From bbb7d0b11920277c090e1e5cd7eed3d010e82f4a Mon Sep 17 00:00:00 2001
From: bin456789 <bin456789@gmail.com>
Date: Wed, 29 May 2024 21:30:21 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A4=84=E7=90=86=E9=83=A8=E5=88=86=E5=95=86?=
 =?UTF-8?q?=E5=AE=B6=20slaac=20/=20dhcpv6=20=E8=8E=B7=E5=8F=96=E7=9A=84=20?=
 =?UTF-8?q?ip=20=E6=97=A0=E6=B3=95=E4=B8=8A=E7=BD=91?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 alpine-network.sh | 52 +++++++++++++++++++++++++++++++++++++++++++++--
 reinstall.sh      | 18 +++++++++++++---
 trans.sh          | 40 +++++++++++++++++++++++++++++++++---
 3 files changed, 102 insertions(+), 8 deletions(-)

diff --git a/alpine-network.sh b/alpine-network.sh
index 6b562df..58f3d66 100644
--- a/alpine-network.sh
+++ b/alpine-network.sh
@@ -31,6 +31,18 @@ else
     ipv6_dns2='2001:4860:4860::8888'
 fi
 
+get_ipv4_gateway() {
+    # debian 11 initrd 没有 xargs awk
+    # debian 12 initrd 没有 xargs
+    ip -4 route show default | head -1 | cut -d ' ' -f3
+}
+
+get_ipv6_gateway() {
+    # debian 11 initrd 没有 xargs awk
+    # debian 12 initrd 没有 xargs
+    ip -6 route show default | head -1 | cut -d ' ' -f3
+}
+
 get_first_ipv4_addr() {
     # debian 11 initrd 没有 xargs awk
     # debian 12 initrd 没有 xargs
@@ -41,6 +53,16 @@ get_first_ipv4_addr() {
     fi
 }
 
+get_first_ipv6_addr() {
+    # debian 11 initrd 没有 xargs awk
+    # debian 12 initrd 没有 xargs
+    if false; then
+        ip -6 -o addr show scope global dev "$ethx" | head -1 | awk '{print $4}'
+    else
+        ip -6 -o addr show scope global dev "$ethx" | head -1 | grep -o '[0-9a-f\:]*/[0-9]*'
+    fi
+}
+
 is_have_ipv4_addr() {
     ip -4 addr show scope global dev "$ethx" | grep -q inet
 }
@@ -150,13 +172,23 @@ flush_ipv4_config() {
     ip -4 route flush dev "$ethx"
 }
 
+flush_ipv6_config() {
+    # 是否临时禁用 ra / slaac
+    if [ "$1" = true ]; then
+        echo 0 >"/proc/sys/net/ipv6/conf/$ethx/autoconf"
+    fi
+
+    ip -6 addr flush scope global dev "$ethx"
+    ip -6 route flush dev "$ethx"
+}
+
 test_internet
 
 # 处理云电脑 dhcp 获取的地址无法上网
 if $dhcpv4 && ! $ipv4_has_internet &&
     [ -n "$ipv4_addr" ] && [ -n "$ipv4_gateway" ] &&
-    ! [ "$ipv4_addr" = "$(get_first_ipv4_addr)" ]; then
-    echo "DHCPv4 can't access Internet. And not match static IPv4."
+    { ! [ "$ipv4_addr" = "$(get_first_ipv4_addr)" ] || ! [ "$ipv4_gateway" = "$(get_ipv4_gateway)" ]; }; then
+    echo "DHCPv4 can't access Internet. And not match static IPv4 Address or Gateway."
     flush_ipv4_config
     add_missing_ipv4_config
     test_internet
@@ -165,6 +197,21 @@ if $dhcpv4 && ! $ipv4_has_internet &&
     fi
 fi
 
+should_disable_ra_slaac=false
+# 处理部分商家 slaac / dhcpv6 获取的 ip 无法上网
+if $dhcpv6_or_slaac && ! $ipv6_has_internet &&
+    [ -n "$ipv6_addr" ] && [ -n "$ipv6_gateway" ] &&
+    { ! [ "$ipv6_addr" = "$(get_first_ipv6_addr)" ] || ! [ "$ipv6_gateway" = "$(get_ipv6_gateway)" ]; }; then
+    echo "SLAAC can't access Internet. And not match static IPv6 Address or Gateway."
+    flush_ipv6_config true
+    add_missing_ipv6_config
+    test_internet
+    if $ipv6_has_internet; then
+        dhcpv6_or_slaac=false
+        should_disable_ra_slaac=true
+    fi
+fi
+
 # 等待 udhcpc 创建 /etc/resolv.conf
 # 好像只有 dhcpv4 会创建 resolv.conf
 if { $dhcpv4 || $dhcpv6_or_slaac; } && [ ! -e /etc/resolv.conf ]; then
@@ -196,6 +243,7 @@ fi
 
 # 传参给 trans.start
 $dhcpv4 && echo 1 >/dev/dhcpv4 || echo 0 >/dev/dhcpv4
+$should_disable_ra_slaac && echo 1 >/dev/should_disable_ra_slaac || echo 0 >/dev/should_disable_ra_slaac
 $is_in_china && echo 1 >/dev/is_in_china || echo 0 >/dev/is_in_china
 echo "$ethx" >/dev/ethx
 echo "$mac_addr" >/dev/mac_addr
diff --git a/reinstall.sh b/reinstall.sh
index f609baf..7f6801a 100644
--- a/reinstall.sh
+++ b/reinstall.sh
@@ -1622,16 +1622,28 @@ collect_netconf() {
     else
         # linux
         # 通过默认网关得到默认网卡
+
+        # 多个默认路由下
+        # ip -6 route show default dev ens3 完全不显示
+
+        # ip -6 route show default
+        # default proto static metric 1024 pref medium
+        #         nexthop via 2a01:1111:262:4940::2 dev ens3 weight 1 onlink
+        #         nexthop via fe80::5054:ff:fed4:5286 dev ens3 weight 1
+
+        # ip -6 route show default
+        # default via 2602:1111:0:80::1 dev eth0 metric 1024 onlink pref medium
+
         for v in 4 6; do
-            if ethx=$(ip -$v route show default | head -1 | awk '{print $5}' | grep .); then
+            if ethx=$(ip -$v route show default | awk '$4=="dev"' | head -1 | awk '{print $5}' | grep .); then
                 mac_addr=$(ip link show dev $ethx | grep link/ether | head -1 | awk '{print $2}')
                 break
             fi
         done
 
         for v in 4 6; do
-            if ip -$v route show default dev $ethx | head -1 | grep -q .; then
-                eval ipv${v}_gateway="$(ip -$v route show default dev $ethx | head -1 | awk '{print $3}')"
+            if ip -$v route show default | awk '$5=="'$ethx'"' | head -1 | grep -q .; then
+                eval ipv${v}_gateway="$(ip -$v route show default | awk '$5=="'$ethx'"' | head -1 | awk '{print $3}')"
                 eval ipv${v}_addr="$(ip -$v -o addr show scope global dev $ethx | head -1 | awk '{print $4}')"
             fi
         done
diff --git a/trans.sh b/trans.sh
index 7d512bf..160eef9 100644
--- a/trans.sh
+++ b/trans.sh
@@ -9,6 +9,9 @@ set -eE
 # debian 安装版、ubuntu 安装版、redhat 安装版不使用该密码
 PASSWORD=123@@@
 
+TRUE=0
+FALSE=1
+
 trap 'trap_err $LINENO $?' ERR
 
 # 复制本脚本到 /tmp/trans.sh，用于打印错误
@@ -447,13 +450,27 @@ is_staticv6() {
     return 1
 }
 
+should_disable_ra_slaac() {
+    get_netconf_to should_disable_ra_slaac
+    # shellcheck disable=SC2154
+    [ "$should_disable_ra_slaac" = 1 ]
+}
+
 is_slaac() {
+    # 防止部分机器slaac/dhcpv6获取的ip/网关无法上网
+    if should_disable_ra_slaac; then
+        return 1
+    fi
     get_netconf_to slaac
     # shellcheck disable=SC2154
     [ "$slaac" = 1 ]
 }
 
 is_dhcpv6() {
+    # 防止部分机器slaac/dhcpv6获取的ip/网关无法上网
+    if should_disable_ra_slaac; then
+        return 1
+    fi
     get_netconf_to dhcpv6
     # shellcheck disable=SC2154
     [ "$dhcpv6" = 1 ]
@@ -502,9 +519,10 @@ is_windows_support_rdnss() {
 
 is_need_manual_set_dnsv6() {
     # 有没有可能是静态但是有 rdnss？
-    is_have_ipv6 &&
-        ! is_dhcpv6 &&
-        ! is_enable_other_flag &&
+    ! is_have_ipv6 && return $FALSE
+    is_dhcpv6 && return $FALSE
+    is_staticv6 && return $TRUE
+    is_slaac && ! is_enable_other_flag &&
         { ! is_have_rdnss || { is_have_rdnss && is_windows && ! is_windows_support_rdnss; }; }
 }
 
@@ -722,6 +740,19 @@ EOF
 EOF
         done
     fi
+
+    # 禁用 ra
+    if should_disable_ra_slaac; then
+        if [ "$distro" = alpine ]; then
+            cat <<EOF >>$conf_file
+    pre-up echo 0 >/proc/sys/net/ipv6/conf/$ethx/accept_ra
+EOF
+        else
+            cat <<EOF >>$conf_file
+    accept_ra 0
+EOF
+        fi
+    fi
 }
 
 install_alpine() {
@@ -1549,6 +1580,9 @@ create_cloud_init_network_config() {
                     \"address\": \"$ipv6_addr\",
                     \"gateway\": \"$ipv6_gateway\" }
                     " $ci_file
+        if should_disable_ra_slaac; then
+            yq -i ".network.config[0].accept-ra = false" $ci_file
+        fi
     fi
 
     # 有 ipv6 但需设置 dns 的情况