defaultroute revision 35459
1250003Sadrian#!/bin/sh - 2250003Sadrian# 3250003Sadrian# $Id: rc.network,v 1.22 1998/04/18 10:27:06 brian Exp $ 4250003Sadrian# From: @(#)netstart 5.9 (Berkeley) 3/30/91 5250003Sadrian 6250003Sadrian# Note that almost all the user-configurable behavior is no longer in 7250003Sadrian# this file, but rather in /etc/rc.conf. Please check that file 8250003Sadrian# first before contemplating any changes here. If you do need to change 9250003Sadrian# this file for some reason, we would like to know about it. 10250003Sadrian 11250003Sadrian# First pass startup stuff. 12250003Sadrian 13250003Sadriannetwork_pass1() { 14250003Sadrian echo -n 'Doing initial network setup:' 15250003Sadrian # Set the host name if it is not already set 16250003Sadrian if [ -z "`hostname -s`" ] ; then 17250003Sadrian hostname $hostname 18250003Sadrian echo -n ' hostname' 19250003Sadrian fi 20250003Sadrian 21250003Sadrian # Set the domainname if we're using NIS 22250003Sadrian if [ -n "$nisdomainname" -a "x$nisdomainname" != "xNO" ] ; then 23250003Sadrian domainname $nisdomainname 24250003Sadrian echo -n ' domain' 25250003Sadrian fi 26250003Sadrian echo '.' 27250003Sadrian 28250003Sadrian # Set up all the network interfaces, calling startup scripts if needed 29250003Sadrian for ifn in ${network_interfaces}; do 30250003Sadrian if [ -e /etc/start_if.${ifn} ]; then 31250003Sadrian . /etc/start_if.${ifn} 32250003Sadrian fi 33250003Sadrian # Do the primary ifconfig if specified 34250003Sadrian eval ifconfig_args=\$ifconfig_${ifn} 35250003Sadrian if [ -n "${ifconfig_args}" ] ; then 36250003Sadrian ifconfig ${ifn} ${ifconfig_args} 37250003Sadrian fi 38250003Sadrian # Check to see if aliases need to be added 39250003Sadrian alias=0 40250003Sadrian while : 41250003Sadrian do 42250003Sadrian eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} 43250003Sadrian if [ -n "${ifconfig_args}" ]; then 44250003Sadrian ifconfig ${ifn} ${ifconfig_args} alias 45250003Sadrian alias=`expr ${alias} + 1` 46250003Sadrian else 47250003Sadrian break; 48250003Sadrian fi 49250003Sadrian done 50250003Sadrian # Do ipx address if specified 51250003Sadrian eval ifconfig_args=\$ifconfig_${ifn}_ipx 52250003Sadrian if [ -n "${ifconfig_args}" ]; then 53250003Sadrian ifconfig ${ifn} ${ifconfig_args} 54250003Sadrian fi 55250003Sadrian ifconfig ${ifn} 56250003Sadrian done 57250003Sadrian 58250003Sadrian # Initialize IP filtering using ipfw 59250003Sadrian echo "" 60250003Sadrian /sbin/ipfw -q flush > /dev/null 2>&1 61250003Sadrian if [ $? = 0 ] ; then 62250003Sadrian firewall_in_kernel=1 63250003Sadrian else 64250003Sadrian firewall_in_kernel=0 65250003Sadrian fi 66250003Sadrian 67250003Sadrian if [ $firewall_in_kernel = 0 -a "x$firewall_enable" = "xYES" ] ; then 68250003Sadrian modload /lkm/ipfw_mod.o 69250003Sadrian if [ $? = 0 ]; then 70250003Sadrian firewall_in_kernel=1 # module loaded successfully 71250003Sadrian echo "Kernel firewall module loaded." 72250003Sadrian else 73250003Sadrian echo "Warning: firewall kernel module failed to load." 74250003Sadrian fi 75250003Sadrian fi 76250003Sadrian 77250003Sadrian # Load the filters if required 78250003Sadrian if [ $firewall_in_kernel = 1 ]; then 79250003Sadrian if [ -n "$firewall_enable" -a -f /etc/rc.firewall -a \ 80250003Sadrian "x$firewall_enable" = "xYES" ] ; then 81250003Sadrian . /etc/rc.firewall 82250003Sadrian echo "Firewall rules loaded." 83250003Sadrian else 84250003Sadrian IPFW_DEFAULT=`ipfw l 65535` 85250003Sadrian if [ "$IPFW_DEFAULT" = "65535 deny ip from any to any" ]; then 86250003Sadrian echo -n "Warning: kernel has firewall functionality, " 87250003Sadrian echo "but firewall rules are not enabled." 88250003Sadrian echo " All ip services are disabled." 89250003Sadrian fi 90250003Sadrian fi 91250003Sadrian fi 92250003Sadrian 93250003Sadrian # Configure routing 94250003Sadrian 95250003Sadrian if [ "x$defaultrouter" != "xNO" ] ; then 96250003Sadrian static_routes="default ${static_routes}" 97250003Sadrian route_default="default ${defaultrouter}" 98250003Sadrian fi 99250003Sadrian 100250003Sadrian # Set up any static routes. This should be done before router discovery. 101250003Sadrian if [ "x${static_routes}" != "x" ]; then 102250003Sadrian for i in ${static_routes}; do 103250003Sadrian eval route_args=\$route_${i} 104250003Sadrian route add ${route_args} 105250003Sadrian done 106250003Sadrian fi 107250003Sadrian 108250003Sadrian echo -n 'Additional routing options:' 109250003Sadrian if [ -n "$tcp_extensions" -a "x$tcp_extensions" != "xYES" ] ; then 110250003Sadrian echo -n ' tcp extensions=NO' 111250003Sadrian sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 2>&1 112250003Sadrian sysctl -w net.inet.tcp.rfc1644=0 >/dev/null 2>&1 113250003Sadrian fi 114250003Sadrian 115250003Sadrian if [ "X$gateway_enable" = X"YES" ]; then 116250003Sadrian echo -n ' IP gateway=YES' 117250003Sadrian sysctl -w net.inet.ip.forwarding=1 >/dev/null 2>&1 118250003Sadrian fi 119250003Sadrian 120250003Sadrian if [ "X$forward_sourceroute" = X"YES" ]; then 121250003Sadrian echo -n ' do source routing=YES' 122250003Sadrian sysctl -w net.inet.ip.sourceroute=1 >/dev/null 2>&1 123250003Sadrian fi 124250003Sadrian 125250003Sadrian if [ "X$accept_sourceroute" = X"YES" ]; then 126250003Sadrian echo -n ' accept source routing=YES' 127250003Sadrian sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 2>&1 128250003Sadrian fi 129250003Sadrian 130250003Sadrian if [ "X$router_enable" = X"YES" ]; then 131250003Sadrian echo -n " ${router}"; ${router} ${router_flags} 132250003Sadrian fi 133250003Sadrian 134250003Sadrian if [ "X$ipxgateway_enable" = X"YES" ]; then 135250003Sadrian echo -n ' IPX gateway=YES' 136250003Sadrian sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 2>&1 137250003Sadrian fi 138250003Sadrian 139250003Sadrian if [ "X$ipxrouted_enable" = X"YES" ]; then 140250003Sadrian echo -n ' IPXrouted: ' 141250003Sadrian IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 142250003Sadrian fi 143250003Sadrian 144250003Sadrian if [ "X$arpproxy_all" = X"YES" ]; then 145250003Sadrian echo -n ' enabling ARP_PROXY_ALL: ' 146250003Sadrian sysctl -w net.link.ether.inet.proxyall=1 2>&1 147250003Sadrian fi 148250003Sadrian if [ "X$rarpd_enable" = X"YES" ]; then 149250003Sadrian echo -n ' rarpd'; rarpd ${rarpd_flags} 150250003Sadrian fi 151250003Sadrian 152250003Sadrian echo '.' 153250003Sadrian network_pass1_done=YES # Let future generations know we made it. 154250003Sadrian} 155250003Sadrian 156250003Sadriannetwork_pass2() { 157250003Sadrian echo -n 'Doing additional network setup:' 158250003Sadrian if [ "X${named_enable}" = X"YES" ]; then 159250003Sadrian echo -n ' named'; ${named_program-"named"} ${named_flags} 160250003Sadrian fi 161250003Sadrian 162250003Sadrian if [ "X${ntpdate_enable}" = X"YES" ]; then 163250003Sadrian echo -n ' ntpdate'; ntpdate ${ntpdate_flags} >/dev/null 2>&1 164250003Sadrian fi 165250003Sadrian 166250003Sadrian if [ "X${xntpd_enable}" = X"YES" ]; then 167250003Sadrian echo -n ' xntpd'; xntpd ${xntpd_flags} 168250003Sadrian fi 169250003Sadrian 170250003Sadrian if [ "X${timed_enable}" = X"YES" ]; then 171250003Sadrian echo -n ' timed'; timed ${timed_flags} 172250003Sadrian fi 173250003Sadrian 174250003Sadrian if [ "X${portmap_enable}" = X"YES" ]; then 175250003Sadrian echo -n ' portmap'; portmap ${portmap_flags} 176250003Sadrian fi 177250003Sadrian 178250003Sadrian # Start ypserv if we're an NIS server. 179250003Sadrian # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. 180250003Sadrian if [ "X${nis_server_enable}" = X"YES" ]; then 181250003Sadrian echo -n ' ypserv'; ypserv ${nis_server_flags} 182250003Sadrian 183250003Sadrian if [ "X${nis_ypxfrd_enable}" = X"YES" ]; then 184250003Sadrian echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} 185250003Sadrian fi 186250003Sadrian 187250003Sadrian if [ "X${nis_yppasswdd_enable}" = X"YES" ]; then 188250003Sadrian echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} 189250003Sadrian fi 190250003Sadrian fi 191250003Sadrian 192250003Sadrian # Start ypbind if we're an NIS client 193250003Sadrian if [ "X${nis_client_enable}" = X"YES" ]; then 194250003Sadrian echo -n ' ypbind'; ypbind ${nis_client_flags} 195250003Sadrian if [ "X${nis_ypset_enable}" = X"YES" ]; then 196250003Sadrian echo -n ' ypset'; ypset ${nis_ypset_flags} 197250003Sadrian fi 198250003Sadrian fi 199250003Sadrian 200250003Sadrian # Start keyserv if we are running Secure RPC 201250003Sadrian if [ "X${keyserv_enable}" = X"YES" ]; then 202250003Sadrian echo -n ' keyserv'; keyserv ${keyserv_flags} 203250003Sadrian fi 204250003Sadrian # Start ypupdated if we are running Secure RPC and we are NIS master 205250003Sadrian if [ "X$rpc_ypupdated_enable" = X"YES" ]; then 206250003Sadrian echo -n ' rpc.ypupdated'; rpc.ypupdated 207250003Sadrian fi 208250003Sadrian 209250003Sadrian echo '.' 210250003Sadrian network_pass2_done=YES 211250003Sadrian} 212250003Sadrian 213250003Sadriannetwork_pass3() { 214250003Sadrian echo -n 'Starting final network daemons:' 215250003Sadrian 216250003Sadrian if [ "X${nfs_server_enable}" = X"YES" -a -r /etc/exports ]; then 217250003Sadrian echo -n ' mountd' 218250003Sadrian if [ "X${weak_mountd_authentication}" = X"YES" ]; then 219250003Sadrian mountd_flags="-n" 220250003Sadrian fi 221250003Sadrian mountd ${mountd_flags} 222250003Sadrian if [ "X${nfs_reserved_port_only}" = X"YES" ]; then 223250003Sadrian echo -n ' nfsprivport=YES' 224250003Sadrian sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 2>&1 225250003Sadrian fi 226250003Sadrian echo -n ' nfsd'; nfsd ${nfs_server_flags} 227250003Sadrian if [ "X$rpc_lockd_enable" = X"YES" ]; then 228250003Sadrian echo -n ' rpc.lockd'; rpc.lockd 229250003Sadrian fi 230250003Sadrian if [ "X$rpc_statd_enable" = X"YES" ]; then 231250003Sadrian echo -n ' rpc.statd'; rpc.statd 232250003Sadrian fi 233250003Sadrian fi 234250003Sadrian 235250003Sadrian if [ "X${nfs_client_enable}" = X"YES" ]; then 236250003Sadrian echo -n ' nfsiod'; nfsiod ${nfs_client_flags} 237250003Sadrian fi 238250003Sadrian 239250003Sadrian if [ "X${amd_enable}" = X"YES" ]; then 240250003Sadrian echo -n ' amd' 241250003Sadrian if [ "X${amd_map_program}" != X"NO" ]; then 242250003Sadrian amd_flags="${amd_flags} `${amd_map_program}`" 243250003Sadrian fi 244250003Sadrian amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null 245250003Sadrian fi 246250003Sadrian 247250003Sadrian if [ "X${rwhod_enable}" = X"YES" ]; then 248250003Sadrian echo -n ' rwhod'; rwhod 249250003Sadrian fi 250250003Sadrian 251250003Sadrian # Kerberos runs ONLY on the Kerberos server machine 252250003Sadrian if [ "X${kerberos_server_enable}" = X"YES" ]; then 253250003Sadrian if [ "X${kerberos_stash}" = "XYES" ]; then 254250003Sadrian stash_flag=-n 255250003Sadrian else 256250003Sadrian stash_flag= 257250003Sadrian fi 258250003Sadrian echo -n ' kerberos'; \ 259250003Sadrian kerberos ${stash_flags} >> /var/log/kerberos.log & 260250003Sadrian if [ "X${kadmind_server_enable}" = "XYES" ]; then 261250003Sadrian echo -n ' kadmind'; \ 262250003Sadrian (sleep 20; kadmind ${stash_flags} >/dev/null 2>&1 &) & 263250003Sadrian fi 264250003Sadrian unset stash_flag 265250003Sadrian fi 266250003Sadrian 267250003Sadrian # IP multicast routing daemon 268250003Sadrian if [ "X${mrouted_enable}" = X"YES" ]; then 269250003Sadrian echo -n ' mrouted'; mrouted ${mrouted_flags} 270250003Sadrian fi 271250003Sadrian 272250003Sadrian # Network Address Translation daemon 273250003Sadrian if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then 274250003Sadrian if [ -a "X${firewall_enable}" = X"YES" ]; then 275250003Sadrian echo -n ' natd'; natd ${natd_flags} -n ${natd_interface} 276250003Sadrian fi 277250003Sadrian fi 278250003Sadrian 279250003Sadrian echo '.' 280250003Sadrian network_pass3_done=YES 281250003Sadrian} 282250003Sadrian