#!/bin/sh #Gröna värden=mina värden # # rc.inet2 This shell script boots up the entire network system. # Note, that when this script is used to also fire # up any important remote NFS disks (like the /usr # distribution), care must be taken to actually # have all the needed binaries online _now_ ... # # Uncomment or comment out sections depending on which # services your site requires. # # Author: Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org> # Modified for Slackware by Patrick Volkerding <volkerdi@slackware.com> # This must be running in order to mount NFS volumes. # Start the RPC portmapper: #if [ -x /sbin/rpc.portmap ]; then # echo "Starting RPC portmapper: /sbin/rpc.portmap" # /sbin/rpc.portmap #fi # Done starting the RPC portmapper. # At this point, we are ready to talk to The World... # Mount remote (NFS) filesystems: #echo "Mounting remote (NFS) file systems: /sbin/mount -a -t nfs" #/sbin/mount -a -t nfs # This may be our /usr runtime! # Show the mounted volumes: #/sbin/mount -v -t nfs # Done mounting remote (NFS) filesystems. # Mount remote (SMB) filesystems: #echo "Mounting remote (SMB) file systems: /sbin/mount -a -t smbfs" #/sbin/mount -a -t smbfs # Show the mounted volumes: #/sbin/mount -v -t smbfs # Done mounting remote (SMB) filesystems. # Start the system logger. if [ -x /etc/rc.d/rc.syslog ]; then . /etc/rc.d/rc.syslog start fi Detta är min rc.syslog # If there is a firewall script, run it before enabling packet forwarding. # See the HOWTOs on http://www.netfilter.org/ for documentation on # setting up a firewall or NAT on Linux. if [ -x /etc/rc.d/rc.firewall ]; then /etc/rc.d/rc.firewall start fi Detta är min rc.firewall # If we see IPv4 packet forwarding support in the kernel, we will turn it on. # This was the default for 2.0.x kernels, but with newer kernels it must be # activated through a file in /proc. IPv4 packet forwarding support is # required if you plan to use your Linux machine as a router or firewall. # If you don't want your Linux machine to forward packets, change the 1 below # to a 0. IPV4_FORWARD=0 if [ -f /proc/sys/net/ipv4/ip_forward ]; then if [ "$IPV4_FORWARD" = "1" ]; then echo "Activating IPv4 packet forwarding." echo 1 > /proc/sys/net/ipv4/ip_forward else echo "Disabling IPv4 packet forwarding." echo 0 > /proc/sys/net/ipv4/ip_forward fi fi # When using IPv4 packet forwarding, you will also get the rp_filter, which # automatically rejects incoming packets if the routing table entry for their # source address doesn't match the network interface they're arriving on. This # has security advantages because it prevents the so-called IP spoofing, # however it can pose problems if you use asymmetric routing (packets from you # to a host take a different path than packets from that host to you) or if # you operate a non-routing host which has several IP addresses on different # interfaces. To turn rp_filter off, uncomment the lines below: # if [ -r /proc/sys/net/ipv4/conf/all/rp_filter ]; then # echo "Disabling rp_filter." # echo 0 > /proc/sys/net/ipv4/conf/all/rp_filter # fi # Start the inetd server: #if [ -x /usr/sbin/inetd ]; then # echo "Starting Internet super-server daemon: /usr/sbin/inetd" # /usr/sbin/inetd #else # echo "WARNING: /usr/sbin/inetd not found." #fi # Done starting the inetd meta-server. # Start the OpenSSH SSH daemon: #if [ -x /etc/rc.d/rc.sshd ]; then # echo "Starting OpenSSH SSH daemon: /usr/sbin/sshd" # /etc/rc.d/rc.sshd start #fi # Done starting the OpenSSH SSH daemon: # # Start the BIND name server daemon: # # # Option number one: Start the NAMED/BIND name server as root. # # Note that BIND has a somewhat spotty history in terms of security, # # but they recommend running it as root, and if you don't, not all # # the features (especially when attached to a dynamic IP such as # # through PPP) will neccessary work correctly). # if [ -x /usr/sbin/named ]; then # echo "Starting BIND: /usr/sbin/named" # /usr/sbin/named # fi # # Done starting the BIND server using option #1. # # # Start the BIND name server daemon: # # Option number two: Start the NAMED/BIND name server as user daemon. # # This is another way to start BIND for the more paranoid. By starting it as # # user daemon, if there does turn out to be a vulnerability, the attacker can # # at best gain user deamon access to your machine, which is a considerably # # better situation than if they gain root access. Note that for this option # # to work at all, you'll need to change the ownership of the directory # # /var/named to daemon like this: chown -R daemon /var/named # # If you don't have this directory, you'll have to make it first. # # It may also be necessary to do this: chown -R daemon /var/run/named # # Also, for the *really* paranoid, you can read this document for # # instructions on running BIND in a "chroot jail": # # /usr/doc/Linux-HOWTOs/Chroot-BIND-HOWTO # if [ -x /usr/sbin/named ]; then # echo "Starting BIND: /usr/sbin/named -u daemon" # /usr/sbin/named -u daemon # fi # # Done starting the BIND server using option #2. # # Start the network routing daemon: # if [ -x /usr/sbin/routed ]; then # echo "Starting network routing daemon: /usr/sbin/routed" # /usr/sbin/routed -g -s # fi # # Done starting the network routing daemon. # # Start the system status server: # if [ -x /usr/sbin/rwhod ]; then # echo "Starting system status server: /usr/sbin/rwhod" # /usr/sbin/rwhod # fi # # Done starting the system status server. # Start NIS (the Network Information Service): #if [ -x /etc/rc.d/rc.yp ]; then # . /etc/rc.d/rc.yp start #fi # Start the NFS server. Note that for this to work correctly, you'll # need to load the knfsd module for kernel NFS server support. # You'll also need to set up some shares in /etc/exports. # Starting the NFS server: #if [ -x /etc/rc.d/rc.nfsd ]; then # /etc/rc.d/rc.nfsd start #fi # Done starting the NFS server. # # Fire up the PC-NFS daemon(s). This is a primarily obsolete system, and may # # not be very secure. It's not at all needed for normal NFS server support. # # You probably should not run this. # if [ -x /usr/sbin/rpc.pcnfsd ]; then # echo "Starting PC-NFS daemons: /usr/sbin/rpc.pcnfsd /usr/sbin/rpc.bwnfsd" # /usr/sbin/rpc.pcnfsd /var/spool/lpd # fi # if [ -x /usr/sbin/rpc.bwnfsd ]; then # /usr/sbin/rpc.bwnfsd /var/spool/lpd # fi # # Done firing up the PC-NFS daemons.