d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Apply a consistent style to most of the etc scripts. Particularly, use

Browse Source 
case instead of test where appropriate, since case allows case is a sh
builtin and (as a side-effect) allows case-insensitivity.

Changes discussed on freebsd-hackers.

Submitted by:	Doug Barton <Doug@gorean.org>
This commit is contained in:
Sheldon Hearn 1999-09-13 15:44:20 +00:00
parent 4a086b52ca
commit 321704296f
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=51231
44 changed files with 5786 additions and 4056 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
etc/MAKEDEV
View File

@ -277,7 +277,7 @@ jail)
ln -sf null kmem # --//--
ln -sf null drum # --//--
;;
mach-4)
mknod iopl c 22 0
mknod kbd c 23 0
@ -290,7 +290,7 @@ mach-4)
wt*)
umask $tape_umask
u=`expr $i : '..\(.*\)'`
if [ x$u = x ]; then u=0; fi
if [ -z "${u}" ]; then u=0; fi
mknod rwt${u} c 10 `expr 0 + $u` # default density, 512b blocks
mknod nrwt${u} c 10 `expr 4 + $u`
# mknod rWt${u} c 10 `expr 64 + $u` # default density, 1024b blocks
@ -529,7 +529,7 @@ ccd*)
[0-9]|[0-9][0-9]|[0-4][0-9][0-9]|50[0-9]|51[0-1])
for part in 0 1 2 3 4 5 6 7
do
minor=`dkminor 0 $unit 0 $part`
minor=`dkminor 0 $unit 0 $part`
partname=`dkitop $part`
mknod $name$unit$partname b $blk $minor
mknod r$name$unit$partname c $chr $minor
@ -552,7 +552,7 @@ pt[0-9]*)
chr=61
name=pt
unit=`expr $i : 'pt\([0-9][0-9]*\)'`
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=0
fi
unit=`expr $unit + 1 - 1`
@ -564,7 +564,7 @@ targ[0-9]*)
chr=65
name=targ
unit=`expr $i : 'targ\([0-9][0-9]*\)'`
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=0
fi
unit=`expr $unit + 1 - 1`
@ -579,7 +579,7 @@ xpt*)
chr=104
name=xpt
units=`expr $i : 'xpt\(.*\)'`
if [ "X${units}" = "X" ]; then
if [ -z "${units}" ]; then
units=1
fi
eval `echo ${chr} ${units} ${name} |awk \
@ -597,7 +597,7 @@ pass*|uk*)
chr=31
name=pass
units=`expr $i : 'pass\(.*\)'`
if [ "X${units}" = "X" ]; then
if [ -z "${units}" ]; then
units=1
fi
eval `echo ${chr} ${units} ${name} |awk \
@ -710,7 +710,7 @@ acd*|cd*|mcd*|scd*)
mcd*) units=`expr $i : '...\(.*\)'`; name=mcd; blk=7; chr=29;;
scd*) units=`expr $i : '...\(.*\)'`; name=scd; blk=16; chr=45;;
esac
if [ "X${units}" = "X" -o ${units} -le 0 ]; then
if [ -z "${units}" -o ${units} -le 0 ]; then
units=1
fi
if [ "${units}" -le 31 ]; then
@ -729,7 +729,6 @@ acd*|cd*|mcd*|scd*)
name, i, c, (i * 8),
name, i, c, (i * 8) + 2,
name, i, name, i); }}'`
else
echo "$i is invalid -- can't have more than 32 cd devices"
fi
@ -837,14 +836,14 @@ ulpt*)
ugen*)
unit=`expr $i : 'ugen\([0-9][0-9]*\)'`
endpoint=`expr $i : 'ugen.*\.\([0-9][0-9]*\)'`
if [ "x$unit" = "x" ]; then
echo $i - Invalid unit number
if [ -z "${unit}" ]; then
echo $i - Invalid unit number
fi
if [ "x$endpoint" = "x" ]; then
minor=`expr $unit \* 16`
if [ -z "${endpoint}" ]; then
minor=`expr $unit \* 16`
mknod ugen$unit c 114 $minor
else
minor=`expr $unit \* 16 + $endpoint`
minor=`expr $unit \* 16 + $endpoint`
mknod ugen$unit.$endpoint c 114 $minor
fi
;;
@ -966,7 +965,7 @@ ttyA*)
port=1
while [ $port -le $nports ]; do
minor=`expr $port - 1`
name=`expr $port + 1000 | cut -c 3-4`
name=`expr $port + 1000 | cut -c 3-4`
mknod ttyA$name c $major $minor
mknod ttyiA$name c $major `expr $minor + 65536`
mknod ttylA$name c $major `expr $minor + 131072`
@ -983,7 +982,7 @@ cuaA*)
port=1
while [ $port -le $nports ]; do
minor=`expr $port - 1`
name=`expr $port + 1000 | cut -c 3-4`
name=`expr $port + 1000 | cut -c 3-4`
mknod cuaA$name c $major `expr $minor + 128`
mknod cuaiA$name c $major `expr $minor + 128 + 65536`
mknod cualA$name c $major `expr $minor + 128 + 131072`
@ -1098,9 +1097,9 @@ ttyR?)
ndevices=`grep ^$i /tmp/rp_list | sed -e 's/.* \([0-9]*\) ports/\1/'`
echo -n "Creating $ndevices devices for $i: "
for dev in `jot $ndevices 0`;do
mknod /dev/ttyR$Rnum c $major $MINOR
mknod /dev/ttyR$Rnum c $major $MINOR
mknod /dev/ttylR$Rnum c $major `expr $MINOR + 32`
mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64`
mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64`
Rnum=`expr $Rnum + 1`
MINOR=`expr $MINOR + 1`
done
@ -1123,7 +1122,7 @@ cuaR?)
for dev in `jot $ndevices 0`;do
mknod /dev/cuaR$Rnum c $major `expr $MINOR + 128`
mknod /dev/cualR$Rnum c $major `expr $MINOR + 128 + 32`
mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64`
mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64`
Rnum=`expr $Rnum + 1`
MINOR=`expr $MINOR + 1`
done
@ -1331,7 +1330,7 @@ labpc*)
die 3 "Don't know LabPC type $i"
;;
esac
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=all
fi
case $unit in

37
etc/etc.alpha/MAKEDEV
View File

@ -280,7 +280,7 @@ mach-4)
wt*)
umask $tape_umask
u=`expr $i : '..\(.*\)'`
if [ x$u = x ]; then u=0; fi
if [ -z "${u}" ]; then u=0; fi
mknod rwt${u} c 10 `expr 0 + $u` # default density, 512b blocks
mknod nrwt${u} c 10 `expr 4 + $u`
# mknod rWt${u} c 10 `expr 64 + $u` # default density, 1024b blocks
@ -517,7 +517,7 @@ ccd*)
[0-9]|[0-9][0-9]|[0-4][0-9][0-9]|50[0-9]|51[0-1])
for part in 0 1 2 3 4 5 6 7
do
minor=`dkminor 0 $unit 0 $part`
minor=`dkminor 0 $unit 0 $part`
partname=`dkitop $part`
mknod $name$unit$partname b $blk $minor
mknod r$name$unit$partname c $chr $minor
@ -540,7 +540,7 @@ pt[0-9]*)
chr=61
name=pt
unit=`expr $i : 'pt\([0-9][0-9]*\)'`
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=0
fi
unit=`expr $unit + 1 - 1`
@ -552,7 +552,7 @@ targ[0-9]*)
chr=65
name=targ
unit=`expr $i : 'targ\([0-9][0-9]*\)'`
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=0
fi
unit=`expr $unit + 1 - 1`
@ -567,7 +567,7 @@ xpt*)
chr=104
name=xpt
units=`expr $i : 'xpt\(.*\)'`
if [ "X${units}" = "X" ]; then
if [ -z "${units}" ]; then
units=1
fi
eval `echo ${chr} ${units} ${name} |awk \
@ -585,7 +585,7 @@ pass*|uk*)
chr=31
name=pass
units=`expr $i : 'pass\(.*\)'`
if [ "X${units}" = "X" ]; then
if [ -z "${units}" ]; then
units=1
fi
eval `echo ${chr} ${units} ${name} |awk \
@ -698,7 +698,7 @@ acd*|cd*|mcd*|scd*)
mcd*) units=`expr $i : '...\(.*\)'`; name=mcd; blk=7; chr=29;;
scd*) units=`expr $i : '...\(.*\)'`; name=scd; blk=16; chr=45;;
esac
if [ "X${units}" = "X" -o ${units} -le 0 ]; then
if [ -z "${units}" -o ${units} -le 0 ]; then
units=1
fi
if [ "${units}" -le 31 ]; then
@ -717,7 +717,6 @@ acd*|cd*|mcd*|scd*)
name, i, c, (i * 8),
name, i, c, (i * 8) + 2,
name, i, name, i); }}'`
else
echo "$i is invalid -- can't have more than 32 cd devices"
fi
@ -825,14 +824,14 @@ ulpt*)
ugen*)
unit=`expr $i : 'ugen\([0-9][0-9]*\)'`
endpoint=`expr $i : 'ugen.*\.\([0-9][0-9]*\)'`
if [ "x$unit" = "x" ]; then
echo $i - Invalid unit number
if [ -z "${unit}" ]; then
echo $i - Invalid unit number
fi
if [ "x$endpoint" = "x" ]; then
minor=`expr $unit \* 16`
if [ -z "${endpoint}" ]; then
minor=`expr $unit \* 16`
mknod ugen$unit c 114 $minor
else
minor=`expr $unit \* 16 + $endpoint`
minor=`expr $unit \* 16 + $endpoint`
mknod ugen$unit.$endpoint c 114 $minor
fi
;;
@ -954,7 +953,7 @@ ttyA*)
port=1
while [ $port -le $nports ]; do
minor=`expr $port - 1`
name=`expr $port + 1000 | cut -c 3-4`
name=`expr $port + 1000 | cut -c 3-4`
mknod ttyA$name c $major $minor
mknod ttyiA$name c $major `expr $minor + 65536`
mknod ttylA$name c $major `expr $minor + 131072`
@ -971,7 +970,7 @@ cuaA*)
port=1
while [ $port -le $nports ]; do
minor=`expr $port - 1`
name=`expr $port + 1000 | cut -c 3-4`
name=`expr $port + 1000 | cut -c 3-4`
mknod cuaA$name c $major `expr $minor + 128`
mknod cuaiA$name c $major `expr $minor + 128 + 65536`
mknod cualA$name c $major `expr $minor + 128 + 131072`
@ -1086,9 +1085,9 @@ ttyR?)
ndevices=`grep ^$i /tmp/rp_list | sed -e 's/.* \([0-9]*\) ports/\1/'`
echo -n "Creating $ndevices devices for $i: "
for dev in `jot $ndevices 0`;do
mknod /dev/ttyR$Rnum c $major $MINOR
mknod /dev/ttyR$Rnum c $major $MINOR
mknod /dev/ttylR$Rnum c $major `expr $MINOR + 32`
mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64`
mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64`
Rnum=`expr $Rnum + 1`
MINOR=`expr $MINOR + 1`
done
@ -1111,7 +1110,7 @@ cuaR?)
for dev in `jot $ndevices 0`;do
mknod /dev/cuaR$Rnum c $major `expr $MINOR + 128`
mknod /dev/cualR$Rnum c $major `expr $MINOR + 128 + 32`
mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64`
mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64`
Rnum=`expr $Rnum + 1`
MINOR=`expr $MINOR + 1`
done
@ -1316,7 +1315,7 @@ labpc*)
die 3 "Don't know LabPC type $i"
;;
esac
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=all
fi
case $unit in

114
etc/etc.alpha/rc.alpha
View File

@ -18,83 +18,141 @@ viddev=/dev/ttyv0
echo -n "rc.alpha configuring syscons:"
# keymap
if [ "${keymap}" != "NO" ]; then
#
case ${keymap} in
[Nn][Oo] | '')
;;
*)
echo -n ' keymap'; kbdcontrol <${kbddev} -l ${keymap}
fi
;;
esac
# keyrate
if [ "${keyrate}" != "NO" ]; then
#
case ${keyrate} in
[Nn][Oo] | '')
;;
*)
echo -n ' keyrate'; kbdcontrol <${kbddev} -r ${keyrate}
fi
;;
esac
# keybell
if [ "${keybell}" != "NO" ]; then
#
case ${keybell} in
[Nn][Oo] | '')
;;
*)
echo -n ' keybell'; kbdcontrol <${kbddev} -b ${keybell}
fi
;;
esac
# change function keys
if [ "${keychange}" != "NO" ]; then
#
case ${keychange} in
[Nn][Oo] | '')
;;
*)
echo -n " keychange"
set - ${keychange}
while [ $# -gt 0 ]
do
while [ $# -gt 0 ]; do
kbdcontrol < ${kbddev} -f "$1" "$2"
shift; shift
done
fi
;;
esac
# cursor type
if [ "${cursor}" != "NO" ]; then
#
case ${cursor} in
[Nn][Oo] | '')
;;
*)
echo -n ' cursor'; vidcontrol < ${viddev} -c ${cursor}
fi
;;
esac
# screen mapping
if [ "${scrnmap}" != "NO" ]; then
#
case ${scrnmap} in
[Nn][Oo] | '')
;;
*)
echo -n ' screen_map'; vidcontrol < ${viddev} -l ${scrnmap}
fi
;;
esac
# font 8x16
if [ "${font8x16}" != "NO" ]; then
#
case ${font8x16} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x16'; vidcontrol < ${viddev} -f 8x16 ${font8x16}
fi
;;
esac
# font 8x14
if [ "${font8x14}" != "NO" ]; then
#
case ${font8x14} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x14'; vidcontrol < ${viddev} -f 8x14 ${font8x14}
fi
;;
esac
# font 8x8
if [ "${font8x8}" != "NO" ]; then
#
case ${font8x8} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x8'; vidcontrol < ${viddev} -f 8x8 ${font8x8}
fi
;;
esac
# blank time
if [ "${blanktime}" != "NO" ]; then
#
case ${blanktime} in
[Nn][Oo] | '')
;;
*)
echo -n ' blank_time'; vidcontrol < ${viddev} -t ${blanktime}
fi
;;
esac
# screen saver
if [ "${saver}" != "NO" ] ; then
#
case ${saver} in
[Nn][Oo] | '')
;;
*)
echo -n ' screensaver'
for i in `kldstat | awk '$5 ~ "^splash_.*$" { print $5 }'`; do
kldunload $i
done
kldstat -v | grep -q _saver || kldload ${saver}_saver
fi
;;
esac
# mouse daemon
if [ "${moused_enable}" = "YES" ] ; then
#
case ${moused_enable} in
[Yy][Ee][Ss])
echo -n ' moused'
moused ${moused_flags} -p ${moused_port} -t ${moused_type}
vidcontrol < ${viddev} -m on
fi
;;
esac
# set this mode for all virtual screens
#
if [ -n "${allscreens_flags}" ] ; then
echo -n ' allscreens'
for ttyv in /dev/ttyv*
do
for ttyv in /dev/ttyv*; do
vidcontrol < ${ttyv} ${allscreens_flags}
done
fi
echo '.'

181
etc/etc.amd64/rc.amd64
View File

@ -5,33 +5,58 @@
#
echo -n 'Initial rc.i386 initialization:'
if [ "${apm_enable}" = "YES" -o "${apmd_enable}" = "YES" ] ; then
case ${apm_enable} in
[Yy][Ee][Ss])
echo -n ' apm'
apmconf -e > /dev/null 2>&1
fi
APMCONF_DONE=yes
;;
esac
case ${apmd_enable} in
[Yy][Ee][Ss])
case ${APMCONF_DONE} in
'')
echo -n ' apm'
apmconf -e > /dev/null 2>&1
;;
esac
if [ "${apmd_enable}" = "YES" ] ; then
echo -n ' apmd'; apmd ${apmd_flags}
fi
;;
esac
# Start the SCO binary emulation if requested.
if [ "${ibcs2_enable}" = "YES" ]; then
echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1
fi
#
case ${ibcs2_enable} in
[Yy][Ee][Ss])
echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1
;;
esac
# Start the Linux binary emulation if requested.
if [ "${linux_enable}" = "YES" ]; then
echo -n ' linux'; linux > /dev/null 2>&1
fi
#
case ${linux_enable} in
[Yy][Ee][Ss])
echo -n ' linux'; linux > /dev/null 2>&1
;;
esac
# Start the SysVR4 binary emulation if requested.
if [ "${svr4_enable}" = "YES" ]; then
echo -n ' svr4'; svr4 > /dev/null 2>&1
fi
#
case ${svr4_enable} in
[Yy][Ee][Ss])
echo -n ' svr4'; svr4 > /dev/null 2>&1
;;
esac
if [ "${xtend_enable}" = "YES" ]; then
case ${xtend_enable} in
[Yy][Ee][Ss])
echo -n ' xtend'; /usr/libexec/xtend
fi
;;
esac
echo '.'
##########################################################################
@ -39,98 +64,162 @@ echo '.'
##########################################################################
# stdin must be redirected because it might be for a serial console
#
kbddev=/dev/ttyv0
viddev=/dev/ttyv0
echo -n "rc.i386 configuring syscons:"
# keymap
if [ "${keymap}" != "NO" ]; then
#
case ${keymap} in
[Nn][Oo] | '')
;;
*)
echo -n ' keymap'; kbdcontrol < ${kbddev} -l ${keymap}
fi
;;
esac
# keyrate
if [ "${keyrate}" != "NO" ]; then
#
case ${keyrate} in
[Nn][Oo] | '')
;;
*)
echo -n ' keyrate'; kbdcontrol < ${kbddev} -r ${keyrate}
fi
;;
esac
# keybell
if [ "${keybell}" != "NO" ]; then
#
case ${keybell} in
[Nn][Oo] | '')
;;
*)
echo -n ' keybell'; kbdcontrol < ${kbddev} -b ${keybell}
fi
;;
esac
# change function keys
if [ "${keychange}" != "NO" ]; then
#
case ${keychange} in
[Nn][Oo] | '')
;;
*)
echo -n " keychange"
set - ${keychange}
while [ $# -gt 0 ]
do
while [ $# -gt 0 ]; do
kbdcontrol <${kbddev} -f "$1" "$2"
shift; shift
done
fi
;;
esac
# cursor type
if [ "${cursor}" != "NO" ]; then
#
case ${cursor} in
[Nn][Oo] | '')
;;
*)
echo -n ' cursor'; vidcontrol < ${viddev} -c ${cursor}
fi
;;
esac
# screen mapping
if [ "${scrnmap}" != "NO" ]; then
#
case ${scrnmap} in
[Nn][Oo] | '')
;;
*)
echo -n ' screen_map'; vidcontrol < ${viddev} -l ${scrnmap}
fi
;;
esac
# font 8x16
if [ "${font8x16}" != "NO" ]; then
#
case ${font8x16} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x16'; vidcontrol < ${viddev} -f 8x16 ${font8x16}
fi
;;
esac
# font 8x14
if [ "${font8x14}" != "NO" ]; then
#
case ${font8x14} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x14'; vidcontrol < ${viddev} -f 8x14 ${font8x14}
fi
;;
esac
# font 8x8
if [ "${font8x8}" != "NO" ]; then
#
case ${font8x8} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x8'; vidcontrol < ${viddev} -f 8x8 ${font8x8}
fi
;;
esac
# blank time
if [ "${blanktime}" != "NO" ]; then
#
case ${blanktime} in
[Nn][Oo] | '')
;;
*)
echo -n ' blank_time'; vidcontrol < ${viddev} -t ${blanktime}
fi
;;
esac
# screen saver
if [ "${saver}" != "NO" ] ; then
#
case ${saver} in
[Nn][Oo] | '')
;;
*)
echo -n ' screensaver'
for i in `kldstat | awk '$5 ~ "^splash_.*$" { print $5 }'`; do
kldunload ${i}
done
kldstat -v | grep -q _saver || kldload ${saver}_saver
fi
;;
esac
# mouse daemon
if [ "${moused_enable}" = "YES" ] ; then
#
case ${moused_enable} in
[Yy][Ee][Ss])
echo -n ' moused'
moused ${moused_flags} -p ${moused_port} -t ${moused_type}
vidcontrol < ${viddev} -m on
fi
;;
esac
# set this mode for all virtual screens
if [ -n "${allscreens_flags}" ] ; then
#
if [ -n "${allscreens_flags}" ]; then
echo -n ' allscreens'
for ttyv in /dev/ttyv*
do
for ttyv in /dev/ttyv*; do
vidcontrol < ${ttyv} ${allscreens_flags}
done
fi
echo '.'
# interrupts for /dev/random device
if [ "${rand_irqs}" != "NO" ] ; then
#
case ${rand_irqs} in
[Nn][Oo] | '')
;;
*)
echo -n 'entropy IRQs:'
for irq in ${rand_irqs}; do
echo -n " ${irq}" && rndcontrol -q -s ${irq}
done
echo '.'
fi
;;
esac

39
etc/etc.i386/MAKEDEV
View File

@ -277,7 +277,7 @@ jail)
ln -sf null kmem # --//--
ln -sf null drum # --//--
;;
mach-4)
mknod iopl c 22 0
mknod kbd c 23 0
@ -290,7 +290,7 @@ mach-4)
wt*)
umask $tape_umask
u=`expr $i : '..\(.*\)'`
if [ x$u = x ]; then u=0; fi
if [ -z "${u}" ]; then u=0; fi
mknod rwt${u} c 10 `expr 0 + $u` # default density, 512b blocks
mknod nrwt${u} c 10 `expr 4 + $u`
# mknod rWt${u} c 10 `expr 64 + $u` # default density, 1024b blocks
@ -529,7 +529,7 @@ ccd*)
[0-9]|[0-9][0-9]|[0-4][0-9][0-9]|50[0-9]|51[0-1])
for part in 0 1 2 3 4 5 6 7
do
minor=`dkminor 0 $unit 0 $part`
minor=`dkminor 0 $unit 0 $part`
partname=`dkitop $part`
mknod $name$unit$partname b $blk $minor
mknod r$name$unit$partname c $chr $minor
@ -552,7 +552,7 @@ pt[0-9]*)
chr=61
name=pt
unit=`expr $i : 'pt\([0-9][0-9]*\)'`
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=0
fi
unit=`expr $unit + 1 - 1`
@ -564,7 +564,7 @@ targ[0-9]*)
chr=65
name=targ
unit=`expr $i : 'targ\([0-9][0-9]*\)'`
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=0
fi
unit=`expr $unit + 1 - 1`
@ -579,7 +579,7 @@ xpt*)
chr=104
name=xpt
units=`expr $i : 'xpt\(.*\)'`
if [ "X${units}" = "X" ]; then
if [ -z "${units}" ]; then
units=1
fi
eval `echo ${chr} ${units} ${name} |awk \
@ -597,7 +597,7 @@ pass*|uk*)
chr=31
name=pass
units=`expr $i : 'pass\(.*\)'`
if [ "X${units}" = "X" ]; then
if [ -z "${units}" ]; then
units=1
fi
eval `echo ${chr} ${units} ${name} |awk \
@ -710,7 +710,7 @@ acd*|cd*|mcd*|scd*)
mcd*) units=`expr $i : '...\(.*\)'`; name=mcd; blk=7; chr=29;;
scd*) units=`expr $i : '...\(.*\)'`; name=scd; blk=16; chr=45;;
esac
if [ "X${units}" = "X" -o ${units} -le 0 ]; then
if [ -z "${units}" -o ${units} -le 0 ]; then
units=1
fi
if [ "${units}" -le 31 ]; then
@ -729,7 +729,6 @@ acd*|cd*|mcd*|scd*)
name, i, c, (i * 8),
name, i, c, (i * 8) + 2,
name, i, name, i); }}'`
else
echo "$i is invalid -- can't have more than 32 cd devices"
fi
@ -837,14 +836,14 @@ ulpt*)
ugen*)
unit=`expr $i : 'ugen\([0-9][0-9]*\)'`
endpoint=`expr $i : 'ugen.*\.\([0-9][0-9]*\)'`
if [ "x$unit" = "x" ]; then
echo $i - Invalid unit number
if [ -z "${unit}" ]; then
echo $i - Invalid unit number
fi
if [ "x$endpoint" = "x" ]; then
minor=`expr $unit \* 16`
if [ -z "${endpoint}" ]; then
minor=`expr $unit \* 16`
mknod ugen$unit c 114 $minor
else
minor=`expr $unit \* 16 + $endpoint`
minor=`expr $unit \* 16 + $endpoint`
mknod ugen$unit.$endpoint c 114 $minor
fi
;;
@ -966,7 +965,7 @@ ttyA*)
port=1
while [ $port -le $nports ]; do
minor=`expr $port - 1`
name=`expr $port + 1000 | cut -c 3-4`
name=`expr $port + 1000 | cut -c 3-4`
mknod ttyA$name c $major $minor
mknod ttyiA$name c $major `expr $minor + 65536`
mknod ttylA$name c $major `expr $minor + 131072`
@ -983,7 +982,7 @@ cuaA*)
port=1
while [ $port -le $nports ]; do
minor=`expr $port - 1`
name=`expr $port + 1000 | cut -c 3-4`
name=`expr $port + 1000 | cut -c 3-4`
mknod cuaA$name c $major `expr $minor + 128`
mknod cuaiA$name c $major `expr $minor + 128 + 65536`
mknod cualA$name c $major `expr $minor + 128 + 131072`
@ -1098,9 +1097,9 @@ ttyR?)
ndevices=`grep ^$i /tmp/rp_list | sed -e 's/.* \([0-9]*\) ports/\1/'`
echo -n "Creating $ndevices devices for $i: "
for dev in `jot $ndevices 0`;do
mknod /dev/ttyR$Rnum c $major $MINOR
mknod /dev/ttyR$Rnum c $major $MINOR
mknod /dev/ttylR$Rnum c $major `expr $MINOR + 32`
mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64`
mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64`
Rnum=`expr $Rnum + 1`
MINOR=`expr $MINOR + 1`
done
@ -1123,7 +1122,7 @@ cuaR?)
for dev in `jot $ndevices 0`;do
mknod /dev/cuaR$Rnum c $major `expr $MINOR + 128`
mknod /dev/cualR$Rnum c $major `expr $MINOR + 128 + 32`
mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64`
mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64`
Rnum=`expr $Rnum + 1`
MINOR=`expr $MINOR + 1`
done
@ -1331,7 +1330,7 @@ labpc*)
die 3 "Don't know LabPC type $i"
;;
esac
if [ "X${unit}" = "X" ]; then
if [ -z "${unit}" ]; then
unit=all
fi
case $unit in

181
etc/etc.i386/rc.i386
View File

@ -5,33 +5,58 @@
#
echo -n 'Initial rc.i386 initialization:'
if [ "${apm_enable}" = "YES" -o "${apmd_enable}" = "YES" ] ; then
case ${apm_enable} in
[Yy][Ee][Ss])
echo -n ' apm'
apmconf -e > /dev/null 2>&1
fi
APMCONF_DONE=yes
;;
esac
case ${apmd_enable} in
[Yy][Ee][Ss])
case ${APMCONF_DONE} in
'')
echo -n ' apm'
apmconf -e > /dev/null 2>&1
;;
esac
if [ "${apmd_enable}" = "YES" ] ; then
echo -n ' apmd'; apmd ${apmd_flags}
fi
;;
esac
# Start the SCO binary emulation if requested.
if [ "${ibcs2_enable}" = "YES" ]; then
echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1
fi
#
case ${ibcs2_enable} in
[Yy][Ee][Ss])
echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1
;;
esac
# Start the Linux binary emulation if requested.
if [ "${linux_enable}" = "YES" ]; then
echo -n ' linux'; linux > /dev/null 2>&1
fi
#
case ${linux_enable} in
[Yy][Ee][Ss])
echo -n ' linux'; linux > /dev/null 2>&1
;;
esac
# Start the SysVR4 binary emulation if requested.
if [ "${svr4_enable}" = "YES" ]; then
echo -n ' svr4'; svr4 > /dev/null 2>&1
fi
#
case ${svr4_enable} in
[Yy][Ee][Ss])
echo -n ' svr4'; svr4 > /dev/null 2>&1
;;
esac
if [ "${xtend_enable}" = "YES" ]; then
case ${xtend_enable} in
[Yy][Ee][Ss])
echo -n ' xtend'; /usr/libexec/xtend
fi
;;
esac
echo '.'
##########################################################################
@ -39,98 +64,162 @@ echo '.'
##########################################################################
# stdin must be redirected because it might be for a serial console
#
kbddev=/dev/ttyv0
viddev=/dev/ttyv0
echo -n "rc.i386 configuring syscons:"
# keymap
if [ "${keymap}" != "NO" ]; then
#
case ${keymap} in
[Nn][Oo] | '')
;;
*)
echo -n ' keymap'; kbdcontrol < ${kbddev} -l ${keymap}
fi
;;
esac
# keyrate
if [ "${keyrate}" != "NO" ]; then
#
case ${keyrate} in
[Nn][Oo] | '')
;;
*)
echo -n ' keyrate'; kbdcontrol < ${kbddev} -r ${keyrate}
fi
;;
esac
# keybell
if [ "${keybell}" != "NO" ]; then
#
case ${keybell} in
[Nn][Oo] | '')
;;
*)
echo -n ' keybell'; kbdcontrol < ${kbddev} -b ${keybell}
fi
;;
esac
# change function keys
if [ "${keychange}" != "NO" ]; then
#
case ${keychange} in
[Nn][Oo] | '')
;;
*)
echo -n " keychange"
set - ${keychange}
while [ $# -gt 0 ]
do
while [ $# -gt 0 ]; do
kbdcontrol <${kbddev} -f "$1" "$2"
shift; shift
done
fi
;;
esac
# cursor type
if [ "${cursor}" != "NO" ]; then
#
case ${cursor} in
[Nn][Oo] | '')
;;
*)
echo -n ' cursor'; vidcontrol < ${viddev} -c ${cursor}
fi
;;
esac
# screen mapping
if [ "${scrnmap}" != "NO" ]; then
#
case ${scrnmap} in
[Nn][Oo] | '')
;;
*)
echo -n ' screen_map'; vidcontrol < ${viddev} -l ${scrnmap}
fi
;;
esac
# font 8x16
if [ "${font8x16}" != "NO" ]; then
#
case ${font8x16} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x16'; vidcontrol < ${viddev} -f 8x16 ${font8x16}
fi
;;
esac
# font 8x14
if [ "${font8x14}" != "NO" ]; then
#
case ${font8x14} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x14'; vidcontrol < ${viddev} -f 8x14 ${font8x14}
fi
;;
esac
# font 8x8
if [ "${font8x8}" != "NO" ]; then
#
case ${font8x8} in
[Nn][Oo] | '')
;;
*)
echo -n ' font8x8'; vidcontrol < ${viddev} -f 8x8 ${font8x8}
fi
;;
esac
# blank time
if [ "${blanktime}" != "NO" ]; then
#
case ${blanktime} in
[Nn][Oo] | '')
;;
*)
echo -n ' blank_time'; vidcontrol < ${viddev} -t ${blanktime}
fi
;;
esac
# screen saver
if [ "${saver}" != "NO" ] ; then
#
case ${saver} in
[Nn][Oo] | '')
;;
*)
echo -n ' screensaver'
for i in `kldstat | awk '$5 ~ "^splash_.*$" { print $5 }'`; do
kldunload ${i}
done
kldstat -v | grep -q _saver || kldload ${saver}_saver
fi
;;
esac
# mouse daemon
if [ "${moused_enable}" = "YES" ] ; then
#
case ${moused_enable} in
[Yy][Ee][Ss])
echo -n ' moused'
moused ${moused_flags} -p ${moused_port} -t ${moused_type}
vidcontrol < ${viddev} -m on
fi
;;
esac
# set this mode for all virtual screens
if [ -n "${allscreens_flags}" ] ; then
#
if [ -n "${allscreens_flags}" ]; then
echo -n ' allscreens'
for ttyv in /dev/ttyv*
do
for ttyv in /dev/ttyv*; do
vidcontrol < ${ttyv} ${allscreens_flags}
done
fi
echo '.'
# interrupts for /dev/random device
if [ "${rand_irqs}" != "NO" ] ; then
#
case ${rand_irqs} in
[Nn][Oo] | '')
;;
*)
echo -n 'entropy IRQs:'
for irq in ${rand_irqs}; do
echo -n " ${irq}" && rndcontrol -q -s ${irq}
done
echo '.'
fi
;;
esac

103
etc/isdn/answer
View File

@ -17,92 +17,81 @@ VARDIR=/var/isdn
LIBDIR=/usr/share/isdn
LOGFILE=/tmp/answer.log
NCALLFILE=$VARDIR/ncall
NCALLFILE=${VARDIR}/ncall
DATE=`date +%d%H`
DF=0
dF=0
sF=0
set -- `getopt D:d:s: $*`
if test $? != 0
then
if ! set -- `getopt D:d:s: $*`; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
for i
do
case "$i"
in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
for i ; do
case ${i} in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
esac
done
echo "" >>$LOGFILE
echo "" >>${LOGFILE}
if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ]
then
if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
fi
echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE
echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE}
if [ -f $NCALLFILE ]
then
NCALL=`cat $NCALLFILE`
else
if [ -r "${NCALLFILE}" ]; then
NCALL=`cat ${NCALLFILE}`
else
NCALL=0
fi
NCALL=`printf "%.4d" $NCALL`
NCALL=`printf "%.4d" ${NCALL}`
echo Date: `date` >> $VARDIR/I.$NCALL.$DATE
echo Date: `date` >> ${VARDIR}/I.${NCALL}.${DATE}
if [ "$SRC" != "" ]
then
echo "From: $SRC" >> $VARDIR/I.$NCALL.$DATE
if [ -n "${SRC}" ]; then
echo "From: ${SRC}" >> ${VARDIR}/I.${NCALL}.${DATE}
fi
if [ "$DEST" != "" ]
then
echo "To: $DEST" >> $VARDIR/I.$NCALL.$DATE
if [ -n "${DEST}" ]; then
echo "To: ${DEST}" >> ${VARDIR}/I.${NCALL}.${DATE}
fi
if [ -f $LIBDIR/beep.al ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k # >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k # >/dev/null 2>&1
fi
if [ -f $LIBDIR/msg.al ]
then
dd of=$DEVICE if=$LIBDIR/msg.al bs=2k # >/dev/null 2>&1
if [ -f $LIBDIR/beep.al ]
if [ -r "${LIBDIR}/msg.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/msg.al bs=2k # >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k # >/dev/null 2>&1
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k # >/dev/null 2>&1
fi
fi
echo `expr $NCALL + 1` >$NCALLFILE
echo `expr ${NCALL} + 1` >${NCALLFILE}

61
etc/isdn/isdntel.sh
View File

@ -17,9 +17,9 @@ LIBDIR=/usr/share/isdn
VARDIR=/var/isdn
DEVICE=/dev/i4btel0
# sounds
MESSAGE=$LIBDIR/msg.al
BEEP=$LIBDIR/beep.al
# sounds
MESSAGE=${LIBDIR}/msg.al
BEEP=${LIBDIR}/beep.al
# dd options
SKIP=25
@ -35,36 +35,32 @@ dst=
DATE=`date`
# check if directory exists
if [ ! -d $VARDIR ]
if [ ! -d "${VARDIR}" ]
then
mkdir $VARDIR
mkdir ${VARDIR}
fi
# get options
set -- `/usr/bin/getopt D:d:s: $*`
if [ $? != 0 ]
then
if ! set -- `/usr/bin/getopt D:d:s: $*`; then
echo "usage2: play -D device -d <dest-telno> -s <src-telno>"
exit 1
fi
# process options
for i
do
for i ; do
case $i in
-D)
DEVICE=$2; shift; shift;
;;
-d)
dst=$2; shift; shift;
;;
-s)
src=$2; shift; shift;
;;
--)
shift; break;
;;
-D)
DEVICE=$2; shift; shift;
;;
-d)
dst=$2; shift; shift;
;;
-s)
src=$2; shift; shift;
;;
--)
shift; break;
;;
esac
done
@ -73,33 +69,30 @@ done
FILEDATE=`date \+%y%m%d%H%M%S`
# echo message to phone
if [ -f $MESSAGE ]
then
/bin/dd of=$DEVICE if=$MESSAGE bs=2k >/dev/null 2>&1
if [ -r "${MESSAGE}" ]; then
/bin/dd of=${DEVICE} if=${MESSAGE} bs=2k >/dev/null 2>&1
fi
# echo beep to phone
if [ -f $BEEP ]
then
/bin/dd of=$DEVICE if=$BEEP bs=2k >/dev/null 2>&1
if [ -r "${BEEP}" ]; then
/bin/dd of=${DEVICE} if=${BEEP} bs=2k >/dev/null 2>&1
fi
# start time
START=`date \+%s`
# get message from caller
/bin/dd if=$DEVICE of=$VARDIR/$FILEDATE-$dst-$src skip=$SKIP bs=2k count=$MAXMSIZ >/dev/null 2>&1
/bin/dd if=${DEVICE} of=${VARDIR}/${FILEDATE}-${dst}-${src} skip=${SKIP} bs=2k count=${MAXMSIZ} >/dev/null 2>&1
# end time
END=`date \+%s`
# duration
TIME=`expr $END - $START`
TIME=`expr ${END} - ${START}`
# save recorded message
if [ -f $VARDIR/$FILEDATE-$dst-$src ]
then
mv $VARDIR/$FILEDATE-$dst-$src $VARDIR/$FILEDATE-$dst-$src-$TIME
if [ -r "${VARDIR}/${FILEDATE}-${dst}-${src}" ]; then
mv ${VARDIR}/${FILEDATE}-${dst}-${src} ${VARDIR}/${FILEDATE}-${dst}-${src}-${TIME}
fi
exit 0

104
etc/isdn/record
View File

@ -17,95 +17,83 @@ VARDIR=/var/isdn
LIBDIR=/usr/share/isdn
LOGFILE=/tmp/answer.log
NCALLFILE=$VARDIR/ncall
NCALLFILE=${VARDIR}/ncall
DATE=`date +%d%H`
DF=0
dF=0
sF=0
set -- `getopt D:d:s: $*`
if test $? != 0
then
if ! set -- `getopt D:d:s: $*`; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
for i
do
case "$i"
in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
for i ; do
case ${i} in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
esac
done
echo "" >>$LOGFILE
echo "" >>${LOGFILE}
if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ]
then
if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
fi
echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE
echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE}
if [ -f $NCALLFILE ]
then
NCALL=`cat $NCALLFILE`
else
if [ -r "${NCALLFILE}" ]; then
NCALL=`cat ${NCALLFILE}`
else
NCALL=0
fi
NCALL=`printf "%.4d" $NCALL`
NCALL=`printf "%.4d" ${NCALL}`
echo Date: `date` >> $VARDIR/I.$NCALL.$DATE
echo Date: `date` >> ${VARDIR}/I.${NCALL}.${DATE}
if [ "$SRC" != "" ]
then
echo "From: $SRC" >> $VARDIR/I.$NCALL.$DATE
if [ -n "${SRC}" ]; then
echo "From: ${SRC}" >> ${VARDIR}/I.${NCALL}.${DATE}
fi
if [ "$DEST" != "" ]
then
echo "To: $DEST" >> $VARDIR/I.$NCALL.$DATE
if [ -n "${DEST}" ]; then
echo "To: ${DEST}" >> ${VARDIR}/I.${NCALL}.${DATE}
fi
if [ -f $LIBDIR/beep.al ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1
fi
if [ -f $LIBDIR/msg.al ]
then
dd of=$DEVICE if=$LIBDIR/msg.al bs=2k >/dev/null 2>&1
if [ -r "${LIBDIR}/msg.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/msg.al bs=2k >/dev/null 2>&1
fi
if [ -f $LIBDIR/beep.al ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1
fi
dd if=$DEVICE of=$VARDIR/R.$NCALL.$DATE bs=2k >/dev/null 2>&1
dd if=${DEVICE} of=${VARDIR}/R.${NCALL}.${DATE} bs=2k >/dev/null 2>&1
echo `expr $NCALL + 1` >$NCALLFILE

90
etc/isdn/tell
View File

@ -17,81 +17,71 @@ VARDIR=/var/isdn
LIBDIR=/usr/share/isdn
LOGFILE=/tmp/answer.log
NCALLFILE=$VARDIR/ncall
NCALLFILE=${VARDIR}/ncall
DATE=`date +%d%H`
DF=0
dF=0
sF=0
set -- `getopt D:d:s: $*`
if test $? != 0
then
if ! set -- `getopt D:d:s: $*`; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
for i
do
case "$i"
in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
for i ; do
case ${i} in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
esac
done
echo "" >>$LOGFILE
echo "" >>${LOGFILE}
if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ]
then
if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
fi
echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE
echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE}
if [ -f $LIBDIR/beep.al ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1
fi
# tell the caller the number he is calling from
POS=1
LENGTH=`expr $SRC : '.*'`
LENGTH=`expr ${SRC} : '.*'`
while :
do
DIGIT=`echo $SRC | cut -c $POS`
/bin/dd of=$DEVICE if=$LIBDIR/$DIGIT.al bs=2k >/dev/null 2>&1
POS=`expr $POS + 1`
if [ $POS -gt $LENGTH ]
then
while : ; do
DIGIT=`echo ${SRC} | cut -c ${POS}`
/bin/dd of=${DEVICE} if=${LIBDIR}/${DIGIT}.al bs=2k >/dev/null 2>&1
POS=`expr ${POS} + 1`
if [ "${POS}" -gt "${LENGTH}" ]; then
break
fi
done
if [ -f $LIBDIR/beep.al ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1
fi

92
etc/isdn/tell-record
View File

@ -17,83 +17,73 @@ VARDIR=/var/isdn
LIBDIR=/usr/share/isdn
LOGFILE=/tmp/answer.log
NCALLFILE=$VARDIR/ncall
NCALLFILE=${VARDIR}/ncall
DATE=`date +%d%H`
DF=0
dF=0
sF=0
set -- `getopt D:d:s: $*`
if test $? != 0
then
if ! set -- `getopt D:d:s: $*`; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
for i
do
case "$i"
in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
for i ; do
case ${i} in
-D)
DEVICE=$2
DF=1
shift
shift
;;
-d)
DEST=$2
dF=1
shift
shift
;;
-s)
SRC=$2
sF=1
shift
shift
;;
--)
shift
break
;;
esac
done
echo "" >>$LOGFILE
echo "" >>${LOGFILE}
if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ]
then
if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then
echo 'Usage: answer -D device -d destination -s source'
exit 1
fi
fi
echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE
echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE}
if [ -f $LIBDIR/beep.al ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1
fi
# tell the caller the number he is calling from
POS=1
LENGTH=`expr $SRC : '.*'`
LENGTH=`expr ${SRC} : '.*'`
while :
do
DIGIT=`echo $SRC | cut -c $POS`
/bin/dd of=$DEVICE if=$LIBDIR/$DIGIT.al bs=2k >/dev/null 2>&1
POS=`expr $POS + 1`
if [ $POS -gt $LENGTH ]
then
while : ; do
DIGIT=`echo ${SRC} | cut -c ${POS}`
/bin/dd of=${DEVICE} if=${LIBDIR}/${DIGIT}.al bs=2k >/dev/null 2>&1
POS=`expr ${POS} + 1`
if [ "${POS}" -gt "${LENGTH}" ]; then
break
fi
done
if [ -f $LIBDIR/beep.al ]
then
dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1
if [ -r "${LIBDIR}/beep.al" ]; then
dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1
fi
dd if=$DEVICE of=$VARDIR/recorded.msg bs=2k
dd if=${DEVICE} of=${VARDIR}/recorded.msg bs=2k

