parent
635225ca84
commit
252ba33d3c
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=35267
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh -
|
#!/bin/sh -
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.network,v 1.21 1998/04/12 09:47:43 markm Exp $
|
||||||
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
||||||
|
|
||||||
# Note that almost all the user-configurable behavior is no longer in
|
# Note that almost all the user-configurable behavior is no longer in
|
||||||
@ -265,6 +265,14 @@ network_pass3() {
|
|||||||
if [ "X${mrouted_enable}" = X"YES" ]; then
|
if [ "X${mrouted_enable}" = X"YES" ]; then
|
||||||
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Network Address Translation daemon
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
if [ -a "X${firewall_enable}" = X"YES" ]; then
|
||||||
|
echo -n ' natd'; natd ${natd_flags} -n ${natd_interface}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo '.'
|
echo '.'
|
||||||
network_pass3_done=YES
|
network_pass3_done=YES
|
||||||
}
|
}
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
#
|
#
|
||||||
# All arguments must be in double or single quotes.
|
# All arguments must be in double or single quotes.
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.conf,v 1.44 1998/04/12 09:47:41 markm Exp $
|
||||||
|
|
||||||
##############################################################
|
##############################################################
|
||||||
### Important initial Boot-time options #####################
|
### Important initial Boot-time options #####################
|
||||||
@ -31,6 +31,9 @@ nisdomainname="NO" # Set to NIS domain if using NIS (or NO).
|
|||||||
firewall_enable="NO" # Set to YES to enable firewall functionality
|
firewall_enable="NO" # Set to YES to enable firewall functionality
|
||||||
firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall)
|
firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall)
|
||||||
firewall_quiet="NO" # Set to YES to suppress rule display
|
firewall_quiet="NO" # Set to YES to suppress rule display
|
||||||
|
natd_enable="NO" # Enable natd (if firewall_enable == YES).
|
||||||
|
natd_interface="fxp0" # Public interface to use with natd.
|
||||||
|
natd_flags="" # Additional flags for natd.
|
||||||
tcp_extensions="YES" # Allow RFC1323 & RFC1644 extensions (or NO).
|
tcp_extensions="YES" # Allow RFC1323 & RFC1644 extensions (or NO).
|
||||||
network_interfaces="lo0" # List of network interfaces (lo0 is loopback).
|
network_interfaces="lo0" # List of network interfaces (lo0 is loopback).
|
||||||
ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration.
|
ifconfig_lo0="inet 127.0.0.1" # default loopback device configuration.
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh -
|
#!/bin/sh -
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.network,v 1.21 1998/04/12 09:47:43 markm Exp $
|
||||||
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
||||||
|
|
||||||
# Note that almost all the user-configurable behavior is no longer in
|
# Note that almost all the user-configurable behavior is no longer in
|
||||||
@ -265,6 +265,14 @@ network_pass3() {
|
|||||||
if [ "X${mrouted_enable}" = X"YES" ]; then
|
if [ "X${mrouted_enable}" = X"YES" ]; then
|
||||||
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Network Address Translation daemon
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
if [ -a "X${firewall_enable}" = X"YES" ]; then
|
||||||
|
echo -n ' natd'; natd ${natd_flags} -n ${natd_interface}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo '.'
|
echo '.'
|
||||||
network_pass3_done=YES
|
network_pass3_done=YES
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh -
|
#!/bin/sh -
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.network,v 1.21 1998/04/12 09:47:43 markm Exp $
|
||||||
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
||||||
|
|
||||||
# Note that almost all the user-configurable behavior is no longer in
|
# Note that almost all the user-configurable behavior is no longer in
|
||||||
@ -265,6 +265,14 @@ network_pass3() {
|
|||||||
if [ "X${mrouted_enable}" = X"YES" ]; then
|
if [ "X${mrouted_enable}" = X"YES" ]; then
|
||||||
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Network Address Translation daemon
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
if [ -a "X${firewall_enable}" = X"YES" ]; then
|
||||||
|
echo -n ' natd'; natd ${natd_flags} -n ${natd_interface}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo '.'
|
echo '.'
