hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-12-30 15:38:06 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
a62f34e3c4
HardenedBSD/etc/network.subr

226 lines
4.6 KiB
Plaintext
Raw Normal View History

Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
#!/bin/sh -x
Add copyright notices. Other systems have been barrowing our /etc files w/o giving any credit.
2000-10-08 21:20:36 +02:00
#
$Id$ -> $FreeBSD$
1999-08-28 01:37:10 +02:00
# $FreeBSD$
Add copyright notices. Other systems have been barrowing our /etc files w/o giving any credit.
2000-10-08 21:20:36 +02:00
#
Bring in rc file changes from -current.
1997-04-27 05:59:19 +02:00
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
# PROVIDE: network1
# REQUIRE: atm1 ipfilter mountcritlocal pccard serial sppp sysctl tty
# KEYWORD: FreeBSD
Bring in rc file changes from -current.
1997-04-27 05:59:19 +02:00
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
. /etc/rc.subr
name="network1"
start_cmd="network_start"
stop_cmd="network_stop"
convert_host_conf()
{
host_conf=$1; shift;
nsswitch_conf=$1; shift;
awk ' \
/^[:blank:]*#/ { next } \
/(hosts|local|file)/ { nsswitch[c] = "files"; c++; next } \
/(dns|bind)/ { nsswitch[c] = "dns"; c++; next } \
/nis/ { nsswitch[c] = "nis"; c++; next } \
{ printf "Warning: unrecognized line [%s]", $0 > "/dev/stderr" } \
END { \
printf "hosts: "; \
for (i in nsswitch) printf "%s ", nsswitch[i]; \
printf "\n"; \
}' < $host_conf > $nsswitch_conf
}
generate_host_conf()
{
nsswitch_conf=$1; shift;
host_conf=$1; shift;
awk '
BEGIN {
xlat["files"] = "hosts";
xlat["dns"] = "bind";
xlat["nis"] = "nis";
cont = 0;
}
sub(/^[\t ]*hosts:/, "") || cont {
if (!cont)
srcs = ""
sub(/#.*/, "")
gsub(/[][]/, " & ")
cont = sub(/\\$/, "")
srcs = srcs " " $0
}
END {
print "# Auto-generated from nsswitch.conf, do not edit"
ns = split(srcs, s)
for (n = 1; n <= ns; ++n) {
if (s[n] in xlat)
print xlat[s[n]]
}
}
' <$nsswitch_conf >$host_conf
}
Cleanup some pollution from the NetBSD sync, and add gif setup. Submitted by: Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:19 +02:00
network_gif_setup() {
case ${gif_interfaces} in
[Nn][Oo] | '')
;;
*)
for i in ${gif_interfaces}; do
eval peers=\$gifconfig_$i
case ${peers} in
'')
continue
;;
*)
ifconfig $i create >/dev/null 2>&1
ifconfig $i tunnel ${peers}
;;
esac
done
;;
esac
}
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
network_start()
{
# set hostname, turn on network
#
echo -n "Doing initial network setup:"
Reviewed by: msmith, alex Cosmetic changes to the loading of firewall rules and lkm.
1997-09-11 12:59:02 +02:00
Modify the way host.conf and nsswitch.conf are treated at boot time: - if nsswitch.conf exists, host.conf is auto-generated for compatibility with legacy applications and libraries. - if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto- generated as usual.
2001-11-01 13:39:01 +01:00
# Generate host.conf for compatibility
#
if [ -f "/etc/nsswitch.conf" ]; then
Update the nsswitch.conf -> host.conf generator to handle criteria, continuation lines, extra whitespace, and to use the last matching line in the file. This syncs the host.conf generation with how the nsswitch.conf is parsed. Only print " host.conf" instead of a multi-line message, since this happens on every boot.
2001-11-07 01:33:56 +01:00
echo -n ' host.conf'
Modify the way host.conf and nsswitch.conf are treated at boot time: - if nsswitch.conf exists, host.conf is auto-generated for compatibility with legacy applications and libraries. - if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto- generated as usual.
2001-11-01 13:39:01 +01:00
generate_host_conf /etc/nsswitch.conf /etc/host.conf
fi
Add nsswitch support. By creating an /etc/nsswitch.conf file, you can configure FreeBSD so that various databases such as passwd and group can be looked up using flat files, NIS, or Hesiod. = Hesiod has been added to libc (see hesiod(3)). = A library routine for parsing nsswitch.conf and invoking callback functions as specified has been added to libc (see nsdispatch(3)). = The following C library functions have been modified to use nsdispatch: . getgrent, getgrnam, getgrgid . getpwent, getpwnam, getpwuid . getusershell . getaddrinfo . gethostbyname, gethostbyname2, gethostbyaddr . getnetbyname, getnetbyaddr . getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr = host.conf has been removed from src/etc. rc.network has been modified to warn that host.conf is no longer used at boot time. In addition, if there is a host.conf but no nsswitch.conf, the latter is created at boot time from the former. Obtained from: NetBSD
2000-09-06 20:16:48 +02:00
# Convert host.conf to nsswitch.conf if necessary
Modify the way host.conf and nsswitch.conf are treated at boot time: - if nsswitch.conf exists, host.conf is auto-generated for compatibility with legacy applications and libraries. - if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto- generated as usual.
2001-11-01 13:39:01 +01:00
#
if [ -f "/etc/host.conf" -a ! -f "/etc/nsswitch.conf" ]; then
Apply a more consistent style to the echo statements in /etc/ scripts. * Put quotes around each line * Single quotes for lines with no variable interpolation * Double quotes if there is * Capitalize each word that begins a line * Make echo -n 'Doing foo:' ... echo '.' more of a standard No functionality changes
2000-12-17 09:16:06 +01:00
echo ''
echo 'Warning: /etc/host.conf is no longer used'
Modify the way host.conf and nsswitch.conf are treated at boot time: - if nsswitch.conf exists, host.conf is auto-generated for compatibility with legacy applications and libraries. - if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto- generated as usual.
2001-11-01 13:39:01 +01:00
echo ' /etc/nsswitch.conf will be created for you'
convert_host_conf /etc/host.conf /etc/nsswitch.conf
Add nsswitch support. By creating an /etc/nsswitch.conf file, you can configure FreeBSD so that various databases such as passwd and group can be looked up using flat files, NIS, or Hesiod. = Hesiod has been added to libc (see hesiod(3)). = A library routine for parsing nsswitch.conf and invoking callback functions as specified has been added to libc (see nsdispatch(3)). = The following C library functions have been modified to use nsdispatch: . getgrent, getgrnam, getgrgid . getpwent, getpwnam, getpwuid . getusershell . getaddrinfo . gethostbyname, gethostbyname2, gethostbyaddr . getnetbyname, getnetbyaddr . getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr = host.conf has been removed from src/etc. rc.network has been modified to warn that host.conf is no longer used at boot time. In addition, if there is a host.conf but no nsswitch.conf, the latter is created at boot time from the former. Obtained from: NetBSD
2000-09-06 20:16:48 +02:00
fi
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
Allow the user to specify a different firewall script than /etc/rc.firewall.
1999-04-10 12:56:58 +02:00
fi
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
# Set the domainname if we're using NIS
#
Make nisdomainname=NO DTRT Submitted by: des, via Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:20 +02:00
case ${nisdomainname} in
[Nn][Oo]|'')
;;
*)
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
domainname ${nisdomainname}
echo -n ' domain'
Make nisdomainname=NO DTRT Submitted by: des, via Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:20 +02:00
;;
esac
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
Cleanup some pollution from the NetBSD sync, and add gif setup. Submitted by: Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:19 +02:00
echo '.'
Add a new rc.conf variable, cloned_interfaces, to create cloned interfaces at boot.
2001-09-19 23:27:27 +02:00
# Attempt to create cloned interfaces.
for ifn in ${cloned_interfaces}; do
ifconfig ${ifn} create
done
Cleanup some pollution from the NetBSD sync, and add gif setup. Submitted by: Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:19 +02:00
# gifconfig
network_gif_setup
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
Add a new rc.conf variable, cloned_interfaces, to create cloned interfaces at boot.
