diff options
author | sheldonh <sheldonh@FreeBSD.org> | 1999-09-13 15:44:20 +0000 |
---|---|---|
committer | sheldonh <sheldonh@FreeBSD.org> | 1999-09-13 15:44:20 +0000 |
commit | d8a93d30ec0f7b9de2d59dab07ac29c6f7f8f663 (patch) | |
tree | f61d8b7d858e07792674c281853167482e6806c5 /etc | |
parent | 019fd9cb5fe17ed3ce93a28306ec3009d2a512f7 (diff) | |
download | FreeBSD-src-d8a93d30ec0f7b9de2d59dab07ac29c6f7f8f663.zip FreeBSD-src-d8a93d30ec0f7b9de2d59dab07ac29c6f7f8f663.tar.gz |
Apply a consistent style to most of the etc scripts. Particularly, use
case instead of test where appropriate, since case allows case is a sh
builtin and (as a side-effect) allows case-insensitivity.
Changes discussed on freebsd-hackers.
Submitted by: Doug Barton <Doug@gorean.org>
Diffstat (limited to 'etc')
44 files changed, 6050 insertions, 4320 deletions
diff --git a/etc/MAKEDEV b/etc/MAKEDEV index 33befa4..188eca9 100644 --- a/etc/MAKEDEV +++ b/etc/MAKEDEV @@ -277,7 +277,7 @@ jail) ln -sf null kmem # --//-- ln -sf null drum # --//-- ;; - + mach-4) mknod iopl c 22 0 mknod kbd c 23 0 @@ -290,7 +290,7 @@ mach-4) wt*) umask $tape_umask u=`expr $i : '..\(.*\)'` - if [ x$u = x ]; then u=0; fi + if [ -z "${u}" ]; then u=0; fi mknod rwt${u} c 10 `expr 0 + $u` # default density, 512b blocks mknod nrwt${u} c 10 `expr 4 + $u` # mknod rWt${u} c 10 `expr 64 + $u` # default density, 1024b blocks @@ -529,7 +529,7 @@ ccd*) [0-9]|[0-9][0-9]|[0-4][0-9][0-9]|50[0-9]|51[0-1]) for part in 0 1 2 3 4 5 6 7 do - minor=`dkminor 0 $unit 0 $part` + minor=`dkminor 0 $unit 0 $part` partname=`dkitop $part` mknod $name$unit$partname b $blk $minor mknod r$name$unit$partname c $chr $minor @@ -552,7 +552,7 @@ pt[0-9]*) chr=61 name=pt unit=`expr $i : 'pt\([0-9][0-9]*\)'` - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=0 fi unit=`expr $unit + 1 - 1` @@ -564,7 +564,7 @@ targ[0-9]*) chr=65 name=targ unit=`expr $i : 'targ\([0-9][0-9]*\)'` - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=0 fi unit=`expr $unit + 1 - 1` @@ -579,7 +579,7 @@ xpt*) chr=104 name=xpt units=`expr $i : 'xpt\(.*\)'` - if [ "X${units}" = "X" ]; then + if [ -z "${units}" ]; then units=1 fi eval `echo ${chr} ${units} ${name} |awk \ @@ -597,7 +597,7 @@ pass*|uk*) chr=31 name=pass units=`expr $i : 'pass\(.*\)'` - if [ "X${units}" = "X" ]; then + if [ -z "${units}" ]; then units=1 fi eval `echo ${chr} ${units} ${name} |awk \ @@ -710,7 +710,7 @@ acd*|cd*|mcd*|scd*) mcd*) units=`expr $i : '...\(.*\)'`; name=mcd; blk=7; chr=29;; scd*) units=`expr $i : '...\(.*\)'`; name=scd; blk=16; chr=45;; esac - if [ "X${units}" = "X" -o ${units} -le 0 ]; then + if [ -z "${units}" -o ${units} -le 0 ]; then units=1 fi if [ "${units}" -le 31 ]; then @@ -729,7 +729,6 @@ acd*|cd*|mcd*|scd*) name, i, c, (i * 8), name, i, c, (i * 8) + 2, name, i, name, i); }}'` - else echo "$i is invalid -- can't have more than 32 cd devices" fi @@ -837,14 +836,14 @@ ulpt*) ugen*) unit=`expr $i : 'ugen\([0-9][0-9]*\)'` endpoint=`expr $i : 'ugen.*\.\([0-9][0-9]*\)'` - if [ "x$unit" = "x" ]; then - echo $i - Invalid unit number + if [ -z "${unit}" ]; then + echo $i - Invalid unit number fi - if [ "x$endpoint" = "x" ]; then - minor=`expr $unit \* 16` + if [ -z "${endpoint}" ]; then + minor=`expr $unit \* 16` mknod ugen$unit c 114 $minor else - minor=`expr $unit \* 16 + $endpoint` + minor=`expr $unit \* 16 + $endpoint` mknod ugen$unit.$endpoint c 114 $minor fi ;; @@ -966,7 +965,7 @@ ttyA*) port=1 while [ $port -le $nports ]; do minor=`expr $port - 1` - name=`expr $port + 1000 | cut -c 3-4` + name=`expr $port + 1000 | cut -c 3-4` mknod ttyA$name c $major $minor mknod ttyiA$name c $major `expr $minor + 65536` mknod ttylA$name c $major `expr $minor + 131072` @@ -983,7 +982,7 @@ cuaA*) port=1 while [ $port -le $nports ]; do minor=`expr $port - 1` - name=`expr $port + 1000 | cut -c 3-4` + name=`expr $port + 1000 | cut -c 3-4` mknod cuaA$name c $major `expr $minor + 128` mknod cuaiA$name c $major `expr $minor + 128 + 65536` mknod cualA$name c $major `expr $minor + 128 + 131072` @@ -1098,9 +1097,9 @@ ttyR?) ndevices=`grep ^$i /tmp/rp_list | sed -e 's/.* \([0-9]*\) ports/\1/'` echo -n "Creating $ndevices devices for $i: " for dev in `jot $ndevices 0`;do - mknod /dev/ttyR$Rnum c $major $MINOR + mknod /dev/ttyR$Rnum c $major $MINOR mknod /dev/ttylR$Rnum c $major `expr $MINOR + 32` - mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64` + mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64` Rnum=`expr $Rnum + 1` MINOR=`expr $MINOR + 1` done @@ -1123,7 +1122,7 @@ cuaR?) for dev in `jot $ndevices 0`;do mknod /dev/cuaR$Rnum c $major `expr $MINOR + 128` mknod /dev/cualR$Rnum c $major `expr $MINOR + 128 + 32` - mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64` + mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64` Rnum=`expr $Rnum + 1` MINOR=`expr $MINOR + 1` done @@ -1331,7 +1330,7 @@ labpc*) die 3 "Don't know LabPC type $i" ;; esac - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=all fi case $unit in diff --git a/etc/etc.alpha/MAKEDEV b/etc/etc.alpha/MAKEDEV index 25101ac..df9e688 100644 --- a/etc/etc.alpha/MAKEDEV +++ b/etc/etc.alpha/MAKEDEV @@ -280,7 +280,7 @@ mach-4) wt*) umask $tape_umask u=`expr $i : '..\(.*\)'` - if [ x$u = x ]; then u=0; fi + if [ -z "${u}" ]; then u=0; fi mknod rwt${u} c 10 `expr 0 + $u` # default density, 512b blocks mknod nrwt${u} c 10 `expr 4 + $u` # mknod rWt${u} c 10 `expr 64 + $u` # default density, 1024b blocks @@ -517,7 +517,7 @@ ccd*) [0-9]|[0-9][0-9]|[0-4][0-9][0-9]|50[0-9]|51[0-1]) for part in 0 1 2 3 4 5 6 7 do - minor=`dkminor 0 $unit 0 $part` + minor=`dkminor 0 $unit 0 $part` partname=`dkitop $part` mknod $name$unit$partname b $blk $minor mknod r$name$unit$partname c $chr $minor @@ -540,7 +540,7 @@ pt[0-9]*) chr=61 name=pt unit=`expr $i : 'pt\([0-9][0-9]*\)'` - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=0 fi unit=`expr $unit + 1 - 1` @@ -552,7 +552,7 @@ targ[0-9]*) chr=65 name=targ unit=`expr $i : 'targ\([0-9][0-9]*\)'` - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=0 fi unit=`expr $unit + 1 - 1` @@ -567,7 +567,7 @@ xpt*) chr=104 name=xpt units=`expr $i : 'xpt\(.*\)'` - if [ "X${units}" = "X" ]; then + if [ -z "${units}" ]; then units=1 fi eval `echo ${chr} ${units} ${name} |awk \ @@ -585,7 +585,7 @@ pass*|uk*) chr=31 name=pass units=`expr $i : 'pass\(.*\)'` - if [ "X${units}" = "X" ]; then + if [ -z "${units}" ]; then units=1 fi eval `echo ${chr} ${units} ${name} |awk \ @@ -698,7 +698,7 @@ acd*|cd*|mcd*|scd*) mcd*) units=`expr $i : '...\(.*\)'`; name=mcd; blk=7; chr=29;; scd*) units=`expr $i : '...\(.*\)'`; name=scd; blk=16; chr=45;; esac - if [ "X${units}" = "X" -o ${units} -le 0 ]; then + if [ -z "${units}" -o ${units} -le 0 ]; then units=1 fi if [ "${units}" -le 31 ]; then @@ -717,7 +717,6 @@ acd*|cd*|mcd*|scd*) name, i, c, (i * 8), name, i, c, (i * 8) + 2, name, i, name, i); }}'` - else echo "$i is invalid -- can't have more than 32 cd devices" fi @@ -825,14 +824,14 @@ ulpt*) ugen*) unit=`expr $i : 'ugen\([0-9][0-9]*\)'` endpoint=`expr $i : 'ugen.*\.\([0-9][0-9]*\)'` - if [ "x$unit" = "x" ]; then - echo $i - Invalid unit number + if [ -z "${unit}" ]; then + echo $i - Invalid unit number fi - if [ "x$endpoint" = "x" ]; then - minor=`expr $unit \* 16` + if [ -z "${endpoint}" ]; then + minor=`expr $unit \* 16` mknod ugen$unit c 114 $minor else - minor=`expr $unit \* 16 + $endpoint` + minor=`expr $unit \* 16 + $endpoint` mknod ugen$unit.$endpoint c 114 $minor fi ;; @@ -954,7 +953,7 @@ ttyA*) port=1 while [ $port -le $nports ]; do minor=`expr $port - 1` - name=`expr $port + 1000 | cut -c 3-4` + name=`expr $port + 1000 | cut -c 3-4` mknod ttyA$name c $major $minor mknod ttyiA$name c $major `expr $minor + 65536` mknod ttylA$name c $major `expr $minor + 131072` @@ -971,7 +970,7 @@ cuaA*) port=1 while [ $port -le $nports ]; do minor=`expr $port - 1` - name=`expr $port + 1000 | cut -c 3-4` + name=`expr $port + 1000 | cut -c 3-4` mknod cuaA$name c $major `expr $minor + 128` mknod cuaiA$name c $major `expr $minor + 128 + 65536` mknod cualA$name c $major `expr $minor + 128 + 131072` @@ -1086,9 +1085,9 @@ ttyR?) ndevices=`grep ^$i /tmp/rp_list | sed -e 's/.* \([0-9]*\) ports/\1/'` echo -n "Creating $ndevices devices for $i: " for dev in `jot $ndevices 0`;do - mknod /dev/ttyR$Rnum c $major $MINOR + mknod /dev/ttyR$Rnum c $major $MINOR mknod /dev/ttylR$Rnum c $major `expr $MINOR + 32` - mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64` + mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64` Rnum=`expr $Rnum + 1` MINOR=`expr $MINOR + 1` done @@ -1111,7 +1110,7 @@ cuaR?) for dev in `jot $ndevices 0`;do mknod /dev/cuaR$Rnum c $major `expr $MINOR + 128` mknod /dev/cualR$Rnum c $major `expr $MINOR + 128 + 32` - mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64` + mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64` Rnum=`expr $Rnum + 1` MINOR=`expr $MINOR + 1` done @@ -1316,7 +1315,7 @@ labpc*) die 3 "Don't know LabPC type $i" ;; esac - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=all fi case $unit in diff --git a/etc/etc.alpha/rc.alpha b/etc/etc.alpha/rc.alpha index bcb23b8..753e722 100644 --- a/etc/etc.alpha/rc.alpha +++ b/etc/etc.alpha/rc.alpha @@ -18,83 +18,141 @@ viddev=/dev/ttyv0 echo -n "rc.alpha configuring syscons:" # keymap -if [ "${keymap}" != "NO" ]; then +# +case ${keymap} in +[Nn][Oo] | '') + ;; +*) echo -n ' keymap'; kbdcontrol <${kbddev} -l ${keymap} -fi + ;; +esac # keyrate -if [ "${keyrate}" != "NO" ]; then +# +case ${keyrate} in +[Nn][Oo] | '') + ;; +*) echo -n ' keyrate'; kbdcontrol <${kbddev} -r ${keyrate} -fi + ;; +esac # keybell -if [ "${keybell}" != "NO" ]; then +# +case ${keybell} in +[Nn][Oo] | '') + ;; +*) echo -n ' keybell'; kbdcontrol <${kbddev} -b ${keybell} -fi + ;; +esac # change function keys -if [ "${keychange}" != "NO" ]; then +# +case ${keychange} in +[Nn][Oo] | '') + ;; +*) echo -n " keychange" set - ${keychange} - while [ $# -gt 0 ] - do + while [ $# -gt 0 ]; do kbdcontrol < ${kbddev} -f "$1" "$2" shift; shift done -fi + ;; +esac # cursor type -if [ "${cursor}" != "NO" ]; then +# +case ${cursor} in +[Nn][Oo] | '') + ;; +*) echo -n ' cursor'; vidcontrol < ${viddev} -c ${cursor} -fi + ;; +esac # screen mapping -if [ "${scrnmap}" != "NO" ]; then +# +case ${scrnmap} in +[Nn][Oo] | '') + ;; +*) echo -n ' screen_map'; vidcontrol < ${viddev} -l ${scrnmap} -fi + ;; +esac # font 8x16 -if [ "${font8x16}" != "NO" ]; then +# +case ${font8x16} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x16'; vidcontrol < ${viddev} -f 8x16 ${font8x16} -fi + ;; +esac # font 8x14 -if [ "${font8x14}" != "NO" ]; then +# +case ${font8x14} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x14'; vidcontrol < ${viddev} -f 8x14 ${font8x14} -fi + ;; +esac # font 8x8 -if [ "${font8x8}" != "NO" ]; then +# +case ${font8x8} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x8'; vidcontrol < ${viddev} -f 8x8 ${font8x8} -fi + ;; +esac # blank time -if [ "${blanktime}" != "NO" ]; then +# +case ${blanktime} in +[Nn][Oo] | '') + ;; +*) echo -n ' blank_time'; vidcontrol < ${viddev} -t ${blanktime} -fi + ;; +esac # screen saver -if [ "${saver}" != "NO" ] ; then +# +case ${saver} in +[Nn][Oo] | '') + ;; +*) echo -n ' screensaver' for i in `kldstat | awk '$5 ~ "^splash_.*$" { print $5 }'`; do kldunload $i done kldstat -v | grep -q _saver || kldload ${saver}_saver -fi + ;; +esac # mouse daemon -if [ "${moused_enable}" = "YES" ] ; then +# +case ${moused_enable} in +[Yy][Ee][Ss]) echo -n ' moused' moused ${moused_flags} -p ${moused_port} -t ${moused_type} vidcontrol < ${viddev} -m on -fi + ;; +esac # set this mode for all virtual screens +# if [ -n "${allscreens_flags}" ] ; then echo -n ' allscreens' - for ttyv in /dev/ttyv* - do + for ttyv in /dev/ttyv*; do vidcontrol < ${ttyv} ${allscreens_flags} done fi + echo '.' diff --git a/etc/etc.amd64/rc.amd64 b/etc/etc.amd64/rc.amd64 index f7b22d9..13440de 100644 --- a/etc/etc.amd64/rc.amd64 +++ b/etc/etc.amd64/rc.amd64 @@ -5,33 +5,58 @@ # echo -n 'Initial rc.i386 initialization:' -if [ "${apm_enable}" = "YES" -o "${apmd_enable}" = "YES" ] ; then + +case ${apm_enable} in +[Yy][Ee][Ss]) echo -n ' apm' apmconf -e > /dev/null 2>&1 -fi + APMCONF_DONE=yes + ;; +esac + +case ${apmd_enable} in +[Yy][Ee][Ss]) + case ${APMCONF_DONE} in + '') + echo -n ' apm' + apmconf -e > /dev/null 2>&1 + ;; + esac -if [ "${apmd_enable}" = "YES" ] ; then echo -n ' apmd'; apmd ${apmd_flags} -fi + ;; +esac # Start the SCO binary emulation if requested. -if [ "${ibcs2_enable}" = "YES" ]; then - echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1 -fi +# +case ${ibcs2_enable} in +[Yy][Ee][Ss]) + echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1 + ;; +esac # Start the Linux binary emulation if requested. -if [ "${linux_enable}" = "YES" ]; then - echo -n ' linux'; linux > /dev/null 2>&1 -fi +# +case ${linux_enable} in +[Yy][Ee][Ss]) + echo -n ' linux'; linux > /dev/null 2>&1 + ;; +esac # Start the SysVR4 binary emulation if requested. -if [ "${svr4_enable}" = "YES" ]; then - echo -n ' svr4'; svr4 > /dev/null 2>&1 -fi - -if [ "${xtend_enable}" = "YES" ]; then +# +case ${svr4_enable} in +[Yy][Ee][Ss]) + echo -n ' svr4'; svr4 > /dev/null 2>&1 + ;; +esac + +case ${xtend_enable} in +[Yy][Ee][Ss]) echo -n ' xtend'; /usr/libexec/xtend -fi + ;; +esac + echo '.' ########################################################################## @@ -39,98 +64,162 @@ echo '.' ########################################################################## # stdin must be redirected because it might be for a serial console +# kbddev=/dev/ttyv0 viddev=/dev/ttyv0 echo -n "rc.i386 configuring syscons:" # keymap -if [ "${keymap}" != "NO" ]; then +# +case ${keymap} in +[Nn][Oo] | '') + ;; +*) echo -n ' keymap'; kbdcontrol < ${kbddev} -l ${keymap} -fi + ;; +esac # keyrate -if [ "${keyrate}" != "NO" ]; then +# +case ${keyrate} in +[Nn][Oo] | '') + ;; +*) echo -n ' keyrate'; kbdcontrol < ${kbddev} -r ${keyrate} -fi + ;; +esac # keybell -if [ "${keybell}" != "NO" ]; then +# +case ${keybell} in +[Nn][Oo] | '') + ;; +*) echo -n ' keybell'; kbdcontrol < ${kbddev} -b ${keybell} -fi + ;; +esac # change function keys -if [ "${keychange}" != "NO" ]; then +# +case ${keychange} in +[Nn][Oo] | '') + ;; +*) echo -n " keychange" set - ${keychange} - while [ $# -gt 0 ] - do + while [ $# -gt 0 ]; do kbdcontrol <${kbddev} -f "$1" "$2" shift; shift done -fi + ;; +esac # cursor type -if [ "${cursor}" != "NO" ]; then +# +case ${cursor} in +[Nn][Oo] | '') + ;; +*) echo -n ' cursor'; vidcontrol < ${viddev} -c ${cursor} -fi + ;; +esac # screen mapping -if [ "${scrnmap}" != "NO" ]; then +# +case ${scrnmap} in +[Nn][Oo] | '') + ;; +*) echo -n ' screen_map'; vidcontrol < ${viddev} -l ${scrnmap} -fi + ;; +esac # font 8x16 -if [ "${font8x16}" != "NO" ]; then +# +case ${font8x16} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x16'; vidcontrol < ${viddev} -f 8x16 ${font8x16} -fi + ;; +esac # font 8x14 -if [ "${font8x14}" != "NO" ]; then +# +case ${font8x14} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x14'; vidcontrol < ${viddev} -f 8x14 ${font8x14} -fi + ;; +esac # font 8x8 -if [ "${font8x8}" != "NO" ]; then +# +case ${font8x8} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x8'; vidcontrol < ${viddev} -f 8x8 ${font8x8} -fi + ;; +esac # blank time -if [ "${blanktime}" != "NO" ]; then +# +case ${blanktime} in +[Nn][Oo] | '') + ;; +*) echo -n ' blank_time'; vidcontrol < ${viddev} -t ${blanktime} -fi + ;; +esac # screen saver -if [ "${saver}" != "NO" ] ; then +# +case ${saver} in +[Nn][Oo] | '') + ;; +*) echo -n ' screensaver' for i in `kldstat | awk '$5 ~ "^splash_.*$" { print $5 }'`; do kldunload ${i} done kldstat -v | grep -q _saver || kldload ${saver}_saver -fi + ;; +esac # mouse daemon -if [ "${moused_enable}" = "YES" ] ; then +# +case ${moused_enable} in +[Yy][Ee][Ss]) echo -n ' moused' moused ${moused_flags} -p ${moused_port} -t ${moused_type} vidcontrol < ${viddev} -m on -fi + ;; +esac # set this mode for all virtual screens -if [ -n "${allscreens_flags}" ] ; then +# +if [ -n "${allscreens_flags}" ]; then echo -n ' allscreens' - for ttyv in /dev/ttyv* - do + for ttyv in /dev/ttyv*; do vidcontrol < ${ttyv} ${allscreens_flags} done fi + echo '.' # interrupts for /dev/random device -if [ "${rand_irqs}" != "NO" ] ; then +# +case ${rand_irqs} in +[Nn][Oo] | '') + ;; +*) echo -n 'entropy IRQs:' for irq in ${rand_irqs}; do echo -n " ${irq}" && rndcontrol -q -s ${irq} done echo '.' -fi + ;; +esac diff --git a/etc/etc.i386/MAKEDEV b/etc/etc.i386/MAKEDEV index 33befa4..188eca9 100644 --- a/etc/etc.i386/MAKEDEV +++ b/etc/etc.i386/MAKEDEV @@ -277,7 +277,7 @@ jail) ln -sf null kmem # --//-- ln -sf null drum # --//-- ;; - + mach-4) mknod iopl c 22 0 mknod kbd c 23 0 @@ -290,7 +290,7 @@ mach-4) wt*) umask $tape_umask u=`expr $i : '..\(.*\)'` - if [ x$u = x ]; then u=0; fi + if [ -z "${u}" ]; then u=0; fi mknod rwt${u} c 10 `expr 0 + $u` # default density, 512b blocks mknod nrwt${u} c 10 `expr 4 + $u` # mknod rWt${u} c 10 `expr 64 + $u` # default density, 1024b blocks @@ -529,7 +529,7 @@ ccd*) [0-9]|[0-9][0-9]|[0-4][0-9][0-9]|50[0-9]|51[0-1]) for part in 0 1 2 3 4 5 6 7 do - minor=`dkminor 0 $unit 0 $part` + minor=`dkminor 0 $unit 0 $part` partname=`dkitop $part` mknod $name$unit$partname b $blk $minor mknod r$name$unit$partname c $chr $minor @@ -552,7 +552,7 @@ pt[0-9]*) chr=61 name=pt unit=`expr $i : 'pt\([0-9][0-9]*\)'` - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=0 fi unit=`expr $unit + 1 - 1` @@ -564,7 +564,7 @@ targ[0-9]*) chr=65 name=targ unit=`expr $i : 'targ\([0-9][0-9]*\)'` - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=0 fi unit=`expr $unit + 1 - 1` @@ -579,7 +579,7 @@ xpt*) chr=104 name=xpt units=`expr $i : 'xpt\(.*\)'` - if [ "X${units}" = "X" ]; then + if [ -z "${units}" ]; then units=1 fi eval `echo ${chr} ${units} ${name} |awk \ @@ -597,7 +597,7 @@ pass*|uk*) chr=31 name=pass units=`expr $i : 'pass\(.*\)'` - if [ "X${units}" = "X" ]; then + if [ -z "${units}" ]; then units=1 fi eval `echo ${chr} ${units} ${name} |awk \ @@ -710,7 +710,7 @@ acd*|cd*|mcd*|scd*) mcd*) units=`expr $i : '...\(.*\)'`; name=mcd; blk=7; chr=29;; scd*) units=`expr $i : '...\(.*\)'`; name=scd; blk=16; chr=45;; esac - if [ "X${units}" = "X" -o ${units} -le 0 ]; then + if [ -z "${units}" -o ${units} -le 0 ]; then units=1 fi if [ "${units}" -le 31 ]; then @@ -729,7 +729,6 @@ acd*|cd*|mcd*|scd*) name, i, c, (i * 8), name, i, c, (i * 8) + 2, name, i, name, i); }}'` - else echo "$i is invalid -- can't have more than 32 cd devices" fi @@ -837,14 +836,14 @@ ulpt*) ugen*) unit=`expr $i : 'ugen\([0-9][0-9]*\)'` endpoint=`expr $i : 'ugen.*\.\([0-9][0-9]*\)'` - if [ "x$unit" = "x" ]; then - echo $i - Invalid unit number + if [ -z "${unit}" ]; then + echo $i - Invalid unit number fi - if [ "x$endpoint" = "x" ]; then - minor=`expr $unit \* 16` + if [ -z "${endpoint}" ]; then + minor=`expr $unit \* 16` mknod ugen$unit c 114 $minor else - minor=`expr $unit \* 16 + $endpoint` + minor=`expr $unit \* 16 + $endpoint` mknod ugen$unit.$endpoint c 114 $minor fi ;; @@ -966,7 +965,7 @@ ttyA*) port=1 while [ $port -le $nports ]; do minor=`expr $port - 1` - name=`expr $port + 1000 | cut -c 3-4` + name=`expr $port + 1000 | cut -c 3-4` mknod ttyA$name c $major $minor mknod ttyiA$name c $major `expr $minor + 65536` mknod ttylA$name c $major `expr $minor + 131072` @@ -983,7 +982,7 @@ cuaA*) port=1 while [ $port -le $nports ]; do minor=`expr $port - 1` - name=`expr $port + 1000 | cut -c 3-4` + name=`expr $port + 1000 | cut -c 3-4` mknod cuaA$name c $major `expr $minor + 128` mknod cuaiA$name c $major `expr $minor + 128 + 65536` mknod cualA$name c $major `expr $minor + 128 + 131072` @@ -1098,9 +1097,9 @@ ttyR?) ndevices=`grep ^$i /tmp/rp_list | sed -e 's/.* \([0-9]*\) ports/\1/'` echo -n "Creating $ndevices devices for $i: " for dev in `jot $ndevices 0`;do - mknod /dev/ttyR$Rnum c $major $MINOR + mknod /dev/ttyR$Rnum c $major $MINOR mknod /dev/ttylR$Rnum c $major `expr $MINOR + 32` - mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64` + mknod /dev/ttyiR$Rnum c $major `expr $MINOR + 64` Rnum=`expr $Rnum + 1` MINOR=`expr $MINOR + 1` done @@ -1123,7 +1122,7 @@ cuaR?) for dev in `jot $ndevices 0`;do mknod /dev/cuaR$Rnum c $major `expr $MINOR + 128` mknod /dev/cualR$Rnum c $major `expr $MINOR + 128 + 32` - mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64` + mknod /dev/cuaiR$Rnum c $major `expr $MINOR + 128 + 64` Rnum=`expr $Rnum + 1` MINOR=`expr $MINOR + 1` done @@ -1331,7 +1330,7 @@ labpc*) die 3 "Don't know LabPC type $i" ;; esac - if [ "X${unit}" = "X" ]; then + if [ -z "${unit}" ]; then unit=all fi case $unit in diff --git a/etc/etc.i386/rc.i386 b/etc/etc.i386/rc.i386 index f7b22d9..13440de 100644 --- a/etc/etc.i386/rc.i386 +++ b/etc/etc.i386/rc.i386 @@ -5,33 +5,58 @@ # echo -n 'Initial rc.i386 initialization:' -if [ "${apm_enable}" = "YES" -o "${apmd_enable}" = "YES" ] ; then + +case ${apm_enable} in +[Yy][Ee][Ss]) echo -n ' apm' apmconf -e > /dev/null 2>&1 -fi + APMCONF_DONE=yes + ;; +esac + +case ${apmd_enable} in +[Yy][Ee][Ss]) + case ${APMCONF_DONE} in + '') + echo -n ' apm' + apmconf -e > /dev/null 2>&1 + ;; + esac -if [ "${apmd_enable}" = "YES" ] ; then echo -n ' apmd'; apmd ${apmd_flags} -fi + ;; +esac # Start the SCO binary emulation if requested. -if [ "${ibcs2_enable}" = "YES" ]; then - echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1 -fi +# +case ${ibcs2_enable} in +[Yy][Ee][Ss]) + echo -n ' ibcs2'; ibcs2 > /dev/null 2>&1 + ;; +esac # Start the Linux binary emulation if requested. -if [ "${linux_enable}" = "YES" ]; then - echo -n ' linux'; linux > /dev/null 2>&1 -fi +# +case ${linux_enable} in +[Yy][Ee][Ss]) + echo -n ' linux'; linux > /dev/null 2>&1 + ;; +esac # Start the SysVR4 binary emulation if requested. -if [ "${svr4_enable}" = "YES" ]; then - echo -n ' svr4'; svr4 > /dev/null 2>&1 -fi - -if [ "${xtend_enable}" = "YES" ]; then +# +case ${svr4_enable} in +[Yy][Ee][Ss]) + echo -n ' svr4'; svr4 > /dev/null 2>&1 + ;; +esac + +case ${xtend_enable} in +[Yy][Ee][Ss]) echo -n ' xtend'; /usr/libexec/xtend -fi + ;; +esac + echo '.' ########################################################################## @@ -39,98 +64,162 @@ echo '.' ########################################################################## # stdin must be redirected because it might be for a serial console +# kbddev=/dev/ttyv0 viddev=/dev/ttyv0 echo -n "rc.i386 configuring syscons:" # keymap -if [ "${keymap}" != "NO" ]; then +# +case ${keymap} in +[Nn][Oo] | '') + ;; +*) echo -n ' keymap'; kbdcontrol < ${kbddev} -l ${keymap} -fi + ;; +esac # keyrate -if [ "${keyrate}" != "NO" ]; then +# +case ${keyrate} in +[Nn][Oo] | '') + ;; +*) echo -n ' keyrate'; kbdcontrol < ${kbddev} -r ${keyrate} -fi + ;; +esac # keybell -if [ "${keybell}" != "NO" ]; then +# +case ${keybell} in +[Nn][Oo] | '') + ;; +*) echo -n ' keybell'; kbdcontrol < ${kbddev} -b ${keybell} -fi + ;; +esac # change function keys -if [ "${keychange}" != "NO" ]; then +# +case ${keychange} in +[Nn][Oo] | '') + ;; +*) echo -n " keychange" set - ${keychange} - while [ $# -gt 0 ] - do + while [ $# -gt 0 ]; do kbdcontrol <${kbddev} -f "$1" "$2" shift; shift done -fi + ;; +esac # cursor type -if [ "${cursor}" != "NO" ]; then +# +case ${cursor} in +[Nn][Oo] | '') + ;; +*) echo -n ' cursor'; vidcontrol < ${viddev} -c ${cursor} -fi + ;; +esac # screen mapping -if [ "${scrnmap}" != "NO" ]; then +# +case ${scrnmap} in +[Nn][Oo] | '') + ;; +*) echo -n ' screen_map'; vidcontrol < ${viddev} -l ${scrnmap} -fi + ;; +esac # font 8x16 -if [ "${font8x16}" != "NO" ]; then +# +case ${font8x16} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x16'; vidcontrol < ${viddev} -f 8x16 ${font8x16} -fi + ;; +esac # font 8x14 -if [ "${font8x14}" != "NO" ]; then +# +case ${font8x14} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x14'; vidcontrol < ${viddev} -f 8x14 ${font8x14} -fi + ;; +esac # font 8x8 -if [ "${font8x8}" != "NO" ]; then +# +case ${font8x8} in +[Nn][Oo] | '') + ;; +*) echo -n ' font8x8'; vidcontrol < ${viddev} -f 8x8 ${font8x8} -fi + ;; +esac # blank time -if [ "${blanktime}" != "NO" ]; then +# +case ${blanktime} in +[Nn][Oo] | '') + ;; +*) echo -n ' blank_time'; vidcontrol < ${viddev} -t ${blanktime} -fi + ;; +esac # screen saver -if [ "${saver}" != "NO" ] ; then +# +case ${saver} in +[Nn][Oo] | '') + ;; +*) echo -n ' screensaver' for i in `kldstat | awk '$5 ~ "^splash_.*$" { print $5 }'`; do kldunload ${i} done kldstat -v | grep -q _saver || kldload ${saver}_saver -fi + ;; +esac # mouse daemon -if [ "${moused_enable}" = "YES" ] ; then +# +case ${moused_enable} in +[Yy][Ee][Ss]) echo -n ' moused' moused ${moused_flags} -p ${moused_port} -t ${moused_type} vidcontrol < ${viddev} -m on -fi + ;; +esac # set this mode for all virtual screens -if [ -n "${allscreens_flags}" ] ; then +# +if [ -n "${allscreens_flags}" ]; then echo -n ' allscreens' - for ttyv in /dev/ttyv* - do + for ttyv in /dev/ttyv*; do vidcontrol < ${ttyv} ${allscreens_flags} done fi + echo '.' # interrupts for /dev/random device -if [ "${rand_irqs}" != "NO" ] ; then +# +case ${rand_irqs} in +[Nn][Oo] | '') + ;; +*) echo -n 'entropy IRQs:' for irq in ${rand_irqs}; do echo -n " ${irq}" && rndcontrol -q -s ${irq} done echo '.' -fi + ;; +esac diff --git a/etc/isdn/answer b/etc/isdn/answer index df9e804..d39a983 100755 --- a/etc/isdn/answer +++ b/etc/isdn/answer @@ -17,92 +17,81 @@ VARDIR=/var/isdn LIBDIR=/usr/share/isdn LOGFILE=/tmp/answer.log -NCALLFILE=$VARDIR/ncall +NCALLFILE=${VARDIR}/ncall DATE=`date +%d%H` DF=0 dF=0 sF=0 -set -- `getopt D:d:s: $*` - -if test $? != 0 -then +if ! set -- `getopt D:d:s: $*`; then echo 'Usage: answer -D device -d destination -s source' exit 1 fi -for i -do - case "$i" - in - -D) - DEVICE=$2 - DF=1 - shift - shift - ;; - -d) - DEST=$2 - dF=1 - shift - shift - ;; - -s) - SRC=$2 - sF=1 - shift - shift - ;; - --) - shift - break - ;; +for i ; do + case ${i} in + -D) + DEVICE=$2 + DF=1 + shift + shift + ;; + -d) + DEST=$2 + dF=1 + shift + shift + ;; + -s) + SRC=$2 + sF=1 + shift + shift + ;; + --) + shift + break + ;; esac done -echo "" >>$LOGFILE +echo "" >>${LOGFILE} -if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ] -then +if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then echo 'Usage: answer -D device -d destination -s source' exit 1 -fi +fi -echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE +echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE} -if [ -f $NCALLFILE ] -then - NCALL=`cat $NCALLFILE` -else +if [ -r "${NCALLFILE}" ]; then + NCALL=`cat ${NCALLFILE}` +else NCALL=0 fi -NCALL=`printf "%.4d" $NCALL` +NCALL=`printf "%.4d" ${NCALL}` -echo Date: `date` >> $VARDIR/I.$NCALL.$DATE +echo Date: `date` >> ${VARDIR}/I.${NCALL}.${DATE} -if [ "$SRC" != "" ] -then - echo "From: $SRC" >> $VARDIR/I.$NCALL.$DATE +if [ -n "${SRC}" ]; then + echo "From: ${SRC}" >> ${VARDIR}/I.${NCALL}.${DATE} fi -if [ "$DEST" != "" ] -then - echo "To: $DEST" >> $VARDIR/I.$NCALL.$DATE +if [ -n "${DEST}" ]; then + echo "To: ${DEST}" >> ${VARDIR}/I.${NCALL}.${DATE} fi -if [ -f $LIBDIR/beep.al ] -then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k # >/dev/null 2>&1 +if [ -r "${LIBDIR}/beep.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k # >/dev/null 2>&1 fi -if [ -f $LIBDIR/msg.al ] -then - dd of=$DEVICE if=$LIBDIR/msg.al bs=2k # >/dev/null 2>&1 - if [ -f $LIBDIR/beep.al ] +if [ -r "${LIBDIR}/msg.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/msg.al bs=2k # >/dev/null 2>&1 + if [ -r "${LIBDIR}/beep.al" ] then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k # >/dev/null 2>&1 + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k # >/dev/null 2>&1 fi fi -echo `expr $NCALL + 1` >$NCALLFILE +echo `expr ${NCALL} + 1` >${NCALLFILE} diff --git a/etc/isdn/isdntel.sh b/etc/isdn/isdntel.sh index d76885d..14f528a 100755 --- a/etc/isdn/isdntel.sh +++ b/etc/isdn/isdntel.sh @@ -17,9 +17,9 @@ LIBDIR=/usr/share/isdn VARDIR=/var/isdn DEVICE=/dev/i4btel0 -# sounds -MESSAGE=$LIBDIR/msg.al -BEEP=$LIBDIR/beep.al +# sounds +MESSAGE=${LIBDIR}/msg.al +BEEP=${LIBDIR}/beep.al # dd options SKIP=25 @@ -35,36 +35,32 @@ dst= DATE=`date` # check if directory exists -if [ ! -d $VARDIR ] +if [ ! -d "${VARDIR}" ] then - mkdir $VARDIR + mkdir ${VARDIR} fi # get options -set -- `/usr/bin/getopt D:d:s: $*` - -if [ $? != 0 ] -then +if ! set -- `/usr/bin/getopt D:d:s: $*`; then echo "usage2: play -D device -d <dest-telno> -s <src-telno>" exit 1 fi # process options -for i -do +for i ; do case $i in - -D) - DEVICE=$2; shift; shift; - ;; - -d) - dst=$2; shift; shift; - ;; - -s) - src=$2; shift; shift; - ;; - --) - shift; break; - ;; + -D) + DEVICE=$2; shift; shift; + ;; + -d) + dst=$2; shift; shift; + ;; + -s) + src=$2; shift; shift; + ;; + --) + shift; break; + ;; esac done @@ -73,33 +69,30 @@ done FILEDATE=`date \+%y%m%d%H%M%S` # echo message to phone -if [ -f $MESSAGE ] -then - /bin/dd of=$DEVICE if=$MESSAGE bs=2k >/dev/null 2>&1 +if [ -r "${MESSAGE}" ]; then + /bin/dd of=${DEVICE} if=${MESSAGE} bs=2k >/dev/null 2>&1 fi # echo beep to phone -if [ -f $BEEP ] -then - /bin/dd of=$DEVICE if=$BEEP bs=2k >/dev/null 2>&1 +if [ -r "${BEEP}" ]; then + /bin/dd of=${DEVICE} if=${BEEP} bs=2k >/dev/null 2>&1 fi # start time START=`date \+%s` # get message from caller -/bin/dd if=$DEVICE of=$VARDIR/$FILEDATE-$dst-$src skip=$SKIP bs=2k count=$MAXMSIZ >/dev/null 2>&1 +/bin/dd if=${DEVICE} of=${VARDIR}/${FILEDATE}-${dst}-${src} skip=${SKIP} bs=2k count=${MAXMSIZ} >/dev/null 2>&1 # end time END=`date \+%s` # duration -TIME=`expr $END - $START` +TIME=`expr ${END} - ${START}` # save recorded message -if [ -f $VARDIR/$FILEDATE-$dst-$src ] -then - mv $VARDIR/$FILEDATE-$dst-$src $VARDIR/$FILEDATE-$dst-$src-$TIME +if [ -r "${VARDIR}/${FILEDATE}-${dst}-${src}" ]; then + mv ${VARDIR}/${FILEDATE}-${dst}-${src} ${VARDIR}/${FILEDATE}-${dst}-${src}-${TIME} fi exit 0 diff --git a/etc/isdn/record b/etc/isdn/record index 24e6cd6..61591fb 100755 --- a/etc/isdn/record +++ b/etc/isdn/record @@ -17,95 +17,83 @@ VARDIR=/var/isdn LIBDIR=/usr/share/isdn LOGFILE=/tmp/answer.log -NCALLFILE=$VARDIR/ncall +NCALLFILE=${VARDIR}/ncall DATE=`date +%d%H` DF=0 dF=0 sF=0 -set -- `getopt D:d:s: $*` - -if test $? != 0 -then +if ! set -- `getopt D:d:s: $*`; then echo 'Usage: answer -D device -d destination -s source' exit 1 fi -for i -do - case "$i" - in - -D) - DEVICE=$2 - DF=1 - shift - shift - ;; - -d) - DEST=$2 - dF=1 - shift - shift - ;; - -s) - SRC=$2 - sF=1 - shift - shift - ;; - --) - shift - break - ;; +for i ; do + case ${i} in + -D) + DEVICE=$2 + DF=1 + shift + shift + ;; + -d) + DEST=$2 + dF=1 + shift + shift + ;; + -s) + SRC=$2 + sF=1 + shift + shift + ;; + --) + shift + break + ;; esac done -echo "" >>$LOGFILE +echo "" >>${LOGFILE} -if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ] -then +if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then echo 'Usage: answer -D device -d destination -s source' exit 1 -fi +fi -echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE +echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE} -if [ -f $NCALLFILE ] -then - NCALL=`cat $NCALLFILE` -else +if [ -r "${NCALLFILE}" ]; then + NCALL=`cat ${NCALLFILE}` +else NCALL=0 fi -NCALL=`printf "%.4d" $NCALL` +NCALL=`printf "%.4d" ${NCALL}` -echo Date: `date` >> $VARDIR/I.$NCALL.$DATE +echo Date: `date` >> ${VARDIR}/I.${NCALL}.${DATE} -if [ "$SRC" != "" ] -then - echo "From: $SRC" >> $VARDIR/I.$NCALL.$DATE +if [ -n "${SRC}" ]; then + echo "From: ${SRC}" >> ${VARDIR}/I.${NCALL}.${DATE} fi -if [ "$DEST" != "" ] -then - echo "To: $DEST" >> $VARDIR/I.$NCALL.$DATE +if [ -n "${DEST}" ]; then + echo "To: ${DEST}" >> ${VARDIR}/I.${NCALL}.${DATE} fi -if [ -f $LIBDIR/beep.al ] -then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1 +if [ -r "${LIBDIR}/beep.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1 fi -if [ -f $LIBDIR/msg.al ] -then - dd of=$DEVICE if=$LIBDIR/msg.al bs=2k >/dev/null 2>&1 +if [ -r "${LIBDIR}/msg.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/msg.al bs=2k >/dev/null 2>&1 fi -if [ -f $LIBDIR/beep.al ] -then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1 +if [ -r "${LIBDIR}/beep.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1 fi -dd if=$DEVICE of=$VARDIR/R.$NCALL.$DATE bs=2k >/dev/null 2>&1 +dd if=${DEVICE} of=${VARDIR}/R.${NCALL}.${DATE} bs=2k >/dev/null 2>&1 echo `expr $NCALL + 1` >$NCALLFILE diff --git a/etc/isdn/tell b/etc/isdn/tell index 7bdd10a..047c834 100755 --- a/etc/isdn/tell +++ b/etc/isdn/tell @@ -17,81 +17,71 @@ VARDIR=/var/isdn LIBDIR=/usr/share/isdn LOGFILE=/tmp/answer.log -NCALLFILE=$VARDIR/ncall +NCALLFILE=${VARDIR}/ncall DATE=`date +%d%H` DF=0 dF=0 sF=0 -set -- `getopt D:d:s: $*` - -if test $? != 0 -then +if ! set -- `getopt D:d:s: $*`; then echo 'Usage: answer -D device -d destination -s source' exit 1 fi -for i -do - case "$i" - in - -D) - DEVICE=$2 - DF=1 - shift - shift - ;; - -d) - DEST=$2 - dF=1 - shift - shift - ;; - -s) - SRC=$2 - sF=1 - shift - shift - ;; - --) - shift - break - ;; +for i ; do + case ${i} in + -D) + DEVICE=$2 + DF=1 + shift + shift + ;; + -d) + DEST=$2 + dF=1 + shift + shift + ;; + -s) + SRC=$2 + sF=1 + shift + shift + ;; + --) + shift + break + ;; esac done -echo "" >>$LOGFILE +echo "" >>${LOGFILE} -if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ] -then +if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then echo 'Usage: answer -D device -d destination -s source' exit 1 -fi +fi -echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE +echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE} -if [ -f $LIBDIR/beep.al ] -then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1 +if [ -r "${LIBDIR}/beep.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1 fi # tell the caller the number he is calling from POS=1 -LENGTH=`expr $SRC : '.*'` +LENGTH=`expr ${SRC} : '.*'` -while : -do - DIGIT=`echo $SRC | cut -c $POS` - /bin/dd of=$DEVICE if=$LIBDIR/$DIGIT.al bs=2k >/dev/null 2>&1 - POS=`expr $POS + 1` - if [ $POS -gt $LENGTH ] - then +while : ; do + DIGIT=`echo ${SRC} | cut -c ${POS}` + /bin/dd of=${DEVICE} if=${LIBDIR}/${DIGIT}.al bs=2k >/dev/null 2>&1 + POS=`expr ${POS} + 1` + if [ "${POS}" -gt "${LENGTH}" ]; then break fi done -if [ -f $LIBDIR/beep.al ] -then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1 +if [ -r "${LIBDIR}/beep.