defaultroute revision 45096
1219888Sed#!/bin/sh - 2219888Sed# 3219888Sed# $Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $ 4219888Sed# From: @(#)netstart 5.9 (Berkeley) 3/30/91 5219888Sed 6219888Sed# Note that almost all the user-configurable behavior is no longer in 7219888Sed# this file, but rather in /etc/rc.conf. Please check that file 8219888Sed# first before contemplating any changes here. If you do need to change 9219888Sed# this file for some reason, we would like to know about it. 10219888Sed 11219888Sed# First pass startup stuff. 12219888Sed 13219888Sednetwork_pass1() { 14219888Sed echo -n 'Doing initial network setup:' 15219888Sed # Set the host name if it is not already set 16219888Sed if [ -z "`hostname -s`" ] ; then 17219888Sed hostname $hostname 18219888Sed echo -n ' hostname' 19219888Sed fi 20219888Sed 21219888Sed # Set the domainname if we're using NIS 22219888Sed if [ -n "$nisdomainname" -a "x$nisdomainname" != "xNO" ] ; then 23219888Sed domainname $nisdomainname 24219888Sed echo -n ' domain' 25219888Sed fi 26219888Sed echo '.' 27219888Sed 28219888Sed # Initial ATM interface configuration 29219888Sed if [ "X${atm_enable}" = X"YES" -a -f /etc/rc.atm ]; then 30219888Sed . /etc/rc.atm 31219888Sed atm_pass1 32219888Sed fi 33219888Sed 34219888Sed # ISDN subsystem startup 35219888Sed if [ "X${isdn_enable}" = X"YES" -a -f /etc/rc.isdn ]; then 36219888Sed . /etc/rc.isdn 37219888Sed fi 38219888Sed 39219888Sed # Special options for sppp(4) interfaces go here. These need 40219888Sed # to go _before_ the general ifconfig section, since in the case 41219888Sed # of hardwired (no link1 flag) but required authentication, you 42219888Sed # cannot pass auth parameters down to the already running interface. 43219888Sed for ifn in ${sppp_interfaces}; do 44219888Sed eval spppcontrol_args=\$spppconfig_${ifn} 45219888Sed if [ -n "${spppcontrol_args}" ] ; then 46219888Sed # The auth secrets might contain spaces; in order 47219888Sed # to retain the quotation, we need to eval them 48219888Sed # here. 49219888Sed eval spppcontrol ${ifn} ${spppcontrol_args} 50219888Sed fi 51219888Sed done 52219888Sed 53219888Sed # Set up all the network interfaces, calling startup scripts if needed 54219888Sed for ifn in ${network_interfaces}; do 55219888Sed if [ -e /etc/start_if.${ifn} ]; then 56219888Sed . /etc/start_if.${ifn} 57219888Sed fi 58219888Sed # Do the primary ifconfig if specified 59219888Sed eval ifconfig_args=\$ifconfig_${ifn} 60219888Sed if [ -n "${ifconfig_args}" ] ; then 61219888Sed ifconfig ${ifn} ${ifconfig_args} 62219888Sed fi 63219888Sed # Check to see if aliases need to be added 64219888Sed alias=0 65219888Sed while : 66219888Sed do 67219888Sed eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} 68219888Sed if [ -n "${ifconfig_args}" ]; then 69219888Sed ifconfig ${ifn} ${ifconfig_args} alias 70219888Sed alias=`expr ${alias} + 1` 71219888Sed else 72219888Sed break; 73219888Sed fi 74219888Sed done 75219888Sed # Do ipx address if specified 76219888Sed eval ifconfig_args=\$ifconfig_${ifn}_ipx 77219888Sed if [ -n "${ifconfig_args}" ]; then 78219888Sed ifconfig ${ifn} ${ifconfig_args} 79219888Sed fi 80219888Sed ifconfig ${ifn} 81219888Sed done 82219888Sed 83219888Sed # Initialize IP filtering using ipfw 84219888Sed echo "" 85219888Sed /sbin/ipfw -q flush > /dev/null 2>&1 86219888Sed if [ $? = 0 ] ; then 87219888Sed firewall_in_kernel=1 88219888Sed else 89219888Sed firewall_in_kernel=0 90219888Sed fi 91219888Sed 92219888Sed if [ $firewall_in_kernel = 0 -a "x$firewall_enable" = "xYES" ] ; then 93219888Sed if kldload ipfw; then 94219888Sed firewall_in_kernel=1 # module loaded successfully 95219888Sed echo "Kernel firewall module loaded." 96219888Sed else 97219888Sed echo "Warning: firewall kernel module failed to load." 98219888Sed fi 99219888Sed fi 100219888Sed 101219888Sed # Load the filters if required 102219888Sed if [ $firewall_in_kernel = 1 ]; then 103219888Sed if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then 104219888Sed . /etc/rc.firewall 105219888Sed echo -n 'Firewall rules loaded, starting divert daemons: ' 106219888Sed 107219888Sed # Network Address Translation daemon 108219888Sed if [ X"${natd_enable}" = X"YES" -a -n "${natd_interface}" ]; then 109219888Sed if echo ${natd_interface} | \ 110219888Sed grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then 111219888Sed natd_ifarg="-a ${natd_interface}" 112219888Sed else 113219888Sed natd_ifarg="-n ${natd_interface}" 114219888Sed fi 115219888Sed echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} 116219888Sed fi 117219888Sed echo '.' 118219888Sed else 119219888Sed IPFW_DEFAULT=`ipfw l 65535` 120219888Sed if [ "$IPFW_DEFAULT" = "65535 deny ip from any to any" ]; then 121219888Sed echo -n "Warning: kernel has firewall functionality, " 122219888Sed echo "but firewall rules are not enabled." 123219888Sed echo " All ip services are disabled." 124219888Sed fi 125219888Sed fi 126219888Sed fi 127219888Sed 128219888Sed # Additional ATM interface configuration 129219888Sed if [ -n "${atm_pass1_done}" ]; then 130219888Sed atm_pass2 131219888Sed fi 132219888Sed 133219888Sed # Configure routing 134219888Sed 135219888Sed if [ "x$defaultrouter" != "xNO" ] ; then 136219888Sed static_routes="default ${static_routes}" 137219888Sed route_default="default ${defaultrouter}" 138219888Sed fi 139219888Sed 140219888Sed # Set up any static routes. This should be done before router discovery. 141219888Sed if [ "x${static_routes}" != "x" ]; then 142219888Sed for i in ${static_routes}; do 143219888Sed eval route_args=\$route_${i} 144219888Sed route add ${route_args} 145219888Sed done 146219888Sed fi 147219888Sed 148219888Sed echo -n 'Additional routing options:' 149219888Sed if [ -n "$tcp_extensions" -a "x$tcp_extensions" != "xYES" ] ; then 150219888Sed echo -n ' tcp extensions=NO' 151219888Sed sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 2>&1 152219888Sed fi 153219888Sed 154219888Sed if [ -n "$log_in_vain" -a "x$log_in_vain" != "xNO" ] ; then 155219888Sed echo -n ' log_in_vain=YES' 156219888Sed sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null 2>&1 157219888Sed sysctl -w net.inet.udp.log_in_vain=1 >/dev/null 2>&1 158219888Sed fi 159219888Sed 160219888Sed if [ X"$icmp_bmcastecho" = X"YES" ]; then 161219888Sed echo -n ' broadcast ping responses=YES' 162219888Sed sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null 2>&1 163219888Sed fi 164219888Sed 165219888Sed if [ "X$gateway_enable" = X"YES" ]; then 166219888Sed echo -n ' IP gateway=YES' 167219888Sed sysctl -w net.inet.ip.forwarding=1 >/dev/null 2>&1 168219888Sed fi 169219888Sed 170219888Sed if [ "X$forward_sourceroute" = X"YES" ]; then 171219888Sed echo -n ' do source routing=YES' 172219888Sed sysctl -w net.inet.ip.sourceroute=1 >/dev/null 2>&1 173219888Sed fi 174219888Sed 175219888Sed if [ "X$accept_sourceroute" = X"YES" ]; then 176219888Sed echo -n ' accept source routing=YES' 177219888Sed sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 2>&1 178219888Sed fi 179219888Sed 180219888Sed if [ "X$ipxgateway_enable" = X"YES" ]; then 181219888Sed echo -n ' IPX gateway=YES' 182219888Sed sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 2>&1 183219888Sed fi 184219888Sed 185219888Sed if [ "X$arpproxy_all" = X"YES" ]; then 186219888Sed echo -n ' enabling ARP_PROXY_ALL: ' 187219888Sed sysctl -w net.link.ether.inet.proxyall=1 2>&1 188219888Sed fi 189219888Sed echo '.' 190219888Sed 191219888Sed echo -n 'routing daemons:' 192219888Sed if [ "X$router_enable" = X"YES" ]; then 193219888Sed echo -n " ${router}"; ${router} ${router_flags} 194219888Sed fi 195219888Sed 196219888Sed if [ "X$ipxrouted_enable" = X"YES" ]; then 197219888Sed echo -n ' IPXrouted' 198219888Sed IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 199219888Sed fi 200219888Sed 201219888Sed if [ "X${mrouted_enable}" = X"YES" ]; then 202219888Sed echo -n ' mrouted'; mrouted ${mrouted_flags} 203219888Sed fi 204219888Sed 205219888Sed if [ "X$rarpd_enable" = X"YES" ]; then 206219888Sed echo -n ' rarpd'; rarpd ${rarpd_flags} 207219888Sed fi 208219888Sed echo '.' 209219888Sed network_pass1_done=YES # Let future generations know we made it. 210243802Snwhitehorn} 211219888Sed 212219888Sednetwork_pass2() { 213219888Sed echo -n 'Doing additional network setup:' 214219888Sed if [ "X${named_enable}" = X"YES" ]; then 215219888Sed echo -n ' named'; ${named_program-"named"} ${named_flags} 216219888Sed fi 217219888Sed 218219888Sed if [ "X${ntpdate_enable}" = X"YES" ]; then 219219888Sed echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 220219888Sed fi 221219888Sed 222219888Sed if [ "X${xntpd_enable}" = X"YES" ]; then 223219888Sed echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} 224219888Sed fi 225219888Sed 226219888Sed if [ "X${timed_enable}" = X"YES" ]; then 227219888Sed echo -n ' timed'; timed ${timed_flags} 228219888Sed fi 229219888Sed 230219888Sed if [ "X${portmap_enable}" = X"YES" ]; then 231219888Sed echo -n ' portmap'; ${portmap_program} ${portmap_flags} 232219888Sed fi 233219888Sed 234219888Sed # Start ypserv if we're an NIS server. 235219888Sed # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. 236219888Sed if [ "X${nis_server_enable}" = X"YES" ]; then 237219888Sed echo -n ' ypserv'; ypserv ${nis_server_flags} 238219888Sed 239219888Sed if [ "X${nis_ypxfrd_enable}" = X"YES" ]; then 240219888Sed echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} 241219888Sed fi 242219888Sed 243219888Sed if [ "X${nis_yppasswdd_enable}" = X"YES" ]; then 244219888Sed echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} 245219888Sed fi 246219888Sed fi 247219888Sed 248219888Sed # Start ypbind