870
etc/network.subr
View File

@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/rc.conf. Please check that file
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
if [ -z "`hostname -s`" ] ; then
hostname ${hostname}
echo -n ' hostname'
fi
echo -n 'Doing initial network setup:'
# Set the domainname if we're using NIS
if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
domainname ${nisdomainname}
echo -n ' domain'
fi
echo '.'
# Initial ATM interface configuration
if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
# ISDN subsystem startup
if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ] ; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
if [ "${network_interfaces}" = "auto" ]; then
network_interfaces="`ifconfig -l`"
fi
for ifn in ${network_interfaces}; do
showstat=false
if [ -e /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
eval ifconfig_args=\$ifconfig_${ifn}
if [ -n "${ifconfig_args}" ] ; then
# See if we are using DHCP
if [ "${ifconfig_args}" = "DHCP" ]; then
${dhcp_program} ${dhcp_flags} ${ifn}
else
ifconfig ${ifn} ${ifconfig_args}
fi
showstat=true
fi
# Check to see if aliases need to be added
alias=0
while :
do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
if [ "${showstat}" = "true" ]
then
ifconfig ${ifn}
fi
done
# Warm up user ppp if required, must happen before natd.
if [ "${ppp_enable}" = "YES" ]; then
# Establish ppp mode.
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
if [ "${ppp_nat}" = "YES" ]; then
ppp_command="${ppp_command} -nat";
fi
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
fi
# Initialize IP filtering using ipfw
echo ""
/sbin/ipfw -q flush > /dev/null 2>&1
if [ $? = 0 ] ; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
if kldload ipfw; then
firewall_in_kernel=1 # module loaded successfully
echo "Kernel firewall module loaded."
else
echo "Warning: firewall kernel module failed to load."
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
fi
fi
# Load the filters if required
if [ ${firewall_in_kernel} = 1 ]; then
if [ -z "${firewall_script}" ] ; then
firewall_script="/etc/rc.firewall"
fi
if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
# Network Address Translation daemon
if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
fi
echo '.'
;;
esac
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
esac
for ifn in ${network_interfaces}; do
showstat=false
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
showstat=true
;;
*)
ifconfig ${ifn} ${ifconfig_args}
showstat=true
;;
esac
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
case ${showstat} in
true)
ifconfig ${ifn}
;;
esac
done
# Warm up user ppp if required, must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat";
;;
esac
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
;;
esac
# Initialize IP filtering using ipfw
#
echo ''
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
IPFW_DEFAULT=`ipfw l 65535`
if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
firewall_in_kernel=0
fi
fi
# Additional ATM interface configuration
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo "Kernel firewall module loaded."
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo "Warning: firewall kernel module failed to load."
fi
;;
esac
# Configure routing
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
if [ "${defaultrouter}" != "NO" ] ; then
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
# Set up any static routes. This should be done before router discovery.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r ${firewall_script} ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
echo -n 'Additional routing options:'
if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
fi
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
fi
if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
fi
echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
fi
;;
esac
if [ "${icmp_bmcastecho}" = "YES" ]; then
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
fi
if [ "${icmp_drop_redirect}" = "YES" ]; then
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
fi
if [ "${icmp_log_redirect}" = "YES" ]; then
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
fi
echo '.'
if [ "${gateway_enable}" = "YES" ]; then
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
fi
if [ "${forward_sourceroute}" = "YES" ]; then
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
fi
elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
;;
esac
;;
esac
if [ "${accept_sourceroute}" = "YES" ]; then
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
fi
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
if [ "${tcp_keepalive}" = "YES" ]; then
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ "X$tcp_restrict_rst" = X"YES" ]; then
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
fi
# Set up any static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
if [ "X$tcp_drop_synfin" = X"YES" ]; then
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
if [ "${ipxgateway_enable}" = "YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
fi
if [ "${arpproxy_all}" = "YES" ]; then
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
fi
echo '.'
case ${log_in_vain} in
[Nn][Oo] | '')
;;
*)
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
;;
esac
echo -n 'routing daemons:'
if [ "${router_enable}" = "YES" ]; then
echo -n " ${router}"; ${router} ${router_flags}
fi
if [ "${ipxrouted_enable}" = "YES" ]; then
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
fi
if [ "${mrouted_enable}" = "YES" ]; then
echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
if [ "${rarpd_enable}" = "YES" ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
echo '.'
network_pass1_done=YES # Let future generations know we made it.
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_restrict_rst} in
[Yy][Ee][Ss])
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
echo '.'
echo -n 'routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
if [ "${named_enable}" = "YES" ]; then
echo -n ' named'; ${named_program-"named"} ${named_flags}
fi
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
if [ "${ntpdate_enable}" = "YES" ]; then
echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
fi
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
if [ "${xntpd_enable}" = "YES" ]; then
echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
fi
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
;;
esac
if [ "${timed_enable}" = "YES" ]; then
echo -n ' timed'; timed ${timed_flags}
fi
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
if [ "${portmap_enable}" = "YES" ]; then
echo -n ' portmap'; ${portmap_program} ${portmap_flags}
fi
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
if [ "${nis_server_enable}" = "YES" ]; then
echo -n ' ypserv'; ypserv ${nis_server_flags}
if [ "${nis_ypxfrd_enable}" = "YES" ]; then
echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
fi
if [ "${nis_yppasswdd_enable}" = "YES" ]; then
echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
fi
fi
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
# Start ypbind if we're an NIS client
if [ "${nis_client_enable}" = "YES" ]; then
echo -n ' ypbind'; ypbind ${nis_client_flags}
if [ "${nis_ypset_enable}" = "YES" ]; then
echo -n ' ypset'; ypset ${nis_ypset_flags}
fi
fi
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
# Start keyserv if we are running Secure RPC
if [ "${keyserv_enable}" = "YES" ]; then
echo -n ' keyserv'; keyserv ${keyserv_flags}
fi
# Start ypupdated if we are running Secure RPC and we are NIS master
if [ "${rpc_ypupdated_enable}" = "YES" ]; then
echo -n ' rpc.ypupdated'; rpc.ypupdated
fi
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
echo '.'
network_pass2_done=YES
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
echo -n 'Starting final network daemons:'
if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
echo -n ' mountd'
if [ "${weak_mountd_authentication}" = "YES" ]; then
mountd_flags="-n"
fi
mountd ${mountd_flags}
if [ "${nfs_reserved_port_only}" = "YES" ]; then
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
fi
echo -n ' nfsd'; nfsd ${nfs_server_flags}
if [ "${rpc_lockd_enable}" = "YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
if [ "${rpc_statd_enable}" = "YES" ]; then
echo -n ' rpc.statd'; rpc.statd
fi
fi
if [ "${nfs_client_enable}" = "YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ "${nfs_access_cache}" != "X" ]; then
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
>/dev/null
fi
fi
>/dev/null
fi
;;
esac
if [ "${amd_enable}" = "YES" ]; then
echo -n ' amd'
if [ "${amd_map_program}" != "NO" ]; then
amd_flags="${amd_flags} `eval ${amd_map_program}`"
fi
if [ -n "${amd_flags}" ]
then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval ${amd_map_program}`"
;;
esac
if [ "${rwhod_enable}" = "YES" ]; then
echo -n ' rwhod'; rwhod ${rwhod_flags}
fi
if [ -n "${amd_flags}" ]; then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
if [ "${kerberos_server_enable}" = "YES" ]; then
if [ "${kerberos_stash}" = "YES" ]; then
stash_flag=-n
else
stash_flag=
fi
echo -n ' kerberos'; \
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
if [ "${kadmind_server_enable}" = "YES" ]; then
echo -n ' kadmind'; \
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
fi
unset stash_flag
fi
echo '.'
network_pass3_done=YES
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind'
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
;;
esac
unset stash_flag
;;
esac
echo '.'
network_pass3_done=YES
}

55
etc/pccard_ether
View File

@ -8,42 +8,51 @@
#
# Suck in the configuration variables
if [ -f /etc/defaults/rc.conf ]; then
#
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
elif [ -f /etc/rc.conf ]; then
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
if [ "${pccard_ifconfig}" != "NO" ] ; then
if [ "${pccard_ifconfig}" = "DHCP" ] ; then
if [ -f /sbin/dhclient ] ; then
if [ -s /var/run/dhclient.pid ] ; then
case ${pccard_ifconfig} in
[Nn][Oo] | '')
;;
[Dd][Hh][Cc][Pp])
if [ -r /sbin/dhclient ]; then
if [ -s /var/run/dhclient.pid ]; then
kill `cat /var/run/dhclient.pid`
rm /var/run/dhclient.pid
fi
/sbin/dhclient
elif [ -f /usr/local/sbin/dhcpc ] ; then
if [ -s /var/run/dhcpc.pid ] ; then
kill `cat /var/run/dhcpc.pid`
rm /var/run/dhcpc.pid
fi
/usr/local/sbin/dhcpc $*
else
echo "DHCP client software not available (isc-dhcp2)"
fi
/sbin/dhclient
elif [ -r /usr/local/sbin/dhcpc ]; then
if [ -s /var/run/dhcpc.pid ]; then
kill `cat /var/run/dhcpc.pid`
rm /var/run/dhcpc.pid
fi
/usr/local/sbin/dhcpc $*
else
interface=$1
shift
ifconfig ${interface} ${pccard_ifconfig} $*
echo "DHCP client software not available (isc-dhcp2)"
fi
fi
;;
*)
interface=$1
shift
ifconfig ${interface} ${pccard_ifconfig} $*
;;
esac
if [ "${defaultrouter}" != "NO" ] ; then
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
;;
esac
# Set up any static routes.
#
if [ -n "${static_routes}" ]; then
# flush beforehand, just in case....
route -n flush

398
etc/rc
View File

@ -7,25 +7,27 @@
# Output and error are redirected to console by init,
# and the console is the controlling terminal.
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check this file
# first before contemplating any changes here.
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
stty status '^T'
# Set shell to ignore SIGINT (2), but not children;
# shell catches SIGQUIT (3) and returns to single user after fsck.
#
trap : 2
trap : 3 # shouldn't be needed
HOME=/; export HOME
HOME=/
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin
export PATH
export HOME PATH
# BOOTP diskless boot. We have to run the rc file early in order to
# retarget various config files.
#
if [ -f /etc/rc.diskless1 ]; then
if [ -r /etc/rc.diskless1 ]; then
dlv=`/sbin/sysctl -n vfs.nfs.diskless_valid 2> /dev/null`
if [ ${dlv:=0} != 0 ]; then
. /etc/rc.diskless1
@ -34,26 +36,33 @@ fi
# If there is a global system configuration file, suck it in.
#
if [ -f /etc/defaults/rc.conf ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
elif [ -f /etc/rc.conf ]; then
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
# Configure ccd devices.
if [ -f /etc/ccd.conf ]; then
#
if [ -r /etc/ccd.conf ]; then
ccdconfig -C
fi
if [ "${start_vinum}" = "YES" ]; then
case ${start_vinum} in
[Yy][Ee][Ss])
vinum start
elif [ -n "${vinum_drives}" ]; then
vinum read ${vinum_drives}
fi
;;
*)
if [ -n "${vinum_drives}" ]; then
vinum read ${vinum_drives}
fi
;;
esac
swapon -a
if [ "$1" = "autoboot" ]; then
case $1 in
autoboot)
echo Automatic reboot in progress...
fsck -p
case $? in
@ -84,9 +93,11 @@ if [ "$1" = "autoboot" ]; then
exit 1
;;
esac
else
;;
*)
echo Skipping disk checks ...
fi
;;
esac
set -T
trap "echo 'Reboot interrupted'; exit 1" 3
@ -94,35 +105,43 @@ trap "echo 'Reboot interrupted'; exit 1" 3
# root normally must be read/write, but if this is a BOOTP NFS
# diskless boot it does not have to be.
#
if [ "${root_rw_mount}" != "NO" ]; then
mount -u -o rw /
fi
if [ $? != 0 ]; then
echo "Filesystem mount failed, startup aborted"
exit 1
fi
case ${root_rw_mount} in
[Nn][Oo] | '')
;;
*)
if ! mount -u -o rw / ; then
echo "Mounting root filesystem rw failed, startup aborted"
exit 1
fi
;;
esac
umount -a >/dev/null 2>&1
if [ "${early_nfs_mounts}" != "YES" ]; then
mount -a -t nonfs
else
# Where/how would this get set?
#
case ${early_nfs_mounts} in
[Yy][Ee][Ss])
mount -a
fi
if [ $? != 0 ]; then
echo "Filesystem mount failed, startup aborted"
;;
*)
mount -a -t nonfs
;;
esac
case $? in
0)
;;
*)
echo "Mounting /etc/fstab filesystems failed, startup aborted"
exit 1
fi
;;
esac
# Run custom disk mounting function here
#
if [ -n "${diskless_mount}" ]; then
if [ -f "${diskless_mount}" ]; then
if [ -n "${diskless_mount}" -a -r "${diskless_mount}" ]; then
sh ${diskless_mount}
fi
fi
adjkerntz -i
@ -135,7 +154,7 @@ clean_var() {
# Keep a copy of the boot messages around
dmesg >/var/run/dmesg.boot
# And an initial utmp file
(cd /var/run && cp /dev/null utmp && chmod 644 utmp; )
(cd /var/run && cp /dev/null utmp && chmod 644 utmp;)
>/var/run/clean_var
fi
}
@ -148,46 +167,60 @@ if [ -d /var/run -a -d /var/spool/lock -a -d /var/spool/uucp/.Temp ]; then
fi
# Add additional swapfile, if configured.
if [ "${swapfile}" != "NO" -a -w "${swapfile}" -a -b /dev/vn0b ]; then
echo "Adding ${swapfile} as additional swap."
vnconfig /dev/vn0b ${swapfile} && swapon /dev/vn0b
fi
#
case ${swapfile} in
[Nn][Oo] | '')
;;
*)
if [ -w "${swapfile}" -a -b /dev/vn0b ]; then
echo "Adding ${swapfile} as additional swap."
vnconfig /dev/vn0b ${swapfile} && swapon /dev/vn0b
fi
;;
esac
# set sysctl variables early as we can
if [ -f /etc/rc.sysctl ]; then
# Set sysctl variables as early as we can
#
if [ -r /etc/rc.sysctl ]; then
. /etc/rc.sysctl
fi
# configure serial devices
if [ -f /etc/rc.serial ]; then
# Configure serial devices
#
if [ -r /etc/rc.serial ]; then
. /etc/rc.serial
fi
# start up PC-card configuration
if [ -f /etc/rc.pccard ]; then
# Start up PC-card configuration
#
if [ -r /etc/rc.pccard ]; then
. /etc/rc.pccard
fi
# start up the initial network configuration.
if [ -f /etc/rc.network ]; then
# Start up the initial network configuration.
#
if [ -r /etc/rc.network ]; then
. /etc/rc.network # We only need to do this once.
network_pass1
fi
# Retest for early_nfs here?
#
echo -n "Mounting NFS file systems"
mount -a -t nfs
echo .
# Whack the pty perms back into shape.
#
chflags 0 /dev/tty[pqrsPQRS]*
chmod 666 /dev/tty[pqrsPQRS]*
chown root:wheel /dev/tty[pqrsPQRS]*
# clean up left-over files
# Clean up left-over files
#
clean_var # If it hasn't already been done
rm /var/run/clean_var
#
# Clearing /tmp at boot-time seems to have a long tradition. It doesn't
# help in any way for long-living systems, and it might accidentally
# clobber files you would rather like to have preserved after a crash
@ -195,150 +228,191 @@ rm /var/run/clean_var
#
# See also the example of another cleanup policy in /etc/periodic/daily.
#
if [ "${clear_tmp_enable}" = "YES" ]; then
case ${clear_tmp_enable} in
[Yy][Ee][Ss])
echo clearing /tmp
# prune quickly with one rm, then use find to clean up /tmp/[lq]*
# (not needed with mfs /tmp, but doesn't hurt there...)
(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
find -d . ! -name . ! -name lost+found ! -name quota.user \
! -name quota.group -exec rm -rf -- {} \;)
find -d . ! -name . ! -name lost+found ! -name quota.user \
! -name quota.group -exec rm -rf -- {} \;)
;;
esac
fi
# Remove X lock files, since they will prevent you from restarting X11
# Remove X lock files, since they will prevent you from restarting X11
# after a system crash.
#
rm -f /tmp/.X*-lock /tmp/.X11-unix/*
# snapshot any kernel -c changes back to disk here <someday>
# this has changed with ELF and /kernel.config.
# Snapshot any kernel -c changes back to disk here <someday>.
# This has changed with ELF and /kernel.config.
echo -n 'additional daemons:'
# start system logging and name service (named needs to start before syslogd
# if you don't have a /etc/resolv.conf)
# Start system logging and name service. Named needs to start before syslogd
# if you don't have a /etc/resolv.conf.
#
if [ "${syslogd_enable}" = "YES" ]; then
case ${syslogd_enable} in
[Yy][Ee][Ss])
# Transitional symlink (for the next couple of years :) until all
# binaries had a chance to move towards /var/run/log.
if [ ! -h /dev/log ] ; then
# binaries have had a chance to move towards /var/run/log.
if [ ! -h /dev/log ]; then
# might complain for r/o root f/s
ln -sf /var/run/log /dev/log
fi
rm -f /var/run/log
echo -n ' syslogd'; syslogd ${syslogd_flags}
fi
echo -n ' syslogd'; syslogd ${syslogd_flags}
;;
esac
echo '.'
# enable dumpdev so that savecore can see it
# Enable dumpdev so that savecore can see it.
# /var/crash should be a directory or a symbolic link
# to the crash directory if core dumps are to be saved.
if [ "${dumpdev}" != "NO" -a -e ${dumpdev} -a -d /var/crash ]; then
dumpon ${dumpdev}
echo -n checking for core dump...
savecore /var/crash
fi
#
case ${dumpdev} in
[Nn][Oo] | '')
;;
*)
if [ -e "${dumpdev}" -a -d /var/crash ]; then
dumpon ${dumpdev}
echo -n checking for core dump...
savecore /var/crash
fi
;;
esac
if [ -n "${network_pass1_done}" ]; then
network_pass2
fi
# Enable/Check the quotas (must be after ypbind if using NIS)
if [ "${enable_quotas}" = "YES" ]; then
#
case ${enable_quotas} in
[Yy][Ee][Ss])
case ${check_quotas} in
[Yy][Ee][Ss])
echo -n 'checking quotas:'
quotacheck -a
echo ' done.'
;;
esac
# Only check quotas if they have been previously enabled, and requested
if [ "${check_quotas}" = "YES" ]; then
echo -n 'checking quotas:'
quotacheck -a
echo ' done.'
fi
echo -n 'enabling quotas:'
quotaon -a
echo ' done.'
fi
echo -n 'enabling quotas:'
quotaon -a
echo ' done.'
;;
esac
if [ -n "${network_pass2_done}" ]; then
network_pass3
fi
# build ps databases
kvm_mkdb
# Build ps databases
#
kvm_mkdb
dev_mkdb
# check the password temp/lock file
if [ -f /etc/ptmp ]
then
# Check the password temp/lock file
#
if [ -e /etc/ptmp ]; then
logger -s -p auth.err \
"password file may be incorrect -- /etc/ptmp exists"
fi
if [ "${accounting_enable}" = "YES" -a -d /var/account ]; then
echo 'turning on accounting'
if [ ! -e /var/account/acct ]; then
touch /var/account/acct
case ${accounting_enable} in
[Yy][Ee][Ss])
if [ -d /var/account ]; then
echo 'turning on accounting'
if [ ! -e /var/account/acct ]; then
touch /var/account/acct
fi
accton /var/account/acct
fi
accton /var/account/acct
fi
;;
esac
# Make shared lib searching a little faster. Leave /usr/lib first if you
# add your own entries or you may come to grief.
#
if [ -x /sbin/ldconfig ]; then
if [ "`/usr/bin/objformat`" = "elf" ]; then
case `/usr/bin/objformat` in
elf)
_LDC=/usr/lib
for i in ${ldconfig_paths}; do
if test -d ${i}; then
if [ -d "${i}" ]; then
_LDC="${_LDC} ${i}"
fi
done
echo 'setting ELF ldconfig path:' ${_LDC}
ldconfig -elf ${_LDC}
fi
;;
esac
# Legacy aout support for i386 only
if [ "`sysctl -n hw.machine`" = "i386" ]; then
case `sysctl -n hw.machine` in
i386)
# Default the a.out ldconfig path.
: ${ldconfig_paths_aout=${ldconfig_paths}}
_LDC=/usr/lib/aout
for i in ${ldconfig_paths_aout}; do
if test -d ${i}; then
if [ -d "${i}" ]; then
_LDC="${_LDC} ${i}"
fi
done
echo 'setting a.out ldconfig path:' ${_LDC}
ldconfig -aout ${_LDC}
fi
;;
esac
fi
# Now start up miscellaneous daemons that don't belong anywhere else
#
echo -n starting standard daemons:
if [ "${inetd_enable}" != "NO" ]; then
case ${inetd_enable} in
[Nn][Oo])
;;
*)
echo -n ' inetd'; inetd ${inetd_flags}
fi
;;
esac
if [ "${cron_enable}" != "NO" ]; then
case ${cron_enable} in
[Nn][Oo])
;;
*)
echo -n ' cron'; cron
fi
;;
esac
if [ "${lpd_enable}" = "YES" ]; then
echo -n ' printer'; ${lpd_program} ${lpd_flags}
fi
case ${lpd_enable} in
[Yy][Ee][Ss])
echo -n ' printer'; ${lpd_program:-/usr/sbin/lpd} ${lpd_flags}
;;
esac
if [ "${sendmail_enable}" = "YES" -a -r /etc/sendmail.cf ]; then
echo -n ' sendmail'; /usr/sbin/sendmail ${sendmail_flags}
fi
case ${sendmail_enable} in
[Yy][Ee][Ss])
if [ -r /etc/sendmail.cf ]; then
echo -n ' sendmail'; /usr/sbin/sendmail ${sendmail_flags}
fi
;;
esac
if [ "${usbd_enable}" = "YES" ]; then
case ${usbd_enable} in
[Yy][Ee][Ss])
echo -n ' usbd'; /usr/sbin/usbd ${usbd_flags}
fi
;;
esac
echo '.'
# configure implementation specific stuff
# Configure implementation specific stuff
#
arch=`uname -m`
if [ -f /etc/rc.${arch} ]; then
if [ -r /etc/rc.${arch} ]; then
. /etc/rc.${arch}
fi
@ -349,13 +423,13 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then
echo 'Recovering vi editor sessions'
for i in ${vibackup}; do
# Only test files that are readable.
if test ! -r ${i}; then
if [ ! -r "${i}" ]; then
continue
fi
# Unmodified nvi editor backup files either have the
# execute bit set or are zero length. Delete them.
if test -x ${i} -o ! -s ${i}; then
if [ -x "${i}" -o ! -s "${i}" ]; then
rm -f ${i}
fi
done
@ -366,7 +440,7 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then
if [ "${virecovery}" != "/var/tmp/vi.recover/recover.*" ]; then
for i in ${virecovery}; do
# Only test files that are readable.
if test ! -r ${i}; then
if [ ! -r "${i}" ]; then
continue
fi
@ -374,7 +448,7 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then
# corrupted, or that have no corresponding backup file.
# Else send mail to the user.
recfile=`awk '/^X-vi-recover-path:/{print $2}' < ${i}`
if test -n "${recfile}" -a -s "${recfile}"; then
if [ -n "${recfile}" -a -s "${recfile}" ]; then
sendmail -t < ${i}
else
rm -f ${i}
@ -383,26 +457,40 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then
fi
fi
# make a bounds file for msgs(1) if there isn't one already
if [ -d /var/msgs -a ! -f /var/msgs/bounds ]; then
# Make a bounds file for msgs(1) if there isn't one already
# "Delete important files with symlink" security hole?
#
if [ -d /var/msgs -a ! -f /var/msgs/bounds ]; then
echo 0 > /var/msgs/bounds
fi
# for each valid dir in $local_startup, search for init scripts matching *.sh
if [ "${local_startup}" != "NO" ]; then
# For each valid dir in $local_startup, search for init scripts matching *.sh
#
case ${local_startup} in
[Nn][Oo] | '')
;;
*)
echo -n 'Local package initialization:'
for dir in ${local_startup}; do
[ -d ${dir} ] && for script in ${dir}/*.sh; do
[ -x ${script} ] && \
(set -T ; trap 'exit 1' 2 ; ${script} start)
done
if [ -d "${dir}" ]; then
for script in ${dir}/*.sh; do
if [ -x "${script}" ]; then
(set -T
trap 'exit 1' 2
${script} start)
fi
done
fi
done
echo .
fi
;;
esac
if [ "${update_motd}" != "NO" ]; then
T=`mktemp /tmp/_motd.XXXXXX`
if [ $? -eq 0 ]; then
case ${update_motd} in
[Nn][Oo] | '')
;;
*)
if T=`mktemp /tmp/_motd.XXXXXX`; then
uname -v | sed -e 's,^\([^#]*\) #\(.* [1-2][0-9][0-9][0-9]\).*/\([^\]*\) $,\1 (\3) #\2,' > ${T}
awk '{if (NR == 1) {if ($1 == "FreeBSD") {next} else {print "\n"$0}} else {print}}' < /etc/motd >> ${T}
cmp -s ${T} /etc/motd || {
@ -411,10 +499,14 @@ if [ "${update_motd}" != "NO" ]; then
}
rm -f ${T}
fi
fi
;;
esac
# Run rc.devfs if present to customize devfs
[ -f /etc/rc.devfs ] && sh /etc/rc.devfs
# Run rc.devfs if readable to customize devfs
#
if [ -r /etc/rc.devfs ]; then
sh /etc/rc.devfs
fi
# Do traditional (but rather obsolete) rc.local file if it exists. If you
# use this file and want to make it programmatic, source /etc/defaults/rc.conf
@ -422,27 +514,31 @@ fi
# shown below. Please do not put local extensions into /etc/rc itself.
# Use /etc/rc.local
#
# ---- rc.local ----
# if [ -f /etc/defaults/rc.conf ]; then
# . /etc/defaults/rc.conf
# fi
#
# ... additional startup conditionals ...
# ---- rc.local ----
#
if [ -f /etc/rc.local ]; then
# ---- rc.local ----
# if [ -r /etc/defaults/rc.conf ]; then
# . /etc/defaults/rc.conf
# fi
#
# ... additional startup conditionals ...
# ---- rc.local ----
#
if [ -r /etc/rc.local ]; then
echo -n 'starting local daemons:'
sh /etc/rc.local
sh /etc/rc.local
echo '.'
fi
# Raise kernel security level. This should be done only after `fsck' has
# repaired local file systems if you want the securelevel to be greater than 1.
if [ "${kern_securelevel_enable}" = "YES" -a "${kern_securelevel}" -ge 0 ];
then
echo 'Raising kernel security level'
sysctl -w kern.securelevel=${kern_securelevel}
fi
#
case ${kern_securelevel_enable} in
[Yy][Ee][Ss])
if [ "${kern_securelevel}" -ge 0 ]; then
echo 'Raising kernel security level'
sysctl -w kern.securelevel=${kern_securelevel}
fi
;;
esac
date
exit 0

