:0:1::127;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -15238,6 +16443,7 @@ dhcp6c
\end_layout
\begin_layout Code
+
# hexdump -e '"%07.7_ax " 1/2 "%04x" " " 14/1 "%02x:" "
\backslash
n"' /var/lib/dhcpv6/dhcp6c_duid 0000000 000e 00:01:00:01:4a:1f:ba:e3:60:b9:1f:01
@@ -15257,46 +16463,56 @@ Start server in foreground:
\end_layout
\begin_layout Code
+
# /usr/sbin/dhcpd -6 -d -cf /etc/dhcp/dhcpd6.conf eth1
\end_layout
\begin_layout Code
+
Internet Systems Consortium DHCP Server 4.1.0
\end_layout
\begin_layout Code
+
Copyright 2004-2008 Internet Systems Consortium.
\end_layout
\begin_layout Code
+
All rights reserved.
\end_layout
\begin_layout Code
+
For info, please visit http://www.isc.org/sw/dhcp/
\end_layout
\begin_layout Code
+
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not
specified in the config file
\end_layout
\begin_layout Code
+
Wrote 0 leases to leases file.
\end_layout
\begin_layout Code
+
Bound to *:547
\end_layout
\begin_layout Code
+
Listening on Socket/5/eth1/2001:db8:0:1::/64
\end_layout
\begin_layout Code
+
Sending on Socket/5/eth1/2001:db8:0:1::/64
\end_layout
@@ -15329,55 +16545,68 @@ Create a dedicated configuration file /etc/dibbler/server.conf .
\end_layout
\begin_layout Code
+
log-level 8
\end_layout
\begin_layout Code
+
log-mode short
\end_layout
\begin_layout Code
+
preference 0
\end_layout
\begin_layout Code
+
iface "eth1" {
\end_layout
\begin_layout Code
+
// also ranges can be defines, instead of exact values t1 1800-2000 t2
2700-3000
\end_layout
\begin_layout Code
+
prefered-lifetime 3600
\end_layout
\begin_layout Code
+
valid-lifetime 7200
\end_layout
\begin_layout Code
+
class {
\end_layout
\begin_layout Code
+
pool 2001:6f8:12d8:1::/64
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
option dns-server fec0:0:0:1::1
\end_layout
\begin_layout Code
+
option domain domain.example
\end_layout
\begin_layout Code
+
}
\end_layout
@@ -15394,124 +16623,148 @@ Start server in foreground:
\end_layout
\begin_layout Code
+
# dibbler-server run
\end_layout
\begin_layout Code
+
| Dibbler - a portable DHCPv6, version 0.7.3 (SERVER, Linux port)
\end_layout
\begin_layout Code
+
| Authors : Tomasz Mrugalski,Marek Senderski
\end_layout
\begin_layout Code
+
| Licence : GNU GPL v2 only.
Developed at Gdansk University of Technology.
\end_layout
\begin_layout Code
+
| Homepage: http://klub.com.pl/dhcpv6/
\end_layout
\begin_layout Code
+
2009.05.28 10:18:48 Server Notice My pid (1789) is stored in /var/lib/dibbler/s
erver.pid
\end_layout
\begin_layout Code
+
2009.05.28 10:18:48 Server Notice Detected iface eth0/3, MAC=54:52:00:01:23:45.
\end_layout
\begin_layout Code
+
2009.05.28 10:18:48 Server Notice Detected iface eth1/2, MAC=54:52:00:67:89:ab.
\end_layout
\begin_layout Code
+
2009.05.28 10:18:48 Server Notice Detected iface lo/1, MAC=00:00:00:00:00:00.
\end_layout
\begin_layout Code
+
2009.05.28 10:18:48 Server Debug Skipping database loading.
\end_layout
\begin_layout Code
+
2009.05.28 10:18:48 Server Debug Cache:server-cache.xml file: parsing started,
expecting 0 entries.
\end_layout
\begin_layout Code
+
2009.05.28 10:18:48 Server Notice Parsing /etc/dibbler/server.conf config
file...
\end_layout
\begin_layout Code
+
18:48 Server Debug Setting 0 generic option(s).
\end_layout
\begin_layout Code
+
18:48 Server Debug 0 per-client configurations (exceptions) added.
\end_layout
\begin_layout Code
+
18:48 Server Debug Parsing /etc/dibbler/server.conf done.
\end_layout
\begin_layout Code
+
18:48 Server Info 0 client class(es) defined.
\end_layout
\begin_layout Code
+
18:48 Server Debug 1 interface(s) specified in /etc/dibbler/server.conf
\end_layout
\begin_layout Code
+
18:48 Server Info Mapping allow, deny list to class 0:0 allow/deny
entries in total.
\end_layout
\begin_layout Code
+
18:48 Server Info Interface eth1/2 configuration has been loaded.
\end_layout
\begin_layout Code
+
18:48 Server Notice Running in stateful mode.
\end_layout
\begin_layout Code
+
18:48 Server Info My DUID is 00:01:00:01:11:aa:6d:a7:54:52:00:67:89:ab.
\end_layout
\begin_layout Code
+
18:48 Server Notice Creating multicast (ff02::1:2) socket on eth1/2 (eth1/2)
interface.
\end_layout
\begin_layout Code
+
18:48 Server Debug Cache: size set to 1048576 bytes, 1 cache entry size
is 87 bytes, so maximum 12052 address-client pair(s) may be cached.
\end_layout
\begin_layout Code
+
18:48 Server Notice Accepting connections.
Next event in 4294967295 second(s).
\end_layout
@@ -15573,6 +16826,7 @@ tcp_wrapper is controlled by two files name /etc/hosts.allow and /etc/hosts.deny
\end_layout
\begin_layout Code
+
$ man hosts.allow
\end_layout
@@ -15586,11 +16840,13 @@ In this file, each service which should be positive filtered (means connects
\end_layout
\begin_layout Code
+
sshd: 1.2.3.
[2001:0db8:100:200::]/64
\end_layout
\begin_layout Code
+
daytime-stream: 1.2.3.
[2001:0db8:100:200::]/64
\end_layout
@@ -15611,6 +16867,7 @@ This file contains all negative filter entries and should normally deny
\end_layout
\begin_layout Code
+
ALL: ALL
\end_layout
@@ -15622,10 +16879,12 @@ If this node is a more sensible one you can replace the standard line above
\end_layout
\begin_layout Code
+
ALL: ALL: spawn (echo "Attempt from %h %a to %d at `date`"
\end_layout
\begin_layout Code
+
| tee -a /var/log/tcp.deny.log | mail root@localhost)
\end_layout
@@ -15648,18 +16907,22 @@ A refused connection via IPv4 to an xinetd covered daytime service produces
\end_layout
\begin_layout Code
+
Jan 2 20:40:44 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap
\end_layout
\begin_layout Code
+
¬ from=::ffff:1.2.3.4
\end_layout
\begin_layout Code
+
Jan 2 20:32:06 gate xinetd-ipv6[12346]: FAIL: daytime-stream libwrap
\end_layout
\begin_layout Code
+
from=2001:0db8:100:200::212:34ff:fe12:3456
\end_layout
@@ -15669,22 +16932,27 @@ A refused connection via IPv4 to an dual-listen sshd produces a line like
\end_layout
\begin_layout Code
+
Jan 2 20:24:17 gate sshd[12345]: refused connect from ::ffff:1.2.3.4
\end_layout
\begin_layout Code
+
¬ (::ffff:1.2.3.4)
\end_layout
\begin_layout Code
+
Jan 2 20:39:33 gate sshd[12345]: refused connect
\end_layout
\begin_layout Code
+
from 2001:0db8:100:200::212:34ff:fe12:3456
\end_layout
\begin_layout Code
+
¬ (2001:0db8:100:200::212:34ff:fe12:3456)
\end_layout
@@ -15698,18 +16966,22 @@ A permitted connection via IPv4 to an xinetd covered daytime service produces
\end_layout
\begin_layout Code
+
Jan 2 20:37:50 gate xinetd-ipv6[12346]: START: daytime-stream pid=0
\end_layout
\begin_layout Code
+
¬ from=::ffff:1.2.3.4
\end_layout
\begin_layout Code
+
Jan 2 20:37:56 gate xinetd-ipv6[12346]: START: daytime-stream pid=0
\end_layout
\begin_layout Code
+
from=2001:0db8:100:200::212:34ff:fe12:3456
\end_layout
@@ -15719,18 +16991,22 @@ A permitted connection via IPv4 to an dual-listen sshd produces a line like
\end_layout
\begin_layout Code
+
Jan 2 20:43:10 gate sshd[21975]: Accepted password for user from ::ffff:1.2.3.4
\end_layout
\begin_layout Code
+
¬ port 33381 ssh2
\end_layout
\begin_layout Code
+
Jan 2 20:42:19 gate sshd[12345]: Accepted password for user
\end_layout
\begin_layout Code
+
from 2001:0db8:100:200::212:34ff:fe12:3456 port 33380 ssh2
\end_layout
@@ -15754,6 +17030,7 @@ Edit the configuration file, ususally /etc/vsftpd/vsftpd.conf, and adjust
\end_layout
\begin_layout Code
+
listen_ipv6=yes
\end_layout
@@ -15781,22 +17058,27 @@ Edit the configuration file, ususally /etc/proftpd.conf, but take care, not
\end_layout
\begin_layout Code
+
\end_layout
\begin_layout Code
+
...
\end_layout
\begin_layout Code
+
Bind 2001:0DB8::1
\end_layout
\begin_layout Code
+
...
\end_layout
\begin_layout Code
+
\end_layout
@@ -15996,30 +17278,37 @@ struct sockaddr_in
\end_layout
\begin_layout Code
+
struct sockaddr_in
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
sa_family_t sin_family;
\end_layout
\begin_layout Code
+
in_port_t sin_port;
\end_layout
\begin_layout Code
+
struct in_addr sin_addr;
\end_layout
\begin_layout Code
+
/* Plus some padding for alignment */
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -16071,34 +17360,42 @@ struct sockaddr_in6
\end_layout
\begin_layout Code
+
struct sockaddr_in6
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
sa_family_t sin6_family;
\end_layout
\begin_layout Code
+
in_port_t sin6_port;
\end_layout
\begin_layout Code
+
uint32_t sin6_flowinfo;
\end_layout
\begin_layout Code
+
struct in6_addr sin6_addr;
\end_layout
\begin_layout Code
+
uint32_t sin6_scope_id;
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -16212,6 +17509,7 @@ fe80::1%eth1
\end_layout
\begin_layout Code
+
Host A (fe80::1) ---- eth0 ---- Host B ---- eth1 ---- Host C (fe80::1)
\end_layout
@@ -16320,26 +17618,32 @@ recvfrom(2)
\end_layout
\begin_layout Code
+
ssize_t recvfrom( int s,
\end_layout
\begin_layout Code
+
void *buf,
\end_layout
\begin_layout Code
+
size_t len,
\end_layout
\begin_layout Code
+
int flags,
\end_layout
\begin_layout Code
+
struct sockaddr *from,
\end_layout
\begin_layout Code
+
socklen_t *fromlen );
\end_layout
@@ -16365,84 +17669,104 @@ struct sockaddr_storage
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Read a message from a remote peer, and return a buffer pointer to
\end_layout
\begin_layout Code
+
** the caller.
\end_layout
\begin_layout Code
+
**
\end_layout
\begin_layout Code
+
** 's' is the file descriptor for the socket.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
char *rcvMsg( int s )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
static char bfr[ 1025 ]; /* Where the msg is stored.
