#!/bin/sh
#Gröna värden=mina värden
#
# rc.inet2 This shell script boots up the entire network system.
# Note, that when this script is used to also fire
# up any important remote NFS disks (like the /usr
# distribution), care must be taken to actually
# have all the needed binaries online _now_ ...
#
# Uncomment or comment out sections depending on which
# services your site requires.
#
# Author: Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org>
# Modified for Slackware by Patrick Volkerding <volkerdi@slackware.com>
# This must be running in order to mount NFS volumes.
# Start the RPC portmapper:
#if [ -x /sbin/rpc.portmap ]; then
# echo "Starting RPC portmapper: /sbin/rpc.portmap"
# /sbin/rpc.portmap
#fi
# Done starting the RPC portmapper.
# At this point, we are ready to talk to The World...
# Mount remote (NFS) filesystems:
#echo "Mounting remote (NFS) file systems: /sbin/mount -a -t nfs"
#/sbin/mount -a -t nfs # This may be our /usr runtime!
# Show the mounted volumes:
#/sbin/mount -v -t nfs
# Done mounting remote (NFS) filesystems.
# Mount remote (SMB) filesystems:
#echo "Mounting remote (SMB) file systems: /sbin/mount -a -t smbfs"
#/sbin/mount -a -t smbfs
# Show the mounted volumes:
#/sbin/mount -v -t smbfs
# Done mounting remote (SMB) filesystems.
# Start the system logger.
if [ -x /etc/rc.d/rc.syslog ]; then
. /etc/rc.d/rc.syslog start
fi
Detta är min rc.syslog
# If there is a firewall script, run it before enabling packet forwarding.
# See the HOWTOs on http://www.netfilter.org/ for documentation on
# setting up a firewall or NAT on Linux.
if [ -x /etc/rc.d/rc.firewall ]; then
/etc/rc.d/rc.firewall start
fi
Detta är min rc.firewall
# If we see IPv4 packet forwarding support in the kernel, we will turn it on.
# This was the default for 2.0.x kernels, but with newer kernels it must be
# activated through a file in /proc. IPv4 packet forwarding support is
# required if you plan to use your Linux machine as a router or firewall.
# If you don't want your Linux machine to forward packets, change the 1 below
# to a 0.
IPV4_FORWARD=0
if [ -f /proc/sys/net/ipv4/ip_forward ]; then
if [ "$IPV4_FORWARD" = "1" ]; then
echo "Activating IPv4 packet forwarding."
echo 1 > /proc/sys/net/ipv4/ip_forward
else
echo "Disabling IPv4 packet forwarding."
echo 0 > /proc/sys/net/ipv4/ip_forward
fi
fi
# When using IPv4 packet forwarding, you will also get the rp_filter, which
# automatically rejects incoming packets if the routing table entry for their
# source address doesn't match the network interface they're arriving on. This
# has security advantages because it prevents the so-called IP spoofing,
# however it can pose problems if you use asymmetric routing (packets from you
# to a host take a different path than packets from that host to you) or if
# you operate a non-routing host which has several IP addresses on different
# interfaces. To turn rp_filter off, uncomment the lines below:
# if [ -r /proc/sys/net/ipv4/conf/all/rp_filter ]; then
# echo "Disabling rp_filter."
# echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter
# fi
# Start the inetd server:
#if [ -x /usr/sbin/inetd ]; then
# echo "Starting Internet super-server daemon: /usr/sbin/inetd"
# /usr/sbin/inetd
#else
# echo "WARNING: /usr/sbin/inetd not found."
#fi
# Done starting the inetd meta-server.
# Start the OpenSSH SSH daemon:
#if [ -x /etc/rc.d/rc.sshd ]; then
# echo "Starting OpenSSH SSH daemon: /usr/sbin/sshd"
# /etc/rc.d/rc.sshd start
#fi
# Done starting the OpenSSH SSH daemon:
# # Start the BIND name server daemon:
#
# # Option number one: Start the NAMED/BIND name server as root.
# # Note that BIND has a somewhat spotty history in terms of security,
# # but they recommend running it as root, and if you don't, not all
# # the features (especially when attached to a dynamic IP such as
# # through PPP) will neccessary work correctly).
# if [ -x /usr/sbin/named ]; then
# echo "Starting BIND: /usr/sbin/named"
# /usr/sbin/named
# fi
# # Done starting the BIND server using option #1.
#
# # Start the BIND name server daemon:
# # Option number two: Start the NAMED/BIND name server as user daemon.
# # This is another way to start BIND for the more paranoid. By starting it as
# # user daemon, if there does turn out to be a vulnerability, the attacker can
# # at best gain user deamon access to your machine, which is a considerably
# # better situation than if they gain root access. Note that for this option
# # to work at all, you'll need to change the ownership of the directory
# # /var/named to daemon like this: chown -R daemon /var/named
# # If you don't have this directory, you'll have to make it first.
# # It may also be necessary to do this: chown -R daemon /var/run/named
# # Also, for the *really* paranoid, you can read this document for
# # instructions on running BIND in a "chroot jail":
# # /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO
# if [ -x /usr/sbin/named ]; then
# echo "Starting BIND: /usr/sbin/named -u daemon"
# /usr/sbin/named -u daemon
# fi
# # Done starting the BIND server using option #2.
# # Start the network routing daemon:
# if [ -x /usr/sbin/routed ]; then
# echo "Starting network routing daemon: /usr/sbin/routed"
# /usr/sbin/routed -g -s
# fi
# # Done starting the network routing daemon.
# # Start the system status server:
# if [ -x /usr/sbin/rwhod ]; then
# echo "Starting system status server: /usr/sbin/rwhod"
# /usr/sbin/rwhod
# fi
# # Done starting the system status server.
# Start NIS (the Network Information Service):
#if [ -x /etc/rc.d/rc.yp ]; then
# . /etc/rc.d/rc.yp start
#fi
# Start the NFS server. Note that for this to work correctly, you'll
# need to load the knfsd module for kernel NFS server support.
# You'll also need to set up some shares in /etc/exports.
# Starting the NFS server:
#if [ -x /etc/rc.d/rc.nfsd ]; then
# /etc/rc.d/rc.nfsd start
#fi
# Done starting the NFS server.
# # Fire up the PC-NFS daemon(s). This is a primarily obsolete system, and may
# # not be very secure. It's not at all needed for normal NFS server support.
# # You probably should not run this.
# if [ -x /usr/sbin/rpc.pcnfsd ]; then
# echo "Starting PC-NFS daemons: /usr/sbin/rpc.pcnfsd /usr/sbin/rpc.bwnfsd"
# /usr/sbin/rpc.pcnfsd /var/spool/lpd
# fi
# if [ -x /usr/sbin/rpc.bwnfsd ]; then
# /usr/sbin/rpc.bwnfsd /var/spool/lpd
# fi
# # Done firing up the PC-NFS daemons.