273
etc/rc.atm
View File

@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9]|hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9]|hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9] | hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9] | hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
atm set mac ${phy} ${macaddr_args} || continue
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
fi
if [ "${prefix_args}" = "ILMI" ]; then
ilmid=1
else
atm set prefix ${phy} ${prefix_args} || continue
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" ]; then
case ${macaddr_args} in
[Nn][Oo] | '')
;;
*)
atm set mac ${phy} ${macaddr_args} || continue
;;
esac
fi
fi
atm_phy="${atm_phy} ${phy}"
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
continue
fi
case ${prefix_args} in
ILMI)
ilmid=1
;;
*)
atm set prefix ${phy} ${prefix_args} || continue
;;
esac
fi
atm_phy="${atm_phy} ${phy}"
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
case ${ilmid} in
1)
echo -n " ilmid"
ilmid
;;
esac
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
if [ ${ilmid} -eq 1 ]; then
echo -n " ilmid"
ilmid
fi
echo "."
atm_pass1_done=YES
atm_pass1_done=YES
}
#
@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
echo -n "Configuring ATM network interfaces:"
echo -n "Configuring ATM network interfaces:"
atm_scspd=0
atm_atmarpd=""
atm_scspd=0
atm_atmarpd=""
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} || continue
fi
eval scsparp_args=\$atm_scsparp_${net}
if [ "${scsparp_args}" = "YES" ]; then
if [ "${atmarp_args}" != "local" ]; then
echo "local arpserver required for SCSP"
continue
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} ||
continue
fi
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
fi
done
done
echo "."
eval scsparp_args=\$atm_scsparp_${net}
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
case ${scsparp_args} in
[Yy][Ee][Ss])
case ${atmarp_args} in
local)
;;
*)
echo "local arpserver required for SCSP"
continue
;;
esac
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
esac
done
done
fi
atm_pass2_done=YES
echo "."
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
done
fi
atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
# Start SCSP daemon (if needed)
if [ "${atm_scspd}" -eq 1 ]; then
echo -n " scspd"
scspd
fi
# Start SCSP daemon (if needed)
case ${atm_scspd} in
1)
echo -n " scspd"
scspd
;;
esac
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
atm_pass3_done=YES
atm_pass3_done=YES
}

273
etc/rc.d/atm1
View File

@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9]|hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9]|hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9] | hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9] | hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
atm set mac ${phy} ${macaddr_args} || continue
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
fi
if [ "${prefix_args}" = "ILMI" ]; then
ilmid=1
else
atm set prefix ${phy} ${prefix_args} || continue
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" ]; then
case ${macaddr_args} in
[Nn][Oo] | '')
;;
*)
atm set mac ${phy} ${macaddr_args} || continue
;;
esac
fi
fi
atm_phy="${atm_phy} ${phy}"
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
continue
fi
case ${prefix_args} in
ILMI)
ilmid=1
;;
*)
atm set prefix ${phy} ${prefix_args} || continue
;;
esac
fi
atm_phy="${atm_phy} ${phy}"
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
case ${ilmid} in
1)
echo -n " ilmid"
ilmid
;;
esac
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
if [ ${ilmid} -eq 1 ]; then
echo -n " ilmid"
ilmid
fi
echo "."
atm_pass1_done=YES
atm_pass1_done=YES
}
#
@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
echo -n "Configuring ATM network interfaces:"
echo -n "Configuring ATM network interfaces:"
atm_scspd=0
atm_atmarpd=""
atm_scspd=0
atm_atmarpd=""
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} || continue
fi
eval scsparp_args=\$atm_scsparp_${net}
if [ "${scsparp_args}" = "YES" ]; then
if [ "${atmarp_args}" != "local" ]; then
echo "local arpserver required for SCSP"
continue
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} ||
continue
fi
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
fi
done
done
echo "."
eval scsparp_args=\$atm_scsparp_${net}
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
case ${scsparp_args} in
[Yy][Ee][Ss])
case ${atmarp_args} in
local)
;;
*)
echo "local arpserver required for SCSP"
continue
;;
esac
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
esac
done
done
fi
atm_pass2_done=YES
echo "."
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
done
fi
atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
# Start SCSP daemon (if needed)
if [ "${atm_scspd}" -eq 1 ]; then
echo -n " scspd"
scspd
fi
# Start SCSP daemon (if needed)
case ${atm_scspd} in
1)
echo -n " scspd"
scspd
;;
esac
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
atm_pass3_done=YES
atm_pass3_done=YES
}

273
etc/rc.d/atm2
View File

@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9]|hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9]|hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9] | hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9] | hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
atm set mac ${phy} ${macaddr_args} || continue
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
fi
if [ "${prefix_args}" = "ILMI" ]; then
ilmid=1
else
atm set prefix ${phy} ${prefix_args} || continue
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" ]; then
case ${macaddr_args} in
[Nn][Oo] | '')
;;
*)
atm set mac ${phy} ${macaddr_args} || continue
;;
esac
fi
fi
atm_phy="${atm_phy} ${phy}"
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
continue
fi
case ${prefix_args} in
ILMI)
ilmid=1
;;
*)
atm set prefix ${phy} ${prefix_args} || continue
;;
esac
fi
atm_phy="${atm_phy} ${phy}"
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
case ${ilmid} in
1)
echo -n " ilmid"
ilmid
;;
esac
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
if [ ${ilmid} -eq 1 ]; then
echo -n " ilmid"
ilmid
fi
echo "."
atm_pass1_done=YES
atm_pass1_done=YES
}
#
@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
echo -n "Configuring ATM network interfaces:"
echo -n "Configuring ATM network interfaces:"
atm_scspd=0
atm_atmarpd=""
atm_scspd=0
atm_atmarpd=""
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} || continue
fi
eval scsparp_args=\$atm_scsparp_${net}
if [ "${scsparp_args}" = "YES" ]; then
if [ "${atmarp_args}" != "local" ]; then
echo "local arpserver required for SCSP"
continue
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} ||
continue
fi
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
fi
done
done
echo "."
eval scsparp_args=\$atm_scsparp_${net}
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
case ${scsparp_args} in
[Yy][Ee][Ss])
case ${atmarp_args} in
local)
;;
*)
echo "local arpserver required for SCSP"
continue
;;
esac
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
esac
done
done
fi
atm_pass2_done=YES
echo "."
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
done
fi
atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
# Start SCSP daemon (if needed)
if [ "${atm_scspd}" -eq 1 ]; then
echo -n " scspd"
scspd
fi
# Start SCSP daemon (if needed)
case ${atm_scspd} in
1)
echo -n " scspd"
scspd
;;
esac
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
atm_pass3_done=YES
atm_pass3_done=YES
}

273
etc/rc.d/atm2.sh
View File

@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9]|hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9]|hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9] | hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9] | hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
atm set mac ${phy} ${macaddr_args} || continue
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
fi
if [ "${prefix_args}" = "ILMI" ]; then
ilmid=1
else
atm set prefix ${phy} ${prefix_args} || continue
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" ]; then
case ${macaddr_args} in
[Nn][Oo] | '')
;;
*)
atm set mac ${phy} ${macaddr_args} || continue
;;
esac
fi
fi
atm_phy="${atm_phy} ${phy}"
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
continue
fi
case ${prefix_args} in
ILMI)
ilmid=1
;;
*)
atm set prefix ${phy} ${prefix_args} || continue
;;
esac
fi
atm_phy="${atm_phy} ${phy}"
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
case ${ilmid} in
1)
echo -n " ilmid"
ilmid
;;
esac
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
if [ ${ilmid} -eq 1 ]; then
echo -n " ilmid"
ilmid
fi
echo "."
atm_pass1_done=YES
atm_pass1_done=YES
}
#
@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
echo -n "Configuring ATM network interfaces:"
echo -n "Configuring ATM network interfaces:"
atm_scspd=0
atm_atmarpd=""
atm_scspd=0
atm_atmarpd=""
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} || continue
fi
eval scsparp_args=\$atm_scsparp_${net}
if [ "${scsparp_args}" = "YES" ]; then
if [ "${atmarp_args}" != "local" ]; then
echo "local arpserver required for SCSP"
continue
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} ||
continue
fi
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
fi
done
done
echo "."
eval scsparp_args=\$atm_scsparp_${net}
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
case ${scsparp_args} in
[Yy][Ee][Ss])
case ${atmarp_args} in
local)
;;
*)
echo "local arpserver required for SCSP"
continue
;;
esac
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
esac
done
done
fi
atm_pass2_done=YES
echo "."
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
done
fi
atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
# Start SCSP daemon (if needed)
if [ "${atm_scspd}" -eq 1 ]; then
echo -n " scspd"
scspd
fi
# Start SCSP daemon (if needed)
case ${atm_scspd} in
1)
echo -n " scspd"
scspd
;;
esac
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
atm_pass3_done=YES
atm_pass3_done=YES
}

273
etc/rc.d/atm3
View File

@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9]|hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9]|hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9] | hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9] | hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
atm set mac ${phy} ${macaddr_args} || continue
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
fi
if [ "${prefix_args}" = "ILMI" ]; then
ilmid=1
else
atm set prefix ${phy} ${prefix_args} || continue
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" ]; then
case ${macaddr_args} in
[Nn][Oo] | '')
;;
*)
atm set mac ${phy} ${macaddr_args} || continue
;;
esac
fi
fi
atm_phy="${atm_phy} ${phy}"
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
continue
fi
case ${prefix_args} in
ILMI)
ilmid=1
;;
*)
atm set prefix ${phy} ${prefix_args} || continue
;;
esac
fi
atm_phy="${atm_phy} ${phy}"
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
case ${ilmid} in
1)
echo -n " ilmid"
ilmid
;;
esac
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
if [ ${ilmid} -eq 1 ]; then
echo -n " ilmid"
ilmid
fi
echo "."
atm_pass1_done=YES
atm_pass1_done=YES
}
#
@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
echo -n "Configuring ATM network interfaces:"
echo -n "Configuring ATM network interfaces:"
atm_scspd=0
atm_atmarpd=""
atm_scspd=0
atm_atmarpd=""
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} || continue
fi
eval scsparp_args=\$atm_scsparp_${net}
if [ "${scsparp_args}" = "YES" ]; then
if [ "${atmarp_args}" != "local" ]; then
echo "local arpserver required for SCSP"
continue
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} ||
continue
fi
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
fi
done
done
echo "."
eval scsparp_args=\$atm_scsparp_${net}
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
case ${scsparp_args} in
[Yy][Ee][Ss])
case ${atmarp_args} in
local)
;;
*)
echo "local arpserver required for SCSP"
continue
;;
esac
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
esac
done
done
fi
atm_pass2_done=YES
echo "."
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
done
fi
atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
# Start SCSP daemon (if needed)
if [ "${atm_scspd}" -eq 1 ]; then
echo -n " scspd"
scspd
fi
# Start SCSP daemon (if needed)
case ${atm_scspd} in
1)
echo -n " scspd"
scspd
;;
esac
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
atm_pass3_done=YES
atm_pass3_done=YES
}

273
etc/rc.d/atm3.sh
View File

@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9]|hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9]|hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
# Locate all probed ATM adapters
atmdev=`atm sh stat int | while read dev junk; do
case ${dev} in
hea[0-9] | hea[0-9][0-9])
echo "${dev} "
;;
hfa[0-9] | hfa[0-9][0-9])
echo "${dev} "
;;
*)
continue
;;
esac
done`
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
if [ -z "${atmdev}" ]; then
echo "No ATM adapters found."
return 0
fi
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
atm set mac ${phy} ${macaddr_args} || continue
# Load microcode into FORE adapters (if needed)
if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
fore_dnld -d /etc
fi
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure physical interfaces
ilmid=0
for phy in ${atmdev}; do
echo -n "Configuring ATM device ${phy}:"
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
# Define network interfaces
eval netif_args=\$atm_netif_${phy}
if [ -n "${netif_args}" ]; then
atm set netif ${phy} ${netif_args} || continue
else
echo "missing network interface definition"
continue
fi
if [ "${prefix_args}" = "ILMI" ]; then
ilmid=1
else
atm set prefix ${phy} ${prefix_args} || continue
# Override physical MAC address
eval macaddr_args=\$atm_macaddr_${phy}
if [ -n "${macaddr_args}" ]; then
case ${macaddr_args} in
[Nn][Oo] | '')
;;
*)
atm set mac ${phy} ${macaddr_args} || continue
;;
esac
fi
fi
atm_phy="${atm_phy} ${phy}"
# Configure signalling manager
eval sigmgr_args=\$atm_sigmgr_${phy}
if [ -n "${sigmgr_args}" ]; then
atm attach ${phy} ${sigmgr_args} || continue
else
echo "missing signalling manager definition"
continue
fi
# Configure UNI NSAP prefix
eval prefix_args=\$atm_prefix_${phy}
if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
if [ -z "${prefix_args}" ]; then
echo "missing NSAP prefix for UNI interface"
continue
fi
case ${prefix_args} in
ILMI)
ilmid=1
;;
*)
atm set prefix ${phy} ${prefix_args} || continue
;;
esac
fi
atm_phy="${atm_phy} ${phy}"
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
case ${ilmid} in
1)
echo -n " ilmid"
ilmid
;;
esac
echo "."
done
echo -n "Starting initial ATM daemons:"
# Start ILMI daemon (if needed)
if [ ${ilmid} -eq 1 ]; then
echo -n " ilmid"
ilmid
fi
echo "."
atm_pass1_done=YES
atm_pass1_done=YES
}
#
@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
echo -n "Configuring ATM network interfaces:"
echo -n "Configuring ATM network interfaces:"
atm_scspd=0
atm_atmarpd=""
atm_scspd=0
atm_atmarpd=""
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
# Configure network interfaces
for phy in ${atm_phy}; do
eval netif_args=\$atm_netif_${phy}
set -- ${netif_args}
netname=$1
netcnt=$2
netindx=0
while [ ${netindx} -lt ${netcnt} ]; do
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
net="${netname}${netindx}"
netindx=`expr ${netindx} + 1`
echo -n " ${net}"
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} || continue
fi
eval scsparp_args=\$atm_scsparp_${net}
if [ "${scsparp_args}" = "YES" ]; then
if [ "${atmarp_args}" != "local" ]; then
echo "local arpserver required for SCSP"
continue
# Configure atmarp server
eval atmarp_args=\$atm_arpserver_${net}
if [ -n "${atmarp_args}" ]; then
atm set arpserver ${net} ${atmarp_args} ||
continue
fi
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
fi
done
done
echo "."
eval scsparp_args=\$atm_scsparp_${net}
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
case ${scsparp_args} in
[Yy][Ee][Ss])
case ${atmarp_args} in
local)
;;
*)
echo "local arpserver required for SCSP"
continue
;;
esac
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
atm_atmarpd="${atm_atmarpd} ${net}"
atm_scspd=1
esac
done
done
fi
atm_pass2_done=YES
echo "."
# Define any PVCs.
if [ -n "${atm_pvcs}" ]; then
for i in ${atm_pvcs}; do
eval pvc_args=\$atm_pvc_${i}
atm add pvc ${pvc_args}
done
fi
# Define any permanent ARP entries.
if [ -n "${atm_arps}" ]; then
for i in ${atm_arps}; do
eval arp_args=\$atm_arp_${i}
atm add arp ${arp_args}
done
fi
atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
# Start SCSP daemon (if needed)
if [ "${atm_scspd}" -eq 1 ]; then
echo -n " scspd"
scspd
fi
# Start SCSP daemon (if needed)
case ${atm_scspd} in
1)
echo -n " scspd"
scspd
;;
esac
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
# Start ATMARP daemon (if needed)
if [ -n "${atm_atmarpd}" ]; then
echo -n " atmarpd"
atmarpd ${atm_atmarpd}
fi
atm_pass3_done=YES
atm_pass3_done=YES
}

12
etc/rc.d/diskless
View File

@ -1,11 +1,14 @@
#
#$FreeBSD$
#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
if [ -f /etc/defaults/rc.conf ]; then
fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
elif [ -f /etc/rc.conf ]; then
/sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512

