[projects/rc-scripts.git] / rc.d / init.d / network

#!/bin/sh
#
# network       Bring up/down networking
#
# chkconfig: 2345 10 90
# description: Activates/Deactivates all network interfaces configured to \
#              start at boot time.
# probe: true

# Source function library.
. /etc/rc.d/init.d/functions

if [ ! -f /etc/sysconfig/network ]; then
	NETWORKING="no"
	exit 0
fi

. /etc/sysconfig/network

if [ "${NETWORKING}" = "" ]; then
	NETWORKING="no"
fi

if [ -f /etc/sysconfig/pcmcia ]; then
	. /etc/sysconfig/pcmcia
fi

if [ -f /etc/sysconfig/network-ip6 ]; then
       . /etc/sysconfig/network-ip6
fi


# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 0

[ -x /sbin/ifconfig ] || exit 0

# Load IPv6 module
if [ "${IPV6NETWORKING}" = "yes" ]; then
       if [ -r /lib/modules/`uname -r`/ipv6/ipv6.o ]; then
       /sbin/modprobe net-pf-10
       fi
fi

# Even if IPX is configured, without the utilities we can't do much
[ ! -x /usr/bin/ipx_internal_net -o ! -x /usr/bin/ipx_configure ] && IPX=

cd /etc/sysconfig/interfaces

# find all the interfaces besides loopback.
# ignore aliases, alternative configurations, and editor backup files
interfaces=`ls -1 | egrep -v ':' | egrep -v '^(lo|data)$' | egrep '[a-z0-9]+$'`

ipv4_forward_set ()
{
	# Turn IP forwarding on or off. We do this before bringing up the
	# interfaces to make sure we don't forward when we shouldn't, and
	# we do it even if networking isn't configured (why not?).
	if [ -d /proc/sys/net/ipv4 ]; then
	    # people could have left this out of their kernel, which isn't
	    # exactly an error
	    if [ ! -f /proc/sys/net/ipv4/ip_forward ] ; then
		echo "/proc/sys/net/ipv4/ip_forward is missing --" \
			"cannot control IP forwarding" >&2
	    else
		if [ "$FORWARD_IPV4" = "no" -o "$FORWARD_IPV4" = "false" ]; then
		    value=0
		    message="Disabling IPv4 packet forwarding"
		else
		    value=1
		    message="Enabling IPv4 packet forwarding"
		fi

		if [ $value != `cat /proc/sys/net/ipv4/ip_forward` ]; then
		    show $message
		    busy
		    echo "$value" > /proc/sys/net/ipv4/ip_forward
		    deltext; ok
		fi
	    fi
	fi
}

ipv4_spoofing_protection ()
 {
        if [ -d /proc/sys/net/ipv4 ]; then
            # people could have left this out of their kernel, which isn't
            # exactly an error
            if [ ! -f /proc/sys/net/ipv4/conf/all/rp_filter ] ; then
                echo "/proc/sys/net/ipv4/conf/all/rp_filter is missing --" \
                        "cannot control IP spoofing protection" >&2
            else
               if [ "$SPOOFING_IPV4" = "no" -o "$SPOOFING_IPV4" = "false" ]; then
                    value=0
                    message="Disabling IPv4 spoofing protection"
                else
                    value=1
                    message="Enabling IPv4 spoofing protection"
                fi

                if [ $value != `cat /proc/sys/net/ipv4/conf/all/rp_filter` ]; then
                    show $message
                    busy
                   for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
                        echo $value > $f
                   done
                    deltext
                    ok
                fi
            fi
       fi
}

ipv4_icmp_echo_ignore_broadcasts ()
{
        if [ -d /proc/sys/net/ipv4 ]; then
            # people could have left this out of their kernel, which isn't
            # exactly an error
            if [ ! -f /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts ] ; then
                echo "/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts is missing --" \
                        "cannot control IP ignoring icmp to broadcasts" >&2
            else
                if [ "$IGNORE_ICMP_BCAST_IPV4" = "no" -o "$IGNORE_ICMP_BCAST_IPV4" = "false" ]; then
                    value=0
                    message="Disabling IPv4 ign icmp_echo to our bcasts"
                else
                    value=1
                    message="Enabling IPv4 ign icmp_echo to our bcasts"
                fi

                if [ $value != `cat /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts` ]; then
                    show $message
                    busy
                    echo "$value" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
                    deltext
                    ok
                fi
            fi
       fi
 }

