#!/bin/sh # # network Bring up/down networking # # chkconfig: 2345 10 90 # description: Activates/Deactivates all network interfaces configured to \ # start at boot time. # probe: true # $Id: network,v 1.25 1999/10/06 16:52:37 kloczek Exp $ # NLS NLS_DOMAIN="rc-scripts" # Source function library. . /etc/rc.d/init.d/functions . /etc/rc.d/init.d/functions.network [ ! -f /etc/sysconfig/network ] && exit 0 . /etc/sysconfig/network # Check that networking is up. [ "${NETWORKING}" = "no" -o "${NETWORKING}" = "" ] && exit 0 [ -x /sbin/ip ] || exit 0 ###### # initialize networking: # - check IPv4, IPv6, IPX can be handled by system # - setup default IPv{4,6} interfaces policy like: # - forwarding, # - spoofig protection, # - icmp echo ignore broadcasts, # - setup lo interface network_init() { # Set UP loopback interface set_up_loopback # Modprobe needed devices modprobe_net # Spoofing protection && dynamic IP && port range ipv4_anti_spoofing on ipv4_dynamic_ip_patch on ipv4_local_port_range on # Others proc/sys/net proc_networking start # Setup NAT rules setup_nat on } network_postinit() { # Set static ARP table static_arp } ###### # deinitialize networking # - down lo interface. network_deinit() { # Set down NAT rules setup_nat off # Spoofing protection && dynamic IP && port range ipv4_anti_spoofing off ipv4_dynamic_ip_patch off ipv4_local_port_range off # Others proc/sys/net proc_networking stop # Set DOWN loopback interface set_down_loopback } proc_networking() { TODO="$1" # IPv4 forwarding proc_net ipv4/ip_forward $TODO 1 0 IPV4_FORWARDING "IPv4 forwarding" # IPv6 forwarding proc_net ipv6/conf/all/forwarding $TODO 1 0 IPV6_FORWARDING "IPv6 forwarding" # Others proc/net proc_net ipv4/conf/all/accept_redirects $TODO 1 0 IPV4_ACCEPT_ICMP_REDIR "" proc_net ipv4/conf/all/accept_source_route $TODO 1 1 IPV4_ACCEPT_SOURCE_ROUTE "" proc_net ipv4/conf/all/log_martians $TODO 1 0 IPV4_LOG_MARTIANS "" proc_net ipv4/conf/all/mc_forwarding $TODO 1 0 IPV4_MULTICAST "" proc_net ipv4/conf/all/proxy_arp $TODO 1 0 IPV4_PROXY_ARP "" proc_net ipv4/conf/all/secure_redirects $TODO 1 1 IPV4_ACCEPT_ICMP_REDIR_GATE "" proc_net ipv4/conf/all/send_redirects $TODO 1 1 IPV4_SEND_ICMP_REDIR "" proc_net ipv4/icmp_echo_ignore_all $TODO 1 0 IPV4_IGN_ALL_ICMP "" proc_net ipv4/icmp_echo_ignore_broadcasts $TODO 1 1 IPV4_IGN_CAST_ICMP "" proc_net ipv4/ip_no_pmtu_disc $TODO 1 0 IPV4_MTU_DISCOVERY "" proc_net ipv4/ip_masq_debug $TODO 1 0 IPV4_MASQ_DEBUGGING "" proc_net ipv4/tcp_retrans_collapse $TODO 0 1 IPV4_RETRANS_COLLAPSE "" proc_net ipv4/tcp_sack $TODO 0 1 IPV4_NO_SELECT_ACK "" proc_net ipv4/tcp_timestamps $TODO 0 1 IPV4_NO_TIMESTAMPS "" proc_net ipv4/tcp_stdurg $TODO 1 0 IPV4_RFC793 "" proc_net ipv4/tcp_syncookies $TODO 1 0 IPV4_SYN_COOKIES "" proc_net ipv4/tcp_window_scaling $TODO 1 0 IPV4_NO_WINDOW_SCALING "" } # find all the interfaces besides loopback. # ignore aliases, alternative configurations, and editor backup files interfaces="`(cd /etc/sysconfig/interfaces && ls ifcfg* | \ egrep -v '(ifcfg-lo|:)' | egrep 'ifcfg-[a-z0-9]+$' | sed 's/^ifcfg-//g' | xargs) 2> /dev/null`" interfaces_boot="`(cd /etc/sysconfig/interfaces && ls ifcfg* | \ egrep -v '(ifcfg-lo|ifcfg-sit|:)' | egrep 'ifcfg-[a-z0-9]+$' | \ xargs egrep -l "ONBOOT=[^n][^o]" | sed 's/^ifcfg-//g') 2> /dev/null`" interfaces_sit_boot="`(cd /etc/sysconfig/interfaces && ls ifcfg-sit* | \ egrep 'ifcfg-[a-z0-9]+$' | xargs egrep -l "ONBOOT=[^n][^o]" | sed 's/^ifcfg-//g') 2> /dev/null`" tunnels="`(cd /etc/sysconfig/interfaces && ls -1 tnlcfg-* | \ xargs egrep -l "ONBOOT=[^n][^o]" | sed 's/^tnlcfg-//g') 2> /dev/null`" # See how we were called. case "$1" in start) network_init for i in $interfaces_boot $interfaces_sit_boot ; do /sbin/ifup $i boot done for i in `find_ldap_interfaces` ; do /sbin/ifup $i boot done for i in $tunnels; do /sbin/tnlup $i boot /sbin/ifup tnlcfg-$i boot done network_postinit touch /var/lock/subsys/network ;; stop) for i in $tunnels; do /sbin/ifdown tnlcfg-$i boot /sbin/tnldown $i boot done for i in `find_ldap_interfaces` ; do /sbin/ifdown $i boot done for i in $interfaces_sit_boot $interfaces_boot ; do /sbin/ifdown $i boot done network_deinit rm -f /var/lock/subsys/network ;; status) nls "Configured devices:" echo "lo $interfaces" nls "Configured tunnels:" echo "$tunnels" nls "Currently active devices and tunnels:" /sbin/ip link show | egrep '^[^ ].*' |sed 's/[0-9]*: \(.*\):.*/\1/'|xargs ;; restart) $0 stop $0 start ;; *) echo "Usage: $0 {start|stop|restart|status}" exit 1 esac exit 0