# Flush all chains.
&flush();
- # Reload firewall rules.
- &preparerules();
+ # Prepare firewall rules.
+ if (! -z "${General::swroot}/firewall/input"){
+ &buildrules(\%configinputfw);
+ }
+ if (! -z "${General::swroot}/firewall/outgoing"){
+ &buildrules(\%configoutgoingfw);
+ }
+ if (! -z "${General::swroot}/firewall/config"){
+ &buildrules(\%configfwdfw);
+ }
# Load P2P block rules.
&p2pblock();
# Reload firewall policy.
run("/usr/sbin/firewall-policy");
+
+ #Reload firewall.local if present
+ if ( -f '/etc/sysconfig/firewall.local'){
+ run("/etc/sysconfig/firewall.local reload");
+ }
}
sub run {
run("$IPTABLES -t mangle -F $CHAIN_MANGLE_NAT_DESTINATION_FIX");
}
-sub preparerules {
- if (! -z "${General::swroot}/firewall/input"){
- &buildrules(\%configinputfw);
- }
- if (! -z "${General::swroot}/firewall/outgoing"){
- &buildrules(\%configoutgoingfw);
- }
- if (! -z "${General::swroot}/firewall/config"){
- &buildrules(\%configfwdfw);
- }
-}
-
sub buildrules {
my $hash = shift;
}
}
}
- #Reload firewall.local if present
- if ( -f '/etc/sysconfig/firewall.local'){
- run("/etc/sysconfig/firewall.local reload");
- }
}
# Formats the given timestamp into the iptables format which is "hh:mm" UTC.
Timeout 300
ServerSignature on
UseCanonicalName off
-ServerTokens Full
+ServerTokens Prod
LogLevel warn
CustomLog /var/log/httpd/access_log combined
Include /etc/httpd/conf/hostname.conf
#etc/rc.d/init.d/mysql
#etc/rc.d/init.d/netsnmpd
etc/rc.d/init.d/network
+etc/rc.d/init.d/network-trigger
etc/rc.d/init.d/network-vlans
#etc/rc.d/init.d/networking
etc/rc.d/init.d/networking/any
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
+etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S91network-vlans
etc/rc.d/rcsysinit.d/S92rngd
etc/rc.d/rc3.d/S15fireinfo
#etc/rc.d/init.d/mysql
#etc/rc.d/init.d/netsnmpd
etc/rc.d/init.d/network
+etc/rc.d/init.d/network-trigger
etc/rc.d/init.d/network-vlans
#etc/rc.d/init.d/networking
etc/rc.d/init.d/networking/any
etc/rc.d/rcsysinit.d/S75firstsetup
etc/rc.d/rcsysinit.d/S80localnet
etc/rc.d/rcsysinit.d/S85firewall
+etc/rc.d/rcsysinit.d/S90network-trigger
etc/rc.d/rcsysinit.d/S91network-vlans
etc/rc.d/rcsysinit.d/S92rngd
etc/rc.d/rc3.d/S15fireinfo
etc/strongswan.d/charon/eap-ttls.conf
etc/strongswan.d/charon/farp.conf
etc/strongswan.d/charon/fips-prf.conf
+etc/strongswan.d/charon/gcm.conf
etc/strongswan.d/charon/gcrypt.conf
etc/strongswan.d/charon/gmp.conf
etc/strongswan.d/charon/hmac.conf
usr/lib/ipsec/plugins/libstrongswan-eap-ttls.so
usr/lib/ipsec/plugins/libstrongswan-farp.so
usr/lib/ipsec/plugins/libstrongswan-fips-prf.so
+usr/lib/ipsec/plugins/libstrongswan-gcm.so
usr/lib/ipsec/plugins/libstrongswan-gcrypt.so
usr/lib/ipsec/plugins/libstrongswan-gmp.so
usr/lib/ipsec/plugins/libstrongswan-hmac.so
#usr/share/strongswan/templates/config/plugins/eap-ttls.conf
#usr/share/strongswan/templates/config/plugins/farp.conf
#usr/share/strongswan/templates/config/plugins/fips-prf.conf
+#usr/share/strongswan/templates/config/plugins/gcm.conf
#usr/share/strongswan/templates/config/plugins/gcrypt.conf
#usr/share/strongswan/templates/config/plugins/gmp.conf