|
||||||
network_pass3_done=YES
|
network_pass3_done=YES
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh -
|
#!/bin/sh -
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.network,v 1.21 1998/04/12 09:47:43 markm Exp $
|
||||||
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
||||||
|
|
||||||
# Note that almost all the user-configurable behavior is no longer in
|
# Note that almost all the user-configurable behavior is no longer in
|
||||||
@ -265,6 +265,14 @@ network_pass3() {
|
|||||||
if [ "X${mrouted_enable}" = X"YES" ]; then
|
if [ "X${mrouted_enable}" = X"YES" ]; then
|
||||||
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Network Address Translation daemon
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
if [ -a "X${firewall_enable}" = X"YES" ]; then
|
||||||
|
echo -n ' natd'; natd ${natd_flags} -n ${natd_interface}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo '.'
|
echo '.'
|
||||||
network_pass3_done=YES
|
network_pass3_done=YES
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh -
|
#!/bin/sh -
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.network,v 1.21 1998/04/12 09:47:43 markm Exp $
|
||||||
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
||||||
|
|
||||||
# Note that almost all the user-configurable behavior is no longer in
|
# Note that almost all the user-configurable behavior is no longer in
|
||||||
@ -265,6 +265,14 @@ network_pass3() {
|
|||||||
if [ "X${mrouted_enable}" = X"YES" ]; then
|
if [ "X${mrouted_enable}" = X"YES" ]; then
|
||||||
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Network Address Translation daemon
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
if [ -a "X${firewall_enable}" = X"YES" ]; then
|
||||||
|
echo -n ' natd'; natd ${natd_flags} -n ${natd_interface}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo '.'
|
echo '.'
|
||||||
network_pass3_done=YES
|
network_pass3_done=YES
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh -
|
#!/bin/sh -
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.network,v 1.21 1998/04/12 09:47:43 markm Exp $
|
||||||
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
||||||
|
|
||||||
# Note that almost all the user-configurable behavior is no longer in
|
# Note that almost all the user-configurable behavior is no longer in
|
||||||
@ -265,6 +265,14 @@ network_pass3() {
|
|||||||
if [ "X${mrouted_enable}" = X"YES" ]; then
|
if [ "X${mrouted_enable}" = X"YES" ]; then
|
||||||
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Network Address Translation daemon
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
if [ -a "X${firewall_enable}" = X"YES" ]; then
|
||||||
|
echo -n ' natd'; natd ${natd_flags} -n ${natd_interface}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo '.'
|
echo '.'
|
||||||
network_pass3_done=YES
|
network_pass3_done=YES
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
############
|
############
|
||||||
# Setup system for firewall service.
|
# Setup system for firewall service.
|
||||||
# $Id: rc.firewall,v 1.16 1998/02/10 01:45:47 adam Exp $
|
# $Id: rc.firewall,v 1.17 1998/04/15 16:41:14 phk Exp $
|
||||||
|
|
||||||
if [ -f /etc/rc.conf ]; then
|
if [ -f /etc/rc.conf ]; then
|
||||||
. /etc/rc.conf
|
. /etc/rc.conf
|
||||||
@ -57,6 +57,15 @@ fi
|
|||||||
# Flush out the list before we begin.
|
# Flush out the list before we begin.
|
||||||
$fwcmd -f flush
|
$fwcmd -f flush
|
||||||
|
|
||||||
|
############
|
||||||
|
# These rules are required for using natd. All packets are passed to
|
||||||
|
# natd before they encounter your remaining rules. The firewall rules
|
||||||
|
# will then be run again on each packet after translation by natd,
|
||||||
|
# minus any divert rules (see natd(8)).
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
$fwcmd add divert natd all from any to any via ${natd_interface}
|
||||||
|
fi
|
||||||
|
|
||||||
############
|
############
|
||||||
# If you just configured ipfw in the kernel as a tool to solve network
|
# If you just configured ipfw in the kernel as a tool to solve network
|
||||||
# problems or you just want to disallow some particular kinds of traffic
|
# problems or you just want to disallow some particular kinds of traffic
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
#!/bin/sh -
|
#!/bin/sh -
|
||||||
#
|
#
|
||||||
# $Id$
|
# $Id: rc.network,v 1.21 1998/04/12 09:47:43 markm Exp $
|
||||||
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
|
||||||
|
|
||||||
# Note that almost all the user-configurable behavior is no longer in
|
# Note that almost all the user-configurable behavior is no longer in
|
||||||
@ -265,6 +265,14 @@ network_pass3() {
|
|||||||
if [ "X${mrouted_enable}" = X"YES" ]; then
|
if [ "X${mrouted_enable}" = X"YES" ]; then
|
||||||
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
echo -n ' mrouted'; mrouted ${mrouted_flags}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Network Address Translation daemon
|
||||||
|
if [ "X${natd_enable}" = X"YES" -a "X${natd_interface}" != X"" ]; then
|
||||||
|
if [ -a "X${firewall_enable}" = X"YES" ]; then
|
||||||
|
echo -n ' natd'; natd ${natd_flags} -n ${natd_interface}
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
echo '.'
