mirror of
https://github.com/bin456789/reinstall.git
synced 2025-02-20 05:33:07 +08:00
core: 拆分 accept_ra autoconf
因为静态 IPv6 也可以从 RA 自动获取网关
This commit is contained in:
bin456789
parent
024c8841e2
commit
e57a15118b
@ -2,6 +2,9 @@
|
||||
# shellcheck shell=dash
|
||||
# alpine / debian initrd 共用此脚本
|
||||
|
||||
# accept_ra 接收 RA + 自动配置网关
|
||||
# autoconf 自动配置地址,依赖 accept_ra
|
||||
|
||||
mac_addr=$1
|
||||
ipv4_addr=$2
|
||||
ipv4_gateway=$3
|
||||
@ -256,12 +259,16 @@ flush_ipv4_config() {
|
||||
ip -4 route flush dev "$ethx"
|
||||
}
|
||||
|
||||
should_disable_accept_ra=false
|
||||
should_disable_autoconf=false
|
||||
|
||||
flush_ipv6_config() {
|
||||
# 是否临时禁用 ra / slaac
|
||||
if [ "$1" = true ]; then
|
||||
if $should_disable_accept_ra; then
|
||||
echo 0 >"/proc/sys/net/ipv6/conf/$ethx/accept_ra"
|
||||
fi
|
||||
if $should_disable_autoconf; then
|
||||
echo 0 >"/proc/sys/net/ipv6/conf/$ethx/autoconf"
|
||||
fi
|
||||
|
||||
ip -6 addr flush scope global dev "$ethx"
|
||||
ip -6 route flush dev "$ethx"
|
||||
}
|
||||
@ -365,11 +372,16 @@ done
|
||||
# 由于还没设置静态ip,所以有条目表示有动态地址
|
||||
is_have_ipv4_addr && dhcpv4=true || dhcpv4=false
|
||||
is_have_ipv6_addr && dhcpv6_or_slaac=true || dhcpv6_or_slaac=false
|
||||
should_disable_ra_slaac=false
|
||||
if is_have_ipv6_gateway; then
|
||||
ra_has_gateway=true
|
||||
ipv6_gateway_from_ra=$(get_ipv6_gateway)
|
||||
else
|
||||
ra_has_gateway=false
|
||||
fi
|
||||
|
||||
# 如果自动获取的 IP 不是重装前的,则使用之前的
|
||||
# 如果自动获取的 IP 不是重装前的,则改成静态,使用之前的 IP
|
||||
# 只比较 IP,不比较掩码/网关,因为
|
||||
# 1. 假设掩码/网关导致网络不可用,后面也会检测到并改成静态
|
||||
# 1. 假设掩码/网关导致无法上网,后面也会检测到并改成静态
|
||||
# 2. openSUSE wicked dhcpv6 是 64 位掩码,aws lightsail 模板上的也是,而其它 dhcpv6 软件都是 128 位掩码
|
||||
if $dhcpv4 && [ -n "$ipv4_addr" ] && [ -n "$ipv4_gateway" ] &&
|
||||
! [ "$(echo "$ipv4_addr" | cut -d/ -f1)" = "$(get_first_ipv4_addr | cut -d/ -f1)" ]; then
|
||||
@ -381,7 +393,8 @@ if $dhcpv6_or_slaac && [ -n "$ipv6_addr" ] && [ -n "$ipv6_gateway" ] &&
|
||||
! [ "$(echo "$ipv6_addr" | cut -d/ -f1)" = "$(get_first_ipv6_addr | cut -d/ -f1)" ]; then
|
||||
echo "IPv6 address obtained from SLAAC/DHCPv6 is different from old system."