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1 fi diff --git a/etc/isdn/tell-record b/etc/isdn/tell-record index d5c356c..b081a0f 100755 --- a/etc/isdn/tell-record +++ b/etc/isdn/tell-record @@ -17,83 +17,73 @@ VARDIR=/var/isdn LIBDIR=/usr/share/isdn LOGFILE=/tmp/answer.log -NCALLFILE=$VARDIR/ncall +NCALLFILE=${VARDIR}/ncall DATE=`date +%d%H` DF=0 dF=0 sF=0 -set -- `getopt D:d:s: $*` - -if test $? != 0 -then +if ! set -- `getopt D:d:s: $*`; then echo 'Usage: answer -D device -d destination -s source' exit 1 fi -for i -do - case "$i" - in - -D) - DEVICE=$2 - DF=1 - shift - shift - ;; - -d) - DEST=$2 - dF=1 - shift - shift - ;; - -s) - SRC=$2 - sF=1 - shift - shift - ;; - --) - shift - break - ;; +for i ; do + case ${i} in + -D) + DEVICE=$2 + DF=1 + shift + shift + ;; + -d) + DEST=$2 + dF=1 + shift + shift + ;; + -s) + SRC=$2 + sF=1 + shift + shift + ;; + --) + shift + break + ;; esac done -echo "" >>$LOGFILE +echo "" >>${LOGFILE} -if [ $DF -eq 0 -o $dF -eq 0 -o $sF -eq 0 ] -then +if [ "${DF}" -eq 0 -o "${dF}" -eq 0 -o "${sF}" -eq 0 ]; then echo 'Usage: answer -D device -d destination -s source' exit 1 -fi +fi -echo "answer: device $DEVICE destination $DEST source $SRC " >>$LOGFILE +echo "answer: device ${DEVICE} destination ${DEST} source ${SRC} " >>${LOGFILE} -if [ -f $LIBDIR/beep.al ] -then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1 +if [ -r "${LIBDIR}/beep.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1 fi # tell the caller the number he is calling from POS=1 -LENGTH=`expr $SRC : '.*'` +LENGTH=`expr ${SRC} : '.*'` -while : -do - DIGIT=`echo $SRC | cut -c $POS` - /bin/dd of=$DEVICE if=$LIBDIR/$DIGIT.al bs=2k >/dev/null 2>&1 - POS=`expr $POS + 1` - if [ $POS -gt $LENGTH ] - then +while : ; do + DIGIT=`echo ${SRC} | cut -c ${POS}` + /bin/dd of=${DEVICE} if=${LIBDIR}/${DIGIT}.al bs=2k >/dev/null 2>&1 + POS=`expr ${POS} + 1` + if [ "${POS}" -gt "${LENGTH}" ]; then break fi done -if [ -f $LIBDIR/beep.al ] -then - dd of=$DEVICE if=$LIBDIR/beep.al bs=2k >/dev/null 2>&1 +if [ -r "${LIBDIR}/beep.al" ]; then + dd of=${DEVICE} if=${LIBDIR}/beep.al bs=2k >/dev/null 2>&1 fi -dd if=$DEVICE of=$VARDIR/recorded.msg bs=2k +dd if=${DEVICE} of=${VARDIR}/recorded.msg bs=2k diff --git a/etc/network.subr b/etc/network.subr index 781c73f..5ddce80 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -3,400 +3,574 @@ # $FreeBSD$ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/rc.conf. Please check that file +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file # first before contemplating any changes here. If you do need to change # this file for some reason, we would like to know about it. # First pass startup stuff. - +# network_pass1() { - echo -n 'Doing initial network setup:' - # Set the host name if it is not already set - if [ -z "`hostname -s`" ] ; then - hostname ${hostname} - echo -n ' hostname' - fi - - # Set the domainname if we're using NIS - if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then - domainname ${nisdomainname} - echo -n ' domain' - fi - echo '.' - - # Initial ATM interface configuration - if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then - . /etc/rc.atm - atm_pass1 - fi - - # ISDN subsystem startup - if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then - . /etc/rc.isdn - fi - - # Special options for sppp(4) interfaces go here. These need - # to go _before_ the general ifconfig section, since in the case - # of hardwired (no link1 flag) but required authentication, you - # cannot pass auth parameters down to the already running interface. - for ifn in ${sppp_interfaces}; do - eval spppcontrol_args=\$spppconfig_${ifn} - if [ -n "${spppcontrol_args}" ] ; then - # The auth secrets might contain spaces; in order - # to retain the quotation, we need to eval them - # here. - eval spppcontrol ${ifn} ${spppcontrol_args} - fi - done - - # Set up all the network interfaces, calling startup scripts if needed - if [ "${network_interfaces}" = "auto" ]; then - network_interfaces="`ifconfig -l`" - fi - for ifn in ${network_interfaces}; do - showstat=false - if [ -e /etc/start_if.${ifn} ]; then - . /etc/start_if.${ifn} - showstat=true - fi - # Do the primary ifconfig if specified - eval ifconfig_args=\$ifconfig_${ifn} - if [ -n "${ifconfig_args}" ] ; then - # See if we are using DHCP - if [ "${ifconfig_args}" = "DHCP" ]; then - ${dhcp_program} ${dhcp_flags} ${ifn} - else - ifconfig ${ifn} ${ifconfig_args} - fi - showstat=true - fi - # Check to see if aliases need to be added - alias=0 - while : - do - eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} alias - showstat=true - alias=`expr ${alias} + 1` - else - break; - fi - done - # Do ipx address if specified - eval ifconfig_args=\$ifconfig_${ifn}_ipx - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} - showstat=true - fi - if [ "${showstat}" = "true" ] - then - ifconfig ${ifn} - fi - done - - # Warm up user ppp if required, must happen before natd. - if [ "${ppp_enable}" = "YES" ]; then - # Establish ppp mode. - if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ - -a "${ppp_mode}" != "dedicated" \ - -a "${ppp_mode}" != "background" ]; then - ppp_mode="auto"; - fi - ppp_command="-${ppp_mode} "; - - # Switch on alias mode? - if [ "${ppp_nat}" = "YES" ]; then - ppp_command="${ppp_command} -nat"; - fi - - echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} - fi - - # Initialize IP filtering using ipfw - echo "" - /sbin/ipfw -q flush > /dev/null 2>&1 - if [ $? = 0 ] ; then - firewall_in_kernel=1 - else - firewall_in_kernel=0 - fi - - if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then - if kldload ipfw; then - firewall_in_kernel=1 # module loaded successfully - echo "Kernel firewall module loaded." - else - echo "Warning: firewall kernel module failed to load." - fi - fi + echo -n 'Doing initial network setup:' - # Load the filters if required - if [ ${firewall_in_kernel} = 1 ]; then - if [ -z "${firewall_script}" ] ; then - firewall_script="/etc/rc.firewall" + # Set the host name if it is not already set + # + if [ -z "`hostname -s`" ]; then + hostname ${hostname} + echo -n ' hostname' fi - if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then - . ${firewall_script} - echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" + + # Set the domainname if we're using NIS + # + case ${nisdomainname} in + [Nn][Oo] | '') + ;; + *) + domainname ${nisdomainname} + echo -n ' domain' + ;; + esac + + echo '.' + + # Initial ATM interface configuration + # + case ${atm_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + ;; + esac + + # ISDN subsystem startup + # + case ${isdn_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.isdn ]; then + . /etc/rc.isdn + fi + ;; + esac + + # Special options for sppp(4) interfaces go here. These need + # to go _before_ the general ifconfig section, since in the case + # of hardwired (no link1 flag) but required authentication, you + # cannot pass auth parameters down to the already running interface. + # + for ifn in ${sppp_interfaces}; do + eval spppcontrol_args=\$spppconfig_${ifn} + if [ -n "${spppcontrol_args}" ]; then + # The auth secrets might contain spaces; in order + # to retain the quotation, we need to eval them + # here. + eval spppcontrol ${ifn} ${spppcontrol_args} + fi + done + + # Set up all the network interfaces, calling startup scripts if needed + # + case ${network_interfaces} in + [Aa][Uu][Tt][Oo]) + network_interfaces="`ifconfig -l`" + ;; + esac + + for ifn in ${network_interfaces}; do + showstat=false + if [ -r /etc/start_if.${ifn} ]; then + . /etc/start_if.${ifn} + showstat=true fi - echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} - fi - echo '.' + + # Do the primary ifconfig if specified + # + eval ifconfig_args=\$ifconfig_${ifn} + + case ${ifconfig_args} in + '') + ;; + [Dd][Hh][Cc][Pp]) + ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} + showstat=true + ;; + *) + ifconfig ${ifn} ${ifconfig_args} + showstat=true + ;; + esac + + # Check to see if aliases need to be added + # + alias=0 + while : ; do + eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} alias + showstat=true + alias=`expr ${alias} + 1` + else + break; + fi + done + + # Do ipx address if specified + # + eval ifconfig_args=\$ifconfig_${ifn}_ipx + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} + showstat=true + fi + + case ${showstat} in + true) + ifconfig ${ifn} + ;; + esac + done + + # Warm up user ppp if required, must happen before natd. + # + case ${ppp_enable} in + [Yy][Ee][Ss]) + # Establish ppp mode. + # + if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ + -a "${ppp_mode}" != "dedicated" \ + -a "${ppp_mode}" != "background" ]; then + ppp_mode="auto"; + fi + + ppp_command="-${ppp_mode} "; + + # Switch on alias mode? + # + case ${ppp_nat} in + [Yy][Ee][Ss]) + ppp_command="${ppp_command} -nat"; + ;; + esac + + echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} + ;; + esac + + # Initialize IP filtering using ipfw + # + echo '' + + if /sbin/ipfw -q flush > /dev/null 2>&1; then + firewall_in_kernel=1 else - IPFW_DEFAULT=`ipfw l 65535` - if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then - echo -n "Warning: kernel has firewall functionality, " - echo "but firewall rules are not enabled." - echo " All ip services are disabled." - fi + firewall_in_kernel=0 fi - fi - - # Additional ATM interface configuration - if [ -n "${atm_pass1_done}" ]; then - atm_pass2 - fi - - # Configure routing - - if [ "${defaultrouter}" != "NO" ] ; then - static_routes="default ${static_routes}" - route_default="default ${defaultrouter}" - fi - - # Set up any static routes. This should be done before router discovery. - if [ -n "${static_routes}" ]; then - for i in ${static_routes}; do - eval route_args=\$route_${i} - route add ${route_args} - done - fi - - echo -n 'Additional routing options:' - if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then - echo -n ' tcp extensions=NO' - sysctl -w net.inet.tcp.rfc1323=0 >/dev/null - fi - - if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then - echo -n ' log_in_vain=YES' - sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null - sysctl -w net.inet.udp.log_in_vain=1 >/dev/null - fi - - if [ "${icmp_bmcastecho}" = "YES" ]; then - echo -n ' broadcast ping responses=YES' - sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null - fi - - if [ "${icmp_drop_redirect}" = "YES" ]; then - echo -n ' ignore ICMP redirect=YES' - sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null - fi - - if [ "${icmp_log_redirect}" = "YES" ]; then - echo -n ' log ICMP redirect=YES' - sysctl -w net.inet.icmp.log_redirect=1 >/dev/null - fi - - if [ "${gateway_enable}" = "YES" ]; then - echo -n ' IP gateway=YES' - sysctl -w net.inet.ip.forwarding=1 >/dev/null - fi - - if [ "${forward_sourceroute}" = "YES" ]; then - echo -n ' do source routing=YES' - sysctl -w net.inet.ip.sourceroute=1 >/dev/null - fi - - if [ "${accept_sourceroute}" = "YES" ]; then - echo -n ' accept source routing=YES' - sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null - fi - - if [ "${tcp_keepalive}" = "YES" ]; then - echo -n ' TCP keepalive=YES' - sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null - fi - - if [ "X$tcp_restrict_rst" = X"YES" ]; then - echo -n ' restrict TCP reset=YES' - sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null - fi - - if [ "X$tcp_drop_synfin" = X"YES" ]; then - echo -n ' drop SYN+FIN packets=YES' - sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null - fi - - if [ "${ipxgateway_enable}" = "YES" ]; then - echo -n ' IPX gateway=YES' - sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null - fi - - if [ "${arpproxy_all}" = "YES" ]; then - echo -n ' ARP proxyall=YES' - sysctl -w net.link.ether.inet.proxyall=1 >/dev/null - fi - echo '.' - - echo -n 'routing daemons:' - if [ "${router_enable}" = "YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - - if [ "${ipxrouted_enable}" = "YES" ]; then - echo -n ' IPXrouted' - IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 - fi - - if [ "${mrouted_enable}" = "YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - - if [ "${rarpd_enable}" = "YES" ]; then - echo -n ' rarpd'; rarpd ${rarpd_flags} - fi - echo '.' - network_pass1_done=YES # Let future generations know we made it. + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then + firewall_in_kernel=1 + echo "Kernel firewall module loaded." + elif [ "${firewall_in_kernel}" -eq 0 ]; then + echo "Warning: firewall kernel module failed to load." + fi + ;; + esac + + # Load the filters if required + # + case ${firewall_in_kernel} in + 1) + if [ -z "${firewall_script}" ]; then + firewall_script=/etc/rc.firewall + fi + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ -r ${firewall_script} ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + # + case ${natd_enable} in + [Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + + echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} + fi + ;; + esac + + echo '.' + + elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi + ;; + esac + ;; + esac + + # Additional ATM interface configuration + # + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + + # Configure routing + # + case ${defaultrouter} in + [Nn][Oo] | '') + ;; + *) + static_routes="default ${static_routes}" + route_default="default ${defaultrouter}" + ;; + esac + + # Set up any static routes. This should be done before router discovery. + # + if [ -n "${static_routes}" ]; then + for i in ${static_routes}; do + eval route_args=\$route_${i} + route add ${route_args} + done + fi + + echo -n 'Additional routing options:' + case ${tcp_extensions} in + [Yy][Ee][Ss] | '') + ;; + *) + echo -n ' tcp extensions=NO' + sysctl -w net.inet.tcp.rfc1323=0 >/dev/null + ;; + esac + + case ${log_in_vain} in + [Nn][Oo] | '') + ;; + *) + echo -n ' log_in_vain=YES' + sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null + sysctl -w net.inet.udp.log_in_vain=1 >/dev/null + ;; + esac + + case ${icmp_bmcastecho} in + [Yy][Ee][Ss]) + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null + ;; + esac + + case ${icmp_drop_redirect} in + [Yy][Ee][Ss]) + echo -n ' ignore ICMP redirect=YES' + sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null + ;; + esac + + case ${icmp_log_redirect} in + [Yy][Ee][Ss]) + echo -n ' log ICMP redirect=YES' + sysctl -w net.inet.icmp.log_redirect=1 >/dev/null + ;; + esac + + case ${gateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IP gateway=YES' + sysctl -w net.inet.ip.forwarding=1 >/dev/null + ;; + esac + + case ${forward_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' do source routing=YES' + sysctl -w net.inet.ip.sourceroute=1 >/dev/null + ;; + esac + + case ${accept_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' accept source routing=YES' + sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null + ;; + esac + + case ${tcp_keepalive} in + [Yy][Ee][Ss]) + echo -n ' TCP keepalive=YES' + sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null + ;; + esac + + case ${tcp_restrict_rst} in + [Yy][Ee][Ss]) + echo -n ' restrict TCP reset=YES' + sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null + ;; + esac + + case ${tcp_drop_synfin} in + [Yy][Ee][Ss]) + echo -n ' drop SYN+FIN packets=YES' + sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null + ;; + esac + + case ${ipxgateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IPX gateway=YES' + sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null + ;; + esac + + case ${arpproxy_all} in + [Yy][Ee][Ss]) + echo -n ' ARP proxyall=YES' + sysctl -w net.link.ether.inet.proxyall=1 >/dev/null + ;; + esac + echo '.' + + echo -n 'routing daemons:' + case ${router_enable} in + [Yy][Ee][Ss]) + echo -n " ${router}"; ${router} ${router_flags} + ;; + esac + + case ${ipxrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' IPXrouted' + IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 + ;; + esac + + case ${mrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' mrouted'; mrouted ${mrouted_flags} + ;; + esac + + case ${rarpd_enable} in + [Yy][Ee][Ss]) + echo -n ' rarpd'; rarpd ${rarpd_flags} + ;; + esac + echo '.' + + # Let future generations know we made it. + # + network_pass1_done=YES } network_pass2() { - echo -n 'Doing additional network setup:' - if [ "${named_enable}" = "YES" ]; then - echo -n ' named'; ${named_program-"named"} ${named_flags} - fi - - if [ "${ntpdate_enable}" = "YES" ]; then - echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 - fi - - if [ "${xntpd_enable}" = "YES" ]; then - echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} - fi - - if [ "${timed_enable}" = "YES" ]; then - echo -n ' timed'; timed ${timed_flags} - fi - - if [ "${portmap_enable}" = "YES" ]; then - echo -n ' portmap'; ${portmap_program} ${portmap_flags} - fi - - # Start ypserv if we're an NIS server. - # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. - if [ "${nis_server_enable}" = "YES" ]; then - echo -n ' ypserv'; ypserv ${nis_server_flags} - - if [ "${nis_ypxfrd_enable}" = "YES" ]; then - echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} - fi - - if [ "${nis_yppasswdd_enable}" = "YES" ]; then - echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} - fi - fi - - # Start ypbind if we're an NIS client - if [ "${nis_client_enable}" = "YES" ]; then - echo -n ' ypbind'; ypbind ${nis_client_flags} - if [ "${nis_ypset_enable}" = "YES" ]; then - echo -n ' ypset'; ypset ${nis_ypset_flags} - fi - fi - - # Start keyserv if we are running Secure RPC - if [ "${keyserv_enable}" = "YES" ]; then - echo -n ' keyserv'; keyserv ${keyserv_flags} - fi - # Start ypupdated if we are running Secure RPC and we are NIS master - if [ "${rpc_ypupdated_enable}" = "YES" ]; then - echo -n ' rpc.ypupdated'; rpc.ypupdated - fi - - # Start ATM daemons - if [ -n "${atm_pass2_done}" ]; then - atm_pass3 - fi - - echo '.' - network_pass2_done=YES + echo -n 'Doing additional network setup:' + case ${named_enable} in + [Yy][Ee][Ss]) + echo -n ' named'; ${named_program:-named} ${named_flags} + ;; + esac + + case ${ntpdate_enable} in + [Yy][Ee][Ss]) + echo -n ' ntpdate' + ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 + ;; + esac + + case ${xntpd_enable} in + [Yy][Ee][Ss]) + echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} + ;; + esac + + case ${timed_enable} in + [Yy][Ee][Ss]) + echo -n ' timed'; timed ${timed_flags} + ;; + esac + + case ${portmap_enable} in + [Yy][Ee][Ss]) + echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} + ;; + esac + + # Start ypserv if we're an NIS server. + # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. + # + case ${nis_server_enable} in + [Yy][Ee][Ss]) + echo -n ' ypserv'; ypserv ${nis_server_flags} + + case ${nis_ypxfrd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypxfrd' + rpc.ypxfrd ${nis_ypxfrd_flags} + ;; + esac + + case ${nis_yppasswdd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.yppasswdd' + rpc.yppasswdd ${nis_yppasswdd_flags} + ;; + esac + ;; + esac + + # Start ypbind if we're an NIS client + # + case ${nis_client_enable} in + [Yy][Ee][Ss]) + echo -n ' ypbind'; ypbind ${nis_client_flags} + case ${nis_ypset_enable} in + [Yy][Ee][Ss]) + echo -n ' ypset'; ypset ${nis_ypset_flags} + ;; + esac + ;; + esac + + # Start keyserv if we are running Secure RPC + # + case ${keyserv_enable} in + [Yy][Ee][Ss]) + echo -n ' keyserv'; keyserv ${keyserv_flags} + ;; + esac + + # Start ypupdated if we are running Secure RPC and we are NIS master + # + case ${rpc_ypupdated_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypupdated'; rpc.ypupdated + ;; + esac + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + + echo '.' + network_pass2_done=YES } network_pass3() { - echo -n 'Starting final network daemons:' - - if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then - echo -n ' mountd' - if [ "${weak_mountd_authentication}" = "YES" ]; then - mountd_flags="-n" - fi - mountd ${mountd_flags} - if [ "${nfs_reserved_port_only}" = "YES" ]; then - echo -n ' NFS on reserved port only=YES' - sysctl -w vfs.nfs.nfs_privport=1 >/dev/null - fi - echo -n ' nfsd'; nfsd ${nfs_server_flags} - if [ "${rpc_lockd_enable}" = "YES" ]; then - echo -n ' rpc.lockd'; rpc.lockd - fi - if [ "${rpc_statd_enable}" = "YES" ]; then - echo -n ' rpc.statd'; rpc.statd - fi - fi - - if [ "${nfs_client_enable}" = "YES" ]; then - echo -n ' nfsiod'; nfsiod ${nfs_client_flags} - if [ "${nfs_access_cache}" != "X" ]; then + echo -n 'Starting final network daemons:' + + case ${nfs_server_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/exports ]; then + echo -n ' mountd' + + case ${weak_mountd_authentication} in + [Yy][Ee][Ss]) + mountd_flags="-n" + ;; + esac + + mountd ${mountd_flags} + + case ${nfs_reserved_port_only} in + [Yy][Ee][Ss]) + echo -n ' NFS on reserved port only=YES' + sysctl -w vfs.nfs.nfs_privport=1 >/dev/null + ;; + esac + + echo -n ' nfsd'; nfsd ${nfs_server_flags} + + case ${rpc_lockd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.lockd'; rpc.lockd + ;; + esac + + case ${rpc_statd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.statd'; rpc.statd + ;; + esac + fi + ;; + esac + + case ${nfs_client_enable} in + [Yy][Ee][Ss]) + echo -n ' nfsiod'; nfsiod ${nfs_client_flags} + if [ -n "${nfs_access_cache}" ]; then echo -n " NFS access cache time=${nfs_access_cache}" sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ - >/dev/null - fi - fi - - if [ "${amd_enable}" = "YES" ]; then - echo -n ' amd' - if [ "${amd_map_program}" != "NO" ]; then - amd_flags="${amd_flags} `eval ${amd_map_program}`" - fi - if [ -n "${amd_flags}" ] - then - amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null - else - amd 2> /dev/null - fi - fi - - if [ "${rwhod_enable}" = "YES" ]; then - echo -n ' rwhod'; rwhod ${rwhod_flags} - fi - - # Kerberos runs ONLY on the Kerberos server machine - if [ "${kerberos_server_enable}" = "YES" ]; then - if [ "${kerberos_stash}" = "YES" ]; then - stash_flag=-n - else - stash_flag= - fi - echo -n ' kerberos'; \ + >/dev/null + fi + ;; + esac + + case ${amd_enable} in + [Yy][Ee][Ss]) + echo -n ' amd' + case ${amd_map_program} in + [Nn][Oo] | '') + ;; + *) + amd_flags="${amd_flags} `eval ${amd_map_program}`" + ;; + esac + + if [ -n "${amd_flags}" ]; then + amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null + else + amd 2> /dev/null + fi + ;; + esac + + case ${rwhod_enable} in + [Yy][Ee][Ss]) + echo -n ' rwhod'; rwhod ${rwhod_flags} + ;; + esac + + # Kerberos runs ONLY on the Kerberos server machine + case ${kerberos_server_enable} in + [Yy][Ee][Ss]) + case ${kerberos_stash} in + [Yy][Ee][Ss]) + stash_flag=-n + ;; + *) + stash_flag= + ;; + esac + + echo -n ' kerberos' kerberos ${stash_flag} >> /var/log/kerberos.log & - if [ "${kadmind_server_enable}" = "YES" ]; then - echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & - fi - unset stash_flag - fi - - echo '.' - network_pass3_done=YES + + case ${kadmind_server_enable} in + [Yy][Ee][Ss]) + echo -n ' kadmind' + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & + ;; + esac + unset stash_flag + ;; + esac + + echo '.' + network_pass3_done=YES } diff --git a/etc/pccard_ether b/etc/pccard_ether index e5d3ce1..2bc3a19 100755 --- a/etc/pccard_ether +++ b/etc/pccard_ether @@ -8,42 +8,51 @@ # # Suck in the configuration variables -if [ -f /etc/defaults/rc.conf ]; then +# +if [ -r /etc/defaults/rc.conf ]; then . /etc/defaults/rc.conf -elif [ -f /etc/rc.conf ]; then +elif [ -r /etc/rc.conf ]; then . /etc/rc.conf fi -if [ "${pccard_ifconfig}" != "NO" ] ; then - if [ "${pccard_ifconfig}" = "DHCP" ] ; then - if [ -f /sbin/dhclient ] ; then - if [ -s /var/run/dhclient.pid ] ; then +case ${pccard_ifconfig} in +[Nn][Oo] | '') + ;; +[Dd][Hh][Cc][Pp]) + if [ -r /sbin/dhclient ]; then + if [ -s /var/run/dhclient.pid ]; then kill `cat /var/run/dhclient.pid` rm /var/run/dhclient.pid - fi - /sbin/dhclient - elif [ -f /usr/local/sbin/dhcpc ] ; then - if [ -s /var/run/dhcpc.pid ] ; then - kill `cat /var/run/dhcpc.pid` - rm /var/run/dhcpc.pid - fi - /usr/local/sbin/dhcpc $* - else - echo "DHCP client software not available (isc-dhcp2)" fi + /sbin/dhclient + elif [ -r /usr/local/sbin/dhcpc ]; then + if [ -s /var/run/dhcpc.pid ]; then + kill `cat /var/run/dhcpc.pid` + rm /var/run/dhcpc.pid + fi + /usr/local/sbin/dhcpc $* else - interface=$1 - shift - ifconfig ${interface} ${pccard_ifconfig} $* + echo "DHCP client software not available (isc-dhcp2)" fi -fi + ;; +*) + interface=$1 + shift + ifconfig ${interface} ${pccard_ifconfig} $* + ;; +esac -if [ "${defaultrouter}" != "NO" ] ; then +case ${defaultrouter} in +[Nn][Oo] | '') + ;; +*) static_routes="default ${static_routes}" route_default="default ${defaultrouter}" -fi - + ;; +esac + # Set up any static routes. +# if [ -n "${static_routes}" ]; then # flush beforehand, just in case.... route -n flush @@ -7,25 +7,27 @@ # Output and error are redirected to console by init, # and the console is the controlling terminal. -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/defaults/rc.conf. Please check this file -# first before contemplating any changes here. +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file +# first before contemplating any changes here. If you do need to change +# this file for some reason, we would like to know about it. stty status '^T' # Set shell to ignore SIGINT (2), but not children; # shell catches SIGQUIT (3) and returns to single user after fsck. +# trap : 2 trap : 3 # shouldn't be needed -HOME=/; export HOME +HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin -export PATH +export HOME PATH # BOOTP diskless boot. We have to run the rc file early in order to # retarget various config files. # -if [ -f /etc/rc.diskless1 ]; then +if [ -r /etc/rc.diskless1 ]; then dlv=`/sbin/sysctl -n vfs.nfs.diskless_valid 2> /dev/null` if [ ${dlv:=0} != 0 ]; then . /etc/rc.diskless1 @@ -34,26 +36,33 @@ fi # If there is a global system configuration file, suck it in. # -if [ -f /etc/defaults/rc.conf ]; then +if [ -r /etc/defaults/rc.conf ]; then . /etc/defaults/rc.conf -elif [ -f /etc/rc.conf ]; then +elif [ -r /etc/rc.conf ]; then . /etc/rc.conf fi # Configure ccd devices. -if [ -f /etc/ccd.conf ]; then +# +if [ -r /etc/ccd.conf ]; then ccdconfig -C fi -if [ "${start_vinum}" = "YES" ]; then +case ${start_vinum} in +[Yy][Ee][Ss]) vinum start -elif [ -n "${vinum_drives}" ]; then - vinum read ${vinum_drives} -fi + ;; +*) + if [ -n "${vinum_drives}" ]; then + vinum read ${vinum_drives} + fi + ;; +esac swapon -a -if [ "$1" = "autoboot" ]; then +case $1 in +autoboot) echo Automatic reboot in progress... fsck -p case $? in @@ -84,9 +93,11 @@ if [ "$1" = "autoboot" ]; then exit 1 ;; esac -else + ;; +*) echo Skipping disk checks ... -fi + ;; +esac set -T trap "echo 'Reboot interrupted'; exit 1" 3 @@ -94,35 +105,43 @@ trap "echo 'Reboot interrupted'; exit 1" 3 # root normally must be read/write, but if this is a BOOTP NFS # diskless boot it does not have to be. # - -if [ "${root_rw_mount}" != "NO" ]; then - mount -u -o rw / -fi - -if [ $? != 0 ]; then - echo "Filesystem mount failed, startup aborted" - exit 1 -fi +case ${root_rw_mount} in +[Nn][Oo] | '') + ;; +*) + if ! mount -u -o rw / ; then + echo "Mounting root filesystem rw failed, startup aborted" + exit 1 + fi + ;; +esac umount -a >/dev/null 2>&1 -if [ "${early_nfs_mounts}" != "YES" ]; then - mount -a -t nonfs -else +# Where/how would this get set? +# +case ${early_nfs_mounts} in +[Yy][Ee][Ss]) mount -a -fi -if [ $? != 0 ]; then - echo "Filesystem mount failed, startup aborted" + ;; +*) + mount -a -t nonfs + ;; +esac + +case $? in +0) + ;; +*) + echo "Mounting /etc/fstab filesystems failed, startup aborted" exit 1 -fi + ;; +esac # Run custom disk mounting function here # - -if [ -n "${diskless_mount}" ]; then - if [ -f "${diskless_mount}" ]; then +if [ -n "${diskless_mount}" -a -r "${diskless_mount}" ]; then sh ${diskless_mount} - fi fi adjkerntz -i @@ -135,7 +154,7 @@ clean_var() { # Keep a copy of the boot messages around dmesg >/var/run/dmesg.boot # And an initial utmp file - (cd /var/run && cp /dev/null utmp && chmod 644 utmp; ) + (cd /var/run && cp /dev/null utmp && chmod 644 utmp;) >/var/run/clean_var fi } @@ -148,46 +167,60 @@ if [ -d /var/run -a -d /var/spool/lock -a -d /var/spool/uucp/.Temp ]; then fi # Add additional swapfile, if configured. -if [ "${swapfile}" != "NO" -a -w "${swapfile}" -a -b /dev/vn0b ]; then - echo "Adding ${swapfile} as additional swap." - vnconfig /dev/vn0b ${swapfile} && swapon /dev/vn0b -fi +# +case ${swapfile} in +[Nn][Oo] | '') + ;; +*) + if [ -w "${swapfile}" -a -b /dev/vn0b ]; then + echo "Adding ${swapfile} as additional swap." + vnconfig /dev/vn0b ${swapfile} && swapon /dev/vn0b + fi + ;; +esac -# set sysctl variables early as we can -if [ -f /etc/rc.sysctl ]; then +# Set sysctl variables as early as we can +# +if [ -r /etc/rc.sysctl ]; then . /etc/rc.sysctl fi -# configure serial devices -if [ -f /etc/rc.serial ]; then +# Configure serial devices +# +if [ -r /etc/rc.serial ]; then . /etc/rc.serial fi -# start up PC-card configuration -if [ -f /etc/rc.pccard ]; then +# Start up PC-card configuration +# +if [ -r /etc/rc.pccard ]; then . /etc/rc.pccard fi -# start up the initial network configuration. -if [ -f /etc/rc.network ]; then +# Start up the initial network configuration. +# +if [ -r /etc/rc.network ]; then . /etc/rc.network # We only need to do this once. network_pass1 fi +# Retest for early_nfs here? +# echo -n "Mounting NFS file systems" mount -a -t nfs echo . # Whack the pty perms back into shape. +# chflags 0 /dev/tty[pqrsPQRS]* chmod 666 /dev/tty[pqrsPQRS]* chown root:wheel /dev/tty[pqrsPQRS]* -# clean up left-over files +# Clean up left-over files +# clean_var # If it hasn't already been done rm /var/run/clean_var -# # Clearing /tmp at boot-time seems to have a long tradition. It doesn't # help in any way for long-living systems, and it might accidentally # clobber files you would rather like to have preserved after a crash @@ -195,150 +228,191 @@ rm /var/run/clean_var # # See also the example of another cleanup policy in /etc/periodic/daily. # -if [ "${clear_tmp_enable}" = "YES" ]; then +case ${clear_tmp_enable} in +[Yy][Ee][Ss]) echo clearing /tmp - # prune quickly with one rm, then use find to clean up /tmp/[lq]* # (not needed with mfs /tmp, but doesn't hurt there...) (cd /tmp && rm -rf [a-km-pr-zA-Z]* && - find -d . ! -name . ! -name lost+found ! -name quota.user \ - ! -name quota.group -exec rm -rf -- {} \;) - -fi + find -d . ! -name . ! -name lost+found ! -name quota.user \ + ! -name quota.group -exec rm -rf -- {} \;) + ;; +esac -# Remove X lock files, since they will prevent you from restarting X11 +# Remove X lock files, since they will prevent you from restarting X11 # after a system crash. +# rm -f /tmp/.X*-lock /tmp/.X11-unix/* -# snapshot any kernel -c changes back to disk here <someday> -# this has changed with ELF and /kernel.config. +# Snapshot any kernel -c changes back to disk here <someday>. +# This has changed with ELF and /kernel.config. echo -n 'additional daemons:' -# start system logging and name service (named needs to start before syslogd -# if you don't have a /etc/resolv.conf) + +# Start system logging and name service. Named needs to start before syslogd +# if you don't have a /etc/resolv.conf. # -if [ "${syslogd_enable}" = "YES" ]; then +case ${syslogd_enable} in +[Yy][Ee][Ss]) # Transitional symlink (for the next couple of years :) until all - # binaries had a chance to move towards /var/run/log. - if [ ! -h /dev/log ] ; then + # binaries have had a chance to move towards /var/run/log. + if [ ! -h /dev/log ]; then # might complain for r/o root f/s ln -sf /var/run/log /dev/log fi rm -f /var/run/log - echo -n ' syslogd'; syslogd ${syslogd_flags} -fi + echo -n ' syslogd'; syslogd ${syslogd_flags} + ;; +esac + echo '.' -# enable dumpdev so that savecore can see it +# Enable dumpdev so that savecore can see it. # /var/crash should be a directory or a symbolic link # to the crash directory if core dumps are to be saved. -if [ "${dumpdev}" != "NO" -a -e ${dumpdev} -a -d /var/crash ]; then - dumpon ${dumpdev} - echo -n checking for core dump... - savecore /var/crash -fi +# +case ${dumpdev} in +[Nn][Oo] | '') + ;; +*) + if [ -e "${dumpdev}" -a -d /var/crash ]; then + dumpon ${dumpdev} + echo -n checking for core dump... + savecore /var/crash + fi + ;; +esac if [ -n "${network_pass1_done}" ]; then network_pass2 fi # Enable/Check the quotas (must be after ypbind if using NIS) -if [ "${enable_quotas}" = "YES" ]; then - - # Only check quotas if they have been previously enabled, and requested - if [ "${check_quotas}" = "YES" ]; then - echo -n 'checking quotas:' - quotacheck -a - echo ' done.' - fi - - echo -n 'enabling quotas:' - quotaon -a - echo ' done.' -fi +# +case ${enable_quotas} in +[Yy][Ee][Ss]) + case ${check_quotas} in + [Yy][Ee][Ss]) + echo -n 'checking quotas:' + quotacheck -a + echo ' done.' + ;; + esac + + echo -n 'enabling quotas:' + quotaon -a + echo ' done.' + ;; +esac if [ -n "${network_pass2_done}" ]; then network_pass3 fi - -# build ps databases -kvm_mkdb +# Build ps databases +# +kvm_mkdb dev_mkdb -# check the password temp/lock file -if [ -f /etc/ptmp ] -then +# Check the password temp/lock file +# +if [ -e /etc/ptmp ]; then logger -s -p auth.err \ "password file may be incorrect -- /etc/ptmp exists" fi -if [ "${accounting_enable}" = "YES" -a -d /var/account ]; then - echo 'turning on accounting' - if [ ! -e /var/account/acct ]; then - touch /var/account/acct +case ${accounting_enable} in +[Yy][Ee][Ss]) + if [ -d /var/account ]; then + echo 'turning on accounting' + if [ ! -e /var/account/acct ]; then + touch /var/account/acct + fi + accton /var/account/acct fi - accton /var/account/acct -fi + ;; +esac # Make shared lib searching a little faster. Leave /usr/lib first if you # add your own entries or you may come to grief. +# if [ -x /sbin/ldconfig ]; then - if [ "`/usr/bin/objformat`" = "elf" ]; then + case `/usr/bin/objformat` in + elf) _LDC=/usr/lib for i in ${ldconfig_paths}; do - if test -d ${i}; then + if [ -d "${i}" ]; then _LDC="${_LDC} ${i}" fi done echo 'setting ELF ldconfig path:' ${_LDC} ldconfig -elf ${_LDC} - fi + ;; + esac # Legacy aout support for i386 only - if [ "`sysctl -n hw.machine`" = "i386" ]; then + case `sysctl -n hw.machine` in + i386) # Default the a.out ldconfig path. : ${ldconfig_paths_aout=${ldconfig_paths}} _LDC=/usr/lib/aout for i in ${ldconfig_paths_aout}; do - if test -d ${i}; then + if [ -d "${i}" ]; then _LDC="${_LDC} ${i}" fi done echo 'setting a.out ldconfig path:' ${_LDC} ldconfig -aout ${_LDC} - fi + ;; + esac fi # Now start up miscellaneous daemons that don't belong anywhere else # echo -n starting standard daemons: -if [ "${inetd_enable}" != "NO" ]; then +case ${inetd_enable} in +[Nn][Oo]) + ;; +*) echo -n ' inetd'; inetd ${inetd_flags} -fi + ;; +esac -if [ "${cron_enable}" != "NO" ]; then +case ${cron_enable} in +[Nn][Oo]) + ;; +*) echo -n ' cron'; cron -fi - -if [ "${lpd_enable}" = "YES" ]; then - echo -n ' printer'; ${lpd_program} ${lpd_flags} -fi - -if [ "${sendmail_enable}" = "YES" -a -r /etc/sendmail.cf ]; then - echo -n ' sendmail'; /usr/sbin/sendmail ${sendmail_flags} -fi + ;; +esac + +case ${lpd_enable} in +[Yy][Ee][Ss]) + echo -n ' printer'; ${lpd_program:-/usr/sbin/lpd} ${lpd_flags} + ;; +esac + +case ${sendmail_enable} in +[Yy][Ee][Ss]) + if [ -r /etc/sendmail.cf ]; then + echo -n ' sendmail'; /usr/sbin/sendmail ${sendmail_flags} + fi + ;; +esac -if [ "${usbd_enable}" = "YES" ]; then +case ${usbd_enable} in +[Yy][Ee][Ss]) echo -n ' usbd'; /usr/sbin/usbd ${usbd_flags} -fi + ;; +esac echo '.' -# configure implementation specific stuff +# Configure implementation specific stuff +# arch=`uname -m` -if [ -f /etc/rc.