Commit 9a39aa38 authored by Cédric BRINER's avatar Cédric BRINER Committed by Cédric BRINER
Browse files

disable-ndp tested and applied on all zone

parents
#!/bin/bash
echo "copy it on :"
echo " - aton:/export/install/solaris/seinf_install/admin/bin/ipv6-tools"
echo " - /net/aton/export/install/solaris/seinf_install/admin/bin/ipv6-tools"
scp ~/code/ipv6/ipv6-tools aton:/export/install/solaris/seinf_install/admin/bin
slogin aton chmod +x /export/install/solaris/seinf_install/admin/bin/ipv6-tools
#!/bin/bash
export LC_ALL=C
if [[ -d /opt/sfw/bin ]]; then
export PATH="$PATH:/opt/sfw/bin"
fi
################################################################################
# C B R   LIB
_B="\e[34m"
_R="\e[31m"
_G="\e[32m"
_N="\e[0m"
function pb()
{
echo -e "${_B}$1${_N}"
}
function pr()
{
echo -e "${_R}$1${_N}"
}
function pg()
{
echo -e "${_G}$1${_N}"
}
function pbr()
{
echo -e "${_B}$1 : ${_R}${_N}"
}
function pbg()
{
echo -e "${_B}$1 : ${_G}${_N}"
}
function tab()
{
if [[ $1 -eq 0 ]]; then
cat -
fi
t="$(printf %${1}s)"
sed "s|^|${t}|"
}
################################################################################
DATE=None
if [[ -x /usr/bin/gdate ]]; then
DATE=/usr/bin/gdate
elif [[ -x /opt/sfw/bin/date ]]; then
DATE=/opt/sfw/bin/date
else
pr "unable to find a executable date"
exit 1
fi
#
# DATE=$(which gdate)
# if [[ $DATE =~ "no gdate in" ]] ; then
# if [[ -x /opt/sfw/bin/date ]]; then
# DATE=/opt/sfw/bin/date
# fi
# fi
#
# if [[ $DATE =~ "no gdate in" ]] ; then
# pr "gdate not found"
# exit
# fi
function is_conf_younger_than_svc()
{
date_svc=$(${DATE} --date="$(svcs -l ndp | grep -w state_time| sed 's|state_time *||')" "+%s")
date_conf=$(stat --format="%Z" /etc/inet/ndpd.conf)
if [[ $date_svc -gt $date_conf ]]; then
return 0
else
return 1
fi
}
function get_os_release()
{
if [[ -e /etc/release ]]; then
if grep -i oracle /etc/release >& /dev/null ; then
grep -i solaris /etc/release | awk '{print $3}'
else
grep -i solaris /etc/release | awk '{print $2}'
fi
else
pr "unable to get the os release" 1>&2
echo "exit"
fi
}
function restart_svc_ndp()
{
action=$1
svc_name="svc:/network/routing/ndp:default"
if svcs -H ${svc_name} &> /dev/null; then
if is_conf_younger_than_svc; then
pb "no need to restart the service as it is younger than the conf"
else
# TODO: do not restart ndp if file is older than ndp restart
status=$(svcs -H "${svc_name}" 2>/dev/null | awk '{print $1}' )
case ${status} in
#TODO: offline\*) to manage "(offline*)"
online)
svcadm restart ${svc_name}
pb "service ndpd restarted"
;;
*)
if [[ ${action} = "disable-ndp" ]]; then
pb "no need to restart npdp as the service is not running and the action is ($action)"
else
pr "service status($status) not managed" 1>&2
pb "exit" 1>&2
exit 1
fi
;;
esac
fi
else
pr "no ndp service" 1>&2
pb "exit" 1>&2
exit 1
fi
}
function set_ndpd_no_all()
{
cat << eof > /tmp/ndpd.conf
ifdefault StatelessAddrConf false
ifdefault StatefulAddrConf false
ifdefault TmpAddrsEnabled false
eof
if [[ ! -e /etc/inet/ndpd.conf ]]; then
mv /tmp/ndpd.conf /etc/inet/ndpd.conf
pb "disabled conf for ndpd pushed"
else
if diff /tmp/ndpd.conf /etc/inet/ndpd.conf >& /dev/null; then
rm /tmp/ndpd.conf
pb "disabled conf for ndpd already in place"
else
mv /tmp/ndpd.conf /etc/inet/ndpd.conf
pb "disabled conf for ndpd pushed"
fi
fi
os_release=$(get_os_release)
case ${os_release} in
11.*)
restart_svc_ndp disable-ndp
pbg "assured that ndpd is disabled"
;;
11)
restart_svc_ndp disable-ndp
pbg "assured that ndpd is disabled"
;;
10)
restart_svc_ndp disable-ndp
pbg "assured that ndpd is disabled"
;;
*)
pr "release($os_release) not managed" 1>&2
pb "exit" 1>&2
exit 1
;;
esac
}
function usage()
{
pb "Usage: $0"
pb " disable-ndp: turn off stateless(ra), stateful(dhcp), tmpaddr (privacy)"
}
case $1 in
disable-ndp)
set_ndpd_no_all
;;
-h)
usage
exit 0
;;
*)
pr "unknown argument"
pb "please follow the usage"
usage
exit 1
;;
esac
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment