defaultroute revision 53613
125184Sjkh#!/bin/sh - 225184Sjkh# 350472Speter# $FreeBSD: head/etc/rc.d/routing 53613 1999-11-23 00:26:03Z brian $ 425184Sjkh# From: @(#)netstart 5.9 (Berkeley) 3/30/91 525184Sjkh 651231Ssheldonh# Note that almost all of the user-configurable behavior is no longer in 751231Ssheldonh# this file, but rather in /etc/defaults/rc.conf. Please check that file 825184Sjkh# first before contemplating any changes here. If you do need to change 925184Sjkh# this file for some reason, we would like to know about it. 1025184Sjkh 1125184Sjkh# First pass startup stuff. 1251231Ssheldonh# 1325184Sjkhnetwork_pass1() { 1451231Ssheldonh echo -n 'Doing initial network setup:' 1525184Sjkh 1651231Ssheldonh # Set the host name if it is not already set 1751231Ssheldonh # 1851231Ssheldonh if [ -z "`hostname -s`" ]; then 1951231Ssheldonh hostname ${hostname} 2051231Ssheldonh echo -n ' hostname' 2151231Ssheldonh fi 2225184Sjkh 2351231Ssheldonh # Set the domainname if we're using NIS 2451231Ssheldonh # 2551231Ssheldonh case ${nisdomainname} in 2651231Ssheldonh [Nn][Oo] | '') 2751231Ssheldonh ;; 2851231Ssheldonh *) 2951231Ssheldonh domainname ${nisdomainname} 3051231Ssheldonh echo -n ' domain' 3151231Ssheldonh ;; 3251231Ssheldonh esac 3340006Sphk 3451231Ssheldonh echo '.' 3542621Shm 3651231Ssheldonh # Initial ATM interface configuration 3751231Ssheldonh # 3851231Ssheldonh case ${atm_enable} in 3951231Ssheldonh [Yy][Ee][Ss]) 4051231Ssheldonh if [ -r /etc/rc.atm ]; then 4151231Ssheldonh . /etc/rc.atm 4251231Ssheldonh atm_pass1 4351231Ssheldonh fi 4451231Ssheldonh ;; 4551231Ssheldonh esac 4642627Sjoerg 4751231Ssheldonh # ISDN subsystem startup 4851231Ssheldonh # 4951231Ssheldonh case ${isdn_enable} in 5051231Ssheldonh [Yy][Ee][Ss]) 5151231Ssheldonh if [ -r /etc/rc.isdn ]; then 5251231Ssheldonh . /etc/rc.isdn 5351231Ssheldonh fi 5451231Ssheldonh ;; 5551231Ssheldonh esac 5629300Sdanny 5751231Ssheldonh # Special options for sppp(4) interfaces go here. These need 5851231Ssheldonh # to go _before_ the general ifconfig section, since in the case 5951231Ssheldonh # of hardwired (no link1 flag) but required authentication, you 6051231Ssheldonh # cannot pass auth parameters down to the already running interface. 6151231Ssheldonh # 6251231Ssheldonh for ifn in ${sppp_interfaces}; do 6351231Ssheldonh eval spppcontrol_args=\$spppconfig_${ifn} 6451231Ssheldonh if [ -n "${spppcontrol_args}" ]; then 6551231Ssheldonh # The auth secrets might contain spaces; in order 6651231Ssheldonh # to retain the quotation, we need to eval them 6751231Ssheldonh # here. 6851231Ssheldonh eval spppcontrol ${ifn} ${spppcontrol_args} 6951231Ssheldonh fi 7051231Ssheldonh done 7149122Sbrian 7251231Ssheldonh # Set up all the network interfaces, calling startup scripts if needed 7351231Ssheldonh # 7451231Ssheldonh case ${network_interfaces} in 7551231Ssheldonh [Aa][Uu][Tt][Oo]) 7651231Ssheldonh network_interfaces="`ifconfig -l`" 7751231Ssheldonh ;; 7851231Ssheldonh esac 7949122Sbrian 8051231Ssheldonh for ifn in ${network_interfaces}; do 8151231Ssheldonh showstat=false 8251231Ssheldonh if [ -r /etc/start_if.