#usr/share/strongswan/templates/config/plugins/hmac.conf
etc/modprobe.d/blacklist.conf
etc/udev
#etc/udev/rules.d
-#etc/udev/rules.d/30-persistent-network.rules
#etc/udev/rules.d/55-lfs.rules
#etc/udev/rules.d/81-cdrom.rules
#etc/udev/rules.d/83-cdrom-symlinks.rules
#lib/udev/hwdb.d/60-keyboard.hwdb
#lib/udev/init-net-rules.sh
#lib/udev/mtd_probe
+#lib/udev/network-hotplug-rename
#lib/udev/rule_generator.functions
#lib/udev/rules.d
#lib/udev/rules.d/25-alsa.rules
#lib/udev/rules.d/50-udev-default.rules
#lib/udev/rules.d/60-cdrom_id.rules
#lib/udev/rules.d/60-keyboard.rules
+#lib/udev/rules.d/60-net.rules
#lib/udev/rules.d/60-persistent-alsa.rules
#lib/udev/rules.d/60-persistent-input.rules
#lib/udev/rules.d/60-persistent-serial.rules
--- /dev/null
+# Call a script that checks for the right name of the new device.
+# If it matches the configuration it will be renamed accordingly.
+ACTION=="add", SUBSYSTEM=="net", PROGRAM="/lib/udev/network-hotplug-rename", RESULT=="?*", NAME="$result"
--- /dev/null
+#!/bin/bash
+###############################################################################
+# #
+# IPFire.org - A linux based firewall #
+# Copyright (C) 2015 IPFire Team <info@ipfire.org> #
+# #
+# This program is free software: you can redistribute it and/or modify #
+# it under the terms of the GNU General Public License as published by #
+# the Free Software Foundation, either version 3 of the License, or #
+# (at your option) any later version. #
+# #
+# This program is distributed in the hope that it will be useful, #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
+# GNU General Public License for more details. #
+# #
+# You should have received a copy of the GNU General Public License #
+# along with this program. If not, see <http://www.gnu.org/licenses/>. #
+# #
+###############################################################################
+
+# Check if all appropriate variables are set
+[ -n "${INTERFACE}" ] || exit 2
+
+# Ignore virtual interfaces, etc.
+case "${INTERFACE}" in
+ lo)
+ exit 0
+ ;;
+ tun*)
+ exit 0
+ ;;
+ ppp*)
+ exit 0
+ ;;
+esac
+
+# Check if INTERFACE actually exists
+[ -d "/sys/class/net/${INTERFACE}" ] || exit 1
+
+# If the network configuration is not readable,
+# we cannot go on.
+if [ ! -r "/var/ipfire/ethernet/settings" ]; then
+ exit 1
+fi
+
+# Read network settings
+eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
+
+# Standard zones
+ZONES="RED GREEN ORANGE BLUE"
+
+# Determine the address of INTERFACE
+ADDRESS="$(</sys/class/net/${INTERFACE}/address)"
+
+# Walk through all zones and find the matching interface
+for zone in ${ZONES}; do
+ address="${zone}_MACADDR"
+ device="${zone}_DEV"
+
+ # Skip if address or device is unset
+ [ -n "${!address}" -a -n "${!device}" ] || continue
+
+ # If a matching interface has been found we will
+ # print the name to which udev will rename it.
+ if [ "${ADDRESS}" = "${!address}" ]; then
+ echo "${!device}"
+ exit 0
+ fi
+done
+
+# If we get here we have not found a matching device,
+# but we won't return an error any way. The new device
+# will remain with the previous name.
+exit 0
}
my $sip_colour = ipcolour($sip);
- my $dip_colour = ipcolour($dip);
+ # use colour of destination network for DNAT
+ my $dip_colour = $dip ne $dip_ret ? ipcolour($dip_ret) : ipcolour($dip);
my $sserv = '';
if ($sport < 1024) {
my $comment = $3;
my $packet = $4;
- $packet =~ /IN=(\w+)/; my $iface=$1; if ( $1 =~ /2./ ){ $iface="";}
- $packet =~ /SRC=([\d\.]+)/; my $srcaddr=$1;
- $packet =~ /DST=([\d\.]+)/; my $dstaddr=$1;
- $packet =~ /MAC=([\w+\:]+)/; my $macaddr=$1;
- $packet =~ /PROTO=(\w+)/; my $proto=$1;
- $packet =~ /SPT=(\d+)/; my $srcport=$1;
- $packet =~ /DPT=(\d+)/; my $dstport=$1;
+ my ($iface, $srcaddr, $dstaddr, $macaddr, $proto, $srcport, $dstport);
+ $iface=$1 if $packet =~ /IN=(\w+)/;
+ $srcaddr=$1 if $packet =~ /SRC=([\d\.]+)/;
+ $dstaddr=$1 if $packet =~ /DST=([\d\.]+)/;
+ $macaddr=$1 if $packet =~ /MAC=([\w+\:]+)/;
+ $proto=$1 if $packet =~ /PROTO=(\w+)/;
+ $srcport=$1 if $packet =~ /SPT=(\d+)/;
+ $dstport=$1 if $packet =~ /DPT=(\d+)/;
my $gi = Geo::IP::PurePerl->new();
my $ccode = $gi->country_code_by_name($srcaddr);
}
print CONF "\n";
}#foreach key
-
- # Add post user includes to config file
- # After the GUI-connections allows to patch connections.
- if (-e "/etc/ipsec.user-post.conf") {
- print CONF "include /etc/ipsec.user-post.conf\n";
- print CONF "\n";
- }
-
print SECRETS $last_secrets if ($last_secrets);
close(CONF);
close(SECRETS);
$cgiparams{'REMOTE_ID'} = '';
#use default advanced value
- $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[18];
- $cgiparams{'IKE_INTEGRITY'} = 'sha2_256|sha|md5'; #[19];
+ $cgiparams{'IKE_ENCRYPTION'} = 'aes256|aes192|aes128|aes256gcm128|aes192gcm128|aes128gcm128|aes256gcm96|aes192gcm96|aes128gcm96|aes256gcm64|aes192gcm64|aes128gcm64'; #[18];
+ $cgiparams{'IKE_INTEGRITY'} = 'sha2_512|sha2_256|sha'; #[19];
$cgiparams{'IKE_GROUPTYPE'} = '4096|3072|2048|1536|1024'; #[20];
$cgiparams{'IKE_LIFETIME'} = '3'; #[16];
- $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|3des'; #[21];
- $cgiparams{'ESP_INTEGRITY'} = 'sha2_256|sha1|md5'; #[22];
+ $cgiparams{'ESP_ENCRYPTION'} = 'aes256|aes192|aes128|aes256gcm128|aes192gcm128|aes128gcm128|aes256gcm96|aes192gcm96|aes128gcm96|aes256gcm64|aes192gcm64|aes128gcm64'; #[21];
+ $cgiparams{'ESP_INTEGRITY'} = 'sha2_512|sha2_256|sha1'; #[22];
$cgiparams{'ESP_GROUPTYPE'} = ''; #[23];
$cgiparams{'ESP_KEYLIFE'} = '1'; #[17];
$cgiparams{'COMPRESSION'} = 'on'; #[13];
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
$errormessage = $Lang::tr{'invalid input for ike lifetime'};
goto ADVANCED_ERROR;
}
- if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 24) {
- $errormessage = $Lang::tr{'ike lifetime should be between 1 and 24 hours'};
+ if ($cgiparams{'IKE_LIFETIME'} < 1 || $cgiparams{'IKE_LIFETIME'} > 8) {
+ $errormessage = $Lang::tr{'ike lifetime should be between 1 and 8 hours'};
goto ADVANCED_ERROR;
}
@temp = split('\|', $cgiparams{'ESP_ENCRYPTION'});
goto ADVANCED_ERROR;
}
foreach my $val (@temp) {
- if ($val !~ /^(aes256|aes192|aes128|3des|camellia256|camellia192|camellia128)$/) {
+ if ($val !~ /^(aes(256|192|128)(gcm(128|96|64))?|3des|camellia(256|192|128))$/) {
$errormessage = $Lang::tr{'invalid input'};
goto ADVANCED_ERROR;
}
$checked{'IKE_ENCRYPTION'}{'aes256'} = '';
$checked{'IKE_ENCRYPTION'}{'aes192'} = '';
$checked{'IKE_ENCRYPTION'}{'aes128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'IKE_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'IKE_ENCRYPTION'}{'3des'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia256'} = '';
$checked{'IKE_ENCRYPTION'}{'camellia192'} = '';
$checked{'ESP_ENCRYPTION'}{'aes256'} = '';
$checked{'ESP_ENCRYPTION'}{'aes192'} = '';
$checked{'ESP_ENCRYPTION'}{'aes128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm128'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm96'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes256gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes192gcm64'} = '';
+ $checked{'ESP_ENCRYPTION'}{'aes128gcm64'} = '';
$checked{'ESP_ENCRYPTION'}{'3des'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia256'} = '';
$checked{'ESP_ENCRYPTION'}{'camellia192'} = '';
<td class='boldbase' width="15%">$Lang::tr{'encryption'}</td>
<td class='boldbase'>
<select name='IKE_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
- <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes192' $checked{'IKE_ENCRYPTION'}{'aes192'}>AES (192 bit)</option>
- <option value='aes128' $checked{'IKE_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'IKE_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='camellia256' $checked{'IKE_ENCRYPTION'}{'camellia256'}>Camellia (256 bit)</option>
- <option value='camellia192' $checked{'IKE_ENCRYPTION'}{'camellia192'}>Camellia (192 bit)</option>
- <option value='camellia128' $checked{'IKE_ENCRYPTION'}{'camellia128'}>Camellia (128 bit)</option>
+ <option value='aes256' $checked{'IKE_ENCRYPTION'}{'aes256'}>256 bit AES-CBC</option>
+ <option value='aes192' $checked{'IKE_ENCRYPTION'}{'aes192'}>192 bit AES-CBC</option>
+ <option value='aes128' $checked{'IKE_ENCRYPTION'}{'aes128'}>128 bit AES-CBC</option>
+ <option value='aes256gcm128' $checked{'IKE_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV</option>
+ <option value='aes192gcm128' $checked{'IKE_ENCRYPTION'}{'aes192gcm128'}>192 bit AES-GCM/128 bit ICV</option>
+ <option value='aes128gcm128' $checked{'IKE_ENCRYPTION'}{'aes128gcm128'}>128 bit AES-GCM/128 bit ICV</option>
+ <option value='aes256gcm96' $checked{'IKE_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit ICV</option>
+ <option value='aes192gcm96' $checked{'IKE_ENCRYPTION'}{'aes192gcm96'}>192 bit AES-GCM/96 bit ICV</option>
+ <option value='aes128gcm96' $checked{'IKE_ENCRYPTION'}{'aes128gcm96'}>128 bit AES-GCM/96 bit ICV</option>
+ <option value='aes256gcm64' $checked{'IKE_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit ICV</option>
+ <option value='aes192gcm64' $checked{'IKE_ENCRYPTION'}{'aes192gcm64'}>192 bit AES-GCM/64 bit ICV</option>
+ <option value='aes128gcm64' $checked{'IKE_ENCRYPTION'}{'aes128gcm64'}>128 bit AES-GCM/64 bit ICV</option>
+ <option value='3des' $checked{'IKE_ENCRYPTION'}{'3des'}>168 bit 3DES-EDE-CBC</option>
+ <option value='camellia256' $checked{'IKE_ENCRYPTION'}{'camellia256'}>256 bit Camellia-CBC</option>
+ <option value='camellia192' $checked{'IKE_ENCRYPTION'}{'camellia192'}>192 bit Camellia-CBC</option>
+ <option value='camellia128' $checked{'IKE_ENCRYPTION'}{'camellia128'}>128 bit Camellia-CBC</option>
</select>
</td>
<td class='boldbase'>
<select name='ESP_ENCRYPTION' multiple='multiple' size='6' style='width: 100%'>
- <option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>AES (256 bit)</option>
- <option value='aes192' $checked{'ESP_ENCRYPTION'}{'aes192'}>AES (192 bit)</option>
- <option value='aes128' $checked{'ESP_ENCRYPTION'}{'aes128'}>AES (128 bit)</option>
- <option value='3des' $checked{'ESP_ENCRYPTION'}{'3des'}>3DES</option>
- <option value='camellia256' $checked{'ESP_ENCRYPTION'}{'camellia256'}>Camellia (256 bit)</option>
- <option value='camellia192' $checked{'ESP_ENCRYPTION'}{'camellia192'}>Camellia (192 bit)</option>
- <option value='camellia128' $checked{'ESP_ENCRYPTION'}{'camellia128'}>Camellia (128 bit)</option>
+ <option value='aes256' $checked{'ESP_ENCRYPTION'}{'aes256'}>256 bit AES-CBC</option>
+ <option value='aes192' $checked{'ESP_ENCRYPTION'}{'aes192'}>192 bit AES-CBC</option>
+ <option value='aes128' $checked{'ESP_ENCRYPTION'}{'aes128'}>128 bit AES-CBC</option>
+ <option value='aes256gcm128' $checked{'ESP_ENCRYPTION'}{'aes256gcm128'}>256 bit AES-GCM/128 bit ICV</option>
+ <option value='aes192gcm128' $checked{'ESP_ENCRYPTION'}{'aes192gcm128'}>192 bit AES-GCM/128 bit ICV</option>
+ <option value='aes128gcm128' $checked{'ESP_ENCRYPTION'}{'aes128gcm128'}>128 bit AES-GCM/128 bit ICV</option>
+ <option value='aes256gcm96' $checked{'ESP_ENCRYPTION'}{'aes256gcm96'}>256 bit AES-GCM/96 bit ICV</option>
+ <option value='aes192gcm96' $checked{'ESP_ENCRYPTION'}{'aes192gcm96'}>192 bit AES-GCM/96 bit ICV</option>
+ <option value='aes128gcm96' $checked{'ESP_ENCRYPTION'}{'aes128gcm96'}>128 bit AES-GCM/96 bit ICV</option>
+ <option value='aes256gcm64' $checked{'ESP_ENCRYPTION'}{'aes256gcm64'}>256 bit AES-GCM/64 bit ICV</option>
+ <option value='aes192gcm64' $checked{'ESP_ENCRYPTION'}{'aes192gcm64'}>192 bit AES-GCM/64 bit ICV</option>
+ <option value='aes128gcm64' $checked{'ESP_ENCRYPTION'}{'aes128gcm64'}>128 bit AES-GCM/64 bit ICV</option>
+ <option value='3des' $checked{'ESP_ENCRYPTION'}{'3des'}>168 bit 3DES-EDE-CBC</option>
+ <option value='camellia256' $checked{'ESP_ENCRYPTION'}{'camellia256'}>256 bit Camellia-CBC</option>
+ <option value='camellia192' $checked{'ESP_ENCRYPTION'}{'camellia192'}>192 bit Camellia-CBC</option>
+ <option value='camellia128' $checked{'ESP_ENCRYPTION'}{'camellia128'}>128 bit Camellia-CBC</option>
</select>
</td>
</tr>
ln -sf ../init.d/firstsetup /etc/rc.d/rcsysinit.d/S75firstsetup
ln -sf ../init.d/localnet /etc/rc.d/rcsysinit.d/S80localnet
ln -sf ../init.d/firewall /etc/rc.d/rcsysinit.d/S85firewall
+ ln -sf ../init.d/network-trigger /etc/rc.d/rcsysinit.d/S90network-trigger
ln -sf ../init.d/network-vlans /etc/rc.d/rcsysinit.d/S91network-vlans
ln -sf ../init.d/rngd /etc/rc.d/rcsysinit.d/S92rngd
ln -sf ../init.d/wlanclient /etc/rc.d/rc0.d/K82wlanclient
--enable-farp \
--enable-openssl \
--enable-gcrypt \
+ --enable-gcm \
--enable-xauth-eap \
--enable-xauth-noauth \
--enable-eap-radius \
rm -f /lib/udev/rules.d/75-persistent-net-generator.rules
rm -f /lib/udev/rules.d/80-net-name-slot.rules
- # Create rule file for the setup
- touch /etc/udev/rules.d/30-persistent-network.rules
-
# Blacklist some modules
cp -vf $(DIR_SRC)/config/udev/blacklist.conf /etc/modprobe.d/blacklist.conf
install -v -m 644 $(DIR_SRC)/config/udev/25-alsa.rules \
/lib/udev/rules.d
+ # Install network rules.
+ install -v -m 755 $(DIR_SRC)/config/udev/network-hotplug-rename \
+ /lib/udev/network-hotplug-rename
+ install -v -m 644 $(DIR_SRC)/config/udev/60-net.rules \
+ /lib/udev/rules.d
+
# Install hwrng rules.
install -v -m 644 $(DIR_SRC)/config/udev/90-hwrng.rules \
/lib/udev/rules.d
--- /dev/null
+#!/bin/sh
+########################################################################
+# Begin $rc_base/init.d/network-trigger
+########################################################################
+
+. /etc/sysconfig/rc
+. ${rc_functions}
+
+case "${1}" in
+ start)
+ boot_mesg "Triggering network devices..."
+ udevadm trigger --action="add" --subsystem-match="net"
+ evaluate_retval
+ ;;
+
+ *)
+ echo "Usage: ${0} {start}"
+ exit 1
+ ;;
+esac
+
+# End $rc_base/init.d/network-trigger
}
}
-int create_udev(void)
-{
- #define UDEV_NET_CONF "/etc/udev/rules.d/30-persistent-network.rules"
- FILE *fp;
- int i;
-
- if ( (fp = fopen(UDEV_NET_CONF, "w")) == NULL ) {
- fprintf(stderr,"Couldn't open" UDEV_NET_CONF);
- return 1;
- }
-
- for (i = 0 ; i < 4 ; i++)
- {
- if (strcmp(knics[i].macaddr, "")) {
- fprintf(fp,"\n# %s\nACTION==\"add\", SUBSYSTEM==\"net\", ATTR{type}==\"1\", ATTR{address}==\"%s\", NAME=\"%s0\"\n", knics[i].description, knics[i].macaddr, lcolourcard[i]);
- }
- }
- fclose(fp);
- return 0;
-}
-
int write_configs_netudev(int card , int colour)
{
char commandstring[STRING_SIZE];
} else {
rename_nics();
}
- create_udev();
return 1;
}
int interfacecheck(struct keyvalue *kv, char *colour);
int rename_nics(void);
int init_knics(void);
-int create_udev(void);
int scan_network_cards(void);
int nicmenu(int colour);
int clear_card_entry(int cards);
projects / people / pmueller / ipfire-2.x.git / commitdiff