|
echo '.'
|
||||||
network_pass3_done=YES
|
network_pass3_done=YES
|
||||||
}
|
}
|
||||||
|
@ -9,7 +9,7 @@
|
|||||||
# Kerberos services are for Kerberos v4, and are unofficial. Sites running
|
# Kerberos services are for Kerberos v4, and are unofficial. Sites running
|
||||||
# v5 should uncomment v5 entries and comment v4 entries.
|
# v5 should uncomment v5 entries and comment v4 entries.
|
||||||
#
|
#
|
||||||
# $Id: services,v 1.44 1998/03/09 02:56:21 steve Exp $
|
# $Id: services,v 1.45 1998/03/17 02:09:49 jseger Exp $
|
||||||
# From: @(#)services 5.8 (Berkeley) 5/9/91
|
# From: @(#)services 5.8 (Berkeley) 5/9/91
|
||||||
#
|
#
|
||||||
# WELL KNOWN PORT NUMBERS
|
# WELL KNOWN PORT NUMBERS
|
||||||
@ -1652,6 +1652,7 @@ ricardo-lm 6148/tcp #Ricardo North America License Manager
|
|||||||
ricardo-lm 6148/udp #Ricardo North America License Manager
|
ricardo-lm 6148/udp #Ricardo North America License Manager
|
||||||
xdsxdm 6558/tcp
|
xdsxdm 6558/tcp
|
||||||
xdsxdm 6558/udp
|
xdsxdm 6558/udp
|
||||||
|
natd 6668/divert # Network Address Translation
|
||||||
acmsoda 6969/tcp
|
acmsoda 6969/tcp
|
||||||
acmsoda 6969/udp
|
acmsoda 6969/udp
|
||||||
afs3-fileserver 7000/tcp #file server itself
|
afs3-fileserver 7000/tcp #file server itself
|
||||||
|
@ -22,7 +22,7 @@
|
|||||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||||
.\" SUCH DAMAGE.
|
.\" SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $Id: rc.conf.5,v 1.15 1998/03/09 08:50:59 jkh Exp $
|
.\" $Id: rc.conf.5,v 1.16 1998/03/12 07:30:49 charnier Exp $
|
||||||
.\"
|
.\"
|
||||||
.Dd April 26, 1997
|
.Dd April 26, 1997
|
||||||
.Dt RC.CONF 5
|
.Dt RC.CONF 5
|
||||||
@ -121,6 +121,28 @@ must be given.
|
|||||||
(bool) Set to
|
(bool) Set to
|
||||||
.Ar YES
|
.Ar YES
|
||||||
to disable the display of ipfw rules on the console during boot.
|
to disable the display of ipfw rules on the console during boot.
|
||||||
|
.It Ar natd_enable
|
||||||
|
(bool) Set to
|
||||||
|
.Ar YES
|
||||||
|
to enable natd.
|
||||||
|
.Ar Firewall_enable
|
||||||
|
must also be set to
|
||||||
|
.Ar YES ,
|
||||||
|
and
|
||||||
|
.Xr divert 4
|
||||||
|
sockets must be enabled in your kernel.
|
||||||
|
.It Ar natd_interface
|
||||||
|
This is the name of the public interface on which natd should run. It
|
||||||
|
is mandatory if
|
||||||
|
.Ar natd_enable
|
||||||
|
is set to
|
||||||
|
.Ar YES .
|
||||||
|
.It Ar natd_flags
|
||||||
|
Additional natd flags should be placed here. The
|
||||||
|
.Fl n
|
||||||
|
flag is automatically added with the above
|
||||||
|
.Ar natd_interface
|
||||||
|
as an argument.
|
||||||
.It Ar tcp_extensions
|
.It Ar tcp_extensions
|
||||||
(bool) Set to
|
(bool) Set to
|
||||||
.Ar YES
|
.Ar YES
|
||||||
|
Loading…
Reference in New Issue
Block a user