#
# Description : Network Control Script
#
-# Authors : Michael Tremer - m.s.tremer@googlemail.com
+# Authors : Michael Tremer - mitch@ipfire.org
#
# Version : 01.00
#
. /etc/sysconfig/rc
. ${rc_functions}
eval $(/usr/local/bin/readhash /var/ipfire/ethernet/settings)
-eval $(/usr/local/bin/readhash /var/ipfire/dhcp/settings)
-eval $(/usr/local/bin/readhash /var/ipfire/ppp/settings)
-eval $(/usr/local/bin/readhash /var/ipfire/vpn/settings)
-case "${1}" in
- start)
- boot_mesg "Loading iptables helper modules"
- modprobe iptable_nat || failed=1
- modprobe ip_conntrack || failed=1
- modprobe ip_conntrack_ftp || failed=1
- modprobe ip_nat_ftp || failed=1
- modprobe ip_conntrack_h323 || failed=1
- modprobe ip_nat_h323 || failed=1
- modprobe ip_conntrack_irc || failed=1
- modprobe ip_nat_irc || failed=1
- modprobe ip_conntrack_mms || failed=1
- modprobe ip_nat_mms || failed=1
- modprobe ip_conntrack_pptp || failed=1
- modprobe ip_nat_pptp || failed=1
- modprobe ip_conntrack_sip || failed=1
- modprobe ip_nat_sip || failed=1
- (exit ${failed})
- evaluate_retval
-
- # Remove possible leftover files
- rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
-
- boot_mesg "Setting up IPFire firewall rules"
- /etc/rc.d/init.d/firewall start; evaluate_retval
-
- boot_mesg "Setting up IP Accounting"
- /etc/rc.d/helper/writeipac.pl || failed=1
- /usr/sbin/fetchipac -S || failed=1
- (exit ${failed})
- evaluate_retval
-
- boot_mesg "Setting IPFire DMZ pinholes"
- /usr/local/bin/setdmzholes; evaluate_retval
-
- if [ "$CONFIG_TYPE" = "4" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then
- boot_mesg "Setting up wireless firewall rules"
- /usr/local/bin/restartwireless; evaluate_retval
+init_networking() {
+ boot_mesg "Loading firewall modules into the kernel"
+ modprobe iptable_nat || failed=1
+ for i in $(find /lib/modules/$(uname -r) -name nf_conntrack*); do
+ modprobe $(basename $i | cut -d. -f1) || failed=1
+ done
+ for i in $(find /lib/modules/$(uname -r) -name nf_nat*); do
+ modprobe $(basename $i | cut -d. -f1) || failed=1
+ done
+ (exit ${failed})
+ evaluate_retval
+
+ # Enable netfilter accounting
+ sysctl net.netfilter.nf_conntrack_acct=1 > /dev/null
+
+ if [ -e /var/ipfire/main/disable_nf_sip ]; then
+ rmmod nf_nat_sip
+ rmmod nf_conntrack_sip
+ rmmod nf_nat_h323
+ rmmod nf_conntrack_h323
+ fi
+
+ boot_mesg "Setting up firewall"
+ /etc/rc.d/init.d/firewall start; evaluate_retval
+
+ /etc/rc.d/init.d/dnsmasq start
+ /etc/rc.d/init.d/static-routes start
+}
+
+DO="${1}"
+shift
+
+if [ -n "${1}" ]; then
+ ALL=0
+ for i in green red blue orange; do
+ eval "${i}=0"
+ done
+else
+ ALL=1
+ for i in green red blue orange; do
+ eval "${i}=1"
+ done
+fi
+
+while [ ! $# = 0 ]; do
+ for i in green red blue orange; do
+ if [ "${i}" == "${1}" ]; then
+ eval "${i}=1"
+ shift
fi
-
+ done
+done
+
+case "${DO}" in
+ start)
+ [ "${ALL}" == "1" ] && init_networking
+
# Starting interfaces...
# GREEN
- name=green /etc/rc.d/init.d/net/ifup
-
+ [ "$green" == "1" ] && /etc/rc.d/init.d/networking/green start
+
# BLUE
- if [ "$CONFIG_TYPE" = "4" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then
- name=blue /etc/rc.d/init.d/net/ifup
- fi
-
+ [ "$blue" == "1" ] && [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ] && \
+ /etc/rc.d/init.d/networking/blue start
+
# ORANGE
- if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "5" -o "$CONFIG_TYPE" = "7" ]; then
- name=orange /etc/rc.d/init.d/net/ifup
- fi
-
+ [ "$orange" == "1" ] && [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ] && \
+ /etc/rc.d/init.d/networking/orange start
+
# RED
- if [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "6" -o "$CONFIG_TYPE" = "7" ]; then
- name=red /etc/rc.d/init.d/net/ifup
- fi
+ if [ "$red" == "1" ]; then
+ if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
+ # Remove possible leftover files
+ rm -f /var/ipfire/red/{active,device,dial-on-demand,dns1,dns2,local-ipaddress,remote-ipaddress,resolv.conf}
+ [ "$AUTOCONNECT" == "off" ] || /etc/rc.d/init.d/networking/red start
+ fi
+ fi
+ ;;
stop)
+ # Stopping interfaces...
+ # GREEN
+ [ "$green" == "1" ] && /etc/rc.d/init.d/networking/green stop
+
+ # BLUE
+ [ "$blue" == "1" ] && [ "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ] && \
+ /etc/rc.d/init.d/networking/blue stop
+
+ # ORANGE
+ [ "$orange" == "1" ] && [ "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "4" ] && \
+ /etc/rc.d/init.d/networking/orange stop
+
+ # RED
+ if [ "$red" == "1" ]; then
+ if [ "$CONFIG_TYPE" = "1" -o "$CONFIG_TYPE" = "2" -o "$CONFIG_TYPE" = "3" -o "$CONFIG_TYPE" = "4" ]; then
+ /etc/rc.d/init.d/networking/red stop
+ fi
+ fi
+
+ # Stopping dnsmasq if network all networks shutdown
+ [ "${ALL}" == "1" ] && /etc/rc.d/init.d/dnsmasq stop
+ exit 0
;;
restart)
- ${0} stop
+ for i in green red blue orange; do
+ if [ "${!i}" == "1" ]; then
+ ARGS+=" ${i}"
+ fi
+ done
+ ${0} stop ${ARGS}
sleep 1
- ${0} start
+ ${0} start ${ARGS}
;;
*)
- echo "Usage: ${0} {start|stop|restart}"
+ echo "Usage: ${0} {start|stop|restart} [device(s)]"
exit 1
;;
esac
projects / people / teissler / ipfire-2.x.git / blobdiff