[ipfire-2.x.git] / src / initscripts / init.d / network

#!/bin/sh
########################################################################
# Begin $rc_base/init.d/network
#
# Description : Network Control Script
#
# Authors     : Michael Tremer - m.s.tremer@googlemail.com
#
# Version     : 01.00
#
# Notes       : Written for IPFire by its team
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)

DO="${1}"
shift

if [ -n "${1}" ]; then
        ALL=0
        for i in green red blue orange; do      
                eval "${i}=0"
        done
else
        ALL=1
        for i in green red blue orange; do
                eval "${i}=1"
        done
fi

while [ ! $# = 0 ]; do
        for i in green red blue orange; do
                if [ "${i}" == "${1}" ]; then
                        eval "${i}=1"
                        shift
                fi
        done
done

case "${DO}" in
        start)
                if [ "${ALL}" == "1" ]; then
                        boot_mesg "Loading iptables helper modules"
                        modprobe iptable_nat || failed=1
                        modprobe ip_conntrack || failed=1
                        modprobe ip_conntrack_ftp || failed=1
                        modprobe ip_nat_ftp || failed=1
                        modprobe ip_conntrack_h323 || failed=1
                        modprobe ip_nat_h323 || failed=1
                        modprobe ip_conntrack_irc || failed=1
                        modprobe ip_nat_irc || failed=1
                        modprobe ip_conntrack_mms || failed=1
                        modprobe ip_nat_mms || failed=1
                        modprobe ip_conntrack_pptp || failed=1
                        modprobe ip_nat_pptp || failed=1
                        modprobe ip_conntrack_sip || failed=1
                        modprobe ip_nat_sip || failed=1
                        (exit ${failed})
                        evaluate_retval
                        
                        boot_mesg "Setting up IPFire firewall rules"
                        /etc/rc.d/init.d/firewall start; evaluate_retval
        
                        boot_mesg "Setting up IP Accounting"
                        /etc/rc.d/helper/writeipac.pl || failed=1
                        /usr/sbin/fetchipac -S || failed=1 
                        (exit ${failed})
                        evaluate_retval
        
                        boot_mesg "Setting IPFire DMZ pinholes"
                        /usr/local/bin/setdmzholes; evaluate_retval
        
                        if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
                                boot_mesg "Setting up wireless firewall rules"
                                /usr/local/bin/restartwireless; evaluate_retval
                        fi
                        
                        # Start DNSMASQ with defaults
                        killall -KILL dnsmasq 2> /dev/null
                        sleep 1
                        if [ "$DOMAIN_NAME_GREEN" == "" ]; then
                                /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases
                        else 
                                /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN"
                        fi
                fi
                
                # Starting interfaces...
                # GREEN
                if [ "$green" == "1" ]; then
                        name=green /etc/rc.d/init.d/net/ifup
                fi
                
                # BLUE
                if [ "$blue" == "1" ]; then
                        if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
                                name=blue /etc/rc.d/init.d/net/ifup
                        fi
                fi
                
                # ORANGE
                if [ "$orange" == "1" ]; then
                        if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
                                name=orange /etc/rc.d/init.d/net/ifup
                        fi
                fi
                
                # RED
                if [ "$red" == "1" ]; then
                        if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
                                # Remove possible leftover files
                                rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
                                if [ "$AUTOCONNECT" == "off" ]; then
                                        echo -n         # Do anything
                                else
                                        name=red /etc/rc.d/init.d/net/ifup
                                fi
                        fi
                fi
                
            	 if [ -f "/var/ipfire/ovpn/enable" -o -f "/var/ipfire/ovpn/enable_blue" -o -f "/var/ipfire/ovpn/enable_orange" ];then
          			boot_mesg "Setting OpenVPN Rules if enabled"
          			/etc/rc.d/init.d/firewall startovpn; evaluate_retval		
      		
                boot_mesg "Setting OpenVPN if enabled"
          			/usr/local/bin/openvpnctrl -s; evaluate_retval		
               fi
		
		            if [ -f "/var/ipfire/snort/enable" -o -f "/var/ipfire/snort/enable_blue" -o -f "/var/ipfire/snort/enable_orange" ];then
			           boot_mesg "Starting Snort if enabled"
			           /etc/rc.d/init.d/snort start; evaluate_retval		
                fi                                        
                ;;

        stop)
                # Stopping interfaces...
                # GREEN
                if [ "$green" == "1" ]; then
                        name=green /etc/rc.d/init.d/net/ifdown
                fi
                
                # BLUE
                if [ "$blue" == "1" ]; then
                        if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
                                name=blue /etc/rc.d/init.d/net/ifdown
                        fi
                fi
                
                # ORANGE
                if [ "$orange" == "1" ]; then
                        if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
                                name=orange /etc/rc.d/init.d/net/ifdown
                        fi
                fi
                
                # RED
                if [ "$red" == "1" ]; then
                        if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
                                name=red /etc/rc.d/init.d/net/ifdown
                        fi
                fi
                        
               	 if [ -f "/var/ipfire/ovpn/enable" -o -f "/var/ipfire/ovpn/enable_blue" -o -f "/var/ipfire/ovpn/enable_orange" ];then
	              	boot_mesg "Deleting OpenVPN Rules if enabled"
		              /etc/rc.d/init.d/firewall stopovpn; evaluate_retval		
		
		              boot_mesg "Stopping OpenVPN if enabled"
		              /usr/local/bin/openvpnctrl -k; evaluate_retval		
	              fi
	
	              if [ -f "/var/ipfire/snort/enable" -o -f "/var/ipfire/snort/enable_blue" -o -f "/var/ipfire/snort/enable_orange" ];then		
		             boot_mesg "Stopping Snort if enabled"
		             /etc/rc.d/init.d/snort stop; evaluate_retval		
	              fi
                ;;

        restart)
                for i in green red blue orange; do
                        if [ "${!i}" == "1" ]; then
                                ARGS+=" ${i}"
                        fi
                done
                ${0} stop ${ARGS}
                sleep 1
                ${0} start ${ARGS}
                ;;

        *)
                echo "Usage: ${0} {start|stop|restart}"
                exit 1
                ;;
esac