${ifn} ]; then 8351231Ssheldonh . /etc/start_if.${ifn} 8451231Ssheldonh showstat=true 8551231Ssheldonh fi 8649122Sbrian 8751231Ssheldonh # Do the primary ifconfig if specified 8851231Ssheldonh # 8951231Ssheldonh eval ifconfig_args=\$ifconfig_${ifn} 9029300Sdanny 9151231Ssheldonh case ${ifconfig_args} in 9251231Ssheldonh '') 9351231Ssheldonh ;; 9451231Ssheldonh [Dd][Hh][Cc][Pp]) 9551231Ssheldonh ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} 9651231Ssheldonh showstat=true 9751231Ssheldonh ;; 9851231Ssheldonh *) 9951231Ssheldonh ifconfig ${ifn} ${ifconfig_args} 10051231Ssheldonh showstat=true 10151231Ssheldonh ;; 10251231Ssheldonh esac 10351231Ssheldonh 10451231Ssheldonh # Check to see if aliases need to be added 10551231Ssheldonh # 10651231Ssheldonh alias=0 10751231Ssheldonh while : ; do 10851231Ssheldonh eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} 10951231Ssheldonh if [ -n "${ifconfig_args}" ]; then 11051231Ssheldonh ifconfig ${ifn} ${ifconfig_args} alias 11151231Ssheldonh showstat=true 11251231Ssheldonh alias=`expr ${alias} + 1` 11351231Ssheldonh else 11451231Ssheldonh break; 11551231Ssheldonh fi 11651231Ssheldonh done 11751231Ssheldonh 11851231Ssheldonh # Do ipx address if specified 11951231Ssheldonh # 12051231Ssheldonh eval ifconfig_args=\$ifconfig_${ifn}_ipx 12151231Ssheldonh if [ -n "${ifconfig_args}" ]; then 12251231Ssheldonh ifconfig ${ifn} ${ifconfig_args} 12351231Ssheldonh showstat=true 12451231Ssheldonh fi 12551231Ssheldonh 12651231Ssheldonh case ${showstat} in 12751231Ssheldonh true) 12851231Ssheldonh ifconfig ${ifn} 12951231Ssheldonh ;; 13051231Ssheldonh esac 13151231Ssheldonh done 13251231Ssheldonh 13351231Ssheldonh # Warm up user ppp if required, must happen before natd. 13451231Ssheldonh # 13551231Ssheldonh case ${ppp_enable} in 13651231Ssheldonh [Yy][Ee][Ss]) 13751231Ssheldonh # Establish ppp mode. 13851231Ssheldonh # 13951231Ssheldonh if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ 14051231Ssheldonh -a "${ppp_mode}" != "dedicated" \ 14151231Ssheldonh -a "${ppp_mode}" != "background" ]; then 14251231Ssheldonh ppp_mode="auto"; 14351231Ssheldonh fi 14451231Ssheldonh 14551231Ssheldonh ppp_command="-${ppp_mode} "; 14651231Ssheldonh 14751231Ssheldonh # Switch on alias mode? 14851231Ssheldonh # 14951231Ssheldonh case ${ppp_nat} in 15051231Ssheldonh [Yy][Ee][Ss]) 15151231Ssheldonh ppp_command="${ppp_command} -nat"; 15251231Ssheldonh ;; 15351231Ssheldonh esac 15451231Ssheldonh 15551231Ssheldonh echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} 15651231Ssheldonh ;; 15751231Ssheldonh esac 15851231Ssheldonh 15951231Ssheldonh # Initialize IP filtering using ipfw 16051231Ssheldonh # 16151231Ssheldonh echo '' 16251231Ssheldonh 16351231Ssheldonh if /sbin/ipfw -q flush > /dev/null 2>&1; then 16451231Ssheldonh firewall_in_kernel=1 16529300Sdanny else 16651231Ssheldonh firewall_in_kernel=0 16729300Sdanny fi 16829300Sdanny 16951231Ssheldonh case ${firewall_enable} in 17051231Ssheldonh [Yy][Ee][Ss]) 17151231Ssheldonh if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then 17251231Ssheldonh firewall_in_kernel=1 17351231Ssheldonh echo "Kernel firewall module loaded." 17451231Ssheldonh elif [ "${firewall_in_kernel}" -eq 0 ]; then 17551231Ssheldonh echo "Warning: firewall kernel module failed to load." 17651231Ssheldonh fi 17751231Ssheldonh ;; 17851231Ssheldonh esac 17944992Sbrian 18051231Ssheldonh # Load the filters if required 18151231Ssheldonh # 18251231Ssheldonh case ${firewall_in_kernel} in 18351231Ssheldonh 1) 18451231Ssheldonh if [ -z "${firewall_script}" ]; then 18551231Ssheldonh firewall_script=/etc/rc.firewall 18644992Sbrian fi 18751231Ssheldonh 18851231Ssheldonh case ${firewall_enable} in 18951231Ssheldonh [Yy][Ee][Ss]) 19051426Sgreen if [ -r "${firewall_script}" ]; then 19151426Sgreen . "${firewall_script}" 19251231Ssheldonh echo -n 'Firewall rules loaded, starting divert daemons:' 19351231Ssheldonh 19451231Ssheldonh # Network Address Translation daemon 19551231Ssheldonh # 19651231Ssheldonh case ${natd_enable} in 19751231Ssheldonh [Yy][Ee][Ss]) 19851231Ssheldonh if [ -n "${natd_interface}" ]; then 19951231Ssheldonh if echo ${natd_interface} | \ 20051231Ssheldonh grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then 20151231Ssheldonh natd_ifarg="-a ${natd_interface}" 20251231Ssheldonh else 20351231Ssheldonh natd_ifarg="-n ${natd_interface}" 20451231Ssheldonh fi 20551231Ssheldonh 20651231Ssheldonh echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} 20751231Ssheldonh fi 20851231Ssheldonh ;; 20951231Ssheldonh esac 21051231Ssheldonh 21151231Ssheldonh echo '.' 21251231Ssheldonh 21351231Ssheldonh elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then 21451231Ssheldonh echo -n "Warning: kernel has firewall functionality, " 21551231Ssheldonh echo "but firewall rules are not enabled." 21651231Ssheldonh echo " All ip services are disabled." 21751231Ssheldonh fi 21851231Ssheldonh ;; 21951231Ssheldonh esac 22051231Ssheldonh ;; 22151231Ssheldonh esac 22251231Ssheldonh 22351231Ssheldonh # Additional ATM interface configuration 22451231Ssheldonh # 22551231Ssheldonh if [ -n "${atm_pass1_done}" ]; then 22651231Ssheldonh atm_pass2 22729300Sdanny fi 22825184Sjkh 22951231Ssheldonh # Configure routing 23051231Ssheldonh # 23151231Ssheldonh case ${defaultrouter} in 23251231Ssheldonh [Nn][Oo] | '') 23351231Ssheldonh ;; 23451231Ssheldonh *) 23551231Ssheldonh static_routes="default ${static_routes}" 23651231Ssheldonh route_default="default ${defaultrouter}" 23751231Ssheldonh ;; 23851231Ssheldonh esac 23940006Sphk 24051231Ssheldonh # Set up any static routes. This should be done before router discovery. 