defaultroute revision 66830
1#!/bin/sh - 2# 3# Copyright (c) 1993 The FreeBSD Project 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26# 27# $FreeBSD: head/etc/rc.d/routing 66830 2000-10-08 19:20:36Z obrien $ 28# From: @(#)netstart 5.9 (Berkeley) 3/30/91 29# 30 31# Note that almost all of the user-configurable behavior is no longer in 32# this file, but rather in /etc/defaults/rc.conf. Please check that file 33# first before contemplating any changes here. If you do need to change 34# this file for some reason, we would like to know about it. 35 36# First pass startup stuff. 37# 38network_pass1() { 39 echo -n 'Doing initial network setup:' 40 41 # Convert host.conf to nsswitch.conf if necessary 42 if [ -f "/etc/host.conf" ]; then 43 echo "" 44 echo "Warning: /etc/host.conf is no longer used" 45 if [ -f "/etc/nsswitch.conf" ]; then 46 echo " /etc/nsswitch.conf will be used instead" 47 else 48 echo " /etc/nsswitch.conf will be created for you" 49 convert_host_conf /etc/host.conf /etc/nsswitch.conf 50 fi 51 fi 52 53 # Set the host name if it is not already set 54 # 55 if [ -z "`hostname -s`" ]; then 56 hostname ${hostname} 57 echo -n ' hostname' 58 fi 59 60 # Establish ipfilter ruleset as early as possible (best in 61 # addition to IPFILTER_DEFAULT_BLOCK in the kernel config file) 62 # 63 case "${ipfilter_enable}" in 64 [Yy][Ee][Ss]) 65 if [ -r "${ipfilter_rules}" ]; then 66 echo -n ' ipfilter'; 67 ${ipfilter_program:-ipf -Fa -f} "${ipfilter_rules}" ${ipfilter_flags} 68 case "${ipmon_enable}" in 69 [Yy][Ee][Ss]) 70 echo -n ' ipmon' 71 ${ipmon_program:-ipmon} ${ipmon_flags} 72 ;; 73 esac 74 case "${ipnat_enable}" in 75 [Yy][Ee][Ss]) 76 if [ -r "${ipnat_rules}" ]; then 77 echo -n ' ipnat'; 78 ${ipnat_program:-ipnat -CF -f} "${ipnat_rules}" ${ipnat_flags} 79 else 80 echo -n ' NO IPNAT RULES' 81 fi 82 ;; 83 esac 84 else 85 ipfilter_enable="NO" 86 echo -n ' NO IPF RULES' 87 fi 88 ;; 89 esac 90 91 # Set the domainname if we're using NIS 92 # 93 case ${nisdomainname} in 94 [Nn][Oo] | '') 95 ;; 96 *) 97 domainname ${nisdomainname} 98 echo -n ' domain' 99 ;; 100 esac 101 102 echo '.' 103 104 # Initial ATM interface configuration 105 # 106 case ${atm_enable} in 107 [Yy][Ee][Ss]) 108 if [ -r /etc/rc.atm ]; then 109 . /etc/rc.atm 110 atm_pass1 111 fi 112 ;; 113 esac 114 115 # Special options for sppp(4) interfaces go here. These need 116 # to go _before_ the general ifconfig section, since in the case 117 # of hardwired (no link1 flag) but required authentication, you 118 # cannot pass auth parameters down to the already running interface. 119 # 120 for ifn in ${sppp_interfaces}; do 121 eval spppcontrol_args=\$spppconfig_${ifn} 122 if [ -n "${spppcontrol_args}" ]; then 123 # The auth secrets might contain spaces; in order 124 # to retain the quotation, we need to eval them 125 # here. 126 eval spppcontrol ${ifn} ${spppcontrol_args} 127 fi 128 done 129 130 # Set up all the network interfaces, calling startup scripts if needed 131 # 132 case ${network_interfaces} in 133 [Aa][Uu][Tt][Oo]) 134 network_interfaces="`ifconfig -l`" 135 ;; 136 esac 137 138 dhcp_interfaces="" 139 for ifn in ${network_interfaces}; do 140 if [ -r /etc/start_if.${ifn} ]; then 141 . /etc/start_if.${ifn} 142 eval showstat_$ifn=1 143 fi 144 145 # Do the primary ifconfig if specified 146 # 147 eval ifconfig_args=\$ifconfig_${ifn} 148 149 case ${ifconfig_args} in 150 '') 151 ;; 152 [Dd][Hh][Cc][Pp]) 153 # DHCP inits are done all in one go below 154 dhcp_interfaces="$dhcp_interfaces $ifn" 155 eval showstat_$ifn=1 156 ;; 157 *) 158 ifconfig ${ifn} ${ifconfig_args} 159 eval showstat_$ifn=1 160 ;; 161 esac 162 done 163 164 if [ ! -z "${dhcp_interfaces}" ]; then 165 ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${dhcp_interfaces} 166 fi 167 168 for ifn in ${network_interfaces}; do 169 # Check to see if aliases need to be added 170 # 171 alias=0 172 while : ; do 173 eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} 174 if [ -n "${ifconfig_args}" ]; then 175 ifconfig ${ifn} ${ifconfig_args} alias 176 eval showstat_$ifn=1 177 alias=`expr ${alias} + 1` 178 else 179 break; 180 fi 181 done 182 183 # Do ipx address if specified 184 # 185 eval ifconfig_args=\$ifconfig_${ifn}_ipx 186 if [ -n "${ifconfig_args}" ]; then 187 ifconfig ${ifn} ${ifconfig_args} 188 eval showstat_$ifn=1 189 fi 190 done 191 192 for ifn in ${network_interfaces}; do 193 eval showstat=\$showstat_${ifn} 194 if [ ! -z ${showstat} ]; then 195 ifconfig ${ifn} 196 fi 197 done 198 199 # ISDN subsystem startup 200 # 201 case ${isdn_enable} in 202 [Yy][Ee][Ss]) 203 if [ -r /etc/rc.isdn ]; then 204 . /etc/rc.isdn 205 fi 206 ;; 207 esac 208 209 # Start user ppp if required. This must happen before natd. 210 # 211 case ${ppp_enable} in 212 [Yy][Ee][Ss]) 213 # Establish ppp mode. 214 # 215 if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ 216 -a "${ppp_mode}" != "dedicated" \ 217 -a "${ppp_mode}" != "background" ]; then 218 ppp_mode="auto" 219 fi 220 221 ppp_command="/usr/sbin/ppp -quiet -${ppp_mode}" 222 223 # Switch on NAT mode? 224 # 225 case ${ppp_nat} in 226 [Yy][Ee][Ss]) 227 ppp_command="${ppp_command} -nat" 228 ;; 229 esac 230 231 ppp_command="${ppp_command} ${ppp_profile}" 232 233 echo -n "Starting ppp as \"${ppp_user}\"" 234 su -m ${ppp_user} -c "exec ${ppp_command}" 235 ;; 236 esac 237 238 # Initialize IP filtering using ipfw 239 # 240 if /sbin/ipfw -q flush > /dev/null 2>&1; then 241 firewall_in_kernel=1 242 else 243 firewall_in_kernel=0 244 fi 245 246 case ${firewall_enable} in 247 [Yy][Ee][Ss]) 248 if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then 249 firewall_in_kernel=1 250 echo "Kernel firewall module loaded." 251 elif [ "${firewall_in_kernel}" -eq 0 ]; then 252 echo "Warning: firewall kernel module failed to load." 253 fi 254 ;; 255 esac 256 257 # Load the filters if required 258 # 259 case ${firewall_in_kernel} in 260 1) 261 if [ -z "${firewall_script}" ]; then 262 firewall_script=/etc/rc.firewall 263 fi 264 265 case ${firewall_enable} in 266 [Yy][Ee][Ss]) 267 if [ -r "${firewall_script}" ]; then 268 . "${firewall_script}" 269 echo -n 'Firewall rules loaded, starting divert daemons:' 270 271 # Network Address Translation daemon 272 # 273 case ${natd_enable} in 274 [Yy][Ee][Ss]) 275 if [ -n "${natd_interface}" ]; then 276 if echo ${natd_interface} | \ 277 grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then 278 natd_ifarg="-a ${natd_interface}" 279 else 280 natd_ifarg="-n ${natd_interface}" 281 fi 282 283 echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} 284 fi 285 ;; 286 esac 287 288 echo '.' 289 290 elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then 291 echo -n "Warning: kernel has firewall functionality, " 292 echo "but firewall rules are not enabled." 293 echo " All ip services are disabled." 294 fi 295 296 case ${firewall_logging} in 297 [Yy][Ee][Ss] | '') 298 echo 'Firewall logging=YES' 299 sysctl -w net.inet.ip.fw.verbose=1 >/dev/null 300 ;; 301 *) 302 ;; 303 esac 304 305 ;; 306 esac 307 ;; 308 esac 309 310 # Additional ATM interface configuration 311 # 312 if [ -n "${atm_pass1_done}" ]; then 313 atm_pass2 314 fi 315 316 # Configure routing 317 # 318 case ${defaultrouter} in 319 [Nn][Oo] | '') 320 ;; 321 *) 322 static_routes="default ${static_routes}" 323 route_default="default ${defaultrouter}" 324 ;; 325 esac 326 327 # Set up any static routes. This should be done before router discovery. 328 # 329 if [ -n "${static_routes}" ]; then 330 for i in ${static_routes}; do 331 eval route_args=\$route_${i} 332 route add ${route_args} 333 done 334 fi 335 336 echo -n 'Additional routing options:' 337 case ${tcp_extensions} in 338 [Yy][Ee][Ss] | '') 339 ;; 340 *) 341 echo -n ' tcp extensions=NO' 342 sysctl -w net.inet.tcp.rfc1323=0 >/dev/null 343 ;; 344 esac 345 346 case ${icmp_bmcastecho} in 347 [Yy][Ee][Ss]) 348 echo -n ' broadcast ping responses=YES' 349 sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null 350 ;; 351 esac 352 353 case ${icmp_drop_redirect} in 354 [Yy][Ee][Ss]) 355 echo -n ' ignore ICMP redirect=YES' 356 sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null 357 ;; 358 esac 359 360 case ${icmp_log_redirect} in 361 [Yy][Ee][Ss]) 362 echo -n ' log ICMP redirect=YES' 363 sysctl -w net.inet.icmp.log_redirect=1 >/dev/null 364 ;; 365 esac 366 367 case ${gateway_enable} in 368 [Yy][Ee][Ss]) 369 echo -n ' IP gateway=YES' 370 sysctl -w net.inet.ip.forwarding=1 >/dev/null 371 ;; 372 esac 373 374 case ${forward_sourceroute} in 375 [Yy][Ee][Ss]) 376 echo -n ' do source routing=YES' 377 sysctl -w net.inet.ip.sourceroute=1 >/dev/null 378 ;; 379 esac 380 381 case ${accept_sourceroute} in 382 [Yy][Ee][Ss]) 383 echo -n ' accept source routing=YES' 384 sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null 385 ;; 386 esac 387 388 case ${tcp_keepalive} in 389 [Yy][Ee][Ss]) 390 echo -n ' TCP keepalive=YES' 391 sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null 392 ;; 393 esac 394 395 case ${tcp_restrict_rst} in 396 [Yy][Ee][Ss]) 397 echo -n ' restrict TCP reset=YES' 398 sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null 399 ;; 400 esac 401 402 case ${tcp_drop_synfin} in 403 [Yy][Ee][Ss]) 404 echo -n ' drop SYN+FIN packets=YES' 405 sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null 406 ;; 407 esac 408 409 case ${ipxgateway_enable} in 410 [Yy][Ee][Ss]) 411 echo -n ' IPX gateway=YES' 412 sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null 413 ;; 414 esac 415 416 case ${arpproxy_all} in 417 [Yy][Ee][Ss]) 418 echo -n ' ARP proxyall=YES' 419 sysctl -w net.link.ether.inet.proxyall=1 >/dev/null 420 ;; 421 esac 422 423 case ${ip_portrange_first} in 424 [Nn][Oo] | '') 425 ;; 426 *) 427 echo -n ' ip_portrange_first=$ip_portrange_first' 428 sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null 429 ;; 430 esac 431 432 case ${ip_portrange_last} in 433 [Nn][Oo] | '') 434 ;; 435 *) 436 echo -n ' ip_portrange_last=$ip_portrange_last' 437 sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null 438 ;; 439 esac 440 441 echo '.' 442 443 case ${ipsec_enable} in 444 [Yy][Ee][Ss]) 445 if [ -f ${ipsec_file} ]; then 446 echo ' ipsec: enabled' 447 setkey -f ${ipsec_file} 448 else 449 echo ' ipsec: file not found' 450 fi 451 ;; 452 esac 453 454 echo -n 'routing daemons:' 455 case ${router_enable} in 456 [Yy][Ee][Ss]) 457 echo -n " ${router}"; ${router} ${router_flags} 458 ;; 459 esac 460 461 case ${ipxrouted_enable} in 462 [Yy][Ee][Ss]) 463 echo -n ' IPXrouted' 464 IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 465 ;; 466 esac 467 468 case ${mrouted_enable} in 469 [Yy][Ee][Ss]) 470 echo -n ' mrouted'; mrouted ${mrouted_flags} 471 ;; 472 esac 473 474 case ${rarpd_enable} in 475 [Yy][Ee][Ss]) 476 echo -n ' rarpd'; rarpd ${rarpd_flags} 477 ;; 478 esac 479 echo '.' 480 481 # Let future generations know we made it. 482 # 483 network_pass1_done=YES 484} 485 486network_pass2() { 487 echo -n 'Doing additional network setup:' 488 case ${named_enable} in 489 [Yy][Ee][Ss]) 490 echo -n ' named'; ${named_program:-named} ${named_flags} 491 ;; 492 esac 493 494 case ${ntpdate_enable} in 495 [Yy][Ee][Ss]) 496 echo -n ' ntpdate' 497 ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 498 ;; 499 esac 500 501 case ${xntpd_enable} in 502 [Yy][Ee][Ss]) 503 echo -n ' ntpd'; ${xntpd_program:-ntpd} ${xntpd_flags} 504 ;; 505 esac 506 507 case ${timed_enable} in 508 [Yy][Ee][Ss]) 509 echo -n ' timed'; timed ${timed_flags} 510 ;; 511 esac 512 513 case ${portmap_enable} in 514 [Yy][Ee][Ss]) 515 echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} 516 ;; 517 esac 518 519 # Start ypserv if we're an NIS server. 520 # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. 521 # 522 case ${nis_server_enable} in 523 [Yy][Ee][Ss]) 524 echo -n ' ypserv'; ypserv ${nis_server_flags} 525 526 case ${nis_ypxfrd_enable} in 527 [Yy][Ee][Ss]) 528 echo -n ' rpc.ypxfrd' 529 rpc.ypxfrd ${nis_ypxfrd_flags} 530 ;; 531 esac 532 533 case ${nis_yppasswdd_enable} in 534 [Yy][Ee][Ss]) 535 echo -n ' rpc.yppasswdd' 536 rpc.yppasswdd ${nis_yppasswdd_flags} 537 ;; 538 esac 539 ;; 540 esac 541 542 # Start ypbind if we're an NIS client 543 # 544 case ${nis_client_enable} in 545 [Yy][Ee][Ss]) 546 echo -n ' ypbind'; ypbind ${nis_client_flags} 547 case ${nis_ypset_enable} in 548 [Yy][Ee][Ss]) 549 echo -n ' ypset'; ypset ${nis_ypset_flags} 550 ;; 551 esac 552 ;; 553 esac 554 555 # Start keyserv if we are running Secure RPC 556 # 557 case ${keyserv_enable} in 558 [Yy][Ee][Ss]) 559 echo -n ' keyserv'; keyserv ${keyserv_flags} 560 ;; 561 esac 562 563 # Start ypupdated if we are running Secure RPC and we are NIS master 564 # 565 case ${rpc_ypupdated_enable} in 566 [Yy][Ee][Ss]) 567 echo -n ' rpc.ypupdated'; rpc.ypupdated 568 ;; 569 esac 570 571 # Start ATM daemons 572 if [ -n "${atm_pass2_done}" ]; then 573 atm_pass3 574 fi 575 576 echo '.' 577 network_pass2_done=YES 578} 579 580network_pass3() { 581 echo -n 'Starting final network daemons:' 582 583 case ${nfs_server_enable} in 584 [Yy][Ee][Ss]) 585 if [ -r /etc/exports ]; then 586 echo -n ' mountd' 587 588 case ${weak_mountd_authentication} in 589 [Yy][Ee][Ss]) 590 mountd_flags="${mountd_flags} -n" 591 ;; 592 esac 593 594 mountd ${mountd_flags} 595 596 case ${nfs_reserved_port_only} in 597 [Yy][Ee][Ss]) 598 echo -n ' NFS on reserved port only=YES' 599 sysctl -w vfs.nfs.nfs_privport=1 >/dev/null 600 ;; 601 esac 602 603 echo -n ' nfsd'; nfsd ${nfs_server_flags} 604 605 if [ -n "${nfs_bufpackets}" ]; then 606 sysctl -w vfs.nfs.bufpackets=${nfs_bufpackets} \ 607 > /dev/null 608 fi 609 610 case ${rpc_lockd_enable} in 611 [Yy][Ee][Ss]) 612 echo -n ' rpc.lockd'; rpc.lockd 613 ;; 614 esac 615 616 case ${rpc_statd_enable} in 617 [Yy][Ee][Ss]) 