]>
Commit | Line | Data |
---|---|---|
3fd5feeb MT |
1 | #!/bin/sh |
2 | ######################################################################## | |
3 | # Begin $rc_base/init.d/network | |
4 | # | |
5 | # Description : Network Control Script | |
6 | # | |
7 | # Authors : Michael Tremer - m.s.tremer@googlemail.com | |
8 | # | |
9 | # Version : 00.00 | |
10 | # | |
11 | # Notes : Written for IPFire by its team | |
12 | # | |
13 | ######################################################################## | |
14 | ||
15 | . /etc/sysconfig/rc | |
16 | . ${rc_functions} | |
17 | . /var/ipfire/ethernet/settings | |
069680ac MT |
18 | . /var/ipfire/dhcp/settings |
19 | . /var/ipfire/ppp/settings | |
20 | . /var/ipfire/vpn/settings | |
21 | ||
22 | # This is a small wrapper for dhcpcd.exe | |
23 | if ( echo $0 | /bin/grep -q 'dhcpcd.exe' ); then | |
24 | /etc/rc.d/init.d/network red update $1 $2 | |
25 | fi | |
3fd5feeb MT |
26 | |
27 | case "${1}" in | |
28 | start) | |
29 | boot_mesg "Loading MASQ helper modules" | |
30 | modprobe iptable_nat | |
31 | modprobe ip_conntrack | |
32 | modprobe ip_conntrack_ftp | |
33 | modprobe ip_nat_ftp | |
34 | modprobe ip_conntrack_h323 | |
35 | modprobe ip_nat_h323 | |
36 | modprobe ip_conntrack_irc | |
37 | modprobe ip_nat_irc | |
38 | modprobe ip_conntrack_mms | |
39 | modprobe ip_nat_mms | |
40 | modprobe ip_conntrack_pptp | |
41 | modprobe ip_nat_pptp | |
42 | modprobe ip_conntrack_proto_gre | |
43 | modprobe ip_nat_proto_gre | |
44 | modprobe ip_conntrack_quake3 | |
45 | modprobe ip_nat_quake3 | |
46 | ||
47 | # Remove possible leftover files | |
48 | rm -f CONFIG_ROOT/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf} | |
49 | ||
50 | # This won't actually do anything unless a PCMCIA controller was | |
51 | # detected at install time, because /etc/pcmcia.conf won't exist. | |
52 | /etc/rc.d/rc.pcmcia start | |
53 | # Now, just in case we found a PCMCIA USB controller, we'll need to reload | |
54 | # the USB here. | |
55 | /usr/local/bin/resetusb | |
56 | ||
57 | # The 'for' loop force driver loading order | |
58 | for NIC in 0 1 2 3; do | |
59 | ETHX="eth${NIC}" | |
60 | if [ "$GREEN_DEV" == "$ETHX" ]; then | |
61 | if [ "$GREEN_DRIVER" != "" ]; then | |
62 | modprobe $GREEN_DRIVER $GREEN_DRIVER_OPTIONS | |
63 | evaluate_retval | |
64 | fi | |
65 | fi | |
66 | if [ "$ORANGE_DEV" == "$ETHX" ]; then | |
67 | if [ "$ORANGE_DRIVER" != "" ]; then | |
68 | modprobe $ORANGE_DRIVER $ORANGE_DRIVER_OPTIONS | |
69 | evaluate_retval | |
70 | fi | |
71 | fi | |
72 | if [ "$BLUE_DEV" == "$ETHX" ]; then | |
73 | if [ "$BLUE_DRIVER" != "" ]; then | |
74 | modprobe $BLUE_DRIVER $BLUE_DRIVER_OPTIONS | |
75 | evaluate_retval | |
76 | fi | |
77 | fi | |
78 | if [ "$RED_DEV" == "$ETHX" ]; then | |
79 | if [ "$RED_DRIVER" != "" ]; then | |
80 | modprobe $RED_DRIVER $RED_DRIVER_OPTIONS | |
81 | evaluate_retval | |
82 | fi | |
83 | fi | |
84 | done | |
85 | ||
86 | if [ -d /proc/bus/pccard ]; then | |
87 | boot_mesg "Initializing PCMCIA cardbus modems" | |
88 | modprobe serial_cb | |
89 | evaluate_retval | |
90 | fi | |
91 | ||
92 | boot_mesg "Setting up IPFire firewall rules" | |
069680ac MT |
93 | /etc/rc.d/init.d/firewall start; evaluate_retval |
94 | ||
3fd5feeb MT |
95 | boot_mesg "Setting up IP Accounting" |
96 | /etc/rc.d/helper/writeipac.pl | |
