summaryrefslogtreecommitdiffstats
path: root/etc/rc.network
Commit message (Collapse)AuthorAgeFilesLines
* Initiate KerberosIV de-orbit burn. Disconnect the /etc configs.markm2003-03-081-28/+0
|
* Latest IPFilter requires flushing rules for IPv6 separatelyume2003-03-051-0/+1
| | | | from IPv4.
* o Don't consider LOOPBACK devices as configured...imp2002-12-131-1/+2
|
* o redirect the grep to /dev/nullimp2002-12-121-1/+1
| | | | | | | o use ifn rather than interface in rc.network o merge into rc.d/network1 Approved by: (re blanket)
* o Don't do anything if the interface is already up.imp2002-12-111-0/+5
| | | | | | o Only delay in pccard_ether when we're doing dhcp and starting the interface. Approved: (re blanket for devd)
* Add IPv6 setup for ipfilter. `ipv6_ipfilter_rules' was addedume2002-11-021-3/+13
| | | | | | | | | to specify rules definition file for ipfilter. The default is /etc/ipf6.rules. If there is a file which is specified by 'ipv6_ipfilter_rules', IPv6 rule is installed. Reviewed by: Ronald van der Pol <Ronald.vanderPol@rvdp.org> MFC after: 1 week
* up gif during setup.ume2002-09-201-0/+1
|
* I missed the single_mountd_enable in rc.network.gordon2002-08-151-1/+1
| | | | Submitted by: Mike Makonnen <makonnen@pacbell.net>
* Clean up the scripts to use the new variables:gordon2002-08-141-6/+6
| | | | | | | | | | | | | | | | xntpd_* -> ntpd_* portmap_* -> rpcbind_* Also change single_mountd_enable -> mountd_enable Changing the mountd flags brings us closer to NetBSD. All of the old variable names are shimmed so you can continue to use the old variable name. Finally make /etc/rc.d/mountd no longer dependent on nfs as there are (apparently) other consumers of mountd. Submitted by: Mike Makonnen <makonnen@pacbell.net>
* Cosmetic changes to the previous commit, bringing it closer to what Ides2002-04-111-7/+7
| | | | already had in my tree but didn't want to commit.
* Since sshd expects /etc/ssh/ssh_host_rsa_key to exist, we had betterpeter2002-04-101-4/+9
| | | | | create it. Also specify protocol v1/v2 in case people wonder why we generate two RSA keys.
* The good news is that my initial PR was correct... the bad news is that Idougb2002-04-011-1/+5
| | | | | | | | | was apparently smoking something when I committed the last fix, because as ume was kindly enough to set me straight on, amd *will* start with no arguments at all, as long as there is an /etc/amd.conf file for it to read. What it won't do is start with *just* -p. In any case, now it's fixed.
* Don't try to generate ssh keys if ssh isn't installed.des2002-03-191-7/+11
|
* IPFilter may need to be re-sync'ed even if we are not filtering, butcjc2002-03-191-1/+3
| | | | | | | | only doing ipnat(8). Go back to using $ipfilter_active, but turn off $ipfilter_active when loading ipl.ko has failed. Submitted by: devet@devet.org (Arjan de Vet) MFC after: 3 days
* Answer the question posed in 1.126. amd won't start without either adougb2002-03-171-2/+11
| | | | | | | | conf file, or command line options. I brought this up in PR 12432, which (ironically) obrien assigned to me after I became a committer. :) PR: conf/12432 Submitted by: Me
* The reload of ipf(8) rules should depend on $ipfilter_enable, notcjc2002-03-121-2/+1
| | | | | | | $ipfilter_active. $ipfilter_enable is set to "NO" if modules fail to load, and $ipfilter_active can be "YES" when we are not using ipf(8). MFC after: 3 days
* Background the startup of `Amd', it often blocks on startup.obrien2002-03-121-2/+2
|
* Why shouldn't amd always write its PID to a file?obrien2002-03-121-6/+2
| | | | Since I cannot answer that question, make it.
* Redirect stdout of `ipf -y' to /dev/null. This removes a straydd2002-03-041-1/+1
| | | | | "filter sync'd" in the middle of the boot output if IPFilter is enabled, but does not hide any potential errors, which go to stderr.
* There is no reason to demand the administrator set 'natd_interface'cjc2002-02-201-5/+4
| | | | | | | | | | | | | when running natd(8) out of the rc-files. It is perfectly valid for the interface or alias address to be set in a natd(8) configuration file, not on the command line. Also, loosen up the restrictions on identifying an IP address argument in 'natd_interface.' Fix the documentation, rc.conf(5), to reflect this change. Take the bogus default for 'natd_interface' out of /etc/defaults/rc.conf. MFC after: 3 days
* peter points out that we probably should not mess with the sysctl(8)cjc2002-02-081-4/+5
| | | | | | | | | values at all if they are not purposefully set. What if the administrator messed with them in /etc/sysctl.conf? We don't want to overwrite them. If 'log_in_vain' is zero, do not force the issue. If it is non-zero, set it.
* Register amd's dependency on NFS.sheldonh2002-01-281-36/+51
| | | | | | | | This change was submitted to the freebsd-audit mailing list for review but received no feedback. Hindsight-enabled reviews are welcome. PR: conf/31358 Submitted: Thomas Quinot <thomas@cuivre.fr.eu.org>
* Make the rc.conf(5) 'log_in_vain' knob an integer.cjc2002-01-261-3/+12
| | | | | | | | | | Try this out in -CURRENT, MFC, and then consider dropping the 'log_in_vain' knob all together. It really is something for sysctl.conf(5). PR: bin/32953 Reviewed by: -bugs discussion MFC after: 1 week
* rpc.lockd needs rpc.statd to be running for it to start up properly.alfred2001-12-131-4/+15
| | | | | | | | | so swap the order. Also allow rpc.lockd and rpc.statd to be turned on if nfsclient is enabled. They are needed to provide client side locking support. PR: conf/27811
* s/sysctl -w/sysctl/ru2001-12-111-19/+19
|
* o Update rc.network to reflect the recent change of default in therwatson2001-12-071-3/+3
| | | | | | | | | | | kernel TCP timer code: rather than checking for tcp_keepalive being set to "YES", check for "NO" and turn off keepalives if the variable is set in that manner. o Note: eventually, it would make sense to remove this variable from rc.conf management, and instead rely on sysctl.conf. In fact, this is probably true of a number of rc.conf variables whose sole aim is to drive the setting of sysctls at boot time.
* Protect the '*' in pppoed_provider (the default) from metacharactercjc2001-12-061-0/+2
| | | | | | | | | | expansion in the rc-scripts. PR: 32552 Submitted by: Gleb Smirnoff <glebius@rinet.ru> Approved by: ru Obtained from: ru MFC after: 1 day
* Spelling police: sucessful -> successful.dd2001-11-241-1/+1
|
* Resolve all the ipfilter startup issues in rc.network with one big patchdarrenr2001-11-241-59/+71
| | | | | | | | | to get it all right, allowing ipnat to be enabled independantly of ipfilter in rc.conf (among other things). PR: multiple Submitted by: Arjan de Vet <devet@devet.org> Reviewed by: Giorgos Keramidas <keramida@FreeBSD.org>
* Avoid unnecessary calls to expr(1) by using standard shell arithmeticsheldonh2001-11-141-1/+1
| | | | expansion instead.
* Update the nsswitch.conf -> host.conf generator to handle criteria,fenner2001-11-071-10/+16
| | | | | | | | continuation lines, extra whitespace, and to use the last matching line in the file. This syncs the host.conf generation with how the nsswitch.conf is parsed. Only print " host.conf" instead of a multi-line message, since this happens on every boot.
* Modify the way host.conf and nsswitch.conf are treated at boot time:des2001-11-011-7/+34
| | | | | | | | - if nsswitch.conf exists, host.conf is auto-generated for compatibility with legacy applications and libraries. - if host.conf exists but nsswitch.conf does not, nsswitch.conf is auto- generated as usual.
* Do an ipf -y after bringing up ppp to ensure rules which mention ppp getdarrenr2001-10-201-0/+14
| | | | | | | matched. Moification on PR to handle ipnat not being dependant on ipfilter_enable PR: 22859
* Allow ipnat_enable to be set to "yes" without requiring ipfiltre_enable todarrenr2001-10-201-11/+16
| | | | | | be set to "yes" PR: 25223
* Put in place for using ipfs use on shutdown and startup.darrenr2001-10-201-0/+9
| | | | PR: 27070
* Handle the lack of nfs server or client support in the kernel bydougb2001-10-191-1/+12
| | | | kldload'ing the appropriate modules before enabling the service.
* Remove references to nfsiod and nfs_client_flags now that they arejhb2001-10-101-1/+0
| | | | | | obsolete. Submitted by: Gordon Tetlow <gordont@gnf.org>
* Add a new rc.conf variable, cloned_interfaces, to create clonedbrooks2001-09-191-1/+10
| | | | interfaces at boot.
* The vfs.nfs.bufpackets sysctl is in the client, not the server. Move itpeter2001-09-191-9/+8
| | | | | to the client section. Turn off nfsiod, it no longer exists (now just kthreads). I need revisit nfsiod so that we have an argument passthrough.
* Merge in patch to automagically decide whether or not a kldload of ipfilterdarrenr2001-07-301-0/+13
| | | | | | | | | | is required into rc.network. Person failed to use a real name so both email addresses from PR included (Sent was different to From). PR: 22998 Submitted by: dl@leo.org/spock@empire.trek.org
* Upgraded launchpad for kerberos. Noe kerberos IV OR kerberos 5markm2001-07-281-9/+26
| | | | may be started at boot for kerberos servers.
* Create gif devices in the "gifconfig" stage while configuring them.brooks2001-07-021-1/+1
| | | | | | Reviewed by: ru, ume Obtained from: NetBSD MFC after: 1 week
* Fix misindented esac.schweikh2001-06-161-1/+1
| | | | MFC after: 1 week
* Sync with recent KAME.ume2001-06-111-1/+1
| | | | | | | | | | | | | | | | | | This work was based on kame-20010528-freebsd43-snap.tgz and some critical problem after the snap was out were fixed. There are many many changes since last KAME merge. TODO: - The definitions of SADB_* in sys/net/pfkeyv2.h are still different from RFC2407/IANA assignment because of binary compatibility issue. It should be fixed under 5-CURRENT. - ip6po_m member of struct ip6_pktopts is no longer used. But, it is still there because of binary compatibility issue. It should be removed under 5-CURRENT. Reviewed by: itojun Obtained from: KAME MFC after: 3 weeks
* Add a missing \nbrian2001-06-101-1/+1
| | | | | | Submitted by: Andre Albsmeier <andre.albsmeier@mchp.siemens.de> PR: 28014 MFC after: 1 week
* Move gif_interfaces from an IP6 option to a regular IP option.brian2001-06-031-0/+23
| | | | | | PR: 26543 Submitted by: Brooks Davis <brooks@one-eyed-alien.net> MFC after: 3 weeks
* Restore the RSA host key to /etc/ssh/ssh_host_key.obrien2001-05-181-8/+3
| | | | Also fix $FreeBSD$ spamage in crypto/openssh/sshd_config rev. 1.16.
* Link /etc/ssh/ssh_host_key to /etc/ssh/ssh_host_rsa_key to deal withjesper2001-05-161-2/+7
| | | | | | | gratutious changes in the latest SSH Reviewed by: obrien Approved by: obrien
* s/ssh_host_key/ssh_host_rsa_key/ since that is what openssh uses nowpeter2001-05-091-2/+2
| | | | after a mergemaster.
* Axe TCP_RESTRICT_RST. It was never a particularly good idea except for a fewdes2001-03-191-7/+0
| | | | | | | very specific scenarios, and now that we have had net.inet.tcp.blackhole for quite some time there is really no reason to use it any more. (second of three commits)
OpenPOWER on IntegriCloud