618 echo -n ' rpc.statd'; rpc.statd 619 ;; 620 esac 621 fi 622 ;; 623 *) 624 case ${single_mountd_enable} in 625 [Yy][Ee][Ss]) 626 if [ -r /etc/exports ]; then 627 echo -n ' mountd' 628 629 case ${weak_mountd_authentication} in 630 [Yy][Ee][Ss]) 631 mountd_flags="-n" 632 ;; 633 esac 634 635 mountd ${mountd_flags} 636 fi 637 ;; 638 esac 639 ;; 640 esac 641 642 case ${nfs_client_enable} in 643 [Yy][Ee][Ss]) 644 echo -n ' nfsiod'; nfsiod ${nfs_client_flags} 645 if [ -n "${nfs_access_cache}" ]; then 646 echo -n " NFS access cache time=${nfs_access_cache}" 647 sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ 648 >/dev/null 649 fi 650 ;; 651 esac 652 653 # If /var/db/mounttab exists, some nfs-server has not been 654 # sucessfully notified about a previous client shutdown. 655 # If there is no /var/db/mounttab, we do nothing. 656 if [ -f /var/db/mounttab ]; then 657 rpc.umntall -k 658 fi 659 660 case ${amd_enable} in 661 [Yy][Ee][Ss]) 662 echo -n ' amd' 663 case ${amd_map_program} in 664 [Nn][Oo] | '') 665 ;; 666 *) 667 amd_flags="${amd_flags} `eval ${amd_map_program}`" 668 ;; 669 esac 670 671 if [ -n "${amd_flags}" ]; then 672 amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null 673 else 674 amd 2> /dev/null 675 fi 676 ;; 677 esac 678 679 case ${rwhod_enable} in 680 [Yy][Ee][Ss]) 681 echo -n ' rwhod'; rwhod ${rwhod_flags} 682 ;; 683 esac 684 685 # Kerberos runs ONLY on the Kerberos server machine 686 case ${kerberos_server_enable} in 687 [Yy][Ee][Ss]) 688 case ${kerberos_stash} in 689 [Yy][Ee][Ss]) 690 stash_flag=-n 691 ;; 692 *) 693 stash_flag= 694 ;; 695 esac 696 697 echo -n ' kerberos' 698 kerberos ${stash_flag} >> /var/log/kerberos.log & 699 700 case ${kadmind_server_enable} in 701 [Yy][Ee][Ss]) 702 echo -n ' kadmind' 703 (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & 704 ;; 705 esac 706 unset stash_flag 707 ;; 708 esac 709 710 case ${pppoed_enable} in 711 [Yy][Ee][Ss]) 712 if [ -n "${pppoed_provider}" ]; then 713 pppoed_flags="${pppoed_flags} -p ${pppoed_provider}" 714 fi 715 echo -n ' pppoed'; 716 /usr/libexec/pppoed ${pppoed_flags} ${pppoed_interface} 717 ;; 718 esac 719 720 case ${sshd_enable} in 721 [Yy][Ee][Ss]) 722 if [ ! -f /etc/ssh/ssh_host_key ]; then 723 echo ' creating ssh RSA host key'; 724 /usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key 725 fi 726 if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then 727 echo ' creating ssh DSA host key'; 728 /usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key 729 fi 730 ;; 731 esac 732 733 echo '.' 734 network_pass3_done=YES 735} 736 737network_pass4() { 738 echo -n 'Additional TCP options:' 739 case ${log_in_vain} in 740 [Nn][Oo] | '') 741 ;; 742 *) 743 echo -n ' log_in_vain=YES' 744 sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null 745 sysctl -w net.inet.udp.log_in_vain=1 >/dev/null 746 ;; 747 esac 748 749 echo '.' 750 network_pass4_done=YES 751} 752 753convert_host_conf() { 754 host_conf=$1; shift; 755 nsswitch_conf=$1; shift; 756 awk ' \ 757 /^[:blank:]*#/ { next } \ 758 /(hosts|local|file)/ { nsswitch[c] = "files"; c++; next } \ 759 /(dns|bind)/ { nsswitch[c] = "dns"; c++; next } \ 760 /nis/ { nsswitch[c] = "nis"; c++; next } \ 761 { printf "Warning: unrecognized line [%s]", $0 > "/dev/stderr" } \ 762 END { \ 763 printf "hosts: "; \ 764 for (i in nsswitch) printf "%s ", nsswitch[i]; \ 765 printf "\n"; \ 766 }' < $host_conf > $nsswitch_conf 767} 768 769