[people/teissler/ipfire-2.x.git] / src / initscripts / init.d / network

#!/bin/sh
########################################################################
# Begin $rc_base/init.d/network
#
# Description : Network Control Script
#
# Authors     : Michael Tremer - m.s.tremer@googlemail.com
#
# Version     : 01.00
#
# Notes       : Written for IPFire by its team
#
########################################################################

. /etc/sysconfig/rc
. ${rc_functions}
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)

DO="${1}"
shift

if [ -n "${1}" ]; then
	ALL=0
	for i in green red blue orange; do	
		eval "${i}=0"
	done
else
	ALL=1
	for i in green red blue orange; do
		eval "${i}=1"
	done
fi

while [ ! $# = 0 ]; do
	for i in green red blue orange; do
		if [ "${i}" == "${1}" ]; then
			eval "${i}=1"
			shift
		fi
	done
done

case "${DO}" in
	start)
		if [ "${ALL}" == "1" ]; then
			boot_mesg "Loading iptables helper modules"
			modprobe iptable_nat || failed=1
			modprobe ip_conntrack || failed=1
			modprobe ip_conntrack_ftp || failed=1
			modprobe ip_nat_ftp || failed=1
			modprobe ip_conntrack_h323 || failed=1
			modprobe ip_nat_h323 || failed=1
			modprobe ip_conntrack_irc || failed=1
			modprobe ip_nat_irc || failed=1
			modprobe ip_conntrack_mms || failed=1
			modprobe ip_nat_mms || failed=1
			modprobe ip_conntrack_pptp || failed=1
			modprobe ip_nat_pptp || failed=1
			modprobe ip_conntrack_sip || failed=1
			modprobe ip_nat_sip || failed=1
			(exit ${failed})
			evaluate_retval
			
			boot_mesg "Setting up IPFire firewall rules"
			/etc/rc.d/init.d/firewall start; evaluate_retval
	
			boot_mesg "Setting up IP Accounting"
			/etc/rc.d/helper/writeipac.pl || failed=1
			/usr/sbin/fetchipac -S || failed=1 
			(exit ${failed})
			evaluate_retval
	
			boot_mesg "Setting IPFire DMZ pinholes"
			/usr/local/bin/setdmzholes; evaluate_retval
	
			if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
				boot_mesg "Setting up wireless firewall rules"
				/usr/local/bin/restartwireless; evaluate_retval
			fi
			
			# Start DNSMASQ with defaults
			killall -KILL dnsmasq 2> /dev/null
			sleep 1
			if [ "$DOMAIN_NAME_GREEN" == "" ]; then
				/usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases
			else 
				/usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN"
			fi
		fi
		
		# Starting interfaces...
		# GREEN
		if [ "$green" == "1" ]; then
			name=green /etc/rc.d/init.d/net/ifup
		fi
		
		# BLUE
		if [ "$blue" == "1" ]; then
			if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
				name=blue /etc/rc.d/init.d/net/ifup
			fi
		fi
		
		# ORANGE
		if [ "$orange" == "1" ]; then
			if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
				name=orange /etc/rc.d/init.d/net/ifup
			fi
		fi
		
		# RED
		if [ "$red" == "1" ]; then
			if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
				# Remove possible leftover files
				rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
				if [ "$AUTOCONNECT" == "off" ]; then
					echo -n		# Do anything
				else
					name=red /etc/rc.d/init.d/net/ifup
				fi
			boot_mesg "Setting OpenVPN Rules if enabled"
			/etc/rc.d/init.d/firewall startovpn; evaluate_retval
			fi
		fi
		
			boot_mesg "Setting OpenVPN if enabled"
			/usr/local/bin/openvpnctrl -s; evaluate_retval
			
			boot_mesg "Starting Snort if enabled"
			/etc/rc.d/init.d/snort start; evaluate_retval						
		;;

	stop)
		# Stopping interfaces...
		# GREEN
		if [ "$green" == "1" ]; then
			name=green /etc/rc.d/init.d/net/ifdown
		fi
		
		# BLUE
		if [ "$blue" == "1" ]; then
			if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
				name=blue /etc/rc.d/init.d/net/ifdown
			fi
		fi
		
		# ORANGE
		if [ "$orange" == "1" ]; then
			if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
				name=orange /etc/rc.d/init.d/net/ifdown
			fi
		fi
		
		# RED
		if [ "$red" == "1" ]; then
			if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
				name=red /etc/rc.d/init.d/net/ifdown
			  boot_mesg "Deleting OpenVPN Rules if enabled"
			  /etc/rc.d/init.d/firewall stopovpn; evaluate_retval	
			fi
		fi
		
			boot_mesg "Stopping OpenVPN if enabled"
			/usr/local/bin/openvpnctrl -k; evaluate_retval
			
			boot_mesg "Stopping Snort if enabled"
			/etc/rc.d/init.d/snort stop; evaluate_retval		
		;;

	restart)
		for i in green red blue orange; do
			if [ "${!i}" == "1" ]; then
				ARGS+=" ${i}"
			fi
		done
		${0} stop ${ARGS}
		sleep 1
		${0} start ${ARGS}
		;;

	*)
		echo "Usage: ${0} {start|stop|restart}"
		exit 1
		;;
esac

# End /etc/rc.d/init.d/network
Commit	Line	Data
3fd5feeb MT	1	#!/bin/sh
	2	########################################################################
	3	# Begin $rc_base/init.d/network
	4	#
	5	# Description : Network Control Script
	6	#
	7	# Authors : Michael Tremer - m.s.tremer@googlemail.com
	8	#
9c16cd92	9	# Version : 01.00
3fd5feeb MT	10	#
	11	# Notes : Written for IPFire by its team
	12	#
	13	########################################################################
	14
	15	. /etc/sysconfig/rc
	16	. ${rc_functions}
bf7c473f	17	eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
bf7c473f	18
37263bc1 MT	19	DO="${1}"
37263bc1 MT	20	shift
069680ac	21
37263bc1 MT	22	if [ -n "${1}" ]; then
	23	ALL=0
	24	for i in green red blue orange; do
	25	eval "${i}=0"
	26	done
	27	else
	28	ALL=1
	29	for i in green red blue orange; do
	30	eval "${i}=1"
	31	done
	32	fi
069680ac	33
37263bc1 MT	34	while [ ! $# = 0 ]; do
	35	for i in green red blue orange; do
	36	if [ "${i}" == "${1}" ]; then
	37	eval "${i}=1"
	38	shift
	39	fi
	40	done
	41	done
3fd5feeb	42
37263bc1 MT	43	case "${DO}" in
	44	start)
	45	if [ "${ALL}" == "1" ]; then
	46	boot_mesg "Loading iptables helper modules"
	47	modprobe iptable_nat \|\| failed=1
	48	modprobe ip_conntrack \|\| failed=1
	49	modprobe ip_conntrack_ftp \|\| failed=1
	50	modprobe ip_nat_ftp \|\| failed=1
	51	modprobe ip_conntrack_h323 \|\| failed=1
	52	modprobe ip_nat_h323 \|\| failed=1
	53	modprobe ip_conntrack_irc \|\| failed=1
	54	modprobe ip_nat_irc \|\| failed=1
	55	modprobe ip_conntrack_mms \|\| failed=1
	56	modprobe ip_nat_mms \|\| failed=1
	57	modprobe ip_conntrack_pptp \|\| failed=1
	58	modprobe ip_nat_pptp \|\| failed=1
	59	modprobe ip_conntrack_sip \|\| failed=1
	60	modprobe ip_nat_sip \|\| failed=1
	61	(exit ${failed})
	62	evaluate_retval
	63
	64	boot_mesg "Setting up IPFire firewall rules"
	65	/etc/rc.d/init.d/firewall start; evaluate_retval
	66
	67	boot_mesg "Setting up IP Accounting"
	68	/etc/rc.d/helper/writeipac.pl \|\| failed=1
	69	/usr/sbin/fetchipac -S \|\| failed=1
	70	(exit ${failed})
	71	evaluate_retval
	72
	73	boot_mesg "Setting IPFire DMZ pinholes"
	74	/usr/local/bin/setdmzholes; evaluate_retval
	75
6be4dd24	76	if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
37263bc1 MT	77	boot_mesg "Setting up wireless firewall rules"
	78	/usr/local/bin/restartwireless; evaluate_retval
	79	fi
	80
	81	# Start DNSMASQ with defaults
	82	killall -KILL dnsmasq 2> /dev/null
	83	sleep 1
	84	if [ "$DOMAIN_NAME_GREEN" == "" ]; then
	85	/usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases
	86	else
	87	/usr/sbin/dnsmasq -l /var/state/dhcp/dhcpd.leases -s "$DOMAIN_NAME_GREEN"
	88	fi
3fd5feeb	89	fi
9c16cd92 MT	90
	91	# Starting interfaces...
	92	# GREEN
37263bc1 MT	93	if [ "$green" == "1" ]; then
	94	name=green /etc/rc.d/init.d/net/ifup
	95	fi
9c16cd92 MT	96
9c16cd92 MT	97	# BLUE
37263bc1	98	if [ "$blue" == "1" ]; then
6be4dd24	99	if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
37263bc1 MT	100	name=blue /etc/rc.d/init.d/net/ifup
37263bc1 MT	101	fi
9c16cd92 MT	102	fi
	103
	104	# ORANGE
37263bc1	105	if [ "$orange" == "1" ]; then
6be4dd24	106	if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
37263bc1 MT	107	name=orange /etc/rc.d/init.d/net/ifup
37263bc1 MT	108	fi
bf7c473f MT	109	fi
bf7c473f MT	110
9c16cd92	111	# RED
37263bc1	112	if [ "$red" == "1" ]; then
6be4dd24	113	if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
37263bc1 MT	114	# Remove possible leftover files
	115	rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
	116	if [ "$AUTOCONNECT" == "off" ]; then
	117	echo -n # Do anything
	118	else
	119	name=red /etc/rc.d/init.d/net/ifup
	120	fi
c85ec3b4 CS	121	boot_mesg "Setting OpenVPN Rules if enabled"
c85ec3b4 CS	122	/etc/rc.d/init.d/firewall startovpn; evaluate_retval
bf7c473f	123	fi
9c16cd92	124	fi
13211b21	125
3ffee04b CS	126	boot_mesg "Setting OpenVPN if enabled"
	127	/usr/local/bin/openvpnctrl -s; evaluate_retval
	128
c85ec3b4	129	boot_mesg "Starting Snort if enabled"
4e17adad	130	/etc/rc.d/init.d/snort start; evaluate_retval
406f019f	131	;;
3fd5feeb MT	132
3fd5feeb MT	133	stop)
406f019f MT	134	# Stopping interfaces...
406f019f MT	135	# GREEN
37263bc1 MT	136	if [ "$green" == "1" ]; then
	137	name=green /etc/rc.d/init.d/net/ifdown
	138	fi
406f019f MT	139
406f019f MT	140	# BLUE
37263bc1	141	if [ "$blue" == "1" ]; then
6be4dd24	142	if [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
37263bc1 MT	143	name=blue /etc/rc.d/init.d/net/ifdown
37263bc1 MT	144	fi
406f019f MT	145	fi
	146
	147	# ORANGE
37263bc1	148	if [ "$orange" == "1" ]; then
6be4dd24	149	if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ]; then
37263bc1 MT	150	name=orange /etc/rc.d/init.d/net/ifdown
37263bc1 MT	151	fi
406f019f MT	152	fi
	153
	154	# RED
37263bc1	155	if [ "$red" == "1" ]; then
6be4dd24	156	if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
37263bc1	157	name=red /etc/rc.d/init.d/net/ifdown
c85ec3b4 CS	158	boot_mesg "Deleting OpenVPN Rules if enabled"
c85ec3b4 CS	159	/etc/rc.d/init.d/firewall stopovpn; evaluate_retval
37263bc1	160	fi
406f019f	161	fi
13211b21	162
3ffee04b CS	163	boot_mesg "Stopping OpenVPN if enabled"
	164	/usr/local/bin/openvpnctrl -k; evaluate_retval
	165
c85ec3b4	166	boot_mesg "Stopping Snort if enabled"
4e17adad	167	/etc/rc.d/init.d/snort stop; evaluate_retval
3fd5feeb MT	168	;;
	169
	170	restart)
37263bc1 MT	171	for i in green red blue orange; do
	172	if [ "${!i}" == "1" ]; then
	173	ARGS+=" ${i}"
	174	fi
	175	done
	176	${0} stop ${ARGS}
3fd5feeb	177	sleep 1
37263bc1	178	${0} start ${ARGS}
3fd5feeb MT	179	;;
	180
	181	*)
	182	echo "Usage: ${0} {start\|stop\|restart}"
	183	exit 1
	184	;;
	185	esac
	186
	187	# End /etc/rc.d/init.d/network