069680ac MT |
97 | /usr/sbin/fetchipac -S; evaluate_retval |
98 | ||
3fd5feeb | 99 | boot_mesg "Setting IPFire DMZ pinholes" |
069680ac | 100 | /usr/local/bin/setdmzholes; evaluate_retval |
3fd5feeb MT |
101 | |
102 | if [ "$BLUE_DEV" != "" ]; then | |
103 | boot_mesg "Setting up wireless firewall rules" | |
069680ac | 104 | /usr/local/bin/restartwireless; evaluate_retval |
3fd5feeb MT |
105 | fi |
106 | ||
069680ac MT |
107 | # Bringing interfaces up... |
108 | $0 green up | |
109 | $0 orange up | |
110 | $0 blue up | |
111 | $0 red up | |
3fd5feeb MT |
112 | |
113 | ;; | |
114 | ||
115 | stop) | |
069680ac MT |
116 | # Stopping all interfaces... |
117 | $0 red down | |
118 | $0 blue down | |
119 | $0 orange down | |
120 | $0 green down | |
3fd5feeb MT |
121 | ;; |
122 | ||
123 | restart) | |
124 | ${0} stop | |
125 | sleep 1 | |
126 | ${0} start | |
127 | ;; | |
128 | ||
069680ac MT |
129 | # |
130 | # Every interface has its own context to start/stop/restart. | |
131 | # | |
132 | green) | |
133 | case "${2}" in | |
134 | up) | |
135 | boot_mesg "Bringing green network up..." | |
136 | if [ "$GREEN_DEV" != "" ]; then | |
137 | ifconfig $GREEN_DEV $GREEN_ADDRESS netmask $GREEN_NETMASK broadcast $GREEN_BROADCAST up | |
138 | evaluate_retval | |
139 | else | |
140 | echo "WARNING: No driver set for GREEN" | |
141 | fi | |
142 | ;; | |
143 | down) | |
144 | boot_mesg "Bringing green network down..." | |
145 | ifconfig $GREEN_DEV down 2> /dev/null; evaluate_retval | |
146 | ;; | |
147 | esac | |
148 | ;; | |
149 | ||
150 | orange) | |
151 | case "${2}" in | |
152 | up) | |
153 | if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "7" ]; then | |
154 | if [ "$ORANGE_DEV" != "" ]; then | |
155 | boot_mesg "Bringing orange network up..." | |
156 | ifconfig $ORANGE_DEV $ORANGE_ADDRESS netmask $ORANGE_NETMASK broadcast $ORANGE_BROADCAST up | |
157 | evaluate_retval | |
158 | fi | |
159 | fi | |
160 | ;; | |
161 | down) | |
162 | if [ "$ORANGE_DEV" != "" ]; then | |
163 | boot_mesg "Bringing orange network down..." | |
164 | ifconfig $ORANGE_DEV down 2> /dev/null; evaluate_retval | |
165 | fi | |
166 | ;; | |
167 | esac | |
168 | ;; | |
169 | ||
170 | blue) | |
171 | case "${2}" in | |
172 | up) | |
173 | if [ "$CONFIG_TYPE" = "4" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then | |
174 | if [ "$BLUE_DEV" != "" ]; then | |
175 | boot_mesg "Bringing blue network up..." | |
176 | ifconfig $BLUE_DEV $BLUE_ADDRESS netmask $BLUE_NETMASK broadcast $BLUE_BROADCAST up | |
177 | evaluate_retval | |
178 | fi | |
179 | fi | |
180 | ;; | |
181 | down) | |
182 | if [ "$BLUE_DEV" != "" ]; then | |
183 | boot_mesg "Bringing blue network down..." | |
184 | ifconfig $BLUE_DEV down 2> /dev/null; evaluate_retval | |
185 | fi | |
186 | ;; | |
187 | esac | |
188 | ;; | |
189 | ||
190 | red) | |
191 | case "${2}" in | |
192 | up) | |
193 | boot_mesg "Bringing red network up..." | |
194 | # If RED is ethernet then check furthur... | |
195 | if [ "$CONFIG_TYPE" == "2" -o "$CONFIG_TYPE" == "3" -o "$CONFIG_TYPE" == "6" -o "$CONFIG_TYPE" == "7" ]; then | |
196 | # If we are DHCP or STATIC we have to start automatically | |
197 | if [ "$RED_TYPE" == "DHCP" -o "$RED_TYPE" == "STATIC" ]; then | |
198 | AUTOCONNECT="on" | |
199 | fi | |
200 | fi | |
201 | ||
202 | # Start DNSMASQ with defaults | |
203 | if [ "$DOMAIN_NAME_GREEN" == "" ]; then | |
204 | /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases | |
205 | else | |
206 | /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN" | |
207 | fi | |
208 | ||
209 | # Only when AUTOCONNECT is on | |
210 | if [ "$AUTOCONNECT" == "on" ]; then | |
211 | /etc/rc.d/init.d/red start; evaluate_retval | |
212 | fi | |
213 | ;; | |
214 | down) | |
215 | boot_mesg "Bringing red network down..." | |
216 | /etc/rc.d/init.d/red stop | |
217 | sleep 3 | |
218 | /etc/rc.d/init.d/red clear; evaluate_retval | |
219 | ;; | |
220 | update) | |
221 | if [ ! -e /var/lock/rc.updatered.lock ]; then | |
222 | /usr/bin/touch /var/lock/rc.updatered.lock | |
223 | /usr/bin/logger -s -p local0.info -t rc.updatered "$0 locking for $$" | |
224 | else | |
225 | count=0 | |
226 | while [ ! $count = 5 ]; do | |
227 | sleep 3 | |
228 | if [ ! -e /var/lock/rc.updatered.lock ]; then | |
229 | break | |
230 | else | |
231 | /usr/bin/logger -s -p local0.info -t rc.updatered "$0 $$ waiting unlock" | |
232 | fi | |
233 | ((++count)) | |
234 | done | |
235 | fi | |
236 | ||
237 | IFACE=`/bin/cat /var/ipfire/red/iface 2>/dev/null | /usr/bin/tr -d '\012'` | |
238 | REMOTE=`/bin/cat /var/ipfire/red/remote-ipaddress 2>/dev/null | /usr/bin/tr -d '\012'` | |
239 | ||
240 | ### | |
241 | ### Retrieve DHCP Settings | |
242 | ### | |
243 | if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then | |
244 | if [ "$RED_TYPE" = "DHCP" ]; then | |
245 | unset DNS1 DNS2 | |
246 | eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings) | |
247 | if [ "$DNS1" = "" ]; then | |
248 | echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 1` > /var/ipfire/red/dns1 | |
249 | echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 2` > /var/ipfire/red/dns2 | |
250 | else | |
251 | echo "$DNS1" > /var/ipfire/red/dns1 | |
252 | echo "$DNS2" > /var/ipfire/red/dns2 | |
253 | fi | |
254 | . /var/ipfire/dhcpc/dhcpcd-${RED_DEV}.info | |
255 | echo "$IPADDR" > /var/ipfire/red/local-ipaddress | |
256 | echo "$GATEWAY" > /var/ipfire/red/remote-ipaddress | |
257 | fi | |
258 | else | |
259 | if [ "$PROTOCOL" = "RFC1483" -a "$METHOD" = "DHCP" ]; then | |
260 | unset DNS1 DNS2 | |
261 | eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings) | |
262 | if [ "$DNS" = "Automatic" ]; then | |
263 | echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 1` > /var/ipfire/red/dns1 | |
264 | echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 2` > /var/ipfire/red/dns2 | |
265 | else | |
266 | echo "$DNS1" > /var/ipfire/red/dns1 | |
267 | echo "$DNS2" > /var/ipfire/red/dns2 | |
268 | fi | |
269 | . /var/ipfire/dhcpc/dhcpcd-${IFACE}.info | |
270 | echo $IPADDR > /var/ipfire/red/local-ipaddress | |
271 | echo $GATEWAY > /var/ipfire/red/remote-ipaddress | |
272 | fi | |
273 | fi | |
274 | ||
275 | ### | |
276 | ### Retrieve DNS settings | |
277 | ### | |
278 | DNS1=`/bin/cat /var/ipfire/red/dns1 2>/dev/null | /usr/bin/tr -d '\012'` | |
279 | DNS2=`/bin/cat /var/ipfire/red/dns2 2>/dev/null | /usr/bin/tr -d '\012'` | |
280 | echo > /var/ipfire/red/resolv.conf #clear it | |
281 | [ "$DNS1" != "" ] && echo "nameserver $DNS1" > /var/ipfire/red/resolv.conf | |
282 | [ "$DNS2" != "" ] && echo "nameserver $DNS2" >> /var/ipfire/red/resolv.conf | |
283 | ||
284 | ||
285 | ### | |