24151231Ssheldonh # 24251231Ssheldonh if [ -n "${static_routes}" ]; then 24351231Ssheldonh for i in ${static_routes}; do 24451231Ssheldonh eval route_args=\$route_${i} 24551231Ssheldonh route add ${route_args} 24651231Ssheldonh done 24751231Ssheldonh fi 24829300Sdanny 24951231Ssheldonh echo -n 'Additional routing options:' 25051231Ssheldonh case ${tcp_extensions} in 25151231Ssheldonh [Yy][Ee][Ss] | '') 25251231Ssheldonh ;; 25351231Ssheldonh *) 25451231Ssheldonh echo -n ' tcp extensions=NO' 25551231Ssheldonh sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 25651231Ssheldonh ;; 25751231Ssheldonh esac 25825184Sjkh 25951231Ssheldonh case ${icmp_bmcastecho} in 26051231Ssheldonh [Yy][Ee][Ss]) 26151231Ssheldonh echo -n ' broadcast ping responses=YES' 26251231Ssheldonh sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null 26351231Ssheldonh ;; 26451231Ssheldonh esac 26545096Simp 26651231Ssheldonh case ${icmp_drop_redirect} in 26751231Ssheldonh [Yy][Ee][Ss]) 26851231Ssheldonh echo -n ' ignore ICMP redirect=YES' 26951231Ssheldonh sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null 27051231Ssheldonh ;; 27151231Ssheldonh esac 27239267Sjkoshy 27351231Ssheldonh case ${icmp_log_redirect} in 27451231Ssheldonh [Yy][Ee][Ss]) 27551231Ssheldonh echo -n ' log ICMP redirect=YES' 27651231Ssheldonh sysctl -w net.inet.icmp.log_redirect=1 >/dev/null 27751231Ssheldonh ;; 27851231Ssheldonh esac 27933439Sguido 28051231Ssheldonh case ${gateway_enable} in 28151231Ssheldonh [Yy][Ee][Ss]) 28251231Ssheldonh echo -n ' IP gateway=YES' 28351231Ssheldonh sysctl -w net.inet.ip.forwarding=1 >/dev/null 28451231Ssheldonh ;; 28551231Ssheldonh esac 28633439Sguido 28751231Ssheldonh case ${forward_sourceroute} in 28851231Ssheldonh [Yy][Ee][Ss]) 28951231Ssheldonh echo -n ' do source routing=YES' 29051231Ssheldonh sysctl -w net.inet.ip.sourceroute=1 >/dev/null 29151231Ssheldonh ;; 29251231Ssheldonh esac 29347752Sphk 29451231Ssheldonh case ${accept_sourceroute} in 29551231Ssheldonh [Yy][Ee][Ss]) 29651231Ssheldonh echo -n ' accept source routing=YES' 29751231Ssheldonh sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 29851231Ssheldonh ;; 29951231Ssheldonh esac 30051209Sdes 30151231Ssheldonh case ${tcp_keepalive} in 30251231Ssheldonh [Yy][Ee][Ss]) 30351231Ssheldonh echo -n ' TCP keepalive=YES' 30451231Ssheldonh sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null 30551231Ssheldonh ;; 30651231Ssheldonh esac 30751209Sdes 30851231Ssheldonh case ${tcp_restrict_rst} in 30951231Ssheldonh [Yy][Ee][Ss]) 31051231Ssheldonh echo -n ' restrict TCP reset=YES' 31151231Ssheldonh sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null 31251231Ssheldonh ;; 31351231Ssheldonh esac 31436174Sjkh 31551231Ssheldonh case ${tcp_drop_synfin} in 31651231Ssheldonh [Yy][Ee][Ss]) 31751231Ssheldonh echo -n ' drop SYN+FIN packets=YES' 31851231Ssheldonh sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null 31951231Ssheldonh ;; 32051231Ssheldonh esac 32136174Sjkh 32251231Ssheldonh case ${ipxgateway_enable} in 32351231Ssheldonh [Yy][Ee][Ss]) 32451231Ssheldonh echo -n ' IPX gateway=YES' 32551231Ssheldonh sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 32651231Ssheldonh ;; 32751231Ssheldonh esac 32851231Ssheldonh 32951231Ssheldonh case ${arpproxy_all} in 33051231Ssheldonh [Yy][Ee][Ss]) 33151231Ssheldonh echo -n ' ARP proxyall=YES' 33251231Ssheldonh sysctl -w net.link.ether.inet.proxyall=1 >/dev/null 33351231Ssheldonh ;; 33451231Ssheldonh esac 33551231Ssheldonh echo '.' 