#!/bin/sh # # Copyright (c) 1995, by Sun Microsystems, Inc. # All Rights Reserved # #ident "@(#)inetinit 1.30 97/05/15 SMI" # ############################################################################ # $Id: inetinit_5.6,v 1.7 2000/11/12 00:54:27 chouanar Exp $ # # Modified by: Jean Chouanard to read # /etc/yassp.conf # # ############################################################################ if [ -f /etc/yassp.conf ] ; then . /etc/yassp.conf fi # # This is the second phase of TCP/IP configuration. The first part, # run in the "/etc/rcS.d/S30rootusr.sh" script, does all configuration # necessary to mount the "/usr" filesystem via NFS. This includes configuring # the interfaces and setting the machine's hostname. The second part, # run in this script, does all configuration that can be done before # NIS or NIS+ is started. This includes configuring IP routing, # setting the NIS domainname and setting any tunable parameters. The # third part, run in a subsequent startup script, does all # configuration that may be dependent on NIS/NIS+ maps. This includes # a final re-configuration of the interfaces and starting all internet # services. # # Set TCP ISS generation. By default the ISS generation is # time + random()-delta. This might not be strong enough for some users. # # See /etc/default/inetinit for settings and further info. # Set the RFC 1948 entropy, regardless of if I'm using it or not. # # Use the encrypted root password as a source of entropy. Otherwise, # just use the pre-set (and hopefully difficult to guess) entropy that # tcp used when it loaded. encr=`awk -F: '/^root:/ {print $2}' /etc/shadow` [ -z "$encr" ] || ndd -set /dev/tcp tcp_1948_phrase $encr unset encr # Get value of TCP_STRONG_ISS [ -f /etc/default/inetinit ] && . /etc/default/inetinit # Use value of TCP_STRONG_ISS specified in /etc/default/inetinit, otherwise # use TCP's internal default setting. if [ $TCP_STRONG_ISS ]; then ndd -set /dev/tcp tcp_strong_iss $TCP_STRONG_ISS fi # # As an example, VLSM are supported. You may tweak your # static route config as, even if your 10.x.x.x network # is using a subnet smaller than 255.0.0.0 : Great! # # /usr/sbin/route add 10.1.1.0 10.a.b.d 1 -netmask 255.255.255.0 # /usr/sbin/route add 10.0.0.0 10.a.b.c 1 -netmask 255.0.0.0 # if [ "X${SUNSTARTUP}" = "XYES" ] ; then # # Configure default routers using the local "/etc/defaultrouter" # configuration file. The file can contain the hostnames or IP # addresses of one or more default routers. If hostnames are used, # each hostname must also be listed in the local "/etc/hosts" file # because NIS and NIS+ are not running at the time that this script is # run. Each router name or address is listed on a single line by # itself in the file. Anything else on that line after the router's # name or address is ignored. Lines that begin with "#" are # considered comments and ignored. # # The default routes listed in the "/etc/defaultrouter" file will # replace those added by the kernel during diskless booting. An # empty "/etc/defaultrouter" file will cause the default route # added by the kernel to be deleted. # defrouters=`/sbin/dhcpinfo Router` fi #SUNSTARTUP if [ -z "$defrouters" -a -f /etc/defaultrouter ]; then defrouters=`grep -v \^\# /etc/defaultrouter | awk '{print $1}' ` if [ -n "$defrouters" ]; then # # To support diskless operation with a "/usr" # filesystem NFS mounted from a server located on a # remote subnet, we have to be very careful about # replacing default routes. We want the default # routers listed in the "/etc/defaultrouter" file to # replace the default router added by the bootparams # protocol. But we can't have a window of time when # the system has no default routers in the process. # That would cause a deadlock since the "route" # command lives on the "/usr" filesystem. # pass=1 for router in $defrouters do if [ $pass -eq 1 ]; then /usr/sbin/route -f add default $router else /usr/sbin/route add default $router fi pass=2 done else /usr/sbin/route -f fi fi # # Set NIS domainname if locally configured. # if [ -f /etc/defaultdomain ]; then /usr/bin/domainname `cat /etc/defaultdomain` echo "NIS domainname is `/usr/bin/domainname`" fi if [ "X${SUNSTARTUP}" = "XYES" ] ; then # # Run routed/router discovery only if we don't already have a default # route installed. # if [ -z "$defrouters" ]; then # # No default routes were setup by "route" command above - check the # kernel routing table for any other default routes. # defrouters="`netstat -rn | grep default`" fi if [ -z "$defrouters" ]; then # # Determine how many active interfaces there are and how many pt-pt # interfaces. Act as a router if there are more than 2 interfaces # (including the loopback interface) or one or more point-point # interface. Also act as a router if /etc/gateways exists. # # Do NOT act as a router if /etc/notrouter exists. # Do NOT act as a router if DHCP was used to configure interface(s) # numifs=`ifconfig -au | grep inet | wc -l` numptptifs=`ifconfig -au | grep inet | egrep -e '-->' | wc -l` numdhcp=`ifconfig -a | grep DHCP | wc -l` if [ ! -f /etc/notrouter -a $numdhcp -eq 0 -a \ \( $numifs -gt 2 -o $numptptifs -gt 0 -o -f /etc/gateways \) ] then # Machine is a router: turn on ip_forwarding, run routed, # and advertise ourselves as a router using router discovery. echo "machine is a router." ndd -set /dev/ip ip_forwarding 1 if [ -f /usr/sbin/in.routed ]; then /usr/sbin/in.routed -s fi if [ -f /usr/sbin/in.rdisc ]; then /usr/sbin/in.rdisc -r fi else # Machine is a host: if router discovery finds a router then # we rely on router discovery. If there are not routers # advertising themselves through router discovery # run routed in space-saving mode. # Turn off ip_forwarding forwarding=`/sbin/dhcpinfo IpFwdF` if [ -z "$forwarding" ] then forwarding=0 fi ndd -set /dev/ip ip_forwarding $forwarding if [ -f /usr/sbin/in.rdisc ] && /usr/sbin/in.rdisc -s; then echo "starting router discovery." elif [ -f /usr/sbin/in.routed ]; then /usr/sbin/in.routed -q; echo "starting routing daemon." fi fi else forwarding=`/sbin/dhcpinfo IpFwdF` if [ -z "$forwarding" ] then forwarding=0 fi ndd -set /dev/ip ip_forwarding $forwarding fi fi #SUNSTARTUP # ******************************************************* # $Log: inetinit_5.6,v $ # Revision 1.7 2000/11/12 00:54:27 chouanar # *** empty log message *** # # Revision 1.6 2000/07/19 00:04:20 chouanar # license # # Revision 1.5 2000/07/04 17:56:59 chouanar # license # # Revision 1.4 2000/05/25 16:54:45 chouanar # rc.conf -> yassp.conf # # Revision 1.3 2000/05/21 18:26:33 chouanar # change the comments # # Revision 1.2 2000/05/21 18:26:05 chouanar # use rc.conf # # Revision 1.1 2000/03/15 21:48:24 chouanar # Initial revision # *******************************************************