]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/initscripts/init.d/network
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Netzwerkscript beinahe vollendet.
[people/pmueller/ipfire-2.x.git] / src / initscripts / init.d / network
1 #!/bin/sh
2 ########################################################################
3 # Begin $rc_base/init.d/network
4 #
5 # Description : Network Control Script
6 #
7 # Authors : Michael Tremer - m.s.tremer@googlemail.com
8 #
9 # Version : 00.00
10 #
11 # Notes : Written for IPFire by its team
12 #
13 ########################################################################
14
15 . /etc/sysconfig/rc
16 . ${rc_functions}
17 . /var/ipfire/ethernet/settings
18 . /var/ipfire/dhcp/settings
19 . /var/ipfire/ppp/settings
20 . /var/ipfire/vpn/settings
21
22 # This is a small wrapper for dhcpcd.exe
23 if ( echo $0 | /bin/grep -q 'dhcpcd.exe' ); then
24 /etc/rc.d/init.d/network red update $1 $2
25 fi
26
27 case "${1}" in
28 start)
29 boot_mesg "Loading MASQ helper modules"
30 modprobe iptable_nat
31 modprobe ip_conntrack
32 modprobe ip_conntrack_ftp
33 modprobe ip_nat_ftp
34 modprobe ip_conntrack_h323
35 modprobe ip_nat_h323
36 modprobe ip_conntrack_irc
37 modprobe ip_nat_irc
38 modprobe ip_conntrack_mms
39 modprobe ip_nat_mms
40 modprobe ip_conntrack_pptp
41 modprobe ip_nat_pptp
42 modprobe ip_conntrack_proto_gre
43 modprobe ip_nat_proto_gre
44 modprobe ip_conntrack_quake3
45 modprobe ip_nat_quake3
46
47 # Remove possible leftover files
48 rm -f CONFIG_ROOT/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
49
50 # This won't actually do anything unless a PCMCIA controller was
51 # detected at install time, because /etc/pcmcia.conf won't exist.
52 /etc/rc.d/rc.pcmcia start
53 # Now, just in case we found a PCMCIA USB controller, we'll need to reload
54 # the USB here.
55 /usr/local/bin/resetusb
56
57 # The 'for' loop force driver loading order
58 for NIC in 0 1 2 3; do
59 ETHX="eth${NIC}"
60 if [ "$GREEN_DEV" == "$ETHX" ]; then
61 if [ "$GREEN_DRIVER" != "" ]; then
62 modprobe $GREEN_DRIVER $GREEN_DRIVER_OPTIONS
63 evaluate_retval
64 fi
65 fi
66 if [ "$ORANGE_DEV" == "$ETHX" ]; then
67 if [ "$ORANGE_DRIVER" != "" ]; then
68 modprobe $ORANGE_DRIVER $ORANGE_DRIVER_OPTIONS
69 evaluate_retval
70 fi
71 fi
72 if [ "$BLUE_DEV" == "$ETHX" ]; then
73 if [ "$BLUE_DRIVER" != "" ]; then
74 modprobe $BLUE_DRIVER $BLUE_DRIVER_OPTIONS
75 evaluate_retval
76 fi
77 fi
78 if [ "$RED_DEV" == "$ETHX" ]; then
79 if [ "$RED_DRIVER" != "" ]; then
80 modprobe $RED_DRIVER $RED_DRIVER_OPTIONS
81 evaluate_retval
82 fi
83 fi
84 done
85
86 if [ -d /proc/bus/pccard ]; then
87 boot_mesg "Initializing PCMCIA cardbus modems"
88 modprobe serial_cb
89 evaluate_retval
90 fi
91
92 boot_mesg "Setting up IPFire firewall rules"
93 /etc/rc.d/init.d/firewall start; evaluate_retval
94
95 boot_mesg "Setting up IP Accounting"
96 /etc/rc.d/helper/writeipac.pl
97 /usr/sbin/fetchipac -S; evaluate_retval
98
99 boot_mesg "Setting IPFire DMZ pinholes"
100 /usr/local/bin/setdmzholes; evaluate_retval
101
102 if [ "$BLUE_DEV" != "" ]; then
103 boot_mesg "Setting up wireless firewall rules"
104 /usr/local/bin/restartwireless; evaluate_retval
105 fi
106
107 # Bringing interfaces up...
108 $0 green up
109 $0 orange up
110 $0 blue up
111 $0 red up
112
113 ;;
114
115 stop)
116 # Stopping all interfaces...
117 $0 red down
118 $0 blue down
119 $0 orange down
120 $0 green down
121 ;;
122
123 restart)
124 ${0} stop
125 sleep 1
126 ${0} start
127 ;;
128
129 #
130 # Every interface has its own context to start/stop/restart.
131 #
132 green)
133 case "${2}" in
134 up)
135 boot_mesg "Bringing green network up..."
136 if [ "$GREEN_DEV" != "" ]; then
137 ifconfig $GREEN_DEV $GREEN_ADDRESS netmask $GREEN_NETMASK broadcast $GREEN_BROADCAST up
138 evaluate_retval
139 else
140 echo "WARNING: No driver set for GREEN"
141 fi
142 ;;
143 down)
144 boot_mesg "Bringing green network down..."
145 ifconfig $GREEN_DEV down 2> /dev/null; evaluate_retval
146 ;;
147 esac
148 ;;
149
150 orange)
151 case "${2}" in
152 up)
153 if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "7" ]; then
154 if [ "$ORANGE_DEV" != "" ]; then
155 boot_mesg "Bringing orange network up..."
156 ifconfig $ORANGE_DEV $ORANGE_ADDRESS netmask $ORANGE_NETMASK broadcast $ORANGE_BROADCAST up
157 evaluate_retval
158 fi
159 fi
160 ;;
161 down)
162 if [ "$ORANGE_DEV" != "" ]; then
163 boot_mesg "Bringing orange network down..."
164 ifconfig $ORANGE_DEV down 2> /dev/null; evaluate_retval
165 fi
166 ;;
167 esac
168 ;;
169
170 blue)
171 case "${2}" in
172 up)
173 if [ "$CONFIG_TYPE" = "4" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then
174 if [ "$BLUE_DEV" != "" ]; then
175 boot_mesg "Bringing blue network up..."
176 ifconfig $BLUE_DEV $BLUE_ADDRESS netmask $BLUE_NETMASK broadcast $BLUE_BROADCAST up
177 evaluate_retval
178 fi
179 fi
180 ;;
181 down)
182 if [ "$BLUE_DEV" != "" ]; then
183 boot_mesg "Bringing blue network down..."
184 ifconfig $BLUE_DEV down 2> /dev/null; evaluate_retval
185 fi
186 ;;
187 esac
188 ;;
189
190 red)
191 case "${2}" in
192 up)
193 boot_mesg "Bringing red network up..."
194 # If RED is ethernet then check furthur...
195 if [ "$CONFIG_TYPE" == "2" -o "$CONFIG_TYPE" == "3" -o "$CONFIG_TYPE" == "6" -o "$CONFIG_TYPE" == "7" ]; then
196 # If we are DHCP or STATIC we have to start automatically
197 if [ "$RED_TYPE" == "DHCP" -o "$RED_TYPE" == "STATIC" ]; then
198 AUTOCONNECT="on"
199 fi
200 fi
201
202 # Start DNSMASQ with defaults
203 if [ "$DOMAIN_NAME_GREEN" == "" ]; then
204 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases
205 else
206 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN"
207 fi
208
209 # Only when AUTOCONNECT is on
210 if [ "$AUTOCONNECT" == "on" ]; then
211 /etc/rc.d/init.d/red start; evaluate_retval
212 fi
213 ;;
214 down)
215 boot_mesg "Bringing red network down..."
216 /etc/rc.d/init.d/red stop
217 sleep 3
218 /etc/rc.d/init.d/red clear; evaluate_retval
219 ;;
220 update)
221 if [ ! -e /var/lock/rc.updatered.lock ]; then
222 /usr/bin/touch /var/lock/rc.updatered.lock
223 /usr/bin/logger -s -p local0.info -t rc.updatered "$0 locking for $$"
224 else
225 count=0
226 while [ ! $count = 5 ]; do
227 sleep 3
228 if [ ! -e /var/lock/rc.updatered.lock ]; then
229 break
230 else
231 /usr/bin/logger -s -p local0.info -t rc.updatered "$0 $$ waiting unlock"
232 fi
233 ((++count))
234 done
235 fi
236
237 IFACE=`/bin/cat /var/ipfire/red/iface 2>/dev/null | /usr/bin/tr -d '\012'`
238 REMOTE=`/bin/cat /var/ipfire/red/remote-ipaddress 2>/dev/null | /usr/bin/tr -d '\012'`
239
240 ###
241 ### Retrieve DHCP Settings
242 ###
243 if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then
244 if [ "$RED_TYPE" = "DHCP" ]; then
245 unset DNS1 DNS2
246 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
247 if [ "$DNS1" = "" ]; then
248 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 1` > /var/ipfire/red/dns1
249 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 2` > /var/ipfire/red/dns2
250 else
251 echo "$DNS1" > /var/ipfire/red/dns1
252 echo "$DNS2" > /var/ipfire/red/dns2
253 fi
254 . /var/ipfire/dhcpc/dhcpcd-${RED_DEV}.info
255 echo "$IPADDR" > /var/ipfire/red/local-ipaddress
256 echo "$GATEWAY" > /var/ipfire/red/remote-ipaddress
257 fi
258 else
259 if [ "$PROTOCOL" = "RFC1483" -a "$METHOD" = "DHCP" ]; then
260 unset DNS1 DNS2
261 eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