*/
\end_layout
\begin_layout Code
+
ssize_t count;
\end_layout
\begin_layout Code
+
struct sockaddr_storage ss; /* Where the peer adr goes.
*/
\end_layout
\begin_layout Code
+
socklen_t sslen;
\end_layout
\begin_layout Code
+
sslen = sizeof( ss );
\end_layout
\begin_layout Code
+
count = recvfrom( s,
\end_layout
\begin_layout Code
+
bfr,
\end_layout
\begin_layout Code
+
sizeof( bfr ) - 1,
\end_layout
\begin_layout Code
+
0,
\end_layout
\begin_layout Code
+
(struct sockaddr*) &ss,
\end_layout
\begin_layout Code
+
&sslen );
\end_layout
\begin_layout Code
+
bfr[ count ] = '
\backslash
0'; /* Null-terminates the message.
@@ -16450,10 +17774,12 @@ char *rcvMsg( int s )
\end_layout
\begin_layout Code
+
return bfr;
\end_layout
\begin_layout Code
+
} /* End rcvMsg() */
\end_layout
@@ -16520,18 +17846,22 @@ getaddrinfo(3)
\end_layout
\begin_layout Code
+
int getaddrinfo( const char *node,
\end_layout
\begin_layout Code
+
const char *service,
\end_layout
\begin_layout Code
+
const struct addrinfo *hints,
\end_layout
\begin_layout Code
+
struct addrinfo **res );
\end_layout
@@ -16590,46 +17920,57 @@ struct addrinfo
\end_layout
\begin_layout Code
+
struct addrinfo
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
int ai_flags;
\end_layout
\begin_layout Code
+
int ai_family;
\end_layout
\begin_layout Code
+
int ai_socktype;
\end_layout
\begin_layout Code
+
int ai_protocol;
\end_layout
\begin_layout Code
+
socklen_t ai_addrlen;
\end_layout
\begin_layout Code
+
struct sockaddr *ai_addr;
\end_layout
\begin_layout Code
+
char *ai_canonname;
\end_layout
\begin_layout Code
+
struct addrinfo *ai_next;
\end_layout
\begin_layout Code
+
};
\end_layout
@@ -17038,30 +18379,37 @@ struct sockaddr
\end_layout
\begin_layout Code
+
int getnameinfo( const struct sockaddr *sa,
\end_layout
\begin_layout Code
+
socklen_t salen,
\end_layout
\begin_layout Code
+
char *host,
\end_layout
\begin_layout Code
+
size_t hostlen,
\end_layout
\begin_layout Code
+
char *serv,
\end_layout
\begin_layout Code
+
size_t servlen,
\end_layout
\begin_layout Code
+
int flags );
\end_layout
@@ -17160,6 +18508,7 @@ For security reasons that this author won't pretend to understand, "IPv4
\end_layout
\begin_layout Code
+
::ffff:192.0.2.1
\end_layout
@@ -17230,18 +18579,22 @@ It is possible to assign a hostname to an IPv6 network address in
\end_layout
\begin_layout Code
+
::1 localhost
\end_layout
\begin_layout Code
+
127.0.0.1 localhost
\end_layout
\begin_layout Code
+
fe80::2c0:8cff:fe01:2345 pt141
\end_layout
\begin_layout Code
+
192.0.2.1 pt141
\end_layout
@@ -17346,6 +18699,7 @@ The server code is found in file tod6d.c (time-of-day IPv6 daemon).
\end_layout
\begin_layout Code
+
tod6d [-v] [service]
\end_layout
@@ -17372,257 +18726,314 @@ The server handles both TCP and UDP requests on the network.
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* File: tod6d.c
\end_layout
\begin_layout Code
+
* Description: Contains source code for an IPv6-capable 'daytime' server.
\end_layout
\begin_layout Code
+
* Author: John Wenker, Sr.
Software Engineer,
\end_layout
\begin_layout Code
+
* Performance Technologies, San Diego, USA
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** System header files.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#include /* errno declaration & error codes.
*/
\end_layout
\begin_layout Code
+
#include /* getaddrinfo(3) et al.
*/
\end_layout
\begin_layout Code
+
#include /* sockaddr_in & sockaddr_in6 definition.
*/
\end_layout
\begin_layout Code
+
#include /* printf(3) et al.
*/
\end_layout
\begin_layout Code
+
#include /* exit(2).
*/
\end_layout
\begin_layout Code
+
#include /* String manipulation & memory functions.
*/
\end_layout
\begin_layout Code
+
#include /* poll(2) and related definitions.
*/
\end_layout
\begin_layout Code
+
#include /* Socket functions (socket(2), bind(2), etc).
*/
\end_layout
\begin_layout Code
+
#include /* time(2) & ctime(3).
*/
\end_layout
\begin_layout Code
+
#include /* getopt(3), read(2), etc.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Constants.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#define DFLT_SERVICE "daytime" /* Default service name.
*/
\end_layout
\begin_layout Code
+
#define INVALID_DESC -1 /* Invalid file descriptor.
*/
\end_layout
\begin_layout Code
+
#define MAXCONNQLEN 3 /* Max nbr of connection requests to queue.
*/
\end_layout
\begin_layout Code
+
#define MAXTCPSCKTS 2 /* One TCP socket for IPv4 & one for IPv6.
*/
\end_layout
\begin_layout Code
+
#define MAXUDPSCKTS 2 /* One UDP socket for IPv4 & one for IPv6.
*/
\end_layout
\begin_layout Code
+
#define VALIDOPTS "v" /* Valid command options.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Simple boolean type definition.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
typedef enum { false = 0, true } boolean;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Prototypes for internal helper functions.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static int openSckt( const char *service,
\end_layout
\begin_layout Code
+
const char *protocol,
\end_layout
\begin_layout Code
+
int desc[ ],
\end_layout
\begin_layout Code
+
size_t *descSize );
\end_layout
\begin_layout Code
+
static void tod( int tSckt[ ],
\end_layout
\begin_layout Code
+
size_t tScktSize,
\end_layout
\begin_layout Code
+
int uSckt[ ],
\end_layout
\begin_layout Code
+
size_t uScktSize );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Global (within this file only) data objects.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static char hostBfr[ NI_MAXHOST ]; /* For use w/getnameinfo(3).
*/
\end_layout
\begin_layout Code
+
static const char *pgmName; /* Program name w/o dir prefix.
*/
\end_layout
\begin_layout Code
+
static char servBfr[ NI_MAXSERV ]; /* For use w/getnameinfo(3).
*/
\end_layout
\begin_layout Code
+
static boolean verbose = false; /* Verbose mode indication.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Usage macro for command syntax violations.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#define USAGE
\backslash
\end_layout
\begin_layout Code
+
{
\backslash
\end_layout
\begin_layout Code
+
fprintf( stderr,
\backslash
\end_layout
\begin_layout Code
+
"Usage: %s [-v] [service]
\backslash
n",
@@ -17631,37 +19042,44 @@ n",
\end_layout
\begin_layout Code
+
pgmName );
\backslash
\end_layout
\begin_layout Code
+
exit( 127 );
\backslash
\end_layout
\begin_layout Code
+
} /* End USAGE macro.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Macro to terminate the program if a system call error occurs.
The system
\end_layout
\begin_layout Code
+
** call must be one of the usual type that returns -1 on error.
This macro is
\end_layout
\begin_layout Code
+
** a modified version of a macro authored by Dr.
V.
Vinge, SDSU Dept.
@@ -17669,56 +19087,66 @@ n",
\end_layout
\begin_layout Code
+
** Computer Science (retired)...
best professor I ever had.
I hear he writes
\end_layout
\begin_layout Code
+
** great science fiction in addition to robust code, too.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#define CHK(expr)
\backslash
\end_layout
\begin_layout Code
+
do
\backslash
\end_layout
\begin_layout Code
+
{
\backslash
\end_layout
\begin_layout Code
+
if ( (expr) == -1 )
\backslash
\end_layout
\begin_layout Code
+
{
\backslash
\end_layout
\begin_layout Code
+
fprintf( stderr,
\backslash
\end_layout
\begin_layout Code
+
"%s (line %d): System call ERROR - %s.
\backslash
n",
@@ -17727,30 +19155,35 @@ n",
\end_layout
\begin_layout Code
+
pgmName,
\backslash
\end_layout
\begin_layout Code
+
__LINE__,
\backslash
\end_layout
\begin_layout Code
+
strerror( errno ) );
\backslash
\end_layout
\begin_layout Code
+
exit( 1 );
\backslash
\end_layout
\begin_layout Code
+
} /* End IF system call failed.
*/
\backslash
@@ -17758,352 +19191,436 @@ n",
\end_layout
\begin_layout Code
+
} while ( false )
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: main
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Set up a time-of-day server and handle network requests.
This server
\end_layout
\begin_layout Code
+
* handles both TCP and UDP requests.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* The usual argc and argv parameters to a main() function.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value:
\end_layout
\begin_layout Code
+
* This is a daemon program and never returns.
However, in the degenerate
\end_layout
\begin_layout Code
+
* case where no sockets are created, the function returns zero.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
int main( int argc,
\end_layout
\begin_layout Code
+
char *argv[ ] )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
int opt;
\end_layout
\begin_layout Code
+
const char *service = DFLT_SERVICE;
\end_layout
\begin_layout Code
+
int tSckt[ MAXTCPSCKTS ]; /* Array of TCP socket descriptors.
*/
\end_layout
\begin_layout Code
+
size_t tScktSize = MAXTCPSCKTS; /* Size of uSckt (# of elements).
*/
\end_layout
\begin_layout Code
+
int uSckt[ MAXUDPSCKTS ]; /* Array of UDP socket descriptors.
*/
\end_layout
\begin_layout Code
+
size_t uScktSize = MAXUDPSCKTS; /* Size of uSckt (# of elements).
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Set the program name (w/o directory prefix).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
pgmName = strrchr( argv[ 0 ], '/' );
\end_layout
\begin_layout Code
+
pgmName = pgmName == NULL ? argv[ 0 ] : pgmName + 1;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Process command options.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
opterr = 0; /* Turns off "invalid option" error messages.
*/
\end_layout
\begin_layout Code
+
while ( ( opt = getopt( argc, argv, VALIDOPTS ) ) >= 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
switch ( opt )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case 'v': /* Verbose mode.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
verbose = true;
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
default:
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
USAGE;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End SWITCH on command option.
*/
\end_layout
\begin_layout Code
+
} /* End WHILE processing options.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Process command line arguments.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
switch ( argc - optind )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case 0: break;
\end_layout
\begin_layout Code
+
case 1: service = argv[ optind ]; break;
\end_layout
\begin_layout Code
+
default: USAGE;
\end_layout
\begin_layout Code
+
} /* End SWITCH on number of command line arguments.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Open both a TCP and UDP socket, for both IPv4 & IPv6, on which to
receive
\end_layout
\begin_layout Code
+
** service requests.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ( openSckt( service, "tcp", tSckt, &tScktSize ) < 0 ) ||
\end_layout
\begin_layout Code
+
( openSckt( service, "udp", uSckt, &uScktSize ) < 0 ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
exit( 1 );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Run the time-of-day server.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ( tScktSize > 0 ) || ( uScktSize > 0 ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
tod( tSckt, /* tod() never returns.
