summaryrefslogtreecommitdiffstats
path: root/etc/rc.d
diff options
context:
space:
mode:
authorsheldonh <sheldonh@FreeBSD.org>1999-09-13 15:44:20 +0000
committersheldonh <sheldonh@FreeBSD.org>1999-09-13 15:44:20 +0000
commitd8a93d30ec0f7b9de2d59dab07ac29c6f7f8f663 (patch)
treef61d8b7d858e07792674c281853167482e6806c5 /etc/rc.d
parent019fd9cb5fe17ed3ce93a28306ec3009d2a512f7 (diff)
downloadFreeBSD-src-d8a93d30ec0f7b9de2d59dab07ac29c6f7f8f663.zip
FreeBSD-src-d8a93d30ec0f7b9de2d59dab07ac29c6f7f8f663.tar.gz
Apply a consistent style to most of the etc scripts. Particularly, use
case instead of test where appropriate, since case allows case is a sh builtin and (as a side-effect) allows case-insensitivity. Changes discussed on freebsd-hackers. Submitted by: Doug Barton <Doug@gorean.org>
Diffstat (limited to 'etc/rc.d')
-rw-r--r--etc/rc.d/atm1283
-rw-r--r--etc/rc.d/atm2283
-rw-r--r--etc/rc.d/atm2.sh283
-rw-r--r--etc/rc.d/atm3283
-rw-r--r--etc/rc.d/atm3.sh283
-rw-r--r--etc/rc.d/diskless12
-rw-r--r--etc/rc.d/initdiskless36
-rw-r--r--etc/rc.d/isdnd60
-rw-r--r--etc/rc.d/netoptions928
-rw-r--r--etc/rc.d/network1928
-rw-r--r--etc/rc.d/network2928
-rw-r--r--etc/rc.d/network3928
-rw-r--r--etc/rc.d/pccard23
-rw-r--r--etc/rc.d/resolv12
-rw-r--r--etc/rc.d/routing928
-rw-r--r--etc/rc.d/tmp12
-rw-r--r--etc/rc.d/var12
17 files changed, 3616 insertions, 2606 deletions
diff --git a/etc/rc.d/atm1 b/etc/rc.d/atm1
index 57ff149..7e72aeb 100644
--- a/etc/rc.d/atm1
+++ b/etc/rc.d/atm1
@@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
- # Locate all probed ATM adapters
- atmdev=`atm sh stat int | while read dev junk; do
- case ${dev} in
- hea[0-9]|hea[0-9][0-9])
- echo "${dev} "
- ;;
- hfa[0-9]|hfa[0-9][0-9])
- echo "${dev} "
- ;;
- *)
- continue
- ;;
- esac
- done`
-
- if [ -z "${atmdev}" ]; then
- echo "No ATM adapters found."
- return 0
- fi
-
- # Load microcode into FORE adapters (if needed)
- if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
- fore_dnld -d /etc
- fi
-
- # Configure physical interfaces
- ilmid=0
- for phy in ${atmdev}; do
- echo -n "Configuring ATM device ${phy}:"
-
- # Define network interfaces
- eval netif_args=\$atm_netif_${phy}
- if [ -n "${netif_args}" ]; then
- atm set netif ${phy} ${netif_args} || continue
- else
- echo "missing network interface definition"
- continue
- fi
+ # Locate all probed ATM adapters
+ atmdev=`atm sh stat int | while read dev junk; do
+ case ${dev} in
+ hea[0-9] | hea[0-9][0-9])
+ echo "${dev} "
+ ;;
+ hfa[0-9] | hfa[0-9][0-9])
+ echo "${dev} "
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ done`
- # Override physical MAC address
- eval macaddr_args=\$atm_macaddr_${phy}
- if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
- atm set mac ${phy} ${macaddr_args} || continue
+ if [ -z "${atmdev}" ]; then
+ echo "No ATM adapters found."
+ return 0
fi
- # Configure signalling manager
- eval sigmgr_args=\$atm_sigmgr_${phy}
- if [ -n "${sigmgr_args}" ]; then
- atm attach ${phy} ${sigmgr_args} || continue
- else
- echo "missing signalling manager definition"
- continue
+ # Load microcode into FORE adapters (if needed)
+ if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
+ fore_dnld -d /etc
fi
- # Configure UNI NSAP prefix
- eval prefix_args=\$atm_prefix_${phy}
- if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
- if [ -z "${prefix_args}" ]; then
- echo "missing NSAP prefix for UNI interface"
+ # Configure physical interfaces
+ ilmid=0
+ for phy in ${atmdev}; do
+ echo -n "Configuring ATM device ${phy}:"
+
+ # Define network interfaces
+ eval netif_args=\$atm_netif_${phy}
+ if [ -n "${netif_args}" ]; then
+ atm set netif ${phy} ${netif_args} || continue
+ else
+ echo "missing network interface definition"
continue
fi
- if [ "${prefix_args}" = "ILMI" ]; then
- ilmid=1
+
+ # Override physical MAC address
+ eval macaddr_args=\$atm_macaddr_${phy}
+ if [ -n "${macaddr_args}" ]; then
+ case ${macaddr_args} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ atm set mac ${phy} ${macaddr_args} || continue
+ ;;
+ esac
+ fi
+
+ # Configure signalling manager
+ eval sigmgr_args=\$atm_sigmgr_${phy}
+ if [ -n "${sigmgr_args}" ]; then
+ atm attach ${phy} ${sigmgr_args} || continue
else
- atm set prefix ${phy} ${prefix_args} || continue
+ echo "missing signalling manager definition"
+ continue
fi
- fi
- atm_phy="${atm_phy} ${phy}"
- echo "."
- done
+ # Configure UNI NSAP prefix
+ eval prefix_args=\$atm_prefix_${phy}
+ if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
+ if [ -z "${prefix_args}" ]; then
+ echo "missing NSAP prefix for UNI interface"
+ continue
+ fi
+
+ case ${prefix_args} in
+ ILMI)
+ ilmid=1
+ ;;
+ *)
+ atm set prefix ${phy} ${prefix_args} || continue
+ ;;
+ esac
+ fi
- echo -n "Starting initial ATM daemons:"
- # Start ILMI daemon (if needed)
- if [ ${ilmid} -eq 1 ]; then
- echo -n " ilmid"
- ilmid
- fi
+ atm_phy="${atm_phy} ${phy}"
+ echo "."
+ done
- echo "."
- atm_pass1_done=YES
+ echo -n "Starting initial ATM daemons:"
+ # Start ILMI daemon (if needed)
+ case ${ilmid} in
+ 1)
+ echo -n " ilmid"
+ ilmid
+ ;;
+ esac
+
+ echo "."
+ atm_pass1_done=YES
}
#
@@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
- echo -n "Configuring ATM network interfaces:"
-
- atm_scspd=0
- atm_atmarpd=""
-
- # Configure network interfaces
- for phy in ${atm_phy}; do
- eval netif_args=\$atm_netif_${phy}
- set -- ${netif_args}
- netname=$1
- netcnt=$2
- netindx=0
- while [ ${netindx} -lt ${netcnt} ]; do
-
- net="${netname}${netindx}"
- netindx=`expr ${netindx} + 1`
- echo -n " ${net}"
-
- # Configure atmarp server
- eval atmarp_args=\$atm_arpserver_${net}
- if [ -n "${atmarp_args}" ]; then
- atm set arpserver ${net} ${atmarp_args} || continue
- fi
- eval scsparp_args=\$atm_scsparp_${net}
- if [ "${scsparp_args}" = "YES" ]; then
- if [ "${atmarp_args}" != "local" ]; then
- echo "local arpserver required for SCSP"
- continue
+ echo -n "Configuring ATM network interfaces:"
+
+ atm_scspd=0
+ atm_atmarpd=""
+
+ # Configure network interfaces
+ for phy in ${atm_phy}; do
+ eval netif_args=\$atm_netif_${phy}
+ set -- ${netif_args}
+ netname=$1
+ netcnt=$2
+ netindx=0
+ while [ ${netindx} -lt ${netcnt} ]; do
+ net="${netname}${netindx}"
+ netindx=`expr ${netindx} + 1`
+ echo -n " ${net}"
+
+ # Configure atmarp server
+ eval atmarp_args=\$atm_arpserver_${net}
+ if [ -n "${atmarp_args}" ]; then
+ atm set arpserver ${net} ${atmarp_args} ||
+ continue
fi
- atm_atmarpd="${atm_atmarpd} ${net}"
- atm_scspd=1
- fi
+ eval scsparp_args=\$atm_scsparp_${net}
+
+ case ${scsparp_args} in
+ [Yy][Ee][Ss])
+ case ${atmarp_args} in
+ local)
+ ;;
+ *)
+ echo "local arpserver required for SCSP"
+ continue
+ ;;
+ esac
+
+ atm_atmarpd="${atm_atmarpd} ${net}"
+ atm_scspd=1
+ esac
+ done
done
- done
- echo "."
-
- # Define any PVCs.
- if [ -n "${atm_pvcs}" ]; then
- for i in ${atm_pvcs}; do
- eval pvc_args=\$atm_pvc_${i}
- atm add pvc ${pvc_args}
- done
- fi
+ echo "."
- # Define any permanent ARP entries.
- if [ -n "${atm_arps}" ]; then
- for i in ${atm_arps}; do
- eval arp_args=\$atm_arp_${i}
- atm add arp ${arp_args}
- done
- fi
- atm_pass2_done=YES
+ # Define any PVCs.
+ if [ -n "${atm_pvcs}" ]; then
+ for i in ${atm_pvcs}; do
+ eval pvc_args=\$atm_pvc_${i}
+ atm add pvc ${pvc_args}
+ done
+ fi
+
+ # Define any permanent ARP entries.
+ if [ -n "${atm_arps}" ]; then
+ for i in ${atm_arps}; do
+ eval arp_args=\$atm_arp_${i}
+ atm add arp ${arp_args}
+ done
+ fi
+ atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
- # Start SCSP daemon (if needed)
- if [ "${atm_scspd}" -eq 1 ]; then
- echo -n " scspd"
- scspd
- fi
-
- # Start ATMARP daemon (if needed)
- if [ -n "${atm_atmarpd}" ]; then
- echo -n " atmarpd"
- atmarpd ${atm_atmarpd}
- fi
-
- atm_pass3_done=YES
+ # Start SCSP daemon (if needed)
+ case ${atm_scspd} in
+ 1)
+ echo -n " scspd"
+ scspd
+ ;;
+ esac
+
+ # Start ATMARP daemon (if needed)
+ if [ -n "${atm_atmarpd}" ]; then
+ echo -n " atmarpd"
+ atmarpd ${atm_atmarpd}
+ fi
+
+ atm_pass3_done=YES
}
diff --git a/etc/rc.d/atm2 b/etc/rc.d/atm2
index 57ff149..7e72aeb 100644
--- a/etc/rc.d/atm2
+++ b/etc/rc.d/atm2
@@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
- # Locate all probed ATM adapters
- atmdev=`atm sh stat int | while read dev junk; do
- case ${dev} in
- hea[0-9]|hea[0-9][0-9])
- echo "${dev} "
- ;;
- hfa[0-9]|hfa[0-9][0-9])
- echo "${dev} "
- ;;
- *)
- continue
- ;;
- esac
- done`
-
- if [ -z "${atmdev}" ]; then
- echo "No ATM adapters found."
- return 0
- fi
-
- # Load microcode into FORE adapters (if needed)
- if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
- fore_dnld -d /etc
- fi
-
- # Configure physical interfaces
- ilmid=0
- for phy in ${atmdev}; do
- echo -n "Configuring ATM device ${phy}:"
-
- # Define network interfaces
- eval netif_args=\$atm_netif_${phy}
- if [ -n "${netif_args}" ]; then
- atm set netif ${phy} ${netif_args} || continue
- else
- echo "missing network interface definition"
- continue
- fi
+ # Locate all probed ATM adapters
+ atmdev=`atm sh stat int | while read dev junk; do
+ case ${dev} in
+ hea[0-9] | hea[0-9][0-9])
+ echo "${dev} "
+ ;;
+ hfa[0-9] | hfa[0-9][0-9])
+ echo "${dev} "
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ done`
- # Override physical MAC address
- eval macaddr_args=\$atm_macaddr_${phy}
- if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
- atm set mac ${phy} ${macaddr_args} || continue
+ if [ -z "${atmdev}" ]; then
+ echo "No ATM adapters found."
+ return 0
fi
- # Configure signalling manager
- eval sigmgr_args=\$atm_sigmgr_${phy}
- if [ -n "${sigmgr_args}" ]; then
- atm attach ${phy} ${sigmgr_args} || continue
- else
- echo "missing signalling manager definition"
- continue
+ # Load microcode into FORE adapters (if needed)
+ if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
+ fore_dnld -d /etc
fi
- # Configure UNI NSAP prefix
- eval prefix_args=\$atm_prefix_${phy}
- if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
- if [ -z "${prefix_args}" ]; then
- echo "missing NSAP prefix for UNI interface"
+ # Configure physical interfaces
+ ilmid=0
+ for phy in ${atmdev}; do
+ echo -n "Configuring ATM device ${phy}:"
+
+ # Define network interfaces
+ eval netif_args=\$atm_netif_${phy}
+ if [ -n "${netif_args}" ]; then
+ atm set netif ${phy} ${netif_args} || continue
+ else
+ echo "missing network interface definition"
continue
fi
- if [ "${prefix_args}" = "ILMI" ]; then
- ilmid=1
+
+ # Override physical MAC address
+ eval macaddr_args=\$atm_macaddr_${phy}
+ if [ -n "${macaddr_args}" ]; then
+ case ${macaddr_args} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ atm set mac ${phy} ${macaddr_args} || continue
+ ;;
+ esac
+ fi
+
+ # Configure signalling manager
+ eval sigmgr_args=\$atm_sigmgr_${phy}
+ if [ -n "${sigmgr_args}" ]; then
+ atm attach ${phy} ${sigmgr_args} || continue
else
- atm set prefix ${phy} ${prefix_args} || continue
+ echo "missing signalling manager definition"
+ continue
fi
- fi
- atm_phy="${atm_phy} ${phy}"
- echo "."
- done
+ # Configure UNI NSAP prefix
+ eval prefix_args=\$atm_prefix_${phy}
+ if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
+ if [ -z "${prefix_args}" ]; then
+ echo "missing NSAP prefix for UNI interface"
+ continue
+ fi
+
+ case ${prefix_args} in
+ ILMI)
+ ilmid=1
+ ;;
+ *)
+ atm set prefix ${phy} ${prefix_args} || continue
+ ;;
+ esac
+ fi
- echo -n "Starting initial ATM daemons:"
- # Start ILMI daemon (if needed)
- if [ ${ilmid} -eq 1 ]; then
- echo -n " ilmid"
- ilmid
- fi
+ atm_phy="${atm_phy} ${phy}"
+ echo "."
+ done
- echo "."
- atm_pass1_done=YES
+ echo -n "Starting initial ATM daemons:"
+ # Start ILMI daemon (if needed)
+ case ${ilmid} in
+ 1)
+ echo -n " ilmid"
+ ilmid
+ ;;
+ esac
+
+ echo "."
+ atm_pass1_done=YES
}
#
@@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
- echo -n "Configuring ATM network interfaces:"
-
- atm_scspd=0
- atm_atmarpd=""
-
- # Configure network interfaces
- for phy in ${atm_phy}; do
- eval netif_args=\$atm_netif_${phy}
- set -- ${netif_args}
- netname=$1
- netcnt=$2
- netindx=0
- while [ ${netindx} -lt ${netcnt} ]; do
-
- net="${netname}${netindx}"
- netindx=`expr ${netindx} + 1`
- echo -n " ${net}"
-
- # Configure atmarp server
- eval atmarp_args=\$atm_arpserver_${net}
- if [ -n "${atmarp_args}" ]; then
- atm set arpserver ${net} ${atmarp_args} || continue
- fi
- eval scsparp_args=\$atm_scsparp_${net}
- if [ "${scsparp_args}" = "YES" ]; then
- if [ "${atmarp_args}" != "local" ]; then
- echo "local arpserver required for SCSP"
- continue
+ echo -n "Configuring ATM network interfaces:"
+
+ atm_scspd=0
+ atm_atmarpd=""
+
+ # Configure network interfaces
+ for phy in ${atm_phy}; do
+ eval netif_args=\$atm_netif_${phy}
+ set -- ${netif_args}
+ netname=$1
+ netcnt=$2
+ netindx=0
+ while [ ${netindx} -lt ${netcnt} ]; do
+ net="${netname}${netindx}"
+ netindx=`expr ${netindx} + 1`
+ echo -n " ${net}"
+
+ # Configure atmarp server
+ eval atmarp_args=\$atm_arpserver_${net}
+ if [ -n "${atmarp_args}" ]; then
+ atm set arpserver ${net} ${atmarp_args} ||
+ continue
fi
- atm_atmarpd="${atm_atmarpd} ${net}"
- atm_scspd=1
- fi
+ eval scsparp_args=\$atm_scsparp_${net}
+
+ case ${scsparp_args} in
+ [Yy][Ee][Ss])
+ case ${atmarp_args} in
+ local)
+ ;;
+ *)
+ echo "local arpserver required for SCSP"
+ continue
+ ;;
+ esac
+
+ atm_atmarpd="${atm_atmarpd} ${net}"
+ atm_scspd=1
+ esac
+ done
done
- done
- echo "."
-
- # Define any PVCs.
- if [ -n "${atm_pvcs}" ]; then
- for i in ${atm_pvcs}; do
- eval pvc_args=\$atm_pvc_${i}
- atm add pvc ${pvc_args}
- done
- fi
+ echo "."
- # Define any permanent ARP entries.
- if [ -n "${atm_arps}" ]; then
- for i in ${atm_arps}; do
- eval arp_args=\$atm_arp_${i}
- atm add arp ${arp_args}
- done
- fi
- atm_pass2_done=YES
+ # Define any PVCs.
+ if [ -n "${atm_pvcs}" ]; then
+ for i in ${atm_pvcs}; do
+ eval pvc_args=\$atm_pvc_${i}
+ atm add pvc ${pvc_args}
+ done
+ fi
+
+ # Define any permanent ARP entries.
+ if [ -n "${atm_arps}" ]; then
+ for i in ${atm_arps}; do
+ eval arp_args=\$atm_arp_${i}
+ atm add arp ${arp_args}
+ done
+ fi
+ atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
- # Start SCSP daemon (if needed)
- if [ "${atm_scspd}" -eq 1 ]; then
- echo -n " scspd"
- scspd
- fi
-
- # Start ATMARP daemon (if needed)
- if [ -n "${atm_atmarpd}" ]; then
- echo -n " atmarpd"
- atmarpd ${atm_atmarpd}
- fi
-
- atm_pass3_done=YES
+ # Start SCSP daemon (if needed)
+ case ${atm_scspd} in
+ 1)
+ echo -n " scspd"
+ scspd
+ ;;
+ esac
+
+ # Start ATMARP daemon (if needed)
+ if [ -n "${atm_atmarpd}" ]; then
+ echo -n " atmarpd"
+ atmarpd ${atm_atmarpd}
+ fi
+
+ atm_pass3_done=YES
}
diff --git a/etc/rc.d/atm2.sh b/etc/rc.d/atm2.sh
index 57ff149..7e72aeb 100644
--- a/etc/rc.d/atm2.sh
+++ b/etc/rc.d/atm2.sh
@@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
- # Locate all probed ATM adapters
- atmdev=`atm sh stat int | while read dev junk; do
- case ${dev} in
- hea[0-9]|hea[0-9][0-9])
- echo "${dev} "
- ;;
- hfa[0-9]|hfa[0-9][0-9])
- echo "${dev} "
- ;;
- *)
- continue
- ;;
- esac
- done`
-
- if [ -z "${atmdev}" ]; then
- echo "No ATM adapters found."
- return 0
- fi
-
- # Load microcode into FORE adapters (if needed)
- if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
- fore_dnld -d /etc
- fi
-
- # Configure physical interfaces
- ilmid=0
- for phy in ${atmdev}; do
- echo -n "Configuring ATM device ${phy}:"
-
- # Define network interfaces
- eval netif_args=\$atm_netif_${phy}
- if [ -n "${netif_args}" ]; then
- atm set netif ${phy} ${netif_args} || continue
- else
- echo "missing network interface definition"
- continue
- fi
+ # Locate all probed ATM adapters
+ atmdev=`atm sh stat int | while read dev junk; do
+ case ${dev} in
+ hea[0-9] | hea[0-9][0-9])
+ echo "${dev} "
+ ;;
+ hfa[0-9] | hfa[0-9][0-9])
+ echo "${dev} "
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ done`
- # Override physical MAC address
- eval macaddr_args=\$atm_macaddr_${phy}
- if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
- atm set mac ${phy} ${macaddr_args} || continue
+ if [ -z "${atmdev}" ]; then
+ echo "No ATM adapters found."
+ return 0
fi
- # Configure signalling manager
- eval sigmgr_args=\$atm_sigmgr_${phy}
- if [ -n "${sigmgr_args}" ]; then
- atm attach ${phy} ${sigmgr_args} || continue
- else
- echo "missing signalling manager definition"
- continue
+ # Load microcode into FORE adapters (if needed)
+ if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
+ fore_dnld -d /etc
fi
- # Configure UNI NSAP prefix
- eval prefix_args=\$atm_prefix_${phy}
- if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
- if [ -z "${prefix_args}" ]; then
- echo "missing NSAP prefix for UNI interface"
+ # Configure physical interfaces
+ ilmid=0
+ for phy in ${atmdev}; do
+ echo -n "Configuring ATM device ${phy}:"
+
+ # Define network interfaces
+ eval netif_args=\$atm_netif_${phy}
+ if [ -n "${netif_args}" ]; then
+ atm set netif ${phy} ${netif_args} || continue
+ else
+ echo "missing network interface definition"
continue
fi
- if [ "${prefix_args}" = "ILMI" ]; then
- ilmid=1
+
+ # Override physical MAC address
+ eval macaddr_args=\$atm_macaddr_${phy}
+ if [ -n "${macaddr_args}" ]; then
+ case ${macaddr_args} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ atm set mac ${phy} ${macaddr_args} || continue
+ ;;
+ esac
+ fi
+
+ # Configure signalling manager
+ eval sigmgr_args=\$atm_sigmgr_${phy}
+ if [ -n "${sigmgr_args}" ]; then
+ atm attach ${phy} ${sigmgr_args} || continue
else
- atm set prefix ${phy} ${prefix_args} || continue
+ echo "missing signalling manager definition"
+ continue
fi
- fi
- atm_phy="${atm_phy} ${phy}"
- echo "."
- done
+ # Configure UNI NSAP prefix
+ eval prefix_args=\$atm_prefix_${phy}
+ if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
+ if [ -z "${prefix_args}" ]; then
+ echo "missing NSAP prefix for UNI interface"
+ continue
+ fi
+
+ case ${prefix_args} in
+ ILMI)
+ ilmid=1
+ ;;
+ *)
+ atm set prefix ${phy} ${prefix_args} || continue
+ ;;
+ esac
+ fi
- echo -n "Starting initial ATM daemons:"
- # Start ILMI daemon (if needed)
- if [ ${ilmid} -eq 1 ]; then
- echo -n " ilmid"
- ilmid
- fi
+ atm_phy="${atm_phy} ${phy}"
+ echo "."
+ done
- echo "."
- atm_pass1_done=YES
+ echo -n "Starting initial ATM daemons:"
+ # Start ILMI daemon (if needed)
+ case ${ilmid} in
+ 1)
+ echo -n " ilmid"
+ ilmid
+ ;;
+ esac
+
+ echo "."
+ atm_pass1_done=YES
}
#
@@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
- echo -n "Configuring ATM network interfaces:"
-
- atm_scspd=0
- atm_atmarpd=""
-
- # Configure network interfaces
- for phy in ${atm_phy}; do
- eval netif_args=\$atm_netif_${phy}
- set -- ${netif_args}
- netname=$1
- netcnt=$2
- netindx=0
- while [ ${netindx} -lt ${netcnt} ]; do
-
- net="${netname}${netindx}"
- netindx=`expr ${netindx} + 1`
- echo -n " ${net}"
-
- # Configure atmarp server
- eval atmarp_args=\$atm_arpserver_${net}
- if [ -n "${atmarp_args}" ]; then
- atm set arpserver ${net} ${atmarp_args} || continue
- fi
- eval scsparp_args=\$atm_scsparp_${net}
- if [ "${scsparp_args}" = "YES" ]; then
- if [ "${atmarp_args}" != "local" ]; then
- echo "local arpserver required for SCSP"
- continue
+ echo -n "Configuring ATM network interfaces:"
+
+ atm_scspd=0
+ atm_atmarpd=""
+
+ # Configure network interfaces
+ for phy in ${atm_phy}; do
+ eval netif_args=\$atm_netif_${phy}
+ set -- ${netif_args}
+ netname=$1
+ netcnt=$2
+ netindx=0
+ while [ ${netindx} -lt ${netcnt} ]; do
+ net="${netname}${netindx}"
+ netindx=`expr ${netindx} + 1`
+ echo -n " ${net}"
+
+ # Configure atmarp server
+ eval atmarp_args=\$atm_arpserver_${net}
+ if [ -n "${atmarp_args}" ]; then
+ atm set arpserver ${net} ${atmarp_args} ||
+ continue
fi
- atm_atmarpd="${atm_atmarpd} ${net}"
- atm_scspd=1
- fi
+ eval scsparp_args=\$atm_scsparp_${net}
+
+ case ${scsparp_args} in
+ [Yy][Ee][Ss])
+ case ${atmarp_args} in
+ local)
+ ;;
+ *)
+ echo "local arpserver required for SCSP"
+ continue
+ ;;
+ esac
+
+ atm_atmarpd="${atm_atmarpd} ${net}"
+ atm_scspd=1
+ esac
+ done
done
- done
- echo "."
-
- # Define any PVCs.
- if [ -n "${atm_pvcs}" ]; then
- for i in ${atm_pvcs}; do
- eval pvc_args=\$atm_pvc_${i}
- atm add pvc ${pvc_args}
- done
- fi
+ echo "."
- # Define any permanent ARP entries.
- if [ -n "${atm_arps}" ]; then
- for i in ${atm_arps}; do
- eval arp_args=\$atm_arp_${i}
- atm add arp ${arp_args}
- done
- fi
- atm_pass2_done=YES
+ # Define any PVCs.
+ if [ -n "${atm_pvcs}" ]; then
+ for i in ${atm_pvcs}; do
+ eval pvc_args=\$atm_pvc_${i}
+ atm add pvc ${pvc_args}
+ done
+ fi
+
+ # Define any permanent ARP entries.
+ if [ -n "${atm_arps}" ]; then
+ for i in ${atm_arps}; do
+ eval arp_args=\$atm_arp_${i}
+ atm add arp ${arp_args}
+ done
+ fi
+ atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
- # Start SCSP daemon (if needed)
- if [ "${atm_scspd}" -eq 1 ]; then
- echo -n " scspd"
- scspd
- fi
-
- # Start ATMARP daemon (if needed)
- if [ -n "${atm_atmarpd}" ]; then
- echo -n " atmarpd"
- atmarpd ${atm_atmarpd}
- fi
-
- atm_pass3_done=YES
+ # Start SCSP daemon (if needed)
+ case ${atm_scspd} in
+ 1)
+ echo -n " scspd"
+ scspd
+ ;;
+ esac
+
+ # Start ATMARP daemon (if needed)
+ if [ -n "${atm_atmarpd}" ]; then
+ echo -n " atmarpd"
+ atmarpd ${atm_atmarpd}
+ fi
+
+ atm_pass3_done=YES
}
diff --git a/etc/rc.d/atm3 b/etc/rc.d/atm3
index 57ff149..7e72aeb 100644
--- a/etc/rc.d/atm3
+++ b/etc/rc.d/atm3
@@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
- # Locate all probed ATM adapters
- atmdev=`atm sh stat int | while read dev junk; do
- case ${dev} in
- hea[0-9]|hea[0-9][0-9])
- echo "${dev} "
- ;;
- hfa[0-9]|hfa[0-9][0-9])
- echo "${dev} "
- ;;
- *)
- continue
- ;;
- esac
- done`
-
- if [ -z "${atmdev}" ]; then
- echo "No ATM adapters found."
- return 0
- fi
-
- # Load microcode into FORE adapters (if needed)
- if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
- fore_dnld -d /etc
- fi
-
- # Configure physical interfaces
- ilmid=0
- for phy in ${atmdev}; do
- echo -n "Configuring ATM device ${phy}:"
-
- # Define network interfaces
- eval netif_args=\$atm_netif_${phy}
- if [ -n "${netif_args}" ]; then
- atm set netif ${phy} ${netif_args} || continue
- else
- echo "missing network interface definition"
- continue
- fi
+ # Locate all probed ATM adapters
+ atmdev=`atm sh stat int | while read dev junk; do
+ case ${dev} in
+ hea[0-9] | hea[0-9][0-9])
+ echo "${dev} "
+ ;;
+ hfa[0-9] | hfa[0-9][0-9])
+ echo "${dev} "
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ done`
- # Override physical MAC address
- eval macaddr_args=\$atm_macaddr_${phy}
- if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
- atm set mac ${phy} ${macaddr_args} || continue
+ if [ -z "${atmdev}" ]; then
+ echo "No ATM adapters found."
+ return 0
fi
- # Configure signalling manager
- eval sigmgr_args=\$atm_sigmgr_${phy}
- if [ -n "${sigmgr_args}" ]; then
- atm attach ${phy} ${sigmgr_args} || continue
- else
- echo "missing signalling manager definition"
- continue
+ # Load microcode into FORE adapters (if needed)
+ if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
+ fore_dnld -d /etc
fi
- # Configure UNI NSAP prefix
- eval prefix_args=\$atm_prefix_${phy}
- if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
- if [ -z "${prefix_args}" ]; then
- echo "missing NSAP prefix for UNI interface"
+ # Configure physical interfaces
+ ilmid=0
+ for phy in ${atmdev}; do
+ echo -n "Configuring ATM device ${phy}:"
+
+ # Define network interfaces
+ eval netif_args=\$atm_netif_${phy}
+ if [ -n "${netif_args}" ]; then
+ atm set netif ${phy} ${netif_args} || continue
+ else
+ echo "missing network interface definition"
continue
fi
- if [ "${prefix_args}" = "ILMI" ]; then
- ilmid=1
+
+ # Override physical MAC address
+ eval macaddr_args=\$atm_macaddr_${phy}
+ if [ -n "${macaddr_args}" ]; then
+ case ${macaddr_args} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ atm set mac ${phy} ${macaddr_args} || continue
+ ;;
+ esac
+ fi
+
+ # Configure signalling manager
+ eval sigmgr_args=\$atm_sigmgr_${phy}
+ if [ -n "${sigmgr_args}" ]; then
+ atm attach ${phy} ${sigmgr_args} || continue
else
- atm set prefix ${phy} ${prefix_args} || continue
+ echo "missing signalling manager definition"
+ continue
fi
- fi
- atm_phy="${atm_phy} ${phy}"
- echo "."
- done
+ # Configure UNI NSAP prefix
+ eval prefix_args=\$atm_prefix_${phy}
+ if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
+ if [ -z "${prefix_args}" ]; then
+ echo "missing NSAP prefix for UNI interface"
+ continue
+ fi
+
+ case ${prefix_args} in
+ ILMI)
+ ilmid=1
+ ;;
+ *)
+ atm set prefix ${phy} ${prefix_args} || continue
+ ;;
+ esac
+ fi
- echo -n "Starting initial ATM daemons:"
- # Start ILMI daemon (if needed)
- if [ ${ilmid} -eq 1 ]; then
- echo -n " ilmid"
- ilmid
- fi
+ atm_phy="${atm_phy} ${phy}"
+ echo "."
+ done
- echo "."
- atm_pass1_done=YES
+ echo -n "Starting initial ATM daemons:"
+ # Start ILMI daemon (if needed)
+ case ${ilmid} in
+ 1)
+ echo -n " ilmid"
+ ilmid
+ ;;
+ esac
+
+ echo "."
+ atm_pass1_done=YES
}
#
@@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
- echo -n "Configuring ATM network interfaces:"
-
- atm_scspd=0
- atm_atmarpd=""
-
- # Configure network interfaces
- for phy in ${atm_phy}; do
- eval netif_args=\$atm_netif_${phy}
- set -- ${netif_args}
- netname=$1
- netcnt=$2
- netindx=0
- while [ ${netindx} -lt ${netcnt} ]; do
-
- net="${netname}${netindx}"
- netindx=`expr ${netindx} + 1`
- echo -n " ${net}"
-
- # Configure atmarp server
- eval atmarp_args=\$atm_arpserver_${net}
- if [ -n "${atmarp_args}" ]; then
- atm set arpserver ${net} ${atmarp_args} || continue
- fi
- eval scsparp_args=\$atm_scsparp_${net}
- if [ "${scsparp_args}" = "YES" ]; then
- if [ "${atmarp_args}" != "local" ]; then
- echo "local arpserver required for SCSP"
- continue
+ echo -n "Configuring ATM network interfaces:"
+
+ atm_scspd=0
+ atm_atmarpd=""
+
+ # Configure network interfaces
+ for phy in ${atm_phy}; do
+ eval netif_args=\$atm_netif_${phy}
+ set -- ${netif_args}
+ netname=$1
+ netcnt=$2
+ netindx=0
+ while [ ${netindx} -lt ${netcnt} ]; do
+ net="${netname}${netindx}"
+ netindx=`expr ${netindx} + 1`
+ echo -n " ${net}"
+
+ # Configure atmarp server
+ eval atmarp_args=\$atm_arpserver_${net}
+ if [ -n "${atmarp_args}" ]; then
+ atm set arpserver ${net} ${atmarp_args} ||
+ continue
fi
- atm_atmarpd="${atm_atmarpd} ${net}"
- atm_scspd=1
- fi
+ eval scsparp_args=\$atm_scsparp_${net}
+
+ case ${scsparp_args} in
+ [Yy][Ee][Ss])
+ case ${atmarp_args} in
+ local)
+ ;;
+ *)
+ echo "local arpserver required for SCSP"
+ continue
+ ;;
+ esac
+
+ atm_atmarpd="${atm_atmarpd} ${net}"
+ atm_scspd=1
+ esac
+ done
done
- done
- echo "."
-
- # Define any PVCs.
- if [ -n "${atm_pvcs}" ]; then
- for i in ${atm_pvcs}; do
- eval pvc_args=\$atm_pvc_${i}
- atm add pvc ${pvc_args}
- done
- fi
+ echo "."
- # Define any permanent ARP entries.
- if [ -n "${atm_arps}" ]; then
- for i in ${atm_arps}; do
- eval arp_args=\$atm_arp_${i}
- atm add arp ${arp_args}
- done
- fi
- atm_pass2_done=YES
+ # Define any PVCs.
+ if [ -n "${atm_pvcs}" ]; then
+ for i in ${atm_pvcs}; do
+ eval pvc_args=\$atm_pvc_${i}
+ atm add pvc ${pvc_args}
+ done
+ fi
+
+ # Define any permanent ARP entries.
+ if [ -n "${atm_arps}" ]; then
+ for i in ${atm_arps}; do
+ eval arp_args=\$atm_arp_${i}
+ atm add arp ${arp_args}
+ done
+ fi
+ atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
- # Start SCSP daemon (if needed)
- if [ "${atm_scspd}" -eq 1 ]; then
- echo -n " scspd"
- scspd
- fi
-
- # Start ATMARP daemon (if needed)
- if [ -n "${atm_atmarpd}" ]; then
- echo -n " atmarpd"
- atmarpd ${atm_atmarpd}
- fi
-
- atm_pass3_done=YES
+ # Start SCSP daemon (if needed)
+ case ${atm_scspd} in
+ 1)
+ echo -n " scspd"
+ scspd
+ ;;
+ esac
+
+ # Start ATMARP daemon (if needed)
+ if [ -n "${atm_atmarpd}" ]; then
+ echo -n " atmarpd"
+ atmarpd ${atm_atmarpd}
+ fi
+
+ atm_pass3_done=YES
}
diff --git a/etc/rc.d/atm3.sh b/etc/rc.d/atm3.sh
index 57ff149..7e72aeb 100644
--- a/etc/rc.d/atm3.sh
+++ b/etc/rc.d/atm3.sh
@@ -10,87 +10,99 @@
# N.B. /usr is not mounted.
#
atm_pass1() {
- # Locate all probed ATM adapters
- atmdev=`atm sh stat int | while read dev junk; do
- case ${dev} in
- hea[0-9]|hea[0-9][0-9])
- echo "${dev} "
- ;;
- hfa[0-9]|hfa[0-9][0-9])
- echo "${dev} "
- ;;
- *)
- continue
- ;;
- esac
- done`
-
- if [ -z "${atmdev}" ]; then
- echo "No ATM adapters found."
- return 0
- fi
-
- # Load microcode into FORE adapters (if needed)
- if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
- fore_dnld -d /etc
- fi
-
- # Configure physical interfaces
- ilmid=0
- for phy in ${atmdev}; do
- echo -n "Configuring ATM device ${phy}:"
-
- # Define network interfaces
- eval netif_args=\$atm_netif_${phy}
- if [ -n "${netif_args}" ]; then
- atm set netif ${phy} ${netif_args} || continue
- else
- echo "missing network interface definition"
- continue
- fi
+ # Locate all probed ATM adapters
+ atmdev=`atm sh stat int | while read dev junk; do
+ case ${dev} in
+ hea[0-9] | hea[0-9][0-9])
+ echo "${dev} "
+ ;;
+ hfa[0-9] | hfa[0-9][0-9])
+ echo "${dev} "
+ ;;
+ *)
+ continue
+ ;;
+ esac
+ done`
- # Override physical MAC address
- eval macaddr_args=\$atm_macaddr_${phy}
- if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then
- atm set mac ${phy} ${macaddr_args} || continue
+ if [ -z "${atmdev}" ]; then
+ echo "No ATM adapters found."
+ return 0
fi
- # Configure signalling manager
- eval sigmgr_args=\$atm_sigmgr_${phy}
- if [ -n "${sigmgr_args}" ]; then
- atm attach ${phy} ${sigmgr_args} || continue
- else
- echo "missing signalling manager definition"
- continue
+ # Load microcode into FORE adapters (if needed)
+ if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then
+ fore_dnld -d /etc
fi
- # Configure UNI NSAP prefix
- eval prefix_args=\$atm_prefix_${phy}
- if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
- if [ -z "${prefix_args}" ]; then
- echo "missing NSAP prefix for UNI interface"
+ # Configure physical interfaces
+ ilmid=0
+ for phy in ${atmdev}; do
+ echo -n "Configuring ATM device ${phy}:"
+
+ # Define network interfaces
+ eval netif_args=\$atm_netif_${phy}
+ if [ -n "${netif_args}" ]; then
+ atm set netif ${phy} ${netif_args} || continue
+ else
+ echo "missing network interface definition"
continue
fi
- if [ "${prefix_args}" = "ILMI" ]; then
- ilmid=1
+
+ # Override physical MAC address
+ eval macaddr_args=\$atm_macaddr_${phy}
+ if [ -n "${macaddr_args}" ]; then
+ case ${macaddr_args} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ atm set mac ${phy} ${macaddr_args} || continue
+ ;;
+ esac
+ fi
+
+ # Configure signalling manager
+ eval sigmgr_args=\$atm_sigmgr_${phy}
+ if [ -n "${sigmgr_args}" ]; then
+ atm attach ${phy} ${sigmgr_args} || continue
else
- atm set prefix ${phy} ${prefix_args} || continue
+ echo "missing signalling manager definition"
+ continue
fi
- fi
- atm_phy="${atm_phy} ${phy}"
- echo "."
- done
+ # Configure UNI NSAP prefix
+ eval prefix_args=\$atm_prefix_${phy}
+ if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then
+ if [ -z "${prefix_args}" ]; then
+ echo "missing NSAP prefix for UNI interface"
+ continue
+ fi
+
+ case ${prefix_args} in
+ ILMI)
+ ilmid=1
+ ;;
+ *)
+ atm set prefix ${phy} ${prefix_args} || continue
+ ;;
+ esac
+ fi
- echo -n "Starting initial ATM daemons:"
- # Start ILMI daemon (if needed)
- if [ ${ilmid} -eq 1 ]; then
- echo -n " ilmid"
- ilmid
- fi
+ atm_phy="${atm_phy} ${phy}"
+ echo "."
+ done
- echo "."
- atm_pass1_done=YES
+ echo -n "Starting initial ATM daemons:"
+ # Start ILMI daemon (if needed)
+ case ${ilmid} in
+ 1)
+ echo -n " ilmid"
+ ilmid
+ ;;
+ esac
+
+ echo "."
+ atm_pass1_done=YES
}
#
@@ -98,75 +110,84 @@ atm_pass1() {
# N.B. /usr is not mounted.
#
atm_pass2() {
- echo -n "Configuring ATM network interfaces:"
-
- atm_scspd=0
- atm_atmarpd=""
-
- # Configure network interfaces
- for phy in ${atm_phy}; do
- eval netif_args=\$atm_netif_${phy}
- set -- ${netif_args}
- netname=$1
- netcnt=$2
- netindx=0
- while [ ${netindx} -lt ${netcnt} ]; do
-
- net="${netname}${netindx}"
- netindx=`expr ${netindx} + 1`
- echo -n " ${net}"
-
- # Configure atmarp server
- eval atmarp_args=\$atm_arpserver_${net}
- if [ -n "${atmarp_args}" ]; then
- atm set arpserver ${net} ${atmarp_args} || continue
- fi
- eval scsparp_args=\$atm_scsparp_${net}
- if [ "${scsparp_args}" = "YES" ]; then
- if [ "${atmarp_args}" != "local" ]; then
- echo "local arpserver required for SCSP"
- continue
+ echo -n "Configuring ATM network interfaces:"
+
+ atm_scspd=0
+ atm_atmarpd=""
+
+ # Configure network interfaces
+ for phy in ${atm_phy}; do
+ eval netif_args=\$atm_netif_${phy}
+ set -- ${netif_args}
+ netname=$1
+ netcnt=$2
+ netindx=0
+ while [ ${netindx} -lt ${netcnt} ]; do
+ net="${netname}${netindx}"
+ netindx=`expr ${netindx} + 1`
+ echo -n " ${net}"
+
+ # Configure atmarp server
+ eval atmarp_args=\$atm_arpserver_${net}
+ if [ -n "${atmarp_args}" ]; then
+ atm set arpserver ${net} ${atmarp_args} ||
+ continue
fi
- atm_atmarpd="${atm_atmarpd} ${net}"
- atm_scspd=1
- fi
+ eval scsparp_args=\$atm_scsparp_${net}
+
+ case ${scsparp_args} in
+ [Yy][Ee][Ss])
+ case ${atmarp_args} in
+ local)
+ ;;
+ *)
+ echo "local arpserver required for SCSP"
+ continue
+ ;;
+ esac
+
+ atm_atmarpd="${atm_atmarpd} ${net}"
+ atm_scspd=1
+ esac
+ done
done
- done
- echo "."
-
- # Define any PVCs.
- if [ -n "${atm_pvcs}" ]; then
- for i in ${atm_pvcs}; do
- eval pvc_args=\$atm_pvc_${i}
- atm add pvc ${pvc_args}
- done
- fi
+ echo "."
- # Define any permanent ARP entries.
- if [ -n "${atm_arps}" ]; then
- for i in ${atm_arps}; do
- eval arp_args=\$atm_arp_${i}
- atm add arp ${arp_args}
- done
- fi
- atm_pass2_done=YES
+ # Define any PVCs.
+ if [ -n "${atm_pvcs}" ]; then
+ for i in ${atm_pvcs}; do
+ eval pvc_args=\$atm_pvc_${i}
+ atm add pvc ${pvc_args}
+ done
+ fi
+
+ # Define any permanent ARP entries.
+ if [ -n "${atm_arps}" ]; then
+ for i in ${atm_arps}; do
+ eval arp_args=\$atm_arp_${i}
+ atm add arp ${arp_args}
+ done
+ fi
+ atm_pass2_done=YES
}
#
# Start any necessary daemons.
#
atm_pass3() {
- # Start SCSP daemon (if needed)
- if [ "${atm_scspd}" -eq 1 ]; then
- echo -n " scspd"
- scspd
- fi
-
- # Start ATMARP daemon (if needed)
- if [ -n "${atm_atmarpd}" ]; then
- echo -n " atmarpd"
- atmarpd ${atm_atmarpd}
- fi
-
- atm_pass3_done=YES
+ # Start SCSP daemon (if needed)
+ case ${atm_scspd} in
+ 1)
+ echo -n " scspd"
+ scspd
+ ;;
+ esac
+
+ # Start ATMARP daemon (if needed)
+ if [ -n "${atm_atmarpd}" ]; then
+ echo -n " atmarpd"
+ atmarpd ${atm_atmarpd}
+ fi
+
+ atm_pass3_done=YES
}
diff --git a/etc/rc.d/diskless b/etc/rc.d/diskless
index a7f0a50..2d777e5 100644
--- a/etc/rc.d/diskless
+++ b/etc/rc.d/diskless
@@ -1,11 +1,14 @@
+#
+#$FreeBSD$
+#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
-if [ -f /etc/defaults/rc.conf ]; then
+ fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
-elif [ -f /etc/rc.conf ]; then
+ /sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
-( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
+(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
-( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
-
+(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512
diff --git a/etc/rc.d/initdiskless b/etc/rc.d/initdiskless
index 0f80c43..d93e36e 100644
--- a/etc/rc.d/initdiskless
+++ b/etc/rc.d/initdiskless
@@ -1,4 +1,6 @@
#
+# $FreeBSD$
+#
# /etc/rc.diskless - general BOOTP startup
#
# BOOTP has mounted / for us. Assume a read-only mount. We must then
@@ -10,14 +12,14 @@
# set by the system operator on the server to be softlinks to
# /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may
# choose to retarget other files as well. The server itself boots
-# properly with its default /conf/ME softlink pointing to
-# /conf/server.host.name.
+# properly with its default /conf/ME softlink pointing to
+# /conf/server.host.name.
#
# During a diskless boot, we retarget the /conf/ME softlink to point
# to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config
# files that are softlinks through /conf/ME also get retargeted.
#
-# SEE SAMPLE FILES IN /usr/share/examples/diskless.
+# SEE SAMPLE FILES IN /usr/share/examples/diskless.
# chkerr:
#
@@ -25,27 +27,31 @@
#
# checks error code and drops into shell on failure.
# if shell exits, terminates script as well as /etc/rc.
-
+#
chkerr() {
- if [ $1 != 0 ]; then
+ case $1 in
+ 0)
+ ;;
+ *)
echo "$2 failed: dropping into /bin/sh"
/bin/sh
# RESUME
- fi
+ ;;
+ esac
}
# DEBUGGING
#
set -v
-# Figure out where the root mount is coming from, synthesize a mount
-# for /usr and mount it.
+# Figure out where the root mount is coming from, synthesize a mount
+# for /usr and mount it.
#
-# e.g. nfs_root might wind up as "A.B.C.D:/"
+# e.g. nfs_root might wind up as "A.B.C.D:/"
#
-# NOTE! the /usr mount is only temporary so we can access commands necessary
-# to retarget /conf/ME. The actual /usr mount should be part of the
-# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
+# NOTE! the /usr mount is only temporary so we can access commands necessary
+# to retarget /conf/ME. The actual /usr mount should be part of the
+# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless.
#
set `/bin/df /`
nfs_root=$8
@@ -53,7 +59,7 @@ mount_nfs -o ro ${nfs_root}/usr /usr
chkerr $? "mount of /usr"
-# Figure out our interface and IP.
+# Figure out our interface and IP.
#
bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'`
@@ -74,7 +80,7 @@ umount /usr
#
# WARNING! null mounts cannot handle mmap, and since many programs
# use mmap (such as 'cp'), we have to copy.
-
+#
mount_mfs -s 256 -T qp120at -o union dummy /conf
chkerr $? "MFS mount on /conf"
@@ -91,7 +97,7 @@ sysctl -w kern.bootfile=/conf/ME/kernel
# else.
#
# This script is responsible for setting up the
-# diskless mount environment. This can be
+# diskless mount environment. This can be
# overriden by /conf/ME/rc.conf.local if, for
# example, you do not want to run the standard
# system /etc/rc.diskless2
diff --git a/etc/rc.d/isdnd b/etc/rc.d/isdnd
index 11e140a..1302102 100644
--- a/etc/rc.d/isdnd
+++ b/etc/rc.d/isdnd
@@ -10,39 +10,53 @@
#
#---------------------------------------------------------------------------
-if [ "${isdn_enable}" = "YES" ] ; then
-
+case ${isdn_enable} in
+[Yy][Ee][Ss])
echo -n 'ISDN subsystem setup:'
- # terminal type for fullscreen mode, default to syscons driver
+ # Terminal type for fullscreen mode, default to syscons driver
+ #
isdn_ttype=cons25
- # check for pcvt driver (VT100/VT220 emulator)
- if [ -x /usr/sbin/ispcvt ] ; then
- if /usr/sbin/ispcvt ; then
+ # Check for pcvt driver (VT100/VT220 emulator)
+ #
+ if [ -x /usr/sbin/ispcvt ]; then
+ if /usr/sbin/ispcvt; then
isdn_ttype=pcvt25
fi
fi
-
- if [ "${isdn_flags}" = "NO" ] ; then
- isdn_flags=""
- fi
-
- # start the isdn daemon
- if [ -x /usr/sbin/isdnd ] ; then
+
+ case ${isdn_flags} in
+ [Nn][Oo] | '')
+ isdn_flags=''
+ ;;
+ esac
+
+ # Start the isdn daemon
+ #
+ if [ -x /usr/sbin/isdnd ]; then
echo -n ' isdnd'
- if [ "${isdn_fsdev}" = "NO" ] ; then
- /usr/sbin/isdnd ${isdn_flags}
- else
+ case ${isdn_fsdev} in
+ [Nn][Oo] | '')
+ /usr/sbin/isdnd ${isdn_flags}
+ ;;
+ *)
/usr/sbin/isdnd ${isdn_flags} -f -r ${isdn_fsdev} -t ${isdn_ttype}
- fi
+ ;;
+ esac
fi
- # start isdntrace
- if [ "${isdn_trace}" = "YES" -a -x /usr/sbin/isdntrace ] ; then
- echo -n ' isdntrace'
- nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 &
- fi
+ # Start isdntrace
+ #
+ case ${isdn_trace} in
+ [Yy][Ee][Ss])
+ if [ -x /usr/sbin/isdntrace ]; then
+ echo -n ' isdntrace'
+ nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 &
+ fi
+ ;;
+ esac
echo '.'
-fi
+ ;;
+esac
diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions
index 781c73f..5ddce80 100644
--- a/etc/rc.d/netoptions
+++ b/etc/rc.d/netoptions
@@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
-# Note that almost all the user-configurable behavior is no longer in
-# this file, but rather in /etc/rc.conf. Please check that file
+# Note that almost all of the user-configurable behavior is no longer in
+# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
-
+#
network_pass1() {
- echo -n 'Doing initial network setup:'
- # Set the host name if it is not already set
- if [ -z "`hostname -s`" ] ; then
- hostname ${hostname}
- echo -n ' hostname'
- fi
-
- # Set the domainname if we're using NIS
- if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
- domainname ${nisdomainname}
- echo -n ' domain'
- fi
- echo '.'
-
- # Initial ATM interface configuration
- if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
- . /etc/rc.atm
- atm_pass1
- fi
-
- # ISDN subsystem startup
- if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
- . /etc/rc.isdn
- fi
-
- # Special options for sppp(4) interfaces go here. These need
- # to go _before_ the general ifconfig section, since in the case
- # of hardwired (no link1 flag) but required authentication, you
- # cannot pass auth parameters down to the already running interface.
- for ifn in ${sppp_interfaces}; do
- eval spppcontrol_args=\$spppconfig_${ifn}
- if [ -n "${spppcontrol_args}" ] ; then
- # The auth secrets might contain spaces; in order
- # to retain the quotation, we need to eval them
- # here.
- eval spppcontrol ${ifn} ${spppcontrol_args}
- fi
- done
-
- # Set up all the network interfaces, calling startup scripts if needed
- if [ "${network_interfaces}" = "auto" ]; then
- network_interfaces="`ifconfig -l`"
- fi
- for ifn in ${network_interfaces}; do
- showstat=false
- if [ -e /etc/start_if.${ifn} ]; then
- . /etc/start_if.${ifn}
- showstat=true
- fi
- # Do the primary ifconfig if specified
- eval ifconfig_args=\$ifconfig_${ifn}
- if [ -n "${ifconfig_args}" ] ; then
- # See if we are using DHCP
- if [ "${ifconfig_args}" = "DHCP" ]; then
- ${dhcp_program} ${dhcp_flags} ${ifn}
- else
- ifconfig ${ifn} ${ifconfig_args}
- fi
- showstat=true
- fi
- # Check to see if aliases need to be added
- alias=0
- while :
- do
- eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args} alias
- showstat=true
- alias=`expr ${alias} + 1`
- else
- break;
- fi
- done
- # Do ipx address if specified
- eval ifconfig_args=\$ifconfig_${ifn}_ipx
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args}
- showstat=true
- fi
- if [ "${showstat}" = "true" ]
- then
- ifconfig ${ifn}
- fi
- done
-
- # Warm up user ppp if required, must happen before natd.
- if [ "${ppp_enable}" = "YES" ]; then
- # Establish ppp mode.
- if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
- -a "${ppp_mode}" != "dedicated" \
- -a "${ppp_mode}" != "background" ]; then
- ppp_mode="auto";
- fi
- ppp_command="-${ppp_mode} ";
-
- # Switch on alias mode?
- if [ "${ppp_nat}" = "YES" ]; then
- ppp_command="${ppp_command} -nat";
- fi
-
- echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
- fi
-
- # Initialize IP filtering using ipfw
- echo ""
- /sbin/ipfw -q flush > /dev/null 2>&1
- if [ $? = 0 ] ; then
- firewall_in_kernel=1
- else
- firewall_in_kernel=0
- fi
-
- if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
- if kldload ipfw; then
- firewall_in_kernel=1 # module loaded successfully
- echo "Kernel firewall module loaded."
- else
- echo "Warning: firewall kernel module failed to load."
- fi
- fi
+ echo -n 'Doing initial network setup:'
- # Load the filters if required
- if [ ${firewall_in_kernel} = 1 ]; then
- if [ -z "${firewall_script}" ] ; then
- firewall_script="/etc/rc.firewall"
+ # Set the host name if it is not already set
+ #
+ if [ -z "`hostname -s`" ]; then
+ hostname ${hostname}
+ echo -n ' hostname'
fi
- if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
- . ${firewall_script}
- echo -n 'Firewall rules loaded, starting divert daemons:'
-
- # Network Address Translation daemon
- if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
- if echo ${natd_interface} | \
- grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
- natd_ifarg="-a ${natd_interface}"
- else
- natd_ifarg="-n ${natd_interface}"
+
+ # Set the domainname if we're using NIS
+ #
+ case ${nisdomainname} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ domainname ${nisdomainname}
+ echo -n ' domain'
+ ;;
+ esac
+
+ echo '.'
+
+ # Initial ATM interface configuration
+ #
+ case ${atm_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.atm ]; then
+ . /etc/rc.atm
+ atm_pass1
+ fi
+ ;;
+ esac
+
+ # ISDN subsystem startup
+ #
+ case ${isdn_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.isdn ]; then
+ . /etc/rc.isdn
+ fi
+ ;;
+ esac
+
+ # Special options for sppp(4) interfaces go here. These need
+ # to go _before_ the general ifconfig section, since in the case
+ # of hardwired (no link1 flag) but required authentication, you
+ # cannot pass auth parameters down to the already running interface.
+ #
+ for ifn in ${sppp_interfaces}; do
+ eval spppcontrol_args=\$spppconfig_${ifn}
+ if [ -n "${spppcontrol_args}" ]; then
+ # The auth secrets might contain spaces; in order
+ # to retain the quotation, we need to eval them
+ # here.
+ eval spppcontrol ${ifn} ${spppcontrol_args}
+ fi
+ done
+
+ # Set up all the network interfaces, calling startup scripts if needed
+ #
+ case ${network_interfaces} in
+ [Aa][Uu][Tt][Oo])
+ network_interfaces="`ifconfig -l`"
+ ;;
+ esac
+
+ for ifn in ${network_interfaces}; do
+ showstat=false
+ if [ -r /etc/start_if.${ifn} ]; then
+ . /etc/start_if.${ifn}
+ showstat=true
fi
- echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
- fi
- echo '.'
+
+ # Do the primary ifconfig if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}
+
+ case ${ifconfig_args} in
+ '')
+ ;;
+ [Dd][Hh][Cc][Pp])
+ ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
+ showstat=true
+ ;;
+ *)
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ ;;
+ esac
+
+ # Check to see if aliases need to be added
+ #
+ alias=0
+ while : ; do
+ eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args} alias
+ showstat=true
+ alias=`expr ${alias} + 1`
+ else
+ break;
+ fi
+ done
+
+ # Do ipx address if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}_ipx
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ fi
+
+ case ${showstat} in
+ true)
+ ifconfig ${ifn}
+ ;;
+ esac
+ done
+
+ # Warm up user ppp if required, must happen before natd.
+ #
+ case ${ppp_enable} in
+ [Yy][Ee][Ss])
+ # Establish ppp mode.
+ #
+ if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
+ -a "${ppp_mode}" != "dedicated" \
+ -a "${ppp_mode}" != "background" ]; then
+ ppp_mode="auto";
+ fi
+
+ ppp_command="-${ppp_mode} ";
+
+ # Switch on alias mode?
+ #
+ case ${ppp_nat} in
+ [Yy][Ee][Ss])
+ ppp_command="${ppp_command} -nat";
+ ;;
+ esac
+
+ echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
+ ;;
+ esac
+
+ # Initialize IP filtering using ipfw
+ #
+ echo ''
+
+ if /sbin/ipfw -q flush > /dev/null 2>&1; then
+ firewall_in_kernel=1
else
- IPFW_DEFAULT=`ipfw l 65535`
- if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
- echo -n "Warning: kernel has firewall functionality, "
- echo "but firewall rules are not enabled."
- echo " All ip services are disabled."
- fi
+ firewall_in_kernel=0
fi
- fi
-
- # Additional ATM interface configuration
- if [ -n "${atm_pass1_done}" ]; then
- atm_pass2
- fi
-
- # Configure routing
-
- if [ "${defaultrouter}" != "NO" ] ; then
- static_routes="default ${static_routes}"
- route_default="default ${defaultrouter}"
- fi
-
- # Set up any static routes. This should be done before router discovery.
- if [ -n "${static_routes}" ]; then
- for i in ${static_routes}; do
- eval route_args=\$route_${i}
- route add ${route_args}
- done
- fi
-
- echo -n 'Additional routing options:'
- if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
- echo -n ' tcp extensions=NO'
- sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
- fi
-
- if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
- echo -n ' log_in_vain=YES'
- sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
- sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
- fi
-
- if [ "${icmp_bmcastecho}" = "YES" ]; then
- echo -n ' broadcast ping responses=YES'
- sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
- fi
-
- if [ "${icmp_drop_redirect}" = "YES" ]; then
- echo -n ' ignore ICMP redirect=YES'
- sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
- fi
-
- if [ "${icmp_log_redirect}" = "YES" ]; then
- echo -n ' log ICMP redirect=YES'
- sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
- fi
-
- if [ "${gateway_enable}" = "YES" ]; then
- echo -n ' IP gateway=YES'
- sysctl -w net.inet.ip.forwarding=1 >/dev/null
- fi
-
- if [ "${forward_sourceroute}" = "YES" ]; then
- echo -n ' do source routing=YES'
- sysctl -w net.inet.ip.sourceroute=1 >/dev/null
- fi
-
- if [ "${accept_sourceroute}" = "YES" ]; then
- echo -n ' accept source routing=YES'
- sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
- fi
-
- if [ "${tcp_keepalive}" = "YES" ]; then
- echo -n ' TCP keepalive=YES'
- sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
- fi
-
- if [ "X$tcp_restrict_rst" = X"YES" ]; then
- echo -n ' restrict TCP reset=YES'
- sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
- fi
-
- if [ "X$tcp_drop_synfin" = X"YES" ]; then
- echo -n ' drop SYN+FIN packets=YES'
- sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
- fi
-
- if [ "${ipxgateway_enable}" = "YES" ]; then
- echo -n ' IPX gateway=YES'
- sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
- fi
-
- if [ "${arpproxy_all}" = "YES" ]; then
- echo -n ' ARP proxyall=YES'
- sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
- fi
- echo '.'
-
- echo -n 'routing daemons:'
- if [ "${router_enable}" = "YES" ]; then
- echo -n " ${router}"; ${router} ${router_flags}
- fi
-
- if [ "${ipxrouted_enable}" = "YES" ]; then
- echo -n ' IPXrouted'
- IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
- fi
-
- if [ "${mrouted_enable}" = "YES" ]; then
- echo -n ' mrouted'; mrouted ${mrouted_flags}
- fi
-
- if [ "${rarpd_enable}" = "YES" ]; then
- echo -n ' rarpd'; rarpd ${rarpd_flags}
- fi
- echo '.'
- network_pass1_done=YES # Let future generations know we made it.
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
+ firewall_in_kernel=1
+ echo "Kernel firewall module loaded."
+ elif [ "${firewall_in_kernel}" -eq 0 ]; then
+ echo "Warning: firewall kernel module failed to load."
+ fi
+ ;;
+ esac
+
+ # Load the filters if required
+ #
+ case ${firewall_in_kernel} in
+ 1)
+ if [ -z "${firewall_script}" ]; then
+ firewall_script=/etc/rc.firewall
+ fi
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ -r ${firewall_script} ]; then
+ . ${firewall_script}
+ echo -n 'Firewall rules loaded, starting divert daemons:'
+
+ # Network Address Translation daemon
+ #
+ case ${natd_enable} in
+ [Yy][Ee][Ss])
+ if [ -n "${natd_interface}" ]; then
+ if echo ${natd_interface} | \
+ grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
+ natd_ifarg="-a ${natd_interface}"
+ else
+ natd_ifarg="-n ${natd_interface}"
+ fi
+
+ echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
+ fi
+ ;;
+ esac
+
+ echo '.'
+
+ elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
+ ;;
+ esac
+ ;;
+ esac
+
+ # Additional ATM interface configuration
+ #
+ if [ -n "${atm_pass1_done}" ]; then
+ atm_pass2
+ fi
+
+ # Configure routing
+ #
+ case ${defaultrouter} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ static_routes="default ${static_routes}"
+ route_default="default ${defaultrouter}"
+ ;;
+ esac
+
+ # Set up any static routes. This should be done before router discovery.
+ #
+ if [ -n "${static_routes}" ]; then
+ for i in ${static_routes}; do
+ eval route_args=\$route_${i}
+ route add ${route_args}
+ done
+ fi
+
+ echo -n 'Additional routing options:'
+ case ${tcp_extensions} in
+ [Yy][Ee][Ss] | '')
+ ;;
+ *)
+ echo -n ' tcp extensions=NO'
+ sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
+ ;;
+ esac
+
+ case ${log_in_vain} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ echo -n ' log_in_vain=YES'
+ sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
+ sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_bmcastecho} in
+ [Yy][Ee][Ss])
+ echo -n ' broadcast ping responses=YES'
+ sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_drop_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' ignore ICMP redirect=YES'
+ sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_log_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' log ICMP redirect=YES'
+ sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${gateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IP gateway=YES'
+ sysctl -w net.inet.ip.forwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${forward_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' do source routing=YES'
+ sysctl -w net.inet.ip.sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${accept_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' accept source routing=YES'
+ sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_keepalive} in
+ [Yy][Ee][Ss])
+ echo -n ' TCP keepalive=YES'
+ sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_restrict_rst} in
+ [Yy][Ee][Ss])
+ echo -n ' restrict TCP reset=YES'
+ sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_drop_synfin} in
+ [Yy][Ee][Ss])
+ echo -n ' drop SYN+FIN packets=YES'
+ sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
+ ;;
+ esac
+
+ case ${ipxgateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPX gateway=YES'
+ sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${arpproxy_all} in
+ [Yy][Ee][Ss])
+ echo -n ' ARP proxyall=YES'
+ sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
+ ;;
+ esac
+ echo '.'
+
+ echo -n 'routing daemons:'
+ case ${router_enable} in
+ [Yy][Ee][Ss])
+ echo -n " ${router}"; ${router} ${router_flags}
+ ;;
+ esac
+
+ case ${ipxrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPXrouted'
+ IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
+ ;;
+ esac
+
+ case ${mrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' mrouted'; mrouted ${mrouted_flags}
+ ;;
+ esac
+
+ case ${rarpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rarpd'; rarpd ${rarpd_flags}
+ ;;
+ esac
+ echo '.'
+
+ # Let future generations know we made it.
+ #
+ network_pass1_done=YES
}
network_pass2() {
- echo -n 'Doing additional network setup:'
- if [ "${named_enable}" = "YES" ]; then
- echo -n ' named'; ${named_program-"named"} ${named_flags}
- fi
-
- if [ "${ntpdate_enable}" = "YES" ]; then
- echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
- fi
-
- if [ "${xntpd_enable}" = "YES" ]; then
- echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
- fi
-
- if [ "${timed_enable}" = "YES" ]; then
- echo -n ' timed'; timed ${timed_flags}
- fi
-
- if [ "${portmap_enable}" = "YES" ]; then
- echo -n ' portmap'; ${portmap_program} ${portmap_flags}
- fi
-
- # Start ypserv if we're an NIS server.
- # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
- if [ "${nis_server_enable}" = "YES" ]; then
- echo -n ' ypserv'; ypserv ${nis_server_flags}
-
- if [ "${nis_ypxfrd_enable}" = "YES" ]; then
- echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
- fi
-
- if [ "${nis_yppasswdd_enable}" = "YES" ]; then
- echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
- fi
- fi
-
- # Start ypbind if we're an NIS client
- if [ "${nis_client_enable}" = "YES" ]; then
- echo -n ' ypbind'; ypbind ${nis_client_flags}
- if [ "${nis_ypset_enable}" = "YES" ]; then
- echo -n ' ypset'; ypset ${nis_ypset_flags}
- fi
- fi
-
- # Start keyserv if we are running Secure RPC
- if [ "${keyserv_enable}" = "YES" ]; then
- echo -n ' keyserv'; keyserv ${keyserv_flags}
- fi
- # Start ypupdated if we are running Secure RPC and we are NIS master
- if [ "${rpc_ypupdated_enable}" = "YES" ]; then
- echo -n ' rpc.ypupdated'; rpc.ypupdated
- fi
-
- # Start ATM daemons
- if [ -n "${atm_pass2_done}" ]; then
- atm_pass3
- fi
-
- echo '.'
- network_pass2_done=YES
+ echo -n 'Doing additional network setup:'
+ case ${named_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' named'; ${named_program:-named} ${named_flags}
+ ;;
+ esac
+
+ case ${ntpdate_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ntpdate'
+ ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
+ ;;
+ esac
+
+ case ${xntpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
+ ;;
+ esac
+
+ case ${timed_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' timed'; timed ${timed_flags}
+ ;;
+ esac
+
+ case ${portmap_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
+ ;;
+ esac
+
+ # Start ypserv if we're an NIS server.
+ # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
+ #
+ case ${nis_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypserv'; ypserv ${nis_server_flags}
+
+ case ${nis_ypxfrd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypxfrd'
+ rpc.ypxfrd ${nis_ypxfrd_flags}
+ ;;
+ esac
+
+ case ${nis_yppasswdd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.yppasswdd'
+ rpc.yppasswdd ${nis_yppasswdd_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start ypbind if we're an NIS client
+ #
+ case ${nis_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypbind'; ypbind ${nis_client_flags}
+ case ${nis_ypset_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypset'; ypset ${nis_ypset_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start keyserv if we are running Secure RPC
+ #
+ case ${keyserv_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' keyserv'; keyserv ${keyserv_flags}
+ ;;
+ esac
+
+ # Start ypupdated if we are running Secure RPC and we are NIS master
+ #
+ case ${rpc_ypupdated_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypupdated'; rpc.ypupdated
+ ;;
+ esac
+
+ # Start ATM daemons
+ if [ -n "${atm_pass2_done}" ]; then
+ atm_pass3
+ fi
+
+ echo '.'
+ network_pass2_done=YES
}
network_pass3() {
- echo -n 'Starting final network daemons:'
-
- if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
- echo -n ' mountd'
- if [ "${weak_mountd_authentication}" = "YES" ]; then
- mountd_flags="-n"
- fi
- mountd ${mountd_flags}
- if [ "${nfs_reserved_port_only}" = "YES" ]; then
- echo -n ' NFS on reserved port only=YES'
- sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
- fi
- echo -n ' nfsd'; nfsd ${nfs_server_flags}
- if [ "${rpc_lockd_enable}" = "YES" ]; then
- echo -n ' rpc.lockd'; rpc.lockd
- fi
- if [ "${rpc_statd_enable}" = "YES" ]; then
- echo -n ' rpc.statd'; rpc.statd
- fi
- fi
-
- if [ "${nfs_client_enable}" = "YES" ]; then
- echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
- if [ "${nfs_access_cache}" != "X" ]; then
+ echo -n 'Starting final network daemons:'
+
+ case ${nfs_server_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/exports ]; then
+ echo -n ' mountd'
+
+ case ${weak_mountd_authentication} in
+ [Yy][Ee][Ss])
+ mountd_flags="-n"
+ ;;
+ esac
+
+ mountd ${mountd_flags}
+
+ case ${nfs_reserved_port_only} in
+ [Yy][Ee][Ss])
+ echo -n ' NFS on reserved port only=YES'
+ sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
+ ;;
+ esac
+
+ echo -n ' nfsd'; nfsd ${nfs_server_flags}
+
+ case ${rpc_lockd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.lockd'; rpc.lockd
+ ;;
+ esac
+
+ case ${rpc_statd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.statd'; rpc.statd
+ ;;
+ esac
+ fi
+ ;;
+ esac
+
+ case ${nfs_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
+ if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
- >/dev/null
- fi
- fi
-
- if [ "${amd_enable}" = "YES" ]; then
- echo -n ' amd'
- if [ "${amd_map_program}" != "NO" ]; then
- amd_flags="${amd_flags} `eval ${amd_map_program}`"
- fi
- if [ -n "${amd_flags}" ]
- then
- amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
- else
- amd 2> /dev/null
- fi
- fi
-
- if [ "${rwhod_enable}" = "YES" ]; then
- echo -n ' rwhod'; rwhod ${rwhod_flags}
- fi
-
- # Kerberos runs ONLY on the Kerberos server machine
- if [ "${kerberos_server_enable}" = "YES" ]; then
- if [ "${kerberos_stash}" = "YES" ]; then
- stash_flag=-n
- else
- stash_flag=
- fi
- echo -n ' kerberos'; \
+ >/dev/null
+ fi
+ ;;
+ esac
+
+ case ${amd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' amd'
+ case ${amd_map_program} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ amd_flags="${amd_flags} `eval ${amd_map_program}`"
+ ;;
+ esac
+
+ if [ -n "${amd_flags}" ]; then
+ amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
+ else
+ amd 2> /dev/null
+ fi
+ ;;
+ esac
+
+ case ${rwhod_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rwhod'; rwhod ${rwhod_flags}
+ ;;
+ esac
+
+ # Kerberos runs ONLY on the Kerberos server machine
+ case ${kerberos_server_enable} in
+ [Yy][Ee][Ss])
+ case ${kerberos_stash} in
+ [Yy][Ee][Ss])
+ stash_flag=-n
+ ;;
+ *)
+ stash_flag=
+ ;;
+ esac
+
+ echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
- if [ "${kadmind_server_enable}" = "YES" ]; then
- echo -n ' kadmind'; \
- (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
- fi
- unset stash_flag
- fi
-
- echo '.'
- network_pass3_done=YES
+
+ case ${kadmind_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' kadmind'
+ (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
+ ;;
+ esac
+ unset stash_flag
+ ;;
+ esac
+
+ echo '.'
+ network_pass3_done=YES
}
diff --git a/etc/rc.d/network1 b/etc/rc.d/network1
index 781c73f..5ddce80 100644
--- a/etc/rc.d/network1
+++ b/etc/rc.d/network1
@@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
-# Note that almost all the user-configurable behavior is no longer in
-# this file, but rather in /etc/rc.conf. Please check that file
+# Note that almost all of the user-configurable behavior is no longer in
+# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
-
+#
network_pass1() {
- echo -n 'Doing initial network setup:'
- # Set the host name if it is not already set
- if [ -z "`hostname -s`" ] ; then
- hostname ${hostname}
- echo -n ' hostname'
- fi
-
- # Set the domainname if we're using NIS
- if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
- domainname ${nisdomainname}
- echo -n ' domain'
- fi
- echo '.'
-
- # Initial ATM interface configuration
- if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
- . /etc/rc.atm
- atm_pass1
- fi
-
- # ISDN subsystem startup
- if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
- . /etc/rc.isdn
- fi
-
- # Special options for sppp(4) interfaces go here. These need
- # to go _before_ the general ifconfig section, since in the case
- # of hardwired (no link1 flag) but required authentication, you
- # cannot pass auth parameters down to the already running interface.
- for ifn in ${sppp_interfaces}; do
- eval spppcontrol_args=\$spppconfig_${ifn}
- if [ -n "${spppcontrol_args}" ] ; then
- # The auth secrets might contain spaces; in order
- # to retain the quotation, we need to eval them
- # here.
- eval spppcontrol ${ifn} ${spppcontrol_args}
- fi
- done
-
- # Set up all the network interfaces, calling startup scripts if needed
- if [ "${network_interfaces}" = "auto" ]; then
- network_interfaces="`ifconfig -l`"
- fi
- for ifn in ${network_interfaces}; do
- showstat=false
- if [ -e /etc/start_if.${ifn} ]; then
- . /etc/start_if.${ifn}
- showstat=true
- fi
- # Do the primary ifconfig if specified
- eval ifconfig_args=\$ifconfig_${ifn}
- if [ -n "${ifconfig_args}" ] ; then
- # See if we are using DHCP
- if [ "${ifconfig_args}" = "DHCP" ]; then
- ${dhcp_program} ${dhcp_flags} ${ifn}
- else
- ifconfig ${ifn} ${ifconfig_args}
- fi
- showstat=true
- fi
- # Check to see if aliases need to be added
- alias=0
- while :
- do
- eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args} alias
- showstat=true
- alias=`expr ${alias} + 1`
- else
- break;
- fi
- done
- # Do ipx address if specified
- eval ifconfig_args=\$ifconfig_${ifn}_ipx
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args}
- showstat=true
- fi
- if [ "${showstat}" = "true" ]
- then
- ifconfig ${ifn}
- fi
- done
-
- # Warm up user ppp if required, must happen before natd.
- if [ "${ppp_enable}" = "YES" ]; then
- # Establish ppp mode.
- if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
- -a "${ppp_mode}" != "dedicated" \
- -a "${ppp_mode}" != "background" ]; then
- ppp_mode="auto";
- fi
- ppp_command="-${ppp_mode} ";
-
- # Switch on alias mode?
- if [ "${ppp_nat}" = "YES" ]; then
- ppp_command="${ppp_command} -nat";
- fi
-
- echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
- fi
-
- # Initialize IP filtering using ipfw
- echo ""
- /sbin/ipfw -q flush > /dev/null 2>&1
- if [ $? = 0 ] ; then
- firewall_in_kernel=1
- else
- firewall_in_kernel=0
- fi
-
- if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
- if kldload ipfw; then
- firewall_in_kernel=1 # module loaded successfully
- echo "Kernel firewall module loaded."
- else
- echo "Warning: firewall kernel module failed to load."
- fi
- fi
+ echo -n 'Doing initial network setup:'
- # Load the filters if required
- if [ ${firewall_in_kernel} = 1 ]; then
- if [ -z "${firewall_script}" ] ; then
- firewall_script="/etc/rc.firewall"
+ # Set the host name if it is not already set
+ #
+ if [ -z "`hostname -s`" ]; then
+ hostname ${hostname}
+ echo -n ' hostname'
fi
- if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
- . ${firewall_script}
- echo -n 'Firewall rules loaded, starting divert daemons:'
-
- # Network Address Translation daemon
- if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
- if echo ${natd_interface} | \
- grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
- natd_ifarg="-a ${natd_interface}"
- else
- natd_ifarg="-n ${natd_interface}"
+
+ # Set the domainname if we're using NIS
+ #
+ case ${nisdomainname} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ domainname ${nisdomainname}
+ echo -n ' domain'
+ ;;
+ esac
+
+ echo '.'
+
+ # Initial ATM interface configuration
+ #
+ case ${atm_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.atm ]; then
+ . /etc/rc.atm
+ atm_pass1
+ fi
+ ;;
+ esac
+
+ # ISDN subsystem startup
+ #
+ case ${isdn_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.isdn ]; then
+ . /etc/rc.isdn
+ fi
+ ;;
+ esac
+
+ # Special options for sppp(4) interfaces go here. These need
+ # to go _before_ the general ifconfig section, since in the case
+ # of hardwired (no link1 flag) but required authentication, you
+ # cannot pass auth parameters down to the already running interface.
+ #
+ for ifn in ${sppp_interfaces}; do
+ eval spppcontrol_args=\$spppconfig_${ifn}
+ if [ -n "${spppcontrol_args}" ]; then
+ # The auth secrets might contain spaces; in order
+ # to retain the quotation, we need to eval them
+ # here.
+ eval spppcontrol ${ifn} ${spppcontrol_args}
+ fi
+ done
+
+ # Set up all the network interfaces, calling startup scripts if needed
+ #
+ case ${network_interfaces} in
+ [Aa][Uu][Tt][Oo])
+ network_interfaces="`ifconfig -l`"
+ ;;
+ esac
+
+ for ifn in ${network_interfaces}; do
+ showstat=false
+ if [ -r /etc/start_if.${ifn} ]; then
+ . /etc/start_if.${ifn}
+ showstat=true
fi
- echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
- fi
- echo '.'
+
+ # Do the primary ifconfig if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}
+
+ case ${ifconfig_args} in
+ '')
+ ;;
+ [Dd][Hh][Cc][Pp])
+ ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
+ showstat=true
+ ;;
+ *)
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ ;;
+ esac
+
+ # Check to see if aliases need to be added
+ #
+ alias=0
+ while : ; do
+ eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args} alias
+ showstat=true
+ alias=`expr ${alias} + 1`
+ else
+ break;
+ fi
+ done
+
+ # Do ipx address if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}_ipx
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ fi
+
+ case ${showstat} in
+ true)
+ ifconfig ${ifn}
+ ;;
+ esac
+ done
+
+ # Warm up user ppp if required, must happen before natd.
+ #
+ case ${ppp_enable} in
+ [Yy][Ee][Ss])
+ # Establish ppp mode.
+ #
+ if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
+ -a "${ppp_mode}" != "dedicated" \
+ -a "${ppp_mode}" != "background" ]; then
+ ppp_mode="auto";
+ fi
+
+ ppp_command="-${ppp_mode} ";
+
+ # Switch on alias mode?
+ #
+ case ${ppp_nat} in
+ [Yy][Ee][Ss])
+ ppp_command="${ppp_command} -nat";
+ ;;
+ esac
+
+ echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
+ ;;
+ esac
+
+ # Initialize IP filtering using ipfw
+ #
+ echo ''
+
+ if /sbin/ipfw -q flush > /dev/null 2>&1; then
+ firewall_in_kernel=1
else
- IPFW_DEFAULT=`ipfw l 65535`
- if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
- echo -n "Warning: kernel has firewall functionality, "
- echo "but firewall rules are not enabled."
- echo " All ip services are disabled."
- fi
+ firewall_in_kernel=0
fi
- fi
-
- # Additional ATM interface configuration
- if [ -n "${atm_pass1_done}" ]; then
- atm_pass2
- fi
-
- # Configure routing
-
- if [ "${defaultrouter}" != "NO" ] ; then
- static_routes="default ${static_routes}"
- route_default="default ${defaultrouter}"
- fi
-
- # Set up any static routes. This should be done before router discovery.
- if [ -n "${static_routes}" ]; then
- for i in ${static_routes}; do
- eval route_args=\$route_${i}
- route add ${route_args}
- done
- fi
-
- echo -n 'Additional routing options:'
- if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
- echo -n ' tcp extensions=NO'
- sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
- fi
-
- if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
- echo -n ' log_in_vain=YES'
- sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
- sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
- fi
-
- if [ "${icmp_bmcastecho}" = "YES" ]; then
- echo -n ' broadcast ping responses=YES'
- sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
- fi
-
- if [ "${icmp_drop_redirect}" = "YES" ]; then
- echo -n ' ignore ICMP redirect=YES'
- sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
- fi
-
- if [ "${icmp_log_redirect}" = "YES" ]; then
- echo -n ' log ICMP redirect=YES'
- sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
- fi
-
- if [ "${gateway_enable}" = "YES" ]; then
- echo -n ' IP gateway=YES'
- sysctl -w net.inet.ip.forwarding=1 >/dev/null
- fi
-
- if [ "${forward_sourceroute}" = "YES" ]; then
- echo -n ' do source routing=YES'
- sysctl -w net.inet.ip.sourceroute=1 >/dev/null
- fi
-
- if [ "${accept_sourceroute}" = "YES" ]; then
- echo -n ' accept source routing=YES'
- sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
- fi
-
- if [ "${tcp_keepalive}" = "YES" ]; then
- echo -n ' TCP keepalive=YES'
- sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
- fi
-
- if [ "X$tcp_restrict_rst" = X"YES" ]; then
- echo -n ' restrict TCP reset=YES'
- sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
- fi
-
- if [ "X$tcp_drop_synfin" = X"YES" ]; then
- echo -n ' drop SYN+FIN packets=YES'
- sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
- fi
-
- if [ "${ipxgateway_enable}" = "YES" ]; then
- echo -n ' IPX gateway=YES'
- sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
- fi
-
- if [ "${arpproxy_all}" = "YES" ]; then
- echo -n ' ARP proxyall=YES'
- sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
- fi
- echo '.'
-
- echo -n 'routing daemons:'
- if [ "${router_enable}" = "YES" ]; then
- echo -n " ${router}"; ${router} ${router_flags}
- fi
-
- if [ "${ipxrouted_enable}" = "YES" ]; then
- echo -n ' IPXrouted'
- IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
- fi
-
- if [ "${mrouted_enable}" = "YES" ]; then
- echo -n ' mrouted'; mrouted ${mrouted_flags}
- fi
-
- if [ "${rarpd_enable}" = "YES" ]; then
- echo -n ' rarpd'; rarpd ${rarpd_flags}
- fi
- echo '.'
- network_pass1_done=YES # Let future generations know we made it.
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
+ firewall_in_kernel=1
+ echo "Kernel firewall module loaded."
+ elif [ "${firewall_in_kernel}" -eq 0 ]; then
+ echo "Warning: firewall kernel module failed to load."
+ fi
+ ;;
+ esac
+
+ # Load the filters if required
+ #
+ case ${firewall_in_kernel} in
+ 1)
+ if [ -z "${firewall_script}" ]; then
+ firewall_script=/etc/rc.firewall
+ fi
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ -r ${firewall_script} ]; then
+ . ${firewall_script}
+ echo -n 'Firewall rules loaded, starting divert daemons:'
+
+ # Network Address Translation daemon
+ #
+ case ${natd_enable} in
+ [Yy][Ee][Ss])
+ if [ -n "${natd_interface}" ]; then
+ if echo ${natd_interface} | \
+ grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
+ natd_ifarg="-a ${natd_interface}"
+ else
+ natd_ifarg="-n ${natd_interface}"
+ fi
+
+ echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
+ fi
+ ;;
+ esac
+
+ echo '.'
+
+ elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
+ ;;
+ esac
+ ;;
+ esac
+
+ # Additional ATM interface configuration
+ #
+ if [ -n "${atm_pass1_done}" ]; then
+ atm_pass2
+ fi
+
+ # Configure routing
+ #
+ case ${defaultrouter} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ static_routes="default ${static_routes}"
+ route_default="default ${defaultrouter}"
+ ;;
+ esac
+
+ # Set up any static routes. This should be done before router discovery.
+ #
+ if [ -n "${static_routes}" ]; then
+ for i in ${static_routes}; do
+ eval route_args=\$route_${i}
+ route add ${route_args}
+ done
+ fi
+
+ echo -n 'Additional routing options:'
+ case ${tcp_extensions} in
+ [Yy][Ee][Ss] | '')
+ ;;
+ *)
+ echo -n ' tcp extensions=NO'
+ sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
+ ;;
+ esac
+
+ case ${log_in_vain} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ echo -n ' log_in_vain=YES'
+ sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
+ sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_bmcastecho} in
+ [Yy][Ee][Ss])
+ echo -n ' broadcast ping responses=YES'
+ sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_drop_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' ignore ICMP redirect=YES'
+ sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_log_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' log ICMP redirect=YES'
+ sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${gateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IP gateway=YES'
+ sysctl -w net.inet.ip.forwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${forward_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' do source routing=YES'
+ sysctl -w net.inet.ip.sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${accept_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' accept source routing=YES'
+ sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_keepalive} in
+ [Yy][Ee][Ss])
+ echo -n ' TCP keepalive=YES'
+ sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_restrict_rst} in
+ [Yy][Ee][Ss])
+ echo -n ' restrict TCP reset=YES'
+ sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_drop_synfin} in
+ [Yy][Ee][Ss])
+ echo -n ' drop SYN+FIN packets=YES'
+ sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
+ ;;
+ esac
+
+ case ${ipxgateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPX gateway=YES'
+ sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${arpproxy_all} in
+ [Yy][Ee][Ss])
+ echo -n ' ARP proxyall=YES'
+ sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
+ ;;
+ esac
+ echo '.'
+
+ echo -n 'routing daemons:'
+ case ${router_enable} in
+ [Yy][Ee][Ss])
+ echo -n " ${router}"; ${router} ${router_flags}
+ ;;
+ esac
+
+ case ${ipxrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPXrouted'
+ IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
+ ;;
+ esac
+
+ case ${mrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' mrouted'; mrouted ${mrouted_flags}
+ ;;
+ esac
+
+ case ${rarpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rarpd'; rarpd ${rarpd_flags}
+ ;;
+ esac
+ echo '.'
+
+ # Let future generations know we made it.
+ #
+ network_pass1_done=YES
}
network_pass2() {
- echo -n 'Doing additional network setup:'
- if [ "${named_enable}" = "YES" ]; then
- echo -n ' named'; ${named_program-"named"} ${named_flags}
- fi
-
- if [ "${ntpdate_enable}" = "YES" ]; then
- echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
- fi
-
- if [ "${xntpd_enable}" = "YES" ]; then
- echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
- fi
-
- if [ "${timed_enable}" = "YES" ]; then
- echo -n ' timed'; timed ${timed_flags}
- fi
-
- if [ "${portmap_enable}" = "YES" ]; then
- echo -n ' portmap'; ${portmap_program} ${portmap_flags}
- fi
-
- # Start ypserv if we're an NIS server.
- # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
- if [ "${nis_server_enable}" = "YES" ]; then
- echo -n ' ypserv'; ypserv ${nis_server_flags}
-
- if [ "${nis_ypxfrd_enable}" = "YES" ]; then
- echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
- fi
-
- if [ "${nis_yppasswdd_enable}" = "YES" ]; then
- echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
- fi
- fi
-
- # Start ypbind if we're an NIS client
- if [ "${nis_client_enable}" = "YES" ]; then
- echo -n ' ypbind'; ypbind ${nis_client_flags}
- if [ "${nis_ypset_enable}" = "YES" ]; then
- echo -n ' ypset'; ypset ${nis_ypset_flags}
- fi
- fi
-
- # Start keyserv if we are running Secure RPC
- if [ "${keyserv_enable}" = "YES" ]; then
- echo -n ' keyserv'; keyserv ${keyserv_flags}
- fi
- # Start ypupdated if we are running Secure RPC and we are NIS master
- if [ "${rpc_ypupdated_enable}" = "YES" ]; then
- echo -n ' rpc.ypupdated'; rpc.ypupdated
- fi
-
- # Start ATM daemons
- if [ -n "${atm_pass2_done}" ]; then
- atm_pass3
- fi
-
- echo '.'
- network_pass2_done=YES
+ echo -n 'Doing additional network setup:'
+ case ${named_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' named'; ${named_program:-named} ${named_flags}
+ ;;
+ esac
+
+ case ${ntpdate_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ntpdate'
+ ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
+ ;;
+ esac
+
+ case ${xntpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
+ ;;
+ esac
+
+ case ${timed_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' timed'; timed ${timed_flags}
+ ;;
+ esac
+
+ case ${portmap_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
+ ;;
+ esac
+
+ # Start ypserv if we're an NIS server.
+ # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
+ #
+ case ${nis_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypserv'; ypserv ${nis_server_flags}
+
+ case ${nis_ypxfrd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypxfrd'
+ rpc.ypxfrd ${nis_ypxfrd_flags}
+ ;;
+ esac
+
+ case ${nis_yppasswdd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.yppasswdd'
+ rpc.yppasswdd ${nis_yppasswdd_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start ypbind if we're an NIS client
+ #
+ case ${nis_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypbind'; ypbind ${nis_client_flags}
+ case ${nis_ypset_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypset'; ypset ${nis_ypset_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start keyserv if we are running Secure RPC
+ #
+ case ${keyserv_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' keyserv'; keyserv ${keyserv_flags}
+ ;;
+ esac
+
+ # Start ypupdated if we are running Secure RPC and we are NIS master
+ #
+ case ${rpc_ypupdated_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypupdated'; rpc.ypupdated
+ ;;
+ esac
+
+ # Start ATM daemons
+ if [ -n "${atm_pass2_done}" ]; then
+ atm_pass3
+ fi
+
+ echo '.'
+ network_pass2_done=YES
}
network_pass3() {
- echo -n 'Starting final network daemons:'
-
- if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
- echo -n ' mountd'
- if [ "${weak_mountd_authentication}" = "YES" ]; then
- mountd_flags="-n"
- fi
- mountd ${mountd_flags}
- if [ "${nfs_reserved_port_only}" = "YES" ]; then
- echo -n ' NFS on reserved port only=YES'
- sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
- fi
- echo -n ' nfsd'; nfsd ${nfs_server_flags}
- if [ "${rpc_lockd_enable}" = "YES" ]; then
- echo -n ' rpc.lockd'; rpc.lockd
- fi
- if [ "${rpc_statd_enable}" = "YES" ]; then
- echo -n ' rpc.statd'; rpc.statd
- fi
- fi
-
- if [ "${nfs_client_enable}" = "YES" ]; then
- echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
- if [ "${nfs_access_cache}" != "X" ]; then
+ echo -n 'Starting final network daemons:'
+
+ case ${nfs_server_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/exports ]; then
+ echo -n ' mountd'
+
+ case ${weak_mountd_authentication} in
+ [Yy][Ee][Ss])
+ mountd_flags="-n"
+ ;;
+ esac
+
+ mountd ${mountd_flags}
+
+ case ${nfs_reserved_port_only} in
+ [Yy][Ee][Ss])
+ echo -n ' NFS on reserved port only=YES'
+ sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
+ ;;
+ esac
+
+ echo -n ' nfsd'; nfsd ${nfs_server_flags}
+
+ case ${rpc_lockd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.lockd'; rpc.lockd
+ ;;
+ esac
+
+ case ${rpc_statd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.statd'; rpc.statd
+ ;;
+ esac
+ fi
+ ;;
+ esac
+
+ case ${nfs_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
+ if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
- >/dev/null
- fi
- fi
-
- if [ "${amd_enable}" = "YES" ]; then
- echo -n ' amd'
- if [ "${amd_map_program}" != "NO" ]; then
- amd_flags="${amd_flags} `eval ${amd_map_program}`"
- fi
- if [ -n "${amd_flags}" ]
- then
- amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
- else
- amd 2> /dev/null
- fi
- fi
-
- if [ "${rwhod_enable}" = "YES" ]; then
- echo -n ' rwhod'; rwhod ${rwhod_flags}
- fi
-
- # Kerberos runs ONLY on the Kerberos server machine
- if [ "${kerberos_server_enable}" = "YES" ]; then
- if [ "${kerberos_stash}" = "YES" ]; then
- stash_flag=-n
- else
- stash_flag=
- fi
- echo -n ' kerberos'; \
+ >/dev/null
+ fi
+ ;;
+ esac
+
+ case ${amd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' amd'
+ case ${amd_map_program} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ amd_flags="${amd_flags} `eval ${amd_map_program}`"
+ ;;
+ esac
+
+ if [ -n "${amd_flags}" ]; then
+ amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
+ else
+ amd 2> /dev/null
+ fi
+ ;;
+ esac
+
+ case ${rwhod_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rwhod'; rwhod ${rwhod_flags}
+ ;;
+ esac
+
+ # Kerberos runs ONLY on the Kerberos server machine
+ case ${kerberos_server_enable} in
+ [Yy][Ee][Ss])
+ case ${kerberos_stash} in
+ [Yy][Ee][Ss])
+ stash_flag=-n
+ ;;
+ *)
+ stash_flag=
+ ;;
+ esac
+
+ echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
- if [ "${kadmind_server_enable}" = "YES" ]; then
- echo -n ' kadmind'; \
- (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
- fi
- unset stash_flag
- fi
-
- echo '.'
- network_pass3_done=YES
+
+ case ${kadmind_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' kadmind'
+ (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
+ ;;
+ esac
+ unset stash_flag
+ ;;
+ esac
+
+ echo '.'
+ network_pass3_done=YES
}
diff --git a/etc/rc.d/network2 b/etc/rc.d/network2
index 781c73f..5ddce80 100644
--- a/etc/rc.d/network2
+++ b/etc/rc.d/network2
@@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
-# Note that almost all the user-configurable behavior is no longer in
-# this file, but rather in /etc/rc.conf. Please check that file
+# Note that almost all of the user-configurable behavior is no longer in
+# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
-
+#
network_pass1() {
- echo -n 'Doing initial network setup:'
- # Set the host name if it is not already set
- if [ -z "`hostname -s`" ] ; then
- hostname ${hostname}
- echo -n ' hostname'
- fi
-
- # Set the domainname if we're using NIS
- if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
- domainname ${nisdomainname}
- echo -n ' domain'
- fi
- echo '.'
-
- # Initial ATM interface configuration
- if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
- . /etc/rc.atm
- atm_pass1
- fi
-
- # ISDN subsystem startup
- if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
- . /etc/rc.isdn
- fi
-
- # Special options for sppp(4) interfaces go here. These need
- # to go _before_ the general ifconfig section, since in the case
- # of hardwired (no link1 flag) but required authentication, you
- # cannot pass auth parameters down to the already running interface.
- for ifn in ${sppp_interfaces}; do
- eval spppcontrol_args=\$spppconfig_${ifn}
- if [ -n "${spppcontrol_args}" ] ; then
- # The auth secrets might contain spaces; in order
- # to retain the quotation, we need to eval them
- # here.
- eval spppcontrol ${ifn} ${spppcontrol_args}
- fi
- done
-
- # Set up all the network interfaces, calling startup scripts if needed
- if [ "${network_interfaces}" = "auto" ]; then
- network_interfaces="`ifconfig -l`"
- fi
- for ifn in ${network_interfaces}; do
- showstat=false
- if [ -e /etc/start_if.${ifn} ]; then
- . /etc/start_if.${ifn}
- showstat=true
- fi
- # Do the primary ifconfig if specified
- eval ifconfig_args=\$ifconfig_${ifn}
- if [ -n "${ifconfig_args}" ] ; then
- # See if we are using DHCP
- if [ "${ifconfig_args}" = "DHCP" ]; then
- ${dhcp_program} ${dhcp_flags} ${ifn}
- else
- ifconfig ${ifn} ${ifconfig_args}
- fi
- showstat=true
- fi
- # Check to see if aliases need to be added
- alias=0
- while :
- do
- eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args} alias
- showstat=true
- alias=`expr ${alias} + 1`
- else
- break;
- fi
- done
- # Do ipx address if specified
- eval ifconfig_args=\$ifconfig_${ifn}_ipx
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args}
- showstat=true
- fi
- if [ "${showstat}" = "true" ]
- then
- ifconfig ${ifn}
- fi
- done
-
- # Warm up user ppp if required, must happen before natd.
- if [ "${ppp_enable}" = "YES" ]; then
- # Establish ppp mode.
- if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
- -a "${ppp_mode}" != "dedicated" \
- -a "${ppp_mode}" != "background" ]; then
- ppp_mode="auto";
- fi
- ppp_command="-${ppp_mode} ";
-
- # Switch on alias mode?
- if [ "${ppp_nat}" = "YES" ]; then
- ppp_command="${ppp_command} -nat";
- fi
-
- echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
- fi
-
- # Initialize IP filtering using ipfw
- echo ""
- /sbin/ipfw -q flush > /dev/null 2>&1
- if [ $? = 0 ] ; then
- firewall_in_kernel=1
- else
- firewall_in_kernel=0
- fi
-
- if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
- if kldload ipfw; then
- firewall_in_kernel=1 # module loaded successfully
- echo "Kernel firewall module loaded."
- else
- echo "Warning: firewall kernel module failed to load."
- fi
- fi
+ echo -n 'Doing initial network setup:'
- # Load the filters if required
- if [ ${firewall_in_kernel} = 1 ]; then
- if [ -z "${firewall_script}" ] ; then
- firewall_script="/etc/rc.firewall"
+ # Set the host name if it is not already set
+ #
+ if [ -z "`hostname -s`" ]; then
+ hostname ${hostname}
+ echo -n ' hostname'
fi
- if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
- . ${firewall_script}
- echo -n 'Firewall rules loaded, starting divert daemons:'
-
- # Network Address Translation daemon
- if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
- if echo ${natd_interface} | \
- grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
- natd_ifarg="-a ${natd_interface}"
- else
- natd_ifarg="-n ${natd_interface}"
+
+ # Set the domainname if we're using NIS
+ #
+ case ${nisdomainname} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ domainname ${nisdomainname}
+ echo -n ' domain'
+ ;;
+ esac
+
+ echo '.'
+
+ # Initial ATM interface configuration
+ #
+ case ${atm_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.atm ]; then
+ . /etc/rc.atm
+ atm_pass1
+ fi
+ ;;
+ esac
+
+ # ISDN subsystem startup
+ #
+ case ${isdn_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.isdn ]; then
+ . /etc/rc.isdn
+ fi
+ ;;
+ esac
+
+ # Special options for sppp(4) interfaces go here. These need
+ # to go _before_ the general ifconfig section, since in the case
+ # of hardwired (no link1 flag) but required authentication, you
+ # cannot pass auth parameters down to the already running interface.
+ #
+ for ifn in ${sppp_interfaces}; do
+ eval spppcontrol_args=\$spppconfig_${ifn}
+ if [ -n "${spppcontrol_args}" ]; then
+ # The auth secrets might contain spaces; in order
+ # to retain the quotation, we need to eval them
+ # here.
+ eval spppcontrol ${ifn} ${spppcontrol_args}
+ fi
+ done
+
+ # Set up all the network interfaces, calling startup scripts if needed
+ #
+ case ${network_interfaces} in
+ [Aa][Uu][Tt][Oo])
+ network_interfaces="`ifconfig -l`"
+ ;;
+ esac
+
+ for ifn in ${network_interfaces}; do
+ showstat=false
+ if [ -r /etc/start_if.${ifn} ]; then
+ . /etc/start_if.${ifn}
+ showstat=true
fi
- echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
- fi
- echo '.'
+
+ # Do the primary ifconfig if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}
+
+ case ${ifconfig_args} in
+ '')
+ ;;
+ [Dd][Hh][Cc][Pp])
+ ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
+ showstat=true
+ ;;
+ *)
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ ;;
+ esac
+
+ # Check to see if aliases need to be added
+ #
+ alias=0
+ while : ; do
+ eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args} alias
+ showstat=true
+ alias=`expr ${alias} + 1`
+ else
+ break;
+ fi
+ done
+
+ # Do ipx address if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}_ipx
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ fi
+
+ case ${showstat} in
+ true)
+ ifconfig ${ifn}
+ ;;
+ esac
+ done
+
+ # Warm up user ppp if required, must happen before natd.
+ #
+ case ${ppp_enable} in
+ [Yy][Ee][Ss])
+ # Establish ppp mode.
+ #
+ if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
+ -a "${ppp_mode}" != "dedicated" \
+ -a "${ppp_mode}" != "background" ]; then
+ ppp_mode="auto";
+ fi
+
+ ppp_command="-${ppp_mode} ";
+
+ # Switch on alias mode?
+ #
+ case ${ppp_nat} in
+ [Yy][Ee][Ss])
+ ppp_command="${ppp_command} -nat";
+ ;;
+ esac
+
+ echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
+ ;;
+ esac
+
+ # Initialize IP filtering using ipfw
+ #
+ echo ''
+
+ if /sbin/ipfw -q flush > /dev/null 2>&1; then
+ firewall_in_kernel=1
else
- IPFW_DEFAULT=`ipfw l 65535`
- if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
- echo -n "Warning: kernel has firewall functionality, "
- echo "but firewall rules are not enabled."
- echo " All ip services are disabled."
- fi
+ firewall_in_kernel=0
fi
- fi
-
- # Additional ATM interface configuration
- if [ -n "${atm_pass1_done}" ]; then
- atm_pass2
- fi
-
- # Configure routing
-
- if [ "${defaultrouter}" != "NO" ] ; then
- static_routes="default ${static_routes}"
- route_default="default ${defaultrouter}"
- fi
-
- # Set up any static routes. This should be done before router discovery.
- if [ -n "${static_routes}" ]; then
- for i in ${static_routes}; do
- eval route_args=\$route_${i}
- route add ${route_args}
- done
- fi
-
- echo -n 'Additional routing options:'
- if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
- echo -n ' tcp extensions=NO'
- sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
- fi
-
- if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
- echo -n ' log_in_vain=YES'
- sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
- sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
- fi
-
- if [ "${icmp_bmcastecho}" = "YES" ]; then
- echo -n ' broadcast ping responses=YES'
- sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
- fi
-
- if [ "${icmp_drop_redirect}" = "YES" ]; then
- echo -n ' ignore ICMP redirect=YES'
- sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
- fi
-
- if [ "${icmp_log_redirect}" = "YES" ]; then
- echo -n ' log ICMP redirect=YES'
- sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
- fi
-
- if [ "${gateway_enable}" = "YES" ]; then
- echo -n ' IP gateway=YES'
- sysctl -w net.inet.ip.forwarding=1 >/dev/null
- fi
-
- if [ "${forward_sourceroute}" = "YES" ]; then
- echo -n ' do source routing=YES'
- sysctl -w net.inet.ip.sourceroute=1 >/dev/null
- fi
-
- if [ "${accept_sourceroute}" = "YES" ]; then
- echo -n ' accept source routing=YES'
- sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
- fi
-
- if [ "${tcp_keepalive}" = "YES" ]; then
- echo -n ' TCP keepalive=YES'
- sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
- fi
-
- if [ "X$tcp_restrict_rst" = X"YES" ]; then
- echo -n ' restrict TCP reset=YES'
- sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
- fi
-
- if [ "X$tcp_drop_synfin" = X"YES" ]; then
- echo -n ' drop SYN+FIN packets=YES'
- sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
- fi
-
- if [ "${ipxgateway_enable}" = "YES" ]; then
- echo -n ' IPX gateway=YES'
- sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
- fi
-
- if [ "${arpproxy_all}" = "YES" ]; then
- echo -n ' ARP proxyall=YES'
- sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
- fi
- echo '.'
-
- echo -n 'routing daemons:'
- if [ "${router_enable}" = "YES" ]; then
- echo -n " ${router}"; ${router} ${router_flags}
- fi
-
- if [ "${ipxrouted_enable}" = "YES" ]; then
- echo -n ' IPXrouted'
- IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
- fi
-
- if [ "${mrouted_enable}" = "YES" ]; then
- echo -n ' mrouted'; mrouted ${mrouted_flags}
- fi
-
- if [ "${rarpd_enable}" = "YES" ]; then
- echo -n ' rarpd'; rarpd ${rarpd_flags}
- fi
- echo '.'
- network_pass1_done=YES # Let future generations know we made it.
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
+ firewall_in_kernel=1
+ echo "Kernel firewall module loaded."
+ elif [ "${firewall_in_kernel}" -eq 0 ]; then
+ echo "Warning: firewall kernel module failed to load."
+ fi
+ ;;
+ esac
+
+ # Load the filters if required
+ #
+ case ${firewall_in_kernel} in
+ 1)
+ if [ -z "${firewall_script}" ]; then
+ firewall_script=/etc/rc.firewall
+ fi
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ -r ${firewall_script} ]; then
+ . ${firewall_script}
+ echo -n 'Firewall rules loaded, starting divert daemons:'
+
+ # Network Address Translation daemon
+ #
+ case ${natd_enable} in
+ [Yy][Ee][Ss])
+ if [ -n "${natd_interface}" ]; then
+ if echo ${natd_interface} | \
+ grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
+ natd_ifarg="-a ${natd_interface}"
+ else
+ natd_ifarg="-n ${natd_interface}"
+ fi
+
+ echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
+ fi
+ ;;
+ esac
+
+ echo '.'
+
+ elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
+ ;;
+ esac
+ ;;
+ esac
+
+ # Additional ATM interface configuration
+ #
+ if [ -n "${atm_pass1_done}" ]; then
+ atm_pass2
+ fi
+
+ # Configure routing
+ #
+ case ${defaultrouter} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ static_routes="default ${static_routes}"
+ route_default="default ${defaultrouter}"
+ ;;
+ esac
+
+ # Set up any static routes. This should be done before router discovery.
+ #
+ if [ -n "${static_routes}" ]; then
+ for i in ${static_routes}; do
+ eval route_args=\$route_${i}
+ route add ${route_args}
+ done
+ fi
+
+ echo -n 'Additional routing options:'
+ case ${tcp_extensions} in
+ [Yy][Ee][Ss] | '')
+ ;;
+ *)
+ echo -n ' tcp extensions=NO'
+ sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
+ ;;
+ esac
+
+ case ${log_in_vain} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ echo -n ' log_in_vain=YES'
+ sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
+ sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_bmcastecho} in
+ [Yy][Ee][Ss])
+ echo -n ' broadcast ping responses=YES'
+ sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_drop_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' ignore ICMP redirect=YES'
+ sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_log_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' log ICMP redirect=YES'
+ sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${gateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IP gateway=YES'
+ sysctl -w net.inet.ip.forwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${forward_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' do source routing=YES'
+ sysctl -w net.inet.ip.sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${accept_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' accept source routing=YES'
+ sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_keepalive} in
+ [Yy][Ee][Ss])
+ echo -n ' TCP keepalive=YES'
+ sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_restrict_rst} in
+ [Yy][Ee][Ss])
+ echo -n ' restrict TCP reset=YES'
+ sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_drop_synfin} in
+ [Yy][Ee][Ss])
+ echo -n ' drop SYN+FIN packets=YES'
+ sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
+ ;;
+ esac
+
+ case ${ipxgateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPX gateway=YES'
+ sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${arpproxy_all} in
+ [Yy][Ee][Ss])
+ echo -n ' ARP proxyall=YES'
+ sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
+ ;;
+ esac
+ echo '.'
+
+ echo -n 'routing daemons:'
+ case ${router_enable} in
+ [Yy][Ee][Ss])
+ echo -n " ${router}"; ${router} ${router_flags}
+ ;;
+ esac
+
+ case ${ipxrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPXrouted'
+ IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
+ ;;
+ esac
+
+ case ${mrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' mrouted'; mrouted ${mrouted_flags}
+ ;;
+ esac
+
+ case ${rarpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rarpd'; rarpd ${rarpd_flags}
+ ;;
+ esac
+ echo '.'
+
+ # Let future generations know we made it.
+ #
+ network_pass1_done=YES
}
network_pass2() {
- echo -n 'Doing additional network setup:'
- if [ "${named_enable}" = "YES" ]; then
- echo -n ' named'; ${named_program-"named"} ${named_flags}
- fi
-
- if [ "${ntpdate_enable}" = "YES" ]; then
- echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
- fi
-
- if [ "${xntpd_enable}" = "YES" ]; then
- echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
- fi
-
- if [ "${timed_enable}" = "YES" ]; then
- echo -n ' timed'; timed ${timed_flags}
- fi
-
- if [ "${portmap_enable}" = "YES" ]; then
- echo -n ' portmap'; ${portmap_program} ${portmap_flags}
- fi
-
- # Start ypserv if we're an NIS server.
- # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
- if [ "${nis_server_enable}" = "YES" ]; then
- echo -n ' ypserv'; ypserv ${nis_server_flags}
-
- if [ "${nis_ypxfrd_enable}" = "YES" ]; then
- echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
- fi
-
- if [ "${nis_yppasswdd_enable}" = "YES" ]; then
- echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
- fi
- fi
-
- # Start ypbind if we're an NIS client
- if [ "${nis_client_enable}" = "YES" ]; then
- echo -n ' ypbind'; ypbind ${nis_client_flags}
- if [ "${nis_ypset_enable}" = "YES" ]; then
- echo -n ' ypset'; ypset ${nis_ypset_flags}
- fi
- fi
-
- # Start keyserv if we are running Secure RPC
- if [ "${keyserv_enable}" = "YES" ]; then
- echo -n ' keyserv'; keyserv ${keyserv_flags}
- fi
- # Start ypupdated if we are running Secure RPC and we are NIS master
- if [ "${rpc_ypupdated_enable}" = "YES" ]; then
- echo -n ' rpc.ypupdated'; rpc.ypupdated
- fi
-
- # Start ATM daemons
- if [ -n "${atm_pass2_done}" ]; then
- atm_pass3
- fi
-
- echo '.'
- network_pass2_done=YES
+ echo -n 'Doing additional network setup:'
+ case ${named_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' named'; ${named_program:-named} ${named_flags}
+ ;;
+ esac
+
+ case ${ntpdate_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ntpdate'
+ ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
+ ;;
+ esac
+
+ case ${xntpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
+ ;;
+ esac
+
+ case ${timed_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' timed'; timed ${timed_flags}
+ ;;
+ esac
+
+ case ${portmap_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
+ ;;
+ esac
+
+ # Start ypserv if we're an NIS server.
+ # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
+ #
+ case ${nis_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypserv'; ypserv ${nis_server_flags}
+
+ case ${nis_ypxfrd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypxfrd'
+ rpc.ypxfrd ${nis_ypxfrd_flags}
+ ;;
+ esac
+
+ case ${nis_yppasswdd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.yppasswdd'
+ rpc.yppasswdd ${nis_yppasswdd_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start ypbind if we're an NIS client
+ #
+ case ${nis_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypbind'; ypbind ${nis_client_flags}
+ case ${nis_ypset_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypset'; ypset ${nis_ypset_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start keyserv if we are running Secure RPC
+ #
+ case ${keyserv_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' keyserv'; keyserv ${keyserv_flags}
+ ;;
+ esac
+
+ # Start ypupdated if we are running Secure RPC and we are NIS master
+ #
+ case ${rpc_ypupdated_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypupdated'; rpc.ypupdated
+ ;;
+ esac
+
+ # Start ATM daemons
+ if [ -n "${atm_pass2_done}" ]; then
+ atm_pass3
+ fi
+
+ echo '.'
+ network_pass2_done=YES
}
network_pass3() {
- echo -n 'Starting final network daemons:'
-
- if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
- echo -n ' mountd'
- if [ "${weak_mountd_authentication}" = "YES" ]; then
- mountd_flags="-n"
- fi
- mountd ${mountd_flags}
- if [ "${nfs_reserved_port_only}" = "YES" ]; then
- echo -n ' NFS on reserved port only=YES'
- sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
- fi
- echo -n ' nfsd'; nfsd ${nfs_server_flags}
- if [ "${rpc_lockd_enable}" = "YES" ]; then
- echo -n ' rpc.lockd'; rpc.lockd
- fi
- if [ "${rpc_statd_enable}" = "YES" ]; then
- echo -n ' rpc.statd'; rpc.statd
- fi
- fi
-
- if [ "${nfs_client_enable}" = "YES" ]; then
- echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
- if [ "${nfs_access_cache}" != "X" ]; then
+ echo -n 'Starting final network daemons:'
+
+ case ${nfs_server_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/exports ]; then
+ echo -n ' mountd'
+
+ case ${weak_mountd_authentication} in
+ [Yy][Ee][Ss])
+ mountd_flags="-n"
+ ;;
+ esac
+
+ mountd ${mountd_flags}
+
+ case ${nfs_reserved_port_only} in
+ [Yy][Ee][Ss])
+ echo -n ' NFS on reserved port only=YES'
+ sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
+ ;;
+ esac
+
+ echo -n ' nfsd'; nfsd ${nfs_server_flags}
+
+ case ${rpc_lockd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.lockd'; rpc.lockd
+ ;;
+ esac
+
+ case ${rpc_statd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.statd'; rpc.statd
+ ;;
+ esac
+ fi
+ ;;
+ esac
+
+ case ${nfs_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
+ if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
- >/dev/null
- fi
- fi
-
- if [ "${amd_enable}" = "YES" ]; then
- echo -n ' amd'
- if [ "${amd_map_program}" != "NO" ]; then
- amd_flags="${amd_flags} `eval ${amd_map_program}`"
- fi
- if [ -n "${amd_flags}" ]
- then
- amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
- else
- amd 2> /dev/null
- fi
- fi
-
- if [ "${rwhod_enable}" = "YES" ]; then
- echo -n ' rwhod'; rwhod ${rwhod_flags}
- fi
-
- # Kerberos runs ONLY on the Kerberos server machine
- if [ "${kerberos_server_enable}" = "YES" ]; then
- if [ "${kerberos_stash}" = "YES" ]; then
- stash_flag=-n
- else
- stash_flag=
- fi
- echo -n ' kerberos'; \
+ >/dev/null
+ fi
+ ;;
+ esac
+
+ case ${amd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' amd'
+ case ${amd_map_program} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ amd_flags="${amd_flags} `eval ${amd_map_program}`"
+ ;;
+ esac
+
+ if [ -n "${amd_flags}" ]; then
+ amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
+ else
+ amd 2> /dev/null
+ fi
+ ;;
+ esac
+
+ case ${rwhod_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rwhod'; rwhod ${rwhod_flags}
+ ;;
+ esac
+
+ # Kerberos runs ONLY on the Kerberos server machine
+ case ${kerberos_server_enable} in
+ [Yy][Ee][Ss])
+ case ${kerberos_stash} in
+ [Yy][Ee][Ss])
+ stash_flag=-n
+ ;;
+ *)
+ stash_flag=
+ ;;
+ esac
+
+ echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
- if [ "${kadmind_server_enable}" = "YES" ]; then
- echo -n ' kadmind'; \
- (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
- fi
- unset stash_flag
- fi
-
- echo '.'
- network_pass3_done=YES
+
+ case ${kadmind_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' kadmind'
+ (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
+ ;;
+ esac
+ unset stash_flag
+ ;;
+ esac
+
+ echo '.'
+ network_pass3_done=YES
}
diff --git a/etc/rc.d/network3 b/etc/rc.d/network3
index 781c73f..5ddce80 100644
--- a/etc/rc.d/network3
+++ b/etc/rc.d/network3
@@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
-# Note that almost all the user-configurable behavior is no longer in
-# this file, but rather in /etc/rc.conf. Please check that file
+# Note that almost all of the user-configurable behavior is no longer in
+# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
-
+#
network_pass1() {
- echo -n 'Doing initial network setup:'
- # Set the host name if it is not already set
- if [ -z "`hostname -s`" ] ; then
- hostname ${hostname}
- echo -n ' hostname'
- fi
-
- # Set the domainname if we're using NIS
- if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
- domainname ${nisdomainname}
- echo -n ' domain'
- fi
- echo '.'
-
- # Initial ATM interface configuration
- if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
- . /etc/rc.atm
- atm_pass1
- fi
-
- # ISDN subsystem startup
- if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
- . /etc/rc.isdn
- fi
-
- # Special options for sppp(4) interfaces go here. These need
- # to go _before_ the general ifconfig section, since in the case
- # of hardwired (no link1 flag) but required authentication, you
- # cannot pass auth parameters down to the already running interface.
- for ifn in ${sppp_interfaces}; do
- eval spppcontrol_args=\$spppconfig_${ifn}
- if [ -n "${spppcontrol_args}" ] ; then
- # The auth secrets might contain spaces; in order
- # to retain the quotation, we need to eval them
- # here.
- eval spppcontrol ${ifn} ${spppcontrol_args}
- fi
- done
-
- # Set up all the network interfaces, calling startup scripts if needed
- if [ "${network_interfaces}" = "auto" ]; then
- network_interfaces="`ifconfig -l`"
- fi
- for ifn in ${network_interfaces}; do
- showstat=false
- if [ -e /etc/start_if.${ifn} ]; then
- . /etc/start_if.${ifn}
- showstat=true
- fi
- # Do the primary ifconfig if specified
- eval ifconfig_args=\$ifconfig_${ifn}
- if [ -n "${ifconfig_args}" ] ; then
- # See if we are using DHCP
- if [ "${ifconfig_args}" = "DHCP" ]; then
- ${dhcp_program} ${dhcp_flags} ${ifn}
- else
- ifconfig ${ifn} ${ifconfig_args}
- fi
- showstat=true
- fi
- # Check to see if aliases need to be added
- alias=0
- while :
- do
- eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args} alias
- showstat=true
- alias=`expr ${alias} + 1`
- else
- break;
- fi
- done
- # Do ipx address if specified
- eval ifconfig_args=\$ifconfig_${ifn}_ipx
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args}
- showstat=true
- fi
- if [ "${showstat}" = "true" ]
- then
- ifconfig ${ifn}
- fi
- done
-
- # Warm up user ppp if required, must happen before natd.
- if [ "${ppp_enable}" = "YES" ]; then
- # Establish ppp mode.
- if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
- -a "${ppp_mode}" != "dedicated" \
- -a "${ppp_mode}" != "background" ]; then
- ppp_mode="auto";
- fi
- ppp_command="-${ppp_mode} ";
-
- # Switch on alias mode?
- if [ "${ppp_nat}" = "YES" ]; then
- ppp_command="${ppp_command} -nat";
- fi
-
- echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
- fi
-
- # Initialize IP filtering using ipfw
- echo ""
- /sbin/ipfw -q flush > /dev/null 2>&1
- if [ $? = 0 ] ; then
- firewall_in_kernel=1
- else
- firewall_in_kernel=0
- fi
-
- if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
- if kldload ipfw; then
- firewall_in_kernel=1 # module loaded successfully
- echo "Kernel firewall module loaded."
- else
- echo "Warning: firewall kernel module failed to load."
- fi
- fi
+ echo -n 'Doing initial network setup:'
- # Load the filters if required
- if [ ${firewall_in_kernel} = 1 ]; then
- if [ -z "${firewall_script}" ] ; then
- firewall_script="/etc/rc.firewall"
+ # Set the host name if it is not already set
+ #
+ if [ -z "`hostname -s`" ]; then
+ hostname ${hostname}
+ echo -n ' hostname'
fi
- if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
- . ${firewall_script}
- echo -n 'Firewall rules loaded, starting divert daemons:'
-
- # Network Address Translation daemon
- if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
- if echo ${natd_interface} | \
- grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
- natd_ifarg="-a ${natd_interface}"
- else
- natd_ifarg="-n ${natd_interface}"
+
+ # Set the domainname if we're using NIS
+ #
+ case ${nisdomainname} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ domainname ${nisdomainname}
+ echo -n ' domain'
+ ;;
+ esac
+
+ echo '.'
+
+ # Initial ATM interface configuration
+ #
+ case ${atm_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.atm ]; then
+ . /etc/rc.atm
+ atm_pass1
+ fi
+ ;;
+ esac
+
+ # ISDN subsystem startup
+ #
+ case ${isdn_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.isdn ]; then
+ . /etc/rc.isdn
+ fi
+ ;;
+ esac
+
+ # Special options for sppp(4) interfaces go here. These need
+ # to go _before_ the general ifconfig section, since in the case
+ # of hardwired (no link1 flag) but required authentication, you
+ # cannot pass auth parameters down to the already running interface.
+ #
+ for ifn in ${sppp_interfaces}; do
+ eval spppcontrol_args=\$spppconfig_${ifn}
+ if [ -n "${spppcontrol_args}" ]; then
+ # The auth secrets might contain spaces; in order
+ # to retain the quotation, we need to eval them
+ # here.
+ eval spppcontrol ${ifn} ${spppcontrol_args}
+ fi
+ done
+
+ # Set up all the network interfaces, calling startup scripts if needed
+ #
+ case ${network_interfaces} in
+ [Aa][Uu][Tt][Oo])
+ network_interfaces="`ifconfig -l`"
+ ;;
+ esac
+
+ for ifn in ${network_interfaces}; do
+ showstat=false
+ if [ -r /etc/start_if.${ifn} ]; then
+ . /etc/start_if.${ifn}
+ showstat=true
fi
- echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
- fi
- echo '.'
+
+ # Do the primary ifconfig if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}
+
+ case ${ifconfig_args} in
+ '')
+ ;;
+ [Dd][Hh][Cc][Pp])
+ ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
+ showstat=true
+ ;;
+ *)
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ ;;
+ esac
+
+ # Check to see if aliases need to be added
+ #
+ alias=0
+ while : ; do
+ eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args} alias
+ showstat=true
+ alias=`expr ${alias} + 1`
+ else
+ break;
+ fi
+ done
+
+ # Do ipx address if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}_ipx
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ fi
+
+ case ${showstat} in
+ true)
+ ifconfig ${ifn}
+ ;;
+ esac
+ done
+
+ # Warm up user ppp if required, must happen before natd.
+ #
+ case ${ppp_enable} in
+ [Yy][Ee][Ss])
+ # Establish ppp mode.
+ #
+ if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
+ -a "${ppp_mode}" != "dedicated" \
+ -a "${ppp_mode}" != "background" ]; then
+ ppp_mode="auto";
+ fi
+
+ ppp_command="-${ppp_mode} ";
+
+ # Switch on alias mode?
+ #
+ case ${ppp_nat} in
+ [Yy][Ee][Ss])
+ ppp_command="${ppp_command} -nat";
+ ;;
+ esac
+
+ echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
+ ;;
+ esac
+
+ # Initialize IP filtering using ipfw
+ #
+ echo ''
+
+ if /sbin/ipfw -q flush > /dev/null 2>&1; then
+ firewall_in_kernel=1
else
- IPFW_DEFAULT=`ipfw l 65535`
- if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
- echo -n "Warning: kernel has firewall functionality, "
- echo "but firewall rules are not enabled."
- echo " All ip services are disabled."