36
etc/rc.d/initdiskless
View File

@ -1,4 +1,6 @@
#
# $FreeBSD$
#
# /etc/rc.diskless - general BOOTP startup
#
# BOOTP has mounted / for us. Assume a read-only mount. We must then
@ -10,14 +12,14 @@
# set by the system operator on the server to be softlinks to
# /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may
# choose to retarget other files as well. The server itself boots
# properly with its default /conf/ME softlink pointing to
# /conf/server.host.name.
# properly with its default /conf/ME softlink pointing to
# /conf/server.host.name.
#
# During a diskless boot, we retarget the /conf/ME softlink to point
# to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config
# files that are softlinks through /conf/ME also get retargeted.
#
# SEE SAMPLE FILES IN /usr/share/examples/diskless.
# SEE SAMPLE FILES IN /usr/share/examples/diskless.
# chkerr:
#
@ -25,27 +27,31 @@
#
# checks error code and drops into shell on failure.
# if shell exits, terminates script as well as /etc/rc.
#
chkerr() {
if [ $1 != 0 ]; then
case $1 in
0)
;;
*)
echo "$2 failed: dropping into /bin/sh"
/bin/sh
# RESUME
fi
;;
esac
}
# DEBUGGING
#
set -v
# Figure out where the root mount is coming from, synthesize a mount
# for /usr and mount it.
# Figure out where the root mount is coming from, synthesize a mount
# for /usr and mount it.
#
# e.g. nfs_root might wind up as "A.B.C.D:/"
# e.g. nfs_root might wind up as "A.B.C.D:/"
#
# NOTE! the /usr mount is only temporary so we can access commands necessary
# to retarget /conf/ME. The actual /usr mount should be part of the
# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
# NOTE! the /usr mount is only temporary so we can access commands necessary
# to retarget /conf/ME. The actual /usr mount should be part of the
# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
#
set `/bin/df /`
nfs_root=$8
@ -53,7 +59,7 @@ mount_nfs -o ro ${nfs_root}/usr /usr
chkerr $? "mount of /usr"
# Figure out our interface and IP.
# Figure out our interface and IP.
#
bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'`
@ -74,7 +80,7 @@ umount /usr
#
# WARNING! null mounts cannot handle mmap, and since many programs
# use mmap (such as 'cp'), we have to copy.
#
mount_mfs -s 256 -T qp120at -o union dummy /conf
chkerr $? "MFS mount on /conf"
@ -91,7 +97,7 @@ sysctl -w kern.bootfile=/conf/ME/kernel
# else.
#
# This script is responsible for setting up the
# diskless mount environment. This can be
# diskless mount environment. This can be
# overriden by /conf/ME/rc.conf.local if, for
# example, you do not want to run the standard
# system /etc/rc.diskless2

60
etc/rc.d/isdnd
View File

@ -10,39 +10,53 @@
#
#---------------------------------------------------------------------------
if [ "${isdn_enable}" = "YES" ] ; then
case ${isdn_enable} in
[Yy][Ee][Ss])
echo -n 'ISDN subsystem setup:'
# terminal type for fullscreen mode, default to syscons driver
# Terminal type for fullscreen mode, default to syscons driver
#
isdn_ttype=cons25
# check for pcvt driver (VT100/VT220 emulator)
if [ -x /usr/sbin/ispcvt ] ; then
if /usr/sbin/ispcvt ; then
# Check for pcvt driver (VT100/VT220 emulator)
#
if [ -x /usr/sbin/ispcvt ]; then
if /usr/sbin/ispcvt; then
isdn_ttype=pcvt25
fi
fi
if [ "${isdn_flags}" = "NO" ] ; then
isdn_flags=""
fi
# start the isdn daemon
if [ -x /usr/sbin/isdnd ] ; then
case ${isdn_flags} in
[Nn][Oo] | '')
isdn_flags=''
;;
esac
# Start the isdn daemon
#
if [ -x /usr/sbin/isdnd ]; then
echo -n ' isdnd'
if [ "${isdn_fsdev}" = "NO" ] ; then
/usr/sbin/isdnd ${isdn_flags}
else
case ${isdn_fsdev} in
[Nn][Oo] | '')
/usr/sbin/isdnd ${isdn_flags}
;;
*)
/usr/sbin/isdnd ${isdn_flags} -f -r ${isdn_fsdev} -t ${isdn_ttype}
fi
;;
esac
fi
# start isdntrace
if [ "${isdn_trace}" = "YES" -a -x /usr/sbin/isdntrace ] ; then
echo -n ' isdntrace'
nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 &
fi
# Start isdntrace
#
case ${isdn_trace} in
[Yy][Ee][Ss])
if [ -x /usr/sbin/isdntrace ]; then
echo -n ' isdntrace'
nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 &
fi
;;
esac
echo '.'
fi
;;
esac

870
etc/rc.d/netoptions
View File

@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/rc.conf. Please check that file
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
if [ -z "`hostname -s`" ] ; then
hostname ${hostname}
echo -n ' hostname'
fi
echo -n 'Doing initial network setup:'
# Set the domainname if we're using NIS
if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
domainname ${nisdomainname}
echo -n ' domain'
fi
echo '.'
# Initial ATM interface configuration
if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
# ISDN subsystem startup
if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ] ; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
if [ "${network_interfaces}" = "auto" ]; then
network_interfaces="`ifconfig -l`"
fi
for ifn in ${network_interfaces}; do
showstat=false
if [ -e /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
eval ifconfig_args=\$ifconfig_${ifn}
if [ -n "${ifconfig_args}" ] ; then
# See if we are using DHCP
if [ "${ifconfig_args}" = "DHCP" ]; then
${dhcp_program} ${dhcp_flags} ${ifn}
else
ifconfig ${ifn} ${ifconfig_args}
fi
showstat=true
fi
# Check to see if aliases need to be added
alias=0
while :
do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
if [ "${showstat}" = "true" ]
then
ifconfig ${ifn}
fi
done
# Warm up user ppp if required, must happen before natd.
if [ "${ppp_enable}" = "YES" ]; then
# Establish ppp mode.
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
if [ "${ppp_nat}" = "YES" ]; then
ppp_command="${ppp_command} -nat";
fi
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
fi
# Initialize IP filtering using ipfw
echo ""
/sbin/ipfw -q flush > /dev/null 2>&1
if [ $? = 0 ] ; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
if kldload ipfw; then
firewall_in_kernel=1 # module loaded successfully
echo "Kernel firewall module loaded."
else
echo "Warning: firewall kernel module failed to load."
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
fi
fi
# Load the filters if required
if [ ${firewall_in_kernel} = 1 ]; then
if [ -z "${firewall_script}" ] ; then
firewall_script="/etc/rc.firewall"
fi
if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
# Network Address Translation daemon
if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
fi
echo '.'
;;
esac
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
esac
for ifn in ${network_interfaces}; do
showstat=false
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
showstat=true
;;
*)
ifconfig ${ifn} ${ifconfig_args}
showstat=true
;;
esac
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
case ${showstat} in
true)
ifconfig ${ifn}
;;
esac
done
# Warm up user ppp if required, must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat";
;;
esac
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
;;
esac
# Initialize IP filtering using ipfw
#
echo ''
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
IPFW_DEFAULT=`ipfw l 65535`
if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
firewall_in_kernel=0
fi
fi
# Additional ATM interface configuration
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo "Kernel firewall module loaded."
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo "Warning: firewall kernel module failed to load."
fi
;;
esac
# Configure routing
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
if [ "${defaultrouter}" != "NO" ] ; then
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
# Set up any static routes. This should be done before router discovery.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r ${firewall_script} ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
echo -n 'Additional routing options:'
if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
fi
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
fi
if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
fi
echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
fi
;;
esac
if [ "${icmp_bmcastecho}" = "YES" ]; then
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
fi
if [ "${icmp_drop_redirect}" = "YES" ]; then
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
fi
if [ "${icmp_log_redirect}" = "YES" ]; then
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
fi
echo '.'
if [ "${gateway_enable}" = "YES" ]; then
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
fi
if [ "${forward_sourceroute}" = "YES" ]; then
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
fi
elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
;;
esac
;;
esac
if [ "${accept_sourceroute}" = "YES" ]; then
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
fi
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
if [ "${tcp_keepalive}" = "YES" ]; then
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ "X$tcp_restrict_rst" = X"YES" ]; then
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
fi
# Set up any static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
if [ "X$tcp_drop_synfin" = X"YES" ]; then
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
if [ "${ipxgateway_enable}" = "YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
fi
if [ "${arpproxy_all}" = "YES" ]; then
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
fi
echo '.'
case ${log_in_vain} in
[Nn][Oo] | '')
;;
*)
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
;;
esac
echo -n 'routing daemons:'
if [ "${router_enable}" = "YES" ]; then
echo -n " ${router}"; ${router} ${router_flags}
fi
if [ "${ipxrouted_enable}" = "YES" ]; then
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
fi
if [ "${mrouted_enable}" = "YES" ]; then
echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
if [ "${rarpd_enable}" = "YES" ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
echo '.'
network_pass1_done=YES # Let future generations know we made it.
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_restrict_rst} in
[Yy][Ee][Ss])
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
echo '.'
echo -n 'routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
if [ "${named_enable}" = "YES" ]; then
echo -n ' named'; ${named_program-"named"} ${named_flags}
fi
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
if [ "${ntpdate_enable}" = "YES" ]; then
echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
fi
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
if [ "${xntpd_enable}" = "YES" ]; then
echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
fi
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
;;
esac
if [ "${timed_enable}" = "YES" ]; then
echo -n ' timed'; timed ${timed_flags}
fi
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
if [ "${portmap_enable}" = "YES" ]; then
echo -n ' portmap'; ${portmap_program} ${portmap_flags}
fi
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
if [ "${nis_server_enable}" = "YES" ]; then
echo -n ' ypserv'; ypserv ${nis_server_flags}
if [ "${nis_ypxfrd_enable}" = "YES" ]; then
echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
fi
if [ "${nis_yppasswdd_enable}" = "YES" ]; then
echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
fi
fi
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
# Start ypbind if we're an NIS client
if [ "${nis_client_enable}" = "YES" ]; then
echo -n ' ypbind'; ypbind ${nis_client_flags}
if [ "${nis_ypset_enable}" = "YES" ]; then
echo -n ' ypset'; ypset ${nis_ypset_flags}
fi
fi
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
# Start keyserv if we are running Secure RPC
if [ "${keyserv_enable}" = "YES" ]; then
echo -n ' keyserv'; keyserv ${keyserv_flags}
fi
# Start ypupdated if we are running Secure RPC and we are NIS master
if [ "${rpc_ypupdated_enable}" = "YES" ]; then
echo -n ' rpc.ypupdated'; rpc.ypupdated
fi
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
echo '.'
network_pass2_done=YES
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
echo -n 'Starting final network daemons:'
if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
echo -n ' mountd'
if [ "${weak_mountd_authentication}" = "YES" ]; then
mountd_flags="-n"
fi
mountd ${mountd_flags}
if [ "${nfs_reserved_port_only}" = "YES" ]; then
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
fi
echo -n ' nfsd'; nfsd ${nfs_server_flags}
if [ "${rpc_lockd_enable}" = "YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
if [ "${rpc_statd_enable}" = "YES" ]; then
echo -n ' rpc.statd'; rpc.statd
fi
fi
if [ "${nfs_client_enable}" = "YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ "${nfs_access_cache}" != "X" ]; then
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
>/dev/null
fi
fi
>/dev/null
fi
;;
esac
if [ "${amd_enable}" = "YES" ]; then
echo -n ' amd'
if [ "${amd_map_program}" != "NO" ]; then
amd_flags="${amd_flags} `eval ${amd_map_program}`"
fi
if [ -n "${amd_flags}" ]
then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval ${amd_map_program}`"
;;
esac
if [ "${rwhod_enable}" = "YES" ]; then
echo -n ' rwhod'; rwhod ${rwhod_flags}
fi
if [ -n "${amd_flags}" ]; then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
if [ "${kerberos_server_enable}" = "YES" ]; then
if [ "${kerberos_stash}" = "YES" ]; then
stash_flag=-n
else
stash_flag=
fi
echo -n ' kerberos'; \
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
if [ "${kadmind_server_enable}" = "YES" ]; then
echo -n ' kadmind'; \
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
fi
unset stash_flag
fi
echo '.'
network_pass3_done=YES
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind'
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
;;
esac
unset stash_flag
;;
esac
echo '.'
network_pass3_done=YES
}

870
etc/rc.d/network1
View File

@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/rc.conf. Please check that file
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
if [ -z "`hostname -s`" ] ; then
hostname ${hostname}
echo -n ' hostname'
fi
echo -n 'Doing initial network setup:'
# Set the domainname if we're using NIS
if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
domainname ${nisdomainname}
echo -n ' domain'
fi
echo '.'
# Initial ATM interface configuration
if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
# ISDN subsystem startup
if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ] ; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
if [ "${network_interfaces}" = "auto" ]; then
network_interfaces="`ifconfig -l`"
fi
for ifn in ${network_interfaces}; do
showstat=false
if [ -e /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
eval ifconfig_args=\$ifconfig_${ifn}
if [ -n "${ifconfig_args}" ] ; then
# See if we are using DHCP
if [ "${ifconfig_args}" = "DHCP" ]; then
${dhcp_program} ${dhcp_flags} ${ifn}
else
ifconfig ${ifn} ${ifconfig_args}
fi
showstat=true
fi
# Check to see if aliases need to be added
alias=0
while :
do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
if [ "${showstat}" = "true" ]
then
ifconfig ${ifn}
fi
done
# Warm up user ppp if required, must happen before natd.
if [ "${ppp_enable}" = "YES" ]; then
# Establish ppp mode.
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
if [ "${ppp_nat}" = "YES" ]; then
ppp_command="${ppp_command} -nat";
fi
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
fi
# Initialize IP filtering using ipfw
echo ""
/sbin/ipfw -q flush > /dev/null 2>&1
if [ $? = 0 ] ; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
if kldload ipfw; then
firewall_in_kernel=1 # module loaded successfully
echo "Kernel firewall module loaded."
else
echo "Warning: firewall kernel module failed to load."
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
fi
fi
# Load the filters if required
if [ ${firewall_in_kernel} = 1 ]; then
if [ -z "${firewall_script}" ] ; then
firewall_script="/etc/rc.firewall"
fi
if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
# Network Address Translation daemon
if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
fi
echo '.'
;;
esac
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
esac
for ifn in ${network_interfaces}; do
showstat=false
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
showstat=true
;;
*)
ifconfig ${ifn} ${ifconfig_args}
showstat=true
;;
esac
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
case ${showstat} in
true)
ifconfig ${ifn}
;;
esac
done
# Warm up user ppp if required, must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat";
;;
esac
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
;;
esac
# Initialize IP filtering using ipfw
#
echo ''
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
IPFW_DEFAULT=`ipfw l 65535`
if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
firewall_in_kernel=0
fi
fi
# Additional ATM interface configuration
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo "Kernel firewall module loaded."
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo "Warning: firewall kernel module failed to load."
fi
;;
esac
# Configure routing
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
if [ "${defaultrouter}" != "NO" ] ; then
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
# Set up any static routes. This should be done before router discovery.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r ${firewall_script} ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
echo -n 'Additional routing options:'
if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
fi
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
fi
if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
fi
echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
fi
;;
esac
if [ "${icmp_bmcastecho}" = "YES" ]; then
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
fi
if [ "${icmp_drop_redirect}" = "YES" ]; then
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
fi
if [ "${icmp_log_redirect}" = "YES" ]; then
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
fi
echo '.'
if [ "${gateway_enable}" = "YES" ]; then
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
fi
if [ "${forward_sourceroute}" = "YES" ]; then
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
fi
elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
;;
esac
;;
esac
if [ "${accept_sourceroute}" = "YES" ]; then
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
fi
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
if [ "${tcp_keepalive}" = "YES" ]; then
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ "X$tcp_restrict_rst" = X"YES" ]; then
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
fi
# Set up any static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
if [ "X$tcp_drop_synfin" = X"YES" ]; then
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
if [ "${ipxgateway_enable}" = "YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
fi
if [ "${arpproxy_all}" = "YES" ]; then
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
fi
echo '.'
case ${log_in_vain} in
[Nn][Oo] | '')
;;
*)
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
;;
esac
echo -n 'routing daemons:'
if [ "${router_enable}" = "YES" ]; then
echo -n " ${router}"; ${router} ${router_flags}
fi
if [ "${ipxrouted_enable}" = "YES" ]; then
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
fi
if [ "${mrouted_enable}" = "YES" ]; then
echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
if [ "${rarpd_enable}" = "YES" ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
echo '.'
network_pass1_done=YES # Let future generations know we made it.
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_restrict_rst} in
[Yy][Ee][Ss])
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
echo '.'
echo -n 'routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
if [ "${named_enable}" = "YES" ]; then
echo -n ' named'; ${named_program-"named"} ${named_flags}
fi
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
if [ "${ntpdate_enable}" = "YES" ]; then
echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
fi
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
if [ "${xntpd_enable}" = "YES" ]; then
echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
fi
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
;;
esac
if [ "${timed_enable}" = "YES" ]; then
echo -n ' timed'; timed ${timed_flags}
fi
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
if [ "${portmap_enable}" = "YES" ]; then
echo -n ' portmap'; ${portmap_program} ${portmap_flags}
fi
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
if [ "${nis_server_enable}" = "YES" ]; then
echo -n ' ypserv'; ypserv ${nis_server_flags}
if [ "${nis_ypxfrd_enable}" = "YES" ]; then
echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
fi
if [ "${nis_yppasswdd_enable}" = "YES" ]; then
echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
fi
fi
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
# Start ypbind if we're an NIS client
if [ "${nis_client_enable}" = "YES" ]; then
echo -n ' ypbind'; ypbind ${nis_client_flags}
if [ "${nis_ypset_enable}" = "YES" ]; then
echo -n ' ypset'; ypset ${nis_ypset_flags}
fi
fi
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
# Start keyserv if we are running Secure RPC
if [ "${keyserv_enable}" = "YES" ]; then
echo -n ' keyserv'; keyserv ${keyserv_flags}
fi
# Start ypupdated if we are running Secure RPC and we are NIS master
if [ "${rpc_ypupdated_enable}" = "YES" ]; then
echo -n ' rpc.ypupdated'; rpc.ypupdated
fi
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
echo '.'
network_pass2_done=YES
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
echo -n 'Starting final network daemons:'
if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
echo -n ' mountd'
if [ "${weak_mountd_authentication}" = "YES" ]; then
mountd_flags="-n"
fi
mountd ${mountd_flags}
if [ "${nfs_reserved_port_only}" = "YES" ]; then
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
fi
echo -n ' nfsd'; nfsd ${nfs_server_flags}
if [ "${rpc_lockd_enable}" = "YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
if [ "${rpc_statd_enable}" = "YES" ]; then
echo -n ' rpc.statd'; rpc.statd
fi
fi
if [ "${nfs_client_enable}" = "YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ "${nfs_access_cache}" != "X" ]; then
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
>/dev/null
fi
fi
>/dev/null
fi
;;
esac
if [ "${amd_enable}" = "YES" ]; then
echo -n ' amd'
if [ "${amd_map_program}" != "NO" ]; then
amd_flags="${amd_flags} `eval ${amd_map_program}`"
fi
if [ -n "${amd_flags}" ]
then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval ${amd_map_program}`"
;;
esac
if [ "${rwhod_enable}" = "YES" ]; then
echo -n ' rwhod'; rwhod ${rwhod_flags}
fi
if [ -n "${amd_flags}" ]; then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
if [ "${kerberos_server_enable}" = "YES" ]; then
if [ "${kerberos_stash}" = "YES" ]; then
stash_flag=-n
else
stash_flag=
fi
echo -n ' kerberos'; \
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
if [ "${kadmind_server_enable}" = "YES" ]; then
echo -n ' kadmind'; \
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
fi
unset stash_flag
fi
echo '.'
network_pass3_done=YES
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind'
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
;;
esac
unset stash_flag
;;
esac
echo '.'
network_pass3_done=YES
}

