[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: perl scripts during system boot?

Marc Haber wrote:
> On Sun, 04 Jul 1999 12:46:39 -0700, you wrote:
> >Marc Haber wrote:
> >> I am currently hacking ipmasq to be a more versatile and flexible tool
> >> for firewall configuration. Over the time, doing this in bash has
> >> become something of a pain.
> >
> >As the maintainer of ipmasq, I can certainly appreciate your pain.  I
> >just love how the bash documentation doesn't tell you what shell
> >constructs are bashisms and which are POSIX sh.  (Or at least, I haven't
> >figured it out...)
> I don't bother about this and freely use bashisms.

The idea is to support non-bash /bin/sh's (usually ash, for those who
prefer not to use the resource hog we know and love as bash...)

> >I wouldn't worry about this.  ipmasq currently uses sort and cut, which
> >are both in /usr/bin.
> You have a point. I forgot about the ipmasq script itself ;-)
> What's the point in putting ipmasq itself to /sbin then if it won't
> run without /usr? IMO, it is pointless to have executeables in /bin
> and /sbin which won't run without /usr.

it's location in /sbin is an artifact from the 2.x days (a time when I
didn't use sort or cut).
> >  The ipmasq init script runs just after local
> >filesystems are mounted.
> So you didn't take into account systems that nfs-mount /usr?

Oops... ipmasq currently runs at 41 during boot, while mountnfs.sh runs
at 45.  ipmasq really should run at 46.  Feel free to file a bug.  (The
location at 41 put it just after the network coming up at 40.)
> >> Do I have any other options besides continuing to write shell scripts
> >> or using full-blown compiled C code?
> >
> >Whatever you come up with, I will appreciate your input.
> There are a number of wishlist bugs open against ipmasq since a few
> weeks ;-)

Believe me, I know... ;)
> >I would
> >prefer, however, that whatever solution you come up with, it be
> >backwards compatible to the 3.1+ ipmasqs.
> The ipmasq script itself was almost untouched. However, there is not
> much left of your original rules ;-)

If it still works out of the box for the simple setup (one external
interface having the default route) I'll be happy.
> And btw, I ditched ipfwadm for the development time. Maybe it might be
> possible to re-add that support after I got my system working, but
> right at the moment it's ipchains only. So I feel that "my" version
> won't probably be Debian-ready until a 2.2 kernel is default.

Currently, the ipchains stuff was derived rule-for-rule from the ipfwadm
stuff.  Assuming youo're not doing anything that's blatantly
ipchains-only, I don't see too many problems.
> Do you plan to drop ipfwadm support at some time?

Not until after Debian drops the 2.0 kernel-image/kernel-source
packages, and then I'm not sure if I'll drop it after that.  (A 2.0
kernel may run more efficiently than a 2.2 under a low powered box that
might be forced into the masq gateway role.)

Reply to: