defaultroute revision 35149
1267265Sjilles#!/bin/sh - 2267265Sjilles# 3267265Sjilles# $Id$ 4267265Sjilles# From: @(#)netstart 5.9 (Berkeley) 3/30/91 5267265Sjilles 6267265Sjilles# Note that almost all the user-configurable behavior is no longer in 7267265Sjilles# this file, but rather in /etc/rc.conf. Please check that file 8267265Sjilles# first before contemplating any changes here. If you do need to change 9267265Sjilles# this file for some reason, we would like to know about it. 10267265Sjilles 11267265Sjilles# First pass startup stuff. 12267265Sjilles 13267265Sjillesnetwork_pass1() { 14267265Sjilles echo -n 'Doing initial network setup:' 15267265Sjilles # Set the host name if it is not already set 16267265Sjilles if [ -z "`hostname -s`" ] ; then 17267265Sjilles hostname $hostname 18267265Sjilles echo -n ' hostname' 19267265Sjilles fi 20267265Sjilles 21267265Sjilles # Set the domainname if we're using NIS 22267265Sjilles if [ -n "$nisdomainname" -a "x$nisdomainname" != "xNO" ] ; then 23267265Sjilles domainname $nisdomainname 24267265Sjilles echo -n ' domain' 25267265Sjilles fi 26267265Sjilles echo '.' 27267265Sjilles 28267265Sjilles # Set up all the network interfaces, calling startup scripts if needed 29267265Sjilles for ifn in ${network_interfaces}; do 30267265Sjilles if [ -e /etc/start_if.${ifn} ]; then 31267265Sjilles . /etc/start_if.${ifn} 32267265Sjilles fi 33267265Sjilles # Do the primary ifconfig if specified 34267265Sjilles eval ifconfig_args=\$ifconfig_${ifn} 35267265Sjilles if [ -n "${ifconfig_args}" ] ; then 36267265Sjilles ifconfig ${ifn} ${ifconfig_args} 37267265Sjilles fi 38267265Sjilles # Check to see if aliases need to be added 39267265Sjilles alias=0 40267265Sjilles while : 41267265Sjilles do 42267265Sjilles eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} 43267265Sjilles if [ -n "${ifconfig_args}" ]; then 44267265Sjilles ifconfig ${ifn} ${ifconfig_args} alias 45267265Sjilles alias=`expr ${alias} + 1` 46267265Sjilles else 47267265Sjilles break; 48267265Sjilles fi 49267265Sjilles done 50267265Sjilles # Do ipx address if specified 51267265Sjilles eval ifconfig_args=\$ifconfig_${ifn}_ipx 52267265Sjilles if [ -n "${ifconfig_args}" ]; then 53267265Sjilles ifconfig ${ifn} ${ifconfig_args} 54267265Sjilles fi 55267265Sjilles ifconfig ${ifn} 56267265Sjilles done 57267265Sjilles 58267265Sjilles # Initialize IP filtering using ipfw 59267265Sjilles echo "" 60267265Sjilles /sbin/ipfw -q flush > /dev/null 2>&1 61267265Sjilles if [ $? = 0 ] ; then 62267265Sjilles firewall_in_kernel=1 63267265Sjilles else 64267265Sjilles firewall_in_kernel=0 65267265Sjilles fi 66267265Sjilles 67267265Sjilles if [ $firewall_in_kernel = 0 -a "x$firewall_enable" = "xYES" ] ; then 68267265Sjilles modload /lkm/ipfw_mod.o 69267265Sjilles if [ $? = 0 ]; then 70267265Sjilles firewall_in_kernel=1 # module loaded successfully 71267265Sjilles echo "Kernel firewall module loaded." 72267265Sjilles else 73267265Sjilles echo "Warning: firewall kernel module failed to load." 74267265Sjilles fi 75267265Sjilles fi 76267265Sjilles 77267265Sjilles # Load the filters if required 78267265Sjilles if [ $firewall_in_kernel = 1 ]; then 79267265Sjilles if [ -n "$firewall_enable" -a -f /etc/rc.firewall -a \ 80267265Sjilles "x$firewall_enable" = "xYES" ] ; then 81267265Sjilles . /etc/rc.firewall 82267265Sjilles echo "Firewall rules loaded." 83267265Sjilles else 84267265Sjilles IPFW_DEFAULT=`ipfw l 65535` 85267265Sjilles if [ "$IPFW_DEFAULT" = "65535 deny ip from any to any" ]; then 86267265Sjilles echo -n "Warning: kernel has firewall functionality, " 87267265Sjilles echo "but firewall rules are not enabled." 88267265Sjilles echo " All ip services are disabled." 89267265Sjilles fi 90267265Sjilles fi 91267265Sjilles fi 92267265Sjilles 93267265Sjilles # Configure routing 94267265Sjilles 95267265Sjilles if [ "x$defaultrouter" != "xNO" ] ; then 96267265Sjilles static_routes="default ${static_routes}" 97267265Sjilles route_default="default ${defaultrouter}" 98267265Sjilles fi 99267265Sjilles 100267265Sjilles # Set up any static routes. This should be done before router discovery. 101267265Sjilles if [ "x${static_routes}" != "x" ]; then 102267265Sjilles for i in ${static_routes}; do 103267265Sjilles eval route_args=\$route_${i} 104267265Sjilles route add ${route_args} 105267265Sjilles done 106267265Sjilles fi 107267265Sjilles 108267265Sjilles echo -n 'Additional routing options:' 109267265Sjilles if [ -n "$tcp_extensions" -a "x$tcp_extensions" != "xYES" ] ; then 110267265Sjilles echo -n ' tcp extensions=NO' 111267265Sjilles sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 2>&1 112267265Sjilles sysctl -w net.inet.tcp.rfc1644=0 >/dev/null 2>&1 113267265Sjilles fi 114267265Sjilles 115267265Sjilles if [ "X$gateway_enable" = X"YES" ]; then 116267265Sjilles echo -n ' IP gateway=YES' 117267265Sjilles sysctl -w net.inet.ip.forwarding=1 >/dev/null 2>&1 118267265Sjilles fi 119267265Sjilles 120267265Sjilles if [ "X$forward_sourceroute" = X"YES" ]; then 121267265Sjilles echo -n ' do source routing=YES' 122267265Sjilles sysctl -w net.inet.ip.sourceroute=1 >/dev/null 2>&1 123267265Sjilles fi 124267265Sjilles 125267265Sjilles if [ "X$accept_sourceroute" = X"YES" ]; then 126267265Sjilles echo -n ' accept source routing=YES' 127267265Sjilles sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 2>&1 128267265Sjilles fi 129267265Sjilles 130267265Sjilles if [ "X$router_enable" = X"YES" ]; then 131267265Sjilles echo -n " ${router}"; ${router} ${router_flags} 132267265Sjilles fi 133267265Sjilles 134267265Sjilles if [ "X$ipxgateway_enable" = X"YES" ]; then 135267265Sjilles echo -n ' IPX gateway=YES' 136267265Sjilles sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 2>&1 137267265Sjilles fi 138267265Sjilles 139267265Sjilles if [ "X$ipxrouted_enable" = X"YES" ]; then 140267265Sjilles echo -n ' IPXrouted: ' 141267265Sjilles IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 142267265Sjilles fi 143267265Sjilles 144267265Sjilles if [ "X$arpproxy_all" = X"YES" ]; then 145267265Sjilles echo -n ' enabling ARP_PROXY_ALL: ' 146267265Sjilles sysctl -w net.link.ether.inet.proxyall=1 2>&1 147267265Sjilles fi 148267265Sjilles if [ "X$rarpd_enable" = X"YES" ]; then 149267265Sjilles echo -n ' rarpd'; rarpd ${rarpd_flags} 150267265Sjilles fi 151267265Sjilles 152267265Sjilles echo '.' 153267265Sjilles network_pass1_done=YES # Let future generations know we made it. 154267265Sjilles} 155267265Sjilles 156267265Sjillesnetwork_pass2() { 157267265Sjilles echo -n 'Doing additional network setup:' 158267265Sjilles if [ "X${named_enable}" = X"YES" ]; then 159267265Sjilles echo -n ' named'; ${named_program-"named"} ${named_flags} 160267265Sjilles fi 161267265Sjilles 162267265Sjilles if [ "X${ntpdate_enable}" = X"YES" ]; then 163267265Sjilles echo -n ' ntpdate'; ntpdate ${ntpdate_flags} >/dev/null 2>&1 164267265Sjilles fi 165267265Sjilles 166267265Sjilles if [ "X${xntpd_enable}" = X"YES" ]; then 167267265Sjilles echo -n ' xntpd'; xntpd ${xntpd_flags} 168267265Sjilles fi 169267265Sjilles 170267265Sjilles if [ "X${timed_enable}" = X"YES" ]; then 171267265Sjilles echo -n ' timed'; timed ${timed_flags} 172267265Sjilles fi 173267265Sjilles 174267265Sjilles if [ "X${portmap_enable}" = X"YES" ]; then 175267265Sjilles echo -n ' portmap'; portmap ${portmap_flags} 176267265Sjilles fi 177267265Sjilles 178267265Sjilles # Start ypserv if we're an NIS server. 179267265Sjilles # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. 180267265Sjilles if [ "X${nis_server_enable}" = X"YES" ]; then 181267265Sjilles echo -n ' ypserv'; ypserv ${nis_server_flags} 182267265Sjilles 183267265Sjilles if [ "X${nis_ypxfrd_enable}" = X"YES" ]; then 184267265Sjilles echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} 185267265Sjilles fi 186267265Sjilles 187267265Sjilles if [ "X${nis_yppasswdd_enable}" = X"YES" ]; then 188267265Sjilles echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} 189267265Sjilles fi 190267265Sjilles fi 191267265Sjilles 192267265Sjilles # Start ypbind if we're an NIS client 193267265Sjilles if [ "X${nis_client_enable}" = X"YES" ]; then 194267265Sjilles echo -n ' ypbind'; ypbind ${nis_client_flags} 195267265Sjilles if [ "X${nis_ypset_enable}" = X"YES" ]; then 196267265Sjilles echo -n ' ypset'; ypset ${nis_ypset_flags} 197267265Sjilles fi 198267265Sjilles fi 199267265Sjilles 200267265Sjilles # Start keyserv if we are running Secure RPC 201267265Sjilles if [ "X${keyserv_enable}" = X"YES" ]; then 202267265Sjilles echo -n ' keyserv'; keyserv ${keyserv_flags} 203267265Sjilles fi 204267265Sjilles # Start ypupdated if we are running Secure RPC and we are NIS master 205267265Sjilles if [ "X$rpc_ypupdated_enable" = X"YES" ]; then 206267265Sjilles echo -n ' rpc.ypupdated'; rpc.ypupdated 207267265Sjilles fi 208267265Sjilles 209267265Sjilles echo '.' 210267265Sjilles network_pass2_done=YES 211267265Sjilles} 212267265Sjilles 213267265Sjillesnetwork_pass3() { 214267265Sjilles echo -n 'Starting final network daemons:' 215267265Sjilles 216267265Sjilles if [ "X${nfs_server_enable}" = X"YES" -a -r /etc/exports ]; then 217267265Sjilles echo -n ' mountd' 218267265Sjilles if [ "X${weak_mountd_authentication}" = X"YES" ]; then 219267265Sjilles mountd_flags="-n" 220267265Sjilles fi 221267265Sjilles mountd ${mountd_flags} 222267265Sjilles if [ "X${nfs_reserved_port_only}" = X"YES" ]; then 223267265Sjilles echo -n ' nfsprivport=YES' 224267265Sjilles sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 2>&1 225267265Sjilles fi 226267265Sjilles echo -n ' nfsd'; nfsd ${nfs_server_flags} 227267265Sjilles if [ "X$rpc_lockd_enable" = X"YES" ]; then 228267265Sjilles echo -n ' rpc.lockd'; rpc.lockd 229267265Sjilles fi 230267265Sjilles if [ "X$rpc_statd_enable" = X"YES" ]; then 231267265Sjilles echo -n ' rpc.statd'; rpc.statd 232267265Sjilles fi 233267265Sjilles fi 234267265Sjilles 235267265Sjilles if [ "X${nfs_client_enable}" = X"YES" ]; then 236267265Sjilles echo -n ' nfsiod'; nfsiod ${nfs_client_flags} 237267265Sjilles fi 238267265Sjilles 239267265Sjilles if [ "X${amd_enable}" = X"YES" ]; then 240267265Sjilles echo -n ' amd' 241267265Sjilles amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null 242267265Sjilles fi 243267265Sjilles 244267265Sjilles if [ "X${rwhod_enable}" = X"YES" ]; then 245267265Sjilles echo -n ' rwhod'; rwhod 246267265Sjilles fi 247267265Sjilles 248267265Sjilles # Kerberos runs ONLY on the Kerberos server machine 249267265Sjilles if [ "X${kerberos_server_enable}" = X"YES" ]; then 250267265Sjilles if [ "X${kerberos_stash}" = "XYES" ]; then 251267265Sjilles stash_flag=-n 252267265Sjilles else 253267265Sjilles stash_flag= 254267265Sjilles fi 255267265Sjilles echo -n ' kerberos'; \ 256267265Sjilles kerberos ${stash_flags} >> /var/log/kerberos.log & 257267265Sjilles if [ "X${kadmind_server_enable}" = "XYES" ]; then 258267265Sjilles echo -n ' kadmind'; \ 259267265Sjilles (sleep 20; kadmind ${stash_flags} >/dev/null 2>&1 &) & 260267265Sjilles fi 261267265Sjilles unset stash_flag 262267265Sjilles fi 263267265Sjilles 264267265Sjilles # IP multicast routing daemon 265267265Sjilles if [ "X${mrouted_enable}" = X"YES" ]; then 266267265Sjilles echo -n ' mrouted'; mrouted ${mrouted_flags} 267267265Sjilles fi 268267265Sjilles echo '.' 269267265Sjilles network_pass3_done=YES 270267265Sjilles} 271267265Sjilles