*/
\end_layout
\begin_layout Code
+
tScktSize,
\end_layout
\begin_layout Code
+
uSckt,
\end_layout
\begin_layout Code
+
uScktSize );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Since tod() never returns, execution only gets here if no sockets
were
\end_layout
\begin_layout Code
+
** created.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s: No sockets opened...
terminating.
\backslash
@@ -18111,286 +19628,354 @@ n",
\end_layout
\begin_layout Code
+
pgmName );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
return 0;
\end_layout
\begin_layout Code
+
} /* End main() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: openSckt
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Open passive (server) sockets for the indicated inet service & protocol.
\end_layout
\begin_layout Code
+
* Notice in the last sentence that "sockets" is plural.
During the interim
\end_layout
\begin_layout Code
+
* transition period while everyone is switching over to IPv6, the server
\end_layout
\begin_layout Code
+
* application has to open two sockets on which to listen for connections...
\end_layout
\begin_layout Code
+
* one for IPv4 traffic and one for IPv6 traffic.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* service - Pointer to a character string representing the well-known
port
\end_layout
\begin_layout Code
+
* on which to listen (can be a service name or a decimal number).
\end_layout
\begin_layout Code
+
* protocol - Pointer to a character string representing the transport
layer
\end_layout
\begin_layout Code
+
* protocol (only "tcp" or "udp" are valid).
\end_layout
\begin_layout Code
+
* desc - Pointer to an array into which the socket descriptors are
\end_layout
\begin_layout Code
+
* placed when opened.
\end_layout
\begin_layout Code
+
* descSize - This is a value-result parameter.
On input, it contains the
\end_layout
\begin_layout Code
+
* max number of descriptors that can be put into 'desc' (i.e.
the
\end_layout
\begin_layout Code
+
* number of elements in the array).
Upon return, it will contain
\end_layout
\begin_layout Code
+
* the number of descriptors actually opened.
Any unused slots in
\end_layout
\begin_layout Code
+
* 'desc' are set to INVALID_DESC.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value:
\end_layout
\begin_layout Code
+
* 0 on success, -1 on error.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
static int openSckt( const char *service,
\end_layout
\begin_layout Code
+
const char *protocol,
\end_layout
\begin_layout Code
+
int desc[ ],
\end_layout
\begin_layout Code
+
size_t *descSize )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct addrinfo *ai;
\end_layout
\begin_layout Code
+
int aiErr;
\end_layout
\begin_layout Code
+
struct addrinfo *aiHead;
\end_layout
\begin_layout Code
+
struct addrinfo hints = { .ai_flags = AI_PASSIVE, /* Server mode.
\end_layout
\begin_layout Code
+
¬ */
\end_layout
\begin_layout Code
+
.ai_family = PF_UNSPEC }; /* IPv4 or IPv6.
\end_layout
\begin_layout Code
+
¬ */
\end_layout
\begin_layout Code
+
size_t maxDescs = *descSize;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Initialize output parameters.
When the loop completes, *descSize is 0.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
while ( *descSize > 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
desc[ --( *descSize ) ] = INVALID_DESC;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Check which protocol is selected (only TCP and UDP are valid).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( strcmp( protocol, "tcp" ) == 0 ) /* TCP protocol.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
hints.ai_socktype = SOCK_STREAM;
\end_layout
\begin_layout Code
+
hints.ai_protocol = IPPROTO_TCP;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
else if ( strcmp( protocol, "udp" ) == 0 ) /* UDP protocol.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
hints.ai_socktype = SOCK_DGRAM;
\end_layout
\begin_layout Code
+
hints.ai_protocol = IPPROTO_UDP;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
else /* Invalid protocol.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - Unknown transport "
\end_layout
\begin_layout Code
+
"layer protocol
\backslash
"%s
@@ -18401,191 +19986,235 @@ n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
protocol );
\end_layout
\begin_layout Code
+
return -1;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Look up the service's well-known port number.
Notice that NULL is being
\end_layout
\begin_layout Code
+
** passed for the 'node' parameter, and that the AI_PASSIVE flag is set
in
\end_layout
\begin_layout Code
+
** 'hints'.
Thus, the program is requesting passive address information.
\end_layout
\begin_layout Code
+
** The network address is initialized to :: (all zeros) for IPv6 records,
or
\end_layout
\begin_layout Code
+
** 0.0.0.0 for IPv4 records.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ( aiErr = getaddrinfo( NULL,
\end_layout
\begin_layout Code
+
service,
\end_layout
\begin_layout Code
+
&hints,
\end_layout
\begin_layout Code
+
&aiHead ) ) != 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - %s.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
gai_strerror( aiErr ) );
\end_layout
\begin_layout Code
+
return -1;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** For each of the address records returned, attempt to set up a passive
\end_layout
\begin_layout Code
+
** socket.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
for ( ai = aiHead;
\end_layout
\begin_layout Code
+
( ai != NULL ) && ( *descSize < maxDescs );
\end_layout
\begin_layout Code
+
ai = ai->ai_next )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
if ( verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the current address info.
Start with the protocol-
\end_layout
\begin_layout Code
+
** independent fields first.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"Setting up a passive socket based on the "
\end_layout
\begin_layout Code
+
"following address info:
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_flags = 0x%02X
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_family = %d (PF_INET = %d, PF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM =
%d)
\backslash
@@ -18593,6 +20222,7 @@ n"
\end_layout
\begin_layout Code
+
" ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP =
%d)
\backslash
@@ -18600,512 +20230,629 @@ n"
\end_layout
\begin_layout Code
+
" ai_addrlen = %d (sockaddr_in = %d, "
\end_layout
\begin_layout Code
+
"sockaddr_in6 = %d)
\backslash
n",
\end_layout
\begin_layout Code
+
ai->ai_flags,
\end_layout
\begin_layout Code
+
ai->ai_family,
\end_layout
\begin_layout Code
+
PF_INET,
\end_layout
\begin_layout Code
+
PF_INET6,
\end_layout
\begin_layout Code
+
ai->ai_socktype,
\end_layout
\begin_layout Code
+
SOCK_STREAM,
\end_layout
\begin_layout Code
+
SOCK_DGRAM,
\end_layout
\begin_layout Code
+
ai->ai_protocol,
\end_layout
\begin_layout Code
+
IPPROTO_TCP,
\end_layout
\begin_layout Code
+
IPPROTO_UDP,
\end_layout
\begin_layout Code
+
ai->ai_addrlen,
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in ),
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in6 ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Now display the protocol-specific formatted socket address.
Note
\end_layout
\begin_layout Code
+
** that the program is requesting that getnameinfo(3) convert the
\end_layout
\begin_layout Code
+
** host & service into numeric strings.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
getnameinfo( ai->ai_addr,
\end_layout
\begin_layout Code
+
ai->ai_addrlen,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
sizeof( hostBfr ),
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
sizeof( servBfr ),
\end_layout
\begin_layout Code
+
NI_NUMERICHOST | NI_NUMERICSERV );
\end_layout
\begin_layout Code
+
switch ( ai->ai_family )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case PF_INET: /* IPv4 address record.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct sockaddr_in *p = (struct sockaddr_in*) ai->ai_addr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" ai_addr = sin_family: %d (AF_INET = %d,
"
\end_layout
\begin_layout Code
+
"AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_port: %s
\backslash
n",
\end_layout
\begin_layout Code
+
p->sin_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv4.
*/
\end_layout
\begin_layout Code
+
case PF_INET6: /* IPv6 address record.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct sockaddr_in6 *p = (struct sockaddr_in6*) ai->ai_addr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" ai_addr = sin6_family: %d (AF_INET =
%d, "
\end_layout
\begin_layout Code
+
"AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_port: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_flowinfo: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_scope_id: %d
\backslash
n",
\end_layout
\begin_layout Code
+
p->sin6_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
p->sin6_flowinfo,
\end_layout
\begin_layout Code
+
p->sin6_scope_id );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv6.
*/
\end_layout
\begin_layout Code
+
default: /* Can never get here, but just for completeness.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - Unknown protocol family (%d).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
ai->ai_family );
\end_layout
\begin_layout Code
+
freeaddrinfo( aiHead );
\end_layout
\begin_layout Code
+
return -1;
\end_layout
\begin_layout Code
+
} /* End DEFAULT case (unknown protocol family).
*/
\end_layout
\begin_layout Code
+
} /* End SWITCH on protocol family.
*/
\end_layout
\begin_layout Code
+
} /* End IF verbose mode.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Create a socket using the info in the addrinfo structure.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
CHK( desc[ *descSize ] = socket( ai->ai_family,
\end_layout
\begin_layout Code
+
ai->ai_socktype,
\end_layout
\begin_layout Code
+
ai->ai_protocol ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Here is the code that prevents "IPv4 mapped addresses", as discussed
\end_layout
\begin_layout Code
+
** in Section 22.1.3.1.
If an IPv6 socket was just created, then set the
\end_layout
\begin_layout Code
+
** IPV6_V6ONLY socket option.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ai->ai_family == PF_INET6 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
#if defined( IPV6_V6ONLY )
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Disable IPv4 mapped addresses.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
int v6Only = 1;
\end_layout
\begin_layout Code
+
CHK( setsockopt( desc[ *descSize ],
\end_layout
\begin_layout Code
+
IPPROTO_IPV6,
\end_layout
\begin_layout Code
+
IPV6_V6ONLY,
\end_layout
\begin_layout Code
+
&v6Only,
\end_layout
\begin_layout Code
+
sizeof( v6Only ) ) );
\end_layout
\begin_layout Code
+
#else
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** IPV6_V6ONLY is not defined, so the socket option can't be set
and
\end_layout
\begin_layout Code
+
** thus IPv4 mapped addresses can't be disabled.
Print a warning
\end_layout
\begin_layout Code
+
** message and close the socket.
Design note: If the
\end_layout
\begin_layout Code
+
** #if...#else...#endif construct were removed, then this program
\end_layout
\begin_layout Code
+
** would not compile (because IPV6_V6ONLY isn't defined).
That's an
\end_layout
\begin_layout Code
+
** acceptable approach; IPv4 mapped addresses are certainly disabled
\end_layout
\begin_layout Code
+
** if the program can't build! However, since this program is
also
\end_layout
\begin_layout Code
+
** designed to work for IPv4 sockets as well as IPv6, I decided
to
\end_layout
\begin_layout Code
+
** allow the program to compile when IPV6_V6ONLY is not defined,
and
\end_layout
\begin_layout Code
+
** turn it into a run-time warning rather than a compile-time error.
\end_layout
\begin_layout Code
+
** IPv4 mapped addresses are still disabled because _all_ IPv6
traffic
\end_layout
\begin_layout Code
+
** is disabled (all IPv6 sockets are closed here), but at least
this
\end_layout
\begin_layout Code
+
** way the server can still service IPv4 network traffic.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): WARNING - Cannot set IPV6_V6ONLY socket
"
\end_layout
\begin_layout Code
+
"option.
Closing IPv6 %s socket.
\backslash
@@ -19113,556 +20860,690 @@ n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
ai->ai_protocol == IPPROTO_TCP ? "TCP" : "UDP" );
\end_layout
\begin_layout Code
+
CHK( close( desc[ *descSize ] ) );
\end_layout
\begin_layout Code
+
continue; /* Go to top of FOR loop w/o updating *descSize! */
\end_layout
\begin_layout Code
+
#endif /* IPV6_V6ONLY */
\end_layout
\begin_layout Code
+
} /* End IF this is an IPv6 socket.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Bind the socket.
