]> git.ipfire.org Git - people/pmueller/ipfire-2.x.git/blob - src/initscripts/init.d/network
projects / people / pmueller / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
IDS Rules wieder aktiviert
[people/pmueller/ipfire-2.x.git] / src / initscripts / init.d / network
1 #!/bin/sh
2 ########################################################################
3 # Begin $rc_base/init.d/network
4 #
5 # Description : Network Control Script
6 #
7 # Authors : Michael Tremer - m.s.tremer@googlemail.com
8 #
9 # Version : 01.00
10 #
11 # Notes : Written for IPFire by its team
12 #
13 ########################################################################
14
15 . /etc/sysconfig/rc
16 . ${rc_functions}
17 eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
18
19 DO="${1}"
20 shift
21
22 if [ -n "${1}" ]; then
23 ALL=0
24 for i in green red blue orange; do
25 eval "${i}=0"
26 done
27 else
28 ALL=1
29 for i in green red blue orange; do
30 eval "${i}=1"
31 done
32 fi
33
34 while [ ! $# = 0 ]; do
35 for i in green red blue orange; do
36 if [ "${i}" == "${1}" ]; then
37 eval "${i}=1"
38 shift
39 fi
40 done
41 done
42
43 case "${DO}" in
44 start)
45 if [ "${ALL}" == "1" ]; then
46 boot_mesg "Loading iptables helper modules"
47 modprobe iptable_nat || failed=1
48 modprobe ip_conntrack || failed=1
49 modprobe ip_conntrack_ftp || failed=1
50 modprobe ip_nat_ftp || failed=1
51 modprobe ip_conntrack_h323 || failed=1
52 modprobe ip_nat_h323 || failed=1
53 modprobe ip_conntrack_irc || failed=1
54 modprobe ip_nat_irc || failed=1
55 modprobe ip_conntrack_mms || failed=1
56 modprobe ip_nat_mms || failed=1
57 modprobe ip_conntrack_pptp || failed=1
58 modprobe ip_nat_pptp || failed=1
59 modprobe ip_conntrack_sip || failed=1
60 modprobe ip_nat_sip || failed=1
61 (exit ${failed})
62 evaluate_retval
63
64 boot_mesg "Setting up IPFire firewall rules"
65 /etc/rc.d/init.d/firewall start; evaluate_retval
66
67 boot_mesg "Setting up IP Accounting"
68 /etc/rc.d/helper/writeipac.pl || failed=1
69 /usr/sbin/fetchipac -S || failed=1
70 (exit ${failed})
71 evaluate_retval
72
73 boot_mesg "Setting IPFire DMZ pinholes"
74 /usr/local/bin/setdmzholes; evaluate_retval
75
76 if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
77 boot_mesg "Setting up wireless firewall rules"
78 /usr/local/bin/restartwireless; evaluate_retval
79 fi
80
81 # Start DNSMASQ with defaults
82 killall -KILL dnsmasq 2> /dev/null
83 sleep 1
84 if [ "$DOMAIN_NAME_GREEN" == "" ]; then
85 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases
86 else
87 /usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN"
88 fi
89 fi
90
91 # Starting interfaces...
92 # GREEN
93 if [ "$green" == "1" ]; then
94 name=green /etc/rc.d/init.d/net/ifup
95 fi
96
97 # BLUE
98 if [ "$blue" == "1" ]; then
99 if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
100 name=blue /etc/rc.d/init.d/net/ifup
101 fi
102 fi
103
104 # ORANGE
105 if [ "$orange" == "1" ]; then
106 if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
107 name=orange /etc/rc.d/init.d/net/ifup
108 fi
109 fi
110
111 # RED
112 if [ "$red" == "1" ]; then
113 if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
114 # Remove possible leftover files
115 rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
116 if [ "$AUTOCONNECT" == "off" ]; then
117 echo -n # Do anything
118 else
119 name=red /etc/rc.d/init.d/net/ifup
120 fi
121 boot_mesg "Setting OpenVPN Rules if enabled"
122 /etc/rc.d/init.d/firewall startovpn; evaluate_retval
123 fi
124 fi
125
126 boot_mesg "Setting OpenVPN if enabled"
127 /usr/local/bin/openvpnctrl -s; evaluate_retval
128
129 boot_mesg "Starting Snort if enabled"
130 /etc/rc.d/init.d/snort start; evaluate_retval
131 ;;
132
133 stop)
134 # Stopping interfaces...
135 # GREEN
136 if [ "$green" == "1" ]; then
137 name=green /etc/rc.d/init.d/net/ifdown
138 fi
139
140 # BLUE
141 if [ "$blue" == "1" ]; then
142 if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
143 name=blue /etc/rc.d/init.d/net/ifdown
144 fi
145 fi
146
147 # ORANGE
148 if [ "$orange" == "1" ]; then
149 if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
150 name=orange /etc/rc.d/init.d/net/ifdown
151 fi
152 fi
153
154 # RED
155 if [ "$red" == "1" ]; then
156 if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
157 name=red /etc/rc.d/init.d/net/ifdown
158 boot_mesg "Deleting OpenVPN Rules if enabled"
159 /etc/rc.d/init.d/firewall stopovpn; evaluate_retval
160 fi
161 fi
162
163 boot_mesg "Stopping OpenVPN if enabled"
164 /usr/local/bin/openvpnctrl -k; evaluate_retval
165
166 boot_mesg "Stopping Snort if enabled"
167 /etc/rc.d/init.d/snort stop; evaluate_retval
168 ;;
169
170 restart)
171 for i in green red blue orange; do
172 if [ "${!i}" == "1" ]; then
173 ARGS+=" ${i}"
174 fi
175 done
176 ${0} stop ${ARGS}
177 sleep 1
178 ${0} start ${ARGS}
179 ;;
180
181 *)
182 echo "Usage: ${0} {start|stop|restart}"
183 exit 1
184 ;;
185 esac
186
187 # End /etc/rc.d/init.d/network
Peter's tree of IPFire 2.x