if we're an NIS client 249219888Sed if [ "X${nis_client_enable}" = X"YES" ]; then 250219888Sed echo -n ' ypbind'; ypbind ${nis_client_flags} 251219888Sed if [ "X${nis_ypset_enable}" = X"YES" ]; then 252219888Sed echo -n ' ypset'; ypset ${nis_ypset_flags} 253219888Sed fi 254219888Sed fi 255219888Sed 256219888Sed # Start keyserv if we are running Secure RPC 257219888Sed if [ "X${keyserv_enable}" = X"YES" ]; then 258219888Sed echo -n ' keyserv'; keyserv ${keyserv_flags} 259219888Sed fi 260219888Sed # Start ypupdated if we are running Secure RPC and we are NIS master 261219888Sed if [ "X$rpc_ypupdated_enable" = X"YES" ]; then 262219888Sed echo -n ' rpc.ypupdated'; rpc.ypupdated 263219888Sed fi 264219888Sed 265219888Sed # Start ATM daemons 266219888Sed if [ -n "${atm_pass2_done}" ]; then 267219888Sed atm_pass3 268219888Sed fi 269219888Sed 270219888Sed echo '.' 271219888Sed network_pass2_done=YES 272219888Sed} 273219888Sed 274219888Sednetwork_pass3() { 275219888Sed echo -n 'Starting final network daemons:' 276219888Sed 277219888Sed if [ "X${nfs_server_enable}" = X"YES" -a -r /etc/exports ]; then 278219888Sed echo -n ' mountd' 279219888Sed if [ "X${weak_mountd_authentication}" = X"YES" ]; then 280219888Sed mountd_flags="-n" 281219888Sed fi 282219888Sed mountd ${mountd_flags} 283219888Sed if [ "X${nfs_reserved_port_only}" = X"YES" ]; then 284219888Sed sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 2>&1 285219888Sed fi 286219888Sed echo -n ' nfsd'; nfsd ${nfs_server_flags} 287219888Sed if [ "X$rpc_lockd_enable" = X"YES" ]; then 288219888Sed echo -n ' rpc.lockd'; rpc.lockd 289219888Sed fi 290219888Sed if [ "X$rpc_statd_enable" = X"YES" ]; then 291219888Sed echo -n ' rpc.statd'; rpc.statd 292219888Sed fi 293219888Sed fi 294219888Sed 295219888Sed if [ "X${nfs_client_enable}" = X"YES" ]; then 296219888Sed echo -n ' nfsiod'; nfsiod ${nfs_client_flags} 297219888Sed if [ "X${nfs_access_cache}" != X ]; then 298219888Sed sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ 299219888Sed >/dev/null 2>&1 300219888Sed fi 301219888Sed fi 302219888Sed 303219888Sed if [ "X${amd_enable}" = X"YES" ]; then 304219888Sed echo -n ' amd' 305219888Sed if [ "X${amd_map_program}" != X"NO" ]; then 306219888Sed amd_flags="${amd_flags} `eval ${amd_map_program}`" 307219888Sed fi 308219888Sed amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null 309219888Sed fi 310219888Sed 311219888Sed if [ "X${rwhod_enable}" = X"YES" ]; then 312219888Sed echo -n ' rwhod'; rwhod ${rwhod_flags} 313219888Sed fi 314219888Sed 315219888Sed # Kerberos runs ONLY on the Kerberos server machine 316219888Sed if [ "X${kerberos_server_enable}" = X"YES" ]; then 317219888Sed if [ "X${kerberos_stash}" = "XYES" ]; then 318219888Sed stash_flag=-n 319219888Sed else 320219888Sed stash_flag= 321219888Sed fi 322219888Sed echo -n ' kerberos'; \ 323219888Sed kerberos ${stash_flag} >> /var/log/kerberos.log & 324219888Sed if [ "X${kadmind_server_enable}" = "XYES" ]; then 325219888Sed echo -n ' kadmind'; \ 326219888Sed (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & 327219888Sed fi 328219888Sed unset stash_flag 329219888Sed fi 330219888Sed 331219888Sed echo '.' 332219888Sed network_pass3_done=YES 333219888Sed} 334219888Sed