Again, the info from the addrinfo structure is used.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
CHK( bind( desc[ *descSize ],
\end_layout
\begin_layout Code
+
ai->ai_addr,
\end_layout
\begin_layout Code
+
ai->ai_addrlen ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** If this is a TCP socket, put the socket into passive listening
mode
\end_layout
\begin_layout Code
+
** (listen is only valid on connection-oriented sockets).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ai->ai_socktype == SOCK_STREAM )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
CHK( listen( desc[ *descSize ],
\end_layout
\begin_layout Code
+
MAXCONNQLEN ) );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Socket set up okay.
Bump index to next descriptor array element.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
*descSize += 1;
\end_layout
\begin_layout Code
+
} /* End FOR each address info structure returned.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Dummy check for unused address records.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( verbose && ( ai != NULL ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): WARNING - Some address records were "
\end_layout
\begin_layout Code
+
"not processed due to insufficient array space.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__ );
\end_layout
\begin_layout Code
+
} /* End IF verbose and some address records remain unprocessed.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Clean up.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
freeaddrinfo( aiHead );
\end_layout
\begin_layout Code
+
return 0;
\end_layout
\begin_layout Code
+
} /* End openSckt() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: tod
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Listen on a set of sockets and send the current time-of-day to any
\end_layout
\begin_layout Code
+
* clients.
This function never returns.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* tSckt - Array of TCP socket descriptors on which to listen.
\end_layout
\begin_layout Code
+
* tScktSize - Size of the tSckt array (nbr of elements).
\end_layout
\begin_layout Code
+
* uSckt - Array of UDP socket descriptors on which to listen.
\end_layout
\begin_layout Code
+
* uScktSize - Size of the uSckt array (nbr of elements).
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value: None.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
static void tod( int tSckt[ ],
\end_layout
\begin_layout Code
+
size_t tScktSize,
\end_layout
\begin_layout Code
+
int uSckt[ ],
\end_layout
\begin_layout Code
+
size_t uScktSize )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
char bfr[ 256 ];
\end_layout
\begin_layout Code
+
ssize_t count;
\end_layout
\begin_layout Code
+
struct pollfd *desc;
\end_layout
\begin_layout Code
+
size_t descSize = tScktSize + uScktSize;
\end_layout
\begin_layout Code
+
int idx;
\end_layout
\begin_layout Code
+
int newSckt;
\end_layout
\begin_layout Code
+
struct sockaddr *sadr;
\end_layout
\begin_layout Code
+
socklen_t sadrLen;
\end_layout
\begin_layout Code
+
struct sockaddr_storage sockStor;
\end_layout
\begin_layout Code
+
int status;
\end_layout
\begin_layout Code
+
size_t timeLen;
\end_layout
\begin_layout Code
+
char *timeStr;
\end_layout
\begin_layout Code
+
time_t timeVal;
\end_layout
\begin_layout Code
+
ssize_t wBytes;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Allocate memory for the poll(2) array.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
desc = malloc( descSize * sizeof( struct pollfd ) );
\end_layout
\begin_layout Code
+
if ( desc == NULL )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - %s.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
strerror( ENOMEM ) );
\end_layout
\begin_layout Code
+
exit( 1 );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Initialize the poll(2) array.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
for ( idx = 0; idx < descSize; idx++ )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
desc[ idx ].fd = idx < tScktSize ? tSckt[ idx ]
\end_layout
\begin_layout Code
+
: uSckt[ idx - tScktSize ];
\end_layout
\begin_layout Code
+
desc[ idx ].events = POLLIN;
\end_layout
\begin_layout Code
+
desc[ idx ].revents = 0;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Main time-of-day server loop.
Handles both TCP & UDP requests.
This is
\end_layout
\begin_layout Code
+
** an interative server, and all requests are handled directly within
the
\end_layout
\begin_layout Code
+
** main loop.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
while ( true ) /* Do forever.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Wait for activity on one of the sockets.
The DO..WHILE construct is
\end_layout
\begin_layout Code
+
** used to restart the system call in the event the process is
\end_layout
\begin_layout Code
+
** interrupted by a signal.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
do
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
status = poll( desc,
\end_layout
\begin_layout Code
+
descSize,
\end_layout
\begin_layout Code
+
-1 /* Wait indefinitely for input.
*/ );
\end_layout
\begin_layout Code
+
} while ( ( status < 0 ) && ( errno == EINTR ) );
\end_layout
\begin_layout Code
+
CHK( status ); /* Check for a bona fide system call error.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Get the current time.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
timeVal = time( NULL );
\end_layout
\begin_layout Code
+
timeStr = ctime( &timeVal );
\end_layout
\begin_layout Code
+
timeLen = strlen( timeStr );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Indicate that there is new network activity.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
char *s = malloc( timeLen+1 );
\end_layout
\begin_layout Code
+
strcpy( s, timeStr );
\end_layout
\begin_layout Code
+
s[ timeLen-1 ] = '
\backslash
0'; /* Overwrite '
@@ -19672,743 +21553,913 @@ n' in date string.
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s: New network activity on %s.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
s );
\end_layout
\begin_layout Code
+
free( s );
\end_layout
\begin_layout Code
+
} /* End IF verbose.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Process sockets with input available.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
for ( idx = 0; idx < descSize; idx++ )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
switch ( desc[ idx ].revents )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case 0: /* No activity on this socket; try the next.
*/
\end_layout
\begin_layout Code
+
continue;
\end_layout
\begin_layout Code
+
case POLLIN: /* Network activity.
Go process it.
*/
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
default: /* Invalid poll events.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - Invalid poll event (0x%02X).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
desc[ idx ].revents );
\end_layout
\begin_layout Code
+
exit( 1 );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End SWITCH on returned poll events.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Determine if this is a TCP request or UDP request.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( idx < tScktSize )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** TCP connection requested.
Accept it.
Notice the use of
\end_layout
\begin_layout Code
+
** the sockaddr_storage data type.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
sadrLen = sizeof( sockStor );
\end_layout
\begin_layout Code
+
sadr = (struct sockaddr*) &sockStor;
\end_layout
\begin_layout Code
+
CHK( newSckt = accept( desc[ idx ].fd,
\end_layout
\begin_layout Code
+
sadr,
\end_layout
\begin_layout Code
+
&sadrLen ) );
\end_layout
\begin_layout Code
+
CHK( shutdown( newSckt, /* Server never recv's anything.
*/
\end_layout
\begin_layout Code
+
SHUT_RD ) );
\end_layout
\begin_layout Code
+
if ( verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the socket address of the remote client.
Begin with
\end_layout
\begin_layout Code
+
** the address-independent fields.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"Sockaddr info for new TCP client:
\backslash
n"
\end_layout
\begin_layout Code
+
" sa_family = %d (AF_INET = %d, AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" addr len = %d (sockaddr_in = %d, "
\end_layout
\begin_layout Code
+
"sockaddr_in6 = %d)
\backslash
n",
\end_layout
\begin_layout Code
+
sadr->sa_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
sadrLen,
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in ),
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in6 ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the address-specific fields.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
getnameinfo( sadr,
\end_layout
\begin_layout Code
+
sadrLen,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
sizeof( hostBfr ),
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
sizeof( servBfr ),
\end_layout
\begin_layout Code
+
NI_NUMERICHOST | NI_NUMERICSERV );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Notice that we're switching on an address family now,
not a
\end_layout
\begin_layout Code
+
** protocol family.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
switch ( sadr->sa_family )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case AF_INET: /* IPv4 address.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct sockaddr_in *p = (struct sockaddr_in*) sadr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" sin_addr = sin_family: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_port: %s
\backslash
n",
\end_layout
\begin_layout Code
+
p->sin_family,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv4.
*/
\end_layout
\begin_layout Code
+
case AF_INET6: /* IPv6 address.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct sockaddr_in6 *p = (struct sockaddr_in6*) sadr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" sin6_addr = sin6_family: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_port: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_flowinfo: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_scope_id: %d
\backslash
n",
\end_layout
\begin_layout Code
+
p->sin6_family,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
p->sin6_flowinfo,
\end_layout
\begin_layout Code
+
p->sin6_scope_id );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv6.
*/
\end_layout
\begin_layout Code
+
default: /* Can never get here, but for completeness.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - Unknown address "
\end_layout
\begin_layout Code
+
"family (%d).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
sadr->sa_family );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End DEFAULT case (unknown address family).
*/
\end_layout
\begin_layout Code
+
} /* End SWITCH on address family.
*/
\end_layout
\begin_layout Code
+
} /* End IF verbose mode.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Send the TOD to the client.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
wBytes = timeLen;
\end_layout
\begin_layout Code
+
while ( wBytes > 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
do
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
count = write( newSckt,
\end_layout
\begin_layout Code
+
timeStr,
\end_layout
\begin_layout Code
+
wBytes );
\end_layout
\begin_layout Code
+
} while ( ( count < 0 ) && ( errno == EINTR ) );
\end_layout
\begin_layout Code
+
CHK( count ); /* Check for a bona fide error.
*/
\end_layout
\begin_layout Code
+
wBytes -= count;
\end_layout
\begin_layout Code
+
} /* End WHILE there is data to send.
*/
\end_layout
\begin_layout Code
+
CHK( close( newSckt ) );
\end_layout
\begin_layout Code
+
} /* End IF this was a TCP connection request.
*/
\end_layout
\begin_layout Code
+
else
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** This is a UDP socket, and a datagram is available.
The funny
\end_layout
\begin_layout Code
+
** thing about UDP requests is that this server doesn't require
any
\end_layout
\begin_layout Code
+
** client input; but it can't send the TOD unless it knows a
client
\end_layout
\begin_layout Code
+
** wants the data, and the only way that can occur with UDP
is if
\end_layout
\begin_layout Code
+
** the server receives a datagram from the client.
Thus, the
\end_layout
\begin_layout Code
+
** server must receive _something_, but the content of the datagram
\end_layout
\begin_layout Code
+
** is irrelevant.
Read in the datagram.
Again note the use of
\end_layout
\begin_layout Code
+
** sockaddr_storage to receive the address.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
sadrLen = sizeof( sockStor );
\end_layout
\begin_layout Code
+
sadr = (struct sockaddr*) &sockStor;
\end_layout
\begin_layout Code
+
CHK( count = recvfrom( desc[ idx ].fd,
\end_layout
\begin_layout Code
+
bfr,
\end_layout
\begin_layout Code
+
sizeof( bfr ),
\end_layout
\begin_layout Code
+
0,
\end_layout
\begin_layout Code
+
sadr,
\end_layout
\begin_layout Code
+
&sadrLen ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display whatever was received on stdout.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
ssize_t rBytes = count;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s: UDP datagram received (%d bytes).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
count );
\end_layout
\begin_layout Code
+
while ( count > 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fputc( bfr[ rBytes - count-- ],
\end_layout
\begin_layout Code
+
stdout );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
if ( bfr[ rBytes-1 ] != '
\backslash
n' )
\end_layout
\begin_layout Code
+
fputc( '
\backslash
n', stdout ); /* Newline also flushes stdout.
@@ -20416,403 +22467,493 @@ n', stdout ); /* Newline also flushes stdout.
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the socket address of the remote client.
Address-
\end_layout
\begin_layout Code
+
** independent fields first.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"Remote client's sockaddr info:
\backslash
n"
\end_layout
\begin_layout Code
+
" sa_family = %d (AF_INET = %d, AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" addr len = %d (sockaddr_in = %d, "
\end_layout
\begin_layout Code
+
"sockaddr_in6 = %d)
\backslash
n",
\end_layout
\begin_layout Code
+
sadr->sa_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
sadrLen,
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in ),
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in6 ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the address-specific information.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
getnameinfo( sadr,
\end_layout
\begin_layout Code
+
sadrLen,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
sizeof( hostBfr ),
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
sizeof( servBfr ),
\end_layout
\begin_layout Code
+
NI_NUMERICHOST | NI_NUMERICSERV );
\end_layout
\begin_layout Code
+
switch ( sadr->sa_family )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case AF_INET: /* IPv4 address.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct sockaddr_in *p = (struct sockaddr_in*) sadr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" sin_addr = sin_family: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_port: %s
\backslash
n",
\end_layout
\begin_layout Code
+
p->sin_family,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv4 address.
*/
\end_layout
\begin_layout Code
+
case AF_INET6: /* IPv6 address.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct sockaddr_in6 *p = (struct sockaddr_in6*) sadr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" sin6_addr = sin6_family: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_port: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_flowinfo: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_scope_id: %d
\backslash
n",
\end_layout
\begin_layout Code
+
p->sin6_family,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
p->sin6_flowinfo,
\end_layout
\begin_layout Code
+
p->sin6_scope_id );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv6 address.
*/
\end_layout
\begin_layout Code
+
default: /* Can never get here, but for completeness.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - Unknown address "
\end_layout
\begin_layout Code
+
"family (%d).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
sadr->sa_family );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End DEFAULT case (unknown address family).
*/
\end_layout
\begin_layout Code
+
} /* End SWITCH on address family.
*/
\end_layout
\begin_layout Code
+
} /* End IF verbose mode.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Send the time-of-day to the client.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
wBytes = timeLen;
\end_layout
\begin_layout Code
+
while ( wBytes > 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
do
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
count = sendto( desc[ idx ].fd,
\end_layout
\begin_layout Code
+
timeStr,
\end_layout
\begin_layout Code
+
wBytes,
\end_layout
\begin_layout Code
+
0,
\end_layout
\begin_layout Code
+
sadr, /* Address & address length
*/
\end_layout
\begin_layout Code
+
sadrLen ); /* received in recvfrom().
*/
\end_layout
\begin_layout Code
+
} while ( ( count < 0 ) && ( errno == EINTR ) );
\end_layout
\begin_layout Code
+
CHK( count ); /* Check for a bona fide error.
*/
\end_layout
\begin_layout Code
+
wBytes -= count;
\end_layout
\begin_layout Code
+
} /* End WHILE there is data to send.
*/
\end_layout
\begin_layout Code
+
} /* End ELSE a UDP datagram is available.
*/
\end_layout
\begin_layout Code
+
desc[ idx ].revents = 0; /* Clear the returned poll events.
*/
\end_layout
\begin_layout Code
+
} /* End FOR each socket descriptor.
*/
\end_layout
\begin_layout Code
+
} /* End WHILE forever.
*/
\end_layout
\begin_layout Code
+
} /* End tod() */
\end_layout
@@ -20827,6 +22968,7 @@ The TCP client code is found in file tod6tc.c (time-of-day IPv6 TCP client).
\end_layout
\begin_layout Code
+
tod6tc [-v] [-s scope_id] [host [service]]
\end_layout
@@ -20867,216 +23009,265 @@ The TCP client source code contained in tod6tc.c follows:
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* File: tod6tc.c
\end_layout
\begin_layout Code
+
* Description: Contains source code for an IPv6-capable 'daytime' TCP client.
\end_layout
\begin_layout Code
+
* Author: John Wenker, Sr.
Software Engineer
\end_layout
\begin_layout Code
+
* Performance Technologies, San Diego, USA
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** System header files.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#include /* errno declaration and error codes.
*/
\end_layout
\begin_layout Code
+
#include /* if_nametoindex(3).
*/
\end_layout
\begin_layout Code
+
#include /* getaddrinfo(3) and associated definitions.
*/
\end_layout
\begin_layout Code
+
#include /* sockaddr_in and sockaddr_in6 definitions.
*/
\end_layout
\begin_layout Code
+
#include /* printf(3) et al.
*/
\end_layout
\begin_layout Code
+
#include /* exit(2).
*/
\end_layout
\begin_layout Code
+
#include /* String manipulation and memory functions.
*/
\end_layout
\begin_layout Code
+
#include /* Socket functions (socket(2), connect(2), etc).
*/
\end_layout
\begin_layout Code
+
#include /* getopt(3), read(2), etc.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Constants & macros.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#define DFLT_HOST "localhost" /* Default server name.
*/
\end_layout
\begin_layout Code
+
#define DFLT_SCOPE_ID "eth0" /* Default scope identifier.
*/
\end_layout
\begin_layout Code
+
#define DFLT_SERVICE "daytime" /* Default service name.
*/
\end_layout
\begin_layout Code
+
#define INVALID_DESC -1 /* Invalid file (socket) descriptor.
*/
\end_layout
\begin_layout Code
+
#define MAXBFRSIZE 256 /* Max bfr sz to read remote TOD.
*/
\end_layout
\begin_layout Code
+
#define VALIDOPTS "s:v" /* Valid command options.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Type definitions (for convenience).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
typedef enum { false = 0, true } boolean;
\end_layout
\begin_layout Code
+
typedef struct sockaddr_in sockaddr_in_t;
\end_layout
\begin_layout Code
+
typedef struct sockaddr_in6 sockaddr_in6_t;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Prototypes for internal helper functions.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static int openSckt( const char *host,
\end_layout
\begin_layout Code
+
const char *service,
\end_layout
\begin_layout Code
+
unsigned int scopeId );
\end_layout
\begin_layout Code
+
static void tod( int sckt );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Global (within this file only) data objects.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static const char *pgmName; /* Program name (w/o directory).
*/
\end_layout
\begin_layout Code
+
static boolean verbose = false; /* Verbose mode.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Usage macro.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#define USAGE
\backslash
@@ -21084,6 +23275,7 @@ static boolean verbose = false; /* Verbose mode.
\end_layout
\begin_layout Code
+
{
\backslash
@@ -21091,6 +23283,7 @@ static boolean verbose = false; /* Verbose mode.
\end_layout
\begin_layout Code
+
fprintf( stderr,
\backslash
@@ -21098,6 +23291,7 @@ static boolean verbose = false; /* Verbose mode.
\end_layout
\begin_layout Code
+
"Usage: %s [-v] [-s scope_id] [host [service]]
\backslash
n",
@@ -21106,6 +23300,7 @@ n",
\end_layout
\begin_layout Code
+
pgmName );
\backslash
@@ -21113,6 +23308,7 @@ n",
\end_layout
\begin_layout Code
+
exit( 127 );
\backslash
@@ -21120,20 +23316,24 @@ n",
\end_layout
\begin_layout Code
+
} /* End USAGE macro.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** This "macro" (even though it's really a function) is loosely based on
the
\end_layout
\begin_layout Code
+
** CHK() macro by Dr.
V.
Vinge (see server code).
@@ -21141,540 +23341,669 @@ n",
\end_layout
\begin_layout Code
+
** a boolean expression indicating the return code from one of the usual
system
\end_layout
\begin_layout Code
+
** calls that returns -1 on error.
If a system call error occurred, an alert
\end_layout
\begin_layout Code
+
** is written to stderr.
It returns a boolean value indicating success/failure
\end_layout
\begin_layout Code
+
** of the system call.
\end_layout
\begin_layout Code
+
**
\end_layout
\begin_layout Code
+
** Example: if ( !SYSCALL( "write",
\end_layout
\begin_layout Code
+
** count = write( fd, bfr, size ) ) )
\end_layout
\begin_layout Code
+
** {
\end_layout
\begin_layout Code
+
** // Error processing...
but SYSCALL() will have already taken
\end_layout
\begin_layout Code
+
** // care of dumping an error alert to stderr.
\end_layout
\begin_layout Code
+
** }
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static __inline boolean SYSCALL( const char *syscallName,
\end_layout
\begin_layout Code
+
int lineNbr,
\end_layout
\begin_layout Code
+
int status )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
if ( ( status == -1 ) && verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): System call failed ('%s') - %s.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
lineNbr,
\end_layout
\begin_layout Code
+
syscallName,
\end_layout
\begin_layout Code
+
strerror( errno ) );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
return status != -1; /* True if the system call was successful.
*/
\end_layout
\begin_layout Code
+
} /* End SYSCALL() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: main
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Connect to a remote time-of-day service and write the remote host's
TOD to
\end_layout
\begin_layout Code
+
* stdout.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* The usual argc & argv parameters to a main() program.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value:
\end_layout
\begin_layout Code
+
* This function always returns zero.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
int main( int argc,
\end_layout
\begin_layout Code
+
char *argv[ ] )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
const char *host = DFLT_HOST;
\end_layout
\begin_layout Code
+
int opt;
\end_layout
\begin_layout Code
+
int sckt;
\end_layout
\begin_layout Code
+
unsigned int scopeId = if_nametoindex( DFLT_SCOPE_ID );
\end_layout
\begin_layout Code
+
const char *service = DFLT_SERVICE;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Determine the program name (w/o directory prefix).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
pgmName = (const char*) strrchr( argv[ 0 ], '/' );
\end_layout
\begin_layout Code
+
pgmName = pgmName == NULL ? argv[ 0 ] : pgmName+1;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Process command line options.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
opterr = 0; /* Turns off "invalid option" error messages.
*/
\end_layout
\begin_layout Code
+
while ( ( opt = getopt( argc, argv, VALIDOPTS ) ) != -1 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
switch ( opt )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case 's': /* Scope identifier (IPv6 kluge).
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
scopeId = if_nametoindex( optarg );
\end_layout
\begin_layout Code
+
if ( scopeId == 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s: Unknown network interface (%s).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
optarg );
\end_layout
\begin_layout Code
+
USAGE;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
case 'v': /* Verbose mode.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
verbose = true;
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
default:
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
USAGE;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End SWITCH on command option.
*/
\end_layout
\begin_layout Code
+
} /* End WHILE processing command options.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Process command arguments.
At the end of the above loop, optind is the
\end_layout
\begin_layout Code
+
** index of the first NON-option argv element.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
switch ( argc - optind )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case 2: /* Both host & service are specified on the command line.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
service = argv[ optind + 1 ];
\end_layout
\begin_layout Code
+
/***** Fall through *****/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
case 1: /* Host is specified on the command line.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
host = argv[ optind ];
\end_layout
\begin_layout Code
+
/***** Fall through *****/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
case 0: /* Use default host & service.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
default:
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
USAGE;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End SWITCH on number of command arguments.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Open a connection to the indicated host/service.
