#!/bin/sh # # network Bring up/down networking # # chkconfig: 2345 10 90 # description: Activates/Deactivates all network interfaces configured to \ # start at boot time. # # probe: true # $Id: network,v 1.36 2000/08/28 15:38:14 zagrodzki Exp $ # NLS NLS_DOMAIN="rc-scripts" # Source function library. . /etc/rc.d/init.d/functions . /etc/sysconfig/network-scripts/.functions [ ! -f /etc/sysconfig/network ] && exit 0 . /etc/sysconfig/network # Check that networking is up. is_no "${NETWORKING}" && exit 0 [ -x /sbin/ip ] || exit 0 ###### # initialize networking: # - check IPv4, IPv6, IPX can be handled by system # - setup default IPv{4,6} interfaces policy like: # - forwarding, # - spoofig protection, # - icmp echo ignore broadcasts, # - setup lo interface network_init() { # Set UP loopback interface set_up_loopback # Modprobe needed devices modprobe_net # Spoofing protection && dynamic IP && port range ipv4_anti_spoofing on ipv4_dynamic_ip_patch on ipv4_local_port_range on # Others proc/sys/net proc_networking start # Setup NAT rules setup_nat on setup_routes on # Setup IPX if is_yes "$IPX"; then if [ ! -z $IPXAUTOPRIMARY ] ; then /usr/bin/ipx_configure --auto_primary=$IPXAUTOPRIMARY fi if [ ! -z $IPXAUTOFRAME ] ; then /usr/bin/ipx_configure --auto_interface=$IPXAUTOFRAME fi if [ ! -z "$IPXINTERNALNETNUM" -a "$IPXINTERNALNETNUM" != "0" ]; then /usr/bin/ipx_internal_net add $IPXINTERNALNETNUM $IPXINTERNALNODENUM fi fi } network_postinit() { # Set static ARP table static_arp # Start rdisc daemon rdisc on } ###### # deinitialize networking # - down lo interface. network_deinit() { setup_routes off # Set down NAT rules setup_nat off # Shut down rdisc daemon rdisc off # Spoofing protection && dynamic IP && port range ipv4_anti_spoofing off ipv4_dynamic_ip_patch off ipv4_local_port_range off # Others proc/sys/net proc_networking stop # Set DOWN loopback interface set_down_loopback } proc_networking() { TODO="$1" # IPv4 forwarding proc_net ipv4/ip_forward $TODO 1 0 IPV4_FORWARDING "IPv4 forwarding" # IPv6 forwarding if is_yes "$IPV6_NETWORKING"; then proc_net ipv6/conf/all/forwarding $TODO 1 0 IPV6_FORWARDING "IPv6 forwarding" fi # Others proc/net proc_net ipv4/conf/all/accept_redirects $TODO 1 0 IPV4_ACCEPT_ICMP_REDIR "" proc_net ipv4/conf/all/accept_source_route $TODO 1 1 IPV4_ACCEPT_SOURCE_ROUTE "" proc_net ipv4/conf/all/log_martians $TODO 1 0 IPV4_LOG_MARTIANS "" proc_net ipv4/conf/all/mc_forwarding $TODO 1 0 IPV4_MULTICAST "" proc_net ipv4/conf/all/proxy_arp $TODO 1 0 IPV4_PROXY_ARP "" proc_net ipv4/conf/all/secure_redirects $TODO 1 1 IPV4_ACCEPT_ICMP_REDIR_GATE "" proc_net ipv4/conf/all/send_redirects $TODO 1 1 IPV4_SEND_ICMP_REDIR "" proc_net ipv4/icmp_echo_ignore_all $TODO 1 0 IPV4_IGN_ALL_ICMP "" proc_net ipv4/icmp_echo_ignore_broadcasts $TODO 1 1 IPV4_IGN_CAST_ICMP "" proc_net ipv4/ip_no_pmtu_disc $TODO 1 0 IPV4_MTU_DISCOVERY "" proc_net ipv4/ip_masq_debug $TODO 1 0 IPV4_MASQ_DEBUGGING "" proc_net ipv4/tcp_retrans_collapse $TODO 0 1 IPV4_RETRANS_COLLAPSE "" proc_net ipv4/tcp_sack $TODO 0 1 IPV4_NO_SELECT_ACK "" proc_net ipv4/tcp_timestamps $TODO 0 1 IPV4_NO_TIMESTAMPS "" proc_net ipv4/tcp_stdurg $TODO 1 0 IPV4_RFC793 "" proc_net ipv4/tcp_syncookies $TODO 1 0 IPV4_SYN_COOKIES "" proc_net ipv4/tcp_window_scaling $TODO 1 0 IPV4_NO_WINDOW_SCALING "" } # find all the interfaces besides loopback. # ignore aliases, alternative configurations, and editor backup files interfaces="`(ls /etc/sysconfig/interfaces/ifcfg* | \ egrep -v '(ifcfg-lo|:)' | egrep 'ifcfg-[a-z0-9]+$' | \ sed 's!^/etc/sysconfig/interfaces/ifcfg-!!g') 2> /dev/null`" interfaces_boot="`(alias xx="ls /etc/sysconfig/interfaces/ifcfg* |\ egrep -v '(ifcfg-lo|ifcfg-sit|:)' | egrep 'ifcfg-[a-z0-9]+$'" ; \ for i in \`xx\`; do ONBOOT=""; . $i; if is_yes "$ONBOOT"; then \ echo $i; fi; done | sed 's!^/etc/sysconfig/interfaces/ifcfg-!!g') 2> /dev/null`" interfaces_sit_boot="`(alias xx="ls /etc/sysconfig/interfaces/ifcfg-sit* | \ egrep 'ifcfg-[a-z0-9]+$'"; for i in \`xx\`; do ONBOOT=""; . $i; \ if is_yes "$ONBOOT"; then echo $i; fi; done | \ sed 's!^/etc/sysconfig/interfaces/ifcfg-!!g') 2> /dev/null`" tunnels="`(alias xx="ls /etc/sysconfig/interfaces/tnlcfg-*"; \ for i in \`xx\`; do ONBOOT=""; . $i; if is_yes "$ONBOOT"; then echo $i; \ fi; done | sed 's!^/etc/sysconfig/interfaces/tnlcfg-!!g') 2> /dev/null`" # See how we were called. case "$1" in start) network_init for i in $interfaces_boot $interfaces_sit_boot ; do /sbin/ifup $i boot done for i in `find_ldap_interfaces` ; do /sbin/ifup $i boot done for i in $tunnels; do /sbin/tnlup $i boot /sbin/ifup tnlcfg-$i boot done network_postinit touch /var/lock/subsys/network ;; stop) for i in $tunnels; do /sbin/ifdown tnlcfg-$i boot /sbin/tnldown $i boot done for i in `find_ldap_interfaces` ; do /sbin/ifdown $i boot done for i in $interfaces_sit_boot $interfaces_boot ; do /sbin/ifdown $i boot done network_deinit rm -f /var/lock/subsys/network ;; status) nls "Configured devices:" echo "lo $interfaces" nls "Configured tunnels:" echo "$tunnels" nls "Currently active devices and tunnels:" /sbin/ip link show | egrep '^[^ ].*' | sed 's/[0-9]*: \(.*\):.*/\1/' | \ awk '{ printf("%s ",$0) }'; echo ;; restart) $0 stop $0 start ;; *) echo "Usage: $0 {start|stop|restart|status}" exit 1 esac exit 0