2001-09-19 23:27:27 +02:00
*)
network_interfaces="${network_interfaces} ${cloned_interfaces}"
;;
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
esac
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
dhcp_interfaces=""
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
for ifn in ${network_interfaces}; do
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
eval showstat_$ifn=1
Move natd from network_pass3 to network_pass1
1999-03-24 11:28:49 +01:00
fi
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
# DHCP inits are done all in one go below
dhcp_interfaces="$dhcp_interfaces $ifn"
eval showstat_$ifn=1
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
;;
*)
ifconfig ${ifn} ${ifconfig_args}
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
eval showstat_$ifn=1
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
;;
esac
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
done
if [ ! -z "${dhcp_interfaces}" ]; then
Fix a typo that caused dhclient not to work. Submitted by: Dennis Kristensen <snicki@snicki.dk> Reviewed by: Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:18 +02:00
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${dhcp_interfaces}
fi
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
for ifn in ${network_interfaces}; do
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
eval showstat_$ifn=1
Avoid unnecessary calls to expr(1) by using standard shell arithmetic expansion instead.
2001-11-14 07:35:43 +01:00
alias=$((${alias} + 1))
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
eval showstat_$ifn=1
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
fi
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
done
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
Correct comment Submitted by: Mike Makonnen <makonnen@pacbell.net>
2002-08-09 19:33:07 +02:00
# Display ifconfiged interfaces
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
for ifn in ${network_interfaces}; do
eval showstat=\$showstat_${ifn}
if [ ! -z ${showstat} ]; then
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
ifconfig ${ifn}
Suport multiple ``ifconfig_*?="DHCP"'' configurations. Currently we have a problem in that `dhclient' bails when configuring the second interface as port 68 is already in use (by the `dhclient' started for the first interface). PR: 14810 Submitted by: n_hibma
1999-12-12 02:58:30 +01:00
fi
Apply a consistent style to most of the etc scripts. Particularly, use case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
1999-09-13 17:44:20 +02:00
done
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
# Resync ipfilter
/etc/rc.d/ipfilter resync
Bring in rc file changes from -current.
1997-04-27 05:59:19 +02:00
}
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
network_stop()
{
Cleanup some pollution from the NetBSD sync, and add gif setup. Submitted by: Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:19 +02:00
echo -n "Stopping network:"
Move gif_interfaces from an IP6 option to a regular IP option. PR: 26543 Submitted by: Brooks Davis <brooks@one-eyed-alien.net> MFC after: 3 weeks
2001-06-03 14:26:56 +02:00
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
# flush routes
#
Cleanup some pollution from the NetBSD sync, and add gif setup. Submitted by: Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:19 +02:00
echo -n " flush routes"
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
route -n flush
Add nsswitch support. By creating an /etc/nsswitch.conf file, you can configure FreeBSD so that various databases such as passwd and group can be looked up using flat files, NIS, or Hesiod. = Hesiod has been added to libc (see hesiod(3)). = A library routine for parsing nsswitch.conf and invoking callback functions as specified has been added to libc (see nsdispatch(3)). = The following C library functions have been modified to use nsdispatch: . getgrent, getgrnam, getgrgid . getpwent, getpwnam, getpwuid . getusershell . getaddrinfo . gethostbyname, gethostbyname2, gethostbyaddr . getnetbyname, getnetbyaddr . getipnodebyname, getipnodebyaddr, getnodebyname, getnodebyaddr = host.conf has been removed from src/etc. rc.network has been modified to warn that host.conf is no longer used at boot time. In addition, if there is a host.conf but no nsswitch.conf, the latter is created at boot time from the former. Obtained from: NetBSD
2000-09-06 20:16:48 +02:00
Cleanup some pollution from the NetBSD sync, and add gif setup. Submitted by: Mike Makonnen <makonnen@pacbell.net>
2002-07-18 07:00:19 +02:00
echo '.'
Modify the way host.conf and nsswitch.conf are treated at boot time: - if nsswitch.conf exists, host.conf is auto-generated for compatibility with legacy applications and libraries. - if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto- generated as usual.
2001-11-01 13:39:01 +01:00
}
Merge in all the changes that Mike Makonnen has been maintaining for a while. This is only the script pieces, the glue for the build comes next. Submitted by: Mike Makonnen <makonnen@pacbell.net> Reviewed by: silence on -current and -hackers Prodded by: rwatson
2002-07-18 07:00:17 +02:00
load_rc_config $name
run_rc_command "$1"
Reference in New Issue Copy Permalink