|
||||
dhcpv6_or_slaac=false
|
||||
should_disable_ra_slaac=true
|
||||
should_disable_accept_ra=true
|
||||
should_disable_autoconf=true
|
||||
flush_ipv6_config
|
||||
fi
|
||||
|
||||
@ -395,6 +408,7 @@ ipv6_has_internet=false
|
||||
test_internet
|
||||
|
||||
# 如果无法上网,并且自动获取的 掩码/网关 不是重装前的,则改成静态
|
||||
# ip_addr 包括 IP/掩码,所以可以用来判断掩码是否不同
|
||||
# IP 不同的情况在前面已经改成静态了
|
||||
if ! $ipv4_has_internet &&
|
||||
$dhcpv4 && [ -n "$ipv4_addr" ] && [ -n "$ipv4_gateway" ] &&
|
||||
@ -410,22 +424,30 @@ if ! $ipv6_has_internet &&
|
||||
! { [ "$ipv6_addr" = "$(get_first_ipv6_addr)" ] || [ "$ipv6_gateway" = "$(get_first_ipv6_gateway)" ]; }; then
|
||||
echo "IPv6 netmask/gateway obtained from SLAAC/DHCPv6 is different from old system."
|
||||
dhcpv6_or_slaac=false
|
||||
should_disable_ra_slaac=true
|
||||
flush_ipv6_config true
|
||||
should_disable_accept_ra=true
|
||||
should_disable_autoconf=true
|
||||
flush_ipv6_config
|
||||
add_missing_ipv6_config
|
||||
test_internet
|
||||
fi
|
||||
|
||||
# 如果是静态地址(包括动态无法上网而改成静态的),但是 RA 有网关且和正确的网关不同,要关闭 RA,避免自动设置网关
|
||||
# TODO: 测试 RA 给的网关和静态设置的网关的优先级
|
||||
if $ipv6_has_internet && ! $dhcpv6_or_slaac && $ra_has_gateway &&
|
||||
! [ "$(get_first_ipv6_gateway)" = "$ipv6_gateway_from_ra" ]; then
|
||||
echo "Ignore IPv6 gateway from RA."
|
||||
should_disable_accept_ra=true
|
||||
fi
|
||||
|
||||
# 要删除不联网协议的ip,因为
|
||||
# 1 甲骨文云管理面板添加ipv6地址然后取消
|
||||
# 依然会分配ipv6地址,但ipv6没网络
|
||||
# 此时alpine只会用ipv6下载apk,而不用会ipv4下载
|
||||
# 2 有ipv4地址但没有ipv4网关的情况(vultr),aria2会用ipv4下载
|
||||
if $ipv4_has_internet && ! $ipv6_has_internet; then
|
||||
echo 0 >"/proc/sys/net/ipv6/conf/$ethx/accept_ra"
|
||||
ip -6 addr flush scope global dev "$ethx"
|
||||
flush_ipv6_config
|
||||
elif ! $ipv4_has_internet && $ipv6_has_internet; then
|
||||
ip -4 addr flush scope global dev "$ethx"
|
||||
flush_ipv4_config
|
||||
fi
|
||||
|
||||
# 如果联网了,但没获取到默认 DNS,则添加我们的 DNS
|
||||
@ -443,7 +465,8 @@ netconf="/dev/netconf/$ethx"
|
||||
mkdir -p "$netconf"
|
||||
$dhcpv4 && echo 1 >"$netconf/dhcpv4" || echo 0 >"$netconf/dhcpv4"
|
||||
$dhcpv6_or_slaac && echo 1 >"$netconf/dhcpv6_or_slaac" || echo 0 >"$netconf/dhcpv6_or_slaac"
|
||||
$should_disable_ra_slaac && echo 1 >"$netconf/should_disable_ra_slaac" || echo 0 >"$netconf/should_disable_ra_slaac"
|
||||
$should_disable_accept_ra && echo 1 >"$netconf/should_disable_accept_ra" || echo 0 >"$netconf/should_disable_accept_ra"
|
||||
$should_disable_autoconf && echo 1 >"$netconf/should_disable_autoconf" || echo 0 >"$netconf/should_disable_autoconf"
|
||||
$is_in_china && echo 1 >"$netconf/is_in_china" || echo 0 >"$netconf/is_in_china"
|
||||
echo "$ethx" >"$netconf/ethx"
|
||||
echo "$mac_addr" >"$netconf/mac_addr"
|
||||
|
||||
59
trans.sh
59
trans.sh
@ -618,10 +618,16 @@ is_dhcpv6_or_slaac() {
|
||||
[ "$dhcpv6_or_slaac" = 1 ]
|
||||
}
|
||||
|
||||
should_disable_ra_slaac() {
