]>
Commit | Line | Data |
---|---|---|
3fd5feeb MT |
1 | #!/bin/sh |
2 | ######################################################################## | |
3 | # Begin $rc_base/init.d/network | |
4 | # | |
5 | # Description : Network Control Script | |
6 | # | |
d1e90efc | 7 | # Authors : Michael Tremer - mitch@ipfire.org |
3fd5feeb | 8 | # |
9c16cd92 | 9 | # Version : 01.00 |
3fd5feeb MT |
10 | # |
11 | # Notes : Written for IPFire by its team | |
12 | # | |
13 | ######################################################################## | |
14 | ||
15 | . /etc/sysconfig/rc | |
16 | . ${rc_functions} | |
bf7c473f | 17 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) |
bf7c473f | 18 | |
6fc15159 | 19 | init_networking() { |
6fc15159 MT |
20 | boot_mesg "Loading firewall modules into the kernel" |
21 | modprobe iptable_nat || failed=1 | |
5e0f55e7 | 22 | for i in $(find /lib/modules/$(uname -r) -name nf_conntrack*); do |
50418f38 | 23 | modprobe $(basename $i | cut -d. -f1) || failed=1 |
6fc15159 | 24 | done |
5e0f55e7 | 25 | for i in $(find /lib/modules/$(uname -r) -name nf_nat*); do |
50418f38 | 26 | modprobe $(basename $i | cut -d. -f1) || failed=1 |
6fc15159 MT |
27 | done |
28 | (exit ${failed}) | |
29 | evaluate_retval | |
3a90a80c | 30 | |
e1c97b8a AF |
31 | # Enable netfilter accounting |
32 | sysctl net.netfilter.nf_conntrack_acct=1 > /dev/null | |
33 | ||
3a90a80c AF |
34 | if [ -e /var/ipfire/main/disable_nf_sip ]; then |
35 | rmmod nf_nat_sip | |
36 | rmmod nf_conntrack_sip | |
adc91020 MT |
37 | rmmod nf_nat_h323 |
38 | rmmod nf_conntrack_h323 | |
3a90a80c AF |
39 | fi |
40 | ||
6fc15159 MT |
41 | boot_mesg "Setting up firewall" |
42 | /etc/rc.d/init.d/firewall start; evaluate_retval | |
43 | ||
c130ab12 AF |
44 | # boot_mesg "Setting up traffic accounting" |
45 | # /etc/rc.d/helper/writeipac.pl || failed=1 | |
46 | # /usr/sbin/fetchipac -S || failed=1 | |
47 | # (exit ${failed}) | |
48 | # evaluate_retval | |
6fc15159 MT |
49 | |
50 | boot_mesg "Setting up DMZ pinholes" | |
51 | /usr/local/bin/setdmzholes; evaluate_retval | |
52 | ||
53 | if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
54 | boot_mesg "Setting up wireless firewall rules" | |
900832fa | 55 | /usr/local/bin/wirelessctrl; evaluate_retval |
6fc15159 MT |
56 | fi |
57 | ||
58 | /etc/rc.d/init.d/dnsmasq start | |
b5c30aea | 59 | /etc/rc.d/init.d/static-routes start |
6fc15159 MT |
60 | } |
61 | ||
37263bc1 MT |
62 | DO="${1}" |
63 | shift | |
069680ac | 64 | |
37263bc1 | 65 | if [ -n "${1}" ]; then |
d1e90efc MT |
66 | ALL=0 |
67 | for i in green red blue orange; do | |
68 | eval "${i}=0" | |
69 | done | |
37263bc1 | 70 | else |
d1e90efc MT |
71 | ALL=1 |
72 | for i in green red blue orange; do | |
73 | eval "${i}=1" | |
74 | done | |
37263bc1 | 75 | fi |
069680ac | 76 | |
37263bc1 | 77 | while [ ! $# = 0 ]; do |
d1e90efc MT |
78 | for i in green red blue orange; do |
79 | if [ "${i}" == "${1}" ]; then | |
80 | eval "${i}=1" | |
81 | shift | |
82 | fi | |
83 | done | |
37263bc1 | 84 | done |
3fd5feeb | 85 | |
37263bc1 | 86 | case "${DO}" in |
d1e90efc MT |
87 | start) |
88 | [ "${ALL}" == "1" ] && init_networking | |
89 | ||
90 | # Starting interfaces... | |
91 | # GREEN | |
92 | [ "$green" == "1" ] && /etc/rc.d/init.d/networking/green start | |
93 | ||
94 | # BLUE | |
95 | [ "$blue" == "1" ] && [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ] && \ | |
96 | /etc/rc.d/init.d/networking/blue start | |
97 | ||
98 | # ORANGE | |
99 | [ "$orange" == "1" ] && [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ] && \ | |
100 | /etc/rc.d/init.d/networking/orange start | |
101 | ||
102 | # RED | |
103 | if [ "$red" == "1" ]; then | |
104 | if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
105 | # Remove possible leftover files | |
106 | rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf} | |
107 | [ "$AUTOCONNECT" == "off" ] || /etc/rc.d/init.d/networking/red start | |
108 | fi | |
109 | fi | |
110 | ;; | |
111 | ||
112 | stop) | |
113 | # Stopping interfaces... | |
114 | # GREEN | |
115 | [ "$green" == "1" ] && /etc/rc.d/init.d/networking/green stop | |
116 | ||
117 | # BLUE | |
118 | [ "$blue" == "1" ] && [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ] && \ | |
119 | /etc/rc.d/init.d/networking/blue stop | |
120 | ||
121 | # ORANGE | |
122 | [ "$orange" == "1" ] && [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ] && \ | |
123 | /etc/rc.d/init.d/networking/orange stop | |
124 | ||
125 | # RED | |
126 | if [ "$red" == "1" ]; then | |
127 | if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then | |
128 | /etc/rc.d/init.d/networking/red stop | |
129 | fi | |
130 | fi | |
7be0be70 AF |
131 | |
132 | # Stopping dnsmasq if network all networks shutdown | |
133 | [ "${ALL}" == "1" ] && /etc/rc.d/init.d/dnsmasq stop | |
a4109682 AF |
134 | |
135 | exit 0 | |
d1e90efc MT |
136 | ;; |
137 | ||
138 | restart) | |
139 | for i in green red blue orange; do | |
140 | if [ "${!i}" == "1" ]; then | |
141 | ARGS+=" ${i}" | |
142 | fi | |
143 | done | |
144 | ${0} stop ${ARGS} | |
145 | sleep 1 | |
146 | ${0} start ${ARGS} | |
147 | ;; | |
148 | ||
149 | *) | |
150 | echo "Usage: ${0} {start|stop|restart} [device(s)]" | |
151 | exit 1 | |
152 | ;; | |
3fd5feeb MT |
153 | esac |
154 | ||
155 | # End /etc/rc.d/init.d/network |