33651231Ssheldonh 33751231Ssheldonh echo -n 'routing daemons:' 33851231Ssheldonh case ${router_enable} in 33951231Ssheldonh [Yy][Ee][Ss]) 34051231Ssheldonh echo -n " ${router}"; ${router} ${router_flags} 34151231Ssheldonh ;; 34251231Ssheldonh esac 34351231Ssheldonh 34451231Ssheldonh case ${ipxrouted_enable} in 34551231Ssheldonh [Yy][Ee][Ss]) 34651231Ssheldonh echo -n ' IPXrouted' 34751231Ssheldonh IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 34851231Ssheldonh ;; 34951231Ssheldonh esac 35051231Ssheldonh 35151231Ssheldonh case ${mrouted_enable} in 35251231Ssheldonh [Yy][Ee][Ss]) 35351231Ssheldonh echo -n ' mrouted'; mrouted ${mrouted_flags} 35451231Ssheldonh ;; 35551231Ssheldonh esac 35651231Ssheldonh 35751231Ssheldonh case ${rarpd_enable} in 35851231Ssheldonh [Yy][Ee][Ss]) 35951231Ssheldonh echo -n ' rarpd'; rarpd ${rarpd_flags} 36051231Ssheldonh ;; 36151231Ssheldonh esac 36251231Ssheldonh echo '.' 36351231Ssheldonh 36451231Ssheldonh # Let future generations know we made it. 36551231Ssheldonh # 36651231Ssheldonh network_pass1_done=YES 36725184Sjkh} 36825184Sjkh 36925184Sjkhnetwork_pass2() { 37051231Ssheldonh echo -n 'Doing additional network setup:' 37151231Ssheldonh case ${named_enable} in 37251231Ssheldonh [Yy][Ee][Ss]) 37351231Ssheldonh echo -n ' named'; ${named_program:-named} ${named_flags} 37451231Ssheldonh ;; 37551231Ssheldonh esac 37625184Sjkh 37751231Ssheldonh case ${ntpdate_enable} in 37851231Ssheldonh [Yy][Ee][Ss]) 37951231Ssheldonh echo -n ' ntpdate' 38051231Ssheldonh ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 38151231Ssheldonh ;; 38251231Ssheldonh esac 38325184Sjkh 38451231Ssheldonh case ${xntpd_enable} in 38551231Ssheldonh [Yy][Ee][Ss]) 38651231Ssheldonh echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} 38751231Ssheldonh ;; 38851231Ssheldonh esac 38925184Sjkh 39051231Ssheldonh case ${timed_enable} in 39151231Ssheldonh [Yy][Ee][Ss]) 39251231Ssheldonh echo -n ' timed'; timed ${timed_flags} 39351231Ssheldonh ;; 39451231Ssheldonh esac 39525184Sjkh 39651231Ssheldonh case ${portmap_enable} in 39751231Ssheldonh [Yy][Ee][Ss]) 39851231Ssheldonh echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} 39951231Ssheldonh ;; 40051231Ssheldonh esac 40125184Sjkh 40251231Ssheldonh # Start ypserv if we're an NIS server. 40351231Ssheldonh # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. 40451231Ssheldonh # 40551231Ssheldonh case ${nis_server_enable} in 40651231Ssheldonh [Yy][Ee][Ss]) 40751231Ssheldonh echo -n ' ypserv'; ypserv ${nis_server_flags} 40825184Sjkh 40951231Ssheldonh case ${nis_ypxfrd_enable} in 41051231Ssheldonh [Yy][Ee][Ss]) 41151231Ssheldonh echo -n ' rpc.ypxfrd' 41251231Ssheldonh rpc.ypxfrd ${nis_ypxfrd_flags} 41351231Ssheldonh ;; 41451231Ssheldonh esac 41525184Sjkh 41651231Ssheldonh case ${nis_yppasswdd_enable} in 41751231Ssheldonh [Yy][Ee][Ss]) 41851231Ssheldonh echo -n ' rpc.yppasswdd' 41951231Ssheldonh rpc.yppasswdd ${nis_yppasswdd_flags} 42051231Ssheldonh ;; 42151231Ssheldonh esac 42251231Ssheldonh ;; 42351231Ssheldonh esac 42435149Smarkm 42551231Ssheldonh # Start ypbind if we're an NIS client 42651231Ssheldonh # 42751231Ssheldonh case ${nis_client_enable} in 42851231Ssheldonh [Yy][Ee][Ss]) 42951231Ssheldonh echo -n ' ypbind'; ypbind ${nis_client_flags} 43051231Ssheldonh case ${nis_ypset_enable} in 43151231Ssheldonh [Yy][Ee][Ss]) 43251231Ssheldonh echo -n ' ypset'; ypset ${nis_ypset_flags} 43351231Ssheldonh ;; 43451231Ssheldonh esac 43551231Ssheldonh ;; 43651231Ssheldonh esac 43740006Sphk 43851231Ssheldonh # Start keyserv if we are running Secure RPC 43951231Ssheldonh # 44051231Ssheldonh case ${keyserv_enable} in 44151231Ssheldonh [Yy][Ee][Ss]) 44251231Ssheldonh echo -n ' keyserv'; keyserv ${keyserv_flags} 44351231Ssheldonh ;; 44451231Ssheldonh esac 44551231Ssheldonh 44651231Ssheldonh # Start ypupdated if we are running Secure RPC and we are NIS master 44751231Ssheldonh # 44851231Ssheldonh case ${rpc_ypupdated_enable} in 44951231Ssheldonh [Yy][Ee][Ss]) 45051231Ssheldonh echo -n ' rpc.ypupdated'; rpc.ypupdated 45151231Ssheldonh ;; 45251231Ssheldonh esac 45351231Ssheldonh 45451231Ssheldonh # Start ATM daemons 45551231Ssheldonh if [ -n "${atm_pass2_done}" ]; then 45651231Ssheldonh atm_pass3 45751231Ssheldonh fi 45851231Ssheldonh 45951231Ssheldonh echo '.' 46051231Ssheldonh network_pass2_done=YES 46125184Sjkh} 46225184Sjkh 46325184Sjkhnetwork_pass3() { 46451231Ssheldonh echo -n 'Starting final network daemons:' 46525184Sjkh 46651231Ssheldonh case ${nfs_server_enable} in 46751231Ssheldonh [Yy][Ee][Ss]) 46851231Ssheldonh if [ -r /etc/exports ]; then 46951231Ssheldonh echo -n ' mountd' 47051231Ssheldonh 47151231Ssheldonh case ${weak_mountd_authentication} in 47251231Ssheldonh [Yy][Ee][Ss]) 47351231Ssheldonh mountd_flags="-n" 47451231Ssheldonh ;; 47551231Ssheldonh esac 47651231Ssheldonh 47751231Ssheldonh mountd ${mountd_flags} 47851231Ssheldonh 47951231Ssheldonh case ${nfs_reserved_port_only} in 48051231Ssheldonh [Yy][Ee][Ss]) 48151231Ssheldonh echo -n ' NFS on reserved port only=YES' 48251231Ssheldonh sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 48351231Ssheldonh ;; 48451231Ssheldonh esac 48551231Ssheldonh 48651231Ssheldonh echo -n ' nfsd'; nfsd ${nfs_server_flags} 48751231Ssheldonh 48851231Ssheldonh case ${rpc_lockd_enable} in 48951231Ssheldonh [Yy][Ee][Ss]) 49051231Ssheldonh echo -n ' rpc.lockd'; rpc.lockd 49151231Ssheldonh ;; 49251231Ssheldonh esac 49351231Ssheldonh 49451231Ssheldonh case ${rpc_statd_enable} in 49551231Ssheldonh [Yy][Ee][Ss]) 49651231Ssheldonh echo -n ' rpc.statd'; rpc.statd 49751231Ssheldonh ;; 49851231Ssheldonh esac 49951231Ssheldonh fi 50051231Ssheldonh ;; 50153158Sache *) 50253158Sache case ${single_mountd_enable} in 50353158Sache [Yy][Ee][Ss]) 50453158Sache if [ -r /etc/exports ]; then 50553158Sache echo -n ' mountd' 50653158Sache 50753158Sache case ${weak_mountd_authentication} in 50853158Sache [Yy][Ee][Ss]) 50953158Sache mountd_flags="-n" 51053158Sache ;; 51153158Sache esac 51253158Sache 51353158Sache mountd ${mountd_flags} 51453158Sache fi 51553158Sache ;; 51653158Sache esac 51753158Sache ;; 51851231Ssheldonh esac 