Re: default route
On Sun, Jan 14, 2001 at 08:42:41PM +1100, Matt Chipman wrote:
> Thanks for all the replies everybody, the problem is still there, and
> whatever route i put in /etc/network/interfaces still doesnt apply at boot.
>
> I am thinking maybe i have to have a package installed that makes the route
> stick?? I am using a custom install of potatoe
>
> Is there something route relies on?
>
> <shrug> any ideas?
in my /etc/rcS.d/S40networking script, which is called at boot
time via inittab instructions before launching runlevels, it
starts all the net stuff automatically.
on potato (debian 2.2) the "netbase" package supplies the parts
for this. maybe (to borrow a windo~1 metaphor) if you reinstall
it? could be you inadvertently removed a file or two...?
just for completeness, attached is my /etc/init.d/networking
script that you could install via
update-rc.d networking start 40 S . stop 35 0 6 .
(i think)...
--
See, if you were allowed to keep the money, you wouldn't
create jobs with it. You'd throw it in the bushes or
something. But the government will spend it, thereby
creating jobs. -- Dave Barry
will@serensoft.com *** http://www.dontUthink.com/
volunteer to document your experience for next week's
newbies -- http://www.eGroups.com/messages/newbieDoc
#!/bin/sh
#
# start/stop networking daemons.
if ! [ -x /sbin/ifup ]; then
exit 0
fi
if [ -e /etc/network/spoof-protect ]; then
. /etc/network/spoof-protect
fi
spoofprotect_rp_filter () {
# This is the best method: turn on Source Address Verification and get
# spoof protection on all current and future interfaces.
if [ -e /proc/sys/net/ipv4/conf/all/rp_filter ]; then
for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
echo 1 > $f
done
return 0
else
return 1
fi
}
spoofprotect_ipfwadm () {
# rules for linux 2.0.x and 2.1.x (x < 102) kernels
# can't do ipfwadm based spoof protection if we don't have the appropriate
# configuration info.
if [ -z "$LOCAL_IPS" -o -z "$LOCAL_IFACES" ]; then return 1; fi
#what about 127.0.0.0/8 ?
#deny incoming packets pretending to be from our own system.
#set your own IP address below (or use `hostname -i` to set it).
if [ -e /proc/net/ip_input ]; then
# delete and re-add entry (this way we don't get duplicate entries)
for ip in $LOCAL_IPS; do
for iface in $LOCAL_IFACES; do
ipfwadm -I -d deny -o -P all -S $ip -W $iface -D 0/0 \
2>/dev/null || true
ipfwadm -I -i deny -o -P all -S $ip -W $iface -D 0/0 >/dev/null
done
done
return 0
else
return 1
fi
}
spoofprotect_ipchains () {
# rules for linux 2.1.x (x > 101) kernels
# can't do ipfwadm based spoof protection if we don't have the appropriate
# configuration info.
if [ -z "$LOCAL_IPS" ]; then return 1; fi
if [ -e /proc/net/ip_fwchains ]; then
for ip in $LOCAL_IPS; do
ipchains -D input -j DENY -l -s $ip -i ! lo 2>/dev/null || true
ipchains -A input -j DENY -l -s 127.0.0.0/8 -i ! lo
done
return 0
else
return 1
fi
}
spoofprotect () {
echo -n "Setting up IP spoofing protection: "
if spoofprotect_rp_filter; then
echo "rp_filter."
elif spoofprotect_ipfwadm; then
echo "ipfwadm."
elif spoofprotect_ipchains; then
echo "ipchains."
else
echo "FAILED"
fi
}
ip_forward () {
if [ -e /proc/sys/net/ipv4/ip_forward ]; then
echo -n "Enabling packet forwarding: "
echo 1 > /proc/sys/net/ipv4/ip_forward
echo "done."
fi
}
syncookies () {
if [ -e /proc/sys/net/ipv4/tcp_syncookies ]; then
echo -n "Enabling TCP/IP SYN cookies: "
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo "done."
fi
}
doopt () {
optname=$1
default=$2
opt=`grep "^$optname=" /etc/network/options`
if [ -z "$opt" ]; then
opt="$optname=$default"
fi
optval=${opt#$optname=}
if [ "$optval" = "yes" ]; then
eval $optname
fi
}
case "$1" in
start)
doopt spoofprotect yes
doopt syncookies no
doopt ip_forward no
echo -n "Configuring network interfaces: "
ifup -a
echo "done."
;;
stop)
if sed -n 's/^[^ ]* \([^ ]*\) \([^ ]*\) .*$/\1 \2/p' /proc/mounts |
grep -q "^/ nfs$"
then
echo "NOT deconfiguring network interfaces: / is an NFS mount"
elif sed -n 's/^[^ ]* \([^ ]*\) \([^ ]*\) .*$/\1 \2/p' /proc/mounts |
grep -q "^/ smb$"
then
echo "NOT deconfiguring network interfaces: / is an SMB mount"
elif sed -n 's/^[^ ]* \([^ ]*\) \([^ ]*\) .*$/\2/p' /proc/mounts |
grep -E '^(nfs|smb)$'
then
echo "NOT deconfiguring network interfaces: NFS/SMB shares still mounted."
else
echo -n "Deconfiguring network interfaces: "
ifdown -a
echo "done."
fi
;;
reload)
;;
force-reload)
$0 restart
;;
restart)
echo -n "Reconfiguring network interfaces: "
ifdown -a
ifup -a
echo "done."
;;
*)
echo "Usage: /etc/init.d/networking {start|stop|reload|restart}"
exit 1
;;
esac
exit 0
Reply to: