defaultroute revision 42270
1193323Sed#!/bin/sh - 2193323Sed# 3193323Sed# $Id: rc.network,v 1.36 1998/11/27 07:06:11 jkoshy Exp $ 4193323Sed# From: @(#)netstart 5.9 (Berkeley) 3/30/91 5193323Sed 6193323Sed# Note that almost all the user-configurable behavior is no longer in 7193323Sed# this file, but rather in /etc/rc.conf. Please check that file 8193323Sed# first before contemplating any changes here. If you do need to change 9193323Sed# this file for some reason, we would like to know about it. 10193323Sed 11193323Sed# First pass startup stuff. 12193323Sed 13193323Sednetwork_pass1() { 14193323Sed echo -n 'Doing initial network setup:' 15193323Sed # Set the host name if it is not already set 16193323Sed if [ -z "`hostname -s`" ] ; then 17193323Sed hostname $hostname 18193323Sed echo -n ' hostname' 19193323Sed fi 20193323Sed 21193323Sed # Set the domainname if we're using NIS 22193323Sed if [ -n "$nisdomainname" -a "x$nisdomainname" != "xNO" ] ; then 23193323Sed domainname $nisdomainname 24193323Sed echo -n ' domain' 25193323Sed fi 26193323Sed echo '.' 27193323Sed 28193323Sed # Initial ATM interface configuration 29193323Sed if [ "X${atm_enable}" = X"YES" -a -f /etc/rc.atm ]; then 30193323Sed . /etc/rc.atm 31193323Sed atm_pass1 32193323Sed fi 33193323Sed 34193323Sed # Set up all the network interfaces, calling startup scripts if needed 35193323Sed for ifn in ${network_interfaces}; do 36193323Sed if [ -e /etc/start_if.${ifn} ]; then 37199989Srdivacky . /etc/start_if.${ifn} 38200581Srdivacky fi 39200581Srdivacky # Do the primary ifconfig if specified 40199989Srdivacky eval ifconfig_args=\$ifconfig_${ifn} 41193323Sed if [ -n "${ifconfig_args}" ] ; then 42193323Sed ifconfig ${ifn} ${ifconfig_args} 43193323Sed fi 44193323Sed # Check to see if aliases need to be added 45193323Sed alias=0 46193323Sed while : 47193323Sed do 48193323Sed eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} 49193323Sed if [ -n "${ifconfig_args}" ]; then 50198090Srdivacky ifconfig ${ifn} ${ifconfig_args} alias 51193323Sed alias=`expr ${alias} + 1` 52193323Sed else 53200581Srdivacky break; 54200581Srdivacky fi 55200581Srdivacky done 56200581Srdivacky # Do ipx address if specified 57200581Srdivacky eval ifconfig_args=\$ifconfig_${ifn}_ipx 58193323Sed if [ -n "${ifconfig_args}" ]; then 59199989Srdivacky ifconfig ${ifn} ${ifconfig_args} 60199989Srdivacky fi 61193323Sed ifconfig ${ifn} 62193323Sed done 63193323Sed 64193323Sed # Initialize IP filtering using ipfw 65193323Sed echo "" 66193323Sed /sbin/ipfw -q flush > /dev/null 2>&1 67193323Sed if [ $? = 0 ] ; then 68193323Sed firewall_in_kernel=1 69193323Sed else 70193323Sed firewall_in_kernel=0 71193323Sed fi 72193323Sed 73193323Sed if [ $firewall_in_kernel = 0 -a "x$firewall_enable" = "xYES" ] ; then 74193323Sed if kldload ipfw; then 75193323Sed firewall_in_kernel=1 # module loaded successfully 76193323Sed echo "Kernel firewall module loaded." 77193323Sed else 78193323Sed echo "Warning: firewall kernel module failed to load." 79193323Sed fi 80193323Sed fi 81193323Sed 82193323Sed # Load the filters if required 83193323Sed if [ $firewall_in_kernel = 1 ]; then 84200581Srdivacky if [ -n "$firewall_enable" -a -f /etc/rc.firewall -a \ 85193323Sed "x$firewall_enable" = "xYES" ] ; then 86193323Sed . /etc/rc.firewall 87193323Sed echo "Firewall rules loaded." 88193323Sed else 89200581Srdivacky IPFW_DEFAULT=`ipfw l 65535` 90193323Sed if [ "$IPFW_DEFAULT" = "65535 deny ip from any to any" ]; then 91193323Sed echo -n "Warning: kernel has firewall functionality, " 92193323Sed echo "but firewall rules are not enabled." 93193323Sed echo " All ip services are disabled." 94193323Sed fi 95198090Srdivacky fi 96193323Sed fi 97193323Sed 98193323Sed # Additional ATM interface configuration 99193323Sed if [ -n "${atm_pass1_done}" ]; then 100193323Sed atm_pass2 101193323Sed fi 102193323Sed 103200581Srdivacky # Configure routing 104199989Srdivacky 105199989Srdivacky if [ "x$defaultrouter" != "xNO" ] ; then 106199989Srdivacky static_routes="default ${static_routes}" 107199989Srdivacky route_default="default ${defaultrouter}" 108199989Srdivacky fi 109199989Srdivacky 110199989Srdivacky # Set up any static routes. This should be done before router discovery. 111199989Srdivacky if [ "x${static_routes}" != "x" ]; then 112199989Srdivacky for i in ${static_routes}; do 113199989Srdivacky eval route_args=\$route_${i} 114193323Sed route add ${route_args} 115193323Sed done 116193323Sed fi 117193323Sed 118193323Sed echo -n 'Additional routing options:' 119193323Sed if [ -n "$tcp_extensions" -a "x$tcp_extensions" != "xYES" ] ; then 120193323Sed echo -n ' tcp extensions=NO' 121193323Sed sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 2>&1 122193323Sed fi 123193323Sed 124193323Sed if [ X"$icmp_bmcastecho" = X"YES" ]; then 125193323Sed echo -n ' broadcast ping responses=YES' 126193323Sed sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null 2>&1 127193323Sed fi 128193323Sed 129193323Sed if [ "X$gateway_enable" = X"YES" ]; then 130193323Sed echo -n ' IP gateway=YES' 131193323Sed sysctl -w net.inet.ip.forwarding=1 >/dev/null 2>&1 132193323Sed fi 133193323Sed 134193323Sed if [ "X$forward_sourceroute" = X"YES" ]; then 135193323Sed echo -n ' do source routing=YES' 136193323Sed sysctl -w net.inet.ip.sourceroute=1 >/dev/null 2>&1 137193323Sed fi 138193323Sed 139199989Srdivacky if [ "X$accept_sourceroute" = X"YES" ]; then 140200581Srdivacky echo -n ' accept source routing=YES' 141193323Sed sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 2>&1 142193323Sed fi 143193323Sed 144193323Sed if [ "X$ipxgateway_enable" = X"YES" ]; then 145193323Sed echo -n ' IPX gateway=YES' 146193323Sed sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 2>&1 147193323Sed fi 148193323Sed 149193323Sed if [ "X$arpproxy_all" = X"YES" ]; then 150200581Srdivacky echo -n ' enabling ARP_PROXY_ALL: ' 151198090Srdivacky sysctl -w net.link.ether.inet.proxyall=1 2>&1 152193323Sed fi 153198090Srdivacky echo '.' 154198090Srdivacky 155193323Sed echo -n 'routing daemons:' 156193323Sed if [ "X$router_enable" = X"YES" ]; then 157193323Sed echo -n " ${router}"; ${router} ${router_flags} 158193323Sed fi 159193323Sed 160193323Sed if [ "X$ipxrouted_enable" = X"YES" ]; then 161193323Sed echo -n ' IPXrouted' 162193323Sed IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 163193323Sed fi 164193323Sed 165193323Sed if [ "X${mrouted_enable}" = X"YES" ]; then 166193323Sed echo -n ' mrouted'; mrouted ${mrouted_flags} 167193323Sed fi 168193323Sed 169193323Sed if [ "X$rarpd_enable" = X"YES" ]; then 170198090Srdivacky echo -n ' rarpd'; rarpd ${rarpd_flags} 171198090Srdivacky fi 172193323Sed echo '.' 173193323Sed network_pass1_done=YES # Let future generations know we made it. 174193323Sed} 175193323Sed 176193323Sednetwork_pass2() { 177193323Sed echo -n 'Doing additional network setup:' 178193323Sed if [ "X${named_enable}" = X"YES" ]; then 179193323Sed echo -n ' named'; ${named_program-"named"} ${named_flags} 180193323Sed fi 181193323Sed 182198090Srdivacky if [ "X${ntpdate_enable}" = X"YES" ]; then 183198090Srdivacky echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 184193323Sed fi 185193323Sed 186193323Sed if [ "X${xntpd_enable}" = X"YES" ]; then 187193323Sed echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} 188193323Sed fi 189193323Sed 190193323Sed if [ "X${timed_enable}" = X"YES" ]; then 191193323Sed echo -n ' timed'; timed ${timed_flags} 192193323Sed fi 193193323Sed 194200581Srdivacky if [ "X${portmap_enable}" = X"YES" ]; then 195193323Sed echo -n ' portmap'; portmap ${portmap_flags} 196193323Sed fi 197193323Sed 198193323Sed # Start ypserv if we're an NIS server. 199193323Sed # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. 200198090Srdivacky if [ "X${nis_server_enable}" = X"YES" ]; then 201198090Srdivacky echo -n ' ypserv'; ypserv ${nis_server_flags} 202193323Sed 203193323Sed if [ "X${nis_ypxfrd_enable}" = X"YES" ]; then 204193323Sed echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} 205193323Sed fi 206193323Sed 207193323Sed if [ "X${nis_yppasswdd_enable}" = X"YES" ]; then 208193323Sed echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} 209193323Sed fi 210193323Sed fi 211193323Sed 212198090Srdivacky # Start ypbind if we're an NIS client 213198090Srdivacky if [ "X${nis_client_enable}" = X"YES" ]; then 214193323Sed echo -n ' ypbind'; ypbind ${nis_client_flags} 215193323Sed if [ "X${nis_ypset_enable}" = X"YES" ]; then 216193323Sed echo -n ' ypset'; ypset ${nis_ypset_flags} 217193323Sed fi 218193323Sed fi 219193323Sed 220193323Sed # Start keyserv if we are running Secure RPC 221193323Sed if [ "X${keyserv_enable}" = X"YES" ]; then 222193323Sed echo -n ' keyserv'; keyserv ${keyserv_flags} 223193323Sed fi 224193323Sed # Start ypupdated if we are running Secure RPC and we are NIS master 225193323Sed if [ "X$rpc_ypupdated_enable" = X"YES" ]; then 226193323Sed echo -n ' rpc.ypupdated'; rpc.ypupdated 227193323Sed fi 228198090Srdivacky 229193323Sed # Start ATM daemons 230193323Sed if [ -n "${atm_pass2_done}" ]; then 231193323Sed atm_pass3 232193323Sed fi 233193323Sed 234193323Sed echo '.' 235193323Sed network_pass2_done=YES 236193323Sed} 237193323Sed 238193323Sednetwork_pass3() { 239193323Sed echo -n 'Starting final network daemons:' 240193323Sed 241193323Sed if [ "X${nfs_server_enable}" = X"YES" -a -r /etc/exports ]; then 242193323Sed echo -n ' mountd' 243193323Sed if [ "X${weak_mountd_authentication}" = X"YES" ]; then 244198090Srdivacky mountd_flags="-n" 245198090Srdivacky fi 246193323Sed mountd ${mountd_flags} 247193323Sed if [ "X${nfs_reserved_port_only}" = X"YES" ]; then 248193323Sed sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 2>&1 249193323Sed fi 250193323Sed echo -n ' nfsd'; nfsd ${nfs_server_flags} 251193323Sed if [ "X$rpc_lockd_enable" = X"YES" ]; then 252193323Sed echo -n ' rpc.lockd'; rpc.lockd 253193323Sed fi 254193323Sed if [ "X$rpc_statd_enable" = X"YES" ]; then 255193323Sed echo -n ' rpc.statd'; rpc.statd 256193323Sed fi 257193323Sed fi 258193323Sed 259193323Sed if [ "X${nfs_client_enable}" = X"YES" ]; then 260200581Srdivacky echo -n ' nfsiod'; nfsiod ${nfs_client_flags} 261193323Sed if [ "X${nfs_access_cache}" != X ]; then 262193323Sed sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ 263193323Sed >/dev/null 2>&1 264193323Sed fi 265193323Sed fi 266198090Srdivacky 267198090Srdivacky if [ "X${amd_enable}" = X"YES" ]; then 268193323Sed echo -n ' amd' 269193323Sed if [ "X${amd_map_program}" != X"NO" ]; then 270193323Sed amd_flags="${amd_flags} `eval ${amd_map_program}`" 271193323Sed fi 272193323Sed amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null 273193323Sed fi 274193323Sed 275193323Sed if [ "X${rwhod_enable}" = X"YES" ]; then 276193323Sed echo -n ' rwhod'; rwhod ${rwhod_flags} 277193323Sed fi 278193323Sed 279193323Sed # Kerberos runs ONLY on the Kerberos server machine 280199989Srdivacky if [ "X${kerberos_server_enable}" = X"YES" ]; then 281199989Srdivacky if [ "X${kerberos_stash}" = "XYES" ]; then 282193323Sed stash_flag=-n 283193323Sed else 284193323Sed stash_flag= 285193323Sed fi 286193323Sed echo -n ' kerberos'; \ 287193323Sed kerberos ${stash_flag} >> /var/log/kerberos.log & 288193323Sed if [ "X${kadmind_server_enable}" = "XYES" ]; then 289193323Sed echo -n ' kadmind'; \ 290193323Sed (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & 291193323Sed fi 292193323Sed unset stash_flag 293193323Sed fi 294193323Sed 295193323Sed # Network Address Translation daemon 296193323Sed if [ "X${natd_enable}" = X"YES" -a X"${natd_interface}" != X"" \ 297193323Sed -a X"${firewall_enable}" = X"YES" ]; then 298193323Sed if echo ${natd_interface} | \ 299193323Sed grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then 300193323Sed natd_ifarg="-a ${natd_interface}" 301193323Sed else 302 natd_ifarg="-n ${natd_interface}" 303 fi 304 echo -n ' natd'; natd ${natd_flags} ${natd_ifarg} 305 fi 306 307 echo '.' 308 network_pass3_done=YES 309} 310