19c600e7dSMatthew Dillon#!/bin/sh 29c600e7dSMatthew Dillon# 39c600e7dSMatthew Dillon# Configure routing and miscellaneous network tunables 49c600e7dSMatthew Dillon# 59c600e7dSMatthew Dillon# $FreeBSD: src/etc/rc.d/routing,v 1.138 2003/06/29 17:59:09 mtm Exp $ 69c600e7dSMatthew Dillon# 79c600e7dSMatthew Dillon 89c600e7dSMatthew Dillon# PROVIDE: routing 9d9d67b59SSascha Wildner# REQUIRE: netif ppp 10*ce083385SAaron LI# BEFORE: NETWORKING 119c600e7dSMatthew Dillon 129c600e7dSMatthew Dillon. /etc/rc.subr 139c600e7dSMatthew Dillon 149c600e7dSMatthew Dillonname="routing" 159c600e7dSMatthew Dillonstart_cmd="routing_start" 169c600e7dSMatthew Dillonstop_cmd="routing_stop" 17c35a3f16SSepherosa Ziehauextra_commands="options static change" 189c600e7dSMatthew Dillonstatic_cmd="static_start" 19c35a3f16SSepherosa Ziehauchange_cmd="change_start" 209c600e7dSMatthew Dillonoptions_cmd="options_start" 219c600e7dSMatthew Dillon 229c600e7dSMatthew Dillonrouting_start() 239c600e7dSMatthew Dillon{ 249c600e7dSMatthew Dillon static_start 25c35a3f16SSepherosa Ziehau change_start 269c600e7dSMatthew Dillon options_start 279c600e7dSMatthew Dillon} 289c600e7dSMatthew Dillon 299c600e7dSMatthew Dillonrouting_stop() 309c600e7dSMatthew Dillon{ 319c600e7dSMatthew Dillon route -n flush 329c600e7dSMatthew Dillon} 339c600e7dSMatthew Dillon 349c600e7dSMatthew Dillonstatic_start() 359c600e7dSMatthew Dillon{ 369c600e7dSMatthew Dillon case ${defaultrouter} in 379c600e7dSMatthew Dillon [Nn][Oo] | '') 389c600e7dSMatthew Dillon ;; 399c600e7dSMatthew Dillon *) 409c600e7dSMatthew Dillon static_routes="default ${static_routes}" 419c600e7dSMatthew Dillon route_default="default ${defaultrouter}" 429c600e7dSMatthew Dillon ;; 439c600e7dSMatthew Dillon esac 449c600e7dSMatthew Dillon 459c600e7dSMatthew Dillon # Setup static routes. This should be done before router discovery. 469c600e7dSMatthew Dillon # 479c600e7dSMatthew Dillon if [ -n "${static_routes}" ]; then 489c600e7dSMatthew Dillon for i in ${static_routes}; do 499c600e7dSMatthew Dillon eval route_args=\$route_${i} 509c600e7dSMatthew Dillon route add ${route_args} 519c600e7dSMatthew Dillon done 529c600e7dSMatthew Dillon fi 539c600e7dSMatthew Dillon} 549c600e7dSMatthew Dillon 55c35a3f16SSepherosa Ziehauchange_start() 56c35a3f16SSepherosa Ziehau{ 57c35a3f16SSepherosa Ziehau # Change routes. This should be done before router discovery. 58c35a3f16SSepherosa Ziehau # 59c35a3f16SSepherosa Ziehau if [ -n "${change_routes}" ]; then 60c35a3f16SSepherosa Ziehau for i in ${change_routes}; do 61c35a3f16SSepherosa Ziehau eval route_args=\$change_route_${i} 62c35a3f16SSepherosa Ziehau route change ${route_args} 63c35a3f16SSepherosa Ziehau done 64c35a3f16SSepherosa Ziehau fi 65c35a3f16SSepherosa Ziehau} 66c35a3f16SSepherosa Ziehau 679c600e7dSMatthew Dillonoptions_start() 689c600e7dSMatthew Dillon{ 699c600e7dSMatthew Dillon echo -n 'Additional routing options:' 709c600e7dSMatthew Dillon case ${tcp_extensions} in 719c600e7dSMatthew Dillon [Yy][Ee][Ss] | '') 729c600e7dSMatthew Dillon ;; 739c600e7dSMatthew Dillon *) 749c600e7dSMatthew Dillon echo -n ' tcp extensions=NO' 75b0a4258dSAaron LI ${SYSCTL_W} net.inet.tcp.rfc1323=0 >/dev/null 769c600e7dSMatthew Dillon ;; 779c600e7dSMatthew Dillon esac 789c600e7dSMatthew Dillon 799c600e7dSMatthew Dillon case ${icmp_bmcastecho} in 809c600e7dSMatthew Dillon [Yy][Ee][Ss]) 819c600e7dSMatthew Dillon echo -n ' broadcast ping responses=YES' 82b0a4258dSAaron LI ${SYSCTL_W} net.inet.icmp.bmcastecho=1 >/dev/null 839c600e7dSMatthew Dillon ;; 849c600e7dSMatthew Dillon esac 