defaultroute revision 49110
1193323Sed#!/bin/sh - 2193323Sed# 3193323Sed# $Id: rc.network,v 1.50 1999/07/16 09:26:52 jkh Exp $ 4193323Sed# From: @(#)netstart 5.9 (Berkeley) 3/30/91 5193323Sed 6193323Sed# Note that almost all the user-configurable behavior is no longer in 7193323Sed# this file, but rather in /etc/rc.conf. Please check that file 8193323Sed# first before contemplating any changes here. If you do need to change 9193323Sed# this file for some reason, we would like to know about it. 10193323Sed 11193323Sed# First pass startup stuff. 12193323Sed 13193323Sednetwork_pass1() { 14193323Sed echo -n 'Doing initial network setup:' 15193323Sed # Set the host name if it is not already set 16193323Sed if [ -z "`hostname -s`" ] ; then 17193323Sed hostname $hostname 18193323Sed echo -n ' hostname' 19193323Sed fi 20193323Sed 21193323Sed # Set the domainname if we're using NIS 22193323Sed if [ -n "$nisdomainname" -a "x$nisdomainname" != "xNO" ] ; then 23193323Sed domainname $nisdomainname 24193323Sed echo -n ' domain' 25193323Sed fi 26199481Srdivacky echo '.' 27199481Srdivacky 28199481Srdivacky # Initial ATM interface configuration 29199481Srdivacky if [ "X${atm_enable}" = X"YES" -a -f /etc/rc.atm ]; then 30199481Srdivacky . /etc/rc.atm 31193323Sed atm_pass1 32193323Sed fi 33193323Sed 34193323Sed # ISDN subsystem startup 35193323Sed if [ "X${isdn_enable}" = X"YES" -a -f /etc/rc.isdn ]; then 36193323Sed . /etc/rc.isdn 37193323Sed fi 38193323Sed 39193323Sed # Special options for sppp(4) interfaces go here. These need 40193323Sed # to go _before_ the general ifconfig section, since in the case 41193323Sed # of hardwired (no link1 flag) but required authentication, you 42193323Sed # cannot pass auth parameters down to the already running interface. 43193323Sed for ifn in ${sppp_interfaces}; do 44205218Srdivacky eval spppcontrol_args=\$spppconfig_${ifn} 45193323Sed if [ -n "${spppcontrol_args}" ] ; then 46198090Srdivacky # The auth secrets might contain spaces; in order 47193323Sed # to retain the quotation, we need to eval them 48193323Sed # here. 49193323Sed eval spppcontrol ${ifn} ${spppcontrol_args} 50198090Srdivacky fi 51198090Srdivacky done 52193323Sed 53195340Sed # Set up all the network interfaces, calling startup scripts if needed 54193323Sed if [ "x${network_interfaces}" = "xauto" ]; then 55204642Srdivacky network_interfaces="`ifconfig -l`" 56193323Sed fi 57193323Sed for ifn in ${network_interfaces}; do 58193323Sed showstat=false 59193323Sed if [ -e /etc/start_if.${ifn} ]; then 60193323Sed . /etc/start_if.${ifn} 61193323Sed showstat=true 62193323Sed fi 63193323Sed # Do the primary ifconfig if specified 64193323Sed eval ifconfig_args=\$ifconfig_${ifn} 65193323Sed if [ -n "${ifconfig_args}" ] ; then 66198892Srdivacky # See if we are using DHCP 67193323Sed if [ X"${ifconfig_args}" = X"DHCP" ]; then 68198090Srdivacky ${dhcp_program} ${dhcp_flags} ${ifn} 69193323Sed else 70193323Sed ifconfig ${ifn} ${ifconfig_args} 71193323Sed fi 72193323Sed showstat=true 73193323Sed fi 74193323Sed # Check to see if aliases need to be added 75198090Srdivacky alias=0 76198090Srdivacky while : 77193323Sed do 78193323Sed eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} 79193323Sed if [ -n "${ifconfig_args}" ]; then 80198090Srdivacky ifconfig ${ifn} ${ifconfig_args} alias 81198090Srdivacky showstat=true 82193323Sed alias=`expr ${alias} + 1` 83193323Sed else 84193323Sed break; 85193323Sed fi 86193323Sed done 87198090Srdivacky # Do ipx address if specified 88193323Sed eval ifconfig_args=\$ifconfig_${ifn}_ipx 89193323Sed if [ -n "${ifconfig_args}" ]; then 90193323Sed ifconfig ${ifn} ${ifconfig_args} 91199481Srdivacky showstat=true 92199481Srdivacky fi 93193323Sed if [ "${showstat}" = "true" ] 94193323Sed then 95198090Srdivacky ifconfig ${ifn} 96193323Sed fi 97198090Srdivacky done 98198090Srdivacky 99199481Srdivacky # Initialize IP filtering using ipfw 100193323Sed echo "" 101193323Sed /sbin/ipfw -q flush > /dev/null 2>&1 102193323Sed if [ $? = 0 ] ; then 103193323Sed firewall_in_kernel=1 104193323Sed else 105193323Sed firewall_in_kernel=0 106193323Sed fi 107193323Sed 108193323Sed if [ $firewall_in_kernel = 0 -a "x$firewall_enable" = "xYES" ] ; then 109193323Sed if kldload ipfw; then 110193323Sed firewall_in_kernel=1 # module loaded successfully 111193323Sed echo "Kernel firewall module loaded." 112198090Srdivacky else 113193323Sed echo "Warning: firewall kernel module failed to load." 114201360Srdivacky fi 115193323Sed fi 116193323Sed 117198090Srdivacky # Load the filters if required 118198090Srdivacky if [ $firewall_in_kernel = 1 ]; then 119193323Sed if [ -z "${firewall_script}" ] ; then 120193323Sed firewall_script="/etc/rc.firewall" 121193323Sed fi 122193323Sed if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then 123193323Sed . ${firewall_script} 124198090Srdivacky echo -n 'Firewall rules loaded, starting divert daemons:' 125193323Sed 126193323Sed # Network Address Translation daemon 127193323Sed if [ X"${natd_enable}" = X"YES" -a -n "${natd_interface}" ]; then 128193323Sed if echo ${natd_interface} | \ 129193323Sed grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then 130193323Sed natd_ifarg="-a ${natd_interface}" 131193323Sed else 132198090Srdivacky natd_ifarg="-n ${natd_interface}" 133193323Sed fi 134193323Sed echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} 135193323Sed fi 136204961Srdivacky echo '.' 137198090Srdivacky else 138198090Srdivacky IPFW_DEFAULT=`ipfw l 65535` 139198090Srdivacky if [ "$IPFW_DEFAULT" = "65535 deny ip from any to any" ]; then 140198090Srdivacky echo -n "Warning: kernel has firewall functionality, " 141198090Srdivacky echo "but firewall rules are not enabled." 142198090Srdivacky echo " All ip services are disabled." 143198090Srdivacky fi 144198090Srdivacky fi 145210299Sed fi 146210299Sed 147210299Sed # Warm up user ppp if required. 148210299Sed if [ "X$ppp_enable" = X"YES" ]; then 149210299Sed # Establish ppp mode. 150198090Srdivacky if [ "X$ppp_mode" != X"ddial" -a "X$ppp_mode" != X"direct" \ 151198090Srdivacky -a "X$ppp_mode" != X"dedicated" ]; then \ 152198090Srdivacky ppp_mode="auto"; 153198090Srdivacky fi 154204642Srdivacky ppp_command="-${ppp_mode} "; 155204642Srdivacky 156204642Srdivacky # Switch on alias mode? 157204642Srdivacky if [ "X$ppp_alias" = X"YES" ]; then 158204642Srdivacky ppp_command="${ppp_command} -alias"; 159198090Srdivacky fi 160198090Srdivacky 161198090Srdivacky echo -n 'Starting ppp: '; ppp ${ppp_command} ${ppp_profile} 162198090Srdivacky fi 163198090Srdivacky 164198090Srdivacky # Additional ATM interface configuration 165198090Srdivacky if [ -n "${atm_pass1_done}" ]; then 166198090Srdivacky atm_pass2 167198090Srdivacky fi 168198090Srdivacky 169198090Srdivacky # Configure routing 170198090Srdivacky 171204642Srdivacky if [ "x$defaultrouter" != "xNO" ] ; then 172204642Srdivacky static_routes="default ${static_routes}" 173204642Srdivacky route_default="default ${defaultrouter}" 174204642Srdivacky fi 175204642Srdivacky 176204642Srdivacky # Set up any static routes. This should be done before router discovery. 177204642Srdivacky if [ "x${static_routes}" != "x" ]; then 178204642Srdivacky for i in ${static_routes}; do 179204642Srdivacky eval route_args=\$route_${i} 180204642Srdivacky route add ${route_args} 181204642Srdivacky done 182204642Srdivacky fi 183204642Srdivacky 184204642Srdivacky echo -n 'Additional routing options:' 185204642Srdivacky if [ -n "$tcp_extensions" -a "x$tcp_extensions" != "xYES" ] ; then 186204642Srdivacky echo -n ' tcp extensions=NO' 187204642Srdivacky sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 188204642Srdivacky fi 189204642Srdivacky 190204642Srdivacky if [ -n "$log_in_vain" -a "x$log_in_vain" != "xNO" ] ; then 191204642Srdivacky echo -n ' log_in_vain=YES' 192193323Sed sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null 193198090Srdivacky sysctl -w net.inet.udp.log_in_vain=1 >/dev/null 194198090Srdivacky fi 195198090Srdivacky 196199481Srdivacky if [ X"$icmp_bmcastecho" = X"YES" ]; then 197210299Sed echo -n ' broadcast ping responses=YES' 198199481Srdivacky sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null 199199481Srdivacky fi 200193323Sed 201193323Sed if [ "X$gateway_enable" = X"YES" ]; then 202193323Sed echo -n ' IP gateway=YES' 203193323Sed sysctl -w net.inet.ip.forwarding=1 >/dev/null 204193323Sed fi 205193323Sed 206193323Sed if [ "X$forward_sourceroute" = X"YES" ]; then 207193323Sed echo -n ' do source routing=YES' 208193323Sed sysctl -w net.inet.ip.sourceroute=1 >/dev/null 209203954Srdivacky fi 210203954Srdivacky 211203954Srdivacky if [ "X$accept_sourceroute" = X"YES" ]; then 212193323Sed echo -n ' accept source routing=YES' 213193323Sed sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 214193323Sed fi 215193323Sed 216193323Sed if [ "X$tcp_keepalive" = X"YES" ]; then 217193323Sed echo -n ' TCP keepalive=YES' 218193323Sed sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null 219199481Srdivacky fi 220210299Sed 221199481Srdivacky if [ "X$ipxgateway_enable" = X"YES" ]; then 222199481Srdivacky echo -n ' IPX gateway=YES' 223193323Sed sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 224193323Sed fi 225193323Sed 226193323Sed if [ "X$arpproxy_all" = X"YES" ]; then 227193323Sed echo -n ' ARP proxyall=YES' 228193323Sed sysctl -w net.link.ether.inet.proxyall=1 >/dev/null 229199481Srdivacky fi 230199481Srdivacky echo '.' 231193323Sed 232193323Sed echo -n 'routing daemons:' 233193323Sed if [ "X$router_enable" = X"YES" ]; then 234199481Srdivacky echo -n " ${router}"; ${router} ${router_flags} 235198090Srdivacky fi 236193323Sed 237193323Sed if [ "X$ipxrouted_enable" = X"YES" ]; then 238193323Sed echo -n ' IPXrouted' 239193323Sed IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 240193323Sed fi 241193323Sed 242193323Sed if [ "X${mrouted_enable}" = X"YES" ]; then 243193323Sed echo -n ' mrouted'; mrouted ${mrouted_flags} 244193323Sed fi 245193323Sed 246193323Sed if [ "X$rarpd_enable" = X"YES" ]; then 247199481Srdivacky echo -n ' rarpd'; rarpd ${rarpd_flags} 248199481Srdivacky fi 249210299Sed echo '.' 250199481Srdivacky network_pass1_done=YES # Let future generations know we made it. 251199481Srdivacky} 252193323Sed 253193323Sednetwork_pass2() { 254193323Sed echo -n 'Doing additional network setup:' 255193323Sed if [ "X${named_enable}" = X"YES" ]; then 256193323Sed echo -n ' named'; ${named_program-"named"} ${named_flags} 257193323Sed fi 258193323Sed 259193323Sed if [ "X${ntpdate_enable}" = X"YES" ]; then 260198090Srdivacky echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 261193323Sed fi 262193323Sed 263193323Sed if [ "X${xntpd_enable}" = X"YES" ]; then 264193323Sed echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} 265193323Sed fi 266202878Srdivacky 267195340Sed if [ "X${timed_enable}" = X"YES" ]; then 268195340Sed echo -n ' timed'; timed ${timed_flags} 269195340Sed fi 270195340Sed 271195340Sed if [ "X${portmap_enable}" = X"YES" ]; then 272195340Sed echo -n ' portmap'; ${portmap_program} ${portmap_flags} 273195340Sed fi 274195340Sed 275199481Srdivacky # Start ypserv if we're an NIS server. 276199481Srdivacky # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. 277199481Srdivacky if [ "X${nis_server_enable}" = X"YES" ]; then 278199481Srdivacky echo -n ' ypserv'; ypserv ${nis_server_flags} 279199481Srdivacky 280199481Srdivacky if [ "X${nis_ypxfrd_enable}" = X"YES" ]; then 281199481Srdivacky echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} 282199481Srdivacky fi 283195340Sed 284195340Sed if [ "X${nis_yppasswdd_enable}" = X"YES" ]; then 285195340Sed echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} 286195340Sed fi 287195340Sed fi 288195340Sed 289195340Sed # Start ypbind if we're an NIS client 290195340Sed if [ "X${nis_client_enable}" = X"YES" ]; then 291195340Sed echo -n ' ypbind'; ypbind ${nis_client_flags} 292195340Sed if [ "X${nis_ypset_enable}" = X"YES" ]; then 293195340Sed echo -n ' ypset'; ypset ${nis_ypset_flags} 294195340Sed fi 295195340Sed fi 296205218Srdivacky 297205218Srdivacky # Start keyserv if we are running Secure RPC 298205218Srdivacky if [ "X${keyserv_enable}" = X"YES" ]; then 299195340Sed echo -n ' keyserv'; keyserv ${keyserv_flags} 300195340Sed fi 301199481Srdivacky # Start ypupdated if we are running Secure RPC and we are NIS master 302199481Srdivacky if [ "X$rpc_ypupdated_enable" = X"YES" ]; then 303195340Sed echo -n ' rpc.ypupdated'; rpc.ypupdated 304195340Sed fi 305195340Sed 306195340Sed # Start ATM daemons 307195340Sed if [ -n "${atm_pass2_done}" ]; then 308195340Sed atm_pass3 309195340Sed fi 310195340Sed 311195340Sed echo '.' 312195340Sed network_pass2_done=YES 313195340Sed} 314195340Sed 315195340Sednetwork_pass3() { 316204642Srdivacky echo -n 'Starting final network daemons:' 317204642Srdivacky 318204642Srdivacky if [ "X${nfs_server_enable}" = X"YES" -a -r /etc/exports ]; then 319204642Srdivacky echo -n ' mountd' 320204642Srdivacky if [ "X${weak_mountd_authentication}" = X"YES" ]; then 321195340Sed mountd_flags="-n" 322195340Sed fi 323195340Sed mountd ${mountd_flags} 324195340Sed if [ "X${nfs_reserved_port_only}" = X"YES" ]; then 325195340Sed echo -n ' NFS on reserved port only=YES' 326195340Sed sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 327195340Sed fi 328195340Sed echo -n ' nfsd'; nfsd ${nfs_server_flags} 329198090Srdivacky if [ "X$rpc_lockd_enable" = X"YES" ]; then 330198090Srdivacky echo -n ' rpc.lockd'; rpc.lockd 331198090Srdivacky fi 332198090Srdivacky if [ "X$rpc_statd_enable" = X"YES" ]; then 333195340Sed echo -n ' rpc.statd'; rpc.statd 334195340Sed fi 335195340Sed fi 336195340Sed 337195340Sed if [ "X${nfs_client_enable}" = X"YES" ]; then 338195340Sed echo -n ' nfsiod'; nfsiod ${nfs_client_flags} 339195340Sed if [ "X${nfs_access_cache}" != X ]; then 340195340Sed echo -n " NFS access cache time=${nfs_access_cache}" 341195340Sed sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ 342195340Sed >/dev/null 343195340Sed fi 344195340Sed fi 345193323Sed 346193323Sed if [ "X${amd_enable}" = X"YES" ]; then 347193323Sed echo -n ' amd' 348193323Sed if [ "X${amd_map_program}" != X"NO" ]; then 349193323Sed amd_flags="${amd_flags} `eval ${amd_map_program}`" 350193323Sed fi 351193323Sed if [ -n "$amd_flags" ] 352198090Srdivacky then 353193323Sed amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null 354193323Sed else 355193323Sed amd 2> /dev/null 356193323Sed fi 357193323Sed fi 358210299Sed 359210299Sed if [ "X${rwhod_enable}" = X"YES" ]; then 360210299Sed echo -n ' rwhod'; rwhod ${rwhod_flags} 361199481Srdivacky fi 362199481Srdivacky 363199481Srdivacky # Kerberos runs ONLY on the Kerberos server machine 364210299Sed if [ "X${kerberos_server_enable}" = X"YES" ]; then 365193323Sed if [ "X${kerberos_stash}" = "XYES" ]; then 366199481Srdivacky stash_flag=-n 367210299Sed else 368199481Srdivacky stash_flag= 369210299Sed fi 370199481Srdivacky echo -n ' kerberos'; \ 371193323Sed kerberos ${stash_flag} >> /var/log/kerberos.log & 372193323Sed if [ "X${kadmind_server_enable}" = "XYES" ]; then 373193323Sed echo -n ' kadmind'; \ 374193323Sed (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & 375193323Sed fi 376204642Srdivacky unset stash_flag 377204642Srdivacky fi 378204642Srdivacky 379204642Srdivacky echo '.' 380193323Sed network_pass3_done=YES 381193323Sed} 382193323Sed