Ich hab mal ein bisschen die Arbeit vom Cuebernommen :D
[people/pmueller/ipfire-2.x.git] / src / initscripts / init.d / network
CommitLineData
3fd5feeb
MT
1#!/bin/sh
2########################################################################
3# Begin $rc_base/init.d/network
4#
5# Description : Network Control Script
6#
7# Authors : Michael Tremer - m.s.tremer@googlemail.com
8#
9# Version : 00.00
10#
11# Notes : Written for IPFire by its team
12#
13########################################################################
14
15. /etc/sysconfig/rc
16. ${rc_functions}
17. /var/ipfire/ethernet/settings
069680ac
MT
18. /var/ipfire/dhcp/settings
19. /var/ipfire/ppp/settings
20. /var/ipfire/vpn/settings
21
22# This is a small wrapper for dhcpcd.exe
23if ( echo $0 | /bin/grep -q 'dhcpcd.exe' ); then
24 /etc/rc.d/init.d/network red update $1 $2
25fi
3fd5feeb
MT
26
27case "${1}" in
28 start)
29 boot_mesg "Loading MASQ helper modules"
30 modprobe iptable_nat
31 modprobe ip_conntrack
32 modprobe ip_conntrack_ftp
33 modprobe ip_nat_ftp
34 modprobe ip_conntrack_h323
35 modprobe ip_nat_h323
36 modprobe ip_conntrack_irc
37 modprobe ip_nat_irc
38 modprobe ip_conntrack_mms
39 modprobe ip_nat_mms
40 modprobe ip_conntrack_pptp
41 modprobe ip_nat_pptp
42 modprobe ip_conntrack_proto_gre
43 modprobe ip_nat_proto_gre
44 modprobe ip_conntrack_quake3
45 modprobe ip_nat_quake3
46
47 # Remove possible leftover files
48 rm -f CONFIG_ROOT/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
49
3fd5feeb
MT
50 # The 'for' loop force driver loading order
51 for NIC in 0 1 2 3; do
52 ETHX="eth${NIC}"
53 if [ "$GREEN_DEV" == "$ETHX" ]; then
54 if [ "$GREEN_DRIVER" != "" ]; then
55 modprobe $GREEN_DRIVER $GREEN_DRIVER_OPTIONS
56 evaluate_retval
57 fi
58 fi
59 if [ "$ORANGE_DEV" == "$ETHX" ]; then
60 if [ "$ORANGE_DRIVER" != "" ]; then
61 modprobe $ORANGE_DRIVER $ORANGE_DRIVER_OPTIONS
62 evaluate_retval
63 fi
64 fi
65 if [ "$BLUE_DEV" == "$ETHX" ]; then
66 if [ "$BLUE_DRIVER" != "" ]; then
67 modprobe $BLUE_DRIVER $BLUE_DRIVER_OPTIONS
68 evaluate_retval
69 fi
70 fi
71 if [ "$RED_DEV" == "$ETHX" ]; then
72 if [ "$RED_DRIVER" != "" ]; then
73 modprobe $RED_DRIVER $RED_DRIVER_OPTIONS
74 evaluate_retval
75 fi
76 fi
77 done
78
3fd5feeb 79 boot_mesg "Setting up IPFire firewall rules"
069680ac
MT
80 /etc/rc.d/init.d/firewall start; evaluate_retval
81
3fd5feeb
MT
82 boot_mesg "Setting up IP Accounting"
83 /etc/rc.d/helper/writeipac.pl
069680ac
MT
84 /usr/sbin/fetchipac -S; evaluate_retval
85
3fd5feeb 86 boot_mesg "Setting IPFire DMZ pinholes"
069680ac 87 /usr/local/bin/setdmzholes; evaluate_retval
3fd5feeb
MT
88
89 if [ "$BLUE_DEV" != "" ]; then
90 boot_mesg "Setting up wireless firewall rules"
069680ac 91 /usr/local/bin/restartwireless; evaluate_retval
3fd5feeb
MT
92 fi
93
069680ac
MT
94 # Bringing interfaces up...
95 $0 green up
96 $0 orange up
97 $0 blue up
98 $0 red up
3fd5feeb
MT
99
100 ;;
101
102 stop)
069680ac
MT
103 # Stopping all interfaces...
104 $0 red down
105 $0 blue down
106 $0 orange down
107 $0 green down
3fd5feeb
MT
108 ;;
109
110 restart)
111 ${0} stop
112 sleep 1
113 ${0} start
114 ;;
115
069680ac
MT
116 #
117 # Every interface has its own context to start/stop/restart.
118 #
119 green)
120 case "${2}" in
121 up)
122 boot_mesg "Bringing green network up..."
123 if [ "$GREEN_DEV" != "" ]; then
124 ifconfig $GREEN_DEV $GREEN_ADDRESS netmask $GREEN_NETMASK broadcast $GREEN_BROADCAST up
125 evaluate_retval
126 else
127 echo "WARNING: No driver set for GREEN"
128 fi
129 ;;
130 down)
131 boot_mesg "Bringing green network down..."
132 ifconfig $GREEN_DEV down 2> /dev/null; evaluate_retval
133 ;;
134 esac
135 ;;
136
137 orange)
138 case "${2}" in
139 up)
140 if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "7" ]; then
141 if [ "$ORANGE_DEV" != "" ]; then
142 boot_mesg "Bringing orange network up..."
143 ifconfig $ORANGE_DEV $ORANGE_ADDRESS netmask $ORANGE_NETMASK broadcast $ORANGE_BROADCAST up
144 evaluate_retval
145 fi
146 fi
147 ;;
148 down)
149 if [ "$ORANGE_DEV" != "" ]; then
150 boot_mesg "Bringing orange network down..."
151 ifconfig $ORANGE_DEV down 2> /dev/null; evaluate_retval
152 fi
153 ;;
154 esac
155 ;;
156
157 blue)
158 case "${2}" in
159 up)
160 if [ "$CONFIG_TYPE" = "4" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then
161 if [ "$BLUE_DEV" != "" ]; then
162 boot_mesg "Bringing blue network up..."
163 ifconfig $BLUE_DEV $BLUE_ADDRESS netmask $BLUE_NETMASK broadcast $BLUE_BROADCAST up
164 evaluate_retval
165 fi
166 fi
167 ;;
168 down)
169 if [ "$BLUE_DEV" != "" ]; then
170 boot_mesg "Bringing blue network down..."
171 ifconfig $BLUE_DEV down 2> /dev/null; evaluate_retval
172 fi
173 ;;
174 esac
175 ;;
176
177 red)
178 case "${2}" in
179 up)
180 boot_mesg "Bringing red network up..."
181 # If RED is ethernet then check furthur...
182 if [ "$CONFIG_TYPE" == "2" -o "$CONFIG_TYPE" == "3" -o "$CONFIG_TYPE" == "6" -o "$CONFIG_TYPE" == "7" ]; then
183 # If we are DHCP or STATIC we have to start automatically
184 if [ "$RED_TYPE" == "DHCP" -o "$RED_TYPE" == "STATIC" ]; then
185 AUTOCONNECT="on"
186 fi
187 fi
188
189 # Start DNSMASQ with defaults
190 if [ "$DOMAIN_NAME_GREEN" == "" ]; then
191 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases
192 else
193 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN"
194 fi
195
196 # Only when AUTOCONNECT is on
197 if [ "$AUTOCONNECT" == "on" ]; then
198 /etc/rc.d/init.d/red start; evaluate_retval
199 fi
200 ;;
201 down)
202 boot_mesg "Bringing red network down..."
203 /etc/rc.d/init.d/red stop
204 sleep 3
205 /etc/rc.d/init.d/red clear; evaluate_retval
206 ;;
207 update)
208 if [ ! -e /var/lock/rc.updatered.lock ]; then
209 /usr/bin/touch /var/lock/rc.updatered.lock
210 /usr/bin/logger -s -p local0.info -t rc.updatered "$0 locking for $$"
211 else
212 count=0
213 while [ ! $count = 5 ]; do
214 sleep 3
215 if [ ! -e /var/lock/rc.updatered.lock ]; then
216 break
217 else
218 /usr/bin/logger -s -p local0.info -t rc.updatered "$0 $$ waiting unlock"
219 fi
220 ((++count))
221 done
222 fi
223
224 IFACE=`/bin/cat /var/ipfire/red/iface 2>/dev/null | /usr/bin/tr -d '\012'`
225 REMOTE=`/bin/cat /var/ipfire/red/remote-ipaddress 2>/dev/null | /usr/bin/tr -d '\012'`
226
227 ###
228 ### Retrieve DHCP Settings
229 ###
230 if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then
231 if [ "$RED_TYPE" = "DHCP" ]; then
232 unset DNS1 DNS2
233 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
234 if [ "$DNS1" = "" ]; then
235 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 1` > /var/ipfire/red/dns1
236 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 2` > /var/ipfire/red/dns2
237 else
238 echo "$DNS1" > /var/ipfire/red/dns1
239 echo "$DNS2" > /var/ipfire/red/dns2
240 fi
241 . /var/ipfire/dhcpc/dhcpcd-${RED_DEV}.info
242 echo "$IPADDR" > /var/ipfire/red/local-ipaddress
243 echo "$GATEWAY" > /var/ipfire/red/remote-ipaddress
244 fi
245 else
246 if [ "$PROTOCOL" = "RFC1483" -a "$METHOD" = "DHCP" ]; then
247 unset DNS1 DNS2
248 eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
249 if [ "$DNS" = "Automatic" ]; then
250 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 1` > /var/ipfire/red/dns1
251 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 2` > /var/ipfire/red/dns2
252 else
253 echo "$DNS1" > /var/ipfire/red/dns1
254 echo "$DNS2" > /var/ipfire/red/dns2
255 fi
256 . /var/ipfire/dhcpc/dhcpcd-${IFACE}.info
257 echo $IPADDR > /var/ipfire/red/local-ipaddress
258 echo $GATEWAY > /var/ipfire/red/remote-ipaddress
259 fi
260 fi
261
262 ###
263 ### Retrieve DNS settings
264 ###
265 DNS1=`/bin/cat /var/ipfire/red/dns1 2>/dev/null | /usr/bin/tr -d '\012'`
266 DNS2=`/bin/cat /var/ipfire/red/dns2 2>/dev/null | /usr/bin/tr -d '\012'`
267 echo > /var/ipfire/red/resolv.conf #clear it
268 [ "$DNS1" != "" ] && echo "nameserver $DNS1" > /var/ipfire/red/resolv.conf
269 [ "$DNS2" != "" ] && echo "nameserver $DNS2" >> /var/ipfire/red/resolv.conf
270
271
272 ###
273 ### Restart DNSMASQ
274 ###
275 /bin/killall -KILL dnsmasq 2> /dev/null
276 sleep 1
277
278 DOMopt=""
279 [ "$DOMAIN_NAME_GREEN" ] && DOMopt="-s $DOMAIN_NAME_GREEN"
280 if [ -e "/var/ipfire/red/dial-on-demand" -a "$DIALONDEMANDDNS" == "on" -a ! -e "/var/ipfire/red/active" ]; then
281 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $DOMopt -r /var/ipfire/ppp/fake-resolv.conf
282 else
283 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $DOMopt -r /var/ipfire/red/resolv.conf
284 fi
285 unset DOMopt
286
287 # Reset default route to ippp0 for dial on demand
288 if [ -e "/var/ipfire/red/dial-on-demand" -a "$TYPE" == "isdn" -a ! -e "/var/ipfire/red/active" ]; then
289 /sbin/route del default 2> /dev/null
290 if [ ! -z "$REMOTE" ]; then
291 /sbin/route add default gw $REMOTE 2> /dev/null
292 else
293 /sbin/route add default dev ippp0 2> /dev/null
294 fi
295 fi
296
297 if [ "$3" ]; then
298 eval $(/usr/local/bin/readhash "$3")
299 case "$4" in
300 up)
301 /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been configured with old IP=${IPADDR}"
302 if [ "$RED_TYPE" != 'PPTP' ]; then
303 /usr/bin/touch /var/ipfire/red/active
304 fi
305 ;;
306 new)
307 /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been configured with new IP=${IPADDR}"
308 if [ -e "/var/ipfire/red/active" ]; then
309 /usr/local/bin/setfilters
310 /usr/local/bin/setportfw
311 /usr/local/bin/setxtaccess
312 /usr/local/bin/setddns.pl -f
313 /usr/local/bin/restartsnort red
314 sleep $VPN_DELAYED_START && /usr/local/bin/ipsecctrl S &
315 /bin/rm -f /var/lock/rc.updatered.lock
316 /usr/bin/logger -s -p local0.info -t rc.updatered "unlocking from $$"
317 exit 0
318 else
319 if [ "$RED_TYPE" != 'PPTP' ]; then
320 /usr/bin/touch /var/ipfire/red/active
321 fi
322 fi
323 ;;
324 down)
325 /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been brought down"
326 rm -f /var/ipfire/red/active
327 ;;
328 esac
329 fi
330
331 if [ -e "/var/ipfire/red/active" ]; then
332 [ "$IFACE" != "" ] && /sbin/ifconfig $IFACE -multicast
333 /etc/rc.d/init.d/firewall reload
334 /usr/local/bin/setfilters
335 /usr/local/bin/restartsnort red
336 /usr/local/bin/qosctrl restart
337 /usr/local/bin/setportfw
338 /usr/local/bin/setxtaccess
339 /usr/local/bin/setddns.pl -f
340 /etc/rc.d/helper/writeipac.pl
341 /usr/sbin/fetchipac -S
342 sleep $VPN_DELAYED_START && /usr/local/bin/ipsecctrl S &
343 else
344 /usr/local/bin/ipsecctrl D
345 /etc/rc.d/init.d/firewall reload
346 fi
347 /bin/rm -f /var/lock/rc.updatered.lock
348 /usr/bin/logger -s -p local0.info -t rc.updatered "unlocking from $$"
349 ;;
350 esac
351 ;;
352
3fd5feeb
MT
353 *)
354 echo "Usage: ${0} {start|stop|restart}"
069680ac 355 echo " or: ${0} {green|orange|blue|red} {up|down}"
3fd5feeb
MT
356 exit 1
357 ;;
358esac
359
360# End /etc/rc.d/init.d/network