286 | ### Restart DNSMASQ | |
287 | ### | |
288 | /bin/killall -KILL dnsmasq 2> /dev/null | |
289 | sleep 1 | |
290 | ||
291 | DOMopt="" | |
292 | [ "$DOMAIN_NAME_GREEN" ] && DOMopt="-s $DOMAIN_NAME_GREEN" | |
293 | if [ -e "/var/ipfire/red/dial-on-demand" -a "$DIALONDEMANDDNS" == "on" -a ! -e "/var/ipfire/red/active" ]; then | |
294 | /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $DOMopt -r /var/ipfire/ppp/fake-resolv.conf | |
295 | else | |
296 | /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $DOMopt -r /var/ipfire/red/resolv.conf | |
297 | fi | |
298 | unset DOMopt | |
299 | ||
300 | # Reset default route to ippp0 for dial on demand | |
301 | if [ -e "/var/ipfire/red/dial-on-demand" -a "$TYPE" == "isdn" -a ! -e "/var/ipfire/red/active" ]; then | |
302 | /sbin/route del default 2> /dev/null | |
303 | if [ ! -z "$REMOTE" ]; then | |
304 | /sbin/route add default gw $REMOTE 2> /dev/null | |
305 | else | |
306 | /sbin/route add default dev ippp0 2> /dev/null | |
307 | fi | |
308 | fi | |
309 | ||
310 | if [ "$3" ]; then | |
311 | eval $(/usr/local/bin/readhash "$3") | |
312 | case "$4" in | |
313 | up) | |
314 | /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been configured with old IP=${IPADDR}" | |
315 | if [ "$RED_TYPE" != 'PPTP' ]; then | |
316 | /usr/bin/touch /var/ipfire/red/active | |
317 | fi | |
318 | ;; | |
319 | new) | |
320 | /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been configured with new IP=${IPADDR}" | |
321 | if [ -e "/var/ipfire/red/active" ]; then | |
322 | /usr/local/bin/setfilters | |
323 | /usr/local/bin/setportfw | |
324 | /usr/local/bin/setxtaccess | |
325 | /usr/local/bin/setddns.pl -f | |
326 | /usr/local/bin/restartsnort red | |
327 | sleep $VPN_DELAYED_START && /usr/local/bin/ipsecctrl S & | |
328 | /bin/rm -f /var/lock/rc.updatered.lock | |
329 | /usr/bin/logger -s -p local0.info -t rc.updatered "unlocking from $$" | |
330 | exit 0 | |
331 | else | |
332 | if [ "$RED_TYPE" != 'PPTP' ]; then | |
333 | /usr/bin/touch /var/ipfire/red/active | |
334 | fi | |
335 | fi | |
336 | ;; | |
337 | down) | |
338 | /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been brought down" | |
339 | rm -f /var/ipfire/red/active | |
340 | ;; | |
341 | esac | |
342 | fi | |
343 | ||
344 | if [ -e "/var/ipfire/red/active" ]; then | |
345 | [ "$IFACE" != "" ] && /sbin/ifconfig $IFACE -multicast | |
346 | /etc/rc.d/init.d/firewall reload | |
347 | /usr/local/bin/setfilters | |
348 | /usr/local/bin/restartsnort red | |
349 | /usr/local/bin/qosctrl restart | |
350 | /usr/local/bin/setportfw | |
351 | /usr/local/bin/setxtaccess | |
352 | /usr/local/bin/setddns.pl -f | |
353 | /etc/rc.d/helper/writeipac.pl | |
354 | /usr/sbin/fetchipac -S | |
355 | sleep $VPN_DELAYED_START && /usr/local/bin/ipsecctrl S & | |
356 | else | |
357 | /usr/local/bin/ipsecctrl D | |
358 | /etc/rc.d/init.d/firewall reload | |
359 | fi | |
360 | /bin/rm -f /var/lock/rc.updatered.lock | |
361 | /usr/bin/logger -s -p local0.info -t rc.updatered "unlocking from $$" | |
362 | ;; | |
363 | esac | |
364 | ;; | |
365 | ||
3fd5feeb MT |
366 | *) |
367 | echo "Usage: ${0} {start|stop|restart}" | |
069680ac | 368 | echo " or: ${0} {green|orange|blue|red} {up|down}" |
3fd5feeb MT |
369 | exit 1 |
370 | ;; | |
371 | esac | |
372 | ||
373 | # End /etc/rc.d/init.d/network |