870
etc/rc.d/network2
View File

@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/rc.conf. Please check that file
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
if [ -z "`hostname -s`" ] ; then
hostname ${hostname}
echo -n ' hostname'
fi
echo -n 'Doing initial network setup:'
# Set the domainname if we're using NIS
if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
domainname ${nisdomainname}
echo -n ' domain'
fi
echo '.'
# Initial ATM interface configuration
if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
# ISDN subsystem startup
if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ] ; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
if [ "${network_interfaces}" = "auto" ]; then
network_interfaces="`ifconfig -l`"
fi
for ifn in ${network_interfaces}; do
showstat=false
if [ -e /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
eval ifconfig_args=\$ifconfig_${ifn}
if [ -n "${ifconfig_args}" ] ; then
# See if we are using DHCP
if [ "${ifconfig_args}" = "DHCP" ]; then
${dhcp_program} ${dhcp_flags} ${ifn}
else
ifconfig ${ifn} ${ifconfig_args}
fi
showstat=true
fi
# Check to see if aliases need to be added
alias=0
while :
do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
if [ "${showstat}" = "true" ]
then
ifconfig ${ifn}
fi
done
# Warm up user ppp if required, must happen before natd.
if [ "${ppp_enable}" = "YES" ]; then
# Establish ppp mode.
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
if [ "${ppp_nat}" = "YES" ]; then
ppp_command="${ppp_command} -nat";
fi
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
fi
# Initialize IP filtering using ipfw
echo ""
/sbin/ipfw -q flush > /dev/null 2>&1
if [ $? = 0 ] ; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
if kldload ipfw; then
firewall_in_kernel=1 # module loaded successfully
echo "Kernel firewall module loaded."
else
echo "Warning: firewall kernel module failed to load."
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
fi
fi
# Load the filters if required
if [ ${firewall_in_kernel} = 1 ]; then
if [ -z "${firewall_script}" ] ; then
firewall_script="/etc/rc.firewall"
fi
if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
# Network Address Translation daemon
if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
fi
echo '.'
;;
esac
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
esac
for ifn in ${network_interfaces}; do
showstat=false
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
showstat=true
;;
*)
ifconfig ${ifn} ${ifconfig_args}
showstat=true
;;
esac
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
case ${showstat} in
true)
ifconfig ${ifn}
;;
esac
done
# Warm up user ppp if required, must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat";
;;
esac
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
;;
esac
# Initialize IP filtering using ipfw
#
echo ''
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
IPFW_DEFAULT=`ipfw l 65535`
if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
firewall_in_kernel=0
fi
fi
# Additional ATM interface configuration
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo "Kernel firewall module loaded."
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo "Warning: firewall kernel module failed to load."
fi
;;
esac
# Configure routing
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
if [ "${defaultrouter}" != "NO" ] ; then
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
# Set up any static routes. This should be done before router discovery.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r ${firewall_script} ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
echo -n 'Additional routing options:'
if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
fi
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
fi
if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
fi
echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
fi
;;
esac
if [ "${icmp_bmcastecho}" = "YES" ]; then
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
fi
if [ "${icmp_drop_redirect}" = "YES" ]; then
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
fi
if [ "${icmp_log_redirect}" = "YES" ]; then
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
fi
echo '.'
if [ "${gateway_enable}" = "YES" ]; then
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
fi
if [ "${forward_sourceroute}" = "YES" ]; then
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
fi
elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
;;
esac
;;
esac
if [ "${accept_sourceroute}" = "YES" ]; then
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
fi
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
if [ "${tcp_keepalive}" = "YES" ]; then
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ "X$tcp_restrict_rst" = X"YES" ]; then
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
fi
# Set up any static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
if [ "X$tcp_drop_synfin" = X"YES" ]; then
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
if [ "${ipxgateway_enable}" = "YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
fi
if [ "${arpproxy_all}" = "YES" ]; then
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
fi
echo '.'
case ${log_in_vain} in
[Nn][Oo] | '')
;;
*)
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
;;
esac
echo -n 'routing daemons:'
if [ "${router_enable}" = "YES" ]; then
echo -n " ${router}"; ${router} ${router_flags}
fi
if [ "${ipxrouted_enable}" = "YES" ]; then
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
fi
if [ "${mrouted_enable}" = "YES" ]; then
echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
if [ "${rarpd_enable}" = "YES" ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
echo '.'
network_pass1_done=YES # Let future generations know we made it.
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_restrict_rst} in
[Yy][Ee][Ss])
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
echo '.'
echo -n 'routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
if [ "${named_enable}" = "YES" ]; then
echo -n ' named'; ${named_program-"named"} ${named_flags}
fi
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
if [ "${ntpdate_enable}" = "YES" ]; then
echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
fi
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
if [ "${xntpd_enable}" = "YES" ]; then
echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
fi
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
;;
esac
if [ "${timed_enable}" = "YES" ]; then
echo -n ' timed'; timed ${timed_flags}
fi
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
if [ "${portmap_enable}" = "YES" ]; then
echo -n ' portmap'; ${portmap_program} ${portmap_flags}
fi
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
if [ "${nis_server_enable}" = "YES" ]; then
echo -n ' ypserv'; ypserv ${nis_server_flags}
if [ "${nis_ypxfrd_enable}" = "YES" ]; then
echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
fi
if [ "${nis_yppasswdd_enable}" = "YES" ]; then
echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
fi
fi
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
# Start ypbind if we're an NIS client
if [ "${nis_client_enable}" = "YES" ]; then
echo -n ' ypbind'; ypbind ${nis_client_flags}
if [ "${nis_ypset_enable}" = "YES" ]; then
echo -n ' ypset'; ypset ${nis_ypset_flags}
fi
fi
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
# Start keyserv if we are running Secure RPC
if [ "${keyserv_enable}" = "YES" ]; then
echo -n ' keyserv'; keyserv ${keyserv_flags}
fi
# Start ypupdated if we are running Secure RPC and we are NIS master
if [ "${rpc_ypupdated_enable}" = "YES" ]; then
echo -n ' rpc.ypupdated'; rpc.ypupdated
fi
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
echo '.'
network_pass2_done=YES
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
echo -n 'Starting final network daemons:'
if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
echo -n ' mountd'
if [ "${weak_mountd_authentication}" = "YES" ]; then
mountd_flags="-n"
fi
mountd ${mountd_flags}
if [ "${nfs_reserved_port_only}" = "YES" ]; then
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
fi
echo -n ' nfsd'; nfsd ${nfs_server_flags}
if [ "${rpc_lockd_enable}" = "YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
if [ "${rpc_statd_enable}" = "YES" ]; then
echo -n ' rpc.statd'; rpc.statd
fi
fi
if [ "${nfs_client_enable}" = "YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ "${nfs_access_cache}" != "X" ]; then
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
>/dev/null
fi
fi
>/dev/null
fi
;;
esac
if [ "${amd_enable}" = "YES" ]; then
echo -n ' amd'
if [ "${amd_map_program}" != "NO" ]; then
amd_flags="${amd_flags} `eval ${amd_map_program}`"
fi
if [ -n "${amd_flags}" ]
then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval ${amd_map_program}`"
;;
esac
if [ "${rwhod_enable}" = "YES" ]; then
echo -n ' rwhod'; rwhod ${rwhod_flags}
fi
if [ -n "${amd_flags}" ]; then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
if [ "${kerberos_server_enable}" = "YES" ]; then
if [ "${kerberos_stash}" = "YES" ]; then
stash_flag=-n
else
stash_flag=
fi
echo -n ' kerberos'; \
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
if [ "${kadmind_server_enable}" = "YES" ]; then
echo -n ' kadmind'; \
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
fi
unset stash_flag
fi
echo '.'
network_pass3_done=YES
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind'
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
;;
esac
unset stash_flag
;;
esac
echo '.'
network_pass3_done=YES
}

870
etc/rc.d/network3
View File

@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/rc.conf. Please check that file
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
if [ -z "`hostname -s`" ] ; then
hostname ${hostname}
echo -n ' hostname'
fi
echo -n 'Doing initial network setup:'
# Set the domainname if we're using NIS
if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
domainname ${nisdomainname}
echo -n ' domain'
fi
echo '.'
# Initial ATM interface configuration
if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
# ISDN subsystem startup
if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ] ; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
if [ "${network_interfaces}" = "auto" ]; then
network_interfaces="`ifconfig -l`"
fi
for ifn in ${network_interfaces}; do
showstat=false
if [ -e /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
eval ifconfig_args=\$ifconfig_${ifn}
if [ -n "${ifconfig_args}" ] ; then
# See if we are using DHCP
if [ "${ifconfig_args}" = "DHCP" ]; then
${dhcp_program} ${dhcp_flags} ${ifn}
else
ifconfig ${ifn} ${ifconfig_args}
fi
showstat=true
fi
# Check to see if aliases need to be added
alias=0
while :
do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
if [ "${showstat}" = "true" ]
then
ifconfig ${ifn}
fi
done
# Warm up user ppp if required, must happen before natd.
if [ "${ppp_enable}" = "YES" ]; then
# Establish ppp mode.
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
if [ "${ppp_nat}" = "YES" ]; then
ppp_command="${ppp_command} -nat";
fi
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
fi
# Initialize IP filtering using ipfw
echo ""
/sbin/ipfw -q flush > /dev/null 2>&1
if [ $? = 0 ] ; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
if kldload ipfw; then
firewall_in_kernel=1 # module loaded successfully
echo "Kernel firewall module loaded."
else
echo "Warning: firewall kernel module failed to load."
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
fi
fi
# Load the filters if required
if [ ${firewall_in_kernel} = 1 ]; then
if [ -z "${firewall_script}" ] ; then
firewall_script="/etc/rc.firewall"
fi
if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
# Network Address Translation daemon
if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
fi
echo '.'
;;
esac
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
esac
for ifn in ${network_interfaces}; do
showstat=false
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
showstat=true
;;
*)
ifconfig ${ifn} ${ifconfig_args}
showstat=true
;;
esac
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
case ${showstat} in
true)
ifconfig ${ifn}
;;
esac
done
# Warm up user ppp if required, must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat";
;;
esac
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
;;
esac
# Initialize IP filtering using ipfw
#
echo ''
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
IPFW_DEFAULT=`ipfw l 65535`
if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
firewall_in_kernel=0
fi
fi
# Additional ATM interface configuration
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo "Kernel firewall module loaded."
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo "Warning: firewall kernel module failed to load."
fi
;;
esac
# Configure routing
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
if [ "${defaultrouter}" != "NO" ] ; then
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
# Set up any static routes. This should be done before router discovery.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r ${firewall_script} ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
echo -n 'Additional routing options:'
if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
fi
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
fi
if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
fi
echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
fi
;;
esac
if [ "${icmp_bmcastecho}" = "YES" ]; then
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
fi
if [ "${icmp_drop_redirect}" = "YES" ]; then
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
fi
if [ "${icmp_log_redirect}" = "YES" ]; then
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
fi
echo '.'
if [ "${gateway_enable}" = "YES" ]; then
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
fi
if [ "${forward_sourceroute}" = "YES" ]; then
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
fi
elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
;;
esac
;;
esac
if [ "${accept_sourceroute}" = "YES" ]; then
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
fi
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
if [ "${tcp_keepalive}" = "YES" ]; then
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ "X$tcp_restrict_rst" = X"YES" ]; then
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
fi
# Set up any static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
if [ "X$tcp_drop_synfin" = X"YES" ]; then
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
if [ "${ipxgateway_enable}" = "YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
fi
if [ "${arpproxy_all}" = "YES" ]; then
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
fi
echo '.'
case ${log_in_vain} in
[Nn][Oo] | '')
;;
*)
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
;;
esac
echo -n 'routing daemons:'
if [ "${router_enable}" = "YES" ]; then
echo -n " ${router}"; ${router} ${router_flags}
fi
if [ "${ipxrouted_enable}" = "YES" ]; then
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
fi
if [ "${mrouted_enable}" = "YES" ]; then
echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
if [ "${rarpd_enable}" = "YES" ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
echo '.'
network_pass1_done=YES # Let future generations know we made it.
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_restrict_rst} in
[Yy][Ee][Ss])
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
echo '.'
echo -n 'routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
if [ "${named_enable}" = "YES" ]; then
echo -n ' named'; ${named_program-"named"} ${named_flags}
fi
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
if [ "${ntpdate_enable}" = "YES" ]; then
echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
fi
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
if [ "${xntpd_enable}" = "YES" ]; then
echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
fi
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
;;
esac
if [ "${timed_enable}" = "YES" ]; then
echo -n ' timed'; timed ${timed_flags}
fi
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
if [ "${portmap_enable}" = "YES" ]; then
echo -n ' portmap'; ${portmap_program} ${portmap_flags}
fi
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
if [ "${nis_server_enable}" = "YES" ]; then
echo -n ' ypserv'; ypserv ${nis_server_flags}
if [ "${nis_ypxfrd_enable}" = "YES" ]; then
echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
fi
if [ "${nis_yppasswdd_enable}" = "YES" ]; then
echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
fi
fi
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
# Start ypbind if we're an NIS client
if [ "${nis_client_enable}" = "YES" ]; then
echo -n ' ypbind'; ypbind ${nis_client_flags}
if [ "${nis_ypset_enable}" = "YES" ]; then
echo -n ' ypset'; ypset ${nis_ypset_flags}
fi
fi
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
# Start keyserv if we are running Secure RPC
if [ "${keyserv_enable}" = "YES" ]; then
echo -n ' keyserv'; keyserv ${keyserv_flags}
fi
# Start ypupdated if we are running Secure RPC and we are NIS master
if [ "${rpc_ypupdated_enable}" = "YES" ]; then
echo -n ' rpc.ypupdated'; rpc.ypupdated
fi
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
echo '.'
network_pass2_done=YES
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
echo -n 'Starting final network daemons:'
if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
echo -n ' mountd'
if [ "${weak_mountd_authentication}" = "YES" ]; then
mountd_flags="-n"
fi
mountd ${mountd_flags}
if [ "${nfs_reserved_port_only}" = "YES" ]; then
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
fi
echo -n ' nfsd'; nfsd ${nfs_server_flags}
if [ "${rpc_lockd_enable}" = "YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
if [ "${rpc_statd_enable}" = "YES" ]; then
echo -n ' rpc.statd'; rpc.statd
fi
fi
if [ "${nfs_client_enable}" = "YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ "${nfs_access_cache}" != "X" ]; then
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
>/dev/null
fi
fi
>/dev/null
fi
;;
esac
if [ "${amd_enable}" = "YES" ]; then
echo -n ' amd'
if [ "${amd_map_program}" != "NO" ]; then
amd_flags="${amd_flags} `eval ${amd_map_program}`"
fi
if [ -n "${amd_flags}" ]
then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval ${amd_map_program}`"
;;
esac
if [ "${rwhod_enable}" = "YES" ]; then
echo -n ' rwhod'; rwhod ${rwhod_flags}
fi
if [ -n "${amd_flags}" ]; then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
if [ "${kerberos_server_enable}" = "YES" ]; then
if [ "${kerberos_stash}" = "YES" ]; then
stash_flag=-n
else
stash_flag=
fi
echo -n ' kerberos'; \
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
if [ "${kadmind_server_enable}" = "YES" ]; then
echo -n ' kadmind'; \
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
fi
unset stash_flag
fi
echo '.'
network_pass3_done=YES
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind'
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
;;
esac
unset stash_flag
;;
esac
echo '.'
network_pass3_done=YES
}

23
etc/rc.d/pccard
View File

@ -2,15 +2,22 @@
# PC-card startup script
# $FreeBSD$
if [ "${pccard_enable}" = "YES" ] ; then
if [ "${pccard_mem}" != "DEFAULT" ] ; then
pccardc pccardmem ${pccard_mem}
else
case ${pccard_enable} in
[Yy][Ee][Ss])
case ${pccard_mem} in
[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
pccardc pccardmem 0xd0000
fi
if [ -n "${pccard_conf}" ] ; then
;;
*)
pccardc pccardmem ${pccard_mem}
;;
esac
if [ -n "${pccard_conf}" ]; then
pccardd_flags="${pccardd_flags} -f ${pccard_conf}"
fi
echo -n "Enable PC-card."
echo -n "Enable PC-card."
pccardd ${pccardd_flags} 2>&1 > /var/log/pccardd.debug
fi
;;
esac

12
etc/rc.d/resolv
View File

@ -1,11 +1,14 @@
#
#$FreeBSD$
#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
if [ -f /etc/defaults/rc.conf ]; then
fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
elif [ -f /etc/rc.conf ]; then
/sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512

870
etc/rc.d/routing
View File

@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/rc.conf. Please check that file
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
if [ -z "`hostname -s`" ] ; then
hostname ${hostname}
echo -n ' hostname'
fi
echo -n 'Doing initial network setup:'
# Set the domainname if we're using NIS
if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
domainname ${nisdomainname}
echo -n ' domain'
fi
echo '.'
# Initial ATM interface configuration
if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
# ISDN subsystem startup
if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ] ; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
if [ "${network_interfaces}" = "auto" ]; then
network_interfaces="`ifconfig -l`"
fi
for ifn in ${network_interfaces}; do
showstat=false
if [ -e /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
eval ifconfig_args=\$ifconfig_${ifn}
if [ -n "${ifconfig_args}" ] ; then
# See if we are using DHCP
if [ "${ifconfig_args}" = "DHCP" ]; then
${dhcp_program} ${dhcp_flags} ${ifn}
else
ifconfig ${ifn} ${ifconfig_args}
fi
showstat=true
fi
# Check to see if aliases need to be added
alias=0
while :
do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
if [ "${showstat}" = "true" ]
then
ifconfig ${ifn}
fi
done
# Warm up user ppp if required, must happen before natd.
if [ "${ppp_enable}" = "YES" ]; then
# Establish ppp mode.
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
if [ "${ppp_nat}" = "YES" ]; then
ppp_command="${ppp_command} -nat";
fi
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
fi
# Initialize IP filtering using ipfw
echo ""
/sbin/ipfw -q flush > /dev/null 2>&1
if [ $? = 0 ] ; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
if kldload ipfw; then
firewall_in_kernel=1 # module loaded successfully
echo "Kernel firewall module loaded."
else
echo "Warning: firewall kernel module failed to load."
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
fi
fi
# Load the filters if required
if [ ${firewall_in_kernel} = 1 ]; then
if [ -z "${firewall_script}" ] ; then
firewall_script="/etc/rc.firewall"
fi
if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
# Network Address Translation daemon
if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
fi
echo '.'
;;
esac
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
esac
for ifn in ${network_interfaces}; do
showstat=false
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
showstat=true
;;
*)
ifconfig ${ifn} ${ifconfig_args}
showstat=true
;;
esac
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
case ${showstat} in
true)
ifconfig ${ifn}
;;
esac
done
# Warm up user ppp if required, must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat";
;;
esac
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
;;
esac
# Initialize IP filtering using ipfw
#
echo ''
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
IPFW_DEFAULT=`ipfw l 65535`
if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
firewall_in_kernel=0
fi
fi
# Additional ATM interface configuration
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo "Kernel firewall module loaded."
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo "Warning: firewall kernel module failed to load."
fi
;;
esac
# Configure routing
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
if [ "${defaultrouter}" != "NO" ] ; then
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
# Set up any static routes. This should be done before router discovery.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r ${firewall_script} ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
echo -n 'Additional routing options:'
if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
fi
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
fi
if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
fi
echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
fi
;;
esac
if [ "${icmp_bmcastecho}" = "YES" ]; then
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
fi
if [ "${icmp_drop_redirect}" = "YES" ]; then
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
fi
if [ "${icmp_log_redirect}" = "YES" ]; then
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
fi
echo '.'
if [ "${gateway_enable}" = "YES" ]; then
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
fi
if [ "${forward_sourceroute}" = "YES" ]; then
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
fi
elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
;;
esac
;;
esac
if [ "${accept_sourceroute}" = "YES" ]; then
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
fi
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
if [ "${tcp_keepalive}" = "YES" ]; then
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ "X$tcp_restrict_rst" = X"YES" ]; then
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
fi
# Set up any static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
if [ "X$tcp_drop_synfin" = X"YES" ]; then
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
if [ "${ipxgateway_enable}" = "YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
fi
if [ "${arpproxy_all}" = "YES" ]; then
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
fi
echo '.'
case ${log_in_vain} in
[Nn][Oo] | '')
;;
*)
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
;;
esac
echo -n 'routing daemons:'
if [ "${router_enable}" = "YES" ]; then
echo -n " ${router}"; ${router} ${router_flags}
fi
if [ "${ipxrouted_enable}" = "YES" ]; then
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
fi
if [ "${mrouted_enable}" = "YES" ]; then
echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
if [ "${rarpd_enable}" = "YES" ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
echo '.'
network_pass1_done=YES # Let future generations know we made it.
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_restrict_rst} in
[Yy][Ee][Ss])
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
echo '.'
echo -n 'routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
if [ "${named_enable}" = "YES" ]; then
echo -n ' named'; ${named_program-"named"} ${named_flags}
fi
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
if [ "${ntpdate_enable}" = "YES" ]; then
echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
fi
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
if [ "${xntpd_enable}" = "YES" ]; then
echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
fi
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
;;
esac
if [ "${timed_enable}" = "YES" ]; then
echo -n ' timed'; timed ${timed_flags}
fi
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
if [ "${portmap_enable}" = "YES" ]; then
echo -n ' portmap'; ${portmap_program} ${portmap_flags}
fi
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
if [ "${nis_server_enable}" = "YES" ]; then
echo -n ' ypserv'; ypserv ${nis_server_flags}
if [ "${nis_ypxfrd_enable}" = "YES" ]; then
echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
fi
if [ "${nis_yppasswdd_enable}" = "YES" ]; then
echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
fi
fi
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
# Start ypbind if we're an NIS client
if [ "${nis_client_enable}" = "YES" ]; then
echo -n ' ypbind'; ypbind ${nis_client_flags}
if [ "${nis_ypset_enable}" = "YES" ]; then
echo -n ' ypset'; ypset ${nis_ypset_flags}
fi
fi
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
# Start keyserv if we are running Secure RPC
if [ "${keyserv_enable}" = "YES" ]; then
echo -n ' keyserv'; keyserv ${keyserv_flags}
fi
# Start ypupdated if we are running Secure RPC and we are NIS master
if [ "${rpc_ypupdated_enable}" = "YES" ]; then
echo -n ' rpc.ypupdated'; rpc.ypupdated
fi
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
echo '.'
network_pass2_done=YES
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
echo -n 'Starting final network daemons:'
if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
echo -n ' mountd'
if [ "${weak_mountd_authentication}" = "YES" ]; then
mountd_flags="-n"
fi
mountd ${mountd_flags}
if [ "${nfs_reserved_port_only}" = "YES" ]; then
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
fi
echo -n ' nfsd'; nfsd ${nfs_server_flags}
if [ "${rpc_lockd_enable}" = "YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
if [ "${rpc_statd_enable}" = "YES" ]; then
echo -n ' rpc.statd'; rpc.statd
fi
fi
if [ "${nfs_client_enable}" = "YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ "${nfs_access_cache}" != "X" ]; then
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
>/dev/null
fi
fi
>/dev/null
fi
;;
esac
if [ "${amd_enable}" = "YES" ]; then
echo -n ' amd'
if [ "${amd_map_program}" != "NO" ]; then
amd_flags="${amd_flags} `eval ${amd_map_program}`"
fi
if [ -n "${amd_flags}" ]
then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval ${amd_map_program}`"
;;
esac
if [ "${rwhod_enable}" = "YES" ]; then
echo -n ' rwhod'; rwhod ${rwhod_flags}
fi
if [ -n "${amd_flags}" ]; then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
if [ "${kerberos_server_enable}" = "YES" ]; then
if [ "${kerberos_stash}" = "YES" ]; then
stash_flag=-n
else
stash_flag=
fi
echo -n ' kerberos'; \
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
if [ "${kadmind_server_enable}" = "YES" ]; then
echo -n ' kadmind'; \
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
fi
unset stash_flag
fi
echo '.'
network_pass3_done=YES
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind'
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
;;
esac
unset stash_flag
;;
esac
echo '.'
network_pass3_done=YES
}

12
etc/rc.d/tmp
View File

@ -1,11 +1,14 @@
#
#$FreeBSD$
#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
if [ -f /etc/defaults/rc.conf ]; then
fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
elif [ -f /etc/rc.conf ]; then
/sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512

12
etc/rc.d/var
View File

@ -1,11 +1,14 @@
#
#$FreeBSD$
#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
if [ -f /etc/defaults/rc.conf ]; then
fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
elif [ -f /etc/rc.conf ]; then
/sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512

7
etc/rc.devfs
View File

@ -2,12 +2,13 @@
# $FreeBSD$
#
# If there is a global system configuration file, suck it in.
if [ -f /etc/defaults/rc.conf ]; then
#
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
elif [ -f /etc/rc.conf ]; then
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
# Setup DEVFS, ie permisisons, links etc.
#
ln -fs /dev/ttyv0 /dev/vga

36
etc/rc.diskless1
View File

@ -1,4 +1,6 @@
#
# $FreeBSD$
#
# /etc/rc.diskless - general BOOTP startup
#
# BOOTP has mounted / for us. Assume a read-only mount. We must then
@ -10,14 +12,14 @@
# set by the system operator on the server to be softlinks to
# /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may
# choose to retarget other files as well. The server itself boots
# properly with its default /conf/ME softlink pointing to
# /conf/server.host.name.
# properly with its default /conf/ME softlink pointing to
# /conf/server.host.name.
#
# During a diskless boot, we retarget the /conf/ME softlink to point
# to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config
# files that are softlinks through /conf/ME also get retargeted.
#
# SEE SAMPLE FILES IN /usr/share/examples/diskless.
# SEE SAMPLE FILES IN /usr/share/examples/diskless.
# chkerr:
#
@ -25,27 +27,31 @@
#
# checks error code and drops into shell on failure.
# if shell exits, terminates script as well as /etc/rc.
#
chkerr() {
if [ $1 != 0 ]; then
case $1 in
0)
;;
*)
echo "$2 failed: dropping into /bin/sh"
/bin/sh
# RESUME
fi
;;
esac
}
# DEBUGGING
#
set -v
# Figure out where the root mount is coming from, synthesize a mount
# for /usr and mount it.
# Figure out where the root mount is coming from, synthesize a mount
# for /usr and mount it.
#
# e.g. nfs_root might wind up as "A.B.C.D:/"
# e.g. nfs_root might wind up as "A.B.C.D:/"
#
# NOTE! the /usr mount is only temporary so we can access commands necessary
# to retarget /conf/ME. The actual /usr mount should be part of the
# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
# NOTE! the /usr mount is only temporary so we can access commands necessary
# to retarget /conf/ME. The actual /usr mount should be part of the
# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
#
set `/bin/df /`
nfs_root=$8
@ -53,7 +59,7 @@ mount_nfs -o ro ${nfs_root}/usr /usr
chkerr $? "mount of /usr"
# Figure out our interface and IP.
# Figure out our interface and IP.
#
bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'`
@ -74,7 +80,7 @@ umount /usr
#
# WARNING! null mounts cannot handle mmap, and since many programs
# use mmap (such as 'cp'), we have to copy.
#
mount_mfs -s 256 -T qp120at -o union dummy /conf
chkerr $? "MFS mount on /conf"
@ -91,7 +97,7 @@ sysctl -w kern.bootfile=/conf/ME/kernel
# else.
#
# This script is responsible for setting up the
# diskless mount environment. This can be
# diskless mount environment. This can be
# overriden by /conf/ME/rc.conf.local if, for
# example, you do not want to run the standard
# system /etc/rc.diskless2

12
etc/rc.diskless2
View File

@ -1,11 +1,14 @@
#
#$FreeBSD$
#
# rc.diskless2
#
# If there is a global system configuration file, suck it in.
#
if [ -f /etc/defaults/rc.conf ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
elif [ -f /etc/rc.conf ]; then
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
@ -29,7 +32,6 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
(cd /; cpio -i -H newc -d < /tmp/dev.tmp)

203
etc/rc.firewall
View File

@ -3,9 +3,9 @@
# $FreeBSD$
# Suck in the configuration variables.
if [ -f /etc/defaults/rc.conf ]; then
if [ -r /etc/defaults/rc.conf ]; then
. /etc/defaults/rc.conf
elif [ -f /etc/rc.conf ]; then
elif [ -r /etc/rc.conf ]; then
. /etc/rc.conf
fi
@ -18,7 +18,7 @@ fi
# UNKNOWN - disables the loading of firewall rules.
# filename - will load the rules in the given filename (full path required)
#
# For ``client'' and ``simple'' the entries below should be customized
# For ``client'' and ``simple'' the entries below should be customized
# appropriately.
############
@ -44,20 +44,25 @@ fi
# http://www.awl.com/
#
if [ -n "$1" ]; then
firewall_type=$1
if [ -n "${1}" ]; then
firewall_type="${1}"
fi
############
# Set quiet mode if requested
if [ "${firewall_quiet}" = "YES" ]; then
#
case ${firewall_quiet} in
[Yy][Ee][Ss])
fwcmd="/sbin/ipfw -q"
else
;;
*)
fwcmd="/sbin/ipfw"
fi
;;
esac
############
# Flush out the list before we begin.
#
${fwcmd} -f flush
############
@ -65,127 +70,145 @@ ${fwcmd} -f flush
# natd before they encounter your remaining rules. The firewall rules
# will then be run again on each packet after translation by natd,
# minus any divert rules (see natd(8)).
if [ "${natd_enable}" = "YES" -a "${natd_interface}" != "X" ]; then
${fwcmd} add divert natd all from any to any via ${natd_interface}
fi
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
${fwcmd} add divert natd all from any to any via ${natd_interface}
fi
;;
esac
############
# If you just configured ipfw in the kernel as a tool to solve network
# problems or you just want to disallow some particular kinds of traffic
# they you will want to change the default policy to open. You can also
# do this as your only action by setting the firewall_type to ``open''.
#
# ${fwcmd} add 65000 pass all from any to any
############
# Only in rare cases do you want to change these rules
#
${fwcmd} add 100 pass all from any to any via lo0
${fwcmd} add 200 deny all from any to 127.0.0.0/8
# Prototype setups.
if [ "${firewall_type}" = "open" -o "${firewall_type}" = "OPEN" ]; then
#
case ${firewall_type} in
[Oo][Pp][Ee][Nn])
${fwcmd} add 65000 pass all from any to any
;;
[Cc][Ll][Ii][Ee][Nn][Tt])
elif [ "${firewall_type}" = "client" ]; then
############
# This is a prototype setup that will protect your system somewhat
# against people from outside your own network.
############
############
# This is a prototype setup that will protect your system somewhat against
# people from outside your own network.
############
# set these to your network and netmask and ip
net="192.168.4.0"
mask="255.255.255.0"
ip="192.168.4.17"
# set these to your network and netmask and ip
net="192.168.4.0"
mask="255.255.255.0"
ip="192.168.4.17"
# Allow any traffic to or from my own net.
${fwcmd} add pass all from ${ip} to ${net}:${mask}
${fwcmd} add pass all from ${net}:${mask} to ${ip}
# Allow any traffic to or from my own net.
${fwcmd} add pass all from ${ip} to ${net}:${mask}
${fwcmd} add pass all from ${net}:${mask} to ${ip}
# Allow TCP through if setup succeeded
${fwcmd} add pass tcp from any to any established
# Allow TCP through if setup succeeded
${fwcmd} add pass tcp from any to any established
# Allow setup of incoming email
${fwcmd} add pass tcp from any to ${ip} 25 setup
# Allow setup of incoming email
${fwcmd} add pass tcp from any to ${ip} 25 setup
# Allow setup of outgoing TCP connections only
${fwcmd} add pass tcp from ${ip} to any setup
# Allow setup of outgoing TCP connections only
${fwcmd} add pass tcp from ${ip} to any setup
# Disallow setup of all other TCP connections
${fwcmd} add deny tcp from any to any setup
# Disallow setup of all other TCP connections
${fwcmd} add deny tcp from any to any setup
# Allow DNS queries out in the world
${fwcmd} add pass udp from any 53 to ${ip}
${fwcmd} add pass udp from ${ip} to any 53
# Allow DNS queries out in the world
${fwcmd} add pass udp from any 53 to ${ip}
${fwcmd} add pass udp from ${ip} to any 53
# Allow NTP queries out in the world
${fwcmd} add pass udp from any 123 to ${ip}
${fwcmd} add pass udp from ${ip} to any 123
# Allow NTP queries out in the world
${fwcmd} add pass udp from any 123 to ${ip}
${fwcmd} add pass udp from ${ip} to any 123
# Everything else is denied by default, unless the
# IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
# config file.
;;
# Everything else is denied as default.
[Ss][Ii][Mm][Pp][Ll][Ee])
elif [ "${firewall_type}" = "simple" ]; then
############
# This is a prototype setup for a simple firewall. Configure this
# machine as a named server and ntp server, and point all the machines
# on the inside at this machine for those services.
############
############
# This is a prototype setup for a simple firewall. Configure this machine
# as a named server and ntp server, and point all the machines on the inside
# at this machine for those services.
############
# set these to your outside interface network and netmask and ip
oif="ed0"
onet="192.168.4.0"
omask="255.255.255.0"
oip="192.168.4.17"
# set these to your outside interface network and netmask and ip
oif="ed0"
onet="192.168.4.0"
omask="255.255.255.0"
oip="192.168.4.17"
# set these to your inside interface network and netmask and ip
iif="ed1"
inet="192.168.3.0"
imask="255.255.255.0"
iip="192.168.3.17"
# set these to your inside interface network and netmask and ip
iif="ed1"
inet="192.168.3.0"
imask="255.255.255.0"
iip="192.168.3.17"
# Stop spoofing
${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
# Stop spoofing
${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
# Stop RFC1918 nets on the outside interface
${fwcmd} add deny all from 192.168.0.0:255.255.0.0 to any via ${oif}
${fwcmd} add deny all from any to 192.168.0.0:255.255.0.0 via ${oif}
${fwcmd} add deny all from 172.16.0.0:255.240.0.0 to any via ${oif}
${fwcmd} add deny all from any to 172.16.0.0:255.240.0.0 via ${oif}
${fwcmd} add deny all from 10.0.0.0:255.0.0.0 to any via ${oif}
${fwcmd} add deny all from any to 10.0.0.0:255.0.0.0 via ${oif}
# Stop RFC1918 nets on the outside interface
${fwcmd} add deny all from 192.168.0.0:255.255.0.0 to any via ${oif}
${fwcmd} add deny all from any to 192.168.0.0:255.255.0.0 via ${oif}
${fwcmd} add deny all from 172.16.0.0:255.240.0.0 to any via ${oif}
${fwcmd} add deny all from any to 172.16.0.0:255.240.0.0 via ${oif}
${fwcmd} add deny all from 10.0.0.0:255.0.0.0 to any via ${oif}
${fwcmd} add deny all from any to 10.0.0.0:255.0.0.0 via ${oif}
# Allow TCP through if setup succeeded
${fwcmd} add pass tcp from any to any established
# Allow TCP through if setup succeeded
${fwcmd} add pass tcp from any to any established
# Allow setup of incoming email
${fwcmd} add pass tcp from any to ${oip} 25 setup
# Allow setup of incoming email
${fwcmd} add pass tcp from any to ${oip} 25 setup
# Allow access to our DNS
${fwcmd} add pass tcp from any to ${oip} 53 setup
# Allow access to our DNS
${fwcmd} add pass tcp from any to ${oip} 53 setup
# Allow access to our WWW
${fwcmd} add pass tcp from any to ${oip} 80 setup
# Allow access to our WWW
${fwcmd} add pass tcp from any to ${oip} 80 setup
# Reject&Log all setup of incoming connections from the outside
${fwcmd} add deny log tcp from any to any in via ${oif} setup
# Reject&Log all setup of incoming connections from the outside
${fwcmd} add deny log tcp from any to any in via ${oif} setup
# Allow setup of any other TCP connection
${fwcmd} add pass tcp from any to any setup
# Allow setup of any other TCP connection
${fwcmd} add pass tcp from any to any setup
# Allow DNS queries out in the world
${fwcmd} add pass udp from any 53 to ${oip}
${fwcmd} add pass udp from ${oip} to any 53
# Allow DNS queries out in the world
${fwcmd} add pass udp from any 53 to ${oip}
${fwcmd} add pass udp from ${oip} to any 53
# Allow NTP queries out in the world
${fwcmd} add pass udp from any 123 to ${oip}
${fwcmd} add pass udp from ${oip} to any 123
# Allow NTP queries out in the world
${fwcmd} add pass udp from any 123 to ${oip}
${fwcmd} add pass udp from ${oip} to any 123
# Everything else is denied by default, unless the
# IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel
# config file.
;;
# Everything else is denied as default.
elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then
${fwcmd} ${firewall_type}
fi
[Uu][Nn][Kk][Nn][Oo][Ww][Nn])
;;
*)
if [ -r "${firewall_type}" ]; then
${fwcmd} ${firewall_type}
fi
;;
esac

36
etc/rc.initdiskless
View File

@ -1,4 +1,6 @@
#
# $FreeBSD$
#
# /etc/rc.diskless - general BOOTP startup
#
# BOOTP has mounted / for us. Assume a read-only mount. We must then
@ -10,14 +12,14 @@
# set by the system operator on the server to be softlinks to
# /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may
# choose to retarget other files as well. The server itself boots
# properly with its default /conf/ME softlink pointing to
# /conf/server.host.name.
# properly with its default /conf/ME softlink pointing to
# /conf/server.host.name.
#
# During a diskless boot, we retarget the /conf/ME softlink to point
# to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config
# files that are softlinks through /conf/ME also get retargeted.
#
# SEE SAMPLE FILES IN /usr/share/examples/diskless.
# SEE SAMPLE FILES IN /usr/share/examples/diskless.
# chkerr:
#
@ -25,27 +27,31 @@
#
# checks error code and drops into shell on failure.
# if shell exits, terminates script as well as /etc/rc.
#
chkerr() {
if [ $1 != 0 ]; then
case $1 in
0)
;;
*)
echo "$2 failed: dropping into /bin/sh"
/bin/sh
# RESUME
fi
;;
esac
}
# DEBUGGING
#
set -v
# Figure out where the root mount is coming from, synthesize a mount
# for /usr and mount it.
# Figure out where the root mount is coming from, synthesize a mount
# for /usr and mount it.
#
# e.g. nfs_root might wind up as "A.B.C.D:/"
# e.g. nfs_root might wind up as "A.B.C.D:/"
#
# NOTE! the /usr mount is only temporary so we can access commands necessary
# to retarget /conf/ME. The actual /usr mount should be part of the
# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
# NOTE! the /usr mount is only temporary so we can access commands necessary
# to retarget /conf/ME. The actual /usr mount should be part of the
# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
#
set `/bin/df /`
nfs_root=$8
@ -53,7 +59,7 @@ mount_nfs -o ro ${nfs_root}/usr /usr
chkerr $? "mount of /usr"
# Figure out our interface and IP.
# Figure out our interface and IP.
#
bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'`
@ -74,7 +80,7 @@ umount /usr
#
# WARNING! null mounts cannot handle mmap, and since many programs
# use mmap (such as 'cp'), we have to copy.
#
mount_mfs -s 256 -T qp120at -o union dummy /conf
chkerr $? "MFS mount on /conf"
@ -91,7 +97,7 @@ sysctl -w kern.bootfile=/conf/ME/kernel
# else.
#
# This script is responsible for setting up the
# diskless mount environment. This can be
# diskless mount environment. This can be
# overriden by /conf/ME/rc.conf.local if, for
# example, you do not want to run the standard
# system /etc/rc.diskless2

60
etc/rc.isdn
View File

@ -10,39 +10,53 @@
#
#---------------------------------------------------------------------------
if [ "${isdn_enable}" = "YES" ] ; then
case ${isdn_enable} in
[Yy][Ee][Ss])
echo -n 'ISDN subsystem setup:'
# terminal type for fullscreen mode, default to syscons driver
# Terminal type for fullscreen mode, default to syscons driver
#
isdn_ttype=cons25
# check for pcvt driver (VT100/VT220 emulator)
if [ -x /usr/sbin/ispcvt ] ; then
if /usr/sbin/ispcvt ; then
# Check for pcvt driver (VT100/VT220 emulator)
#
if [ -x /usr/sbin/ispcvt ]; then
if /usr/sbin/ispcvt; then
isdn_ttype=pcvt25
fi
fi
if [ "${isdn_flags}" = "NO" ] ; then
isdn_flags=""
fi
# start the isdn daemon
if [ -x /usr/sbin/isdnd ] ; then
case ${isdn_flags} in
[Nn][Oo] | '')
isdn_flags=''
;;
esac
# Start the isdn daemon
#
if [ -x /usr/sbin/isdnd ]; then
echo -n ' isdnd'
if [ "${isdn_fsdev}" = "NO" ] ; then
/usr/sbin/isdnd ${isdn_flags}
else
case ${isdn_fsdev} in
[Nn][Oo] | '')
/usr/sbin/isdnd ${isdn_flags}
;;
*)
/usr/sbin/isdnd ${isdn_flags} -f -r ${isdn_fsdev} -t ${isdn_ttype}
fi
;;
esac
fi
# start isdntrace
if [ "${isdn_trace}" = "YES" -a -x /usr/sbin/isdntrace ] ; then
echo -n ' isdntrace'
nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 &
fi
# Start isdntrace
#
case ${isdn_trace} in
[Yy][Ee][Ss])
if [ -x /usr/sbin/isdntrace ]; then
echo -n ' isdntrace'
nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 &
fi
;;
esac
echo '.'
fi
;;
esac