${arch} ]; then +if [ -r /etc/rc.${arch} ]; then . /etc/rc.${arch} fi @@ -349,13 +423,13 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then echo 'Recovering vi editor sessions' for i in ${vibackup}; do # Only test files that are readable. - if test ! -r ${i}; then + if [ ! -r "${i}" ]; then continue fi # Unmodified nvi editor backup files either have the # execute bit set or are zero length. Delete them. - if test -x ${i} -o ! -s ${i}; then + if [ -x "${i}" -o ! -s "${i}" ]; then rm -f ${i} fi done @@ -366,7 +440,7 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then if [ "${virecovery}" != "/var/tmp/vi.recover/recover.*" ]; then for i in ${virecovery}; do # Only test files that are readable. - if test ! -r ${i}; then + if [ ! -r "${i}" ]; then continue fi @@ -374,7 +448,7 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then # corrupted, or that have no corresponding backup file. # Else send mail to the user. recfile=`awk '/^X-vi-recover-path:/{print $2}' < ${i}` - if test -n "${recfile}" -a -s "${recfile}"; then + if [ -n "${recfile}" -a -s "${recfile}" ]; then sendmail -t < ${i} else rm -f ${i} @@ -383,26 +457,40 @@ if [ "${vibackup}" != '/var/tmp/vi.recover/vi.*' ]; then fi fi -# make a bounds file for msgs(1) if there isn't one already -if [ -d /var/msgs -a ! -f /var/msgs/bounds ]; then +# Make a bounds file for msgs(1) if there isn't one already +# "Delete important files with symlink" security hole? +# +if [ -d /var/msgs -a ! -f /var/msgs/bounds ]; then echo 0 > /var/msgs/bounds fi -# for each valid dir in $local_startup, search for init scripts matching *.sh -if [ "${local_startup}" != "NO" ]; then +# For each valid dir in $local_startup, search for init scripts matching *.sh +# +case ${local_startup} in +[Nn][Oo] | '') + ;; +*) echo -n 'Local package initialization:' for dir in ${local_startup}; do - [ -d ${dir} ] && for script in ${dir}/*.sh; do - [ -x ${script} ] && \ - (set -T ; trap 'exit 1' 2 ; ${script} start) - done + if [ -d "${dir}" ]; then + for script in ${dir}/*.sh; do + if [ -x "${script}" ]; then + (set -T + trap 'exit 1' 2 + ${script} start) + fi + done + fi done echo . -fi - -if [ "${update_motd}" != "NO" ]; then - T=`mktemp /tmp/_motd.XXXXXX` - if [ $? -eq 0 ]; then + ;; +esac + +case ${update_motd} in +[Nn][Oo] | '') + ;; +*) + if T=`mktemp /tmp/_motd.XXXXXX`; then uname -v | sed -e 's,^\([^#]*\) #\(.* [1-2][0-9][0-9][0-9]\).*/\([^\]*\) $,\1 (\3) #\2,' > ${T} awk '{if (NR == 1) {if ($1 == "FreeBSD") {next} else {print "\n"$0}} else {print}}' < /etc/motd >> ${T} cmp -s ${T} /etc/motd || { @@ -411,10 +499,14 @@ if [ "${update_motd}" != "NO" ]; then } rm -f ${T} fi -fi + ;; +esac -# Run rc.devfs if present to customize devfs -[ -f /etc/rc.devfs ] && sh /etc/rc.devfs +# Run rc.devfs if readable to customize devfs +# +if [ -r /etc/rc.devfs ]; then + sh /etc/rc.devfs +fi # Do traditional (but rather obsolete) rc.local file if it exists. If you # use this file and want to make it programmatic, source /etc/defaults/rc.conf @@ -422,27 +514,31 @@ fi # shown below. Please do not put local extensions into /etc/rc itself. # Use /etc/rc.local # -# ---- rc.local ---- -# if [ -f /etc/defaults/rc.conf ]; then -# . /etc/defaults/rc.conf -# fi -# -# ... additional startup conditionals ... -# ---- rc.local ---- -# -if [ -f /etc/rc.local ]; then +# ---- rc.local ---- +# if [ -r /etc/defaults/rc.conf ]; then +# . /etc/defaults/rc.conf +# fi +# +# ... additional startup conditionals ... +# ---- rc.local ---- +# +if [ -r /etc/rc.local ]; then echo -n 'starting local daemons:' - sh /etc/rc.local + sh /etc/rc.local echo '.' fi # Raise kernel security level. This should be done only after `fsck' has # repaired local file systems if you want the securelevel to be greater than 1. -if [ "${kern_securelevel_enable}" = "YES" -a "${kern_securelevel}" -ge 0 ]; -then - echo 'Raising kernel security level' - sysctl -w kern.securelevel=${kern_securelevel} -fi +# +case ${kern_securelevel_enable} in +[Yy][Ee][Ss]) + if [ "${kern_securelevel}" -ge 0 ]; then + echo 'Raising kernel security level' + sysctl -w kern.securelevel=${kern_securelevel} + fi + ;; +esac date exit 0 @@ -10,87 +10,99 @@ # N.B. /usr is not mounted. # atm_pass1() { - # Locate all probed ATM adapters - atmdev=`atm sh stat int | while read dev junk; do - case ${dev} in - hea[0-9]|hea[0-9][0-9]) - echo "${dev} " - ;; - hfa[0-9]|hfa[0-9][0-9]) - echo "${dev} " - ;; - *) - continue - ;; - esac - done` - - if [ -z "${atmdev}" ]; then - echo "No ATM adapters found." - return 0 - fi - - # Load microcode into FORE adapters (if needed) - if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then - fore_dnld -d /etc - fi - - # Configure physical interfaces - ilmid=0 - for phy in ${atmdev}; do - echo -n "Configuring ATM device ${phy}:" - - # Define network interfaces - eval netif_args=\$atm_netif_${phy} - if [ -n "${netif_args}" ]; then - atm set netif ${phy} ${netif_args} || continue - else - echo "missing network interface definition" - continue - fi + # Locate all probed ATM adapters + atmdev=`atm sh stat int | while read dev junk; do + case ${dev} in + hea[0-9] | hea[0-9][0-9]) + echo "${dev} " + ;; + hfa[0-9] | hfa[0-9][0-9]) + echo "${dev} " + ;; + *) + continue + ;; + esac + done` - # Override physical MAC address - eval macaddr_args=\$atm_macaddr_${phy} - if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then - atm set mac ${phy} ${macaddr_args} || continue + if [ -z "${atmdev}" ]; then + echo "No ATM adapters found." + return 0 fi - # Configure signalling manager - eval sigmgr_args=\$atm_sigmgr_${phy} - if [ -n "${sigmgr_args}" ]; then - atm attach ${phy} ${sigmgr_args} || continue - else - echo "missing signalling manager definition" - continue + # Load microcode into FORE adapters (if needed) + if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then + fore_dnld -d /etc fi - # Configure UNI NSAP prefix - eval prefix_args=\$atm_prefix_${phy} - if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then - if [ -z "${prefix_args}" ]; then - echo "missing NSAP prefix for UNI interface" + # Configure physical interfaces + ilmid=0 + for phy in ${atmdev}; do + echo -n "Configuring ATM device ${phy}:" + + # Define network interfaces + eval netif_args=\$atm_netif_${phy} + if [ -n "${netif_args}" ]; then + atm set netif ${phy} ${netif_args} || continue + else + echo "missing network interface definition" continue fi - if [ "${prefix_args}" = "ILMI" ]; then - ilmid=1 + + # Override physical MAC address + eval macaddr_args=\$atm_macaddr_${phy} + if [ -n "${macaddr_args}" ]; then + case ${macaddr_args} in + [Nn][Oo] | '') + ;; + *) + atm set mac ${phy} ${macaddr_args} || continue + ;; + esac + fi + + # Configure signalling manager + eval sigmgr_args=\$atm_sigmgr_${phy} + if [ -n "${sigmgr_args}" ]; then + atm attach ${phy} ${sigmgr_args} || continue else - atm set prefix ${phy} ${prefix_args} || continue + echo "missing signalling manager definition" + continue fi - fi - atm_phy="${atm_phy} ${phy}" - echo "." - done + # Configure UNI NSAP prefix + eval prefix_args=\$atm_prefix_${phy} + if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then + if [ -z "${prefix_args}" ]; then + echo "missing NSAP prefix for UNI interface" + continue + fi + + case ${prefix_args} in + ILMI) + ilmid=1 + ;; + *) + atm set prefix ${phy} ${prefix_args} || continue + ;; + esac + fi - echo -n "Starting initial ATM daemons:" - # Start ILMI daemon (if needed) - if [ ${ilmid} -eq 1 ]; then - echo -n " ilmid" - ilmid - fi + atm_phy="${atm_phy} ${phy}" + echo "." + done - echo "." - atm_pass1_done=YES + echo -n "Starting initial ATM daemons:" + # Start ILMI daemon (if needed) + case ${ilmid} in + 1) + echo -n " ilmid" + ilmid + ;; + esac + + echo "." + atm_pass1_done=YES } # @@ -98,75 +110,84 @@ atm_pass1() { # N.B. /usr is not mounted. # atm_pass2() { - echo -n "Configuring ATM network interfaces:" - - atm_scspd=0 - atm_atmarpd="" - - # Configure network interfaces - for phy in ${atm_phy}; do - eval netif_args=\$atm_netif_${phy} - set -- ${netif_args} - netname=$1 - netcnt=$2 - netindx=0 - while [ ${netindx} -lt ${netcnt} ]; do - - net="${netname}${netindx}" - netindx=`expr ${netindx} + 1` - echo -n " ${net}" - - # Configure atmarp server - eval atmarp_args=\$atm_arpserver_${net} - if [ -n "${atmarp_args}" ]; then - atm set arpserver ${net} ${atmarp_args} || continue - fi - eval scsparp_args=\$atm_scsparp_${net} - if [ "${scsparp_args}" = "YES" ]; then - if [ "${atmarp_args}" != "local" ]; then - echo "local arpserver required for SCSP" - continue + echo -n "Configuring ATM network interfaces:" + + atm_scspd=0 + atm_atmarpd="" + + # Configure network interfaces + for phy in ${atm_phy}; do + eval netif_args=\$atm_netif_${phy} + set -- ${netif_args} + netname=$1 + netcnt=$2 + netindx=0 + while [ ${netindx} -lt ${netcnt} ]; do + net="${netname}${netindx}" + netindx=`expr ${netindx} + 1` + echo -n " ${net}" + + # Configure atmarp server + eval atmarp_args=\$atm_arpserver_${net} + if [ -n "${atmarp_args}" ]; then + atm set arpserver ${net} ${atmarp_args} || + continue fi - atm_atmarpd="${atm_atmarpd} ${net}" - atm_scspd=1 - fi + eval scsparp_args=\$atm_scsparp_${net} + + case ${scsparp_args} in + [Yy][Ee][Ss]) + case ${atmarp_args} in + local) + ;; + *) + echo "local arpserver required for SCSP" + continue + ;; + esac + + atm_atmarpd="${atm_atmarpd} ${net}" + atm_scspd=1 + esac + done done - done - echo "." - - # Define any PVCs. - if [ -n "${atm_pvcs}" ]; then - for i in ${atm_pvcs}; do - eval pvc_args=\$atm_pvc_${i} - atm add pvc ${pvc_args} - done - fi + echo "." - # Define any permanent ARP entries. - if [ -n "${atm_arps}" ]; then - for i in ${atm_arps}; do - eval arp_args=\$atm_arp_${i} - atm add arp ${arp_args} - done - fi - atm_pass2_done=YES + # Define any PVCs. + if [ -n "${atm_pvcs}" ]; then + for i in ${atm_pvcs}; do + eval pvc_args=\$atm_pvc_${i} + atm add pvc ${pvc_args} + done + fi + + # Define any permanent ARP entries. + if [ -n "${atm_arps}" ]; then + for i in ${atm_arps}; do + eval arp_args=\$atm_arp_${i} + atm add arp ${arp_args} + done + fi + atm_pass2_done=YES } # # Start any necessary daemons. # atm_pass3() { - # Start SCSP daemon (if needed) - if [ "${atm_scspd}" -eq 1 ]; then - echo -n " scspd" - scspd - fi - - # Start ATMARP daemon (if needed) - if [ -n "${atm_atmarpd}" ]; then - echo -n " atmarpd" - atmarpd ${atm_atmarpd} - fi - - atm_pass3_done=YES + # Start SCSP daemon (if needed) + case ${atm_scspd} in + 1) + echo -n " scspd" + scspd + ;; + esac + + # Start ATMARP daemon (if needed) + if [ -n "${atm_atmarpd}" ]; then + echo -n " atmarpd" + atmarpd ${atm_atmarpd} + fi + + atm_pass3_done=YES } diff --git a/etc/rc.d/atm1 b/etc/rc.d/atm1 index 57ff149..7e72aeb 100644 --- a/etc/rc.d/atm1 +++ b/etc/rc.d/atm1 @@ -10,87 +10,99 @@ # N.B. /usr is not mounted. # atm_pass1() { - # Locate all probed ATM adapters - atmdev=`atm sh stat int | while read dev junk; do - case ${dev} in - hea[0-9]|hea[0-9][0-9]) - echo "${dev} " - ;; - hfa[0-9]|hfa[0-9][0-9]) - echo "${dev} " - ;; - *) - continue - ;; - esac - done` - - if [ -z "${atmdev}" ]; then - echo "No ATM adapters found." - return 0 - fi - - # Load microcode into FORE adapters (if needed) - if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then - fore_dnld -d /etc - fi - - # Configure physical interfaces - ilmid=0 - for phy in ${atmdev}; do - echo -n "Configuring ATM device ${phy}:" - - # Define network interfaces - eval netif_args=\$atm_netif_${phy} - if [ -n "${netif_args}" ]; then - atm set netif ${phy} ${netif_args} || continue - else - echo "missing network interface definition" - continue - fi + # Locate all probed ATM adapters + atmdev=`atm sh stat int | while read dev junk; do + case ${dev} in + hea[0-9] | hea[0-9][0-9]) + echo "${dev} " + ;; + hfa[0-9] | hfa[0-9][0-9]) + echo "${dev} " + ;; + *) + continue + ;; + esac + done` - # Override physical MAC address - eval macaddr_args=\$atm_macaddr_${phy} - if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then - atm set mac ${phy} ${macaddr_args} || continue + if [ -z "${atmdev}" ]; then + echo "No ATM adapters found." + return 0 fi - # Configure signalling manager - eval sigmgr_args=\$atm_sigmgr_${phy} - if [ -n "${sigmgr_args}" ]; then - atm attach ${phy} ${sigmgr_args} || continue - else - echo "missing signalling manager definition" - continue + # Load microcode into FORE adapters (if needed) + if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then + fore_dnld -d /etc fi - # Configure UNI NSAP prefix - eval prefix_args=\$atm_prefix_${phy} - if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then - if [ -z "${prefix_args}" ]; then - echo "missing NSAP prefix for UNI interface" + # Configure physical interfaces + ilmid=0 + for phy in ${atmdev}; do + echo -n "Configuring ATM device ${phy}:" + + # Define network interfaces + eval netif_args=\$atm_netif_${phy} + if [ -n "${netif_args}" ]; then + atm set netif ${phy} ${netif_args} || continue + else + echo "missing network interface definition" continue fi - if [ "${prefix_args}" = "ILMI" ]; then - ilmid=1 + + # Override physical MAC address + eval macaddr_args=\$atm_macaddr_${phy} + if [ -n "${macaddr_args}" ]; then + case ${macaddr_args} in + [Nn][Oo] | '') + ;; + *) + atm set mac ${phy} ${macaddr_args} || continue + ;; + esac + fi + + # Configure signalling manager + eval sigmgr_args=\$atm_sigmgr_${phy} + if [ -n "${sigmgr_args}" ]; then + atm attach ${phy} ${sigmgr_args} || continue else - atm set prefix ${phy} ${prefix_args} || continue + echo "missing signalling manager definition" + continue fi - fi - atm_phy="${atm_phy} ${phy}" - echo "." - done + # Configure UNI NSAP prefix + eval prefix_args=\$atm_prefix_${phy} + if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then + if [ -z "${prefix_args}" ]; then + echo "missing NSAP prefix for UNI interface" + continue + fi + + case ${prefix_args} in + ILMI) + ilmid=1 + ;; + *) + atm set prefix ${phy} ${prefix_args} || continue + ;; + esac + fi - echo -n "Starting initial ATM daemons:" - # Start ILMI daemon (if needed) - if [ ${ilmid} -eq 1 ]; then - echo -n " ilmid" - ilmid - fi + atm_phy="${atm_phy} ${phy}" + echo "." + done - echo "." - atm_pass1_done=YES + echo -n "Starting initial ATM daemons:" + # Start ILMI daemon (if needed) + case ${ilmid} in + 1) + echo -n " ilmid" + ilmid + ;; + esac + + echo "." + atm_pass1_done=YES } # @@ -98,75 +110,84 @@ atm_pass1() { # N.B. /usr is not mounted. # atm_pass2() { - echo -n "Configuring ATM network interfaces:" - - atm_scspd=0 - atm_atmarpd="" - - # Configure network interfaces - for phy in ${atm_phy}; do - eval netif_args=\$atm_netif_${phy} - set -- ${netif_args} - netname=$1 - netcnt=$2 - netindx=0 - while [ ${netindx} -lt ${netcnt} ]; do - - net="${netname}${netindx}" - netindx=`expr ${netindx} + 1` - echo -n " ${net}" - - # Configure atmarp server - eval atmarp_args=\$atm_arpserver_${net} - if [ -n "${atmarp_args}" ]; then - atm set arpserver ${net} ${atmarp_args} || continue - fi - eval scsparp_args=\$atm_scsparp_${net} - if [ "${scsparp_args}" = "YES" ]; then - if [ "${atmarp_args}" != "local" ]; then - echo "local arpserver required for SCSP" - continue + echo -n "Configuring ATM network interfaces:" + + atm_scspd=0 + atm_atmarpd="" + + # Configure network interfaces + for phy in ${atm_phy}; do + eval netif_args=\$atm_netif_${phy} + set -- ${netif_args} + netname=$1 + netcnt=$2 + netindx=0 + while [ ${netindx} -lt ${netcnt} ]; do + net="${netname}${netindx}" + netindx=`expr ${netindx} + 1` + echo -n " ${net}" + + # Configure atmarp server + eval atmarp_args=\$atm_arpserver_${net} + if [ -n "${atmarp_args}" ]; then + atm set arpserver ${net} ${atmarp_args} || + continue fi - atm_atmarpd="${atm_atmarpd} ${net}" - atm_scspd=1 - fi + eval scsparp_args=\$atm_scsparp_${net} + + case ${scsparp_args} in + [Yy][Ee][Ss]) + case ${atmarp_args} in + local) + ;; + *) + echo "local arpserver required for SCSP" + continue + ;; + esac + + atm_atmarpd="${atm_atmarpd} ${net}" + atm_scspd=1 + esac + done done - done - echo "." - - # Define any PVCs. - if [ -n "${atm_pvcs}" ]; then - for i in ${atm_pvcs}; do - eval pvc_args=\$atm_pvc_${i} - atm add pvc ${pvc_args} - done - fi + echo "." - # Define any permanent ARP entries. - if [ -n "${atm_arps}" ]; then - for i in ${atm_arps}; do - eval arp_args=\$atm_arp_${i} - atm add arp ${arp_args} - done - fi - atm_pass2_done=YES + # Define any PVCs. + if [ -n "${atm_pvcs}" ]; then + for i in ${atm_pvcs}; do + eval pvc_args=\$atm_pvc_${i} + atm add pvc ${pvc_args} + done + fi + + # Define any permanent ARP entries. + if [ -n "${atm_arps}" ]; then + for i in ${atm_arps}; do + eval arp_args=\$atm_arp_${i} + atm add arp ${arp_args} + done + fi + atm_pass2_done=YES } # # Start any necessary daemons. # atm_pass3() { - # Start SCSP daemon (if needed) - if [ "${atm_scspd}" -eq 1 ]; then - echo -n " scspd" - scspd - fi - - # Start ATMARP daemon (if needed) - if [ -n "${atm_atmarpd}" ]; then - echo -n " atmarpd" - atmarpd ${atm_atmarpd} - fi - - atm_pass3_done=YES + # Start SCSP daemon (if needed) + case ${atm_scspd} in + 1) + echo -n " scspd" + scspd + ;; + esac + + # Start ATMARP daemon (if needed) + if [ -n "${atm_atmarpd}" ]; then + echo -n " atmarpd" + atmarpd ${atm_atmarpd} + fi + + atm_pass3_done=YES } diff --git a/etc/rc.d/atm2 b/etc/rc.d/atm2 index 57ff149..7e72aeb 100644 --- a/etc/rc.d/atm2 +++ b/etc/rc.d/atm2 @@ -10,87 +10,99 @@ # N.B. /usr is not mounted. # atm_pass1() { - # Locate all probed ATM adapters - atmdev=`atm sh stat int | while read dev junk; do - case ${dev} in - hea[0-9]|hea[0-9][0-9]) - echo "${dev} " - ;; - hfa[0-9]|hfa[0-9][0-9]) - echo "${dev} " - ;; - *) - continue - ;; - esac - done` - - if [ -z "${atmdev}" ]; then - echo "No ATM adapters found." - return 0 - fi - - # Load microcode into FORE adapters (if needed) - if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then - fore_dnld -d /etc - fi - - # Configure physical interfaces - ilmid=0 - for phy in ${atmdev}; do - echo -n "Configuring ATM device ${phy}:" - - # Define network interfaces - eval netif_args=\$atm_netif_${phy} - if [ -n "${netif_args}" ]; then - atm set netif ${phy} ${netif_args} || continue - else - echo "missing network interface definition" - continue - fi + # Locate all probed ATM adapters + atmdev=`atm sh stat int | while read dev junk; do + case ${dev} in + hea[0-9] | hea[0-9][0-9]) + echo "${dev} " + ;; + hfa[0-9] | hfa[0-9][0-9]) + echo "${dev} " + ;; + *) + continue + ;; + esac + done` - # Override physical MAC address - eval macaddr_args=\$atm_macaddr_${phy} - if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then - atm set mac ${phy} ${macaddr_args} || continue + if [ -z "${atmdev}" ]; then + echo "No ATM adapters found." + return 0 fi - # Configure signalling manager - eval sigmgr_args=\$atm_sigmgr_${phy} - if [ -n "${sigmgr_args}" ]; then - atm attach ${phy} ${sigmgr_args} || continue - else - echo "missing signalling manager definition" - continue + # Load microcode into FORE adapters (if needed) + if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then + fore_dnld -d /etc fi - # Configure UNI NSAP prefix - eval prefix_args=\$atm_prefix_${phy} - if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then - if [ -z "${prefix_args}" ]; then - echo "missing NSAP prefix for UNI interface" + # Configure physical interfaces + ilmid=0 + for phy in ${atmdev}; do + echo -n "Configuring ATM device ${phy}:" + + # Define network interfaces + eval netif_args=\$atm_netif_${phy} + if [ -n "${netif_args}" ]; then + atm set netif ${phy} ${netif_args} || continue + else + echo "missing network interface definition" continue fi - if [ "${prefix_args}" = "ILMI" ]; then - ilmid=1 + + # Override physical MAC address + eval macaddr_args=\$atm_macaddr_${phy} + if [ -n "${macaddr_args}" ]; then + case ${macaddr_args} in + [Nn][Oo] | '') + ;; + *) + atm set mac ${phy} ${macaddr_args} || continue + ;; + esac + fi + + # Configure signalling manager + eval sigmgr_args=\$atm_sigmgr_${phy} + if [ -n "${sigmgr_args}" ]; then + atm attach ${phy} ${sigmgr_args} || continue else - atm set prefix ${phy} ${prefix_args} || continue + echo "missing signalling manager definition" + continue fi - fi - atm_phy="${atm_phy} ${phy}" - echo "." - done + # Configure UNI NSAP prefix + eval prefix_args=\$atm_prefix_${phy} + if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then + if [ -z "${prefix_args}" ]; then + echo "missing NSAP prefix for UNI interface" + continue + fi + + case ${prefix_args} in + ILMI) + ilmid=1 + ;; + *) + atm set prefix ${phy} ${prefix_args} || continue + ;; + esac + fi - echo -n "Starting initial ATM daemons:" - # Start ILMI daemon (if needed) - if [ ${ilmid} -eq 1 ]; then - echo -n " ilmid" - ilmid - fi + atm_phy="${atm_phy} ${phy}" + echo "." + done - echo "." - atm_pass1_done=YES + echo -n "Starting initial ATM daemons:" + # Start ILMI daemon (if needed) + case ${ilmid} in + 1) + echo -n " ilmid" + ilmid + ;; + esac + + echo "." + atm_pass1_done=YES } # @@ -98,75 +110,84 @@ atm_pass1() { # N.B. /usr is not mounted. # atm_pass2() { - echo -n "Configuring ATM network interfaces:" - - atm_scspd=0 - atm_atmarpd="" - - # Configure network interfaces - for phy in ${atm_phy}; do - eval netif_args=\$atm_netif_${phy} - set -- ${netif_args} - netname=$1 - netcnt=$2 - netindx=0 - while [ ${netindx} -lt ${netcnt} ]; do - - net="${netname}${netindx}" - netindx=`expr ${netindx} + 1` - echo -n " ${net}" - - # Configure atmarp server - eval atmarp_args=\$atm_arpserver_${net} - if [ -n "${atmarp_args}" ]; then - atm set arpserver ${net} ${atmarp_args} || continue - fi - eval scsparp_args=\$atm_scsparp_${net} - if [ "${scsparp_args}" = "YES" ]; then - if [ "${atmarp_args}" != "local" ]; then - echo "local arpserver required for SCSP" - continue + echo -n "Configuring ATM network interfaces:" + + atm_scspd=0 + atm_atmarpd="" + + # Configure network interfaces + for phy in ${atm_phy}; do + eval netif_args=\$atm_netif_${phy} + set -- ${netif_args} + netname=$1 + netcnt=$2 + netindx=0 + while [ ${netindx} -lt ${netcnt} ]; do + net="${netname}${netindx}" + netindx=`expr ${netindx} + 1` + echo -n " ${net}" + + # Configure atmarp server + eval atmarp_args=\$atm_arpserver_${net} + if [ -n "${atmarp_args}" ]; then + atm set arpserver ${net} ${atmarp_args} || + continue fi - atm_atmarpd="${atm_atmarpd} ${net}" - atm_scspd=1 - fi + eval scsparp_args=\$atm_scsparp_${net} + + case ${scsparp_args} in + [Yy][Ee][Ss]) + case ${atmarp_args} in + local) + ;; + *) + echo "local arpserver required for SCSP" + continue + ;; + esac + + atm_atmarpd="${atm_atmarpd} ${net}" + atm_scspd=1 + esac + done done - done - echo "." - - # Define any PVCs. - if [ -n "${atm_pvcs}" ]; then - for i in ${atm_pvcs}; do - eval pvc_args=\$atm_pvc_${i} - atm add pvc ${pvc_args} - done - fi + echo "." - # Define any permanent ARP entries. - if [ -n "${atm_arps}" ]; then - for i in ${atm_arps}; do - eval arp_args=\$atm_arp_${i} - atm add arp ${arp_args} - done - fi - atm_pass2_done=YES + # Define any PVCs. + if [ -n "${atm_pvcs}" ]; then + for i in ${atm_pvcs}; do + eval pvc_args=\$atm_pvc_${i} + atm add pvc ${pvc_args} + done + fi + + # Define any permanent ARP entries. + if [ -n "${atm_arps}" ]; then + for i in ${atm_arps}; do + eval arp_args=\$atm_arp_${i} + atm add arp ${arp_args} + done + fi + atm_pass2_done=YES } # # Start any necessary daemons. # atm_pass3() { - # Start SCSP daemon (if needed) - if [ "${atm_scspd}" -eq 1 ]; then - echo -n " scspd" - scspd - fi - - # Start ATMARP daemon (if needed) - if [ -n "${atm_atmarpd}" ]; then - echo -n " atmarpd" - atmarpd ${atm_atmarpd} - fi - - atm_pass3_done=YES + # Start SCSP daemon (if needed) + case ${atm_scspd} in + 1) + echo -n " scspd" + scspd + ;; + esac + + # Start ATMARP daemon (if needed) + if [ -n "${atm_atmarpd}" ]; then + echo -n " atmarpd" + atmarpd ${atm_atmarpd} + fi + + atm_pass3_done=YES } diff --git a/etc/rc.d/atm2.sh b/etc/rc.d/atm2.sh index 57ff149..7e72aeb 100644 --- a/etc/rc.d/atm2.sh +++ b/etc/rc.d/atm2.sh @@ -10,87 +10,99 @@ # N.B. /usr is not mounted. # atm_pass1() { - # Locate all probed ATM adapters - atmdev=`atm sh stat int | while read dev junk; do - case ${dev} in - hea[0-9]|hea[0-9][0-9]) - echo "${dev} " - ;; - hfa[0-9]|hfa[0-9][0-9]) - echo "${dev} " - ;; - *) - continue - ;; - esac - done` - - if [ -z "${atmdev}" ]; then - echo "No ATM adapters found." - return 0 - fi - - # Load microcode into FORE adapters (if needed) - if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then - fore_dnld -d /etc - fi - - # Configure physical interfaces - ilmid=0 - for phy in ${atmdev}; do - echo -n "Configuring ATM device ${phy}:" - - # Define network interfaces - eval netif_args=\$atm_netif_${phy} - if [ -n "${netif_args}" ]; then - atm set netif ${phy} ${netif_args} || continue - else - echo "missing network interface definition" - continue - fi + # Locate all probed ATM adapters + atmdev=`atm sh stat int | while read dev junk; do + case ${dev} in + hea[0-9] | hea[0-9][0-9]) + echo "${dev} " + ;; + hfa[0-9] | hfa[0-9][0-9]) + echo "${dev} " + ;; + *) + continue + ;; + esac + done` - # Override physical MAC address - eval macaddr_args=\$atm_macaddr_${phy} - if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then - atm set mac ${phy} ${macaddr_args} || continue + if [ -z "${atmdev}" ]; then + echo "No ATM adapters found." + return 0 fi - # Configure signalling manager - eval sigmgr_args=\$atm_sigmgr_${phy} - if [ -n "${sigmgr_args}" ]; then - atm attach ${phy} ${sigmgr_args} || continue - else - echo "missing signalling manager definition" - continue + # Load microcode into FORE adapters (if needed) + if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then + fore_dnld -d /etc fi - # Configure UNI NSAP prefix - eval prefix_args=\$atm_prefix_${phy} - if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then - if [ -z "${prefix_args}" ]; then - echo "missing NSAP prefix for UNI interface" + # Configure physical interfaces + ilmid=0 + for phy in ${atmdev}; do + echo -n "Configuring ATM device ${phy}:" + + # Define network interfaces + eval netif_args=\$atm_netif_${phy} + if [ -n "${netif_args}" ]; then + atm set netif ${phy} ${netif_args} || continue + else + echo "missing network interface definition" continue fi - if [ "${prefix_args}" = "ILMI" ]; then - ilmid=1 + + # Override physical MAC address + eval macaddr_args=\$atm_macaddr_${phy} + if [ -n "${macaddr_args}" ]; then + case ${macaddr_args} in + [Nn][Oo] | '') + ;; + *) + atm set mac ${phy} ${macaddr_args} || continue + ;; + esac + fi + + # Configure signalling manager + eval sigmgr_args=\$atm_sigmgr_${phy} + if [ -n "${sigmgr_args}" ]; then + atm attach ${phy} ${sigmgr_args} || continue else - atm set prefix ${phy} ${prefix_args} || continue + echo "missing signalling manager definition" + continue fi - fi - atm_phy="${atm_phy} ${phy}" - echo "." - done + # Configure UNI NSAP prefix + eval prefix_args=\$atm_prefix_${phy} + if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then + if [ -z "${prefix_args}" ]; then + echo "missing NSAP prefix for UNI interface" + continue + fi + + case ${prefix_args} in + ILMI) + ilmid=1 + ;; + *) + atm set prefix ${phy} ${prefix_args} || continue + ;; + esac + fi - echo -n "Starting initial ATM daemons:" - # Start ILMI daemon (if needed) - if [ ${ilmid} -eq 1 ]; then - echo -n " ilmid" - ilmid - fi + atm_phy="${atm_phy} ${phy}" + echo "." + done - echo "." - atm_pass1_done=YES + echo -n "Starting initial ATM daemons:" + # Start ILMI daemon (if needed) + case ${ilmid} in + 1) + echo -n " ilmid" + ilmid + ;; + esac + + echo "." + atm_pass1_done=YES } # @@ -98,75 +110,84 @@ atm_pass1() { # N.B. /usr is not mounted. # atm_pass2() { - echo -n "Configuring ATM network interfaces:" - - atm_scspd=0 - atm_atmarpd="" - - # Configure network interfaces - for phy in ${atm_phy}; do - eval netif_args=\$atm_netif_${phy} - set -- ${netif_args} - netname=$1 - netcnt=$2 - netindx=0 - while [ ${netindx} -lt ${netcnt} ]; do - - net="${netname}${netindx}" - netindx=`expr ${netindx} + 1` - echo -n " ${net}" - - # Configure atmarp server - eval atmarp_args=\$atm_arpserver_${net} - if [ -n "${atmarp_args}" ]; then - atm set arpserver ${net} ${atmarp_args} || continue - fi - eval scsparp_args=\$atm_scsparp_${net} - if [ "${scsparp_args}" = "YES" ]; then - if [ "${atmarp_args}" != "local" ]; then - echo "local arpserver required for SCSP" - continue + echo -n "Configuring ATM network interfaces:" + + atm_scspd=0 + atm_atmarpd="" + + # Configure network interfaces + for phy in ${atm_phy}; do + eval netif_args=\$atm_netif_${phy} + set -- ${netif_args} + netname=$1 + netcnt=$2 + netindx=0 + while [ ${netindx} -lt ${netcnt} ]; do + net="${netname}${netindx}" + netindx=`expr ${netindx} + 1` + echo -n " ${net}" + + # Configure atmarp server + eval atmarp_args=\$atm_arpserver_${net} + if [ -n "${atmarp_args}" ]; then + atm set arpserver ${net} ${atmarp_args} || + continue fi - atm_atmarpd="${atm_atmarpd} ${net}" - atm_scspd=1 - fi + eval scsparp_args=\$atm_scsparp_${net} + + case ${scsparp_args} in + [Yy][Ee][Ss]) + case ${atmarp_args} in + local) + ;; + *) + echo "local arpserver required for SCSP" + continue + ;; + esac + + atm_atmarpd="${atm_atmarpd} ${net}" + atm_scspd=1 + esac + done done - done - echo "." - - # Define any PVCs. - if [ -n "${atm_pvcs}" ]; then - for i in ${atm_pvcs}; do - eval pvc_args=\$atm_pvc_${i} - atm add pvc ${pvc_args} - done - fi + echo "." - # Define any permanent ARP entries. - if [ -n "${atm_arps}" ]; then - for i in ${atm_arps}; do - eval arp_args=\$atm_arp_${i} - atm add arp ${arp_args} - done - fi - atm_pass2_done=YES + # Define any PVCs. + if [ -n "${atm_pvcs}" ]; then + for i in ${atm_pvcs}; do + eval pvc_args=\$atm_pvc_${i} + atm add pvc ${pvc_args} + done + fi + + # Define any permanent ARP entries. + if [ -n "${atm_arps}" ]; then + for i in ${atm_arps}; do + eval arp_args=\$atm_arp_${i} + atm add arp ${arp_args} + done + fi + atm_pass2_done=YES } # # Start any necessary daemons. # atm_pass3() { - # Start SCSP daemon (if needed) - if [ "${atm_scspd}" -eq 1 ]; then - echo -n " scspd" - scspd - fi - - # Start ATMARP daemon (if needed) - if [ -n "${atm_atmarpd}" ]; then - echo -n " atmarpd" - atmarpd ${atm_atmarpd} - fi - - atm_pass3_done=YES + # Start SCSP daemon (if needed) + case ${atm_scspd} in + 1) + echo -n " scspd" + scspd + ;; + esac + + # Start ATMARP daemon (if needed) + if [ -n "${atm_atmarpd}" ]; then + echo -n " atmarpd" + atmarpd ${atm_atmarpd} + fi + + atm_pass3_done=YES } diff --git a/etc/rc.d/atm3 b/etc/rc.d/atm3 index 57ff149..7e72aeb 100644 --- a/etc/rc.d/atm3 +++ b/etc/rc.d/atm3 @@ -10,87 +10,99 @@ # N.B. /usr is not mounted. # atm_pass1() { - # Locate all probed ATM adapters - atmdev=`atm sh stat int | while read dev junk; do - case ${dev} in - hea[0-9]|hea[0-9][0-9]) - echo "${dev} " - ;; - hfa[0-9]|hfa[0-9][0-9]) - echo "${dev} " - ;; - *) - continue - ;; - esac - done` - - if [ -z "${atmdev}" ]; then - echo "No ATM adapters found." - return 0 - fi - - # Load microcode into FORE adapters (if needed) - if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then - fore_dnld -d /etc - fi - - # Configure physical interfaces - ilmid=0 - for phy in ${atmdev}; do - echo -n "Configuring ATM device ${phy}:" - - # Define network interfaces - eval netif_args=\$atm_netif_${phy} - if [ -n "${netif_args}" ]; then - atm set netif ${phy} ${netif_args} || continue - else - echo "missing network interface definition" - continue - fi + # Locate all probed ATM adapters + atmdev=`atm sh stat int | while read dev junk; do + case ${dev} in + hea[0-9] | hea[0-9][0-9]) + echo "${dev} " + ;; + hfa[0-9] | hfa[0-9][0-9]) + echo "${dev} " + ;; + *) + continue + ;; + esac + done` - # Override physical MAC address - eval macaddr_args=\$atm_macaddr_${phy} - if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then - atm set mac ${phy} ${macaddr_args} || continue + if [ -z "${atmdev}" ]; then + echo "No ATM adapters found." + return 0 fi - # Configure signalling manager - eval sigmgr_args=\$atm_sigmgr_${phy} - if [ -n "${sigmgr_args}" ]; then - atm attach ${phy} ${sigmgr_args} || continue - else - echo "missing signalling manager definition" - continue + # Load microcode into FORE adapters (if needed) + if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then + fore_dnld -d /etc fi - # Configure UNI NSAP prefix - eval prefix_args=\$atm_prefix_${phy} - if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then - if [ -z "${prefix_args}" ]; then - echo "missing NSAP prefix for UNI interface" + # Configure physical interfaces + ilmid=0 + for phy in ${atmdev}; do + echo -n "Configuring ATM device ${phy}:" + + # Define network interfaces + eval netif_args=\$atm_netif_${phy} + if [ -n "${netif_args}" ]; then + atm set netif ${phy} ${netif_args} || continue + else + echo "missing network interface definition" continue fi - if [ "${prefix_args}" = "ILMI" ]; then - ilmid=1 + + # Override physical MAC address + eval macaddr_args=\$atm_macaddr_${phy} + if [ -n "${macaddr_args}" ]; then + case ${macaddr_args} in + [Nn][Oo] | '') + ;; + *) + atm set mac ${phy} ${macaddr_args} || continue + ;; + esac + fi + + # Configure signalling manager + eval sigmgr_args=\$atm_sigmgr_${phy} + if [ -n "${sigmgr_args}" ]; then + atm attach ${phy} ${sigmgr_args} || continue else - atm set prefix ${phy} ${prefix_args} || continue + echo "missing signalling manager definition" + continue fi - fi - atm_phy="${atm_phy} ${phy}" - echo "." - done + # Configure UNI NSAP prefix + eval prefix_args=\$atm_prefix_${phy} + if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then + if [ -z "${prefix_args}" ]; then + echo "missing NSAP prefix for UNI interface" + continue + fi + + case ${prefix_args} in + ILMI) + ilmid=1 + ;; + *) + atm set prefix ${phy} ${prefix_args} || continue + ;; + esac + fi - echo -n "Starting initial ATM daemons:" - # Start ILMI daemon (if needed) - if [ ${ilmid} -eq 1 ]; then - echo -n " ilmid" - ilmid - fi + atm_phy="${atm_phy} ${phy}" + echo "." + done - echo "." - atm_pass1_done=YES + echo -n "Starting initial ATM daemons:" + # Start ILMI daemon (if needed) + case ${ilmid} in + 1) + echo -n " ilmid" + ilmid + ;; + esac + + echo "." + atm_pass1_done=YES } # @@ -98,75 +110,84 @@ atm_pass1() { # N.B. /usr is not mounted. # atm_pass2() { - echo -n "Configuring ATM network interfaces:" - - atm_scspd=0 - atm_atmarpd="" - - # Configure network interfaces - for phy in ${atm_phy}; do - eval netif_args=\$atm_netif_${phy} - set -- ${netif_args} - netname=$1 - netcnt=$2 - netindx=0 - while [ ${netindx} -lt ${netcnt} ]; do - - net="${netname}${netindx}" - netindx=`expr ${netindx} + 1` - echo -n " ${net}" - - # Configure atmarp server - eval atmarp_args=\$atm_arpserver_${net} - if [ -n "${atmarp_args}" ]; then - atm set arpserver ${net} ${atmarp_args} || continue - fi - eval scsparp_args=\$atm_scsparp_${net} - if [ "${scsparp_args}" = "YES" ]; then - if [ "${atmarp_args}" != "local" ]; then - echo "local arpserver required for SCSP" - continue + echo -n "Configuring ATM network interfaces:" + + atm_scspd=0 + atm_atmarpd="" + + # Configure network interfaces + for phy in ${atm_phy}; do + eval netif_args=\$atm_netif_${phy} + set -- ${netif_args} + netname=$1 + netcnt=$2 + netindx=0 + while [ ${netindx} -lt ${netcnt} ]; do + net="${netname}${netindx}" + netindx=`expr ${netindx} + 1` + echo -n " ${net}" + + # Configure atmarp server + eval atmarp_args=\$atm_arpserver_${net} + if [ -n "${atmarp_args}" ]; then + atm set arpserver ${net} ${atmarp_args} || + continue fi - atm_atmarpd="${atm_atmarpd} ${net}" - atm_scspd=1 - fi + eval scsparp_args=\$atm_scsparp_${net} + + case ${scsparp_args} in + [Yy][Ee][Ss]) + case ${atmarp_args} in + local) + ;; + *) + echo "local arpserver required for SCSP" + continue + ;; + esac + + atm_atmarpd="${atm_atmarpd} ${net}" + atm_scspd=1 + esac + done done - done - echo "." - - # Define any PVCs. - if [ -n "${atm_pvcs}" ]; then - for i in ${atm_pvcs}; do - eval pvc_args=\$atm_pvc_${i} - atm add pvc ${pvc_args} - done - fi + echo "." - # Define any permanent ARP entries. - if [ -n "${atm_arps}" ]; then - for i in ${atm_arps}; do - eval arp_args=\$atm_arp_${i} - atm add arp ${arp_args} - done - fi - atm_pass2_done=YES + # Define any PVCs. + if [ -n "${atm_pvcs}" ]; then + for i in ${atm_pvcs}; do + eval pvc_args=\$atm_pvc_${i} + atm add pvc ${pvc_args} + done + fi + + # Define any permanent ARP entries. + if [ -n "${atm_arps}" ]; then + for i in ${atm_arps}; do + eval arp_args=\$atm_arp_${i} + atm add arp ${arp_args} + done + fi + atm_pass2_done=YES } # # Start any necessary daemons. # atm_pass3() { - # Start SCSP daemon (if needed) - if [ "${atm_scspd}" -eq 1 ]; then - echo -n " scspd" - scspd - fi - - # Start ATMARP daemon (if needed) - if [ -n "${atm_atmarpd}" ]; then - echo -n " atmarpd" - atmarpd ${atm_atmarpd} - fi - - atm_pass3_done=YES + # Start SCSP daemon (if needed) + case ${atm_scspd} in + 1) + echo -n " scspd" + scspd + ;; + esac + + # Start ATMARP daemon (if needed) + if [ -n "${atm_atmarpd}" ]; then + echo -n " atmarpd" + atmarpd ${atm_atmarpd} + fi + + atm_pass3_done=YES } diff --git a/etc/rc.d/atm3.sh b/etc/rc.d/atm3.sh index 57ff149..7e72aeb 100644 --- a/etc/rc.d/atm3.sh +++ b/etc/rc.d/atm3.sh @@ -10,87 +10,99 @@ # N.B. /usr is not mounted. # atm_pass1() { - # Locate all probed ATM adapters - atmdev=`atm sh stat int | while read dev junk; do - case ${dev} in - hea[0-9]|hea[0-9][0-9]) - echo "${dev} " - ;; - hfa[0-9]|hfa[0-9][0-9]) - echo "${dev} " - ;; - *) - continue - ;; - esac - done` - - if [ -z "${atmdev}" ]; then - echo "No ATM adapters found." - return 0 - fi - - # Load microcode into FORE adapters (if needed) - if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then - fore_dnld -d /etc - fi - - # Configure physical interfaces - ilmid=0 - for phy in ${atmdev}; do - echo -n "Configuring ATM device ${phy}:" - - # Define network interfaces - eval netif_args=\$atm_netif_${phy} - if [ -n "${netif_args}" ]; then - atm set netif ${phy} ${netif_args} || continue - else - echo "missing network interface definition" - continue - fi + # Locate all probed ATM adapters + atmdev=`atm sh stat int | while read dev junk; do + case ${dev} in + hea[0-9] | hea[0-9][0-9]) + echo "${dev} " + ;; + hfa[0-9] | hfa[0-9][0-9]) + echo "${dev} " + ;; + *) + continue + ;; + esac + done` - # Override physical MAC address - eval macaddr_args=\$atm_macaddr_${phy} - if [ -n "${macaddr_args}" -a "${macaddr_args}" != "NO" ]; then - atm set mac ${phy} ${macaddr_args} || continue + if [ -z "${atmdev}" ]; then + echo "No ATM adapters found." + return 0 fi - # Configure signalling manager - eval sigmgr_args=\$atm_sigmgr_${phy} - if [ -n "${sigmgr_args}" ]; then - atm attach ${phy} ${sigmgr_args} || continue - else - echo "missing signalling manager definition" - continue + # Load microcode into FORE adapters (if needed) + if [ `expr "${atmdev}" : '.*hfa.*'` -ne 0 ]; then + fore_dnld -d /etc fi - # Configure UNI NSAP prefix - eval prefix_args=\$atm_prefix_${phy} - if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then - if [ -z "${prefix_args}" ]; then - echo "missing NSAP prefix for UNI interface" + # Configure physical interfaces + ilmid=0 + for phy in ${atmdev}; do + echo -n "Configuring ATM device ${phy}:" + + # Define network interfaces + eval netif_args=\$atm_netif_${phy} + if [ -n "${netif_args}" ]; then + atm set netif ${phy} ${netif_args} || continue + else + echo "missing network interface definition" continue fi - if [ "${prefix_args}" = "ILMI" ]; then - ilmid=1 + + # Override physical MAC address + eval macaddr_args=\$atm_macaddr_${phy} + if [ -n "${macaddr_args}" ]; then + case ${macaddr_args} in + [Nn][Oo] | '') + ;; + *) + atm set mac ${phy} ${macaddr_args} || continue + ;; + esac + fi + + # Configure signalling manager + eval sigmgr_args=\$atm_sigmgr_${phy} + if [ -n "${sigmgr_args}" ]; then + atm attach ${phy} ${sigmgr_args} || continue else - atm set prefix ${phy} ${prefix_args} || continue + echo "missing signalling manager definition" + continue fi - fi - atm_phy="${atm_phy} ${phy}" - echo "." - done + # Configure UNI NSAP prefix + eval prefix_args=\$atm_prefix_${phy} + if [ `expr "${sigmgr_args}" : '[uU][nN][iI].*'` -ne 0 ]; then + if [ -z "${prefix_args}" ]; then + echo "missing NSAP prefix for UNI interface" + continue + fi + + case ${prefix_args} in + ILMI) + ilmid=1 + ;; + *) + atm set prefix ${phy} ${prefix_args} || continue + ;; + esac + fi - echo -n "Starting initial ATM daemons:" - # Start ILMI daemon (if needed) - if [ ${ilmid} -eq 1 ]; then - echo -n " ilmid" - ilmid - fi + atm_phy="${atm_phy} ${phy}" + echo "." + done - echo "." - atm_pass1_done=YES + echo -n "Starting initial ATM daemons:" + # Start ILMI daemon (if needed) + case ${ilmid} in + 1) + echo -n " ilmid" + ilmid + ;; + esac + + echo "." + atm_pass1_done=YES } # @@ -98,75 +110,84 @@ atm_pass1() { # N.B. /usr is not mounted. # atm_pass2() { - echo -n "Configuring ATM network interfaces:" - - atm_scspd=0 - atm_atmarpd="" - - # Configure network interfaces - for phy in ${atm_phy}; do - eval netif_args=\$atm_netif_${phy} - set -- ${netif_args} - netname=$1 - netcnt=$2 - netindx=0 - while [ ${netindx} -lt ${netcnt} ]; do - - net="${netname}${netindx}" - netindx=`expr ${netindx} + 1` - echo -n " ${net}" - - # Configure atmarp server - eval atmarp_args=\$atm_arpserver_${net} - if [ -n "${atmarp_args}" ]; then - atm set arpserver ${net} ${atmarp_args} || continue - fi - eval scsparp_args=\$atm_scsparp_${net} - if [ "${scsparp_args}" = "YES" ]; then - if [ "${atmarp_args}" != "local" ]; then - echo "local arpserver required for SCSP" - continue + echo -n "Configuring ATM network interfaces:" + + atm_scspd=0 + atm_atmarpd="" + + # Configure network interfaces + for phy in ${atm_phy}; do + eval netif_args=\$atm_netif_${phy} + set -- ${netif_args} + netname=$1 + netcnt=$2 + netindx=0 + while [ ${netindx} -lt ${netcnt} ]; do + net="${netname}${netindx}" + netindx=`expr ${netindx} + 1` + echo -n " ${net}" + + # Configure atmarp server + eval atmarp_args=\$atm_arpserver_${net} + if [ -n "${atmarp_args}" ]; then + atm set arpserver ${net} ${atmarp_args} || + continue fi - atm_atmarpd="${atm_atmarpd} ${net}" - atm_scspd=1 - fi + eval scsparp_args=\$atm_scsparp_${net} + + case ${scsparp_args} in + [Yy][Ee][Ss]) + case ${atmarp_args} in + local) + ;; + *) + echo "local arpserver required for SCSP" + continue + ;; + esac + + atm_atmarpd="${atm_atmarpd} ${net}" + atm_scspd=1 + esac + done done - done - echo "." - - # Define any PVCs. - if [ -n "${atm_pvcs}" ]; then - for i in ${atm_pvcs}; do - eval pvc_args=\$atm_pvc_${i} - atm add pvc ${pvc_args} - done - fi + echo "." - # Define any permanent ARP entries. - if [ -n "${atm_arps}" ]; then - for i in ${atm_arps}; do - eval arp_args=\$atm_arp_${i} - atm add arp ${arp_args} - done - fi - atm_pass2_done=YES + # Define any PVCs. + if [ -n "${atm_pvcs}" ]; then + for i in ${atm_pvcs}; do + eval pvc_args=\$atm_pvc_${i} + atm add pvc ${pvc_args} + done + fi + + # Define any permanent ARP entries. + if [ -n "${atm_arps}" ]; then + for i in ${atm_arps}; do + eval arp_args=\$atm_arp_${i} + atm add arp ${arp_args} + done + fi + atm_pass2_done=YES } # # Start any necessary daemons. # atm_pass3() { - # Start SCSP daemon (if needed) - if [ "${atm_scspd}" -eq 1 ]; then - echo -n " scspd" - scspd - fi - - # Start ATMARP daemon (if needed) - if [ -n "${atm_atmarpd}" ]; then - echo -n " atmarpd" - atmarpd ${atm_atmarpd} - fi - - atm_pass3_done=YES + # Start SCSP daemon (if needed) + case ${atm_scspd} in + 1) + echo -n " scspd" + scspd + ;; + esac + + # Start ATMARP daemon (if needed) + if [ -n "${atm_atmarpd}" ]; then + echo -n " atmarpd" + atmarpd ${atm_atmarpd} + fi + + atm_pass3_done=YES } diff --git a/etc/rc.d/diskless b/etc/rc.d/diskless index a7f0a50..2d777e5 100644 --- a/etc/rc.d/diskless +++ b/etc/rc.d/diskless @@ -1,11 +1,14 @@ +# +#$FreeBSD$ +# # PROVIDE: diskless # REQUIRE: initdiskless mountcritlocal if [ -n "$4" ]; then bpi="-i $4" -if [ -f /etc/defaults/rc.conf ]; then + fi /sbin/mdconfig -a -t malloc -s $1 -u $3 -elif [ -f /etc/rc.conf ]; then + /sbin/newfs $bpi /dev/md$3c /sbin/mount /dev/md$3c $2 } @@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd chown -R root.daemon /var/spool/output chgrp daemon /var/spool/lpd -( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp +(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_mfs -s 4096 -i 512 -T qp120at dummy /dev -( cd /; cpio -i -H newc -d < /tmp/dev.tmp ) - +(cd /; cpio -i -H newc -d < /tmp/dev.tmp) # extract a list of device entries, then copy them to a writable fs (cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_md 4096 /dev 3 512 diff --git a/etc/rc.d/initdiskless b/etc/rc.d/initdiskless index 0f80c43..d93e36e 100644 --- a/etc/rc.d/initdiskless +++ b/etc/rc.d/initdiskless @@ -1,4 +1,6 @@ # +# $FreeBSD$ +# # /etc/rc.diskless - general BOOTP startup # # BOOTP has mounted / for us. Assume a read-only mount. We must then @@ -10,14 +12,14 @@ # set by the system operator on the server to be softlinks to # /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may # choose to retarget other files as well. The server itself boots -# properly with its default /conf/ME softlink pointing to -# /conf/server.host.name. +# properly with its default /conf/ME softlink pointing to +# /conf/server.host.name. # # During a diskless boot, we retarget the /conf/ME softlink to point # to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config # files that are softlinks through /conf/ME also get retargeted. # -# SEE SAMPLE FILES IN /usr/share/examples/diskless. +# SEE SAMPLE FILES IN /usr/share/examples/diskless. # chkerr: # @@ -25,27 +27,31 @@ # # checks error code and drops into shell on failure. # if shell exits, terminates script as well as /etc/rc. - +# chkerr() { - if [ $1 != 0 ]; then + case $1 in + 0) + ;; + *) echo "$2 failed: dropping into /bin/sh" /bin/sh # RESUME - fi + ;; + esac } # DEBUGGING # set -v -# Figure out where the root mount is coming from, synthesize a mount -# for /usr and mount it. +# Figure out where the root mount is coming from, synthesize a mount +# for /usr and mount it. # -# e.g. nfs_root might wind up as "A.B.C.D:/" +# e.g. nfs_root might wind up as "A.B.C.D:/" # -# NOTE! the /usr mount is only temporary so we can access commands necessary -# to retarget /conf/ME. The actual /usr mount should be part of the -# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless. +# NOTE! the /usr mount is only temporary so we can access commands necessary +# to retarget /conf/ME. The actual /usr mount should be part of the +# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless. # set `/bin/df /` nfs_root=$8 @@ -53,7 +59,7 @@ mount_nfs -o ro ${nfs_root}/usr /usr chkerr $? "mount of /usr" -# Figure out our interface and IP. +# Figure out our interface and IP. # bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'` @@ -74,7 +80,7 @@ umount /usr # # WARNING! null mounts cannot handle mmap, and since many programs # use mmap (such as 'cp'), we have to copy. - +# mount_mfs -s 256 -T qp120at -o union dummy /conf chkerr $? "MFS mount on /conf" @@ -91,7 +97,7 @@ sysctl -w kern.bootfile=/conf/ME/kernel # else. # # This script is responsible for setting up the -# diskless mount environment. This can be +# diskless mount environment. This can be # overriden by /conf/ME/rc.conf.local if, for # example, you do not want to run the standard # system /etc/rc.diskless2 diff --git a/etc/rc.d/isdnd b/etc/rc.d/isdnd index 11e140a..1302102 100644 --- a/etc/rc.d/isdnd +++ b/etc/rc.d/isdnd @@ -10,39 +10,53 @@ # #--------------------------------------------------------------------------- -if [ "${isdn_enable}" = "YES" ] ; then - +case ${isdn_enable} in +[Yy][Ee][Ss]) echo -n 'ISDN subsystem setup:' - # terminal type for fullscreen mode, default to syscons driver + # Terminal type for fullscreen mode, default to syscons driver + # isdn_ttype=cons25 - # check for pcvt driver (VT100/VT220 emulator) - if [ -x /usr/sbin/ispcvt ] ; then - if /usr/sbin/ispcvt ; then + # Check for pcvt driver (VT100/VT220 emulator) + # + if [ -x /usr/sbin/ispcvt ]; then + if /usr/sbin/ispcvt; then isdn_ttype=pcvt25 fi fi - - if [ "${isdn_flags}" = "NO" ] ; then - isdn_flags="" - fi - - # start the isdn daemon - if [ -x /usr/sbin/isdnd ] ; then + + case ${isdn_flags} in + [Nn][Oo] | '') + isdn_flags='' + ;; + esac + + # Start the isdn daemon + # + if [ -x /usr/sbin/isdnd ]; then echo -n ' isdnd' - if [ "${isdn_fsdev}" = "NO" ] ; then - /usr/sbin/isdnd ${isdn_flags} - else + case ${isdn_fsdev} in + [Nn][Oo] | '') + /usr/sbin/isdnd ${isdn_flags} + ;; + *) /usr/sbin/isdnd ${isdn_flags} -f -r ${isdn_fsdev} -t ${isdn_ttype} - fi + ;; + esac fi - # start isdntrace - if [ "${isdn_trace}" = "YES" -a -x /usr/sbin/isdntrace ] ; then - echo -n ' isdntrace' - nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 & - fi + # Start isdntrace + # + case ${isdn_trace} in + [Yy][Ee][Ss]) + if [ -x /usr/sbin/isdntrace ]; then + echo -n ' isdntrace' + nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 & + fi + ;; + esac echo '.' -fi + ;; +esac diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions index 781c73f..5ddce80 100644 --- a/etc/rc.d/netoptions +++ b/etc/rc.d/netoptions @@ -3,400 +3,574 @@ # $FreeBSD$ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/rc.conf. Please check that file +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file # first before contemplating any changes here. If you do need to change # this file for some reason, we would like to know about it. # First pass startup stuff. - +# network_pass1() { - echo -n 'Doing initial network setup:' - # Set the host name if it is not already set - if [ -z "`hostname -s`" ] ; then - hostname ${hostname} - echo -n ' hostname' - fi - - # Set the domainname if we're using NIS - if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then - domainname ${nisdomainname} - echo -n ' domain' - fi - echo '.' - - # Initial ATM interface configuration - if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then - . /etc/rc.atm - atm_pass1 - fi - - # ISDN subsystem startup - if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then - . /etc/rc.isdn - fi - - # Special options for sppp(4) interfaces go here. These need - # to go _before_ the general ifconfig section, since in the case - # of hardwired (no link1 flag) but required authentication, you - # cannot pass auth parameters down to the already running interface. - for ifn in ${sppp_interfaces}; do - eval spppcontrol_args=\$spppconfig_${ifn} - if [ -n "${spppcontrol_args}" ] ; then - # The auth secrets might contain spaces; in order - # to retain the quotation, we need to eval them - # here. - eval spppcontrol ${ifn} ${spppcontrol_args} - fi - done - - # Set up all the network interfaces, calling startup scripts if needed - if [ "${network_interfaces}" = "auto" ]; then - network_interfaces="`ifconfig -l`" - fi - for ifn in ${network_interfaces}; do - showstat=false - if [ -e /etc/start_if.${ifn} ]; then - . /etc/start_if.${ifn} - showstat=true - fi - # Do the primary ifconfig if specified - eval ifconfig_args=\$ifconfig_${ifn} - if [ -n "${ifconfig_args}" ] ; then - # See if we are using DHCP - if [ "${ifconfig_args}" = "DHCP" ]; then - ${dhcp_program} ${dhcp_flags} ${ifn} - else - ifconfig ${ifn} ${ifconfig_args} - fi - showstat=true - fi - # Check to see if aliases need to be added - alias=0 - while : - do - eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} alias - showstat=true - alias=`expr ${alias} + 1` - else - break; - fi - done - # Do ipx address if specified - eval ifconfig_args=\$ifconfig_${ifn}_ipx - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} - showstat=true - fi - if [ "${showstat}" = "true" ] - then - ifconfig ${ifn} - fi - done - - # Warm up user ppp if required, must happen before natd. - if [ "${ppp_enable}" = "YES" ]; then - # Establish ppp mode. - if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ - -a "${ppp_mode}" != "dedicated" \ - -a "${ppp_mode}" != "background" ]; then - ppp_mode="auto"; - fi - ppp_command="-${ppp_mode} "; - - # Switch on alias mode? - if [ "${ppp_nat}" = "YES" ]; then - ppp_command="${ppp_command} -nat"; - fi - - echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} - fi - - # Initialize IP filtering using ipfw - echo "" - /sbin/ipfw -q flush > /dev/null 2>&1 - if [ $? = 0 ] ; then - firewall_in_kernel=1 - else - firewall_in_kernel=0 - fi - - if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then - if kldload ipfw; then - firewall_in_kernel=1 # module loaded successfully - echo "Kernel firewall module loaded." - else - echo "Warning: firewall kernel module failed to load." - fi - fi + echo -n 'Doing initial network setup:' - # Load the filters if required - if [ ${firewall_in_kernel} = 1 ]; then - if [ -z "${firewall_script}" ] ; then - firewall_script="/etc/rc.firewall" + # Set the host name if it is not already set + # + if [ -z "`hostname -s`" ]; then + hostname ${hostname} + echo -n ' hostname' fi - if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then - . ${firewall_script} - echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" + + # Set the domainname if we're using NIS + # + case ${nisdomainname} in + [Nn][Oo] | '') + ;; + *) + domainname ${nisdomainname} + echo -n ' domain' + ;; + esac + + echo '.' + + # Initial ATM interface configuration + # + case ${atm_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + ;; + esac + + # ISDN subsystem startup + # + case ${isdn_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.isdn ]; then + . /etc/rc.isdn + fi + ;; + esac + + # Special options for sppp(4) interfaces go here. These need + # to go _before_ the general ifconfig section, since in the case + # of hardwired (no link1 flag) but required authentication, you + # cannot pass auth parameters down to the already running interface. + # + for ifn in ${sppp_interfaces}; do + eval spppcontrol_args=\$spppconfig_${ifn} + if [ -n "${spppcontrol_args}" ]; then + # The auth secrets might contain spaces; in order + # to retain the quotation, we need to eval them + # here. + eval spppcontrol ${ifn} ${spppcontrol_args} + fi + done + + # Set up all the network interfaces, calling startup scripts if needed + # + case ${network_interfaces} in + [Aa][Uu][Tt][Oo]) + network_interfaces="`ifconfig -l`" + ;; + esac + + for ifn in ${network_interfaces}; do + showstat=false + if [ -r /etc/start_if.${ifn} ]; then + . /etc/start_if.${ifn} + showstat=true fi - echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} - fi - echo '.' + + # Do the primary ifconfig if specified + # + eval ifconfig_args=\$ifconfig_${ifn} + + case ${ifconfig_args} in + '') + ;; + [Dd][Hh][Cc][Pp]) + ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} + showstat=true + ;; + *) + ifconfig ${ifn} ${ifconfig_args} + showstat=true + ;; + esac + + # Check to see if aliases need to be added + # + alias=0 + while : ; do + eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} alias + showstat=true + alias=`expr ${alias} + 1` + else + break; + fi + done + + # Do ipx address if specified + # + eval ifconfig_args=\$ifconfig_${ifn}_ipx + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} + showstat=true + fi + + case ${showstat} in + true) + ifconfig ${ifn} + ;; + esac + done + + # Warm up user ppp if required, must happen before natd. + # + case ${ppp_enable} in + [Yy][Ee][Ss]) + # Establish ppp mode. + # + if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ + -a "${ppp_mode}" != "dedicated" \ + -a "${ppp_mode}" != "background" ]; then + ppp_mode="auto"; + fi + + ppp_command="-${ppp_mode} "; + + # Switch on alias mode? + # + case ${ppp_nat} in + [Yy][Ee][Ss]) + ppp_command="${ppp_command} -nat"; + ;; + esac + + echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} + ;; + esac + + # Initialize IP filtering using ipfw + # + echo '' + + if /sbin/ipfw -q flush > /dev/null 2>&1; then + firewall_in_kernel=1 else - IPFW_DEFAULT=`ipfw l 65535` - if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then - echo -n "Warning: kernel has firewall functionality, " - echo "but firewall rules are not enabled." - echo " All ip services are disabled." - fi + firewall_in_kernel=0 fi - fi - - # Additional ATM interface configuration - if [ -n "${atm_pass1_done}" ]; then - atm_pass2 - fi - - # Configure routing - - if [ "${defaultrouter}" != "NO" ] ; then - static_routes="default ${static_routes}" - route_default="default ${defaultrouter}" - fi - - # Set up any static routes. This should be done before router discovery. - if [ -n "${static_routes}" ]; then - for i in ${static_routes}; do - eval route_args=\$route_${i} - route add ${route_args} - done - fi - - echo -n 'Additional routing options:' - if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then - echo -n ' tcp extensions=NO' - sysctl -w net.inet.tcp.rfc1323=0 >/dev/null - fi - - if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then - echo -n ' log_in_vain=YES' - sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null - sysctl -w net.inet.udp.log_in_vain=1 >/dev/null - fi - - if [ "${icmp_bmcastecho}" = "YES" ]; then - echo -n ' broadcast ping responses=YES' - sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null - fi - - if [ "${icmp_drop_redirect}" = "YES" ]; then - echo -n ' ignore ICMP redirect=YES' - sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null - fi - - if [ "${icmp_log_redirect}" = "YES" ]; then - echo -n ' log ICMP redirect=YES' - sysctl -w net.inet.icmp.log_redirect=1 >/dev/null - fi - - if [ "${gateway_enable}" = "YES" ]; then - echo -n ' IP gateway=YES' - sysctl -w net.inet.ip.forwarding=1 >/dev/null - fi - - if [ "${forward_sourceroute}" = "YES" ]; then - echo -n ' do source routing=YES' - sysctl -w net.inet.ip.sourceroute=1 >/dev/null - fi - - if [ "${accept_sourceroute}" = "YES" ]; then - echo -n ' accept source routing=YES' - sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null - fi - - if [ "${tcp_keepalive}" = "YES" ]; then - echo -n ' TCP keepalive=YES' - sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null - fi - - if [ "X$tcp_restrict_rst" = X"YES" ]; then - echo -n ' restrict TCP reset=YES' - sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null - fi - - if [ "X$tcp_drop_synfin" = X"YES" ]; then - echo -n ' drop SYN+FIN packets=YES' - sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null - fi - - if [ "${ipxgateway_enable}" = "YES" ]; then - echo -n ' IPX gateway=YES' - sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null - fi - - if [ "${arpproxy_all}" = "YES" ]; then - echo -n ' ARP proxyall=YES' - sysctl -w net.link.ether.inet.proxyall=1 >/dev/null - fi - echo '.' - - echo -n 'routing daemons:' - if [ "${router_enable}" = "YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - - if [ "${ipxrouted_enable}" = "YES" ]; then - echo -n ' IPXrouted' - IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 - fi - - if [ "${mrouted_enable}" = "YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - - if [ "${rarpd_enable}" = "YES" ]; then - echo -n ' rarpd'; rarpd ${rarpd_flags} - fi - echo '.' - network_pass1_done=YES # Let future generations know we made it. + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then + firewall_in_kernel=1 + echo "Kernel firewall module loaded." + elif [ "${firewall_in_kernel}" -eq 0 ]; then + echo "Warning: firewall kernel module failed to load." + fi + ;; + esac + + # Load the filters if required + # + case ${firewall_in_kernel} in + 1) + if [ -z "${firewall_script}" ]; then + firewall_script=/etc/rc.firewall + fi + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ -r ${firewall_script} ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + # + case ${natd_enable} in + [Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + + echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} + fi + ;; + esac + + echo '.' + + elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi + ;; + esac + ;; + esac + + # Additional ATM interface configuration + # + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + + # Configure routing + # + case ${defaultrouter} in + [Nn][Oo] | '') + ;; + *) + static_routes="default ${static_routes}" + route_default="default ${defaultrouter}" + ;; + esac + + # Set up any static routes. This should be done before router discovery. + # + if [ -n "${static_routes}" ]; then + for i in ${static_routes}; do + eval route_args=\$route_${i} + route add ${route_args} + done + fi + + echo -n 'Additional routing options:' + case ${tcp_extensions} in + [Yy][Ee][Ss] | '') + ;; + *) + echo -n ' tcp extensions=NO' + sysctl -w net.inet.tcp.rfc1323=0 >/dev/null + ;; + esac + + case ${log_in_vain} in + [Nn][Oo] | '') + ;; + *) + echo -n ' log_in_vain=YES' + sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null + sysctl -w net.inet.udp.log_in_vain=1 >/dev/null + ;; + esac + + case ${icmp_bmcastecho} in + [Yy][Ee][Ss]) + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null + ;; + esac + + case ${icmp_drop_redirect} in + [Yy][Ee][Ss]) + echo -n ' ignore ICMP redirect=YES' + sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null + ;; + esac + + case ${icmp_log_redirect} in + [Yy][Ee][Ss]) + echo -n ' log ICMP redirect=YES' + sysctl -w net.inet.icmp.log_redirect=1 >/dev/null + ;; + esac + + case ${gateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IP gateway=YES' + sysctl -w net.inet.ip.forwarding=1 >/dev/null + ;; + esac + + case ${forward_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' do source routing=YES' + sysctl -w net.inet.ip.sourceroute=1 >/dev/null + ;; + esac + + case ${accept_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' accept source routing=YES' + sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null + ;; + esac + + case ${tcp_keepalive} in + [Yy][Ee][Ss]) + echo -n ' TCP keepalive=YES' + sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null + ;; + esac + + case ${tcp_restrict_rst} in + [Yy][Ee][Ss]) + echo -n ' restrict TCP reset=YES' + sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null + ;; + esac + + case ${tcp_drop_synfin} in + [Yy][Ee][Ss]) + echo -n ' drop SYN+FIN packets=YES' + sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null + ;; + esac + + case ${ipxgateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IPX gateway=YES' + sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null + ;; + esac + + case ${arpproxy_all} in + [Yy][Ee][Ss]) + echo -n ' ARP proxyall=YES' + sysctl -w net.link.ether.inet.proxyall=1 >/dev/null + ;; + esac + echo '.' + + echo -n 'routing daemons:' + case ${router_enable} in + [Yy][Ee][Ss]) + echo -n " ${router}"; ${router} ${router_flags} + ;; + esac + + case ${ipxrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' IPXrouted' + IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 + ;; + esac + + case ${mrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' mrouted'; mrouted ${mrouted_flags} + ;; + esac + + case ${rarpd_enable} in + [Yy][Ee][Ss]) + echo -n ' rarpd'; rarpd ${rarpd_flags} + ;; + esac + echo '.' + + # Let future generations know we made it. + # + network_pass1_done=YES } network_pass2() { - echo -n 'Doing additional network setup:' - if [ "${named_enable}" = "YES" ]; then - echo -n ' named'; ${named_program-"named"} ${named_flags} - fi - - if [ "${ntpdate_enable}" = "YES" ]; then - echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 - fi - - if [ "${xntpd_enable}" = "YES" ]; then - echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} - fi - - if [ "${timed_enable}" = "YES" ]; then - echo -n ' timed'; timed ${timed_flags} - fi - - if [ "${portmap_enable}" = "YES" ]; then - echo -n ' portmap'; ${portmap_program} ${portmap_flags} - fi - - # Start ypserv if we're an NIS server. - # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. - if [ "${nis_server_enable}" = "YES" ]; then - echo -n ' ypserv'; ypserv ${nis_server_flags} - - if [ "${nis_ypxfrd_enable}" = "YES" ]; then - echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} - fi - - if [ "${nis_yppasswdd_enable}" = "YES" ]; then - echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} - fi - fi - - # Start ypbind if we're an NIS client - if [ "${nis_client_enable}" = "YES" ]; then - echo -n ' ypbind'; ypbind ${nis_client_flags} - if [ "${nis_ypset_enable}" = "YES" ]; then - echo -n ' ypset'; ypset ${nis_ypset_flags} - fi - fi - - # Start keyserv if we are running Secure RPC - if [ "${keyserv_enable}" = "YES" ]; then - echo -n ' keyserv'; keyserv ${keyserv_flags} - fi - # Start ypupdated if we are running Secure RPC and we are NIS master - if [ "${rpc_ypupdated_enable}" = "YES" ]; then - echo -n ' rpc.ypupdated'; rpc.ypupdated - fi - - # Start ATM daemons - if [ -n "${atm_pass2_done}" ]; then - atm_pass3 - fi - - echo '.' - network_pass2_done=YES + echo -n 'Doing additional network setup:' + case ${named_enable} in + [Yy][Ee][Ss]) + echo -n ' named'; ${named_program:-named} ${named_flags} + ;; + esac + + case ${ntpdate_enable} in + [Yy][Ee][Ss]) + echo -n ' ntpdate' + ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 + ;; + esac + + case ${xntpd_enable} in + [Yy][Ee][Ss]) + echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} + ;; + esac + + case ${timed_enable} in + [Yy][Ee][Ss]) + echo -n ' timed'; timed ${timed_flags} + ;; + esac + + case ${portmap_enable} in + [Yy][Ee][Ss]) + echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} + ;; + esac + + # Start ypserv if we're an NIS server. + # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. + # + case ${nis_server_enable} in + [Yy][Ee][Ss]) + echo -n ' ypserv'; ypserv ${nis_server_flags} + + case ${nis_ypxfrd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypxfrd' + rpc.ypxfrd ${nis_ypxfrd_flags} + ;; + esac + + case ${nis_yppasswdd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.yppasswdd' + rpc.yppasswdd ${nis_yppasswdd_flags} + ;; + esac + ;; + esac + + # Start ypbind if we're an NIS client + # + case ${nis_client_enable} in + [Yy][Ee][Ss]) + echo -n ' ypbind'; ypbind ${nis_client_flags} + case ${nis_ypset_enable} in + [Yy][Ee][Ss]) + echo -n ' ypset'; ypset ${nis_ypset_flags} + ;; + esac + ;; + esac + + # Start keyserv if we are running Secure RPC + # + case ${keyserv_enable} in + [Yy][Ee][Ss]) + echo -n ' keyserv'; keyserv ${keyserv_flags} + ;; + esac + + # Start ypupdated if we are running Secure RPC and we are NIS master + # + case ${rpc_ypupdated_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypupdated'; rpc.ypupdated + ;; + esac + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + + echo '.' + network_pass2_done=YES } network_pass3() { - echo -n 'Starting final network daemons:' - - if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then - echo -n ' mountd' - if [ "${weak_mountd_authentication}" = "YES" ]; then - mountd_flags="-n" - fi - mountd ${mountd_flags} - if [ "${nfs_reserved_port_only}" = "YES" ]; then - echo -n ' NFS on reserved port only=YES' - sysctl -w vfs.nfs.nfs_privport=1 >/dev/null - fi - echo -n ' nfsd'; nfsd ${nfs_server_flags} - if [ "${rpc_lockd_enable}" = "YES" ]; then - echo -n ' rpc.lockd'; rpc.lockd - fi - if [ "${rpc_statd_enable}" = "YES" ]; then - echo -n ' rpc.statd'; rpc.statd - fi - fi - - if [ "${nfs_client_enable}" = "YES" ]; then - echo -n ' nfsiod'; nfsiod ${nfs_client_flags} - if [ "${nfs_access_cache}" != "X" ]; then + echo -n 'Starting final network daemons:' + + case ${nfs_server_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/exports ]; then + echo -n ' mountd' + + case ${weak_mountd_authentication} in + [Yy][Ee][Ss]) + mountd_flags="-n" + ;; + esac + + mountd ${mountd_flags} + + case ${nfs_reserved_port_only} in + [Yy][Ee][Ss]) + echo -n ' NFS on reserved port only=YES' + sysctl -w vfs.nfs.nfs_privport=1 >/dev/null + ;; + esac + + echo -n ' nfsd'; nfsd ${nfs_server_flags} + + case ${rpc_lockd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.lockd'; rpc.lockd + ;; + esac + + case ${rpc_statd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.statd'; rpc.statd + ;; + esac + fi + ;; + esac + + case ${nfs_client_enable} in + [Yy][Ee][Ss]) + echo -n ' nfsiod'; nfsiod ${nfs_client_flags} + if [ -n "${nfs_access_cache}" ]; then echo -n " NFS access cache time=${nfs_access_cache}" sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ - >/dev/null - fi - fi - - if [ "${amd_enable}" = "YES" ]; then - echo -n ' amd' - if [ "${amd_map_program}" != "NO" ]; then - amd_flags="${amd_flags} `eval ${amd_map_program}`" - fi - if [ -n "${amd_flags}" ] - then - amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null - else - amd 2> /dev/null - fi - fi - - if [ "${rwhod_enable}" = "YES" ]; then - echo -n ' rwhod'; rwhod ${rwhod_flags} - fi - - # Kerberos runs ONLY on the Kerberos server machine - if [ "${kerberos_server_enable}" = "YES" ]; then - if [ "${kerberos_stash}" = "YES" ]; then - stash_flag=-n - else - stash_flag= - fi - echo -n ' kerberos'; \ + >/dev/null + fi + ;; + esac + + case ${amd_enable} in + [Yy][Ee][Ss]) + echo -n ' amd' + case ${amd_map_program} in + [Nn][Oo] | '') + ;; + *) + amd_flags="${amd_flags} `eval ${amd_map_program}`" + ;; + esac + + if [ -n "${amd_flags}" ]; then + amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null + else + amd 2> /dev/null + fi + ;; + esac + + case ${rwhod_enable} in + [Yy][Ee][Ss]) + echo -n ' rwhod'; rwhod ${rwhod_flags} + ;; + esac + + # Kerberos runs ONLY on the Kerberos server machine + case ${kerberos_server_enable} in + [Yy][Ee][Ss]) + case ${kerberos_stash} in + [Yy][Ee][Ss]) + stash_flag=-n + ;; + *) + stash_flag= + ;; + esac + + echo -n ' kerberos' kerberos ${stash_flag} >> /var/log/kerberos.log & - if [ "${kadmind_server_enable}" = "YES" ]; then - echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & - fi - unset stash_flag - fi - - echo '.' - network_pass3_done=YES + + case ${kadmind_server_enable} in + [Yy][Ee][Ss]) + echo -n ' kadmind' + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & + ;; + esac + unset stash_flag + ;; + esac + + echo '.' + network_pass3_done=YES } diff --git a/etc/rc.d/network1 b/etc/rc.d/network1 index 781c73f..5ddce80 100644 --- a/etc/rc.d/network1 +++ b/etc/rc.d/network1 @@ -3,400 +3,574 @@ # $FreeBSD$ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/rc.conf. Please check that file +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file # first before contemplating any changes here. If you do need to change # this file for some reason, we would like to know about it. # First pass startup stuff. - +# network_pass1() { - echo -n 'Doing initial network setup:' - # Set the host name if it is not already set - if [ -z "`hostname -s`" ] ; then - hostname ${hostname} - echo -n ' hostname' - fi - - # Set the domainname if we're using NIS - if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then - domainname ${nisdomainname} - echo -n ' domain' - fi - echo '.' - - # Initial ATM interface configuration - if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then - . /etc/rc.atm - atm_pass1 - fi - - # ISDN subsystem startup - if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then - . /etc/rc.isdn - fi - - # Special options for sppp(4) interfaces go here. These need - # to go _before_ the general ifconfig section, since in the case - # of hardwired (no link1 flag) but required authentication, you - # cannot pass auth parameters down to the already running interface. - for ifn in ${sppp_interfaces}; do - eval spppcontrol_args=\$spppconfig_${ifn} - if [ -n "${spppcontrol_args}" ] ; then - # The auth secrets might contain spaces; in order - # to retain the quotation, we need to eval them - # here. - eval spppcontrol ${ifn} ${spppcontrol_args} - fi - done - - # Set up all the network interfaces, calling startup scripts if needed - if [ "${network_interfaces}" = "auto" ]; then - network_interfaces="`ifconfig -l`" - fi - for ifn in ${network_interfaces}; do - showstat=false - if [ -e /etc/start_if.${ifn} ]; then - . /etc/start_if.${ifn} - showstat=true - fi - # Do the primary ifconfig if specified - eval ifconfig_args=\$ifconfig_${ifn} - if [ -n "${ifconfig_args}" ] ; then - # See if we are using DHCP - if [ "${ifconfig_args}" = "DHCP" ]; then - ${dhcp_program} ${dhcp_flags} ${ifn} - else - ifconfig ${ifn} ${ifconfig_args} - fi - showstat=true - fi - # Check to see if aliases need to be added - alias=0 - while : - do - eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} alias - showstat=true - alias=`expr ${alias} + 1` - else - break; - fi - done - # Do ipx address if specified - eval ifconfig_args=\$ifconfig_${ifn}_ipx - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} - showstat=true - fi - if [ "${showstat}" = "true" ] - then - ifconfig ${ifn} - fi - done - - # Warm up user ppp if required, must happen before natd. - if [ "${ppp_enable}" = "YES" ]; then - # Establish ppp mode. - if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ - -a "${ppp_mode}" != "dedicated" \ - -a "${ppp_mode}" != "background" ]; then - ppp_mode="auto"; - fi - ppp_command="-${ppp_mode} "; - - # Switch on alias mode? - if [ "${ppp_nat}" = "YES" ]; then - ppp_command="${ppp_command} -nat"; - fi - - echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} - fi - - # Initialize IP filtering using ipfw - echo "" - /sbin/ipfw -q flush > /dev/null 2>&1 - if [ $? = 0 ] ; then - firewall_in_kernel=1 - else - firewall_in_kernel=0 - fi - - if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then - if kldload ipfw; then - firewall_in_kernel=1 # module loaded successfully - echo "Kernel firewall module loaded." - else - echo "Warning: firewall kernel module failed to load." - fi - fi + echo -n 'Doing initial network setup:' - # Load the filters if required - if [ ${firewall_in_kernel} = 1 ]; then - if [ -z "${firewall_script}" ] ; then - firewall_script="/etc/rc.firewall" + # Set the host name if it is not already set + # + if [ -z "`hostname -s`" ]; then + hostname ${hostname} + echo -n ' hostname' fi - if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then - . ${firewall_script} - echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" + + # Set the domainname if we're using NIS + # + case ${nisdomainname} in + [Nn][Oo] | '') + ;; + *) + domainname ${nisdomainname} + echo -n ' domain' + ;; + esac + + echo '.' + + # Initial ATM interface configuration + # + case ${atm_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + ;; + esac + + # ISDN subsystem startup + # + case ${isdn_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.isdn ]; then + . /etc/rc.isdn + fi + ;; + esac + + # Special options for sppp(4) interfaces go here. These need + # to go _before_ the general ifconfig section, since in the case + # of hardwired (no link1 flag) but required authentication, you + # cannot pass auth parameters down to the already running interface. + # + for ifn in ${sppp_interfaces}; do + eval spppcontrol_args=\$spppconfig_${ifn} + if [ -n "${spppcontrol_args}" ]; then + # The auth secrets might contain spaces; in order + # to retain the quotation, we need to eval them + # here. + eval spppcontrol ${ifn} ${spppcontrol_args} + fi + done + + # Set up all the network interfaces, calling startup scripts if needed + # + case ${network_interfaces} in + [Aa][Uu][Tt][Oo]) + network_interfaces="`ifconfig -l`" + ;; + esac + + for ifn in ${network_interfaces}; do + showstat=false + if [ -r /etc/start_if.${ifn} ]; then + . /etc/start_if.${ifn} + showstat=true fi - echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} - fi - echo '.' + + # Do the primary ifconfig if specified + # + eval ifconfig_args=\$ifconfig_${ifn} + + case ${ifconfig_args} in + '') + ;; + [Dd][Hh][Cc][Pp]) + ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} + showstat=true + ;; + *) + ifconfig ${ifn} ${ifconfig_args} + showstat=true + ;; + esac + + # Check to see if aliases need to be added + # + alias=0 + while : ; do + eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} alias + showstat=true + alias=`expr ${alias} + 1` + else + break; + fi + done + + # Do ipx address if specified + # + eval ifconfig_args=\$ifconfig_${ifn}_ipx + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} + showstat=true + fi + + case ${showstat} in + true) + ifconfig ${ifn} + ;; + esac + done + + # Warm up user ppp if required, must happen before natd. + # + case ${ppp_enable} in + [Yy][Ee][Ss]) + # Establish ppp mode. + # + if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ + -a "${ppp_mode}" != "dedicated" \ + -a "${ppp_mode}" != "background" ]; then + ppp_mode="auto"; + fi + + ppp_command="-${ppp_mode} "; + + # Switch on alias mode? + # + case ${ppp_nat} in + [Yy][Ee][Ss]) + ppp_command="${ppp_command} -nat"; + ;; + esac + + echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} + ;; + esac + + # Initialize IP filtering using ipfw + # + echo '' + + if /sbin/ipfw -q flush > /dev/null 2>&1; then + firewall_in_kernel=1 else - IPFW_DEFAULT=`ipfw l 65535` - if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then - echo -n "Warning: kernel has firewall functionality, " - echo "but firewall rules are not enabled." - echo " All ip services are disabled." - fi + firewall_in_kernel=0 fi - fi - - # Additional ATM interface configuration - if [ -n "${atm_pass1_done}" ]; then - atm_pass2 - fi - - # Configure routing - - if [ "${defaultrouter}" != "NO" ] ; then - static_routes="default ${static_routes}" - route_default="default ${defaultrouter}" - fi - - # Set up any static routes. This should be done before router discovery. - if [ -n "${static_routes}" ]; then - for i in ${static_routes}; do - eval route_args=\$route_${i} - route add ${route_args} - done - fi - - echo -n 'Additional routing options:' - if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then - echo -n ' tcp extensions=NO' - sysctl -w net.inet.tcp.rfc1323=0 >/dev/null - fi - - if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then - echo -n ' log_in_vain=YES' - sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null - sysctl -w net.inet.udp.log_in_vain=1 >/dev/null - fi - - if [ "${icmp_bmcastecho}" = "YES" ]; then - echo -n ' broadcast ping responses=YES' - sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null - fi - - if [ "${icmp_drop_redirect}" = "YES" ]; then - echo -n ' ignore ICMP redirect=YES' - sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null - fi - - if [ "${icmp_log_redirect}" = "YES" ]; then - echo -n ' log ICMP redirect=YES' - sysctl -w net.inet.icmp.log_redirect=1 >/dev/null - fi - - if [ "${gateway_enable}" = "YES" ]; then - echo -n ' IP gateway=YES' - sysctl -w net.inet.ip.forwarding=1 >/dev/null - fi - - if [ "${forward_sourceroute}" = "YES" ]; then - echo -n ' do source routing=YES' - sysctl -w net.inet.ip.sourceroute=1 >/dev/null - fi - - if [ "${accept_sourceroute}" = "YES" ]; then - echo -n ' accept source routing=YES' - sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null - fi - - if [ "${tcp_keepalive}" = "YES" ]; then - echo -n ' TCP keepalive=YES' - sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null - fi - - if [ "X$tcp_restrict_rst" = X"YES" ]; then - echo -n ' restrict TCP reset=YES' - sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null - fi - - if [ "X$tcp_drop_synfin" = X"YES" ]; then - echo -n ' drop SYN+FIN packets=YES' - sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null - fi - - if [ "${ipxgateway_enable}" = "YES" ]; then - echo -n ' IPX gateway=YES' - sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null - fi - - if [ "${arpproxy_all}" = "YES" ]; then - echo -n ' ARP proxyall=YES' - sysctl -w net.link.ether.inet.proxyall=1 >/dev/null - fi - echo '.' - - echo -n 'routing daemons:' - if [ "${router_enable}" = "YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - - if [ "${ipxrouted_enable}" = "YES" ]; then - echo -n ' IPXrouted' - IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 - fi - - if [ "${mrouted_enable}" = "YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - - if [ "${rarpd_enable}" = "YES" ]; then - echo -n ' rarpd'; rarpd ${rarpd_flags} - fi - echo '.' - network_pass1_done=YES # Let future generations know we made it. + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then + firewall_in_kernel=1 + echo "Kernel firewall module loaded." + elif [ "${firewall_in_kernel}" -eq 0 ]; then + echo "Warning: firewall kernel module failed to load." + fi + ;; + esac + + # Load the filters if required + # + case ${firewall_in_kernel} in + 1) + if [ -z "${firewall_script}" ]; then + firewall_script=/etc/rc.firewall + fi + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ -r ${firewall_script} ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + # + case ${natd_enable} in + [Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + + echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} + fi + ;; + esac + + echo '.' + + elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi + ;; + esac + ;; + esac + + # Additional ATM interface configuration + # + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + + # Configure routing + # + case ${defaultrouter} in + [Nn][Oo] | '') + ;; + *) + static_routes="default ${static_routes}" + route_default="default ${defaultrouter}" + ;; + esac + + # Set up any static routes. This should be done before router discovery. + # + if [ -n "${static_routes}" ]; then + for i in ${static_routes}; do + eval route_args=\$route_${i} + route add ${route_args} + done + fi + + echo -n 'Additional routing options:' + case ${tcp_extensions} in + [Yy][Ee][Ss] | '') + ;; + *) + echo -n ' tcp extensions=NO' + sysctl -w net.inet.tcp.rfc1323=0 >/dev/null + ;; + esac + + case ${log_in_vain} in + [Nn][Oo] | '') + ;; + *) + echo -n ' log_in_vain=YES' + sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null + sysctl -w net.inet.udp.log_in_vain=1 >/dev/null + ;; + esac + + case ${icmp_bmcastecho} in + [Yy][Ee][Ss]) + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null + ;; + esac + + case ${icmp_drop_redirect} in + [Yy][Ee][Ss]) + echo -n ' ignore ICMP redirect=YES' + sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null + ;; + esac + + case ${icmp_log_redirect} in + [Yy][Ee][Ss]) + echo -n ' log ICMP redirect=YES' + sysctl -w net.inet.icmp.log_redirect=1 >/dev/null + ;; + esac + + case ${gateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IP gateway=YES' + sysctl -w net.inet.ip.forwarding=1 >/dev/null + ;; + esac + + case ${forward_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' do source routing=YES' + sysctl -w net.inet.ip.sourceroute=1 >/dev/null + ;; + esac + + case ${accept_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' accept source routing=YES' + sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null + ;; + esac + + case ${tcp_keepalive} in + [Yy][Ee][Ss]) + echo -n ' TCP keepalive=YES' + sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null + ;; + esac + + case ${tcp_restrict_rst} in + [Yy][Ee][Ss]) + echo -n ' restrict TCP reset=YES' + sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null + ;; + esac + + case ${tcp_drop_synfin} in + [Yy][Ee][Ss]) + echo -n ' drop SYN+FIN packets=YES' + sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null + ;; + esac + + case ${ipxgateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IPX gateway=YES' + sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null + ;; + esac + + case ${arpproxy_all} in + [Yy][Ee][Ss]) + echo -n ' ARP proxyall=YES' + sysctl -w net.link.ether.inet.proxyall=1 >/dev/null + ;; + esac + echo '.' + + echo -n 'routing daemons:' + case ${router_enable} in + [Yy][Ee][Ss]) + echo -n " ${router}"; ${router} ${router_flags} + ;; + esac + + case ${ipxrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' IPXrouted' + IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 + ;; + esac + + case ${mrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' mrouted'; mrouted ${mrouted_flags} + ;; + esac + + case ${rarpd_enable} in + [Yy][Ee][Ss]) + echo -n ' rarpd'; rarpd ${rarpd_flags} + ;; + esac + echo '.' + + # Let future generations know we made it. + # + network_pass1_done=YES } network_pass2() { - echo -n 'Doing additional network setup:' - if [ "${named_enable}" = "YES" ]; then - echo -n ' named'; ${named_program-"named"} ${named_flags} - fi - - if [ "${ntpdate_enable}" = "YES" ]; then - echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 - fi - - if [ "${xntpd_enable}" = "YES" ]; then - echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} - fi - - if [ "${timed_enable}" = "YES" ]; then - echo -n ' timed'; timed ${timed_flags} - fi - - if [ "${portmap_enable}" = "YES" ]; then - echo -n ' portmap'; ${portmap_program} ${portmap_flags} - fi - - # Start ypserv if we're an NIS server. - # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. - if [ "${nis_server_enable}" = "YES" ]; then - echo -n ' ypserv'; ypserv ${nis_server_flags} - - if [ "${nis_ypxfrd_enable}" = "YES" ]; then - echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} - fi - - if [ "${nis_yppasswdd_enable}" = "YES" ]; then - echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} - fi - fi - - # Start ypbind if we're an NIS client - if [ "${nis_client_enable}" = "YES" ]; then - echo -n ' ypbind'; ypbind ${nis_client_flags} - if [ "${nis_ypset_enable}" = "YES" ]; then - echo -n ' ypset'; ypset ${nis_ypset_flags} - fi - fi - - # Start keyserv if we are running Secure RPC - if [ "${keyserv_enable}" = "YES" ]; then - echo -n ' keyserv'; keyserv ${keyserv_flags} - fi - # Start ypupdated if we are running Secure RPC and we are NIS master - if [ "${rpc_ypupdated_enable}" = "YES" ]; then - echo -n ' rpc.ypupdated'; rpc.ypupdated - fi - - # Start ATM daemons - if [ -n "${atm_pass2_done}" ]; then - atm_pass3 - fi - - echo '.' - network_pass2_done=YES + echo -n 'Doing additional network setup:' + case ${named_enable} in + [Yy][Ee][Ss]) + echo -n ' named'; ${named_program:-named} ${named_flags} + ;; + esac + + case ${ntpdate_enable} in + [Yy][Ee][Ss]) + echo -n ' ntpdate' + ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 + ;; + esac + + case ${xntpd_enable} in + [Yy][Ee][Ss]) + echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} + ;; + esac + + case ${timed_enable} in + [Yy][Ee][Ss]) + echo -n ' timed'; timed ${timed_flags} + ;; + esac + + case ${portmap_enable} in + [Yy][Ee][Ss]) + echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} + ;; + esac + + # Start ypserv if we're an NIS server. + # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. + # + case ${nis_server_enable} in + [Yy][Ee][Ss]) + echo -n ' ypserv'; ypserv ${nis_server_flags} + + case ${nis_ypxfrd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypxfrd' + rpc.ypxfrd ${nis_ypxfrd_flags} + ;; + esac + + case ${nis_yppasswdd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.yppasswdd' + rpc.yppasswdd ${nis_yppasswdd_flags} + ;; + esac + ;; + esac + + # Start ypbind if we're an NIS client + # + case ${nis_client_enable} in + [Yy][Ee][Ss]) + echo -n ' ypbind'; ypbind ${nis_client_flags} + case ${nis_ypset_enable} in + [Yy][Ee][Ss]) + echo -n ' ypset'; ypset ${nis_ypset_flags} + ;; + esac + ;; + esac + + # Start keyserv if we are running Secure RPC + # + case ${keyserv_enable} in + [Yy][Ee][Ss]) + echo -n ' keyserv'; keyserv ${keyserv_flags} + ;; + esac + + # Start ypupdated if we are running Secure RPC and we are NIS master + # + case ${rpc_ypupdated_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypupdated'; rpc.ypupdated + ;; + esac + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + + echo '.' + network_pass2_done=YES } network_pass3() { - echo -n 'Starting final network daemons:' - - if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then - echo -n ' mountd' - if [ "${weak_mountd_authentication}" = "YES" ]; then - mountd_flags="-n" - fi - mountd ${mountd_flags} - if [ "${nfs_reserved_port_only}" = "YES" ]; then - echo -n ' NFS on reserved port only=YES' - sysctl -w vfs.nfs.nfs_privport=1 >/dev/null - fi - echo -n ' nfsd'; nfsd ${nfs_server_flags} - if [ "${rpc_lockd_enable}" = "YES" ]; then - echo -n ' rpc.lockd'; rpc.lockd - fi - if [ "${rpc_statd_enable}" = "YES" ]; then - echo -n ' rpc.statd'; rpc.statd - fi - fi - - if [ "${nfs_client_enable}" = "YES" ]; then - echo -n ' nfsiod'; nfsiod ${nfs_client_flags} - if [ "${nfs_access_cache}" != "X" ]; then + echo -n 'Starting final network daemons:' + + case ${nfs_server_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/exports ]; then + echo -n ' mountd' + + case ${weak_mountd_authentication} in + [Yy][Ee][Ss]) + mountd_flags="-n" + ;; + esac + + mountd ${mountd_flags} + + case ${nfs_reserved_port_only} in + [Yy][Ee][Ss]) + echo -n ' NFS on reserved port only=YES' + sysctl -w vfs.nfs.nfs_privport=1 >/dev/null + ;; + esac + + echo -n ' nfsd'; nfsd ${nfs_server_flags} + + case ${rpc_lockd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.lockd'; rpc.lockd + ;; + esac + + case ${rpc_statd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.statd'; rpc.statd + ;; + esac + fi + ;; + esac + + case ${nfs_client_enable} in + [Yy][Ee][Ss]) + echo -n ' nfsiod'; nfsiod ${nfs_client_flags} + if [ -n "${nfs_access_cache}" ]; then echo -n " NFS access cache time=${nfs_access_cache}" sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ - >/dev/null - fi - fi - - if [ "${amd_enable}" = "YES" ]; then - echo -n ' amd' - if [ "${amd_map_program}" != "NO" ]; then - amd_flags="${amd_flags} `eval ${amd_map_program}`" - fi - if [ -n "${amd_flags}" ] - then - amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null - else - amd 2> /dev/null - fi - fi - - if [ "${rwhod_enable}" = "YES" ]; then - echo -n ' rwhod'; rwhod ${rwhod_flags} - fi - - # Kerberos runs ONLY on the Kerberos server machine - if [ "${kerberos_server_enable}" = "YES" ]; then - if [ "${kerberos_stash}" = "YES" ]; then - stash_flag=-n - else - stash_flag= - fi - echo -n ' kerberos'; \ + >/dev/null + fi + ;; + esac + + case ${amd_enable} in + [Yy][Ee][Ss]) + echo -n ' amd' + case ${amd_map_program} in + [Nn][Oo] | '') + ;; + *) + amd_flags="${amd_flags} `eval ${amd_map_program}`" + ;; + esac + + if [ -n "${amd_flags}" ]; then + amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null + else + amd 2> /dev/null + fi + ;; + esac + + case ${rwhod_enable} in + [Yy][Ee][Ss]) + echo -n ' rwhod'; rwhod ${rwhod_flags} + ;; + esac + + # Kerberos runs ONLY on the Kerberos server machine + case ${kerberos_server_enable} in + [Yy][Ee][Ss]) + case ${kerberos_stash} in + [Yy][Ee][Ss]) + stash_flag=-n + ;; + *) + stash_flag= + ;; + esac + + echo -n ' kerberos' kerberos ${stash_flag} >> /var/log/kerberos.log & - if [ "${kadmind_server_enable}" = "YES" ]; then - echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & - fi - unset stash_flag - fi - - echo '.' - network_pass3_done=YES + + case ${kadmind_server_enable} in + [Yy][Ee][Ss]) + echo -n ' kadmind' + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & + ;; + esac + unset stash_flag + ;; + esac + + echo '.' + network_pass3_done=YES } diff --git a/etc/rc.d/network2 b/etc/rc.d/network2 index 781c73f..5ddce80 100644 --- a/etc/rc.d/network2 +++ b/etc/rc.d/network2 @@ -3,400 +3,574 @@ # $FreeBSD$ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/rc.conf. Please check that file +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file # first before contemplating any changes here. If you do need to change # this file for some reason, we would like to know about it. # First pass startup stuff. - +# network_pass1() { - echo -n 'Doing initial network setup:' - # Set the host name if it is not already set - if [ -z "`hostname -s`" ] ; then - hostname ${hostname} - echo -n ' hostname' - fi - - # Set the domainname if we're using NIS - if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then - domainname ${nisdomainname} - echo -n ' domain' - fi - echo '.' - - # Initial ATM interface configuration - if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then - . /etc/rc.atm - atm_pass1 - fi - - # ISDN subsystem startup - if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then - . /etc/rc.isdn - fi - - # Special options for sppp(4) interfaces go here. These need - # to go _before_ the general ifconfig section, since in the case - # of hardwired (no link1 flag) but required authentication, you - # cannot pass auth parameters down to the already running interface. - for ifn in ${sppp_interfaces}; do - eval spppcontrol_args=\$spppconfig_${ifn} - if [ -n "${spppcontrol_args}" ] ; then - # The auth secrets might contain spaces; in order - # to retain the quotation, we need to eval them - # here. - eval spppcontrol ${ifn} ${spppcontrol_args} - fi - done - - # Set up all the network interfaces, calling startup scripts if needed - if [ "${network_interfaces}" = "auto" ]; then - network_interfaces="`ifconfig -l`" - fi - for ifn in ${network_interfaces}; do - showstat=false - if [ -e /etc/start_if.${ifn} ]; then - . /etc/start_if.${ifn} - showstat=true - fi - # Do the primary ifconfig if specified - eval ifconfig_args=\$ifconfig_${ifn} - if [ -n "${ifconfig_args}" ] ; then - # See if we are using DHCP - if [ "${ifconfig_args}" = "DHCP" ]; then - ${dhcp_program} ${dhcp_flags} ${ifn} - else - ifconfig ${ifn} ${ifconfig_args} - fi - showstat=true - fi - # Check to see if aliases need to be added - alias=0 - while : - do - eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} alias - showstat=true - alias=`expr ${alias} + 1` - else - break; - fi - done - # Do ipx address if specified - eval ifconfig_args=\$ifconfig_${ifn}_ipx - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} - showstat=true - fi - if [ "${showstat}" = "true" ] - then - ifconfig ${ifn} - fi - done - - # Warm up user ppp if required, must happen before natd. - if [ "${ppp_enable}" = "YES" ]; then - # Establish ppp mode. - if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ - -a "${ppp_mode}" != "dedicated" \ - -a "${ppp_mode}" != "background" ]; then - ppp_mode="auto"; - fi - ppp_command="-${ppp_mode} "; - - # Switch on alias mode? - if [ "${ppp_nat}" = "YES" ]; then - ppp_command="${ppp_command} -nat"; - fi - - echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} - fi - - # Initialize IP filtering using ipfw - echo "" - /sbin/ipfw -q flush > /dev/null 2>&1 - if [ $? = 0 ] ; then - firewall_in_kernel=1 - else - firewall_in_kernel=0 - fi - - if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then - if kldload ipfw; then - firewall_in_kernel=1 # module loaded successfully - echo "Kernel firewall module loaded." - else - echo "Warning: firewall kernel module failed to load." - fi - fi + echo -n 'Doing initial network setup:' - # Load the filters if required - if [ ${firewall_in_kernel} = 1 ]; then - if [ -z "${firewall_script}" ] ; then - firewall_script="/etc/rc.firewall" + # Set the host name if it is not already set + # + if [ -z "`hostname -s`" ]; then + hostname ${hostname} + echo -n ' hostname' fi - if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then - . ${firewall_script} - echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" + + # Set the domainname if we're using NIS + # + case ${nisdomainname} in + [Nn][Oo] | '') + ;; + *) + domainname ${nisdomainname} + echo -n ' domain' + ;; + esac + + echo '.' + + # Initial ATM interface configuration + # + case ${atm_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + ;; + esac + + # ISDN subsystem startup + # + case ${isdn_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.isdn ]; then + . /etc/rc.isdn + fi + ;; + esac + + # Special options for sppp(4) interfaces go here. These need + # to go _before_ the general ifconfig section, since in the case + # of hardwired (no link1 flag) but required authentication, you + # cannot pass auth parameters down to the already running interface. + # + for ifn in ${sppp_interfaces}; do + eval spppcontrol_args=\$spppconfig_${ifn} + if [ -n "${spppcontrol_args}" ]; then + # The auth secrets might contain spaces; in order + # to retain the quotation, we need to eval them + # here. + eval spppcontrol ${ifn} ${spppcontrol_args} + fi + done + + # Set up all the network interfaces, calling startup scripts if needed + # + case ${network_interfaces} in + [Aa][Uu][Tt][Oo]) + network_interfaces="`ifconfig -l`" + ;; + esac + + for ifn in ${network_interfaces}; do + showstat=false + if [ -r /etc/start_if.${ifn} ]; then + . /etc/start_if.