# See how we were called.
case "$1" in
  start)
	ipv4_forward_set
	ipv4_icmp_echo_ignore_broadcasts

	/sbin/ifup lo

	case "$IPX" in
	  yes|true)
	    /usr/bin/ipx_configure --auto_primary=$IPXAUTOPRIMARY \
				   --auto_interface=$IPXAUTOFRAME
	    /usr/bin/ipx_internal_net add $IPXINTERNALNETNUM $IPXINTERNALNODENUM
	    ;;
	esac

	for i in $interfaces; do
		[ -f $i ] && /sbin/ifup $i boot
	done

	ipv4_spoofing_protection

        touch /var/lock/subsys/network
        ;;
  stop)
	SPOOFING_IPV4=no
	ipv4_spoofing_protection

	for i in $interfaces; do
		[ -f $i ] && /sbin/ifdown $i boot
	done
	case "$IPX" in
	  yes|true)
	    /usr/bin/ipx_internal_net del
	    ;;
	esac
	/sbin/ifdown lo
	show "Disabling IPv4 packet forwarding"
	busy
	echo 0 > /proc/sys/net/ipv4/ip_forward
	deltext; ok

	IGNORE_ICMP_BCAST_IPV4=no
	ipv4_icmp_echo_ignore_broadcasts

        rm -f /var/lock/subsys/network
        ;;
  status)
	echo "Configured devices:"
	echo lo $interfaces

	echo "Currently active devices:"
	echo `/sbin/ifconfig | grep ^[a-z] | awk '{print $1}'`
	;;
  restart)
	$0 stop
	$0 start
	;;
  *)
        echo "Usage: network {start|stop|restart|status}"
        exit 1
esac