\end_layout
\begin_layout Code
+
**
\end_layout
\begin_layout Code
+
** Note that if all three of the following conditions are met, then the
\end_layout
\begin_layout Code
+
** scope identifier remains unresolved at this point.
\end_layout
\begin_layout Code
+
** 1) The default network interface is unknown for some reason.
\end_layout
\begin_layout Code
+
** 2) The -s option was not used on the command line.
\end_layout
\begin_layout Code
+
** 3) An IPv6 "scoped address" was not specified for the hostname
on the
\end_layout
\begin_layout Code
+
** command line.
\end_layout
\begin_layout Code
+
** If the above three conditions are met, then only an IPv4 socket can
be
\end_layout
\begin_layout Code
+
** opened (connect(2) fails without the scope ID properly set for IPv6
\end_layout
\begin_layout Code
+
** sockets).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ( sckt = openSckt( host,
\end_layout
\begin_layout Code
+
service,
\end_layout
\begin_layout Code
+
scopeId ) ) == INVALID_DESC )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s: Sorry...
a connection could not be established.
\backslash
@@ -21682,524 +24011,646 @@ n",
\end_layout
\begin_layout Code
+
pgmName );
\end_layout
\begin_layout Code
+
exit( 1 );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Get the remote time-of-day.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
tod( sckt );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Close the connection and terminate.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
(void) SYSCALL( "close",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
close( sckt ) );
\end_layout
\begin_layout Code
+
return 0;
\end_layout
\begin_layout Code
+
} /* End main() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: openSckt
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Sets up a TCP connection to a remote server.
Getaddrinfo(3) is used to
\end_layout
\begin_layout Code
+
* perform lookup functions and can return multiple address records (i.e.
a
\end_layout
\begin_layout Code
+
* list of 'struct addrinfo' records).
This function traverses the list and
\end_layout
\begin_layout Code
+
* tries to establish a connection to the remote server.
The function ends
\end_layout
\begin_layout Code
+
* when either a connection has been established or all records in the
list
\end_layout
\begin_layout Code
+
* have been processed.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* host - A pointer to a character string representing the hostname
or IP
\end_layout
\begin_layout Code
+
* address (IPv4 or IPv6) of the remote server.
\end_layout
\begin_layout Code
+
* service - A pointer to a character string representing the service
name or
\end_layout
\begin_layout Code
+
* well-known port number.
\end_layout
\begin_layout Code
+
* scopeId - For IPv6 sockets only.
This is the index corresponding to the
\end_layout
\begin_layout Code
+
* network interface on which to set up the connection.
This
\end_layout
\begin_layout Code
+
* parameter is ignored for IPv4 sockets or when an IPv6 "scoped
\end_layout
\begin_layout Code
+
* address" is specified in 'host' (i.e.
where the colon-hex
\end_layout
\begin_layout Code
+
* network address is augmented with the scope ID).
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value:
\end_layout
\begin_layout Code
+
* Returns the socket descriptor for the connection, or INVALID_DESC if
all
\end_layout
\begin_layout Code
+
* address records have been processed and a connection could not be
\end_layout
\begin_layout Code
+
* established.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
static int openSckt( const char *host,
\end_layout
\begin_layout Code
+
const char *service,
\end_layout
\begin_layout Code
+
unsigned int scopeId )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct addrinfo *ai;
\end_layout
\begin_layout Code
+
int aiErr;
\end_layout
\begin_layout Code
+
struct addrinfo *aiHead;
\end_layout
\begin_layout Code
+
struct addrinfo hints;
\end_layout
\begin_layout Code
+
sockaddr_in6_t *pSadrIn6;
\end_layout
\begin_layout Code
+
int sckt;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Initialize the 'hints' structure for getaddrinfo(3).
\end_layout
\begin_layout Code
+
**
\end_layout
\begin_layout Code
+
** Notice that the 'ai_family' field is set to PF_UNSPEC, indicating
to
\end_layout
\begin_layout Code
+
** return both IPv4 and IPv6 address records for the host/service.
Most of
\end_layout
\begin_layout Code
+
** the time, the user isn't going to care whether an IPv4 connection
or an
\end_layout
\begin_layout Code
+
** IPv6 connection is established; the user simply wants to exchange
data
\end_layout
\begin_layout Code
+
** with the remote host and doesn't care how it's done.
Sometimes, however,
\end_layout
\begin_layout Code
+
** the user might want to explicitly specify the type of underlying socket.
\end_layout
\begin_layout Code
+
** It is left as an exercise for the motivated reader to add a command
line
\end_layout
\begin_layout Code
+
** option allowing the user to specify the IP protocol, and then process
the
\end_layout
\begin_layout Code
+
** list of addresses accordingly (it's not that difficult).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
memset( &hints, 0, sizeof( hints ) );
\end_layout
\begin_layout Code
+
hints.ai_family = PF_UNSPEC; /* IPv4 or IPv6 records (don't care).
*/
\end_layout
\begin_layout Code
+
hints.ai_socktype = SOCK_STREAM; /* Connection-oriented byte stream.
*/
\end_layout
\begin_layout Code
+
hints.ai_protocol = IPPROTO_TCP; /* TCP transport layer protocol only.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Look up the host/service information.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ( aiErr = getaddrinfo( host,
\end_layout
\begin_layout Code
+
service,
\end_layout
\begin_layout Code
+
&hints,
\end_layout
\begin_layout Code
+
&aiHead ) ) != 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - %s.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
gai_strerror( aiErr ) );
\end_layout
\begin_layout Code
+
return INVALID_DESC;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Go through the list and try to open a connection.
Continue until either
\end_layout
\begin_layout Code
+
** a connection is established or the entire list is exhausted.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
for ( ai = aiHead, sckt = INVALID_DESC;
\end_layout
\begin_layout Code
+
( ai != NULL ) && ( sckt == INVALID_DESC );
\end_layout
\begin_layout Code
+
ai = ai->ai_next )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** IPv6 kluge.
Make sure the scope ID is set.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ai->ai_family == PF_INET6 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr;
\end_layout
\begin_layout Code
+
if ( pSadrIn6->sin6_scope_id == 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_scope_id = scopeId;
\end_layout
\begin_layout Code
+
} /* End IF the scope ID wasn't set.
*/
\end_layout
\begin_layout Code
+
} /* End IPv6 kluge.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the address info for the remote host.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Temporary character string buffers for host & service.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
char hostBfr[ NI_MAXHOST ];
\end_layout
\begin_layout Code
+
char servBfr[ NI_MAXSERV ];
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the address information just fetched.
Start with the
\end_layout
\begin_layout Code
+
** common (protocol-independent) stuff first.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"Address info:
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_flags = 0x%02X
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_family = %d (PF_INET = %d, PF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM =
%d)
\backslash
@@ -22207,6 +24658,7 @@ n"
\end_layout
\begin_layout Code
+
" ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP =
%d)
\backslash
@@ -22214,608 +24666,751 @@ n"
\end_layout
\begin_layout Code
+
" ai_addrlen = %d (sockaddr_in = %d, "
\end_layout
\begin_layout Code
+
"sockaddr_in6 = %d)
\backslash
n",
\end_layout
\begin_layout Code
+
ai->ai_flags,
\end_layout
\begin_layout Code
+
ai->ai_family,
\end_layout
\begin_layout Code
+
PF_INET,
\end_layout
\begin_layout Code
+
PF_INET6,
\end_layout
\begin_layout Code
+
ai->ai_socktype,
\end_layout
\begin_layout Code
+
SOCK_STREAM,
\end_layout
\begin_layout Code
+
SOCK_DGRAM,
\end_layout
\begin_layout Code
+
ai->ai_protocol,
\end_layout
\begin_layout Code
+
IPPROTO_TCP,
\end_layout
\begin_layout Code
+
IPPROTO_UDP,
\end_layout
\begin_layout Code
+
ai->ai_addrlen,
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in ),
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in6 ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the protocol-specific formatted address.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
getnameinfo( ai->ai_addr,
\end_layout
\begin_layout Code
+
ai->ai_addrlen,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
sizeof( hostBfr ),
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
sizeof( servBfr ),
\end_layout
\begin_layout Code
+
NI_NUMERICHOST | NI_NUMERICSERV );
\end_layout
\begin_layout Code
+
switch ( ai->ai_family )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case PF_INET: /* IPv4 address record.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
sockaddr_in_t *pSadrIn = (sockaddr_in_t*) ai->ai_addr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" ai_addr = sin_family: %d (AF_INET = %d,
"
\end_layout
\begin_layout Code
+
"AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_port: %s
\backslash
n",
\end_layout
\begin_layout Code
+
pSadrIn->sin_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv4 record.
*/
\end_layout
\begin_layout Code
+
case PF_INET6: /* IPv6 address record.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" ai_addr = sin6_family: %d (AF_INET =
%d, "
\end_layout
\begin_layout Code
+
"AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_port: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_flowinfo: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_scope_id: %d
\backslash
n",
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_flowinfo,
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_scope_id );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv6 record.
*/
\end_layout
\begin_layout Code
+
default: /* Can never get here, but just for completeness.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - Unknown protocol family (%d).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
ai->ai_family );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End DEFAULT case (unknown protocol family).
*/
\end_layout
\begin_layout Code
+
} /* End SWITCH on protocol family.
*/
\end_layout
\begin_layout Code
+
} /* End IF verbose mode.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Create a socket.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "socket",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
sckt = socket( ai->ai_family,
\end_layout
\begin_layout Code
+
ai->ai_socktype,
\end_layout
\begin_layout Code
+
ai->ai_protocol ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
sckt = INVALID_DESC;
\end_layout
\begin_layout Code
+
continue; /* Try the next address record in the list.
*/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Connect to the remote host.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "connect",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
connect( sckt,
\end_layout
\begin_layout Code
+
ai->ai_addr,
\end_layout
\begin_layout Code
+
ai->ai_addrlen ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
(void) close( sckt ); /* Could use SYSCALL() again here, but
why? */
\end_layout
\begin_layout Code
+
sckt = INVALID_DESC;
\end_layout
\begin_layout Code
+
continue; /* Try the next address record in the list.
*/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End FOR each address record returned by getaddrinfo(3).
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Clean up & return.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
freeaddrinfo( aiHead );
\end_layout
\begin_layout Code
+
return sckt;
\end_layout
\begin_layout Code
+
} /* End openSckt() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: tod
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Receive the time-of-day from the remote server and write it to stdout.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* sckt - The socket descriptor for the connection.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value: None.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
static void tod( int sckt )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
char bfr[ MAXBFRSIZE+1 ];
\end_layout
\begin_layout Code
+
int inBytes;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** The client never sends anything, so shut down the write side of the
\end_layout
\begin_layout Code
+
** connection.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "shutdown",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
shutdown( sckt, SHUT_WR ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
return;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Read the time-of-day from the remote host.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
do
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "read",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
inBytes = read( sckt,
\end_layout
\begin_layout Code
+
bfr,
\end_layout
\begin_layout Code
+
MAXBFRSIZE ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
return;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
bfr[ inBytes ] = '
\backslash
0'; /* Null-terminate the received string.
@@ -22823,19 +25418,23 @@ static void tod( int sckt )
\end_layout
\begin_layout Code
+
fputs( bfr, stdout ); /* Null string if EOF (inBytes == 0).
*/
\end_layout
\begin_layout Code
+
} while ( inBytes > 0 );
\end_layout
\begin_layout Code
+
fflush( stdout );
\end_layout
\begin_layout Code
+
} /* End tod() */
\end_layout
@@ -22852,6 +25451,7 @@ The UDP client code is found in file tod6uc.c (time-of-day IPv6 UDP client).
\end_layout
\begin_layout Code
+
tod6uc [-v] [-s scope_id] [host [service]]
\end_layout
@@ -22892,216 +25492,265 @@ The UDP client source code contained in tod6uc.c follows:
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* File: tod6uc.c
\end_layout
\begin_layout Code
+
* Description: Contains source code for an IPv6-capable 'daytime' UDP client.
\end_layout
\begin_layout Code
+
* Author: John Wenker, Sr.
Software Engineer
\end_layout
\begin_layout Code
+
* Performance Technologies, San Diego, USA
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** System header files.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#include /* errno declaration and error codes.
*/
\end_layout
\begin_layout Code
+
#include /* if_nametoindex(3).
*/
\end_layout
\begin_layout Code
+
#include /* getaddrinfo(3) and associated definitions.
*/
\end_layout
\begin_layout Code
+
#include /* sockaddr_in and sockaddr_in6 definitions.
*/
\end_layout
\begin_layout Code
+
#include /* printf(3) et al.
*/
\end_layout
\begin_layout Code
+
#include /* exit(2).
*/
\end_layout
\begin_layout Code
+
#include /* String manipulation and memory functions.
*/
\end_layout
\begin_layout Code
+
#include /* Socket functions (socket(2), connect(2), etc).
*/
\end_layout
\begin_layout Code
+
#include /* getopt(3), recvfrom(2), sendto(2), etc.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Constants & macros.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#define DFLT_HOST "localhost" /* Default server name.
*/
\end_layout
\begin_layout Code
+
#define DFLT_SCOPE_ID "eth0" /* Default scope identifier.
*/
\end_layout
\begin_layout Code
+
#define DFLT_SERVICE "daytime" /* Default service name.
*/
\end_layout
\begin_layout Code
+
#define INVALID_DESC -1 /* Invalid file (socket) descriptor.
*/
\end_layout
\begin_layout Code
+
#define MAXBFRSIZE 256 /* Max bfr sz to read remote TOD.
*/
\end_layout
\begin_layout Code
+
#define VALIDOPTS "s:v" /* Valid command options.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Type definitions (for convenience).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
typedef enum { false = 0, true } boolean;
\end_layout
\begin_layout Code
+
typedef struct sockaddr_in sockaddr_in_t;
\end_layout
\begin_layout Code
+
typedef struct sockaddr_in6 sockaddr_in6_t;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Prototypes for internal helper functions.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static int openSckt( const char *host,
\end_layout
\begin_layout Code
+
const char *service,
\end_layout
\begin_layout Code
+
unsigned int scopeId );
\end_layout
\begin_layout Code
+
static void tod( int sckt );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Global (within this file only) data objects.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static const char *pgmName; /* Program name (w/o directory).
*/
\end_layout
\begin_layout Code
+
static boolean verbose = false; /* Verbose mode.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Usage macro.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
#define USAGE
\backslash
@@ -23109,6 +25758,7 @@ static boolean verbose = false; /* Verbose mode.
\end_layout
\begin_layout Code
+
{
\backslash
@@ -23116,6 +25766,7 @@ static boolean verbose = false; /* Verbose mode.
\end_layout
\begin_layout Code
+
fprintf( stderr,
\backslash
@@ -23123,6 +25774,7 @@ static boolean verbose = false; /* Verbose mode.
\end_layout
\begin_layout Code
+
"Usage: %s [-v] [-s scope_id] [host [service]]
\backslash
n",
@@ -23131,6 +25783,7 @@ n",
\end_layout
\begin_layout Code
+
pgmName );
\backslash
@@ -23138,6 +25791,7 @@ n",
\end_layout
\begin_layout Code
+
exit( 127 );
\backslash
@@ -23145,20 +25799,24 @@ n",
\end_layout
\begin_layout Code
+
} /* End USAGE macro.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** This "macro" (even though it's really a function) is loosely based on
the
\end_layout
\begin_layout Code
+
** CHK() macro by Dr.
V.
Vinge (see server code).
@@ -23166,1065 +25824,1316 @@ n",
\end_layout
\begin_layout Code
+
** a boolean expression indicating the return code from one of the usual
system
\end_layout
\begin_layout Code
+
** calls that returns -1 on error.
If a system call error occurred, an alert
\end_layout
\begin_layout Code
+
** is written to stderr.
It returns a boolean value indicating success/failure
\end_layout
\begin_layout Code
+
** of the system call.
\end_layout
\begin_layout Code
+
**
\end_layout
\begin_layout Code
+
** Example: if ( !SYSCALL( "write",
\end_layout
\begin_layout Code
+
** count = write( fd, bfr, size ) ) )
\end_layout
\begin_layout Code
+
** {
\end_layout
\begin_layout Code
+
** // Error processing...
but SYSCALL() will have already taken
\end_layout
\begin_layout Code
+
** // care of dumping an error alert to stderr.
\end_layout
\begin_layout Code
+
** }
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
static __inline boolean SYSCALL( const char *syscallName,
\end_layout
\begin_layout Code
+
int lineNbr,
\end_layout
\begin_layout Code
+
int status )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
if ( ( status == -1 ) && verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): System call failed ('%s') - %s.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
lineNbr,
\end_layout
\begin_layout Code
+
syscallName,
\end_layout
\begin_layout Code
+
strerror( errno ) );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
return status != -1; /* True if the system call was successful.
*/
\end_layout
\begin_layout Code
+
} /* End SYSCALL() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: main
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Connect to a remote time-of-day service and write the remote host's
TOD to
\end_layout
\begin_layout Code
+
* stdout.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* The usual argc & argv parameters to a main() program.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value:
\end_layout
\begin_layout Code
+
* This function always returns zero.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
int main( int argc,
\end_layout
\begin_layout Code
+
char *argv[ ] )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
const char *host = DFLT_HOST;
\end_layout
\begin_layout Code
+
int opt;
\end_layout
\begin_layout Code
+
int sckt;
\end_layout
\begin_layout Code
+
unsigned int scopeId = if_nametoindex( DFLT_SCOPE_ID );
\end_layout
\begin_layout Code
+
const char *service = DFLT_SERVICE;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Determine the program name (w/o directory prefix).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
pgmName = (const char*) strrchr( argv[ 0 ], '/' );
\end_layout
\begin_layout Code
+
pgmName = pgmName == NULL ? argv[ 0 ] : pgmName+1;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Process command line options.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
opterr = 0; /* Turns off "invalid option" error messages.
*/
\end_layout
\begin_layout Code
+
while ( ( opt = getopt( argc, argv, VALIDOPTS ) ) != -1 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
switch ( opt )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case 's': /* Scope identifier (IPv6 kluge).
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
scopeId = if_nametoindex( optarg );
\end_layout
\begin_layout Code
+
if ( scopeId == 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s: Unknown network interface (%s).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
optarg );
\end_layout
\begin_layout Code
+
USAGE;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
case 'v': /* Verbose mode.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
verbose = true;
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
default:
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
USAGE;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End SWITCH on command option.
*/
\end_layout
\begin_layout Code
+
} /* End WHILE processing command options.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Process command arguments.
At the end of the above loop, optind is the
\end_layout
\begin_layout Code
+
** index of the first NON-option argv element.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
switch ( argc - optind )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case 2: /* Both host & service are specified on the command line.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
service = argv[ optind + 1 ];
\end_layout
\begin_layout Code
+
/***** Fall through *****/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
case 1: /* Host is specified on the command line.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
host = argv[ optind ];
\end_layout
\begin_layout Code
+
/***** Fall through *****/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
case 0: /* Use default host & service.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
default:
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
USAGE;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End SWITCH on number of command arguments.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Open a connection to the indicated host/service.
\end_layout
\begin_layout Code
+
**
\end_layout
\begin_layout Code
+
** Note that if all three of the following conditions are met, then the
\end_layout
\begin_layout Code
+
** scope identifier remains unresolved at this point.
\end_layout
\begin_layout Code
+
** 1) The default network interface is unknown for some reason.
\end_layout
\begin_layout Code
+
** 2) The -s option was not used on the command line.
\end_layout
\begin_layout Code
+
** 3) An IPv6 "scoped address" was not specified for the hostname
on the
\end_layout
\begin_layout Code
+
** command line.
\end_layout
\begin_layout Code
+
** If the above three conditions are met, then only an IPv4 socket can
be
\end_layout
\begin_layout Code
+
** opened (connect(2) fails without the scope ID properly set for IPv6
\end_layout
\begin_layout Code
+
** sockets).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ( sckt = openSckt( host,
\end_layout
\begin_layout Code
+
service,
\end_layout
\begin_layout Code
+
scopeId ) ) == INVALID_DESC )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s: Sorry...
a connectionless socket could "
\end_layout
\begin_layout Code
+
"not be set up.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName );
\end_layout
\begin_layout Code
+
exit( 1 );
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Get the remote time-of-day.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
tod( sckt );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Close the connection and terminate.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
(void) SYSCALL( "close",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
close( sckt ) );
\end_layout
\begin_layout Code
+
return 0;
\end_layout
\begin_layout Code
+
} /* End main() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: openSckt
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Sets up a UDP socket to a remote server.
Getaddrinfo(3) is used to
\end_layout
\begin_layout Code
+
* perform lookup functions and can return multiple address records (i.e.
a
\end_layout
\begin_layout Code
+
* list of 'struct addrinfo' records).
This function traverses the list and
\end_layout
\begin_layout Code
+
* tries to establish a connection to the remote server.
The function ends
\end_layout
\begin_layout Code
+
* when either a connection has been established or all records in the
list
\end_layout
\begin_layout Code
+
* have been processed.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* host - A pointer to a character string representing the hostname
or IP
\end_layout
\begin_layout Code
+
* address (IPv4 or IPv6) of the remote server.
\end_layout
\begin_layout Code
+
* service - A pointer to a character string representing the service
name or
\end_layout
\begin_layout Code
+
* well-known port number.
\end_layout
\begin_layout Code
+
* scopeId - For IPv6 sockets only.
This is the index corresponding to the
\end_layout
\begin_layout Code
+
* network interface on which to exchange datagrams.
This
\end_layout
\begin_layout Code
+
* parameter is ignored for IPv4 sockets or when an IPv6 "scoped
\end_layout
\begin_layout Code
+
* address" is specified in 'host' (i.e.
where the colon-hex
\end_layout
\begin_layout Code
+
* network address is augmented with the scope ID).
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value:
\end_layout
\begin_layout Code
+
* Returns the socket descriptor for the connection, or INVALID_DESC if
all
\end_layout
\begin_layout Code
+
* address records have been processed and a socket could not be initialized.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
static int openSckt( const char *host,
\end_layout
\begin_layout Code
+
const char *service,
\end_layout
\begin_layout Code
+
unsigned int scopeId )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
struct addrinfo *ai;
\end_layout
\begin_layout Code
+
int aiErr;
\end_layout
\begin_layout Code
+
struct addrinfo *aiHead;
\end_layout
\begin_layout Code
+
struct addrinfo hints;
\end_layout
\begin_layout Code
+
sockaddr_in6_t *pSadrIn6;
\end_layout
\begin_layout Code
+
int sckt;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Initialize the 'hints' structure for getaddrinfo(3).
\end_layout
\begin_layout Code
+
**
\end_layout
\begin_layout Code
+
** Notice that the 'ai_family' field is set to PF_UNSPEC, indicating
to
\end_layout
\begin_layout Code
+
** return both IPv4 and IPv6 address records for the host/service.
Most of
\end_layout
\begin_layout Code
+
** the time, the user isn't going to care whether an IPv4 connection
or an
\end_layout
\begin_layout Code
+
** IPv6 connection is established; the user simply wants to exchange
data
\end_layout
\begin_layout Code
+
** with the remote host and doesn't care how it's done.
Sometimes, however,
\end_layout
\begin_layout Code
+
** the user might want to explicitly specify the type of underlying socket.
\end_layout
\begin_layout Code
+
** It is left as an exercise for the motivated reader to add a command
line
\end_layout
\begin_layout Code
+
** option allowing the user to specify the IP protocol, and then process
the
\end_layout
\begin_layout Code
+
** list of addresses accordingly (it's not that difficult).
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
memset( &hints, 0, sizeof( hints ) );
\end_layout
\begin_layout Code
+
hints.ai_family = PF_UNSPEC; /* IPv4 or IPv6 records (don't care).
*/
\end_layout
\begin_layout Code
+
hints.ai_socktype = SOCK_DGRAM; /* Connectionless communication.
*/
\end_layout
\begin_layout Code
+
hints.ai_protocol = IPPROTO_UDP; /* UDP transport layer protocol only.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Look up the host/service information.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ( aiErr = getaddrinfo( host,
\end_layout
\begin_layout Code
+
service,
\end_layout
\begin_layout Code
+
&hints,
\end_layout
\begin_layout Code
+
&aiHead ) ) != 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - %s.
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
gai_strerror( aiErr ) );
\end_layout
\begin_layout Code
+
return INVALID_DESC;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Go through the list and try to open a connection.
Continue until either
\end_layout
\begin_layout Code
+
** a connection is established or the entire list is exhausted.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
for ( ai = aiHead, sckt = INVALID_DESC;
\end_layout
\begin_layout Code
+
( ai != NULL ) && ( sckt == INVALID_DESC );
\end_layout
\begin_layout Code
+
ai = ai->ai_next )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** IPv6 kluge.
Make sure the scope ID is set.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( ai->ai_family == PF_INET6 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr;
\end_layout
\begin_layout Code
+
if ( pSadrIn6->sin6_scope_id == 0 )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_scope_id = scopeId;
\end_layout
\begin_layout Code
+
} /* End IF the scope ID wasn't set.
*/
\end_layout
\begin_layout Code
+
} /* End IPv6 kluge.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the address info for the remote host.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( verbose )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Temporary character string buffers for host & service.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
char hostBfr[ NI_MAXHOST ];
\end_layout
\begin_layout Code
+
char servBfr[ NI_MAXSERV ];
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the address information just fetched.
Start with the
\end_layout
\begin_layout Code
+
** common (protocol-independent) stuff first.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"Address info:
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_flags = 0x%02X
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_family = %d (PF_INET = %d, PF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" ai_socktype = %d (SOCK_STREAM = %d, SOCK_DGRAM =
%d)
\backslash
@@ -24232,6 +27141,7 @@ n"
\end_layout
\begin_layout Code
+
" ai_protocol = %d (IPPROTO_TCP = %d, IPPROTO_UDP =
%d)
\backslash
@@ -24239,606 +27149,748 @@ n"
\end_layout
\begin_layout Code
+
" ai_addrlen = %d (sockaddr_in = %d, "
\end_layout
\begin_layout Code
+
"sockaddr_in6 = %d)
\backslash
n",
\end_layout
\begin_layout Code
+
ai->ai_flags,
\end_layout
\begin_layout Code
+
ai->ai_family,
\end_layout
\begin_layout Code
+
PF_INET,
\end_layout
\begin_layout Code
+
PF_INET6,
\end_layout
\begin_layout Code
+
ai->ai_socktype,
\end_layout
\begin_layout Code
+
SOCK_STREAM,
\end_layout
\begin_layout Code
+
SOCK_DGRAM,
\end_layout
\begin_layout Code
+
ai->ai_protocol,
\end_layout
\begin_layout Code
+
IPPROTO_TCP,
\end_layout
\begin_layout Code
+
IPPROTO_UDP,
\end_layout
\begin_layout Code
+
ai->ai_addrlen,
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in ),
\end_layout
\begin_layout Code
+
sizeof( struct sockaddr_in6 ) );
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Display the protocol-specific formatted address.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
getnameinfo( ai->ai_addr,
\end_layout
\begin_layout Code
+
ai->ai_addrlen,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
sizeof( hostBfr ),
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
sizeof( servBfr ),
\end_layout
\begin_layout Code
+
NI_NUMERICHOST | NI_NUMERICSERV );
\end_layout
\begin_layout Code
+
switch ( ai->ai_family )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
case PF_INET: /* IPv4 address record.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
sockaddr_in_t *pSadrIn = (sockaddr_in_t*) ai->ai_addr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" ai_addr = sin_family: %d (AF_INET = %d,
"
\end_layout
\begin_layout Code
+
"AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin_port: %s
\backslash
n",
\end_layout
\begin_layout Code
+
pSadrIn->sin_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv4 record.
*/
\end_layout
\begin_layout Code
+
case PF_INET6: /* IPv6 address record.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
pSadrIn6 = (sockaddr_in6_t*) ai->ai_addr;
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
" ai_addr = sin6_family: %d (AF_INET =
%d, "
\end_layout
\begin_layout Code
+
"AF_INET6 = %d)
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_addr: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_port: %s
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_flowinfo: %d
\backslash
n"
\end_layout
\begin_layout Code
+
" sin6_scope_id: %d
\backslash
n",
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_family,
\end_layout
\begin_layout Code
+
AF_INET,
\end_layout
\begin_layout Code
+
AF_INET6,
\end_layout
\begin_layout Code
+
hostBfr,
\end_layout
\begin_layout Code
+
servBfr,
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_flowinfo,
\end_layout
\begin_layout Code
+
pSadrIn6->sin6_scope_id );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End CASE of IPv6 record.
*/
\end_layout
\begin_layout Code
+
default: /* Can never get here, but just for completeness.
*/
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
fprintf( stderr,
\end_layout
\begin_layout Code
+
"%s (line %d): ERROR - Unknown protocol family (%d).
\backslash
n",
\end_layout
\begin_layout Code
+
pgmName,
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
ai->ai_family );
\end_layout
\begin_layout Code
+
break;
\end_layout
\begin_layout Code
+
} /* End DEFAULT case (unknown protocol family).
*/
\end_layout
\begin_layout Code
+
} /* End SWITCH on protocol family.
*/
\end_layout
\begin_layout Code
+
} /* End IF verbose mode.
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Create a socket.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "socket",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
sckt = socket( ai->ai_family,
\end_layout
\begin_layout Code
+
ai->ai_socktype,
\end_layout
\begin_layout Code
+
ai->ai_protocol ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
sckt = INVALID_DESC;
\end_layout
\begin_layout Code
+
continue; /* Try the next address record in the list.
*/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Set the target destination for the remote host on this socket.
That
\end_layout
\begin_layout Code
+
** is, this socket only communicates with the specified host.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "connect",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
connect( sckt,
\end_layout
\begin_layout Code
+
ai->ai_addr,
\end_layout
\begin_layout Code
+
ai->ai_addrlen ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
(void) close( sckt ); /* Could use SYSCALL() again here, but
why? */
\end_layout
\begin_layout Code
+
sckt = INVALID_DESC;
\end_layout
\begin_layout Code
+
continue; /* Try the next address record in the list.
*/
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
} /* End FOR each address record returned by getaddrinfo(3).
*/
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Clean up & return.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
freeaddrinfo( aiHead );
\end_layout
\begin_layout Code
+
return sckt;
\end_layout
\begin_layout Code
+
} /* End openSckt() */
\end_layout
\begin_layout Code
+
/******************************************************************************
\end_layout
\begin_layout Code
+
* Function: tod
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Description:
\end_layout
\begin_layout Code
+
* Receive the time-of-day from the remote server and write it to stdout.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Parameters:
\end_layout
\begin_layout Code
+
* sckt - The socket descriptor for the connection.
\end_layout
\begin_layout Code
+
*
\end_layout
\begin_layout Code
+
* Return Value: None.
\end_layout
\begin_layout Code
+
******************************************************************************/
\end_layout
\begin_layout Code
+
static void tod( int sckt )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
char bfr[ MAXBFRSIZE+1 ];
\end_layout
\begin_layout Code
+
int inBytes;
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Send a datagram to the server to wake it up.
The content isn't
\end_layout
\begin_layout Code
+
** important, but something must be sent to let it know we want the TOD.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "write",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
write( sckt, "Are you there?", 14 ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
return;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
/*
\end_layout
\begin_layout Code
+
** Read the time-of-day from the remote host.
\end_layout
\begin_layout Code
+
*/
\end_layout
\begin_layout Code
+
if ( !SYSCALL( "read",
\end_layout
\begin_layout Code
+
__LINE__,
\end_layout
\begin_layout Code
+
inBytes = read( sckt,
\end_layout
\begin_layout Code
+
bfr,
\end_layout
\begin_layout Code
+
MAXBFRSIZE ) ) )
\end_layout
\begin_layout Code
+
{
\end_layout
\begin_layout Code
+
return;
\end_layout
\begin_layout Code
+
}
\end_layout
\begin_layout Code
+
bfr[ inBytes ] = '
\backslash
0'; /* Null-terminate the received string.
@@ -24846,15 +27898,18 @@ static void tod( int sckt )
\end_layout
\begin_layout Code
+
fputs( bfr, stdout ); /* Null string if EOF (inBytes == 0).
*/
\end_layout
\begin_layout Code
+
fflush( stdout );
\end_layout
\begin_layout Code
+
} /* End tod() */
\end_layout
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf
index 511ae16f..3f61c903 100644
Binary files a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf and b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.pdf differ
diff --git a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml
index 1bed3dca..3548b37b 100644
--- a/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml
+++ b/LDP/users/Peter-Bieringer/Linux+IPv6-HOWTO.sgml
@@ -2010,7 +2010,12 @@ Chain intOUT (1 references)
Allow some important IPv6 ICMP traffic, without counter, but checking hop-limit for security
-Allow incoming SSH for IPv4 and IPv6, using therefore the IP version aware table “inet”
@@ -2029,8 +2034,10 @@ table ip6 filter {
chain input {
type filter hook input priority 1;
icmpv6 type echo-request counter packets 0 bytes 0 accept
- ip6 hoplimit 1 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
- ip6 hoplimit 255 icmpv6 type { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+ ip6 hoplimit 1 icmpv6 type
+¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
+ ip6 hoplimit 255 icmpv6 type
+¬ { nd-neighbor-advert, nd-neighbor-solicit, nd-router-advert} accept
}
}
]]>Table for IP version aware filter
diff --git a/LDP/users/Peter-Bieringer/lyxcodelinewrapper.pl b/LDP/users/Peter-Bieringer/lyxcodelinewrapper.pl
index f7bf4c36..ac3481ae 100755
--- a/LDP/users/Peter-Bieringer/lyxcodelinewrapper.pl
+++ b/LDP/users/Peter-Bieringer/lyxcodelinewrapper.pl
@@ -26,7 +26,7 @@
# Known limitations:
# * Code lines containing LyX tags are currently not supported and skipped
-my $lyx_format_supported = "345";
+my $lyx_format_supported = "474";
sub print_long_line ($);