]>
Commit | Line | Data |
---|---|---|
3fd5feeb MT |
1 | #!/bin/sh |
2 | ######################################################################## | |
3 | # Begin $rc_base/init.d/network | |
4 | # | |
5 | # Description : Network Control Script | |
6 | # | |
7 | # Authors : Michael Tremer - m.s.tremer@googlemail.com | |
8 | # | |
9c16cd92 | 9 | # Version : 01.00 |
3fd5feeb MT |
10 | # |
11 | # Notes : Written for IPFire by its team | |
12 | # | |
13 | ######################################################################## | |
14 | ||
15 | . /etc/sysconfig/rc | |
16 | . ${rc_functions} | |
bf7c473f | 17 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) |
bf7c473f | 18 | |
37263bc1 MT |
19 | DO="${1}" |
20 | shift | |
069680ac | 21 | |
37263bc1 | 22 | if [ -n "${1}" ]; then |
1b73b07e CS |
23 | ALL=0 |
24 | for i in green red blue orange; do | |
25 | eval "${i}=0" | |
26 | done | |
37263bc1 | 27 | else |
1b73b07e CS |
28 | ALL=1 |
29 | for i in green red blue orange; do | |
30 | eval "${i}=1" | |
31 | done | |
37263bc1 | 32 | fi |
069680ac | 33 | |
37263bc1 | 34 | while [ ! $# = 0 ]; do |
1b73b07e CS |
35 | for i in green red blue orange; do |
36 | if [ "${i}" == "${1}" ]; then | |
37 | eval "${i}=1" | |
38 | shift | |
39 | fi | |
40 | done | |
37263bc1 | 41 | done |
3fd5feeb | 42 | |
37263bc1 | 43 | case "${DO}" in |
1b73b07e CS |
44 | start) |
45 | if [ "${ALL}" == "1" ]; then | |
46 | boot_mesg "Loading iptables helper modules" | |
47 | modprobe iptable_nat || failed=1 | |
48 | modprobe ip_conntrack || failed=1 | |
49 | modprobe ip_conntrack_ftp || failed=1 | |
50 | modprobe ip_nat_ftp || failed=1 | |
51 | modprobe ip_conntrack_h323 || failed=1 | |
52 | modprobe ip_nat_h323 || failed=1 | |
53 | modprobe ip_conntrack_irc || failed=1 | |
54 | modprobe ip_nat_irc || failed=1 | |
55 | modprobe ip_conntrack_mms || failed=1 | |
56 | modprobe ip_nat_mms || failed=1 | |
57 | modprobe ip_conntrack_pptp || failed=1 | |
58 | modprobe ip_nat_pptp || failed=1 | |
59 | modprobe ip_conntrack_sip || failed=1 | |
60 | modprobe ip_nat_sip || failed=1 | |
61 | (exit ${failed}) | |
62 | evaluate_retval | |
63 | ||
64 | boot_mesg "Setting up IPFire firewall rules" | |
65 | /etc/rc.d/init.d/firewall start; evaluate_retval | |
66 | ||
67 | boot_mesg "Setting up IP Accounting" | |
68 | /etc/rc.d/helper/writeipac.pl || failed=1 | |
69 | /usr/sbin/fetchipac -S || failed=1 | |
70 | (exit ${failed}) | |
71 | evaluate_retval | |
72 | ||
73 | boot_mesg "Setting IPFire DMZ pinholes" | |
74 | /usr/local/bin/setdmzholes; evaluate_retval | |
75 | ||
76 | if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
77 | boot_mesg "Setting up wireless firewall rules" | |
78 | /usr/local/bin/restartwireless; evaluate_retval | |
79 | fi | |
80 | ||
81 | # Start DNSMASQ with defaults | |
82 | killall -KILL dnsmasq 2> /dev/null | |
83 | sleep 1 | |
84 | if [ "$DOMAIN_NAME_GREEN" == "" ]; then | |
85 | /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases | |
86 | else | |
87 | /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN" | |
88 | fi | |
89 | fi | |
90 | ||
91 | # Starting interfaces... | |
92 | # GREEN | |
93 | if [ "$green" == "1" ]; then | |
94 | name=green /etc/rc.d/init.d/net/ifup | |
95 | fi | |
96 | ||
97 | # BLUE | |
98 | if [ "$blue" == "1" ]; then | |
99 | if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