262 if [ "$DNS" = "Automatic" ]; then
263 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 1` > /var/ipfire/red/dns1
264 echo -n `/etc/rc.d/helper/getdnsfromdhcpc.pl 2` > /var/ipfire/red/dns2
265 else
266 echo "$DNS1" > /var/ipfire/red/dns1
267 echo "$DNS2" > /var/ipfire/red/dns2
268 fi
269 . /var/ipfire/dhcpc/dhcpcd-${IFACE}.info
270 echo $IPADDR > /var/ipfire/red/local-ipaddress
271 echo $GATEWAY > /var/ipfire/red/remote-ipaddress
272 fi
273 fi
274
275 ###
276 ### Retrieve DNS settings
277 ###
278 DNS1=`/bin/cat /var/ipfire/red/dns1 2>/dev/null | /usr/bin/tr -d '\012'`
279 DNS2=`/bin/cat /var/ipfire/red/dns2 2>/dev/null | /usr/bin/tr -d '\012'`
280 echo > /var/ipfire/red/resolv.conf #clear it
281 [ "$DNS1" != "" ] && echo "nameserver $DNS1" > /var/ipfire/red/resolv.conf
282 [ "$DNS2" != "" ] && echo "nameserver $DNS2" >> /var/ipfire/red/resolv.conf
283
284
285 ###
286 ### Restart DNSMASQ
287 ###
288 /bin/killall -KILL dnsmasq 2> /dev/null
289 sleep 1
290
291 DOMopt=""
292 [ "$DOMAIN_NAME_GREEN" ] && DOMopt="-s $DOMAIN_NAME_GREEN"
293 if [ -e "/var/ipfire/red/dial-on-demand" -a "$DIALONDEMANDDNS" == "on" -a ! -e "/var/ipfire/red/active" ]; then
294 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $DOMopt -r /var/ipfire/ppp/fake-resolv.conf
295 else
296 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases $DOMopt -r /var/ipfire/red/resolv.conf
297 fi
298 unset DOMopt
299
300 # Reset default route to ippp0 for dial on demand
301 if [ -e "/var/ipfire/red/dial-on-demand" -a "$TYPE" == "isdn" -a ! -e "/var/ipfire/red/active" ]; then
302 /sbin/route del default 2> /dev/null
303 if [ ! -z "$REMOTE" ]; then
304 /sbin/route add default gw $REMOTE 2> /dev/null
305 else
306 /sbin/route add default dev ippp0 2> /dev/null
307 fi
308 fi
309
310 if [ "$3" ]; then
311 eval $(/usr/local/bin/readhash "$3")
312 case "$4" in
313 up)
314 /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been configured with old IP=${IPADDR}"
315 if [ "$RED_TYPE" != 'PPTP' ]; then
316 /usr/bin/touch /var/ipfire/red/active
317 fi
318 ;;
319 new)
320 /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been configured with new IP=${IPADDR}"
321 if [ -e "/var/ipfire/red/active" ]; then
322 /usr/local/bin/setfilters
323 /usr/local/bin/setportfw
324 /usr/local/bin/setxtaccess
325 /usr/local/bin/setddns.pl -f
326 /usr/local/bin/restartsnort red
327 sleep $VPN_DELAYED_START && /usr/local/bin/ipsecctrl S &
328 /bin/rm -f /var/lock/rc.updatered.lock
329 /usr/bin/logger -s -p local0.info -t rc.updatered "unlocking from $$"
330 exit 0
331 else
332 if [ "$RED_TYPE" != 'PPTP' ]; then
333 /usr/bin/touch /var/ipfire/red/active
334 fi
335 fi
336 ;;
337 down)
338 /usr/bin/logger -s -p local0.info -t dhcpcd.exe "${INTERFACE} has been brought down"
339 rm -f /var/ipfire/red/active
340 ;;
341 esac
342 fi
343
344 if [ -e "/var/ipfire/red/active" ]; then
345 [ "$IFACE" != "" ] && /sbin/ifconfig $IFACE -multicast
346 /etc/rc.d/init.d/firewall reload
347 /usr/local/bin/setfilters
348 /usr/local/bin/restartsnort red
349 /usr/local/bin/qosctrl restart
350 /usr/local/bin/setportfw
351 /usr/local/bin/setxtaccess
352 /usr/local/bin/setddns.pl -f
353 /etc/rc.d/helper/writeipac.pl
354 /usr/sbin/fetchipac -S
355 sleep $VPN_DELAYED_START && /usr/local/bin/ipsecctrl S &
356 else
357 /usr/local/bin/ipsecctrl D
358 /etc/rc.d/init.d/firewall reload
359 fi
360 /bin/rm -f /var/lock/rc.updatered.lock
361 /usr/bin/logger -s -p local0.info -t rc.updatered "unlocking from $$"
362 ;;
363 esac
364 ;;
365
366 *)
367 echo "Usage: ${0} {start|stop|restart}"
368 echo " or: ${0} {green|orange|blue|red} {up|down}"
369 exit 1
370 ;;
371 esac
372
373 # End /etc/rc.d/init.d/network
Peter's tree of IPFire 2.x