${ifn} + showstat=true fi - echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} - fi - echo '.' + + # Do the primary ifconfig if specified + # + eval ifconfig_args=\$ifconfig_${ifn} + + case ${ifconfig_args} in + '') + ;; + [Dd][Hh][Cc][Pp]) + ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} + showstat=true + ;; + *) + ifconfig ${ifn} ${ifconfig_args} + showstat=true + ;; + esac + + # Check to see if aliases need to be added + # + alias=0 + while : ; do + eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} alias + showstat=true + alias=`expr ${alias} + 1` + else + break; + fi + done + + # Do ipx address if specified + # + eval ifconfig_args=\$ifconfig_${ifn}_ipx + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} + showstat=true + fi + + case ${showstat} in + true) + ifconfig ${ifn} + ;; + esac + done + + # Warm up user ppp if required, must happen before natd. + # + case ${ppp_enable} in + [Yy][Ee][Ss]) + # Establish ppp mode. + # + if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ + -a "${ppp_mode}" != "dedicated" \ + -a "${ppp_mode}" != "background" ]; then + ppp_mode="auto"; + fi + + ppp_command="-${ppp_mode} "; + + # Switch on alias mode? + # + case ${ppp_nat} in + [Yy][Ee][Ss]) + ppp_command="${ppp_command} -nat"; + ;; + esac + + echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} + ;; + esac + + # Initialize IP filtering using ipfw + # + echo '' + + if /sbin/ipfw -q flush > /dev/null 2>&1; then + firewall_in_kernel=1 else - IPFW_DEFAULT=`ipfw l 65535` - if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then - echo -n "Warning: kernel has firewall functionality, " - echo "but firewall rules are not enabled." - echo " All ip services are disabled." - fi + firewall_in_kernel=0 fi - fi - - # Additional ATM interface configuration - if [ -n "${atm_pass1_done}" ]; then - atm_pass2 - fi - - # Configure routing - - if [ "${defaultrouter}" != "NO" ] ; then - static_routes="default ${static_routes}" - route_default="default ${defaultrouter}" - fi - - # Set up any static routes. This should be done before router discovery. - if [ -n "${static_routes}" ]; then - for i in ${static_routes}; do - eval route_args=\$route_${i} - route add ${route_args} - done - fi - - echo -n 'Additional routing options:' - if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then - echo -n ' tcp extensions=NO' - sysctl -w net.inet.tcp.rfc1323=0 >/dev/null - fi - - if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then - echo -n ' log_in_vain=YES' - sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null - sysctl -w net.inet.udp.log_in_vain=1 >/dev/null - fi - - if [ "${icmp_bmcastecho}" = "YES" ]; then - echo -n ' broadcast ping responses=YES' - sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null - fi - - if [ "${icmp_drop_redirect}" = "YES" ]; then - echo -n ' ignore ICMP redirect=YES' - sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null - fi - - if [ "${icmp_log_redirect}" = "YES" ]; then - echo -n ' log ICMP redirect=YES' - sysctl -w net.inet.icmp.log_redirect=1 >/dev/null - fi - - if [ "${gateway_enable}" = "YES" ]; then - echo -n ' IP gateway=YES' - sysctl -w net.inet.ip.forwarding=1 >/dev/null - fi - - if [ "${forward_sourceroute}" = "YES" ]; then - echo -n ' do source routing=YES' - sysctl -w net.inet.ip.sourceroute=1 >/dev/null - fi - - if [ "${accept_sourceroute}" = "YES" ]; then - echo -n ' accept source routing=YES' - sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null - fi - - if [ "${tcp_keepalive}" = "YES" ]; then - echo -n ' TCP keepalive=YES' - sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null - fi - - if [ "X$tcp_restrict_rst" = X"YES" ]; then - echo -n ' restrict TCP reset=YES' - sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null - fi - - if [ "X$tcp_drop_synfin" = X"YES" ]; then - echo -n ' drop SYN+FIN packets=YES' - sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null - fi - - if [ "${ipxgateway_enable}" = "YES" ]; then - echo -n ' IPX gateway=YES' - sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null - fi - - if [ "${arpproxy_all}" = "YES" ]; then - echo -n ' ARP proxyall=YES' - sysctl -w net.link.ether.inet.proxyall=1 >/dev/null - fi - echo '.' - - echo -n 'routing daemons:' - if [ "${router_enable}" = "YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - - if [ "${ipxrouted_enable}" = "YES" ]; then - echo -n ' IPXrouted' - IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 - fi - - if [ "${mrouted_enable}" = "YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - - if [ "${rarpd_enable}" = "YES" ]; then - echo -n ' rarpd'; rarpd ${rarpd_flags} - fi - echo '.' - network_pass1_done=YES # Let future generations know we made it. + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then + firewall_in_kernel=1 + echo "Kernel firewall module loaded." + elif [ "${firewall_in_kernel}" -eq 0 ]; then + echo "Warning: firewall kernel module failed to load." + fi + ;; + esac + + # Load the filters if required + # + case ${firewall_in_kernel} in + 1) + if [ -z "${firewall_script}" ]; then + firewall_script=/etc/rc.firewall + fi + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ -r ${firewall_script} ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + # + case ${natd_enable} in + [Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + + echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} + fi + ;; + esac + + echo '.' + + elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi + ;; + esac + ;; + esac + + # Additional ATM interface configuration + # + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + + # Configure routing + # + case ${defaultrouter} in + [Nn][Oo] | '') + ;; + *) + static_routes="default ${static_routes}" + route_default="default ${defaultrouter}" + ;; + esac + + # Set up any static routes. This should be done before router discovery. + # + if [ -n "${static_routes}" ]; then + for i in ${static_routes}; do + eval route_args=\$route_${i} + route add ${route_args} + done + fi + + echo -n 'Additional routing options:' + case ${tcp_extensions} in + [Yy][Ee][Ss] | '') + ;; + *) + echo -n ' tcp extensions=NO' + sysctl -w net.inet.tcp.rfc1323=0 >/dev/null + ;; + esac + + case ${log_in_vain} in + [Nn][Oo] | '') + ;; + *) + echo -n ' log_in_vain=YES' + sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null + sysctl -w net.inet.udp.log_in_vain=1 >/dev/null + ;; + esac + + case ${icmp_bmcastecho} in + [Yy][Ee][Ss]) + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null + ;; + esac + + case ${icmp_drop_redirect} in + [Yy][Ee][Ss]) + echo -n ' ignore ICMP redirect=YES' + sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null + ;; + esac + + case ${icmp_log_redirect} in + [Yy][Ee][Ss]) + echo -n ' log ICMP redirect=YES' + sysctl -w net.inet.icmp.log_redirect=1 >/dev/null + ;; + esac + + case ${gateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IP gateway=YES' + sysctl -w net.inet.ip.forwarding=1 >/dev/null + ;; + esac + + case ${forward_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' do source routing=YES' + sysctl -w net.inet.ip.sourceroute=1 >/dev/null + ;; + esac + + case ${accept_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' accept source routing=YES' + sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null + ;; + esac + + case ${tcp_keepalive} in + [Yy][Ee][Ss]) + echo -n ' TCP keepalive=YES' + sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null + ;; + esac + + case ${tcp_restrict_rst} in + [Yy][Ee][Ss]) + echo -n ' restrict TCP reset=YES' + sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null + ;; + esac + + case ${tcp_drop_synfin} in + [Yy][Ee][Ss]) + echo -n ' drop SYN+FIN packets=YES' + sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null + ;; + esac + + case ${ipxgateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IPX gateway=YES' + sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null + ;; + esac + + case ${arpproxy_all} in + [Yy][Ee][Ss]) + echo -n ' ARP proxyall=YES' + sysctl -w net.link.ether.inet.proxyall=1 >/dev/null + ;; + esac + echo '.' + + echo -n 'routing daemons:' + case ${router_enable} in + [Yy][Ee][Ss]) + echo -n " ${router}"; ${router} ${router_flags} + ;; + esac + + case ${ipxrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' IPXrouted' + IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 + ;; + esac + + case ${mrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' mrouted'; mrouted ${mrouted_flags} + ;; + esac + + case ${rarpd_enable} in + [Yy][Ee][Ss]) + echo -n ' rarpd'; rarpd ${rarpd_flags} + ;; + esac + echo '.' + + # Let future generations know we made it. + # + network_pass1_done=YES } network_pass2() { - echo -n 'Doing additional network setup:' - if [ "${named_enable}" = "YES" ]; then - echo -n ' named'; ${named_program-"named"} ${named_flags} - fi - - if [ "${ntpdate_enable}" = "YES" ]; then - echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 - fi - - if [ "${xntpd_enable}" = "YES" ]; then - echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} - fi - - if [ "${timed_enable}" = "YES" ]; then - echo -n ' timed'; timed ${timed_flags} - fi - - if [ "${portmap_enable}" = "YES" ]; then - echo -n ' portmap'; ${portmap_program} ${portmap_flags} - fi - - # Start ypserv if we're an NIS server. - # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. - if [ "${nis_server_enable}" = "YES" ]; then - echo -n ' ypserv'; ypserv ${nis_server_flags} - - if [ "${nis_ypxfrd_enable}" = "YES" ]; then - echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} - fi - - if [ "${nis_yppasswdd_enable}" = "YES" ]; then - echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} - fi - fi - - # Start ypbind if we're an NIS client - if [ "${nis_client_enable}" = "YES" ]; then - echo -n ' ypbind'; ypbind ${nis_client_flags} - if [ "${nis_ypset_enable}" = "YES" ]; then - echo -n ' ypset'; ypset ${nis_ypset_flags} - fi - fi - - # Start keyserv if we are running Secure RPC - if [ "${keyserv_enable}" = "YES" ]; then - echo -n ' keyserv'; keyserv ${keyserv_flags} - fi - # Start ypupdated if we are running Secure RPC and we are NIS master - if [ "${rpc_ypupdated_enable}" = "YES" ]; then - echo -n ' rpc.ypupdated'; rpc.ypupdated - fi - - # Start ATM daemons - if [ -n "${atm_pass2_done}" ]; then - atm_pass3 - fi - - echo '.' - network_pass2_done=YES + echo -n 'Doing additional network setup:' + case ${named_enable} in + [Yy][Ee][Ss]) + echo -n ' named'; ${named_program:-named} ${named_flags} + ;; + esac + + case ${ntpdate_enable} in + [Yy][Ee][Ss]) + echo -n ' ntpdate' + ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 + ;; + esac + + case ${xntpd_enable} in + [Yy][Ee][Ss]) + echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} + ;; + esac + + case ${timed_enable} in + [Yy][Ee][Ss]) + echo -n ' timed'; timed ${timed_flags} + ;; + esac + + case ${portmap_enable} in + [Yy][Ee][Ss]) + echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} + ;; + esac + + # Start ypserv if we're an NIS server. + # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. + # + case ${nis_server_enable} in + [Yy][Ee][Ss]) + echo -n ' ypserv'; ypserv ${nis_server_flags} + + case ${nis_ypxfrd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypxfrd' + rpc.ypxfrd ${nis_ypxfrd_flags} + ;; + esac + + case ${nis_yppasswdd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.yppasswdd' + rpc.yppasswdd ${nis_yppasswdd_flags} + ;; + esac + ;; + esac + + # Start ypbind if we're an NIS client + # + case ${nis_client_enable} in + [Yy][Ee][Ss]) + echo -n ' ypbind'; ypbind ${nis_client_flags} + case ${nis_ypset_enable} in + [Yy][Ee][Ss]) + echo -n ' ypset'; ypset ${nis_ypset_flags} + ;; + esac + ;; + esac + + # Start keyserv if we are running Secure RPC + # + case ${keyserv_enable} in + [Yy][Ee][Ss]) + echo -n ' keyserv'; keyserv ${keyserv_flags} + ;; + esac + + # Start ypupdated if we are running Secure RPC and we are NIS master + # + case ${rpc_ypupdated_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypupdated'; rpc.ypupdated + ;; + esac + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + + echo '.' + network_pass2_done=YES } network_pass3() { - echo -n 'Starting final network daemons:' - - if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then - echo -n ' mountd' - if [ "${weak_mountd_authentication}" = "YES" ]; then - mountd_flags="-n" - fi - mountd ${mountd_flags} - if [ "${nfs_reserved_port_only}" = "YES" ]; then - echo -n ' NFS on reserved port only=YES' - sysctl -w vfs.nfs.nfs_privport=1 >/dev/null - fi - echo -n ' nfsd'; nfsd ${nfs_server_flags} - if [ "${rpc_lockd_enable}" = "YES" ]; then - echo -n ' rpc.lockd'; rpc.lockd - fi - if [ "${rpc_statd_enable}" = "YES" ]; then - echo -n ' rpc.statd'; rpc.statd - fi - fi - - if [ "${nfs_client_enable}" = "YES" ]; then - echo -n ' nfsiod'; nfsiod ${nfs_client_flags} - if [ "${nfs_access_cache}" != "X" ]; then + echo -n 'Starting final network daemons:' + + case ${nfs_server_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/exports ]; then + echo -n ' mountd' + + case ${weak_mountd_authentication} in + [Yy][Ee][Ss]) + mountd_flags="-n" + ;; + esac + + mountd ${mountd_flags} + + case ${nfs_reserved_port_only} in + [Yy][Ee][Ss]) + echo -n ' NFS on reserved port only=YES' + sysctl -w vfs.nfs.nfs_privport=1 >/dev/null + ;; + esac + + echo -n ' nfsd'; nfsd ${nfs_server_flags} + + case ${rpc_lockd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.lockd'; rpc.lockd + ;; + esac + + case ${rpc_statd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.statd'; rpc.statd + ;; + esac + fi + ;; + esac + + case ${nfs_client_enable} in + [Yy][Ee][Ss]) + echo -n ' nfsiod'; nfsiod ${nfs_client_flags} + if [ -n "${nfs_access_cache}" ]; then echo -n " NFS access cache time=${nfs_access_cache}" sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ - >/dev/null - fi - fi - - if [ "${amd_enable}" = "YES" ]; then - echo -n ' amd' - if [ "${amd_map_program}" != "NO" ]; then - amd_flags="${amd_flags} `eval ${amd_map_program}`" - fi - if [ -n "${amd_flags}" ] - then - amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null - else - amd 2> /dev/null - fi - fi - - if [ "${rwhod_enable}" = "YES" ]; then - echo -n ' rwhod'; rwhod ${rwhod_flags} - fi - - # Kerberos runs ONLY on the Kerberos server machine - if [ "${kerberos_server_enable}" = "YES" ]; then - if [ "${kerberos_stash}" = "YES" ]; then - stash_flag=-n - else - stash_flag= - fi - echo -n ' kerberos'; \ + >/dev/null + fi + ;; + esac + + case ${amd_enable} in + [Yy][Ee][Ss]) + echo -n ' amd' + case ${amd_map_program} in + [Nn][Oo] | '') + ;; + *) + amd_flags="${amd_flags} `eval ${amd_map_program}`" + ;; + esac + + if [ -n "${amd_flags}" ]; then + amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null + else + amd 2> /dev/null + fi + ;; + esac + + case ${rwhod_enable} in + [Yy][Ee][Ss]) + echo -n ' rwhod'; rwhod ${rwhod_flags} + ;; + esac + + # Kerberos runs ONLY on the Kerberos server machine + case ${kerberos_server_enable} in + [Yy][Ee][Ss]) + case ${kerberos_stash} in + [Yy][Ee][Ss]) + stash_flag=-n + ;; + *) + stash_flag= + ;; + esac + + echo -n ' kerberos' kerberos ${stash_flag} >> /var/log/kerberos.log & - if [ "${kadmind_server_enable}" = "YES" ]; then - echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & - fi - unset stash_flag - fi - - echo '.' - network_pass3_done=YES + + case ${kadmind_server_enable} in + [Yy][Ee][Ss]) + echo -n ' kadmind' + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & + ;; + esac + unset stash_flag + ;; + esac + + echo '.' + network_pass3_done=YES } diff --git a/etc/rc.d/network3 b/etc/rc.d/network3 index 781c73f..5ddce80 100644 --- a/etc/rc.d/network3 +++ b/etc/rc.d/network3 @@ -3,400 +3,574 @@ # $FreeBSD$ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/rc.conf. Please check that file +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file # first before contemplating any changes here. If you do need to change # this file for some reason, we would like to know about it. # First pass startup stuff. - +# network_pass1() { - echo -n 'Doing initial network setup:' - # Set the host name if it is not already set - if [ -z "`hostname -s`" ] ; then - hostname ${hostname} - echo -n ' hostname' - fi - - # Set the domainname if we're using NIS - if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then - domainname ${nisdomainname} - echo -n ' domain' - fi - echo '.' - - # Initial ATM interface configuration - if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then - . /etc/rc.atm - atm_pass1 - fi - - # ISDN subsystem startup - if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then - . /etc/rc.isdn - fi - - # Special options for sppp(4) interfaces go here. These need - # to go _before_ the general ifconfig section, since in the case - # of hardwired (no link1 flag) but required authentication, you - # cannot pass auth parameters down to the already running interface. - for ifn in ${sppp_interfaces}; do - eval spppcontrol_args=\$spppconfig_${ifn} - if [ -n "${spppcontrol_args}" ] ; then - # The auth secrets might contain spaces; in order - # to retain the quotation, we need to eval them - # here. - eval spppcontrol ${ifn} ${spppcontrol_args} - fi - done - - # Set up all the network interfaces, calling startup scripts if needed - if [ "${network_interfaces}" = "auto" ]; then - network_interfaces="`ifconfig -l`" - fi - for ifn in ${network_interfaces}; do - showstat=false - if [ -e /etc/start_if.${ifn} ]; then - . /etc/start_if.${ifn} - showstat=true - fi - # Do the primary ifconfig if specified - eval ifconfig_args=\$ifconfig_${ifn} - if [ -n "${ifconfig_args}" ] ; then - # See if we are using DHCP - if [ "${ifconfig_args}" = "DHCP" ]; then - ${dhcp_program} ${dhcp_flags} ${ifn} - else - ifconfig ${ifn} ${ifconfig_args} - fi - showstat=true - fi - # Check to see if aliases need to be added - alias=0 - while : - do - eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} alias - showstat=true - alias=`expr ${alias} + 1` - else - break; - fi - done - # Do ipx address if specified - eval ifconfig_args=\$ifconfig_${ifn}_ipx - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} - showstat=true - fi - if [ "${showstat}" = "true" ] - then - ifconfig ${ifn} - fi - done - - # Warm up user ppp if required, must happen before natd. - if [ "${ppp_enable}" = "YES" ]; then - # Establish ppp mode. - if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ - -a "${ppp_mode}" != "dedicated" \ - -a "${ppp_mode}" != "background" ]; then - ppp_mode="auto"; - fi - ppp_command="-${ppp_mode} "; - - # Switch on alias mode? - if [ "${ppp_nat}" = "YES" ]; then - ppp_command="${ppp_command} -nat"; - fi - - echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} - fi - - # Initialize IP filtering using ipfw - echo "" - /sbin/ipfw -q flush > /dev/null 2>&1 - if [ $? = 0 ] ; then - firewall_in_kernel=1 - else - firewall_in_kernel=0 - fi - - if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then - if kldload ipfw; then - firewall_in_kernel=1 # module loaded successfully - echo "Kernel firewall module loaded." - else - echo "Warning: firewall kernel module failed to load." - fi - fi + echo -n 'Doing initial network setup:' - # Load the filters if required - if [ ${firewall_in_kernel} = 1 ]; then - if [ -z "${firewall_script}" ] ; then - firewall_script="/etc/rc.firewall" + # Set the host name if it is not already set + # + if [ -z "`hostname -s`" ]; then + hostname ${hostname} + echo -n ' hostname' fi - if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then - . ${firewall_script} - echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" + + # Set the domainname if we're using NIS + # + case ${nisdomainname} in + [Nn][Oo] | '') + ;; + *) + domainname ${nisdomainname} + echo -n ' domain' + ;; + esac + + echo '.' + + # Initial ATM interface configuration + # + case ${atm_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + ;; + esac + + # ISDN subsystem startup + # + case ${isdn_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.isdn ]; then + . /etc/rc.isdn + fi + ;; + esac + + # Special options for sppp(4) interfaces go here. These need + # to go _before_ the general ifconfig section, since in the case + # of hardwired (no link1 flag) but required authentication, you + # cannot pass auth parameters down to the already running interface. + # + for ifn in ${sppp_interfaces}; do + eval spppcontrol_args=\$spppconfig_${ifn} + if [ -n "${spppcontrol_args}" ]; then + # The auth secrets might contain spaces; in order + # to retain the quotation, we need to eval them + # here. + eval spppcontrol ${ifn} ${spppcontrol_args} + fi + done + + # Set up all the network interfaces, calling startup scripts if needed + # + case ${network_interfaces} in + [Aa][Uu][Tt][Oo]) + network_interfaces="`ifconfig -l`" + ;; + esac + + for ifn in ${network_interfaces}; do + showstat=false + if [ -r /etc/start_if.${ifn} ]; then + . /etc/start_if.${ifn} + showstat=true fi - echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} - fi - echo '.' + + # Do the primary ifconfig if specified + # + eval ifconfig_args=\$ifconfig_${ifn} + + case ${ifconfig_args} in + '') + ;; + [Dd][Hh][Cc][Pp]) + ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} + showstat=true + ;; + *) + ifconfig ${ifn} ${ifconfig_args} + showstat=true + ;; + esac + + # Check to see if aliases need to be added + # + alias=0 + while : ; do + eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} alias + showstat=true + alias=`expr ${alias} + 1` + else + break; + fi + done + + # Do ipx address if specified + # + eval ifconfig_args=\$ifconfig_${ifn}_ipx + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} + showstat=true + fi + + case ${showstat} in + true) + ifconfig ${ifn} + ;; + esac + done + + # Warm up user ppp if required, must happen before natd. + # + case ${ppp_enable} in + [Yy][Ee][Ss]) + # Establish ppp mode. + # + if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ + -a "${ppp_mode}" != "dedicated" \ + -a "${ppp_mode}" != "background" ]; then + ppp_mode="auto"; + fi + + ppp_command="-${ppp_mode} "; + + # Switch on alias mode? + # + case ${ppp_nat} in + [Yy][Ee][Ss]) + ppp_command="${ppp_command} -nat"; + ;; + esac + + echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} + ;; + esac + + # Initialize IP filtering using ipfw + # + echo '' + + if /sbin/ipfw -q flush > /dev/null 2>&1; then + firewall_in_kernel=1 else - IPFW_DEFAULT=`ipfw l 65535` - if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then - echo -n "Warning: kernel has firewall functionality, " - echo "but firewall rules are not enabled." - echo " All ip services are disabled." - fi + firewall_in_kernel=0 fi - fi - - # Additional ATM interface configuration - if [ -n "${atm_pass1_done}" ]; then - atm_pass2 - fi - - # Configure routing - - if [ "${defaultrouter}" != "NO" ] ; then - static_routes="default ${static_routes}" - route_default="default ${defaultrouter}" - fi - - # Set up any static routes. This should be done before router discovery. - if [ -n "${static_routes}" ]; then - for i in ${static_routes}; do - eval route_args=\$route_${i} - route add ${route_args} - done - fi - - echo -n 'Additional routing options:' - if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then - echo -n ' tcp extensions=NO' - sysctl -w net.inet.tcp.rfc1323=0 >/dev/null - fi - - if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then - echo -n ' log_in_vain=YES' - sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null - sysctl -w net.inet.udp.log_in_vain=1 >/dev/null - fi - - if [ "${icmp_bmcastecho}" = "YES" ]; then - echo -n ' broadcast ping responses=YES' - sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null - fi - - if [ "${icmp_drop_redirect}" = "YES" ]; then - echo -n ' ignore ICMP redirect=YES' - sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null - fi - - if [ "${icmp_log_redirect}" = "YES" ]; then - echo -n ' log ICMP redirect=YES' - sysctl -w net.inet.icmp.log_redirect=1 >/dev/null - fi - - if [ "${gateway_enable}" = "YES" ]; then - echo -n ' IP gateway=YES' - sysctl -w net.inet.ip.forwarding=1 >/dev/null - fi - - if [ "${forward_sourceroute}" = "YES" ]; then - echo -n ' do source routing=YES' - sysctl -w net.inet.ip.sourceroute=1 >/dev/null - fi - - if [ "${accept_sourceroute}" = "YES" ]; then - echo -n ' accept source routing=YES' - sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null - fi - - if [ "${tcp_keepalive}" = "YES" ]; then - echo -n ' TCP keepalive=YES' - sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null - fi - - if [ "X$tcp_restrict_rst" = X"YES" ]; then - echo -n ' restrict TCP reset=YES' - sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null - fi - - if [ "X$tcp_drop_synfin" = X"YES" ]; then - echo -n ' drop SYN+FIN packets=YES' - sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null - fi - - if [ "${ipxgateway_enable}" = "YES" ]; then - echo -n ' IPX gateway=YES' - sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null - fi - - if [ "${arpproxy_all}" = "YES" ]; then - echo -n ' ARP proxyall=YES' - sysctl -w net.link.ether.inet.proxyall=1 >/dev/null - fi - echo '.' - - echo -n 'routing daemons:' - if [ "${router_enable}" = "YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - - if [ "${ipxrouted_enable}" = "YES" ]; then - echo -n ' IPXrouted' - IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 - fi - - if [ "${mrouted_enable}" = "YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - - if [ "${rarpd_enable}" = "YES" ]; then - echo -n ' rarpd'; rarpd ${rarpd_flags} - fi - echo '.' - network_pass1_done=YES # Let future generations know we made it. + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then + firewall_in_kernel=1 + echo "Kernel firewall module loaded." + elif [ "${firewall_in_kernel}" -eq 0 ]; then + echo "Warning: firewall kernel module failed to load." + fi + ;; + esac + + # Load the filters if required + # + case ${firewall_in_kernel} in + 1) + if [ -z "${firewall_script}" ]; then + firewall_script=/etc/rc.firewall + fi + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ -r ${firewall_script} ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + # + case ${natd_enable} in + [Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + + echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} + fi + ;; + esac + + echo '.' + + elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi + ;; + esac + ;; + esac + + # Additional ATM interface configuration + # + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + + # Configure routing + # + case ${defaultrouter} in + [Nn][Oo] | '') + ;; + *) + static_routes="default ${static_routes}" + route_default="default ${defaultrouter}" + ;; + esac + + # Set up any static routes. This should be done before router discovery. + # + if [ -n "${static_routes}" ]; then + for i in ${static_routes}; do + eval route_args=\$route_${i} + route add ${route_args} + done + fi + + echo -n 'Additional routing options:' + case ${tcp_extensions} in + [Yy][Ee][Ss] | '') + ;; + *) + echo -n ' tcp extensions=NO' + sysctl -w net.inet.tcp.rfc1323=0 >/dev/null + ;; + esac + + case ${log_in_vain} in + [Nn][Oo] | '') + ;; + *) + echo -n ' log_in_vain=YES' + sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null + sysctl -w net.inet.udp.log_in_vain=1 >/dev/null + ;; + esac + + case ${icmp_bmcastecho} in + [Yy][Ee][Ss]) + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null + ;; + esac + + case ${icmp_drop_redirect} in + [Yy][Ee][Ss]) + echo -n ' ignore ICMP redirect=YES' + sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null + ;; + esac + + case ${icmp_log_redirect} in + [Yy][Ee][Ss]) + echo -n ' log ICMP redirect=YES' + sysctl -w net.inet.icmp.log_redirect=1 >/dev/null + ;; + esac + + case ${gateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IP gateway=YES' + sysctl -w net.inet.ip.forwarding=1 >/dev/null + ;; + esac + + case ${forward_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' do source routing=YES' + sysctl -w net.inet.ip.sourceroute=1 >/dev/null + ;; + esac + + case ${accept_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' accept source routing=YES' + sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null + ;; + esac + + case ${tcp_keepalive} in + [Yy][Ee][Ss]) + echo -n ' TCP keepalive=YES' + sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null + ;; + esac + + case ${tcp_restrict_rst} in + [Yy][Ee][Ss]) + echo -n ' restrict TCP reset=YES' + sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null + ;; + esac + + case ${tcp_drop_synfin} in + [Yy][Ee][Ss]) + echo -n ' drop SYN+FIN packets=YES' + sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null + ;; + esac + + case ${ipxgateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IPX gateway=YES' + sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null + ;; + esac + + case ${arpproxy_all} in + [Yy][Ee][Ss]) + echo -n ' ARP proxyall=YES' + sysctl -w net.link.ether.inet.proxyall=1 >/dev/null + ;; + esac + echo '.' + + echo -n 'routing daemons:' + case ${router_enable} in + [Yy][Ee][Ss]) + echo -n " ${router}"; ${router} ${router_flags} + ;; + esac + + case ${ipxrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' IPXrouted' + IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 + ;; + esac + + case ${mrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' mrouted'; mrouted ${mrouted_flags} + ;; + esac + + case ${rarpd_enable} in + [Yy][Ee][Ss]) + echo -n ' rarpd'; rarpd ${rarpd_flags} + ;; + esac + echo '.' + + # Let future generations know we made it. + # + network_pass1_done=YES } network_pass2() { - echo -n 'Doing additional network setup:' - if [ "${named_enable}" = "YES" ]; then - echo -n ' named'; ${named_program-"named"} ${named_flags} - fi - - if [ "${ntpdate_enable}" = "YES" ]; then - echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 - fi - - if [ "${xntpd_enable}" = "YES" ]; then - echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} - fi - - if [ "${timed_enable}" = "YES" ]; then - echo -n ' timed'; timed ${timed_flags} - fi - - if [ "${portmap_enable}" = "YES" ]; then - echo -n ' portmap'; ${portmap_program} ${portmap_flags} - fi - - # Start ypserv if we're an NIS server. - # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. - if [ "${nis_server_enable}" = "YES" ]; then - echo -n ' ypserv'; ypserv ${nis_server_flags} - - if [ "${nis_ypxfrd_enable}" = "YES" ]; then - echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} - fi - - if [ "${nis_yppasswdd_enable}" = "YES" ]; then - echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} - fi - fi - - # Start ypbind if we're an NIS client - if [ "${nis_client_enable}" = "YES" ]; then - echo -n ' ypbind'; ypbind ${nis_client_flags} - if [ "${nis_ypset_enable}" = "YES" ]; then - echo -n ' ypset'; ypset ${nis_ypset_flags} - fi - fi - - # Start keyserv if we are running Secure RPC - if [ "${keyserv_enable}" = "YES" ]; then - echo -n ' keyserv'; keyserv ${keyserv_flags} - fi - # Start ypupdated if we are running Secure RPC and we are NIS master - if [ "${rpc_ypupdated_enable}" = "YES" ]; then - echo -n ' rpc.ypupdated'; rpc.ypupdated - fi - - # Start ATM daemons - if [ -n "${atm_pass2_done}" ]; then - atm_pass3 - fi - - echo '.' - network_pass2_done=YES + echo -n 'Doing additional network setup:' + case ${named_enable} in + [Yy][Ee][Ss]) + echo -n ' named'; ${named_program:-named} ${named_flags} + ;; + esac + + case ${ntpdate_enable} in + [Yy][Ee][Ss]) + echo -n ' ntpdate' + ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 + ;; + esac + + case ${xntpd_enable} in + [Yy][Ee][Ss]) + echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} + ;; + esac + + case ${timed_enable} in + [Yy][Ee][Ss]) + echo -n ' timed'; timed ${timed_flags} + ;; + esac + + case ${portmap_enable} in + [Yy][Ee][Ss]) + echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} + ;; + esac + + # Start ypserv if we're an NIS server. + # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. + # + case ${nis_server_enable} in + [Yy][Ee][Ss]) + echo -n ' ypserv'; ypserv ${nis_server_flags} + + case ${nis_ypxfrd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypxfrd' + rpc.ypxfrd ${nis_ypxfrd_flags} + ;; + esac + + case ${nis_yppasswdd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.yppasswdd' + rpc.yppasswdd ${nis_yppasswdd_flags} + ;; + esac + ;; + esac + + # Start ypbind if we're an NIS client + # + case ${nis_client_enable} in + [Yy][Ee][Ss]) + echo -n ' ypbind'; ypbind ${nis_client_flags} + case ${nis_ypset_enable} in + [Yy][Ee][Ss]) + echo -n ' ypset'; ypset ${nis_ypset_flags} + ;; + esac + ;; + esac + + # Start keyserv if we are running Secure RPC + # + case ${keyserv_enable} in + [Yy][Ee][Ss]) + echo -n ' keyserv'; keyserv ${keyserv_flags} + ;; + esac + + # Start ypupdated if we are running Secure RPC and we are NIS master + # + case ${rpc_ypupdated_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypupdated'; rpc.ypupdated + ;; + esac + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + + echo '.' + network_pass2_done=YES } network_pass3() { - echo -n 'Starting final network daemons:' - - if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then - echo -n ' mountd' - if [ "${weak_mountd_authentication}" = "YES" ]; then - mountd_flags="-n" - fi - mountd ${mountd_flags} - if [ "${nfs_reserved_port_only}" = "YES" ]; then - echo -n ' NFS on reserved port only=YES' - sysctl -w vfs.nfs.nfs_privport=1 >/dev/null - fi - echo -n ' nfsd'; nfsd ${nfs_server_flags} - if [ "${rpc_lockd_enable}" = "YES" ]; then - echo -n ' rpc.lockd'; rpc.lockd - fi - if [ "${rpc_statd_enable}" = "YES" ]; then - echo -n ' rpc.statd'; rpc.statd - fi - fi - - if [ "${nfs_client_enable}" = "YES" ]; then - echo -n ' nfsiod'; nfsiod ${nfs_client_flags} - if [ "${nfs_access_cache}" != "X" ]; then + echo -n 'Starting final network daemons:' + + case ${nfs_server_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/exports ]; then + echo -n ' mountd' + + case ${weak_mountd_authentication} in + [Yy][Ee][Ss]) + mountd_flags="-n" + ;; + esac + + mountd ${mountd_flags} + + case ${nfs_reserved_port_only} in + [Yy][Ee][Ss]) + echo -n ' NFS on reserved port only=YES' + sysctl -w vfs.nfs.nfs_privport=1 >/dev/null + ;; + esac + + echo -n ' nfsd'; nfsd ${nfs_server_flags} + + case ${rpc_lockd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.lockd'; rpc.lockd + ;; + esac + + case ${rpc_statd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.statd'; rpc.statd + ;; + esac + fi + ;; + esac + + case ${nfs_client_enable} in + [Yy][Ee][Ss]) + echo -n ' nfsiod'; nfsiod ${nfs_client_flags} + if [ -n "${nfs_access_cache}" ]; then echo -n " NFS access cache time=${nfs_access_cache}" sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ - >/dev/null - fi - fi - - if [ "${amd_enable}" = "YES" ]; then - echo -n ' amd' - if [ "${amd_map_program}" != "NO" ]; then - amd_flags="${amd_flags} `eval ${amd_map_program}`" - fi - if [ -n "${amd_flags}" ] - then - amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null - else - amd 2> /dev/null - fi - fi - - if [ "${rwhod_enable}" = "YES" ]; then - echo -n ' rwhod'; rwhod ${rwhod_flags} - fi - - # Kerberos runs ONLY on the Kerberos server machine - if [ "${kerberos_server_enable}" = "YES" ]; then - if [ "${kerberos_stash}" = "YES" ]; then - stash_flag=-n - else - stash_flag= - fi - echo -n ' kerberos'; \ + >/dev/null + fi + ;; + esac + + case ${amd_enable} in + [Yy][Ee][Ss]) + echo -n ' amd' + case ${amd_map_program} in + [Nn][Oo] | '') + ;; + *) + amd_flags="${amd_flags} `eval ${amd_map_program}`" + ;; + esac + + if [ -n "${amd_flags}" ]; then + amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null + else + amd 2> /dev/null + fi + ;; + esac + + case ${rwhod_enable} in + [Yy][Ee][Ss]) + echo -n ' rwhod'; rwhod ${rwhod_flags} + ;; + esac + + # Kerberos runs ONLY on the Kerberos server machine + case ${kerberos_server_enable} in + [Yy][Ee][Ss]) + case ${kerberos_stash} in + [Yy][Ee][Ss]) + stash_flag=-n + ;; + *) + stash_flag= + ;; + esac + + echo -n ' kerberos' kerberos ${stash_flag} >> /var/log/kerberos.log & - if [ "${kadmind_server_enable}" = "YES" ]; then - echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & - fi - unset stash_flag - fi - - echo '.' - network_pass3_done=YES + + case ${kadmind_server_enable} in + [Yy][Ee][Ss]) + echo -n ' kadmind' + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & + ;; + esac + unset stash_flag + ;; + esac + + echo '.' + network_pass3_done=YES } diff --git a/etc/rc.d/pccard b/etc/rc.d/pccard index 92a4ee3..a68323b 100644 --- a/etc/rc.d/pccard +++ b/etc/rc.d/pccard @@ -2,15 +2,22 @@ # PC-card startup script # $FreeBSD$ -if [ "${pccard_enable}" = "YES" ] ; then - if [ "${pccard_mem}" != "DEFAULT" ] ; then - pccardc pccardmem ${pccard_mem} - else +case ${pccard_enable} in +[Yy][Ee][Ss]) + case ${pccard_mem} in + [Dd][Ee][Ff][Aa][Uu][Ll][Tt]) pccardc pccardmem 0xd0000 - fi - if [ -n "${pccard_conf}" ] ; then + ;; + *) + pccardc pccardmem ${pccard_mem} + ;; + esac + + if [ -n "${pccard_conf}" ]; then pccardd_flags="${pccardd_flags} -f ${pccard_conf}" fi - echo -n "Enable PC-card." + + echo -n "Enable PC-card." pccardd ${pccardd_flags} 2>&1 > /var/log/pccardd.debug -fi + ;; +esac diff --git a/etc/rc.d/resolv b/etc/rc.d/resolv index a7f0a50..2d777e5 100644 --- a/etc/rc.d/resolv +++ b/etc/rc.d/resolv @@ -1,11 +1,14 @@ +# +#$FreeBSD$ +# # PROVIDE: diskless # REQUIRE: initdiskless mountcritlocal if [ -n "$4" ]; then bpi="-i $4" -if [ -f /etc/defaults/rc.conf ]; then + fi /sbin/mdconfig -a -t malloc -s $1 -u $3 -elif [ -f /etc/rc.conf ]; then + /sbin/newfs $bpi /dev/md$3c /sbin/mount /dev/md$3c $2 } @@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd chown -R root.daemon /var/spool/output chgrp daemon /var/spool/lpd -( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp +(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_mfs -s 4096 -i 512 -T qp120at dummy /dev -( cd /; cpio -i -H newc -d < /tmp/dev.tmp ) - +(cd /; cpio -i -H newc -d < /tmp/dev.tmp) # extract a list of device entries, then copy them to a writable fs (cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_md 4096 /dev 3 512 diff --git a/etc/rc.d/routing b/etc/rc.d/routing index 781c73f..5ddce80 100644 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -3,400 +3,574 @@ # $FreeBSD$ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/rc.conf. Please check that file +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file # first before contemplating any changes here. If you do need to change # this file for some reason, we would like to know about it. # First pass startup stuff. - +# network_pass1() { - echo -n 'Doing initial network setup:' - # Set the host name if it is not already set - if [ -z "`hostname -s`" ] ; then - hostname ${hostname} - echo -n ' hostname' - fi - - # Set the domainname if we're using NIS - if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then - domainname ${nisdomainname} - echo -n ' domain' - fi - echo '.' - - # Initial ATM interface configuration - if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then - . /etc/rc.atm - atm_pass1 - fi - - # ISDN subsystem startup - if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then - . /etc/rc.isdn - fi - - # Special options for sppp(4) interfaces go here. These need - # to go _before_ the general ifconfig section, since in the case - # of hardwired (no link1 flag) but required authentication, you - # cannot pass auth parameters down to the already running interface. - for ifn in ${sppp_interfaces}; do - eval spppcontrol_args=\$spppconfig_${ifn} - if [ -n "${spppcontrol_args}" ] ; then - # The auth secrets might contain spaces; in order - # to retain the quotation, we need to eval them - # here. - eval spppcontrol ${ifn} ${spppcontrol_args} - fi - done - - # Set up all the network interfaces, calling startup scripts if needed - if [ "${network_interfaces}" = "auto" ]; then - network_interfaces="`ifconfig -l`" - fi - for ifn in ${network_interfaces}; do - showstat=false - if [ -e /etc/start_if.${ifn} ]; then - . /etc/start_if.${ifn} - showstat=true - fi - # Do the primary ifconfig if specified - eval ifconfig_args=\$ifconfig_${ifn} - if [ -n "${ifconfig_args}" ] ; then - # See if we are using DHCP - if [ "${ifconfig_args}" = "DHCP" ]; then - ${dhcp_program} ${dhcp_flags} ${ifn} - else - ifconfig ${ifn} ${ifconfig_args} - fi - showstat=true - fi - # Check to see if aliases need to be added - alias=0 - while : - do - eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} alias - showstat=true - alias=`expr ${alias} + 1` - else - break; - fi - done - # Do ipx address if specified - eval ifconfig_args=\$ifconfig_${ifn}_ipx - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} - showstat=true - fi - if [ "${showstat}" = "true" ] - then - ifconfig ${ifn} - fi - done - - # Warm up user ppp if required, must happen before natd. - if [ "${ppp_enable}" = "YES" ]; then - # Establish ppp mode. - if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ - -a "${ppp_mode}" != "dedicated" \ - -a "${ppp_mode}" != "background" ]; then - ppp_mode="auto"; - fi - ppp_command="-${ppp_mode} "; - - # Switch on alias mode? - if [ "${ppp_nat}" = "YES" ]; then - ppp_command="${ppp_command} -nat"; - fi - - echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} - fi - - # Initialize IP filtering using ipfw - echo "" - /sbin/ipfw -q flush > /dev/null 2>&1 - if [ $? = 0 ] ; then - firewall_in_kernel=1 - else - firewall_in_kernel=0 - fi - - if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then - if kldload ipfw; then - firewall_in_kernel=1 # module loaded successfully - echo "Kernel firewall module loaded." - else - echo "Warning: firewall kernel module failed to load." - fi - fi + echo -n 'Doing initial network setup:' - # Load the filters if required - if [ ${firewall_in_kernel} = 1 ]; then - if [ -z "${firewall_script}" ] ; then - firewall_script="/etc/rc.firewall" + # Set the host name if it is not already set + # + if [ -z "`hostname -s`" ]; then + hostname ${hostname} + echo -n ' hostname' fi - if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then - . ${firewall_script} - echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" + + # Set the domainname if we're using NIS + # + case ${nisdomainname} in + [Nn][Oo] | '') + ;; + *) + domainname ${nisdomainname} + echo -n ' domain' + ;; + esac + + echo '.' + + # Initial ATM interface configuration + # + case ${atm_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + ;; + esac + + # ISDN subsystem startup + # + case ${isdn_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.isdn ]; then + . /etc/rc.isdn + fi + ;; + esac + + # Special options for sppp(4) interfaces go here. These need + # to go _before_ the general ifconfig section, since in the case + # of hardwired (no link1 flag) but required authentication, you + # cannot pass auth parameters down to the already running interface. + # + for ifn in ${sppp_interfaces}; do + eval spppcontrol_args=\$spppconfig_${ifn} + if [ -n "${spppcontrol_args}" ]; then + # The auth secrets might contain spaces; in order + # to retain the quotation, we need to eval them + # here. + eval spppcontrol ${ifn} ${spppcontrol_args} + fi + done + + # Set up all the network interfaces, calling startup scripts if needed + # + case ${network_interfaces} in + [Aa][Uu][Tt][Oo]) + network_interfaces="`ifconfig -l`" + ;; + esac + + for ifn in ${network_interfaces}; do + showstat=false + if [ -r /etc/start_if.${ifn} ]; then + . /etc/start_if.${ifn} + showstat=true fi - echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} - fi - echo '.' + + # Do the primary ifconfig if specified + # + eval ifconfig_args=\$ifconfig_${ifn} + + case ${ifconfig_args} in + '') + ;; + [Dd][Hh][Cc][Pp]) + ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} + showstat=true + ;; + *) + ifconfig ${ifn} ${ifconfig_args} + showstat=true + ;; + esac + + # Check to see if aliases need to be added + # + alias=0 + while : ; do + eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} alias + showstat=true + alias=`expr ${alias} + 1` + else + break; + fi + done + + # Do ipx address if specified + # + eval ifconfig_args=\$ifconfig_${ifn}_ipx + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} + showstat=true + fi + + case ${showstat} in + true) + ifconfig ${ifn} + ;; + esac + done + + # Warm up user ppp if required, must happen before natd. + # + case ${ppp_enable} in + [Yy][Ee][Ss]) + # Establish ppp mode. + # + if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ + -a "${ppp_mode}" != "dedicated" \ + -a "${ppp_mode}" != "background" ]; then + ppp_mode="auto"; + fi + + ppp_command="-${ppp_mode} "; + + # Switch on alias mode? + # + case ${ppp_nat} in + [Yy][Ee][Ss]) + ppp_command="${ppp_command} -nat"; + ;; + esac + + echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} + ;; + esac + + # Initialize IP filtering using ipfw + # + echo '' + + if /sbin/ipfw -q flush > /dev/null 2>&1; then + firewall_in_kernel=1 else - IPFW_DEFAULT=`ipfw l 65535` - if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then - echo -n "Warning: kernel has firewall functionality, " - echo "but firewall rules are not enabled." - echo " All ip services are disabled." - fi + firewall_in_kernel=0 fi - fi - - # Additional ATM interface configuration - if [ -n "${atm_pass1_done}" ]; then - atm_pass2 - fi - - # Configure routing - - if [ "${defaultrouter}" != "NO" ] ; then - static_routes="default ${static_routes}" - route_default="default ${defaultrouter}" - fi - - # Set up any static routes. This should be done before router discovery. - if [ -n "${static_routes}" ]; then - for i in ${static_routes}; do - eval route_args=\$route_${i} - route add ${route_args} - done - fi - - echo -n 'Additional routing options:' - if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then - echo -n ' tcp extensions=NO' - sysctl -w net.inet.tcp.rfc1323=0 >/dev/null - fi - - if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then - echo -n ' log_in_vain=YES' - sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null - sysctl -w net.inet.udp.log_in_vain=1 >/dev/null - fi - - if [ "${icmp_bmcastecho}" = "YES" ]; then - echo -n ' broadcast ping responses=YES' - sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null - fi - - if [ "${icmp_drop_redirect}" = "YES" ]; then - echo -n ' ignore ICMP redirect=YES' - sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null - fi - - if [ "${icmp_log_redirect}" = "YES" ]; then - echo -n ' log ICMP redirect=YES' - sysctl -w net.inet.icmp.log_redirect=1 >/dev/null - fi - - if [ "${gateway_enable}" = "YES" ]; then - echo -n ' IP gateway=YES' - sysctl -w net.inet.ip.forwarding=1 >/dev/null - fi - - if [ "${forward_sourceroute}" = "YES" ]; then - echo -n ' do source routing=YES' - sysctl -w net.inet.ip.sourceroute=1 >/dev/null - fi - - if [ "${accept_sourceroute}" = "YES" ]; then - echo -n ' accept source routing=YES' - sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null - fi - - if [ "${tcp_keepalive}" = "YES" ]; then - echo -n ' TCP keepalive=YES' - sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null - fi - - if [ "X$tcp_restrict_rst" = X"YES" ]; then - echo -n ' restrict TCP reset=YES' - sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null - fi - - if [ "X$tcp_drop_synfin" = X"YES" ]; then - echo -n ' drop SYN+FIN packets=YES' - sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null - fi - - if [ "${ipxgateway_enable}" = "YES" ]; then - echo -n ' IPX gateway=YES' - sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null - fi - - if [ "${arpproxy_all}" = "YES" ]; then - echo -n ' ARP proxyall=YES' - sysctl -w net.link.ether.inet.proxyall=1 >/dev/null - fi - echo '.' - - echo -n 'routing daemons:' - if [ "${router_enable}" = "YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - - if [ "${ipxrouted_enable}" = "YES" ]; then - echo -n ' IPXrouted' - IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 - fi - - if [ "${mrouted_enable}" = "YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - - if [ "${rarpd_enable}" = "YES" ]; then - echo -n ' rarpd'; rarpd ${rarpd_flags} - fi - echo '.' - network_pass1_done=YES # Let future generations know we made it. + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then + firewall_in_kernel=1 + echo "Kernel firewall module loaded." + elif [ "${firewall_in_kernel}" -eq 0 ]; then + echo "Warning: firewall kernel module failed to load." + fi + ;; + esac + + # Load the filters if required + # + case ${firewall_in_kernel} in + 1) + if [ -z "${firewall_script}" ]; then + firewall_script=/etc/rc.firewall + fi + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ -r ${firewall_script} ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + # + case ${natd_enable} in + [Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + + echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} + fi + ;; + esac + + echo '.' + + elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi + ;; + esac + ;; + esac + + # Additional ATM interface configuration + # + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + + # Configure routing + # + case ${defaultrouter} in + [Nn][Oo] | '') + ;; + *) + static_routes="default ${static_routes}" + route_default="default ${defaultrouter}" + ;; + esac + + # Set up any static routes. This should be done before router discovery. + # + if [ -n "${static_routes}" ]; then + for i in ${static_routes}; do + eval route_args=\$route_${i} + route add ${route_args} + done + fi + + echo -n 'Additional routing options:' + case ${tcp_extensions} in + [Yy][Ee][Ss] | '') + ;; + *) + echo -n ' tcp extensions=NO' + sysctl -w net.inet.tcp.rfc1323=0 >/dev/null + ;; + esac + + case ${log_in_vain} in + [Nn][Oo] | '') + ;; + *) + echo -n ' log_in_vain=YES' + sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null + sysctl -w net.inet.udp.log_in_vain=1 >/dev/null + ;; + esac + + case ${icmp_bmcastecho} in + [Yy][Ee][Ss]) + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null + ;; + esac + + case ${icmp_drop_redirect} in + [Yy][Ee][Ss]) + echo -n ' ignore ICMP redirect=YES' + sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null + ;; + esac + + case ${icmp_log_redirect} in + [Yy][Ee][Ss]) + echo -n ' log ICMP redirect=YES' + sysctl -w net.inet.icmp.log_redirect=1 >/dev/null + ;; + esac + + case ${gateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IP gateway=YES' + sysctl -w net.inet.ip.forwarding=1 >/dev/null + ;; + esac + + case ${forward_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' do source routing=YES' + sysctl -w net.inet.ip.sourceroute=1 >/dev/null + ;; + esac + + case ${accept_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' accept source routing=YES' + sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null + ;; + esac + + case ${tcp_keepalive} in + [Yy][Ee][Ss]) + echo -n ' TCP keepalive=YES' + sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null + ;; + esac + + case ${tcp_restrict_rst} in + [Yy][Ee][Ss]) + echo -n ' restrict TCP reset=YES' + sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null + ;; + esac + + case ${tcp_drop_synfin} in + [Yy][Ee][Ss]) + echo -n ' drop SYN+FIN packets=YES' + sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null + ;; + esac + + case ${ipxgateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IPX gateway=YES' + sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null + ;; + esac + + case ${arpproxy_all} in + [Yy][Ee][Ss]) + echo -n ' ARP proxyall=YES' + sysctl -w net.link.ether.inet.proxyall=1 >/dev/null + ;; + esac + echo '.' + + echo -n 'routing daemons:' + case ${router_enable} in + [Yy][Ee][Ss]) + echo -n " ${router}"; ${router} ${router_flags} + ;; + esac + + case ${ipxrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' IPXrouted' + IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 + ;; + esac + + case ${mrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' mrouted'; mrouted ${mrouted_flags} + ;; + esac + + case ${rarpd_enable} in + [Yy][Ee][Ss]) + echo -n ' rarpd'; rarpd ${rarpd_flags} + ;; + esac + echo '.' + + # Let future generations know we made it. + # + network_pass1_done=YES } network_pass2() { - echo -n 'Doing additional network setup:' - if [ "${named_enable}" = "YES" ]; then - echo -n ' named'; ${named_program-"named"} ${named_flags} - fi - - if [ "${ntpdate_enable}" = "YES" ]; then - echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 - fi - - if [ "${xntpd_enable}" = "YES" ]; then - echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} - fi - - if [ "${timed_enable}" = "YES" ]; then - echo -n ' timed'; timed ${timed_flags} - fi - - if [ "${portmap_enable}" = "YES" ]; then - echo -n ' portmap'; ${portmap_program} ${portmap_flags} - fi - - # Start ypserv if we're an NIS server. - # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. - if [ "${nis_server_enable}" = "YES" ]; then - echo -n ' ypserv'; ypserv ${nis_server_flags} - - if [ "${nis_ypxfrd_enable}" = "YES" ]; then - echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} - fi - - if [ "${nis_yppasswdd_enable}" = "YES" ]; then - echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} - fi - fi - - # Start ypbind if we're an NIS client - if [ "${nis_client_enable}" = "YES" ]; then - echo -n ' ypbind'; ypbind ${nis_client_flags} - if [ "${nis_ypset_enable}" = "YES" ]; then - echo -n ' ypset'; ypset ${nis_ypset_flags} - fi - fi - - # Start keyserv if we are running Secure RPC - if [ "${keyserv_enable}" = "YES" ]; then - echo -n ' keyserv'; keyserv ${keyserv_flags} - fi - # Start ypupdated if we are running Secure RPC and we are NIS master - if [ "${rpc_ypupdated_enable}" = "YES" ]; then - echo -n ' rpc.ypupdated'; rpc.ypupdated - fi - - # Start ATM daemons - if [ -n "${atm_pass2_done}" ]; then - atm_pass3 - fi - - echo '.' - network_pass2_done=YES + echo -n 'Doing additional network setup:' + case ${named_enable} in + [Yy][Ee][Ss]) + echo -n ' named'; ${named_program:-named} ${named_flags} + ;; + esac + + case ${ntpdate_enable} in + [Yy][Ee][Ss]) + echo -n ' ntpdate' + ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 + ;; + esac + + case ${xntpd_enable} in + [Yy][Ee][Ss]) + echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} + ;; + esac + + case ${timed_enable} in + [Yy][Ee][Ss]) + echo -n ' timed'; timed ${timed_flags} + ;; + esac + + case ${portmap_enable} in + [Yy][Ee][Ss]) + echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} + ;; + esac + + # Start ypserv if we're an NIS server. + # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. + # + case ${nis_server_enable} in + [Yy][Ee][Ss]) + echo -n ' ypserv'; ypserv ${nis_server_flags} + + case ${nis_ypxfrd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypxfrd' + rpc.ypxfrd ${nis_ypxfrd_flags} + ;; + esac + + case ${nis_yppasswdd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.yppasswdd' + rpc.yppasswdd ${nis_yppasswdd_flags} + ;; + esac + ;; + esac + + # Start ypbind if we're an NIS client + # + case ${nis_client_enable} in + [Yy][Ee][Ss]) + echo -n ' ypbind'; ypbind ${nis_client_flags} + case ${nis_ypset_enable} in + [Yy][Ee][Ss]) + echo -n ' ypset'; ypset ${nis_ypset_flags} + ;; + esac + ;; + esac + + # Start keyserv if we are running Secure RPC + # + case ${keyserv_enable} in + [Yy][Ee][Ss]) + echo -n ' keyserv'; keyserv ${keyserv_flags} + ;; + esac + + # Start ypupdated if we are running Secure RPC and we are NIS master + # + case ${rpc_ypupdated_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypupdated'; rpc.ypupdated + ;; + esac + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + + echo '.' + network_pass2_done=YES } network_pass3() { - echo -n 'Starting final network daemons:' - - if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then - echo -n ' mountd' - if [ "${weak_mountd_authentication}" = "YES" ]; then - mountd_flags="-n" - fi - mountd ${mountd_flags} - if [ "${nfs_reserved_port_only}" = "YES" ]; then - echo -n ' NFS on reserved port only=YES' - sysctl -w vfs.nfs.nfs_privport=1 >/dev/null - fi - echo -n ' nfsd'; nfsd ${nfs_server_flags} - if [ "${rpc_lockd_enable}" = "YES" ]; then - echo -n ' rpc.lockd'; rpc.lockd - fi - if [ "${rpc_statd_enable}" = "YES" ]; then - echo -n ' rpc.statd'; rpc.statd - fi - fi - - if [ "${nfs_client_enable}" = "YES" ]; then - echo -n ' nfsiod'; nfsiod ${nfs_client_flags} - if [ "${nfs_access_cache}" != "X" ]; then + echo -n 'Starting final network daemons:' + + case ${nfs_server_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/exports ]; then + echo -n ' mountd' + + case ${weak_mountd_authentication} in + [Yy][Ee][Ss]) + mountd_flags="-n" + ;; + esac + + mountd ${mountd_flags} + + case ${nfs_reserved_port_only} in + [Yy][Ee][Ss]) + echo -n ' NFS on reserved port only=YES' + sysctl -w vfs.nfs.nfs_privport=1 >/dev/null + ;; + esac + + echo -n ' nfsd'; nfsd ${nfs_server_flags} + + case ${rpc_lockd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.lockd'; rpc.lockd + ;; + esac + + case ${rpc_statd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.statd'; rpc.statd + ;; + esac + fi + ;; + esac + + case ${nfs_client_enable} in + [Yy][Ee][Ss]) + echo -n ' nfsiod'; nfsiod ${nfs_client_flags} + if [ -n "${nfs_access_cache}" ]; then echo -n " NFS access cache time=${nfs_access_cache}" sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ - >/dev/null - fi - fi - - if [ "${amd_enable}" = "YES" ]; then - echo -n ' amd' - if [ "${amd_map_program}" != "NO" ]; then - amd_flags="${amd_flags} `eval ${amd_map_program}`" - fi - if [ -n "${amd_flags}" ] - then - amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null - else - amd 2> /dev/null - fi - fi - - if [ "${rwhod_enable}" = "YES" ]; then - echo -n ' rwhod'; rwhod ${rwhod_flags} - fi - - # Kerberos runs ONLY on the Kerberos server machine - if [ "${kerberos_server_enable}" = "YES" ]; then - if [ "${kerberos_stash}" = "YES" ]; then - stash_flag=-n - else - stash_flag= - fi - echo -n ' kerberos'; \ + >/dev/null + fi + ;; + esac + + case ${amd_enable} in + [Yy][Ee][Ss]) + echo -n ' amd' + case ${amd_map_program} in + [Nn][Oo] | '') + ;; + *) + amd_flags="${amd_flags} `eval ${amd_map_program}`" + ;; + esac + + if [ -n "${amd_flags}" ]; then + amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null + else + amd 2> /dev/null + fi + ;; + esac + + case ${rwhod_enable} in + [Yy][Ee][Ss]) + echo -n ' rwhod'; rwhod ${rwhod_flags} + ;; + esac + + # Kerberos runs ONLY on the Kerberos server machine + case ${kerberos_server_enable} in + [Yy][Ee][Ss]) + case ${kerberos_stash} in + [Yy][Ee][Ss]) + stash_flag=-n + ;; + *) + stash_flag= + ;; + esac + + echo -n ' kerberos' kerberos ${stash_flag} >> /var/log/kerberos.log & - if [ "${kadmind_server_enable}" = "YES" ]; then - echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & - fi - unset stash_flag - fi - - echo '.' - network_pass3_done=YES + + case ${kadmind_server_enable} in + [Yy][Ee][Ss]) + echo -n ' kadmind' + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & + ;; + esac + unset stash_flag + ;; + esac + + echo '.' + network_pass3_done=YES } diff --git a/etc/rc.d/tmp b/etc/rc.d/tmp index a7f0a50..2d777e5 100644 --- a/etc/rc.d/tmp +++ b/etc/rc.d/tmp @@ -1,11 +1,14 @@ +# +#$FreeBSD$ +# # PROVIDE: diskless # REQUIRE: initdiskless mountcritlocal if [ -n "$4" ]; then bpi="-i $4" -if [ -f /etc/defaults/rc.conf ]; then + fi /sbin/mdconfig -a -t malloc -s $1 -u $3 -elif [ -f /etc/rc.conf ]; then + /sbin/newfs $bpi /dev/md$3c /sbin/mount /dev/md$3c $2 } @@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd chown -R root.daemon /var/spool/output chgrp daemon /var/spool/lpd -( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp +(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_mfs -s 4096 -i 512 -T qp120at dummy /dev -( cd /; cpio -i -H newc -d < /tmp/dev.tmp ) - +(cd /; cpio -i -H newc -d < /tmp/dev.tmp) # extract a list of device entries, then copy them to a writable fs (cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_md 4096 /dev 3 512 diff --git a/etc/rc.d/var b/etc/rc.d/var index a7f0a50..2d777e5 100644 --- a/etc/rc.d/var +++ b/etc/rc.d/var @@ -1,11 +1,14 @@ +# +#$FreeBSD$ +# # PROVIDE: diskless # REQUIRE: initdiskless mountcritlocal if [ -n "$4" ]; then bpi="-i $4" -if [ -f /etc/defaults/rc.conf ]; then + fi /sbin/mdconfig -a -t malloc -s $1 -u $3 -elif [ -f /etc/rc.conf ]; then + /sbin/newfs $bpi /dev/md$3c /sbin/mount /dev/md$3c $2 } @@ -29,10 +32,9 @@ mkdir /var/spool/output/lpd chown -R root.daemon /var/spool/output chgrp daemon /var/spool/lpd -( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp +(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_mfs -s 4096 -i 512 -T qp120at dummy /dev -( cd /; cpio -i -H newc -d < /tmp/dev.tmp ) - +(cd /; cpio -i -H newc -d < /tmp/dev.tmp) # extract a list of device entries, then copy them to a writable fs (cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_md 4096 /dev 3 512 diff --git a/etc/rc.devfs b/etc/rc.devfs index 339cbdb..1e75fae 100644 --- a/etc/rc.devfs +++ b/etc/rc.devfs @@ -2,12 +2,13 @@ # $FreeBSD$ # # If there is a global system configuration file, suck it in. -if [ -f /etc/defaults/rc.conf ]; then +# +if [ -r /etc/defaults/rc.conf ]; then . /etc/defaults/rc.conf -elif [ -f /etc/rc.conf ]; then +elif [ -r /etc/rc.conf ]; then . /etc/rc.conf fi # Setup DEVFS, ie permisisons, links etc. - +# ln -fs /dev/ttyv0 /dev/vga diff --git a/etc/rc.diskless1 b/etc/rc.diskless1 index 0f80c43..d93e36e 100644 --- a/etc/rc.diskless1 +++ b/etc/rc.diskless1 @@ -1,4 +1,6 @@ # +# $FreeBSD$ +# # /etc/rc.diskless - general BOOTP startup # # BOOTP has mounted / for us. Assume a read-only mount. We must then @@ -10,14 +12,14 @@ # set by the system operator on the server to be softlinks to # /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may # choose to retarget other files as well. The server itself boots -# properly with its default /conf/ME softlink pointing to -# /conf/server.host.name. +# properly with its default /conf/ME softlink pointing to +# /conf/server.host.name. # # During a diskless boot, we retarget the /conf/ME softlink to point # to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config # files that are softlinks through /conf/ME also get retargeted. # -# SEE SAMPLE FILES IN /usr/share/examples/diskless. +# SEE SAMPLE FILES IN /usr/share/examples/diskless. # chkerr: # @@ -25,27 +27,31 @@ # # checks error code and drops into shell on failure. # if shell exits, terminates script as well as /etc/rc. - +# chkerr() { - if [ $1 != 0 ]; then + case $1 in + 0) + ;; + *) echo "$2 failed: dropping into /bin/sh" /bin/sh # RESUME - fi + ;; + esac } # DEBUGGING # set -v -# Figure out where the root mount is coming from, synthesize a mount -# for /usr and mount it. +# Figure out where the root mount is coming from, synthesize a mount +# for /usr and mount it. # -# e.g. nfs_root might wind up as "A.B.C.D:/" +# e.g. nfs_root might wind up as "A.B.C.D:/" # -# NOTE! the /usr mount is only temporary so we can access commands necessary -# to retarget /conf/ME. The actual /usr mount should be part of the -# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless. +# NOTE! the /usr mount is only temporary so we can access commands necessary +# to retarget /conf/ME. The actual /usr mount should be part of the +# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless. # set `/bin/df /` nfs_root=$8 @@ -53,7 +59,7 @@ mount_nfs -o ro ${nfs_root}/usr /usr chkerr $? "mount of /usr" -# Figure out our interface and IP. +# Figure out our interface and IP. # bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'` @@ -74,7 +80,7 @@ umount /usr # # WARNING! null mounts cannot handle mmap, and since many programs # use mmap (such as 'cp'), we have to copy. - +# mount_mfs -s 256 -T qp120at -o union dummy /conf chkerr $? "MFS mount on /conf" @@ -91,7 +97,7 @@ sysctl -w kern.bootfile=/conf/ME/kernel # else. # # This script is responsible for setting up the -# diskless mount environment. This can be +# diskless mount environment. This can be # overriden by /conf/ME/rc.conf.local if, for # example, you do not want to run the standard # system /etc/rc.diskless2 diff --git a/etc/rc.diskless2 b/etc/rc.diskless2 index 37412d3..4452036 100644 --- a/etc/rc.diskless2 +++ b/etc/rc.diskless2 @@ -1,11 +1,14 @@ +# +#$FreeBSD$ +# # rc.diskless2 # # If there is a global system configuration file, suck it in. # -if [ -f /etc/defaults/rc.conf ]; then +if [ -r /etc/defaults/rc.conf ]; then . /etc/defaults/rc.conf -elif [ -f /etc/rc.conf ]; then +elif [ -r /etc/rc.conf ]; then . /etc/rc.conf fi @@ -29,7 +32,6 @@ mkdir /var/spool/output/lpd chown -R root.daemon /var/spool/output chgrp daemon /var/spool/lpd -( cd /; find -x dev | cpio -o -H newc ) > /tmp/dev.tmp +(cd /; find -x dev | cpio -o -H newc) > /tmp/dev.tmp mount_mfs -s 4096 -i 512 -T qp120at dummy /dev -( cd /; cpio -i -H newc -d < /tmp/dev.tmp ) - +(cd /; cpio -i -H newc -d < /tmp/dev.tmp) diff --git a/etc/rc.firewall b/etc/rc.firewall index af93901..db20c2d 100644 --- a/etc/rc.firewall +++ b/etc/rc.firewall @@ -3,9 +3,9 @@ # $FreeBSD$ # Suck in the configuration variables. -if [ -f /etc/defaults/rc.conf ]; then +if [ -r /etc/defaults/rc.conf ]; then . /etc/defaults/rc.conf -elif [ -f /etc/rc.conf ]; then +elif [ -r /etc/rc.conf ]; then . /etc/rc.conf fi @@ -18,7 +18,7 @@ fi # UNKNOWN - disables the loading of firewall rules. # filename - will load the rules in the given filename (full path required) # -# For ``client'' and ``simple'' the entries below should be customized +# For ``client'' and ``simple'' the entries below should be customized # appropriately. ############ @@ -44,20 +44,25 @@ fi # http://www.awl.com/ # -if [ -n "$1" ]; then - firewall_type=$1 +if [ -n "${1}" ]; then + firewall_type="${1}" fi ############ # Set quiet mode if requested -if [ "${firewall_quiet}" = "YES" ]; then +# +case ${firewall_quiet} in +[Yy][Ee][Ss]) fwcmd="/sbin/ipfw -q" -else + ;; +*) fwcmd="/sbin/ipfw" -fi + ;; +esac ############ # Flush out the list before we begin. +# ${fwcmd} -f flush ############ @@ -65,127 +70,145 @@ ${fwcmd} -f flush # natd before they encounter your remaining rules. The firewall rules # will then be run again on each packet after translation by natd, # minus any divert rules (see natd(8)). -if [ "${natd_enable}" = "YES" -a "${natd_interface}" != "X" ]; then - ${fwcmd} add divert natd all from any to any via ${natd_interface} -fi +# +case ${natd_enable} in +[Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + ${fwcmd} add divert natd all from any to any via ${natd_interface} + fi + ;; +esac ############ # If you just configured ipfw in the kernel as a tool to solve network # problems or you just want to disallow some particular kinds of traffic # they you will want to change the default policy to open. You can also # do this as your only action by setting the firewall_type to ``open''. - +# # ${fwcmd} add 65000 pass all from any to any ############ # Only in rare cases do you want to change these rules +# ${fwcmd} add 100 pass all from any to any via lo0 ${fwcmd} add 200 deny all from any to 127.0.0.0/8 # Prototype setups. -if [ "${firewall_type}" = "open" -o "${firewall_type}" = "OPEN" ]; then - +# +case ${firewall_type} in +[Oo][Pp][Ee][Nn]) ${fwcmd} add 65000 pass all from any to any + ;; +[Cc][Ll][Ii][Ee][Nn][Tt]) -elif [ "${firewall_type}" = "client" ]; then - - ############ - # This is a prototype setup that will protect your system somewhat against - # people from outside your own network. - ############ - - # set these to your network and netmask and ip - net="192.168.4.0" - mask="255.255.255.0" - ip="192.168.4.17" - - # Allow any traffic to or from my own net. - ${fwcmd} add pass all from ${ip} to ${net}:${mask} - ${fwcmd} add pass all from ${net}:${mask} to ${ip} - - # Allow TCP through if setup succeeded - ${fwcmd} add pass tcp from any to any established - - # Allow setup of incoming email - ${fwcmd} add pass tcp from any to ${ip} 25 setup - - # Allow setup of outgoing TCP connections only - ${fwcmd} add pass tcp from ${ip} to any setup - - # Disallow setup of all other TCP connections - ${fwcmd} add deny tcp from any to any setup - - # Allow DNS queries out in the world - ${fwcmd} add pass udp from any 53 to ${ip} - ${fwcmd} add pass udp from ${ip} to any 53 - - # Allow NTP queries out in the world - ${fwcmd} add pass udp from any 123 to ${ip} - ${fwcmd} add pass udp from ${ip} to any 123 - - # Everything else is denied as default. - -elif [ "${firewall_type}" = "simple" ]; then - - ############ - # This is a prototype setup for a simple firewall. Configure this machine - # as a named server and ntp server, and point all the machines on the inside - # at this machine for those services. - ############ - - # set these to your outside interface network and netmask and ip - oif="ed0" - onet="192.168.4.0" - omask="255.255.255.0" - oip="192.168.4.17" - - # set these to your inside interface network and netmask and ip - iif="ed1" - inet="192.168.3.0" - imask="255.255.255.0" - iip="192.168.3.17" - - # Stop spoofing - ${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif} - ${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif} - - # Stop RFC1918 nets on the outside interface - ${fwcmd} add deny all from 192.168.0.0:255.255.0.0 to any via ${oif} - ${fwcmd} add deny all from any to 192.168.0.0:255.255.0.0 via ${oif} - ${fwcmd} add deny all from 172.16.0.0:255.240.0.0 to any via ${oif} - ${fwcmd} add deny all from any to 172.16.0.0:255.240.0.0 via ${oif} - ${fwcmd} add deny all from 10.0.0.0:255.0.0.0 to any via ${oif} - ${fwcmd} add deny all from any to 10.0.0.0:255.0.0.0 via ${oif} - - # Allow TCP through if setup succeeded - ${fwcmd} add pass tcp from any to any established - - # Allow setup of incoming email - ${fwcmd} add pass tcp from any to ${oip} 25 setup - - # Allow access to our DNS - ${fwcmd} add pass tcp from any to ${oip} 53 setup - - # Allow access to our WWW - ${fwcmd} add pass tcp from any to ${oip} 80 setup - - # Reject&Log all setup of incoming connections from the outside - ${fwcmd} add deny log tcp from any to any in via ${oif} setup - - # Allow setup of any other TCP connection - ${fwcmd} add pass tcp from any to any setup - - # Allow DNS queries out in the world - ${fwcmd} add pass udp from any 53 to ${oip} - ${fwcmd} add pass udp from ${oip} to any 53 - - # Allow NTP queries out in the world - ${fwcmd} add pass udp from any 123 to ${oip} - ${fwcmd} add pass udp from ${oip} to any 123 - - # Everything else is denied as default. - -elif [ "${firewall_type}" != "UNKNOWN" -a -r "${firewall_type}" ]; then - ${fwcmd} ${firewall_type} -fi + ############ + # This is a prototype setup that will protect your system somewhat + # against people from outside your own network. + ############ + + # set these to your network and netmask and ip + net="192.168.4.0" + mask="255.255.255.0" + ip="192.168.4.17" + + # Allow any traffic to or from my own net. + ${fwcmd} add pass all from ${ip} to ${net}:${mask} + ${fwcmd} add pass all from ${net}:${mask} to ${ip} + + # Allow TCP through if setup succeeded + ${fwcmd} add pass tcp from any to any established + + # Allow setup of incoming email + ${fwcmd} add pass tcp from any to ${ip} 25 setup + + # Allow setup of outgoing TCP connections only + ${fwcmd} add pass tcp from ${ip} to any setup + + # Disallow setup of all other TCP connections + ${fwcmd} add deny tcp from any to any setup + + # Allow DNS queries out in the world + ${fwcmd} add pass udp from any 53 to ${ip} + ${fwcmd} add pass udp from ${ip} to any 53 + + # Allow NTP queries out in the world + ${fwcmd} add pass udp from any 123 to ${ip} + ${fwcmd} add pass udp from ${ip} to any 123 + + # Everything else is denied by default, unless the + # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel + # config file. + ;; + +[Ss][Ii][Mm][Pp][Ll][Ee]) + + ############ + # This is a prototype setup for a simple firewall. Configure this + # machine as a named server and ntp server, and point all the machines + # on the inside at this machine for those services. + ############ + + # set these to your outside interface network and netmask and ip + oif="ed0" + onet="192.168.4.0" + omask="255.255.255.0" + oip="192.168.4.17" + + # set these to your inside interface network and netmask and ip + iif="ed1" + inet="192.168.3.0" + imask="255.255.255.0" + iip="192.168.3.17" + + # Stop spoofing + ${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif} + ${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif} + + # Stop RFC1918 nets on the outside interface + ${fwcmd} add deny all from 192.168.0.0:255.255.0.0 to any via ${oif} + ${fwcmd} add deny all from any to 192.168.0.0:255.255.0.0 via ${oif} + ${fwcmd} add deny all from 172.16.0.0:255.240.0.0 to any via ${oif} + ${fwcmd} add deny all from any to 172.16.0.0:255.240.0.0 via ${oif} + ${fwcmd} add deny all from 10.0.0.0:255.0.0.0 to any via ${oif} + ${fwcmd} add deny all from any to 10.0.0.0:255.0.0.0 via ${oif} + + # Allow TCP through if setup succeeded + ${fwcmd} add pass tcp from any to any established + + # Allow setup of incoming email + ${fwcmd} add pass tcp from any to ${oip} 25 setup + + # Allow access to our DNS + ${fwcmd} add pass tcp from any to ${oip} 53 setup + + # Allow access to our WWW + ${fwcmd} add pass tcp from any to ${oip} 80 setup + + # Reject&Log all setup of incoming connections from the outside + ${fwcmd} add deny log tcp from any to any in via ${oif} setup + + # Allow setup of any other TCP connection + ${fwcmd} add pass tcp from any to any setup + + # Allow DNS queries out in the world + ${fwcmd} add pass udp from any 53 to ${oip} + ${fwcmd} add pass udp from ${oip} to any 53 + + # Allow NTP queries out in the world + ${fwcmd} add pass udp from any 123 to ${oip} + ${fwcmd} add pass udp from ${oip} to any 123 + + # Everything else is denied by default, unless the + # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel + # config file. + ;; + +[Uu][Nn][Kk][Nn][Oo][Ww][Nn]) + ;; +*) + if [ -r "${firewall_type}" ]; then + ${fwcmd} ${firewall_type} + fi + ;; +esac diff --git a/etc/rc.initdiskless b/etc/rc.initdiskless index 0f80c43..d93e36e 100644 --- a/etc/rc.initdiskless +++ b/etc/rc.initdiskless @@ -1,4 +1,6 @@ # +# $FreeBSD$ +# # /etc/rc.diskless - general BOOTP startup # # BOOTP has mounted / for us. Assume a read-only mount. We must then @@ -10,14 +12,14 @@ # set by the system operator on the server to be softlinks to # /conf/ME/fstab and /conf/ME/rc.conf.local. The system operator may # choose to retarget other files as well. The server itself boots -# properly with its default /conf/ME softlink pointing to -# /conf/server.host.name. +# properly with its default /conf/ME softlink pointing to +# /conf/server.host.name. # # During a diskless boot, we retarget the /conf/ME softlink to point # to /conf/DISKLESS.CLIENT.IP.ADDRESS. Thus, various system config # files that are softlinks through /conf/ME also get retargeted. # -# SEE SAMPLE FILES IN /usr/share/examples/diskless. +# SEE SAMPLE FILES IN /usr/share/examples/diskless. # chkerr: # @@ -25,27 +27,31 @@ # # checks error code and drops into shell on failure. # if shell exits, terminates script as well as /etc/rc. - +# chkerr() { - if [ $1 != 0 ]; then + case $1 in + 0) + ;; + *) echo "$2 failed: dropping into /bin/sh" /bin/sh # RESUME - fi + ;; + esac } # DEBUGGING # set -v -# Figure out where the root mount is coming from, synthesize a mount -# for /usr and mount it. +# Figure out where the root mount is coming from, synthesize a mount +# for /usr and mount it. # -# e.g. nfs_root might wind up as "A.B.C.D:/" +# e.g. nfs_root might wind up as "A.B.C.D:/" # -# NOTE! the /usr mount is only temporary so we can access commands necessary -# to retarget /conf/ME. The actual /usr mount should be part of the -# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless. +# NOTE! the /usr mount is only temporary so we can access commands necessary +# to retarget /conf/ME. The actual /usr mount should be part of the +# retargeted /etc/fstab. See instructions in /usr/share/examples/diskless. # set `/bin/df /` nfs_root=$8 @@ -53,7 +59,7 @@ mount_nfs -o ro ${nfs_root}/usr /usr chkerr $? "mount of /usr" -# Figure out our interface and IP. +# Figure out our interface and IP. # bootp_ifc=`route -n get default | fgrep interface | awk '{ print $2; }'` @@ -74,7 +80,7 @@ umount /usr # # WARNING! null mounts cannot handle mmap, and since many programs # use mmap (such as 'cp'), we have to copy. - +# mount_mfs -s 256 -T qp120at -o union dummy /conf chkerr $? "MFS mount on /conf" @@ -91,7 +97,7 @@ sysctl -w kern.bootfile=/conf/ME/kernel # else. # # This script is responsible for setting up the -# diskless mount environment. This can be +# diskless mount environment. This can be # overriden by /conf/ME/rc.conf.local if, for # example, you do not want to run the standard # system /etc/rc.diskless2 diff --git a/etc/rc.isdn b/etc/rc.isdn index 11e140a..1302102 100644 --- a/etc/rc.isdn +++ b/etc/rc.isdn @@ -10,39 +10,53 @@ # #--------------------------------------------------------------------------- -if [ "${isdn_enable}" = "YES" ] ; then - +case ${isdn_enable} in +[Yy][Ee][Ss]) echo -n 'ISDN subsystem setup:' - # terminal type for fullscreen mode, default to syscons driver + # Terminal type for fullscreen mode, default to syscons driver + # isdn_ttype=cons25 - # check for pcvt driver (VT100/VT220 emulator) - if [ -x /usr/sbin/ispcvt ] ; then - if /usr/sbin/ispcvt ; then + # Check for pcvt driver (VT100/VT220 emulator) + # + if [ -x /usr/sbin/ispcvt ]; then + if /usr/sbin/ispcvt; then isdn_ttype=pcvt25 fi fi - - if [ "${isdn_flags}" = "NO" ] ; then - isdn_flags="" - fi - - # start the isdn daemon - if [ -x /usr/sbin/isdnd ] ; then + + case ${isdn_flags} in + [Nn][Oo] | '') + isdn_flags='' + ;; + esac + + # Start the isdn daemon + # + if [ -x /usr/sbin/isdnd ]; then echo -n ' isdnd' - if [ "${isdn_fsdev}" = "NO" ] ; then - /usr/sbin/isdnd ${isdn_flags} - else + case ${isdn_fsdev} in + [Nn][Oo] | '') + /usr/sbin/isdnd ${isdn_flags} + ;; + *) /usr/sbin/isdnd ${isdn_flags} -f -r ${isdn_fsdev} -t ${isdn_ttype} - fi + ;; + esac fi - # start isdntrace - if [ "${isdn_trace}" = "YES" -a -x /usr/sbin/isdntrace ] ; then - echo -n ' isdntrace' - nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 & - fi + # Start isdntrace + # + case ${isdn_trace} in + [Yy][Ee][Ss]) + if [ -x /usr/sbin/isdntrace ]; then + echo -n ' isdntrace' + nohup /usr/sbin/isdntrace ${isdn_traceflags} >/dev/null 2>&1 & + fi + ;; + esac echo '.' -fi + ;; +esac diff --git a/etc/rc.network b/etc/rc.network index 781c73f..5ddce80 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -3,400 +3,574 @@ # $FreeBSD$ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 -# Note that almost all the user-configurable behavior is no longer in -# this file, but rather in /etc/rc.conf. Please check that file +# Note that almost all of the user-configurable behavior is no longer in +# this file, but rather in /etc/defaults/rc.conf. Please check that file # first before contemplating any changes here. If you do need to change # this file for some reason, we would like to know about it. # First pass startup stuff. - +# network_pass1() { - echo -n 'Doing initial network setup:' - # Set the host name if it is not already set - if [ -z "`hostname -s`" ] ; then - hostname ${hostname} - echo -n ' hostname' - fi - - # Set the domainname if we're using NIS - if [ -n "${nisdomainname}" -a "${nisdomainname}" != "NO" ] ; then - domainname ${nisdomainname} - echo -n ' domain' - fi - echo '.' - - # Initial ATM interface configuration - if [ "${atm_enable}" = "YES" -a -f /etc/rc.atm ]; then - . /etc/rc.atm - atm_pass1 - fi - - # ISDN subsystem startup - if [ "${isdn_enable}" = "YES" -a -f /etc/rc.isdn ]; then - . /etc/rc.isdn - fi - - # Special options for sppp(4) interfaces go here. These need - # to go _before_ the general ifconfig section, since in the case - # of hardwired (no link1 flag) but required authentication, you - # cannot pass auth parameters down to the already running interface. - for ifn in ${sppp_interfaces}; do - eval spppcontrol_args=\$spppconfig_${ifn} - if [ -n "${spppcontrol_args}" ] ; then - # The auth secrets might contain spaces; in order - # to retain the quotation, we need to eval them - # here. - eval spppcontrol ${ifn} ${spppcontrol_args} - fi - done - - # Set up all the network interfaces, calling startup scripts if needed - if [ "${network_interfaces}" = "auto" ]; then - network_interfaces="`ifconfig -l`" - fi - for ifn in ${network_interfaces}; do - showstat=false - if [ -e /etc/start_if.${ifn} ]; then - . /etc/start_if.${ifn} - showstat=true - fi - # Do the primary ifconfig if specified - eval ifconfig_args=\$ifconfig_${ifn} - if [ -n "${ifconfig_args}" ] ; then - # See if we are using DHCP - if [ "${ifconfig_args}" = "DHCP" ]; then - ${dhcp_program} ${dhcp_flags} ${ifn} - else - ifconfig ${ifn} ${ifconfig_args} - fi - showstat=true - fi - # Check to see if aliases need to be added - alias=0 - while : - do - eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} alias - showstat=true - alias=`expr ${alias} + 1` - else - break; - fi - done - # Do ipx address if specified - eval ifconfig_args=\$ifconfig_${ifn}_ipx - if [ -n "${ifconfig_args}" ]; then - ifconfig ${ifn} ${ifconfig_args} - showstat=true - fi - if [ "${showstat}" = "true" ] - then - ifconfig ${ifn} - fi - done - - # Warm up user ppp if required, must happen before natd. - if [ "${ppp_enable}" = "YES" ]; then - # Establish ppp mode. - if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ - -a "${ppp_mode}" != "dedicated" \ - -a "${ppp_mode}" != "background" ]; then - ppp_mode="auto"; - fi - ppp_command="-${ppp_mode} "; - - # Switch on alias mode? - if [ "${ppp_nat}" = "YES" ]; then - ppp_command="${ppp_command} -nat"; - fi - - echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} - fi - - # Initialize IP filtering using ipfw - echo "" - /sbin/ipfw -q flush > /dev/null 2>&1 - if [ $? = 0 ] ; then - firewall_in_kernel=1 - else - firewall_in_kernel=0 - fi - - if [ ${firewall_in_kernel} = 0 -a "${firewall_enable}" = "YES" ] ; then - if kldload ipfw; then - firewall_in_kernel=1 # module loaded successfully - echo "Kernel firewall module loaded." - else - echo "Warning: firewall kernel module failed to load." - fi - fi + echo -n 'Doing initial network setup:' - # Load the filters if required - if [ ${firewall_in_kernel} = 1 ]; then - if [ -z "${firewall_script}" ] ; then - firewall_script="/etc/rc.firewall" + # Set the host name if it is not already set + # + if [ -z "`hostname -s`" ]; then + hostname ${hostname} + echo -n ' hostname' fi - if [ -f ${firewall_script} -a "${firewall_enable}" = "YES" ]; then - . ${firewall_script} - echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - if [ "${natd_enable}" = "YES" -a -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then - natd_ifarg="-a ${natd_interface}" - else - natd_ifarg="-n ${natd_interface}" + + # Set the domainname if we're using NIS + # + case ${nisdomainname} in + [Nn][Oo] | '') + ;; + *) + domainname ${nisdomainname} + echo -n ' domain' + ;; + esac + + echo '.' + + # Initial ATM interface configuration + # + case ${atm_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.atm ]; then + . /etc/rc.atm + atm_pass1 + fi + ;; + esac + + # ISDN subsystem startup + # + case ${isdn_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/rc.isdn ]; then + . /etc/rc.isdn + fi + ;; + esac + + # Special options for sppp(4) interfaces go here. These need + # to go _before_ the general ifconfig section, since in the case + # of hardwired (no link1 flag) but required authentication, you + # cannot pass auth parameters down to the already running interface. + # + for ifn in ${sppp_interfaces}; do + eval spppcontrol_args=\$spppconfig_${ifn} + if [ -n "${spppcontrol_args}" ]; then + # The auth secrets might contain spaces; in order + # to retain the quotation, we need to eval them + # here. + eval spppcontrol ${ifn} ${spppcontrol_args} + fi + done + + # Set up all the network interfaces, calling startup scripts if needed + # + case ${network_interfaces} in + [Aa][Uu][Tt][Oo]) + network_interfaces="`ifconfig -l`" + ;; + esac + + for ifn in ${network_interfaces}; do + showstat=false + if [ -r /etc/start_if.${ifn} ]; then + . /etc/start_if.${ifn} + showstat=true fi - echo -n ' natd'; ${natd_program} ${natd_flags} ${natd_ifarg} - fi - echo '.' + + # Do the primary ifconfig if specified + # + eval ifconfig_args=\$ifconfig_${ifn} + + case ${ifconfig_args} in + '') + ;; + [Dd][Hh][Cc][Pp]) + ${dhcp_program:-/sbin/dhclient} ${dhcp_flags} ${ifn} + showstat=true + ;; + *) + ifconfig ${ifn} ${ifconfig_args} + showstat=true + ;; + esac + + # Check to see if aliases need to be added + # + alias=0 + while : ; do + eval ifconfig_args=\$ifconfig_${ifn}_alias${alias} + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} alias + showstat=true + alias=`expr ${alias} + 1` + else + break; + fi + done + + # Do ipx address if specified + # + eval ifconfig_args=\$ifconfig_${ifn}_ipx + if [ -n "${ifconfig_args}" ]; then + ifconfig ${ifn} ${ifconfig_args} + showstat=true + fi + + case ${showstat} in + true) + ifconfig ${ifn} + ;; + esac + done + + # Warm up user ppp if required, must happen before natd. + # + case ${ppp_enable} in + [Yy][Ee][Ss]) + # Establish ppp mode. + # + if [ "${ppp_mode}" != "ddial" -a "${ppp_mode}" != "direct" \ + -a "${ppp_mode}" != "dedicated" \ + -a "${ppp_mode}" != "background" ]; then + ppp_mode="auto"; + fi + + ppp_command="-${ppp_mode} "; + + # Switch on alias mode? + # + case ${ppp_nat} in + [Yy][Ee][Ss]) + ppp_command="${ppp_command} -nat"; + ;; + esac + + echo -n 'Starting ppp: '; ppp ${ppp_command} -quiet ${ppp_profile} + ;; + esac + + # Initialize IP filtering using ipfw + # + echo '' + + if /sbin/ipfw -q flush > /dev/null 2>&1; then + firewall_in_kernel=1 else - IPFW_DEFAULT=`ipfw l 65535` - if [ "${IPFW_DEFAULT}" = "65535 deny ip from any to any" ]; then - echo -n "Warning: kernel has firewall functionality, " - echo "but firewall rules are not enabled." - echo " All ip services are disabled." - fi + firewall_in_kernel=0 fi - fi - - # Additional ATM interface configuration - if [ -n "${atm_pass1_done}" ]; then - atm_pass2 - fi - - # Configure routing - - if [ "${defaultrouter}" != "NO" ] ; then - static_routes="default ${static_routes}" - route_default="default ${defaultrouter}" - fi - - # Set up any static routes. This should be done before router discovery. - if [ -n "${static_routes}" ]; then - for i in ${static_routes}; do - eval route_args=\$route_${i} - route add ${route_args} - done - fi - - echo -n 'Additional routing options:' - if [ -n "${tcp_extensions}" -a "${tcp_extensions}" != "YES" ] ; then - echo -n ' tcp extensions=NO' - sysctl -w net.inet.tcp.rfc1323=0 >/dev/null - fi - - if [ -n "${log_in_vain}" -a "${log_in_vain}" != "NO" ] ; then - echo -n ' log_in_vain=YES' - sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null - sysctl -w net.inet.udp.log_in_vain=1 >/dev/null - fi - - if [ "${icmp_bmcastecho}" = "YES" ]; then - echo -n ' broadcast ping responses=YES' - sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null - fi - - if [ "${icmp_drop_redirect}" = "YES" ]; then - echo -n ' ignore ICMP redirect=YES' - sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null - fi - - if [ "${icmp_log_redirect}" = "YES" ]; then - echo -n ' log ICMP redirect=YES' - sysctl -w net.inet.icmp.log_redirect=1 >/dev/null - fi - - if [ "${gateway_enable}" = "YES" ]; then - echo -n ' IP gateway=YES' - sysctl -w net.inet.ip.forwarding=1 >/dev/null - fi - - if [ "${forward_sourceroute}" = "YES" ]; then - echo -n ' do source routing=YES' - sysctl -w net.inet.ip.sourceroute=1 >/dev/null - fi - - if [ "${accept_sourceroute}" = "YES" ]; then - echo -n ' accept source routing=YES' - sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null - fi - - if [ "${tcp_keepalive}" = "YES" ]; then - echo -n ' TCP keepalive=YES' - sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null - fi - - if [ "X$tcp_restrict_rst" = X"YES" ]; then - echo -n ' restrict TCP reset=YES' - sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null - fi - - if [ "X$tcp_drop_synfin" = X"YES" ]; then - echo -n ' drop SYN+FIN packets=YES' - sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null - fi - - if [ "${ipxgateway_enable}" = "YES" ]; then - echo -n ' IPX gateway=YES' - sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null - fi - - if [ "${arpproxy_all}" = "YES" ]; then - echo -n ' ARP proxyall=YES' - sysctl -w net.link.ether.inet.proxyall=1 >/dev/null - fi - echo '.' - - echo -n 'routing daemons:' - if [ "${router_enable}" = "YES" ]; then - echo -n " ${router}"; ${router} ${router_flags} - fi - - if [ "${ipxrouted_enable}" = "YES" ]; then - echo -n ' IPXrouted' - IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 - fi - - if [ "${mrouted_enable}" = "YES" ]; then - echo -n ' mrouted'; mrouted ${mrouted_flags} - fi - - if [ "${rarpd_enable}" = "YES" ]; then - echo -n ' rarpd'; rarpd ${rarpd_flags} - fi - echo '.' - network_pass1_done=YES # Let future generations know we made it. + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ "${firewall_in_kernel}" -eq 0 ] && kldload ipfw; then + firewall_in_kernel=1 + echo "Kernel firewall module loaded." + elif [ "${firewall_in_kernel}" -eq 0 ]; then + echo "Warning: firewall kernel module failed to load." + fi + ;; + esac + + # Load the filters if required + # + case ${firewall_in_kernel} in + 1) + if [ -z "${firewall_script}" ]; then + firewall_script=/etc/rc.firewall + fi + + case ${firewall_enable} in + [Yy][Ee][Ss]) + if [ -r ${firewall_script} ]; then + . ${firewall_script} + echo -n 'Firewall rules loaded, starting divert daemons:' + + # Network Address Translation daemon + # + case ${natd_enable} in + [Yy][Ee][Ss]) + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$'; then + natd_ifarg="-a ${natd_interface}" + else + natd_ifarg="-n ${natd_interface}" + fi + + echo -n ' natd'; ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} + fi + ;; + esac + + echo '.' + + elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then + echo -n "Warning: kernel has firewall functionality, " + echo "but firewall rules are not enabled." + echo " All ip services are disabled." + fi + ;; + esac + ;; + esac + + # Additional ATM interface configuration + # + if [ -n "${atm_pass1_done}" ]; then + atm_pass2 + fi + + # Configure routing + # + case ${defaultrouter} in + [Nn][Oo] | '') + ;; + *) + static_routes="default ${static_routes}" + route_default="default ${defaultrouter}" + ;; + esac + + # Set up any static routes. This should be done before router discovery. + # + if [ -n "${static_routes}" ]; then + for i in ${static_routes}; do + eval route_args=\$route_${i} + route add ${route_args} + done + fi + + echo -n 'Additional routing options:' + case ${tcp_extensions} in + [Yy][Ee][Ss] | '') + ;; + *) + echo -n ' tcp extensions=NO' + sysctl -w net.inet.tcp.rfc1323=0 >/dev/null + ;; + esac + + case ${log_in_vain} in + [Nn][Oo] | '') + ;; + *) + echo -n ' log_in_vain=YES' + sysctl -w net.inet.tcp.log_in_vain=1 >/dev/null + sysctl -w net.inet.udp.log_in_vain=1 >/dev/null + ;; + esac + + case ${icmp_bmcastecho} in + [Yy][Ee][Ss]) + echo -n ' broadcast ping responses=YES' + sysctl -w net.inet.icmp.bmcastecho=1 >/dev/null + ;; + esac + + case ${icmp_drop_redirect} in + [Yy][Ee][Ss]) + echo -n ' ignore ICMP redirect=YES' + sysctl -w net.inet.icmp.drop_redirect=1 >/dev/null + ;; + esac + + case ${icmp_log_redirect} in + [Yy][Ee][Ss]) + echo -n ' log ICMP redirect=YES' + sysctl -w net.inet.icmp.log_redirect=1 >/dev/null + ;; + esac + + case ${gateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IP gateway=YES' + sysctl -w net.inet.ip.forwarding=1 >/dev/null + ;; + esac + + case ${forward_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' do source routing=YES' + sysctl -w net.inet.ip.sourceroute=1 >/dev/null + ;; + esac + + case ${accept_sourceroute} in + [Yy][Ee][Ss]) + echo -n ' accept source routing=YES' + sysctl -w net.inet.ip.accept_sourceroute=1 >/dev/null + ;; + esac + + case ${tcp_keepalive} in + [Yy][Ee][Ss]) + echo -n ' TCP keepalive=YES' + sysctl -w net.inet.tcp.always_keepalive=1 >/dev/null + ;; + esac + + case ${tcp_restrict_rst} in + [Yy][Ee][Ss]) + echo -n ' restrict TCP reset=YES' + sysctl -w net.inet.tcp.restrict_rst=1 >/dev/null + ;; + esac + + case ${tcp_drop_synfin} in + [Yy][Ee][Ss]) + echo -n ' drop SYN+FIN packets=YES' + sysctl -w net.inet.tcp.drop_synfin=1 >/dev/null + ;; + esac + + case ${ipxgateway_enable} in + [Yy][Ee][Ss]) + echo -n ' IPX gateway=YES' + sysctl -w net.ipx.ipx.ipxforwarding=1 >/dev/null + ;; + esac + + case ${arpproxy_all} in + [Yy][Ee][Ss]) + echo -n ' ARP proxyall=YES' + sysctl -w net.link.ether.inet.proxyall=1 >/dev/null + ;; + esac + echo '.' + + echo -n 'routing daemons:' + case ${router_enable} in + [Yy][Ee][Ss]) + echo -n " ${router}"; ${router} ${router_flags} + ;; + esac + + case ${ipxrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' IPXrouted' + IPXrouted ${ipxrouted_flags} > /dev/null 2>&1 + ;; + esac + + case ${mrouted_enable} in + [Yy][Ee][Ss]) + echo -n ' mrouted'; mrouted ${mrouted_flags} + ;; + esac + + case ${rarpd_enable} in + [Yy][Ee][Ss]) + echo -n ' rarpd'; rarpd ${rarpd_flags} + ;; + esac + echo '.' + + # Let future generations know we made it. + # + network_pass1_done=YES } network_pass2() { - echo -n 'Doing additional network setup:' - if [ "${named_enable}" = "YES" ]; then - echo -n ' named'; ${named_program-"named"} ${named_flags} - fi - - if [ "${ntpdate_enable}" = "YES" ]; then - echo -n ' ntpdate'; ${ntpdate_program} ${ntpdate_flags} >/dev/null 2>&1 - fi - - if [ "${xntpd_enable}" = "YES" ]; then - echo -n ' xntpd'; ${xntpd_program} ${xntpd_flags} - fi - - if [ "${timed_enable}" = "YES" ]; then - echo -n ' timed'; timed ${timed_flags} - fi - - if [ "${portmap_enable}" = "YES" ]; then - echo -n ' portmap'; ${portmap_program} ${portmap_flags} - fi - - # Start ypserv if we're an NIS server. - # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. - if [ "${nis_server_enable}" = "YES" ]; then - echo -n ' ypserv'; ypserv ${nis_server_flags} - - if [ "${nis_ypxfrd_enable}" = "YES" ]; then - echo -n ' rpc.ypxfrd'; rpc.ypxfrd ${nis_ypxfrd_flags} - fi - - if [ "${nis_yppasswdd_enable}" = "YES" ]; then - echo -n ' rpc.yppasswdd'; rpc.yppasswdd ${nis_yppasswdd_flags} - fi - fi - - # Start ypbind if we're an NIS client - if [ "${nis_client_enable}" = "YES" ]; then - echo -n ' ypbind'; ypbind ${nis_client_flags} - if [ "${nis_ypset_enable}" = "YES" ]; then - echo -n ' ypset'; ypset ${nis_ypset_flags} - fi - fi - - # Start keyserv if we are running Secure RPC - if [ "${keyserv_enable}" = "YES" ]; then - echo -n ' keyserv'; keyserv ${keyserv_flags} - fi - # Start ypupdated if we are running Secure RPC and we are NIS master - if [ "${rpc_ypupdated_enable}" = "YES" ]; then - echo -n ' rpc.ypupdated'; rpc.ypupdated - fi - - # Start ATM daemons - if [ -n "${atm_pass2_done}" ]; then - atm_pass3 - fi - - echo '.' - network_pass2_done=YES + echo -n 'Doing additional network setup:' + case ${named_enable} in + [Yy][Ee][Ss]) + echo -n ' named'; ${named_program:-named} ${named_flags} + ;; + esac + + case ${ntpdate_enable} in + [Yy][Ee][Ss]) + echo -n ' ntpdate' + ${ntpdate_program:-ntpdate} ${ntpdate_flags} >/dev/null 2>&1 + ;; + esac + + case ${xntpd_enable} in + [Yy][Ee][Ss]) + echo -n ' xntpd'; ${xntpd_program:-xntpd} ${xntpd_flags} + ;; + esac + + case ${timed_enable} in + [Yy][Ee][Ss]) + echo -n ' timed'; timed ${timed_flags} + ;; + esac + + case ${portmap_enable} in + [Yy][Ee][Ss]) + echo -n ' portmap'; ${portmap_program:-/usr/sbin/portmap} ${portmap_flags} + ;; + esac + + # Start ypserv if we're an NIS server. + # Run rpc.ypxfrd and rpc.yppasswdd only on the NIS master server. + # + case ${nis_server_enable} in + [Yy][Ee][Ss]) + echo -n ' ypserv'; ypserv ${nis_server_flags} + + case ${nis_ypxfrd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypxfrd' + rpc.ypxfrd ${nis_ypxfrd_flags} + ;; + esac + + case ${nis_yppasswdd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.yppasswdd' + rpc.yppasswdd ${nis_yppasswdd_flags} + ;; + esac + ;; + esac + + # Start ypbind if we're an NIS client + # + case ${nis_client_enable} in + [Yy][Ee][Ss]) + echo -n ' ypbind'; ypbind ${nis_client_flags} + case ${nis_ypset_enable} in + [Yy][Ee][Ss]) + echo -n ' ypset'; ypset ${nis_ypset_flags} + ;; + esac + ;; + esac + + # Start keyserv if we are running Secure RPC + # + case ${keyserv_enable} in + [Yy][Ee][Ss]) + echo -n ' keyserv'; keyserv ${keyserv_flags} + ;; + esac + + # Start ypupdated if we are running Secure RPC and we are NIS master + # + case ${rpc_ypupdated_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.ypupdated'; rpc.ypupdated + ;; + esac + + # Start ATM daemons + if [ -n "${atm_pass2_done}" ]; then + atm_pass3 + fi + + echo '.' + network_pass2_done=YES } network_pass3() { - echo -n 'Starting final network daemons:' - - if [ "${nfs_server_enable}" = "YES" -a -r /etc/exports ]; then - echo -n ' mountd' - if [ "${weak_mountd_authentication}" = "YES" ]; then - mountd_flags="-n" - fi - mountd ${mountd_flags} - if [ "${nfs_reserved_port_only}" = "YES" ]; then - echo -n ' NFS on reserved port only=YES' - sysctl -w vfs.nfs.nfs_privport=1 >/dev/null - fi - echo -n ' nfsd'; nfsd ${nfs_server_flags} - if [ "${rpc_lockd_enable}" = "YES" ]; then - echo -n ' rpc.lockd'; rpc.lockd - fi - if [ "${rpc_statd_enable}" = "YES" ]; then - echo -n ' rpc.statd'; rpc.statd - fi - fi - - if [ "${nfs_client_enable}" = "YES" ]; then - echo -n ' nfsiod'; nfsiod ${nfs_client_flags} - if [ "${nfs_access_cache}" != "X" ]; then + echo -n 'Starting final network daemons:' + + case ${nfs_server_enable} in + [Yy][Ee][Ss]) + if [ -r /etc/exports ]; then + echo -n ' mountd' + + case ${weak_mountd_authentication} in + [Yy][Ee][Ss]) + mountd_flags="-n" + ;; + esac + + mountd ${mountd_flags} + + case ${nfs_reserved_port_only} in + [Yy][Ee][Ss]) + echo -n ' NFS on reserved port only=YES' + sysctl -w vfs.nfs.nfs_privport=1 >/dev/null + ;; + esac + + echo -n ' nfsd'; nfsd ${nfs_server_flags} + + case ${rpc_lockd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.lockd'; rpc.lockd + ;; + esac + + case ${rpc_statd_enable} in + [Yy][Ee][Ss]) + echo -n ' rpc.statd'; rpc.statd + ;; + esac + fi + ;; + esac + + case ${nfs_client_enable} in + [Yy][Ee][Ss]) + echo -n ' nfsiod'; nfsiod ${nfs_client_flags} + if [ -n "${nfs_access_cache}" ]; then echo -n " NFS access cache time=${nfs_access_cache}" sysctl -w vfs.nfs.access_cache_timeout=${nfs_access_cache} \ - >/dev/null - fi - fi - - if [ "${amd_enable}" = "YES" ]; then - echo -n ' amd' - if [ "${amd_map_program}" != "NO" ]; then - amd_flags="${amd_flags} `eval ${amd_map_program}`" - fi - if [ -n "${amd_flags}" ] - then - amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null - else - amd 2> /dev/null - fi - fi - - if [ "${rwhod_enable}" = "YES" ]; then - echo -n ' rwhod'; rwhod ${rwhod_flags} - fi - - # Kerberos runs ONLY on the Kerberos server machine - if [ "${kerberos_server_enable}" = "YES" ]; then - if [ "${kerberos_stash}" = "YES" ]; then - stash_flag=-n - else - stash_flag= - fi - echo -n ' kerberos'; \ + >/dev/null + fi + ;; + esac + + case ${amd_enable} in + [Yy][Ee][Ss]) + echo -n ' amd' + case ${amd_map_program} in + [Nn][Oo] | '') + ;; + *) + amd_flags="${amd_flags} `eval ${amd_map_program}`" + ;; + esac + + if [ -n "${amd_flags}" ]; then + amd -p ${amd_flags} > /var/run/amd.pid 2> /dev/null + else + amd 2> /dev/null + fi + ;; + esac + + case ${rwhod_enable} in + [Yy][Ee][Ss]) + echo -n ' rwhod'; rwhod ${rwhod_flags} + ;; + esac + + # Kerberos runs ONLY on the Kerberos server machine + case ${kerberos_server_enable} in + [Yy][Ee][Ss]) + case ${kerberos_stash} in + [Yy][Ee][Ss]) + stash_flag=-n + ;; + *) + stash_flag= + ;; + esac + + echo -n ' kerberos' kerberos ${stash_flag} >> /var/log/kerberos.log & - if [ "${kadmind_server_enable}" = "YES" ]; then - echo -n ' kadmind'; \ - (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & - fi - unset stash_flag - fi - - echo '.' - network_pass3_done=YES + + case ${kadmind_server_enable} in + [Yy][Ee][Ss]) + echo -n ' kadmind' + (sleep 20; kadmind ${stash_flag} >/dev/null 2>&1 &) & + ;; + esac + unset stash_flag + ;; + esac + + echo '.' + network_pass3_done=YES } diff --git a/etc/rc.pccard b/etc/rc.pccard index 92a4ee3..a68323b 100644 --- a/etc/rc.pccard +++ b/etc/rc.pccard @@ -2,15 +2,22 @@ # PC-card startup script # $FreeBSD$ -if [ "${pccard_enable}" = "YES" ] ; then - if [ "${pccard_mem}" != "DEFAULT" ] ; then - pccardc pccardmem ${pccard_mem} - else +case ${pccard_enable} in +[Yy][Ee][Ss]) + case ${pccard_mem} in + [Dd][Ee][Ff][Aa][Uu][Ll][Tt]) pccardc pccardmem 0xd0000 - fi - if [ -n "${pccard_conf}" ] ; then + ;; + *) + pccardc pccardmem ${pccard_mem} + ;; + esac + + if [ -n "${pccard_conf}" ]; then pccardd_flags="${pccardd_flags} -f ${pccard_conf}" fi - echo -n "Enable PC-card." + + echo -n "Enable PC-card." pccardd ${pccardd_flags} 2>&1 > /var/log/pccardd.debug -fi + ;; +esac diff --git a/etc/rc.resume b/etc/rc.resume index 74db8ed..018a9e1 100755 --- a/etc/rc.resume +++ b/etc/rc.resume @@ -4,8 +4,7 @@ # # sample run command file for APM Resume Event -if [ -f /var/run/rc.suspend.pid ] -then +if [ -r /var/run/rc.suspend.pid ]; then kill -9 `cat /var/run/rc.suspend.pid` rm -f /var/run/rc.suspend.pid echo rc.suspend is killed @@ -13,11 +12,10 @@ fi # Turns on a power supply of a card in the slot inactivated. # See also contrib/pccardq.c (only for PAO users). -#pccardq | awk -F '~' '$5 == "inactive" \ -# { printf("pccardc power %d 1", $1); }' | sh +# pccardq | awk -F '~' '$5 == "inactive" \ +# { printf("pccardc power %d 1", $1); }' | sh logger -t apmd resumed at `date +'%Y%m%d %H:%M:%S'` sync && sync && sync exit 0 - diff --git a/etc/rc.shutdown b/etc/rc.shutdown index e241721..0479e02 100644 --- a/etc/rc.shutdown +++ b/etc/rc.shutdown @@ -1,7 +1,7 @@ #!/bin/sh # $FreeBSD$ -# site-specific closing actions for daemons run by init on shutdown +# Site-specific closing actions for daemons run by init on shutdown, # or before going single-user from multi-user. # Output and errors are directed to console by init, and the # console is the controlling terminal. @@ -13,11 +13,11 @@ stty status '^T' trap : 2 trap : 3 # shouldn't be needed -HOME=/; export HOME +HOME=/ PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin -export PATH +export HOME PATH -echo -n Shutting down daemon processes: +echo -n "Shutting down daemon processes: " # Insert shutdown procedures here diff --git a/etc/rc.suspend b/etc/rc.suspend index 9b6f815..24136d1 100755 --- a/etc/rc.suspend +++ b/etc/rc.suspend @@ -4,8 +4,7 @@ # # sample run command file for APM Suspend Event -if [ -f /var/run/rc.suspend.pid ] -then +if [ -r /var/run/rc.suspend.pid ]; then exit 1 fi @@ -13,7 +12,7 @@ echo $$ > /var/run/rc.suspend.pid # If you have troubles on suspending with PC-CARD modem, try this. # See also contrib/pccardq.c (Only for PAO users). -#pccardq | awk -F '~' '$5 == "filled" && $4 ~ /sio/ \ +# pccardq | awk -F '~' '$5 == "filled" && $4 ~ /sio/ \ # { printf("pccardc power %d 0", $1); }' | sh logger -t apmd suspend at `date +'%Y%m%d %H:%M:%S'` @@ -24,4 +23,3 @@ rm -f /var/run/rc.suspend.pid zzz exit 0 - diff --git a/etc/security b/etc/security index 0eb9ab3..f56073f 100644 --- a/etc/security +++ b/etc/security @@ -7,8 +7,8 @@ PATH=/sbin:/bin:/usr/bin LC_ALL=C; export LC_ALL separator () { - echo "" - echo "" + echo '' + echo '' } host=`hostname` @@ -21,25 +21,26 @@ umask 027 echo "checking setuid files and devices:" -# don't have ncheck, but this does the equivalent of the commented out block. -# note that one of the original problem, the possibility of overrunning +# Don't have ncheck, but this does the equivalent of the commented out block. +# Note that one of the original problems, the possibility of overrunning # the args to ls, is still here... # MP=`mount -t ufs | grep -v " nosuid" | sed 's;/dev/;&r;' | awk '{ print $3 }'` set ${MP} -while test $# -ge 1; do +while [ $# -ge 1 ]; do mount=$1 shift find $mount -xdev -type f \ \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ - \( -perm -u+s -or -perm -g+s \) -print0 + \( -perm -u+s -or -perm -g+s \) -print0 done | xargs -0 -n 20 ls -lTd | sort +9 > ${TMP} -if [ ! -f ${LOG}/setuid.today ] ; then +if [ ! -f ${LOG}/setuid.today ]; then separator echo "no ${LOG}/setuid.today" cp ${TMP} ${LOG}/setuid.today fi + if cmp ${LOG}/setuid.today ${TMP} >/dev/null; then :; else separator echo "${host} setuid diffs:" @@ -56,25 +57,28 @@ separator echo "checking for passwordless accounts:" awk -F: '$1 !~ /^\+/ && $2=="" {print $0}' /etc/master.passwd -# show denied packets +# Show denied packets +# if ipfw -a l 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then - if [ ! -f ${LOG}/ipfw.today ] ; then + if [ ! -f ${LOG}/ipfw.today ]; then separator echo "no ${LOG}/ipfw.today" cp ${TMP} ${LOG}/ipfw.today fi + if cmp ${LOG}/ipfw.today ${TMP} >/dev/null; then :; else separator - echo "${host} denied packets:" - diff -b ${LOG}/ipfw.today ${TMP} | egrep "^>" - mv ${LOG}/ipfw.today ${LOG}/ipfw.yesterday - mv ${TMP} ${LOG}/ipfw.today + echo "${host} denied packets:" + diff -b ${LOG}/ipfw.today ${TMP} | egrep "^>" + mv ${LOG}/ipfw.today ${LOG}/ipfw.yesterday + mv ${TMP} ${LOG}/ipfw.today fi fi -# show ipfw rules which have reached the log limit +# Show ipfw rules which have reached the log limit +# IPFW_LOG_LIMIT=`sysctl -n net.inet.ip.fw.verbose_limit 2> /dev/null` -if [ $? -eq 0 ] && [ ${IPFW_LOG_LIMIT} -ne 0 ]; then +if [ $? -eq 0 -a ${IPFW_LOG_LIMIT} -ne 0 ]; then ipfw -a l | grep " log " | perl -n -e \ '/^\d+\s+(\d+)/; print if ($1 >= '$IPFW_LOG_LIMIT')' > ${TMP} if [ -s ${TMP} ]; then @@ -84,28 +88,32 @@ if [ $? -eq 0 ] && [ ${IPFW_LOG_LIMIT} -ne 0 ]; then fi fi -# show kernel log messages +# Show kernel log messages +# if dmesg 2>/dev/null > ${TMP}; then - if [ ! -f ${LOG}/dmesg.today ] ; then + if [ ! -f ${LOG}/dmesg.today ]; then separator echo "no ${LOG}/dmesg.today" cp ${TMP} ${LOG}/dmesg.today fi + if cmp ${LOG}/dmesg.today ${TMP} >/dev/null 2>&1; then :; else separator - echo "${host} kernel log messages:" - diff -b ${LOG}/dmesg.today ${TMP} | egrep "^>" - mv ${LOG}/dmesg.today ${LOG}/dmesg.yesterday - mv ${TMP} ${LOG}/dmesg.today + echo "${host} kernel log messages:" + diff -b ${LOG}/dmesg.today ${TMP} | egrep "^>" + mv ${LOG}/dmesg.today ${LOG}/dmesg.yesterday + mv ${TMP} ${LOG}/dmesg.today fi fi -# show login failures +# Show login failures +# separator echo "${host} login failures:" grep -i "login failure" ${LOG}/messages -# show tcp_wrapper warning messages +# Show tcp_wrapper warning messages +# separator echo "${host} refused connections:" grep -i "refused connect" ${LOG}/messages |