100 | name=blue /etc/rc.d/init.d/net/ifup | |
101 | fi | |
102 | fi | |
103 | ||
104 | # ORANGE | |
105 | if [ "$orange" == "1" ]; then | |
106 | if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then | |
107 | name=orange /etc/rc.d/init.d/net/ifup | |
108 | fi | |
109 | fi | |
110 | ||
111 | # RED | |
112 | if [ "$red" == "1" ]; then | |
113 | if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
114 | # Remove possible leftover files | |
115 | rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf} | |
116 | if [ "$AUTOCONNECT" == "off" ]; then | |
117 | echo -n # Do anything | |
118 | else | |
119 | name=red /etc/rc.d/init.d/net/ifup | |
120 | fi | |
121 | fi | |
122 | fi | |
123 | ||
124 | if [ -f "/var/ipfire/ovpn/enable" -o -f "/var/ipfire/ovpn/enable_blue" -o -f "/var/ipfire/ovpn/enable_orange" ];then | |
125 | boot_mesg "Setting OpenVPN Rules if enabled" | |
126 | /etc/rc.d/init.d/firewall startovpn; evaluate_retval | |
127 | ||
128 | boot_mesg "Setting OpenVPN if enabled" | |
129 | /usr/local/bin/openvpnctrl -s; evaluate_retval | |
130 | fi | |
bf7c473f | 131 | |
1b73b07e CS |
132 | if [ -f "/var/ipfire/snort/enable" -o -f "/var/ipfire/snort/enable_blue" -o -f "/var/ipfire/snort/enable_orange" ];then |
133 | boot_mesg "Starting Snort if enabled" | |
134 | /etc/rc.d/init.d/snort start; evaluate_retval | |
135 | fi | |
136 | ;; | |
3fd5feeb | 137 | |
1b73b07e CS |
138 | stop) |
139 | # Stopping interfaces... | |
140 | # GREEN | |
141 | if [ "$green" == "1" ]; then | |
142 | name=green /etc/rc.d/init.d/net/ifdown | |
143 | fi | |
144 | ||
145 | # BLUE | |
146 | if [ "$blue" == "1" ]; then | |
147 | if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
148 | name=blue /etc/rc.d/init.d/net/ifdown | |
149 | fi | |
150 | fi | |
151 | ||
152 | # ORANGE | |
153 | if [ "$orange" == "1" ]; then | |
154 | if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then | |
155 | name=orange /etc/rc.d/init.d/net/ifdown | |
156 | fi | |
157 | fi | |
158 | ||
159 | # RED | |
160 | if [ "$red" == "1" ]; then | |
161 | if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
162 | name=red /etc/rc.d/init.d/net/ifdown | |
163 | fi | |
164 | fi | |
165 | ||
166 | if [ -f "/var/ipfire/ovpn/enable" -o -f "/var/ipfire/ovpn/enable_blue" -o -f "/var/ipfire/ovpn/enable_orange" ];then | |
167 | boot_mesg "Deleting OpenVPN Rules if enabled" | |
168 | /etc/rc.d/init.d/firewall stopovpn; evaluate_retval | |
406f019f | 169 | |
1b73b07e CS |
170 | boot_mesg "Stopping OpenVPN if enabled" |
171 | /usr/local/bin/openvpnctrl -k; evaluate_retval | |
172 | fi | |
173 | ||
174 | if [ -f "/var/ipfire/snort/enable" -o -f "/var/ipfire/snort/enable_blue" -o -f "/var/ipfire/snort/enable_orange" ];then | |
175 | boot_mesg "Stopping Snort if enabled" | |
176 | /etc/rc.d/init.d/snort stop; evaluate_retval | |
177 | fi | |
178 | ;; | |
3fd5feeb | 179 | |
1b73b07e CS |
180 | restart) |
181 | for i in green red blue orange; do | |
182 | if [ "${!i}" == "1" ]; then | |
183 | ARGS+=" ${i}" | |
184 | fi | |
185 | done | |
186 | ${0} stop ${ARGS} | |
187 | sleep 1 | |
188 | ${0} start ${ARGS} | |
189 | ;; | |
3fd5feeb | 190 | |
1b73b07e CS |
191 | *) |
192 | echo "Usage: ${0} {start|stop|restart}" | |
193 | exit 1 | |
194 | ;; | |
3fd5feeb MT |
195 | esac |
196 | ||
197 | # End /etc/rc.d/init.d/network |