Re: perl scripts during system boot?
Marc Haber wrote:
>
> On Sun, 04 Jul 1999 12:46:39 -0700, you wrote:
> >Marc Haber wrote:
> >> I am currently hacking ipmasq to be a more versatile and flexible tool
> >> for firewall configuration. Over the time, doing this in bash has
> >> become something of a pain.
> >
> >As the maintainer of ipmasq, I can certainly appreciate your pain. I
> >just love how the bash documentation doesn't tell you what shell
> >constructs are bashisms and which are POSIX sh. (Or at least, I haven't
> >figured it out...)
>
> I don't bother about this and freely use bashisms.
The idea is to support non-bash /bin/sh's (usually ash, for those who
prefer not to use the resource hog we know and love as bash...)
> >I wouldn't worry about this. ipmasq currently uses sort and cut, which
> >are both in /usr/bin.
>
> You have a point. I forgot about the ipmasq script itself ;-)
>
> What's the point in putting ipmasq itself to /sbin then if it won't
> run without /usr? IMO, it is pointless to have executeables in /bin
> and /sbin which won't run without /usr.
it's location in /sbin is an artifact from the 2.x days (a time when I
didn't use sort or cut).
> > The ipmasq init script runs just after local
> >filesystems are mounted.
>
> So you didn't take into account systems that nfs-mount /usr?
Oops... ipmasq currently runs at 41 during boot, while mountnfs.sh runs
at 45. ipmasq really should run at 46. Feel free to file a bug. (The
location at 41 put it just after the network coming up at 40.)
> >> Do I have any other options besides continuing to write shell scripts
> >> or using full-blown compiled C code?
> >
> >Whatever you come up with, I will appreciate your input.
>
> There are a number of wishlist bugs open against ipmasq since a few
> weeks ;-)
Believe me, I know... ;)
> >I would
> >prefer, however, that whatever solution you come up with, it be
> >backwards compatible to the 3.1+ ipmasqs.
>
> The ipmasq script itself was almost untouched. However, there is not
> much left of your original rules ;-)
If it still works out of the box for the simple setup (one external
interface having the default route) I'll be happy.
> And btw, I ditched ipfwadm for the development time. Maybe it might be
> possible to re-add that support after I got my system working, but
> right at the moment it's ipchains only. So I feel that "my" version
> won't probably be Debian-ready until a 2.2 kernel is default.
Currently, the ipchains stuff was derived rule-for-rule from the ipfwadm
stuff. Assuming youo're not doing anything that's blatantly
ipchains-only, I don't see too many problems.
> Do you plan to drop ipfwadm support at some time?
Not until after Debian drops the 2.0 kernel-image/kernel-source
packages, and then I'm not sure if I'll drop it after that. (A 2.0
kernel may run more efficiently than a 2.2 under a low powered box that
might be forced into the masq gateway role.)
Brian
Reply to: