Commit Graph

43 Commits

Author SHA1 Message Date
christos 8d1054dc70 revert previous; luke and matt want this as a separate script. 2003-01-09 15:52:58 +00:00
christos 22aa10c0a0 Add /etc/route.conf processing to add static routes. Removes one more
reason for netstart.local.
2003-01-09 15:12:47 +00:00
tron 2005231632 Revert last change for now. It causes hangs during system shutdown when
NFS filesystems are mounted.
2003-01-07 08:41:55 +00:00
tron 74efbb051c Add keyword "shutdown" so that this script is really executed on system
shutdown to delete clone interfaces.
2003-01-06 10:11:14 +00:00
tron 6e40068171 Automatically create and destroy cloning interfaces and sync IP Filter
immediately afterwards before bringing the interface up. This avoids
a small security gap existing in the previous scheme where IP Filter
was synced after all cloning interfaces were created and brought up.
2002-10-05 05:24:40 +00:00
tron a3ed40ee7c Sync ipf(4) after starting or stopping. This is necesarry to make filter
rules for dynamically created interfaces like pppoe(4) effective.
2002-05-04 13:53:02 +00:00
lukem 25bdefc720 don't bother warning or supporting obsolete $ip6forwarding;
postinstall now checks for this
2002-04-29 12:13:14 +00:00
lukem 88eb34e804 clean up warning 2002-03-27 07:37:56 +00:00
sommerfeld 626f81690e Improve information density of output -- add the dozen -reject routes
with "route -q" since they are always the same and convey no useful
information.

While we're here, use sysctl -qw instead of sysctl -w >/dev/null
2002-03-24 17:58:21 +00:00
thorpej 96776149fc Correct the "direction" of the barrier dependencies (DAEMON, LOGIN,
NETWORKING, and SERVERS) by specifying that certain things should
come BEFORE a given barrier, rather than having the barrier REQUIRE
a service.  This allows scripts to be removed without having to
edit the barrier dependencies.

As discussed on tech-userlevel, and approved by Luke.
2002-03-22 04:33:57 +00:00
wiz a9356936b4 seperate -> separate 2001-07-22 13:33:58 +00:00
lukem 458d1a2516 After itojun's recent RTF_CLONED and other changes, it's not necessary to
add a route from an alias address to 127.0.0.1, so remove that code.
It's still necessary to configure lo0 -> 127.0.0.1 though, so emphasize that.
2001-07-08 07:16:00 +00:00
itojun 5c34a310c2 comment correction: 127/8 must not leave the node (RFC1122) 2001-03-02 03:07:29 +00:00
itojun 7de2724c3a move IPv6 mode/route configuration upwards, so that !rtsol in
/etc/ifconfig.* is meaningful.
2001-01-13 13:26:36 +00:00
itojun 3711020b5c extend /etc/ifconfig.xxN, for comment lines (#) and shell script
fragment (!).  inspired by openbsd /etc/hostname.xxN.
2001-01-11 17:56:16 +00:00
itojun 6c348b2e2e add $ip6sitelocal, to control installation of reject route for fec0::/10. 2001-01-03 17:54:04 +00:00
nisimura 46d6b5a7cd More cautious about undefined hostname check in terms of what hostname(1)
returns.
2000-11-26 06:46:42 +00:00
nisimura 7fecedd930 I believe in that the facy nested quotes was intended to skip blank
lines, but am not sure it is allowed as a standard practice of the
/etc/ifconfig.xxN file.
2000-11-22 04:20:04 +00:00
wiz f457c2158d un-break. 2000-11-21 16:12:48 +00:00
lukem f8ea339f55 minor typo in previous 2000-11-21 09:59:02 +00:00
nisimura fa16d69a56 Shell programming police for sophistication; take #2. Handle the
case when the filename expansion results in no match more gracefully.
Far less costy than invoking a new process.
2000-11-21 09:38:06 +00:00
nisimura f412f76212 Shell programming police for sophistication. It's not necessary
to enclose `prog` backquote command substitution with double quotes
as it produces a quoted string.  Other changes are pending this time.
2000-11-21 08:39:50 +00:00
lukem 616bd9bad1 - replace `IFS='.'; set -- $int; echo $2` with ${int##*.}
- can't use $configured_interfaces in network_stop(), so use `ifconfig -lu`
  instead
2000-11-17 04:19:06 +00:00
nisimura e4d2a57704 - avoid -a or -o logical operator of test command as possible. They would
introduce syntaxical ambiguousity, and having concatenation with && or
  || costs nothing because our sh(1) has test(1) builtin.
- use elif construct to avoid dungling else-ifs.
- while-read construct does not need enclosed by a sub-shell.
- variable detection could be done in eval args=\$ifconfig_$int
- smart variable substitution occationally saves lines and extra command
  invocations.
2000-10-09 05:02:14 +00:00
lukem 3f5134ff22 REQUIRE ipfilter and ipsec 2000-08-21 23:35:20 +00:00
itojun e9b5e5d87c fix comment on DAD wait 2000-08-02 13:59:11 +00:00
itojun 8451f00774 we need to sleep for IPv6 DAD period, before and after rtsol.
(they are for stability in boot-time configuration)
comment from perry.
2000-08-01 20:49:11 +00:00
jdolecek 1bf05ae3b1 the format without netmask is supported for compatibility only and not
specifying it is discouradged, actually
also add comments about this fact to etc/rc.d/network, for people who
don't read manpages :)
2000-07-25 18:47:28 +00:00
thorpej f5e99478c8 Build a list of cloning network interfaces to configure, as well
as normal interfaces.
2000-07-20 19:43:10 +00:00
lukem 47a3878257 reenable stop_cmd now that network doesn't get run at shutdown 2000-07-17 15:25:42 +00:00
itojun c60ddc2403 remove ip6defaultif configuration. because:
- ndp is in /usr/sbin, chokes on NFS-mounted /usr installation
- the option is just for IPv6 specification geek, not for normal users
2000-06-20 16:48:14 +00:00
enami 295358cfe1 Don't warn that $hostname isn't set if the hostname is already set. 2000-06-20 08:34:33 +00:00
lukem 5c1b0ec207 Use load_rc_config() (from rc.subr) instead of sourcing /etc/rc.conf.
This allows us or a user to change the configuration file method in
one place - rc.subr - without having to edit all of the rc.d/* files.
2000-05-13 08:45:06 +00:00
itojun 4bc21c2fb4 do not let 127.0.0.0/8 leave the node. based on RFC1122. 2000-05-09 10:49:26 +00:00
veego 63f94fabf2 Fix the last change so it doesn't fail due too a missing '; then'. 2000-04-29 06:01:08 +00:00
thorpej 7a38ab7c44 Don't warn about $hostname not being set if $dhclient == YES; it's quite
likely that we'll be getting the hostname via DHCP when it runs.
2000-04-28 00:13:39 +00:00
itojun 3fff16ff47 rtsol is not a daemon. rtsol.d should have been killed by rc.d/rtsold.
(correct me if i'm wrong)
2000-04-20 02:12:04 +00:00
lukem 2665e61925 make `stop' a no-op, so that the network doesn't disappear at an
inconvenient time during boot.

this may be fixed a different way in the long term...  (not that the old
rc.shutdown supported stopping the network, or could i really see a
practical use for allowing it at this stage, but in the future someone
might want the functionality i've just disabled).
2000-04-11 05:03:24 +00:00
tsarna 163510ecf4 The file /etc/sysctl.conf is now run with sysctl -f at boot time.
This replaces the previous /etc/rc.d/sysctl. Also, the variables are now
set earlier, between ipf/ipnat and the network coming up.

The rc.conf defcorename and securelevel variables are no more. You can
set them directly in sysctl.conf now.
2000-04-08 23:02:53 +00:00
itojun 0a94c72b0f correct reject route installations for IPv6. improve comments. 2000-03-17 17:41:01 +00:00
itojun deaf45edc1 disallow packets to malicious 6to4 prefix, based on
http://playground.iijlab.net/i-d/draft-itojun-ipv6-transition-abuse-00.txt
2000-03-12 04:21:26 +00:00
veego bfa0f14ea6 Fix the network_stop function so it doesn't fails due to missing ]['s. 2000-03-11 20:13:42 +00:00
lukem c53094a738 rc.d scripts derived from /etc/rc 2000-03-10 11:53:23 +00:00