# End /etc/rc.d/init.d/network
Commit	Line	Data
3fd5feeb MT	1	#!/bin/sh
	2	########################################################################
	3	# Begin $rc_base/init.d/network
	4	#
	5	# Description : Network Control Script
	6	#
	7	# Authors : Michael Tremer - m.s.tremer@googlemail.com
	8	#
9c16cd92	9	# Version : 01.00
3fd5feeb MT	10	#
	11	# Notes : Written for IPFire by its team
	12	#
	13	########################################################################
	14
	15	. /etc/sysconfig/rc
	16	. ${rc_functions}
bf7c473f	17	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
bf7c473f	18
37263bc1 MT	19	DO="${1}"
37263bc1 MT	20	shift
069680ac	21
37263bc1	22	if [ -n "${1}" ]; then
1b73b07e CS	23	ALL=0
	24	for i in green red blue orange; do
	25	eval "${i}=0"
	26	done
37263bc1	27	else
1b73b07e CS	28	ALL=1
	29	for i in green red blue orange; do
	30	eval "${i}=1"
	31	done
37263bc1	32	fi
069680ac	33
37263bc1	34	while [ ! $# = 0 ]; do
1b73b07e CS	35	for i in green red blue orange; do
	36	if [ "${i}" == "${1}" ]; then
	37	eval "${i}=1"
	38	shift
	39	fi
	40	done
37263bc1	41	done
3fd5feeb	42
37263bc1	43	case "${DO}" in
1b73b07e CS	44	start)
	45	if [ "${ALL}" == "1" ]; then
	46	boot_mesg "Loading iptables helper modules"
	47	modprobe iptable_nat \|\| failed=1
	48	modprobe ip_conntrack \|\| failed=1
	49	modprobe ip_conntrack_ftp \|\| failed=1
	50	modprobe ip_nat_ftp \|\| failed=1
	51	modprobe ip_conntrack_h323 \|\| failed=1
	52	modprobe ip_nat_h323 \|\| failed=1
	53	modprobe ip_conntrack_irc \|\| failed=1
	54	modprobe ip_nat_irc \|\| failed=1
	55	modprobe ip_conntrack_mms \|\| failed=1
	56	modprobe ip_nat_mms \|\| failed=1
	57	modprobe ip_conntrack_pptp \|\| failed=1
	58	modprobe ip_nat_pptp \|\| failed=1
	59	modprobe ip_conntrack_sip \|\| failed=1
	60	modprobe ip_nat_sip \|\| failed=1
	61	(exit ${failed})
	62	evaluate_retval
	63
	64	boot_mesg "Setting up IPFire firewall rules"
	65	/etc/rc.d/init.d/firewall start; evaluate_retval
	66
	67	boot_mesg "Setting up IP Accounting"
	68	/etc/rc.d/helper/writeipac.pl \|\| failed=1
	69	/usr/sbin/fetchipac -S \|\| failed=1
	70	(exit ${failed})
	71	evaluate_retval
	72
	73	boot_mesg "Setting IPFire DMZ pinholes"
	74	/usr/local/bin/setdmzholes; evaluate_retval
	75
	76	if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
	77	boot_mesg "Setting up wireless firewall rules"
	78	/usr/local/bin/restartwireless; evaluate_retval
	79	fi
	80
	81	# Start DNSMASQ with defaults
	82	killall -KILL dnsmasq 2> /dev/null
	83	sleep 1
	84	if [ "$DOMAIN_NAME_GREEN" == "" ]; then
	85	/usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases
	86	else
	87	/usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN"
	88	fi
	89	fi
	90
	91	# Starting interfaces...
	92	# GREEN
	93	if [ "$green" == "1" ]; then
	94	name=green /etc/rc.d/init.d/net/ifup
	95	fi
	96
	97	# BLUE
	98	if [ "$blue" == "1" ]; then
	99	if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
	100	name=blue /etc/rc.d/init.d/net/ifup
	101	fi
	102	fi
	103
	104	# ORANGE
	105	if [ "$orange" == "1" ]; then
	106	if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
	107	name=orange /etc/rc.d/init.d/net/ifup
108	fi
109	fi
110
111	# RED
112	if [ "$red" == "1" ]; then
113	if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
114	# Remove possible leftover files
115	rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
116	if [ "$AUTOCONNECT" == "off" ]; then
117	echo -n # Do anything
118	else
119	name=red /etc/rc.d/init.d/net/ifup
120	fi
121	fi
122	fi
123
124	if [ -f "/var/ipfire/ovpn/enable" -o -f "/var/ipfire/ovpn/enable_blue" -o -f "/var/ipfire/ovpn/enable_orange" ];then
125	boot_mesg "Setting OpenVPN Rules if enabled"
126	/etc/rc.d/init.d/firewall startovpn; evaluate_retval
127
128	boot_mesg "Setting OpenVPN if enabled"
129	/usr/local/bin/openvpnctrl -s; evaluate_retval
130	fi
bf7c473f	131
1b73b07e CS	132	if [ -f "/var/ipfire/snort/enable" -o -f "/var/ipfire/snort/enable_blue" -o -f "/var/ipfire/snort/enable_orange" ];then
	133	boot_mesg "Starting Snort if enabled"
	134	/etc/rc.d/init.d/snort start; evaluate_retval
	135	fi
	136	;;
3fd5feeb	137
1b73b07e CS	138	stop)
	139	# Stopping interfaces...
	140	# GREEN
	141	if [ "$green" == "1" ]; then
	142	name=green /etc/rc.d/init.d/net/ifdown
	143	fi
	144
	145	# BLUE
	146	if [ "$blue" == "1" ]; then
	147	if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
	148	name=blue /etc/rc.d/init.d/net/ifdown
	149	fi
	150	fi
	151
	152	# ORANGE
	153	if [ "$orange" == "1" ]; then
	154	if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
	155	name=orange /etc/rc.d/init.d/net/ifdown
	156	fi
	157	fi
	158
	159	# RED
	160	if [ "$red" == "1" ]; then
	161	if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
	162	name=red /etc/rc.d/init.d/net/ifdown
	163	fi
	164	fi
	165
	166	if [ -f "/var/ipfire/ovpn/enable" -o -f "/var/ipfire/ovpn/enable_blue" -o -f "/var/ipfire/ovpn/enable_orange" ];then
	167	boot_mesg "Deleting OpenVPN Rules if enabled"
	168	/etc/rc.d/init.d/firewall stopovpn; evaluate_retval
406f019f	169
1b73b07e CS	170	boot_mesg "Stopping OpenVPN if enabled"
	171	/usr/local/bin/openvpnctrl -k; evaluate_retval
	172	fi
	173
	174	if [ -f "/var/ipfire/snort/enable" -o -f "/var/ipfire/snort/enable_blue" -o -f "/var/ipfire/snort/enable_orange" ];then
	175	boot_mesg "Stopping Snort if enabled"
	176	/etc/rc.d/init.d/snort stop; evaluate_retval
	177	fi
	178	;;
3fd5feeb	179
1b73b07e CS	180	restart)
	181	for i in green red blue orange; do
	182	if [ "${!i}" == "1" ]; then
	183	ARGS+=" ${i}"
	184	fi
	185	done
	186	${0} stop ${ARGS}
	187	sleep 1
	188	${0} start ${ARGS}
	189	;;
3fd5feeb	190
1b73b07e CS	191	*)
	192	echo "Usage: ${0} {start\|stop\|restart}"
	193	exit 1
	194	;;
3fd5feeb MT	195	esac
	196
	197	# End /etc/rc.d/init.d/network