51951231Ssheldonh 52051231Ssheldonh case ${nfs_client_enable} in 52151231Ssheldonh [Yy][Ee][Ss]) 52251231Ssheldonh echo -n ' nfsiod'; nfsiod ${nfs_client_flags} 52351231Ssheldonh if [ -n "${nfs_access_cache}" ]; then 52447755Sbde echo -n " NFS access cache time=${nfs_access_cache}" 52541371Sjkoshy sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ 52651231Ssheldonh >/dev/null 52751231Ssheldonh fi 52851231Ssheldonh ;; 52951231Ssheldonh esac 53025184Sjkh 53151231Ssheldonh case ${amd_enable} in 53251231Ssheldonh [Yy][Ee][Ss]) 53351231Ssheldonh echo -n ' amd' 53451231Ssheldonh case ${amd_map_program} in 53551231Ssheldonh [Nn][Oo] | '') 53651231Ssheldonh ;; 53751231Ssheldonh *) 53851231Ssheldonh amd_flags="${amd_flags} `eval ${amd_map_program}`" 53951231Ssheldonh ;; 54051231Ssheldonh esac 54125184Sjkh 54251231Ssheldonh if [ -n "${amd_flags}" ]; then 54351231Ssheldonh amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null 54451231Ssheldonh else 54551231Ssheldonh amd 2> /dev/null 54651231Ssheldonh fi 54751231Ssheldonh ;; 54851231Ssheldonh esac 54925184Sjkh 55051231Ssheldonh case ${rwhod_enable} in 55151231Ssheldonh [Yy][Ee][Ss]) 55251231Ssheldonh echo -n ' rwhod'; rwhod ${rwhod_flags} 55351231Ssheldonh ;; 55451231Ssheldonh esac 55551231Ssheldonh 55651231Ssheldonh # Kerberos runs ONLY on the Kerberos server machine 55751231Ssheldonh case ${kerberos_server_enable} in 55851231Ssheldonh [Yy][Ee][Ss]) 55951231Ssheldonh case ${kerberos_stash} in 56051231Ssheldonh [Yy][Ee][Ss]) 56151231Ssheldonh stash_flag=-n 56251231Ssheldonh ;; 56351231Ssheldonh *) 56451231Ssheldonh stash_flag= 56551231Ssheldonh ;; 56651231Ssheldonh esac 56751231Ssheldonh 56851231Ssheldonh echo -n ' kerberos' 56938316Sphk kerberos ${stash_flag} >> /var/log/kerberos.log & 57051231Ssheldonh 57151231Ssheldonh case ${kadmind_server_enable} in 57251231Ssheldonh [Yy][Ee][Ss]) 57351231Ssheldonh echo -n ' kadmind' 57451231Ssheldonh (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & 57551231Ssheldonh ;; 57651231Ssheldonh esac 57751231Ssheldonh unset stash_flag 57851231Ssheldonh ;; 57951231Ssheldonh esac 58051231Ssheldonh 58153611Sbrian case ${pppoed_enable} in 58253611Sbrian [Yy][Ee][Ss]) 58353613Sbrian if [ -n "${pppoed_provider}" ]; then 58453611Sbrian pppoed_flags="${pppoed_flags} -p ${pppoed_provider}" 58553611Sbrian fi 58653611Sbrian echo -n ' pppoed'; 58753611Sbrian /usr/libexec/pppoed ${pppoed_flags} ${pppoed_interface} 58853611Sbrian ;; 58953611Sbrian esac 59053611Sbrian 59151231Ssheldonh echo '.' 59251231Ssheldonh network_pass3_done=YES 59325184Sjkh} 59453314Sache 59553314Sachenetwork_pass4() { 59653314Sache echo -n 'Additional TCP options:' 59753314Sache case ${log_in_vain} in 59853314Sache [Nn][Oo] | '') 59953314Sache ;; 60053314Sache *) 60153314Sache echo -n ' log_in_vain=YES' 60253314Sache sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null 60353314Sache sysctl -w net.inet.udp.log_in_vain=1 >/dev/null 60453314Sache ;; 60553314Sache esac 60653314Sache 60753314Sache echo '.' 60853314Sache network_pass4_done=YES 60953314Sache} 610