|
||||
get_netconf_to should_disable_ra_slaac
|
||||
should_disable_accept_ra() {
|
||||
get_netconf_to should_disable_accept_ra
|
||||
# shellcheck disable=SC2154
|
||||
[ "$should_disable_ra_slaac" = 1 ]
|
||||
[ "$should_disable_accept_ra" = 1 ]
|
||||
}
|
||||
|
||||
should_disable_autoconf() {
|
||||
get_netconf_to should_disable_autoconf
|
||||
# shellcheck disable=SC2154
|
||||
[ "$should_disable_autoconf" = 1 ]
|
||||
}
|
||||
|
||||
is_slaac() {
|
||||
@ -1004,7 +1010,7 @@ EOF
|
||||
fi
|
||||
|
||||
# 禁用 ra
|
||||
if should_disable_ra_slaac; then
|
||||
if should_disable_accept_ra; then
|
||||
if [ "$distro" = alpine ]; then
|
||||
cat <<EOF >>$conf_file
|
||||
pre-up echo 0 >/proc/sys/net/ipv6/conf/$ethx/accept_ra
|
||||
@ -1012,6 +1018,19 @@ EOF
|
||||
else
|
||||
cat <<EOF >>$conf_file
|
||||
accept_ra 0
|
||||
EOF
|
||||
fi
|
||||
fi
|
||||
|
||||
# 禁用 autoconf
|
||||
if should_disable_autoconf; then
|
||||
if [ "$distro" = alpine ]; then
|
||||
cat <<EOF >>$conf_file
|
||||
pre-up echo 0 >/proc/sys/net/ipv6/conf/$ethx/autoconf
|
||||
EOF
|
||||
else
|
||||
cat <<EOF >>$conf_file
|
||||
autoconf 0
|
||||
EOF
|
||||
fi
|
||||
fi
|
||||
@ -1142,15 +1161,17 @@ EOF
|
||||
# fi
|
||||
# ...
|
||||
|
||||
# 禁用 ra
|
||||
# 禁用 ra/autoconf
|
||||
local mode=1
|
||||
for ethx in $(get_eths); do
|
||||
if should_disable_ra_slaac; then
|
||||
mode=1
|
||||
if [ "$mode" = 1 ]; then
|
||||
if should_disable_accept_ra; then
|
||||
case "$mode" in
|
||||
1)
|
||||
cat <<EOF >>$conf_file
|
||||
boot.kernel.sysctl."net.ipv6.conf.$ethx.accept_ra" = false;
|
||||
EOF
|
||||
elif [ "$mode" = 2 ]; then
|
||||
;;
|
||||
2)
|
||||
# nixos 配置静态 ip 时用的是脚本
|
||||
# 好像因此不起作用
|
||||
cat <<EOF >>$conf_file
|
||||
@ -1160,7 +1181,8 @@ networking.dhcpcd.extraConfig =
|
||||
ipv6ra_noautoconf
|
||||
'';
|
||||
EOF
|
||||
elif [ "$mode" = 3 ]; then
|
||||
;;
|
||||
3)
|
||||
# 暂时没用到 networkd
|
||||
cat <<EOF >>$conf_file
|
||||
systemd.network.networks.$ethx = {
|
||||
@ -1170,10 +1192,22 @@ systemd.network.networks.$ethx = {
|
||||
};
|
||||
};
|
||||
EOF
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
|
||||
if should_disable_autoconf; then
|
||||
case "$mode" in
|
||||
1)
|
||||
cat <<EOF >>$conf_file
|
||||
boot.kernel.sysctl."net.ipv6.conf.$ethx.autoconf" = false;
|
||||
EOF
|
||||
;;
|
||||
2) ;;
|
||||
3) ;;
|
||||
esac
|
||||
fi
|
||||
done
|
||||
|
||||
}
|
||||
|
||||
install_alpine() {
|
||||
@ -2359,7 +2393,8 @@ create_cloud_init_network_config() {
|
||||
\"address\": \"$ipv6_addr\",
|
||||
\"gateway\": \"$ipv6_gateway\" }
|
||||
" $ci_file
|
||||
if should_disable_ra_slaac; then
|
||||
# 无法设置 autoconf = false ?
|
||||
if should_disable_accept_ra; then
|
||||
yq -i ".network.config[$config_id].accept-ra = false" $ci_file
|
||||
fi
|
||||
fi
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user