On Tue, Jan 14, 2020 at 11:54:32PM +0100, Klemens Nanni wrote:
> Came here while testing an IPv6 related sys/net/rtsock.c diff: all
> invocations use `-q' and route(8) says
>
>-q Suppress all output.
>
> so the redirection is duplicate. If route still prints to standard
> output despite the quiet flag I want to see such a bug and fix it.
>
> Note that this does not involve standard error which is neither effected
> by `-q' nor redirected.
>
> OK?
OK bluhm@
> Index: netstart
> ===
> RCS file: /cvs/src/etc/netstart,v
> retrieving revision 1.201
> diff -u -p -r1.201 netstart
> --- netstart 25 Oct 2019 06:01:27 - 1.201
> +++ netstart 14 Jan 2020 22:46:22 -
> @@ -254,26 +254,26 @@ if ifconfig lo0 inet6 >/dev/null 2>&1; t
> ip6kernel=YES
>
> # Disallow link-local unicast dest without outgoing scope identifiers.
> - route -qn add -inet6 fe80:: -prefixlen 10 ::1 -reject >/dev/null
> + route -qn add -inet6 fe80:: -prefixlen 10 ::1 -reject
>
> # Disallow site-local unicast dest without outgoing scope identifiers.
> # If you configure site-locals without scope id (it is permissible
> # config for routers that are not on scope boundary), you may want
> # to comment the line out.
> - route -qn add -inet6 fec0:: -prefixlen 10 ::1 -reject >/dev/null
> + route -qn add -inet6 fec0:: -prefixlen 10 ::1 -reject
>
> # Disallow "internal" addresses to appear on the wire.
> - route -qn add -inet6 :::0.0.0.0 -prefixlen 96 ::1 -reject >/dev/null
> + route -qn add -inet6 :::0.0.0.0 -prefixlen 96 ::1 -reject
>
> # Disallow packets to malicious 6to4 prefix.
> - route -qn add -inet6 2002:e000:: -prefixlen 20 ::1 -reject >/dev/null
> - route -qn add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject >/dev/null
> - route -qn add -inet6 2002::: -prefixlen 24 ::1 -reject >/dev/null
> - route -qn add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject >/dev/null
> + route -qn add -inet6 2002:e000:: -prefixlen 20 ::1 -reject
> + route -qn add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject
> + route -qn add -inet6 2002::: -prefixlen 24 ::1 -reject
> + route -qn add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject
>
> # Disallow packets without scope identifier.
> - route -qn add -inet6 ff01:: -prefixlen 16 ::1 -reject >/dev/null
> - route -qn add -inet6 ff02:: -prefixlen 16 ::1 -reject >/dev/null
> + route -qn add -inet6 ff01:: -prefixlen 16 ::1 -reject
> + route -qn add -inet6 ff02:: -prefixlen 16 ::1 -reject
>
> # Completely disallow packets to IPv4 compatible prefix.
> #
> @@ -290,7 +290,7 @@ if ifconfig lo0 inet6 >/dev/null 2>&1; t
> #
> # Due to rare use of IPv4 compatible addresses, and security issues
> # with it, we disable it by default.
> - route -qn add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject >/dev/null
> + route -qn add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject
> else
> ip6kernel=NO
> fi