870
etc/rc.network
View File

@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
# Note that almost all the user-configurable behavior is no longer in
# this file, but rather in /etc/rc.conf. Please check that file
# Note that almost all of the user-configurable behavior is no longer in
# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
#
network_pass1() {
echo -n 'Doing initial network setup:'
# Set the host name if it is not already set
if [ -z "`hostname -s`" ] ; then
hostname ${hostname}
echo -n ' hostname'
fi
echo -n 'Doing initial network setup:'
# Set the domainname if we're using NIS
if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
domainname ${nisdomainname}
echo -n ' domain'
fi
echo '.'
# Initial ATM interface configuration
if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
# ISDN subsystem startup
if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ] ; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
if [ "${network_interfaces}" = "auto" ]; then
network_interfaces="`ifconfig -l`"
fi
for ifn in ${network_interfaces}; do
showstat=false
if [ -e /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
eval ifconfig_args=\$ifconfig_${ifn}
if [ -n "${ifconfig_args}" ] ; then
# See if we are using DHCP
if [ "${ifconfig_args}" = "DHCP" ]; then
${dhcp_program} ${dhcp_flags} ${ifn}
else
ifconfig ${ifn} ${ifconfig_args}
fi
showstat=true
fi
# Check to see if aliases need to be added
alias=0
while :
do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
if [ "${showstat}" = "true" ]
then
ifconfig ${ifn}
fi
done
# Warm up user ppp if required, must happen before natd.
if [ "${ppp_enable}" = "YES" ]; then
# Establish ppp mode.
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
if [ "${ppp_nat}" = "YES" ]; then
ppp_command="${ppp_command} -nat";
fi
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
fi
# Initialize IP filtering using ipfw
echo ""
/sbin/ipfw -q flush > /dev/null 2>&1
if [ $? = 0 ] ; then
firewall_in_kernel=1
else
firewall_in_kernel=0
fi
if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
if kldload ipfw; then
firewall_in_kernel=1 # module loaded successfully
echo "Kernel firewall module loaded."
else
echo "Warning: firewall kernel module failed to load."
# Set the host name if it is not already set
#
if [ -z "`hostname -s`" ]; then
hostname ${hostname}
echo -n ' hostname'
fi
fi
# Load the filters if required
if [ ${firewall_in_kernel} = 1 ]; then
if [ -z "${firewall_script}" ] ; then
firewall_script="/etc/rc.firewall"
fi
if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
# Set the domainname if we're using NIS
#
case ${nisdomainname} in
[Nn][Oo] | '')
;;
*)
domainname ${nisdomainname}
echo -n ' domain'
;;
esac
# Network Address Translation daemon
if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
echo '.'
# Initial ATM interface configuration
#
case ${atm_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.atm ]; then
. /etc/rc.atm
atm_pass1
fi
echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
fi
echo '.'
;;
esac
# ISDN subsystem startup
#
case ${isdn_enable} in
[Yy][Ee][Ss])
if [ -r /etc/rc.isdn ]; then
. /etc/rc.isdn
fi
;;
esac
# Special options for sppp(4) interfaces go here. These need
# to go _before_ the general ifconfig section, since in the case
# of hardwired (no link1 flag) but required authentication, you
# cannot pass auth parameters down to the already running interface.
#
for ifn in ${sppp_interfaces}; do
eval spppcontrol_args=\$spppconfig_${ifn}
if [ -n "${spppcontrol_args}" ]; then
# The auth secrets might contain spaces; in order
# to retain the quotation, we need to eval them
# here.
eval spppcontrol ${ifn} ${spppcontrol_args}
fi
done
# Set up all the network interfaces, calling startup scripts if needed
#
case ${network_interfaces} in
[Aa][Uu][Tt][Oo])
network_interfaces="`ifconfig -l`"
;;
esac
for ifn in ${network_interfaces}; do
showstat=false
if [ -r /etc/start_if.${ifn} ]; then
. /etc/start_if.${ifn}
showstat=true
fi
# Do the primary ifconfig if specified
#
eval ifconfig_args=\$ifconfig_${ifn}
case ${ifconfig_args} in
'')
;;
[Dd][Hh][Cc][Pp])
${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
showstat=true
;;
*)
ifconfig ${ifn} ${ifconfig_args}
showstat=true
;;
esac
# Check to see if aliases need to be added
#
alias=0
while : ; do
eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args} alias
showstat=true
alias=`expr ${alias} + 1`
else
break;
fi
done
# Do ipx address if specified
#
eval ifconfig_args=\$ifconfig_${ifn}_ipx
if [ -n "${ifconfig_args}" ]; then
ifconfig ${ifn} ${ifconfig_args}
showstat=true
fi
case ${showstat} in
true)
ifconfig ${ifn}
;;
esac
done
# Warm up user ppp if required, must happen before natd.
#
case ${ppp_enable} in
[Yy][Ee][Ss])
# Establish ppp mode.
#
if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
-a "${ppp_mode}" != "dedicated" \
-a "${ppp_mode}" != "background" ]; then
ppp_mode="auto";
fi
ppp_command="-${ppp_mode} ";
# Switch on alias mode?
#
case ${ppp_nat} in
[Yy][Ee][Ss])
ppp_command="${ppp_command} -nat";
;;
esac
echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
;;
esac
# Initialize IP filtering using ipfw
#
echo ''
if /sbin/ipfw -q flush > /dev/null 2>&1; then
firewall_in_kernel=1
else
IPFW_DEFAULT=`ipfw l 65535`
if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
firewall_in_kernel=0
fi
fi
# Additional ATM interface configuration
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
firewall_in_kernel=1
echo "Kernel firewall module loaded."
elif [ "${firewall_in_kernel}" -eq 0 ]; then
echo "Warning: firewall kernel module failed to load."
fi
;;
esac
# Configure routing
# Load the filters if required
#
case ${firewall_in_kernel} in
1)
if [ -z "${firewall_script}" ]; then
firewall_script=/etc/rc.firewall
fi
if [ "${defaultrouter}" != "NO" ] ; then
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
fi
# Set up any static routes. This should be done before router discovery.
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
case ${firewall_enable} in
[Yy][Ee][Ss])
if [ -r ${firewall_script} ]; then
. ${firewall_script}
echo -n 'Firewall rules loaded, starting divert daemons:'
echo -n 'Additional routing options:'
if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
fi
# Network Address Translation daemon
#
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n "${natd_interface}" ]; then
if echo ${natd_interface} | \
grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
natd_ifarg="-a ${natd_interface}"
else
natd_ifarg="-n ${natd_interface}"
fi
if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
fi
echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
fi
;;
esac
if [ "${icmp_bmcastecho}" = "YES" ]; then
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
fi
if [ "${icmp_drop_redirect}" = "YES" ]; then
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
fi
if [ "${icmp_log_redirect}" = "YES" ]; then
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
fi
echo '.'
if [ "${gateway_enable}" = "YES" ]; then
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
fi
if [ "${forward_sourceroute}" = "YES" ]; then
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
fi
elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
echo -n "Warning: kernel has firewall functionality, "
echo "but firewall rules are not enabled."
echo " All ip services are disabled."
fi
;;
esac
;;
esac
if [ "${accept_sourceroute}" = "YES" ]; then
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
fi
# Additional ATM interface configuration
#
if [ -n "${atm_pass1_done}" ]; then
atm_pass2
fi
if [ "${tcp_keepalive}" = "YES" ]; then
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
fi
# Configure routing
#
case ${defaultrouter} in
[Nn][Oo] | '')
;;
*)
static_routes="default ${static_routes}"
route_default="default ${defaultrouter}"
;;
esac
if [ "X$tcp_restrict_rst" = X"YES" ]; then
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
fi
# Set up any static routes. This should be done before router discovery.
#
if [ -n "${static_routes}" ]; then
for i in ${static_routes}; do
eval route_args=\$route_${i}
route add ${route_args}
done
fi
if [ "X$tcp_drop_synfin" = X"YES" ]; then
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
fi
echo -n 'Additional routing options:'
case ${tcp_extensions} in
[Yy][Ee][Ss] | '')
;;
*)
echo -n ' tcp extensions=NO'
sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
;;
esac
if [ "${ipxgateway_enable}" = "YES" ]; then
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
fi
if [ "${arpproxy_all}" = "YES" ]; then
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
fi
echo '.'
case ${log_in_vain} in
[Nn][Oo] | '')
;;
*)
echo -n ' log_in_vain=YES'
sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
;;
esac
echo -n 'routing daemons:'
if [ "${router_enable}" = "YES" ]; then
echo -n " ${router}"; ${router} ${router_flags}
fi
if [ "${ipxrouted_enable}" = "YES" ]; then
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
fi
if [ "${mrouted_enable}" = "YES" ]; then
echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
case ${icmp_bmcastecho} in
[Yy][Ee][Ss])
echo -n ' broadcast ping responses=YES'
sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
;;
esac
if [ "${rarpd_enable}" = "YES" ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
echo '.'
network_pass1_done=YES # Let future generations know we made it.
case ${icmp_drop_redirect} in
[Yy][Ee][Ss])
echo -n ' ignore ICMP redirect=YES'
sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
;;
esac
case ${icmp_log_redirect} in
[Yy][Ee][Ss])
echo -n ' log ICMP redirect=YES'
sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
;;
esac
case ${gateway_enable} in
[Yy][Ee][Ss])
echo -n ' IP gateway=YES'
sysctl -w net.inet.ip.forwarding=1 >/dev/null
;;
esac
case ${forward_sourceroute} in
[Yy][Ee][Ss])
echo -n ' do source routing=YES'
sysctl -w net.inet.ip.sourceroute=1 >/dev/null
;;
esac
case ${accept_sourceroute} in
[Yy][Ee][Ss])
echo -n ' accept source routing=YES'
sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
;;
esac
case ${tcp_keepalive} in
[Yy][Ee][Ss])
echo -n ' TCP keepalive=YES'
sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
;;
esac
case ${tcp_restrict_rst} in
[Yy][Ee][Ss])
echo -n ' restrict TCP reset=YES'
sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
;;
esac
case ${tcp_drop_synfin} in
[Yy][Ee][Ss])
echo -n ' drop SYN+FIN packets=YES'
sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
;;
esac
case ${ipxgateway_enable} in
[Yy][Ee][Ss])
echo -n ' IPX gateway=YES'
sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
;;
esac
case ${arpproxy_all} in
[Yy][Ee][Ss])
echo -n ' ARP proxyall=YES'
sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
;;
esac
echo '.'
echo -n 'routing daemons:'
case ${router_enable} in
[Yy][Ee][Ss])
echo -n " ${router}"; ${router} ${router_flags}
;;
esac
case ${ipxrouted_enable} in
[Yy][Ee][Ss])
echo -n ' IPXrouted'
IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
;;
esac
case ${mrouted_enable} in
[Yy][Ee][Ss])
echo -n ' mrouted'; mrouted ${mrouted_flags}
;;
esac
case ${rarpd_enable} in
[Yy][Ee][Ss])
echo -n ' rarpd'; rarpd ${rarpd_flags}
;;
esac
echo '.'
# Let future generations know we made it.
#
network_pass1_done=YES
}
network_pass2() {
echo -n 'Doing additional network setup:'
if [ "${named_enable}" = "YES" ]; then
echo -n ' named'; ${named_program-"named"} ${named_flags}
fi
echo -n 'Doing additional network setup:'
case ${named_enable} in
[Yy][Ee][Ss])
echo -n ' named'; ${named_program:-named} ${named_flags}
;;
esac
if [ "${ntpdate_enable}" = "YES" ]; then
echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
fi
case ${ntpdate_enable} in
[Yy][Ee][Ss])
echo -n ' ntpdate'
${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
;;
esac
if [ "${xntpd_enable}" = "YES" ]; then
echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
fi
case ${xntpd_enable} in
[Yy][Ee][Ss])
echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
;;
esac
if [ "${timed_enable}" = "YES" ]; then
echo -n ' timed'; timed ${timed_flags}
fi
case ${timed_enable} in
[Yy][Ee][Ss])
echo -n ' timed'; timed ${timed_flags}
;;
esac
if [ "${portmap_enable}" = "YES" ]; then
echo -n ' portmap'; ${portmap_program} ${portmap_flags}
fi
case ${portmap_enable} in
[Yy][Ee][Ss])
echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
;;
esac
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
if [ "${nis_server_enable}" = "YES" ]; then
echo -n ' ypserv'; ypserv ${nis_server_flags}
if [ "${nis_ypxfrd_enable}" = "YES" ]; then
echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
fi
if [ "${nis_yppasswdd_enable}" = "YES" ]; then
echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
fi
fi
# Start ypserv if we're an NIS server.
# Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
#
case ${nis_server_enable} in
[Yy][Ee][Ss])
echo -n ' ypserv'; ypserv ${nis_server_flags}
# Start ypbind if we're an NIS client
if [ "${nis_client_enable}" = "YES" ]; then
echo -n ' ypbind'; ypbind ${nis_client_flags}
if [ "${nis_ypset_enable}" = "YES" ]; then
echo -n ' ypset'; ypset ${nis_ypset_flags}
fi
fi
case ${nis_ypxfrd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypxfrd'
rpc.ypxfrd ${nis_ypxfrd_flags}
;;
esac
# Start keyserv if we are running Secure RPC
if [ "${keyserv_enable}" = "YES" ]; then
echo -n ' keyserv'; keyserv ${keyserv_flags}
fi
# Start ypupdated if we are running Secure RPC and we are NIS master
if [ "${rpc_ypupdated_enable}" = "YES" ]; then
echo -n ' rpc.ypupdated'; rpc.ypupdated
fi
case ${nis_yppasswdd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.yppasswdd'
rpc.yppasswdd ${nis_yppasswdd_flags}
;;
esac
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
# Start ypbind if we're an NIS client
#
case ${nis_client_enable} in
[Yy][Ee][Ss])
echo -n ' ypbind'; ypbind ${nis_client_flags}
case ${nis_ypset_enable} in
[Yy][Ee][Ss])
echo -n ' ypset'; ypset ${nis_ypset_flags}
;;
esac
;;
esac
echo '.'
network_pass2_done=YES
# Start keyserv if we are running Secure RPC
#
case ${keyserv_enable} in
[Yy][Ee][Ss])
echo -n ' keyserv'; keyserv ${keyserv_flags}
;;
esac
# Start ypupdated if we are running Secure RPC and we are NIS master
#
case ${rpc_ypupdated_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.ypupdated'; rpc.ypupdated
;;
esac
# Start ATM daemons
if [ -n "${atm_pass2_done}" ]; then
atm_pass3
fi
echo '.'
network_pass2_done=YES
}
network_pass3() {
echo -n 'Starting final network daemons:'
echo -n 'Starting final network daemons:'
if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
echo -n ' mountd'
if [ "${weak_mountd_authentication}" = "YES" ]; then
mountd_flags="-n"
fi
mountd ${mountd_flags}
if [ "${nfs_reserved_port_only}" = "YES" ]; then
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
fi
echo -n ' nfsd'; nfsd ${nfs_server_flags}
if [ "${rpc_lockd_enable}" = "YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
if [ "${rpc_statd_enable}" = "YES" ]; then
echo -n ' rpc.statd'; rpc.statd
fi
fi
if [ "${nfs_client_enable}" = "YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ "${nfs_access_cache}" != "X" ]; then
case ${nfs_server_enable} in
[Yy][Ee][Ss])
if [ -r /etc/exports ]; then
echo -n ' mountd'
case ${weak_mountd_authentication} in
[Yy][Ee][Ss])
mountd_flags="-n"
;;
esac
mountd ${mountd_flags}
case ${nfs_reserved_port_only} in
[Yy][Ee][Ss])
echo -n ' NFS on reserved port only=YES'
sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
;;
esac
echo -n ' nfsd'; nfsd ${nfs_server_flags}
case ${rpc_lockd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.lockd'; rpc.lockd
;;
esac
case ${rpc_statd_enable} in
[Yy][Ee][Ss])
echo -n ' rpc.statd'; rpc.statd
;;
esac
fi
;;
esac
case ${nfs_client_enable} in
[Yy][Ee][Ss])
echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
>/dev/null
fi
fi
>/dev/null
fi
;;
esac
if [ "${amd_enable}" = "YES" ]; then
echo -n ' amd'
if [ "${amd_map_program}" != "NO" ]; then
amd_flags="${amd_flags} `eval ${amd_map_program}`"
fi
if [ -n "${amd_flags}" ]
then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
fi
case ${amd_enable} in
[Yy][Ee][Ss])
echo -n ' amd'
case ${amd_map_program} in
[Nn][Oo] | '')
;;
*)
amd_flags="${amd_flags} `eval ${amd_map_program}`"
;;
esac
if [ "${rwhod_enable}" = "YES" ]; then
echo -n ' rwhod'; rwhod ${rwhod_flags}
fi
if [ -n "${amd_flags}" ]; then
amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
else
amd 2> /dev/null
fi
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
if [ "${kerberos_server_enable}" = "YES" ]; then
if [ "${kerberos_stash}" = "YES" ]; then
stash_flag=-n
else
stash_flag=
fi
echo -n ' kerberos'; \
case ${rwhod_enable} in
[Yy][Ee][Ss])
echo -n ' rwhod'; rwhod ${rwhod_flags}
;;
esac
# Kerberos runs ONLY on the Kerberos server machine
case ${kerberos_server_enable} in
[Yy][Ee][Ss])
case ${kerberos_stash} in
[Yy][Ee][Ss])
stash_flag=-n
;;
*)
stash_flag=
;;
esac
echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
if [ "${kadmind_server_enable}" = "YES" ]; then
echo -n ' kadmind'; \
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
fi
unset stash_flag
fi
echo '.'
network_pass3_done=YES
case ${kadmind_server_enable} in
[Yy][Ee][Ss])
echo -n ' kadmind'
(sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
;;
esac
unset stash_flag
;;
esac
echo '.'
network_pass3_done=YES
}

23
etc/rc.pccard
View File

@ -2,15 +2,22 @@
# PC-card startup script
# $FreeBSD$
if [ "${pccard_enable}" = "YES" ] ; then
if [ "${pccard_mem}" != "DEFAULT" ] ; then
pccardc pccardmem ${pccard_mem}
else
case ${pccard_enable} in
[Yy][Ee][Ss])
case ${pccard_mem} in
[Dd][Ee][Ff][Aa][Uu][Ll][Tt])
pccardc pccardmem 0xd0000
fi
if [ -n "${pccard_conf}" ] ; then
;;
*)
pccardc pccardmem ${pccard_mem}
;;
esac
if [ -n "${pccard_conf}" ]; then
pccardd_flags="${pccardd_flags} -f ${pccard_conf}"
fi
echo -n "Enable PC-card."
echo -n "Enable PC-card."
pccardd ${pccardd_flags} 2>&1 > /var/log/pccardd.debug
fi
;;
esac

8
etc/rc.resume
View File

@ -4,8 +4,7 @@
#
# sample run command file for APM Resume Event
if [ -f /var/run/rc.suspend.pid ]
then
if [ -r /var/run/rc.suspend.pid ]; then
kill -9 `cat /var/run/rc.suspend.pid`
rm -f /var/run/rc.suspend.pid
echo rc.suspend is killed
@ -13,11 +12,10 @@ fi
# Turns on a power supply of a card in the slot inactivated.
# See also contrib/pccardq.c (only for PAO users).
#pccardq | awk -F '~' '$5 == "inactive" \
# { printf("pccardc power %d 1", $1); }' | sh
# pccardq | awk -F '~' '$5 == "inactive" \
# { printf("pccardc power %d 1", $1); }' | sh
logger -t apmd resumed at `date +'%Y%m%d %H:%M:%S'`
sync && sync && sync
exit 0

8
etc/rc.shutdown
View File

@ -1,7 +1,7 @@
#!/bin/sh
# $FreeBSD$
# site-specific closing actions for daemons run by init on shutdown
# Site-specific closing actions for daemons run by init on shutdown,
# or before going single-user from multi-user.
# Output and errors are directed to console by init, and the
# console is the controlling terminal.
@ -13,11 +13,11 @@ stty status '^T'
trap : 2
trap : 3 # shouldn't be needed
HOME=/; export HOME
HOME=/
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin
export PATH
export HOME PATH
echo -n Shutting down daemon processes:
echo -n "Shutting down daemon processes: "
# Insert shutdown procedures here

6
etc/rc.suspend
View File

@ -4,8 +4,7 @@
#
# sample run command file for APM Suspend Event
if [ -f /var/run/rc.suspend.pid ]
then
if [ -r /var/run/rc.suspend.pid ]; then
exit 1
fi
@ -13,7 +12,7 @@ echo $$ > /var/run/rc.suspend.pid
# If you have troubles on suspending with PC-CARD modem, try this.
# See also contrib/pccardq.c (Only for PAO users).
#pccardq | awk -F '~' '$5 == "filled" && $4 ~ /sio/ \
# pccardq | awk -F '~' '$5 == "filled" && $4 ~ /sio/ \
# { printf("pccardc power %d 0", $1); }' | sh
logger -t apmd suspend at `date +'%Y%m%d %H:%M:%S'`
@ -24,4 +23,3 @@ rm -f /var/run/rc.suspend.pid
zzz
exit 0

54
etc/security
View File

@ -7,8 +7,8 @@ PATH=/sbin:/bin:/usr/bin
LC_ALL=C; export LC_ALL
separator () {
echo ""
echo ""
echo ''
echo ''
}
host=`hostname`
@ -21,25 +21,26 @@ umask 027
echo "checking setuid files and devices:"
# don't have ncheck, but this does the equivalent of the commented out block.
# note that one of the original problem, the possibility of overrunning
# Don't have ncheck, but this does the equivalent of the commented out block.
# Note that one of the original problems, the possibility of overrunning
# the args to ls, is still here...
#
MP=`mount -t ufs | grep -v " nosuid" | sed 's;/dev/;&r;' | awk '{ print $3 }'`
set ${MP}
while test $# -ge 1; do
while [ $# -ge 1 ]; do
mount=$1
shift
find $mount -xdev -type f \
\( -perm -u+x -or -perm -g+x -or -perm -o+x \) \
\( -perm -u+s -or -perm -g+s \) -print0
\( -perm -u+s -or -perm -g+s \) -print0
done | xargs -0 -n 20 ls -lTd | sort +9 > ${TMP}
if [ ! -f ${LOG}/setuid.today ] ; then
if [ ! -f ${LOG}/setuid.today ]; then
separator
echo "no ${LOG}/setuid.today"
cp ${TMP} ${LOG}/setuid.today
fi
if cmp ${LOG}/setuid.today ${TMP} >/dev/null; then :; else
separator
echo "${host} setuid diffs:"
@ -56,25 +57,28 @@ separator
echo "checking for passwordless accounts:"
awk -F: '$1 !~ /^\+/ && $2=="" {print $0}' /etc/master.passwd
# show denied packets
# Show denied packets
#
if ipfw -a l 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then
if [ ! -f ${LOG}/ipfw.today ] ; then
if [ ! -f ${LOG}/ipfw.today ]; then
separator
echo "no ${LOG}/ipfw.today"
cp ${TMP} ${LOG}/ipfw.today
fi
if cmp ${LOG}/ipfw.today ${TMP} >/dev/null; then :; else
separator
echo "${host} denied packets:"
diff -b ${LOG}/ipfw.today ${TMP} | egrep "^>"
mv ${LOG}/ipfw.today ${LOG}/ipfw.yesterday
mv ${TMP} ${LOG}/ipfw.today
echo "${host} denied packets:"
diff -b ${LOG}/ipfw.today ${TMP} | egrep "^>"
mv ${LOG}/ipfw.today ${LOG}/ipfw.yesterday
mv ${TMP} ${LOG}/ipfw.today
fi
fi
# show ipfw rules which have reached the log limit
# Show ipfw rules which have reached the log limit
#
IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null`
if [ $? -eq 0 ] && [ ${IPFW_LOG_LIMIT} -ne 0 ]; then
if [ $? -eq 0 -a ${IPFW_LOG_LIMIT} -ne 0 ]; then
ipfw -a l | grep " log " | perl -n -e \
'/^\d+\s+(\d+)/; print if ($1 >= '$IPFW_LOG_LIMIT')' > ${TMP}
if [ -s ${TMP} ]; then
@ -84,28 +88,32 @@ if [ $? -eq 0 ] && [ ${IPFW_LOG_LIMIT} -ne 0 ]; then
fi
fi
# show kernel log messages
# Show kernel log messages
#
if dmesg 2>/dev/null > ${TMP}; then
if [ ! -f ${LOG}/dmesg.today ] ; then
if [ ! -f ${LOG}/dmesg.today ]; then
separator
echo "no ${LOG}/dmesg.today"
cp ${TMP} ${LOG}/dmesg.today
fi
if cmp ${LOG}/dmesg.today ${TMP} >/dev/null 2>&1; then :; else
separator
echo "${host} kernel log messages:"
diff -b ${LOG}/dmesg.today ${TMP} | egrep "^>"
mv ${LOG}/dmesg.today ${LOG}/dmesg.yesterday
mv ${TMP} ${LOG}/dmesg.today
echo "${host} kernel log messages:"
diff -b ${LOG}/dmesg.today ${TMP} | egrep "^>"
mv ${LOG}/dmesg.today ${LOG}/dmesg.yesterday
mv ${TMP} ${LOG}/dmesg.today
fi
fi
# show login failures
# Show login failures
#
separator
echo "${host} login failures:"
grep -i "login failure" ${LOG}/messages
# show tcp_wrapper warning messages
# Show tcp_wrapper warning messages
#
separator
echo "${host} refused connections:"
grep -i "refused connect" ${LOG}/messages