859c600e7dSMatthew Dillon 869c600e7dSMatthew Dillon case ${icmp_drop_redirect} in 879c600e7dSMatthew Dillon [Yy][Ee][Ss]) 889c600e7dSMatthew Dillon echo -n ' ignore ICMP redirect=YES' 89b0a4258dSAaron LI ${SYSCTL_W} net.inet.icmp.drop_redirect=1 >/dev/null 909c600e7dSMatthew Dillon ;; 919c600e7dSMatthew Dillon esac 929c600e7dSMatthew Dillon 939c600e7dSMatthew Dillon case ${icmp_log_redirect} in 949c600e7dSMatthew Dillon [Yy][Ee][Ss]) 959c600e7dSMatthew Dillon echo -n ' log ICMP redirect=YES' 96b0a4258dSAaron LI ${SYSCTL_W} net.inet.icmp.log_redirect=1 >/dev/null 979c600e7dSMatthew Dillon ;; 989c600e7dSMatthew Dillon esac 999c600e7dSMatthew Dillon 1009c600e7dSMatthew Dillon case ${gateway_enable} in 1019c600e7dSMatthew Dillon [Yy][Ee][Ss]) 1029c600e7dSMatthew Dillon echo -n ' IP gateway=YES' 103b0a4258dSAaron LI ${SYSCTL_W} net.inet.ip.forwarding=1 >/dev/null 1049c600e7dSMatthew Dillon ;; 1059c600e7dSMatthew Dillon esac 1069c600e7dSMatthew Dillon 1079c600e7dSMatthew Dillon case ${forward_sourceroute} in 1089c600e7dSMatthew Dillon [Yy][Ee][Ss]) 1099c600e7dSMatthew Dillon echo -n ' do source routing=YES' 110b0a4258dSAaron LI ${SYSCTL_W} net.inet.ip.sourceroute=1 >/dev/null 1119c600e7dSMatthew Dillon ;; 1129c600e7dSMatthew Dillon esac 1139c600e7dSMatthew Dillon 1149c600e7dSMatthew Dillon case ${accept_sourceroute} in 1159c600e7dSMatthew Dillon [Yy][Ee][Ss]) 1169c600e7dSMatthew Dillon echo -n ' accept source routing=YES' 117b0a4258dSAaron LI ${SYSCTL_W} net.inet.ip.accept_sourceroute=1 >/dev/null 1189c600e7dSMatthew Dillon ;; 1199c600e7dSMatthew Dillon esac 1209c600e7dSMatthew Dillon 1219c600e7dSMatthew Dillon case ${tcp_keepalive} in 1229c600e7dSMatthew Dillon [Nn][Oo]) 1239c600e7dSMatthew Dillon echo -n ' TCP keepalive=NO' 124b0a4258dSAaron LI ${SYSCTL_W} net.inet.tcp.always_keepalive=0 >/dev/null 1259c600e7dSMatthew Dillon ;; 1269c600e7dSMatthew Dillon esac 1279c600e7dSMatthew Dillon 1289c600e7dSMatthew Dillon case ${tcp_drop_synfin} in 1299c600e7dSMatthew Dillon [Yy][Ee][Ss]) 1309c600e7dSMatthew Dillon echo -n ' drop SYN+FIN packets=YES' 131b0a4258dSAaron LI ${SYSCTL_W} net.inet.tcp.drop_synfin=1 >/dev/null 1329c600e7dSMatthew Dillon ;; 1339c600e7dSMatthew Dillon esac 1349c600e7dSMatthew Dillon 1359c600e7dSMatthew Dillon case ${arpproxy_all} in 1369c600e7dSMatthew Dillon [Yy][Ee][Ss]) 1379c600e7dSMatthew Dillon echo -n ' ARP proxyall=YES' 138b0a4258dSAaron LI ${SYSCTL_W} net.link.ether.inet.proxyall=1 >/dev/null 1399c600e7dSMatthew Dillon ;; 1409c600e7dSMatthew Dillon esac 1419c600e7dSMatthew Dillon 1429c600e7dSMatthew Dillon case ${ip_portrange_first} in 1439c600e7dSMatthew Dillon [Nn][Oo] | '') 1449c600e7dSMatthew Dillon ;; 1459c600e7dSMatthew Dillon *) 1469c600e7dSMatthew Dillon echo -n " ip_portrange_first=$ip_portrange_first" 147b0a4258dSAaron LI ${SYSCTL_W} net.inet.ip.portrange.first=$ip_portrange_first >/dev/null 1489c600e7dSMatthew Dillon ;; 1499c600e7dSMatthew Dillon esac 1509c600e7dSMatthew Dillon 1519c600e7dSMatthew Dillon case ${ip_portrange_last} in 1529c600e7dSMatthew Dillon [Nn][Oo] | '') 1539c600e7dSMatthew Dillon ;; 1549c600e7dSMatthew Dillon *) 1559c600e7dSMatthew Dillon echo -n " ip_portrange_last=$ip_portrange_last" 156b0a4258dSAaron LI ${SYSCTL_W} net.inet.ip.portrange.last=$ip_portrange_last >/dev/null 1579c600e7dSMatthew Dillon ;; 1589c600e7dSMatthew Dillon esac 1599c600e7dSMatthew Dillon 1609c600e7dSMatthew Dillon echo '.' 1619c600e7dSMatthew Dillon} 1629c600e7dSMatthew Dillon 1639c600e7dSMatthew Dillonload_rc_config $name 1649c600e7dSMatthew Dillonrun_rc_command "$1" 165