- fi
+ firewall_in_kernel=0
fi
- fi
-
- # Additional ATM interface configuration
- if [ -n "${atm_pass1_done}" ]; then
- atm_pass2
- fi
-
- # Configure routing
-
- if [ "${defaultrouter}" != "NO" ] ; then
- static_routes="default ${static_routes}"
- route_default="default ${defaultrouter}"
- fi
-
- # Set up any static routes. This should be done before router discovery.
- if [ -n "${static_routes}" ]; then
- for i in ${static_routes}; do
- eval route_args=\$route_${i}
- route add ${route_args}
- done
- fi
-
- echo -n 'Additional routing options:'
- if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
- echo -n ' tcp extensions=NO'
- sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
- fi
-
- if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
- echo -n ' log_in_vain=YES'
- sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
- sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
- fi
-
- if [ "${icmp_bmcastecho}" = "YES" ]; then
- echo -n ' broadcast ping responses=YES'
- sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
- fi
-
- if [ "${icmp_drop_redirect}" = "YES" ]; then
- echo -n ' ignore ICMP redirect=YES'
- sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
- fi
-
- if [ "${icmp_log_redirect}" = "YES" ]; then
- echo -n ' log ICMP redirect=YES'
- sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
- fi
-
- if [ "${gateway_enable}" = "YES" ]; then
- echo -n ' IP gateway=YES'
- sysctl -w net.inet.ip.forwarding=1 >/dev/null
- fi
-
- if [ "${forward_sourceroute}" = "YES" ]; then
- echo -n ' do source routing=YES'
- sysctl -w net.inet.ip.sourceroute=1 >/dev/null
- fi
-
- if [ "${accept_sourceroute}" = "YES" ]; then
- echo -n ' accept source routing=YES'
- sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
- fi
-
- if [ "${tcp_keepalive}" = "YES" ]; then
- echo -n ' TCP keepalive=YES'
- sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
- fi
-
- if [ "X$tcp_restrict_rst" = X"YES" ]; then
- echo -n ' restrict TCP reset=YES'
- sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
- fi
-
- if [ "X$tcp_drop_synfin" = X"YES" ]; then
- echo -n ' drop SYN+FIN packets=YES'
- sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
- fi
-
- if [ "${ipxgateway_enable}" = "YES" ]; then
- echo -n ' IPX gateway=YES'
- sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
- fi
-
- if [ "${arpproxy_all}" = "YES" ]; then
- echo -n ' ARP proxyall=YES'
- sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
- fi
- echo '.'
-
- echo -n 'routing daemons:'
- if [ "${router_enable}" = "YES" ]; then
- echo -n " ${router}"; ${router} ${router_flags}
- fi
-
- if [ "${ipxrouted_enable}" = "YES" ]; then
- echo -n ' IPXrouted'
- IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
- fi
-
- if [ "${mrouted_enable}" = "YES" ]; then
- echo -n ' mrouted'; mrouted ${mrouted_flags}
- fi
-
- if [ "${rarpd_enable}" = "YES" ]; then
- echo -n ' rarpd'; rarpd ${rarpd_flags}
- fi
- echo '.'
- network_pass1_done=YES # Let future generations know we made it.
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
+ firewall_in_kernel=1
+ echo "Kernel firewall module loaded."
+ elif [ "${firewall_in_kernel}" -eq 0 ]; then
+ echo "Warning: firewall kernel module failed to load."
+ fi
+ ;;
+ esac
+
+ # Load the filters if required
+ #
+ case ${firewall_in_kernel} in
+ 1)
+ if [ -z "${firewall_script}" ]; then
+ firewall_script=/etc/rc.firewall
+ fi
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ -r ${firewall_script} ]; then
+ . ${firewall_script}
+ echo -n 'Firewall rules loaded, starting divert daemons:'
+
+ # Network Address Translation daemon
+ #
+ case ${natd_enable} in
+ [Yy][Ee][Ss])
+ if [ -n "${natd_interface}" ]; then
+ if echo ${natd_interface} | \
+ grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
+ natd_ifarg="-a ${natd_interface}"
+ else
+ natd_ifarg="-n ${natd_interface}"
+ fi
+
+ echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
+ fi
+ ;;
+ esac
+
+ echo '.'
+
+ elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
+ ;;
+ esac
+ ;;
+ esac
+
+ # Additional ATM interface configuration
+ #
+ if [ -n "${atm_pass1_done}" ]; then
+ atm_pass2
+ fi
+
+ # Configure routing
+ #
+ case ${defaultrouter} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ static_routes="default ${static_routes}"
+ route_default="default ${defaultrouter}"
+ ;;
+ esac
+
+ # Set up any static routes. This should be done before router discovery.
+ #
+ if [ -n "${static_routes}" ]; then
+ for i in ${static_routes}; do
+ eval route_args=\$route_${i}
+ route add ${route_args}
+ done
+ fi
+
+ echo -n 'Additional routing options:'
+ case ${tcp_extensions} in
+ [Yy][Ee][Ss] | '')
+ ;;
+ *)
+ echo -n ' tcp extensions=NO'
+ sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
+ ;;
+ esac
+
+ case ${log_in_vain} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ echo -n ' log_in_vain=YES'
+ sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
+ sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_bmcastecho} in
+ [Yy][Ee][Ss])
+ echo -n ' broadcast ping responses=YES'
+ sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_drop_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' ignore ICMP redirect=YES'
+ sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_log_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' log ICMP redirect=YES'
+ sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${gateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IP gateway=YES'
+ sysctl -w net.inet.ip.forwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${forward_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' do source routing=YES'
+ sysctl -w net.inet.ip.sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${accept_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' accept source routing=YES'
+ sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_keepalive} in
+ [Yy][Ee][Ss])
+ echo -n ' TCP keepalive=YES'
+ sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_restrict_rst} in
+ [Yy][Ee][Ss])
+ echo -n ' restrict TCP reset=YES'
+ sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_drop_synfin} in
+ [Yy][Ee][Ss])
+ echo -n ' drop SYN+FIN packets=YES'
+ sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
+ ;;
+ esac
+
+ case ${ipxgateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPX gateway=YES'
+ sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${arpproxy_all} in
+ [Yy][Ee][Ss])
+ echo -n ' ARP proxyall=YES'
+ sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
+ ;;
+ esac
+ echo '.'
+
+ echo -n 'routing daemons:'
+ case ${router_enable} in
+ [Yy][Ee][Ss])
+ echo -n " ${router}"; ${router} ${router_flags}
+ ;;
+ esac
+
+ case ${ipxrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPXrouted'
+ IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
+ ;;
+ esac
+
+ case ${mrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' mrouted'; mrouted ${mrouted_flags}
+ ;;
+ esac
+
+ case ${rarpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rarpd'; rarpd ${rarpd_flags}
+ ;;
+ esac
+ echo '.'
+
+ # Let future generations know we made it.
+ #
+ network_pass1_done=YES
}
network_pass2() {
- echo -n 'Doing additional network setup:'
- if [ "${named_enable}" = "YES" ]; then
- echo -n ' named'; ${named_program-"named"} ${named_flags}
- fi
-
- if [ "${ntpdate_enable}" = "YES" ]; then
- echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
- fi
-
- if [ "${xntpd_enable}" = "YES" ]; then
- echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
- fi
-
- if [ "${timed_enable}" = "YES" ]; then
- echo -n ' timed'; timed ${timed_flags}
- fi
-
- if [ "${portmap_enable}" = "YES" ]; then
- echo -n ' portmap'; ${portmap_program} ${portmap_flags}
- fi
-
- # Start ypserv if we're an NIS server.
- # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
- if [ "${nis_server_enable}" = "YES" ]; then
- echo -n ' ypserv'; ypserv ${nis_server_flags}
-
- if [ "${nis_ypxfrd_enable}" = "YES" ]; then
- echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
- fi
-
- if [ "${nis_yppasswdd_enable}" = "YES" ]; then
- echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
- fi
- fi
-
- # Start ypbind if we're an NIS client
- if [ "${nis_client_enable}" = "YES" ]; then
- echo -n ' ypbind'; ypbind ${nis_client_flags}
- if [ "${nis_ypset_enable}" = "YES" ]; then
- echo -n ' ypset'; ypset ${nis_ypset_flags}
- fi
- fi
-
- # Start keyserv if we are running Secure RPC
- if [ "${keyserv_enable}" = "YES" ]; then
- echo -n ' keyserv'; keyserv ${keyserv_flags}
- fi
- # Start ypupdated if we are running Secure RPC and we are NIS master
- if [ "${rpc_ypupdated_enable}" = "YES" ]; then
- echo -n ' rpc.ypupdated'; rpc.ypupdated
- fi
-
- # Start ATM daemons
- if [ -n "${atm_pass2_done}" ]; then
- atm_pass3
- fi
-
- echo '.'
- network_pass2_done=YES
+ echo -n 'Doing additional network setup:'
+ case ${named_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' named'; ${named_program:-named} ${named_flags}
+ ;;
+ esac
+
+ case ${ntpdate_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ntpdate'
+ ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
+ ;;
+ esac
+
+ case ${xntpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
+ ;;
+ esac
+
+ case ${timed_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' timed'; timed ${timed_flags}
+ ;;
+ esac
+
+ case ${portmap_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
+ ;;
+ esac
+
+ # Start ypserv if we're an NIS server.
+ # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
+ #
+ case ${nis_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypserv'; ypserv ${nis_server_flags}
+
+ case ${nis_ypxfrd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypxfrd'
+ rpc.ypxfrd ${nis_ypxfrd_flags}
+ ;;
+ esac
+
+ case ${nis_yppasswdd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.yppasswdd'
+ rpc.yppasswdd ${nis_yppasswdd_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start ypbind if we're an NIS client
+ #
+ case ${nis_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypbind'; ypbind ${nis_client_flags}
+ case ${nis_ypset_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypset'; ypset ${nis_ypset_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start keyserv if we are running Secure RPC
+ #
+ case ${keyserv_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' keyserv'; keyserv ${keyserv_flags}
+ ;;
+ esac
+
+ # Start ypupdated if we are running Secure RPC and we are NIS master
+ #
+ case ${rpc_ypupdated_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypupdated'; rpc.ypupdated
+ ;;
+ esac
+
+ # Start ATM daemons
+ if [ -n "${atm_pass2_done}" ]; then
+ atm_pass3
+ fi
+
+ echo '.'
+ network_pass2_done=YES
}
network_pass3() {
- echo -n 'Starting final network daemons:'
-
- if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
- echo -n ' mountd'
- if [ "${weak_mountd_authentication}" = "YES" ]; then
- mountd_flags="-n"
- fi
- mountd ${mountd_flags}
- if [ "${nfs_reserved_port_only}" = "YES" ]; then
- echo -n ' NFS on reserved port only=YES'
- sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
- fi
- echo -n ' nfsd'; nfsd ${nfs_server_flags}
- if [ "${rpc_lockd_enable}" = "YES" ]; then
- echo -n ' rpc.lockd'; rpc.lockd
- fi
- if [ "${rpc_statd_enable}" = "YES" ]; then
- echo -n ' rpc.statd'; rpc.statd
- fi
- fi
-
- if [ "${nfs_client_enable}" = "YES" ]; then
- echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
- if [ "${nfs_access_cache}" != "X" ]; then
+ echo -n 'Starting final network daemons:'
+
+ case ${nfs_server_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/exports ]; then
+ echo -n ' mountd'
+
+ case ${weak_mountd_authentication} in
+ [Yy][Ee][Ss])
+ mountd_flags="-n"
+ ;;
+ esac
+
+ mountd ${mountd_flags}
+
+ case ${nfs_reserved_port_only} in
+ [Yy][Ee][Ss])
+ echo -n ' NFS on reserved port only=YES'
+ sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
+ ;;
+ esac
+
+ echo -n ' nfsd'; nfsd ${nfs_server_flags}
+
+ case ${rpc_lockd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.lockd'; rpc.lockd
+ ;;
+ esac
+
+ case ${rpc_statd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.statd'; rpc.statd
+ ;;
+ esac
+ fi
+ ;;
+ esac
+
+ case ${nfs_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
+ if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
- >/dev/null
- fi
- fi
-
- if [ "${amd_enable}" = "YES" ]; then
- echo -n ' amd'
- if [ "${amd_map_program}" != "NO" ]; then
- amd_flags="${amd_flags} `eval ${amd_map_program}`"
- fi
- if [ -n "${amd_flags}" ]
- then
- amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
- else
- amd 2> /dev/null
- fi
- fi
-
- if [ "${rwhod_enable}" = "YES" ]; then
- echo -n ' rwhod'; rwhod ${rwhod_flags}
- fi
-
- # Kerberos runs ONLY on the Kerberos server machine
- if [ "${kerberos_server_enable}" = "YES" ]; then
- if [ "${kerberos_stash}" = "YES" ]; then
- stash_flag=-n
- else
- stash_flag=
- fi
- echo -n ' kerberos'; \
+ >/dev/null
+ fi
+ ;;
+ esac
+
+ case ${amd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' amd'
+ case ${amd_map_program} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ amd_flags="${amd_flags} `eval ${amd_map_program}`"
+ ;;
+ esac
+
+ if [ -n "${amd_flags}" ]; then
+ amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
+ else
+ amd 2> /dev/null
+ fi
+ ;;
+ esac
+
+ case ${rwhod_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rwhod'; rwhod ${rwhod_flags}
+ ;;
+ esac
+
+ # Kerberos runs ONLY on the Kerberos server machine
+ case ${kerberos_server_enable} in
+ [Yy][Ee][Ss])
+ case ${kerberos_stash} in
+ [Yy][Ee][Ss])
+ stash_flag=-n
+ ;;
+ *)
+ stash_flag=
+ ;;
+ esac
+
+ echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
- if [ "${kadmind_server_enable}" = "YES" ]; then
- echo -n ' kadmind'; \
- (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
- fi
- unset stash_flag
- fi
-
- echo '.'
- network_pass3_done=YES
+
+ case ${kadmind_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' kadmind'
+ (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
+ ;;
+ esac
+ unset stash_flag
+ ;;
+ esac
+
+ echo '.'
+ network_pass3_done=YES
}
diff --git a/etc/rc.d/pccard b/etc/rc.d/pccard
index 92a4ee3..a68323b 100644
--- a/etc/rc.d/pccard
+++ b/etc/rc.d/pccard
@@ -2,15 +2,22 @@
# PC-card startup script
# $FreeBSD$
-if [ "${pccard_enable}" = "YES" ] ; then
- if [ "${pccard_mem}" != "DEFAULT" ] ; then
- pccardc pccardmem ${pccard_mem}
- else
+case ${pccard_enable} in
+[Yy][Ee][Ss])
+ case ${pccard_mem} in
+ [Dd][Ee][Ff][Aa][Uu][Ll][Tt])
pccardc pccardmem 0xd0000
- fi
- if [ -n "${pccard_conf}" ] ; then
+ ;;
+ *)
+ pccardc pccardmem ${pccard_mem}
+ ;;
+ esac
+
+ if [ -n "${pccard_conf}" ]; then
pccardd_flags="${pccardd_flags} -f ${pccard_conf}"
fi
- echo -n "Enable PC-card."
+
+ echo -n "Enable PC-card."
pccardd ${pccardd_flags} 2>&1 > /var/log/pccardd.debug
-fi
+ ;;
+esac
diff --git a/etc/rc.d/resolv b/etc/rc.d/resolv
index a7f0a50..2d777e5 100644
--- a/etc/rc.d/resolv
+++ b/etc/rc.d/resolv
@@ -1,11 +1,14 @@
+#
+#$FreeBSD$
+#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
-if [ -f /etc/defaults/rc.conf ]; then
+ fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
-elif [ -f /etc/rc.conf ]; then
+ /sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
-( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
+(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
-( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
-
+(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512
diff --git a/etc/rc.d/routing b/etc/rc.d/routing
index 781c73f..5ddce80 100644
--- a/etc/rc.d/routing
+++ b/etc/rc.d/routing
@@ -3,400 +3,574 @@
# $FreeBSD$
# From: @(#)netstart 5.9 (Berkeley) 3/30/91
-# Note that almost all the user-configurable behavior is no longer in
-# this file, but rather in /etc/rc.conf. Please check that file
+# Note that almost all of the user-configurable behavior is no longer in
+# this file, but rather in /etc/defaults/rc.conf. Please check that file
# first before contemplating any changes here. If you do need to change
# this file for some reason, we would like to know about it.
# First pass startup stuff.
-
+#
network_pass1() {
- echo -n 'Doing initial network setup:'
- # Set the host name if it is not already set
- if [ -z "`hostname -s`" ] ; then
- hostname ${hostname}
- echo -n ' hostname'
- fi
-
- # Set the domainname if we're using NIS
- if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then
- domainname ${nisdomainname}
- echo -n ' domain'
- fi
- echo '.'
-
- # Initial ATM interface configuration
- if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then
- . /etc/rc.atm
- atm_pass1
- fi
-
- # ISDN subsystem startup
- if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then
- . /etc/rc.isdn
- fi
-
- # Special options for sppp(4) interfaces go here. These need
- # to go _before_ the general ifconfig section, since in the case
- # of hardwired (no link1 flag) but required authentication, you
- # cannot pass auth parameters down to the already running interface.
- for ifn in ${sppp_interfaces}; do
- eval spppcontrol_args=\$spppconfig_${ifn}
- if [ -n "${spppcontrol_args}" ] ; then
- # The auth secrets might contain spaces; in order
- # to retain the quotation, we need to eval them
- # here.
- eval spppcontrol ${ifn} ${spppcontrol_args}
- fi
- done
-
- # Set up all the network interfaces, calling startup scripts if needed
- if [ "${network_interfaces}" = "auto" ]; then
- network_interfaces="`ifconfig -l`"
- fi
- for ifn in ${network_interfaces}; do
- showstat=false
- if [ -e /etc/start_if.${ifn} ]; then
- . /etc/start_if.${ifn}
- showstat=true
- fi
- # Do the primary ifconfig if specified
- eval ifconfig_args=\$ifconfig_${ifn}
- if [ -n "${ifconfig_args}" ] ; then
- # See if we are using DHCP
- if [ "${ifconfig_args}" = "DHCP" ]; then
- ${dhcp_program} ${dhcp_flags} ${ifn}
- else
- ifconfig ${ifn} ${ifconfig_args}
- fi
- showstat=true
- fi
- # Check to see if aliases need to be added
- alias=0
- while :
- do
- eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args} alias
- showstat=true
- alias=`expr ${alias} + 1`
- else
- break;
- fi
- done
- # Do ipx address if specified
- eval ifconfig_args=\$ifconfig_${ifn}_ipx
- if [ -n "${ifconfig_args}" ]; then
- ifconfig ${ifn} ${ifconfig_args}
- showstat=true
- fi
- if [ "${showstat}" = "true" ]
- then
- ifconfig ${ifn}
- fi
- done
-
- # Warm up user ppp if required, must happen before natd.
- if [ "${ppp_enable}" = "YES" ]; then
- # Establish ppp mode.
- if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
- -a "${ppp_mode}" != "dedicated" \
- -a "${ppp_mode}" != "background" ]; then
- ppp_mode="auto";
- fi
- ppp_command="-${ppp_mode} ";
-
- # Switch on alias mode?
- if [ "${ppp_nat}" = "YES" ]; then
- ppp_command="${ppp_command} -nat";
- fi
-
- echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
- fi
-
- # Initialize IP filtering using ipfw
- echo ""
- /sbin/ipfw -q flush > /dev/null 2>&1
- if [ $? = 0 ] ; then
- firewall_in_kernel=1
- else
- firewall_in_kernel=0
- fi
-
- if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then
- if kldload ipfw; then
- firewall_in_kernel=1 # module loaded successfully
- echo "Kernel firewall module loaded."
- else
- echo "Warning: firewall kernel module failed to load."
- fi
- fi
+ echo -n 'Doing initial network setup:'
- # Load the filters if required
- if [ ${firewall_in_kernel} = 1 ]; then
- if [ -z "${firewall_script}" ] ; then
- firewall_script="/etc/rc.firewall"
+ # Set the host name if it is not already set
+ #
+ if [ -z "`hostname -s`" ]; then
+ hostname ${hostname}
+ echo -n ' hostname'
fi
- if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then
- . ${firewall_script}
- echo -n 'Firewall rules loaded, starting divert daemons:'
-
- # Network Address Translation daemon
- if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then
- if echo ${natd_interface} | \
- grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
- natd_ifarg="-a ${natd_interface}"
- else
- natd_ifarg="-n ${natd_interface}"
+
+ # Set the domainname if we're using NIS
+ #
+ case ${nisdomainname} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ domainname ${nisdomainname}
+ echo -n ' domain'
+ ;;
+ esac
+
+ echo '.'
+
+ # Initial ATM interface configuration
+ #
+ case ${atm_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.atm ]; then
+ . /etc/rc.atm
+ atm_pass1
+ fi
+ ;;
+ esac
+
+ # ISDN subsystem startup
+ #
+ case ${isdn_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/rc.isdn ]; then
+ . /etc/rc.isdn
+ fi
+ ;;
+ esac
+
+ # Special options for sppp(4) interfaces go here. These need
+ # to go _before_ the general ifconfig section, since in the case
+ # of hardwired (no link1 flag) but required authentication, you
+ # cannot pass auth parameters down to the already running interface.
+ #
+ for ifn in ${sppp_interfaces}; do
+ eval spppcontrol_args=\$spppconfig_${ifn}
+ if [ -n "${spppcontrol_args}" ]; then
+ # The auth secrets might contain spaces; in order
+ # to retain the quotation, we need to eval them
+ # here.
+ eval spppcontrol ${ifn} ${spppcontrol_args}
+ fi
+ done
+
+ # Set up all the network interfaces, calling startup scripts if needed
+ #
+ case ${network_interfaces} in
+ [Aa][Uu][Tt][Oo])
+ network_interfaces="`ifconfig -l`"
+ ;;
+ esac
+
+ for ifn in ${network_interfaces}; do
+ showstat=false
+ if [ -r /etc/start_if.${ifn} ]; then
+ . /etc/start_if.${ifn}
+ showstat=true
fi
- echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg}
- fi
- echo '.'
+
+ # Do the primary ifconfig if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}
+
+ case ${ifconfig_args} in
+ '')
+ ;;
+ [Dd][Hh][Cc][Pp])
+ ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn}
+ showstat=true
+ ;;
+ *)
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ ;;
+ esac
+
+ # Check to see if aliases need to be added
+ #
+ alias=0
+ while : ; do
+ eval ifconfig_args=\$ifconfig_${ifn}_alias${alias}
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args} alias
+ showstat=true
+ alias=`expr ${alias} + 1`
+ else
+ break;
+ fi
+ done
+
+ # Do ipx address if specified
+ #
+ eval ifconfig_args=\$ifconfig_${ifn}_ipx
+ if [ -n "${ifconfig_args}" ]; then
+ ifconfig ${ifn} ${ifconfig_args}
+ showstat=true
+ fi
+
+ case ${showstat} in
+ true)
+ ifconfig ${ifn}
+ ;;
+ esac
+ done
+
+ # Warm up user ppp if required, must happen before natd.
+ #
+ case ${ppp_enable} in
+ [Yy][Ee][Ss])
+ # Establish ppp mode.
+ #
+ if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \
+ -a "${ppp_mode}" != "dedicated" \
+ -a "${ppp_mode}" != "background" ]; then
+ ppp_mode="auto";
+ fi
+
+ ppp_command="-${ppp_mode} ";
+
+ # Switch on alias mode?
+ #
+ case ${ppp_nat} in
+ [Yy][Ee][Ss])
+ ppp_command="${ppp_command} -nat";
+ ;;
+ esac
+
+ echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile}
+ ;;
+ esac
+
+ # Initialize IP filtering using ipfw
+ #
+ echo ''
+
+ if /sbin/ipfw -q flush > /dev/null 2>&1; then
+ firewall_in_kernel=1
else
- IPFW_DEFAULT=`ipfw l 65535`
- if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then
- echo -n "Warning: kernel has firewall functionality, "
- echo "but firewall rules are not enabled."
- echo " All ip services are disabled."
- fi
+ firewall_in_kernel=0
fi
- fi
-
- # Additional ATM interface configuration
- if [ -n "${atm_pass1_done}" ]; then
- atm_pass2
- fi
-
- # Configure routing
-
- if [ "${defaultrouter}" != "NO" ] ; then
- static_routes="default ${static_routes}"
- route_default="default ${defaultrouter}"
- fi
-
- # Set up any static routes. This should be done before router discovery.
- if [ -n "${static_routes}" ]; then
- for i in ${static_routes}; do
- eval route_args=\$route_${i}
- route add ${route_args}
- done
- fi
-
- echo -n 'Additional routing options:'
- if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then
- echo -n ' tcp extensions=NO'
- sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
- fi
-
- if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then
- echo -n ' log_in_vain=YES'
- sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
- sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
- fi
-
- if [ "${icmp_bmcastecho}" = "YES" ]; then
- echo -n ' broadcast ping responses=YES'
- sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
- fi
-
- if [ "${icmp_drop_redirect}" = "YES" ]; then
- echo -n ' ignore ICMP redirect=YES'
- sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
- fi
-
- if [ "${icmp_log_redirect}" = "YES" ]; then
- echo -n ' log ICMP redirect=YES'
- sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
- fi
-
- if [ "${gateway_enable}" = "YES" ]; then
- echo -n ' IP gateway=YES'
- sysctl -w net.inet.ip.forwarding=1 >/dev/null
- fi
-
- if [ "${forward_sourceroute}" = "YES" ]; then
- echo -n ' do source routing=YES'
- sysctl -w net.inet.ip.sourceroute=1 >/dev/null
- fi
-
- if [ "${accept_sourceroute}" = "YES" ]; then
- echo -n ' accept source routing=YES'
- sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
- fi
-
- if [ "${tcp_keepalive}" = "YES" ]; then
- echo -n ' TCP keepalive=YES'
- sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
- fi
-
- if [ "X$tcp_restrict_rst" = X"YES" ]; then
- echo -n ' restrict TCP reset=YES'
- sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
- fi
-
- if [ "X$tcp_drop_synfin" = X"YES" ]; then
- echo -n ' drop SYN+FIN packets=YES'
- sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
- fi
-
- if [ "${ipxgateway_enable}" = "YES" ]; then
- echo -n ' IPX gateway=YES'
- sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
- fi
-
- if [ "${arpproxy_all}" = "YES" ]; then
- echo -n ' ARP proxyall=YES'
- sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
- fi
- echo '.'
-
- echo -n 'routing daemons:'
- if [ "${router_enable}" = "YES" ]; then
- echo -n " ${router}"; ${router} ${router_flags}
- fi
-
- if [ "${ipxrouted_enable}" = "YES" ]; then
- echo -n ' IPXrouted'
- IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
- fi
-
- if [ "${mrouted_enable}" = "YES" ]; then
- echo -n ' mrouted'; mrouted ${mrouted_flags}
- fi
-
- if [ "${rarpd_enable}" = "YES" ]; then
- echo -n ' rarpd'; rarpd ${rarpd_flags}
- fi
- echo '.'
- network_pass1_done=YES # Let future generations know we made it.
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then
+ firewall_in_kernel=1
+ echo "Kernel firewall module loaded."
+ elif [ "${firewall_in_kernel}" -eq 0 ]; then
+ echo "Warning: firewall kernel module failed to load."
+ fi
+ ;;
+ esac
+
+ # Load the filters if required
+ #
+ case ${firewall_in_kernel} in
+ 1)
+ if [ -z "${firewall_script}" ]; then
+ firewall_script=/etc/rc.firewall
+ fi
+
+ case ${firewall_enable} in
+ [Yy][Ee][Ss])
+ if [ -r ${firewall_script} ]; then
+ . ${firewall_script}
+ echo -n 'Firewall rules loaded, starting divert daemons:'
+
+ # Network Address Translation daemon
+ #
+ case ${natd_enable} in
+ [Yy][Ee][Ss])
+ if [ -n "${natd_interface}" ]; then
+ if echo ${natd_interface} | \
+ grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then
+ natd_ifarg="-a ${natd_interface}"
+ else
+ natd_ifarg="-n ${natd_interface}"
+ fi
+
+ echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
+ fi
+ ;;
+ esac
+
+ echo '.'
+
+ elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
+ echo -n "Warning: kernel has firewall functionality, "
+ echo "but firewall rules are not enabled."
+ echo " All ip services are disabled."
+ fi
+ ;;
+ esac
+ ;;
+ esac
+
+ # Additional ATM interface configuration
+ #
+ if [ -n "${atm_pass1_done}" ]; then
+ atm_pass2
+ fi
+
+ # Configure routing
+ #
+ case ${defaultrouter} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ static_routes="default ${static_routes}"
+ route_default="default ${defaultrouter}"
+ ;;
+ esac
+
+ # Set up any static routes. This should be done before router discovery.
+ #
+ if [ -n "${static_routes}" ]; then
+ for i in ${static_routes}; do
+ eval route_args=\$route_${i}
+ route add ${route_args}
+ done
+ fi
+
+ echo -n 'Additional routing options:'
+ case ${tcp_extensions} in
+ [Yy][Ee][Ss] | '')
+ ;;
+ *)
+ echo -n ' tcp extensions=NO'
+ sysctl -w net.inet.tcp.rfc1323=0 >/dev/null
+ ;;
+ esac
+
+ case ${log_in_vain} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ echo -n ' log_in_vain=YES'
+ sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null
+ sysctl -w net.inet.udp.log_in_vain=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_bmcastecho} in
+ [Yy][Ee][Ss])
+ echo -n ' broadcast ping responses=YES'
+ sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_drop_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' ignore ICMP redirect=YES'
+ sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${icmp_log_redirect} in
+ [Yy][Ee][Ss])
+ echo -n ' log ICMP redirect=YES'
+ sysctl -w net.inet.icmp.log_redirect=1 >/dev/null
+ ;;
+ esac
+
+ case ${gateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IP gateway=YES'
+ sysctl -w net.inet.ip.forwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${forward_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' do source routing=YES'
+ sysctl -w net.inet.ip.sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${accept_sourceroute} in
+ [Yy][Ee][Ss])
+ echo -n ' accept source routing=YES'
+ sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_keepalive} in
+ [Yy][Ee][Ss])
+ echo -n ' TCP keepalive=YES'
+ sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_restrict_rst} in
+ [Yy][Ee][Ss])
+ echo -n ' restrict TCP reset=YES'
+ sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null
+ ;;
+ esac
+
+ case ${tcp_drop_synfin} in
+ [Yy][Ee][Ss])
+ echo -n ' drop SYN+FIN packets=YES'
+ sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null
+ ;;
+ esac
+
+ case ${ipxgateway_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPX gateway=YES'
+ sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null
+ ;;
+ esac
+
+ case ${arpproxy_all} in
+ [Yy][Ee][Ss])
+ echo -n ' ARP proxyall=YES'
+ sysctl -w net.link.ether.inet.proxyall=1 >/dev/null
+ ;;
+ esac
+ echo '.'
+
+ echo -n 'routing daemons:'
+ case ${router_enable} in
+ [Yy][Ee][Ss])
+ echo -n " ${router}"; ${router} ${router_flags}
+ ;;
+ esac
+
+ case ${ipxrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' IPXrouted'
+ IPXrouted ${ipxrouted_flags} > /dev/null 2>&1
+ ;;
+ esac
+
+ case ${mrouted_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' mrouted'; mrouted ${mrouted_flags}
+ ;;
+ esac
+
+ case ${rarpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rarpd'; rarpd ${rarpd_flags}
+ ;;
+ esac
+ echo '.'
+
+ # Let future generations know we made it.
+ #
+ network_pass1_done=YES
}
network_pass2() {
- echo -n 'Doing additional network setup:'
- if [ "${named_enable}" = "YES" ]; then
- echo -n ' named'; ${named_program-"named"} ${named_flags}
- fi
-
- if [ "${ntpdate_enable}" = "YES" ]; then
- echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1
- fi
-
- if [ "${xntpd_enable}" = "YES" ]; then
- echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags}
- fi
-
- if [ "${timed_enable}" = "YES" ]; then
- echo -n ' timed'; timed ${timed_flags}
- fi
-
- if [ "${portmap_enable}" = "YES" ]; then
- echo -n ' portmap'; ${portmap_program} ${portmap_flags}
- fi
-
- # Start ypserv if we're an NIS server.
- # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
- if [ "${nis_server_enable}" = "YES" ]; then
- echo -n ' ypserv'; ypserv ${nis_server_flags}
-
- if [ "${nis_ypxfrd_enable}" = "YES" ]; then
- echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags}
- fi
-
- if [ "${nis_yppasswdd_enable}" = "YES" ]; then
- echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags}
- fi
- fi
-
- # Start ypbind if we're an NIS client
- if [ "${nis_client_enable}" = "YES" ]; then
- echo -n ' ypbind'; ypbind ${nis_client_flags}
- if [ "${nis_ypset_enable}" = "YES" ]; then
- echo -n ' ypset'; ypset ${nis_ypset_flags}
- fi
- fi
-
- # Start keyserv if we are running Secure RPC
- if [ "${keyserv_enable}" = "YES" ]; then
- echo -n ' keyserv'; keyserv ${keyserv_flags}
- fi
- # Start ypupdated if we are running Secure RPC and we are NIS master
- if [ "${rpc_ypupdated_enable}" = "YES" ]; then
- echo -n ' rpc.ypupdated'; rpc.ypupdated
- fi
-
- # Start ATM daemons
- if [ -n "${atm_pass2_done}" ]; then
- atm_pass3
- fi
-
- echo '.'
- network_pass2_done=YES
+ echo -n 'Doing additional network setup:'
+ case ${named_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' named'; ${named_program:-named} ${named_flags}
+ ;;
+ esac
+
+ case ${ntpdate_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ntpdate'
+ ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1
+ ;;
+ esac
+
+ case ${xntpd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags}
+ ;;
+ esac
+
+ case ${timed_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' timed'; timed ${timed_flags}
+ ;;
+ esac
+
+ case ${portmap_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags}
+ ;;
+ esac
+
+ # Start ypserv if we're an NIS server.
+ # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server.
+ #
+ case ${nis_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypserv'; ypserv ${nis_server_flags}
+
+ case ${nis_ypxfrd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypxfrd'
+ rpc.ypxfrd ${nis_ypxfrd_flags}
+ ;;
+ esac
+
+ case ${nis_yppasswdd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.yppasswdd'
+ rpc.yppasswdd ${nis_yppasswdd_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start ypbind if we're an NIS client
+ #
+ case ${nis_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypbind'; ypbind ${nis_client_flags}
+ case ${nis_ypset_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' ypset'; ypset ${nis_ypset_flags}
+ ;;
+ esac
+ ;;
+ esac
+
+ # Start keyserv if we are running Secure RPC
+ #
+ case ${keyserv_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' keyserv'; keyserv ${keyserv_flags}
+ ;;
+ esac
+
+ # Start ypupdated if we are running Secure RPC and we are NIS master
+ #
+ case ${rpc_ypupdated_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.ypupdated'; rpc.ypupdated
+ ;;
+ esac
+
+ # Start ATM daemons
+ if [ -n "${atm_pass2_done}" ]; then
+ atm_pass3
+ fi
+
+ echo '.'
+ network_pass2_done=YES
}
network_pass3() {
- echo -n 'Starting final network daemons:'
-
- if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then
- echo -n ' mountd'
- if [ "${weak_mountd_authentication}" = "YES" ]; then
- mountd_flags="-n"
- fi
- mountd ${mountd_flags}
- if [ "${nfs_reserved_port_only}" = "YES" ]; then
- echo -n ' NFS on reserved port only=YES'
- sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
- fi
- echo -n ' nfsd'; nfsd ${nfs_server_flags}
- if [ "${rpc_lockd_enable}" = "YES" ]; then
- echo -n ' rpc.lockd'; rpc.lockd
- fi
- if [ "${rpc_statd_enable}" = "YES" ]; then
- echo -n ' rpc.statd'; rpc.statd
- fi
- fi
-
- if [ "${nfs_client_enable}" = "YES" ]; then
- echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
- if [ "${nfs_access_cache}" != "X" ]; then
+ echo -n 'Starting final network daemons:'
+
+ case ${nfs_server_enable} in
+ [Yy][Ee][Ss])
+ if [ -r /etc/exports ]; then
+ echo -n ' mountd'
+
+ case ${weak_mountd_authentication} in
+ [Yy][Ee][Ss])
+ mountd_flags="-n"
+ ;;
+ esac
+
+ mountd ${mountd_flags}
+
+ case ${nfs_reserved_port_only} in
+ [Yy][Ee][Ss])
+ echo -n ' NFS on reserved port only=YES'
+ sysctl -w vfs.nfs.nfs_privport=1 >/dev/null
+ ;;
+ esac
+
+ echo -n ' nfsd'; nfsd ${nfs_server_flags}
+
+ case ${rpc_lockd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.lockd'; rpc.lockd
+ ;;
+ esac
+
+ case ${rpc_statd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rpc.statd'; rpc.statd
+ ;;
+ esac
+ fi
+ ;;
+ esac
+
+ case ${nfs_client_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' nfsiod'; nfsiod ${nfs_client_flags}
+ if [ -n "${nfs_access_cache}" ]; then
echo -n " NFS access cache time=${nfs_access_cache}"
sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \
- >/dev/null
- fi
- fi
-
- if [ "${amd_enable}" = "YES" ]; then
- echo -n ' amd'
- if [ "${amd_map_program}" != "NO" ]; then
- amd_flags="${amd_flags} `eval ${amd_map_program}`"
- fi
- if [ -n "${amd_flags}" ]
- then
- amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
- else
- amd 2> /dev/null
- fi
- fi
-
- if [ "${rwhod_enable}" = "YES" ]; then
- echo -n ' rwhod'; rwhod ${rwhod_flags}
- fi
-
- # Kerberos runs ONLY on the Kerberos server machine
- if [ "${kerberos_server_enable}" = "YES" ]; then
- if [ "${kerberos_stash}" = "YES" ]; then
- stash_flag=-n
- else
- stash_flag=
- fi
- echo -n ' kerberos'; \
+ >/dev/null
+ fi
+ ;;
+ esac
+
+ case ${amd_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' amd'
+ case ${amd_map_program} in
+ [Nn][Oo] | '')
+ ;;
+ *)
+ amd_flags="${amd_flags} `eval ${amd_map_program}`"
+ ;;
+ esac
+
+ if [ -n "${amd_flags}" ]; then
+ amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null
+ else
+ amd 2> /dev/null
+ fi
+ ;;
+ esac
+
+ case ${rwhod_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' rwhod'; rwhod ${rwhod_flags}
+ ;;
+ esac
+
+ # Kerberos runs ONLY on the Kerberos server machine
+ case ${kerberos_server_enable} in
+ [Yy][Ee][Ss])
+ case ${kerberos_stash} in
+ [Yy][Ee][Ss])
+ stash_flag=-n
+ ;;
+ *)
+ stash_flag=
+ ;;
+ esac
+
+ echo -n ' kerberos'
kerberos ${stash_flag} >> /var/log/kerberos.log &
- if [ "${kadmind_server_enable}" = "YES" ]; then
- echo -n ' kadmind'; \
- (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
- fi
- unset stash_flag
- fi
-
- echo '.'
- network_pass3_done=YES
+
+ case ${kadmind_server_enable} in
+ [Yy][Ee][Ss])
+ echo -n ' kadmind'
+ (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) &
+ ;;
+ esac
+ unset stash_flag
+ ;;
+ esac
+
+ echo '.'
+ network_pass3_done=YES
}
diff --git a/etc/rc.d/tmp b/etc/rc.d/tmp
index a7f0a50..2d777e5 100644
--- a/etc/rc.d/tmp
+++ b/etc/rc.d/tmp
@@ -1,11 +1,14 @@
+#
+#$FreeBSD$
+#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
-if [ -f /etc/defaults/rc.conf ]; then
+ fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
-elif [ -f /etc/rc.conf ]; then
+ /sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
-( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
+(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
-( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
-
+(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512
diff --git a/etc/rc.d/var b/etc/rc.d/var
index a7f0a50..2d777e5 100644
--- a/etc/rc.d/var
+++ b/etc/rc.d/var
@@ -1,11 +1,14 @@
+#
+#$FreeBSD$
+#
# PROVIDE: diskless
# REQUIRE: initdiskless mountcritlocal
if [ -n "$4" ]; then
bpi="-i $4"
-if [ -f /etc/defaults/rc.conf ]; then
+ fi
/sbin/mdconfig -a -t malloc -s $1 -u $3
-elif [ -f /etc/rc.conf ]; then
+ /sbin/newfs $bpi /dev/md$3c
/sbin/mount /dev/md$3c $2
}
@@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd
chown -R root.daemon /var/spool/output
chgrp daemon /var/spool/lpd
-( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp
+(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_mfs -s 4096 -i 512 -T qp120at dummy /dev
-( cd /; cpio -i -H newc -d < /tmp/dev.tmp )
-
+(cd /; cpio -i -H newc -d < /tmp/dev.tmp)
# extract a list of device entries, then copy them to a writable fs
(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp
mount_md 4096 /dev 3 512
OpenPOWER on IntegriCloud