exit 0
Commit	Line	Data
12de71be	1	#!/bin/sh
7742e157 AF	2	#
	3	# network Bring up/down networking
	4	#
12de71be	5	# chkconfig: 2345 10 90
7742e157 AF	6	# description: Activates/Deactivates all network interfaces configured to \
	7	# start at boot time.
	8	# probe: true
	9
	10	# Source function library.
	11	. /etc/rc.d/init.d/functions
	12
	13	if [ ! -f /etc/sysconfig/network ]; then
45e88cd0	14	NETWORKING="no"
45e88cd0	15	exit 0
7742e157 AF	16	fi
	17
	18	. /etc/sysconfig/network
	19
45e88cd0	20	if [ "${NETWORKING}" = "" ]; then
	21	NETWORKING="no"
	22	fi
	23
7742e157 AF	24	if [ -f /etc/sysconfig/pcmcia ]; then
	25	. /etc/sysconfig/pcmcia
	26	fi
	27
	28	if [ -f /etc/sysconfig/network-ip6 ]; then
12de71be	29	. /etc/sysconfig/network-ip6
7742e157 AF	30	fi
7742e157 AF	31
12de71be	32
7742e157	33	# Check that networking is up.
12de71be	34	[ "${NETWORKING}" = "no" ] && exit 0
7742e157 AF	35
	36	[ -x /sbin/ifconfig ] \|\| exit 0
	37
	38	# Load IPv6 module
6e968d25	39	if [ "${IPV6NETWORKING}" = "yes" ]; then
12de71be	40	if [ -r /lib/modules/`uname -r`/ipv6/ipv6.o ]; then
	41	/sbin/modprobe net-pf-10
	42	fi
7742e157 AF	43	fi
	44
	45	# Even if IPX is configured, without the utilities we can't do much
	46	[ ! -x /usr/bin/ipx_internal_net -o ! -x /usr/bin/ipx_configure ] && IPX=
	47
6e968d25	48	cd /etc/sysconfig/interfaces
7742e157 AF	49
	50	# find all the interfaces besides loopback.
	51	# ignore aliases, alternative configurations, and editor backup files
6e968d25	52	interfaces=`ls -1 \| egrep -v ':' \| egrep -v '^(lo\|data)$' \| egrep '[a-z0-9]+$'`
7742e157 AF	53
	54	ipv4_forward_set ()
	55	{
	56	# Turn IP forwarding on or off. We do this before bringing up the
	57	# interfaces to make sure we don't forward when we shouldn't, and
	58	# we do it even if networking isn't configured (why not?).
	59	if [ -d /proc/sys/net/ipv4 ]; then
	60	# people could have left this out of their kernel, which isn't
	61	# exactly an error
	62	if [ ! -f /proc/sys/net/ipv4/ip_forward ] ; then
	63	echo "/proc/sys/net/ipv4/ip_forward is missing --" \
	64	"cannot control IP forwarding" >&2
	65	else
	66	if [ "$FORWARD_IPV4" = "no" -o "$FORWARD_IPV4" = "false" ]; then
	67	value=0
6955eb97	68	message="Disabling IPv4 packet forwarding"
7742e157 AF	69	else
7742e157 AF	70	value=1
6955eb97	71	message="Enabling IPv4 packet forwarding"
7742e157 AF	72	fi
	73
	74	if [ $value != `cat /proc/sys/net/ipv4/ip_forward` ]; then
	75	show $message
	76	busy
	77	echo "$value" > /proc/sys/net/ipv4/ip_forward
12de71be	78	deltext; ok
7742e157 AF	79	fi
	80	fi
	81	fi
	82	}
	83
12de71be	84	ipv4_spoofing_protection ()
	85	{
	86	if [ -d /proc/sys/net/ipv4 ]; then
	87	# people could have left this out of their kernel, which isn't
	88	# exactly an error
	89	if [ ! -f /proc/sys/net/ipv4/conf/all/rp_filter ] ; then
	90	echo "/proc/sys/net/ipv4/conf/all/rp_filter is missing --" \
	91	"cannot control IP spoofing protection" >&2
	92	else
	93	if [ "$SPOOFING_IPV4" = "no" -o "$SPOOFING_IPV4" = "false" ]; then
	94	value=0
6955eb97	95	message="Disabling IPv4 spoofing protection"
12de71be	96	else
12de71be	97	value=1
6955eb97	98	message="Enabling IPv4 spoofing protection"
12de71be	99	fi
	100
	101	if [ $value != `cat /proc/sys/net/ipv4/conf/all/rp_filter` ]; then
	102	show $message
	103	busy
	104	for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
	105	echo $value > $f
	106	done
	107	deltext
	108	ok
	109	fi
	110	fi
	111	fi
7742e157 AF	112	}
7742e157 AF	113
12de71be	114	ipv4_icmp_echo_ignore_broadcasts ()
	115	{
	116	if [ -d /proc/sys/net/ipv4 ]; then
	117	# people could have left this out of their kernel, which isn't
	118	# exactly an error
	119	if [ ! -f /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts ] ; then
	120	echo "/proc/sys/net/ipv4/icmp_echo_ignore_broadcasts is missing --" \
	121	"cannot control IP ignoring icmp to broadcasts" >&2
	122	else
	123	if [ "$IGNORE_ICMP_BCAST_IPV4" = "no" -o "$IGNORE_ICMP_BCAST_IPV4" = "false" ]; then
	124	value=0
6955eb97	125	message="Disabling IPv4 ign icmp_echo to our bcasts"
12de71be	126	else
12de71be	127	value=1
6955eb97	128	message="Enabling IPv4 ign icmp_echo to our bcasts"
12de71be	129	fi
	130
	131	if [ $value != `cat /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts` ]; then
	132	show $message
	133	busy
	134	echo "$value" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
	135	deltext
	136	ok
	137	fi
	138	fi
	139	fi
	140	}
	141
7742e157 AF	142	# See how we were called.
	143	case "$1" in
	144	start)
	145	ipv4_forward_set
12de71be	146	ipv4_icmp_echo_ignore_broadcasts
7742e157	147
6e968d25	148	/sbin/ifup lo
7742e157 AF	149
	150	case "$IPX" in
	151	yes\|true)
	152	/usr/bin/ipx_configure --auto_primary=$IPXAUTOPRIMARY \
	153	--auto_interface=$IPXAUTOFRAME
	154	/usr/bin/ipx_internal_net add $IPXINTERNALNETNUM $IPXINTERNALNODENUM
	155	;;
	156	esac
	157
	158	for i in $interfaces; do
6e968d25	159	[ -f $i ] && /sbin/ifup $i boot
7742e157 AF	160	done
7742e157 AF	161
12de71be	162	ipv4_spoofing_protection
7742e157 AF	163
	164	touch /var/lock/subsys/network
	165	;;
	166	stop)
12de71be	167	SPOOFING_IPV4=no
	168	ipv4_spoofing_protection
	169
7742e157	170	for i in $interfaces; do
6e968d25	171	[ -f $i ] && /sbin/ifdown $i boot
7742e157 AF	172	done
	173	case "$IPX" in
	174	yes\|true)
	175	/usr/bin/ipx_internal_net del
	176	;;
	177	esac
6e968d25	178	/sbin/ifdown lo
6955eb97	179	show "Disabling IPv4 packet forwarding"
12de71be	180	busy
7742e157	181	echo 0 > /proc/sys/net/ipv4/ip_forward
12de71be	182	deltext; ok
	183
	184	IGNORE_ICMP_BCAST_IPV4=no
	185	ipv4_icmp_echo_ignore_broadcasts
	186
7742e157 AF	187	rm -f /var/lock/subsys/network
	188	;;
	189	status)
	190	echo "Configured devices:"
	191	echo lo $interfaces
	192
12de71be	193	echo "Currently active devices:"
12de71be	194	echo `/sbin/ifconfig \| grep ^[a-z] \| awk '{print $1}'`
7742e157 AF	195	;;
	196	restart)
	197	$0 stop
	198	$0 start
	199	;;
7742e157	200	*)
12de71be	201	echo "Usage: network {start\|stop\|restart\|status}"
7742e157 AF	202	exit 1
	203	esac
	204
	205	exit 0