#! /bin/sh # /etc/rc.d/rc.nano1 # This brings up the network interfaces # nano1.sh converted to rc.nano1 (which replaces rc.inet1) 6/6/03 JK echo -n "rc.nano1: " # Abbreviations: # IFI internal interface # IPI IP address of internal interface # NWI internal network IP # NMI netmask for the internal interface # IFE1, IFE2 external interfaces # IPE1, IPE2 external IP addresses # NWE1, NWE2 external network addresses # NME1, NME2 masks for the external network in CIDR format (E.G. /24) # BRD1, BRD2 broadcast addresses for external networks # GWE1, GWE2 gateways for external interfaces IFI="eth0" # IFI is the internal interface IPI="192.168.223.254" # IPI is the IP address of the internal interface NWI="192.168.223.0" # NWI is the internal network IP NMI="24" # NMI is the netmask for the internal interface IFE1="eth1" # cable (search "cable") IFE2="eth2" # IFEn are the external interfaces #IFE3="eth3" # Dead Qwest dsl connection IFE4="ppp0" IPE1D="68.171.136.121" # cable IPE1=`ifconfig $IFE1 2>/dev/null | grep inet | cut -d : -f 2 | cut -d ' ' -f 1` if [ "$IPE1" = "" ]; then IPE1 == IPE1D; fi IPE2="168.103.240.89" # IPEn are the external IP addresses IPE3="168.103.92.1" IPE4=`cat /etc/firewall/localIP` # dynamic NWE1D="68.171.136.0" # cable NETMASKE1=`ifconfig $IFE1 2>/dev/null | grep Mask | cut -d : -f 4` if [ "$NETMASKE1" = "" ]; then NETMASKE1="255.255.255.128"; fi NWE1=`/bin/ipmask "$NETMASKE1" "$IPE1" | cut -f 2 -d ' '` if [ "$NWE1" = "" ]; then NWE1 == NWE1D; fi NWE2="168.103.240.88" # NWEn are the external network addresses NWE3="168.103.92.0" NWE4=`cat /etc/firewall/localIP` NME1="25" # cable (255.255.255.128 corresponds to /25) NME2="29" # NMEn are the masks for the external network in CIDR format (E.G. /24) NME3="29" NME4="32" BRD1D="68.171.136.127" # cable BRD1=`ifconfig $IFE1 2>/dev/null | grep Bcast | cut -d : -f 3 | cut -d ' ' -f 1` if [ "$BRD1" = "" ]; then BRD1 == BRD1D; fi BRD2="168.103.240.95" # BRDn are broadcast addresses for external networks BRD3="168.103.92.7" BRD4=`cat /etc/firewall/remoteIP` # Broadcast (use "peer" for ppp0) GWE1D="68.171.136.1" # cable GWE1=`ipmask 255.255.255.1 "$IPE1" | cut -f 2 -d ' '` if [ "$GWE1" = "" ]; then GWE1 == GWE1D; fi GWE2="168.103.240.94" # GWEn are gateways for external interfaces GWE3="168.103.92.6" GWE4=`cat /etc/firewall/remoteIP` # peer, dynamic # If we want table main looked at first, we must assign it a low priority: # Make sure there is no existing rule: ip rule del prio 10 table main 2>/dev/null ip rule add prio 10 table main # We want to make sure there is no default route in table main. If there isn't # one, this will fail (which is fine): ip route del default table main 2>/dev/null ip link set lo up ## To be sure there are no preexisting IPs assigned to the interface, we flush: ip addr flush dev lo ## Assigning an address will cause the kernel to automatically insert an ## appropriate route into table main: ip addr add 127.0.0.1/8 brd + dev lo ## "+" is shorthand for the broadcast address, here 127.0.0.255 # Uncomment if lo is not in table main: #ip route add 127.0.0.0/8 dev lo ip link set $IFI up ip addr flush dev $IFI ip addr add $IPI/$NMI brd + dev $IFI ip link set $IFE1 up # To be sure there are no preexisting IPs assigned to the interface, we flush: ip addr flush dev $IFE1 # BRD# specifies the broadcast address: ip addr add $IPE1/$NME1 brd $BRD1 dev $IFE1 ip link set $IFE2 up ip addr flush dev $IFE2 ip addr add $IPE2/$NME2 brd $BRD2 dev $IFE2 #ip link set $IFE3 up #ip addr flush dev $IFE3 #ip addr add $IPE3/$NME3 brd $BRD3 dev $IFE3 #ip link set $IFE4 up #ppp0 ip addr flush dev $IFE4 #ppp0 ip addr add $IPE4/$NME4 peer $BRD4 dev $IFE4 # For established connections, we do not want to match the multipath route. # We need to make sure we use the same route as before, so we add a table for # each interface. We use a priority that makes sure these routes are found # after the main table and before the MP table: ip rule del prio 40 from $NWE1/$NME1 table $IFE1 2>/dev/null ip rule add prio 50 from $NWE1/$NME1 table $IFE1 ip rule del prio 40 to 192.168.100.1/32 table $IFE1 2>/dev/null ip rule add prio 50 to 192.168.100.1/32 table $IFE1 # These are default routes because they must match any address: ip route del default via $GWE1 dev $IFE1 src $IPE1 proto static table $IFE1 ip route add default via $GWE1 dev $IFE1 src $IPE1 proto static table $IFE1 # If the interface is not working, this acts like REJECT; it causes an ICMP # PKT_FILTERED to be sent to the requester: ip route del prohibit default table $IFE1 metric 1 proto static ip route append prohibit default table $IFE1 metric 1 proto static ip rule del prio 40 from $NWE2/$NME2 table $IFE2 2>/dev/null ip rule add prio 50 from $NWE2/$NME2 table $IFE2 ip route del default via $GWE2 dev $IFE2 src $IPE2 proto static table $IFE2 ip route add default via $GWE2 dev $IFE2 src $IPE2 proto static table $IFE2 ip route del prohibit default table $IFE2 metric 1 proto static ip route append prohibit default table $IFE2 metric 1 proto static #eth3 ip rule del prio 40 from $NWE3/$NME3 table $IFE3 2>/dev/null #eth3 ip rule add prio 50 from $NWE3/$NME3 table $IFE3 #eth3 ip route del default via $GWE3 dev $IFE3 src $IPE3 proto static table $IFE3 #eth3 ip route add default via $GWE3 dev $IFE3 src $IPE3 proto static table $IFE3 #eth3 ip route del prohibit default table $IFE3 metric 1 proto static #eth3 ip route append prohibit default table $IFE3 metric 1 proto static #ppp0 ip rule del prio 40 from $NWE4/$NME4 table $IFE4 2>/dev/null #ppp0 ip rule add prio 50 from $NWE4/$NME4 table $IFE4 #ppp0 ip route del default via $GWE4 dev $IFE4 src $IPE4 proto static table $IFE4 #ppp0 ip route add default via $GWE4 dev $IFE4 src $IPE4 proto static table $IFE4 #ppp0 ip route del prohibit default table $IFE4 metric 1 proto static #ppp0 ip route append prohibit default table $IFE4 metric 1 proto static # Special-case news.iswest.com (ip changes occasionally) to use 168.103.240.89: ip rule del prio 40 to 206.127.4.22/32 table $IFE2 2>/dev/null ip rule add prio 50 to 206.127.4.22/32 table $IFE2 # New connections have no local source address. Neither is there any default # route, so we create a multipath default route for them: ip rule del prio 90 table 9 2>/dev/null ip rule add prio 90 table 9 ip route del default table 9 2>/dev/null # nano: ip route add default table 9 proto static nexthop via $GWE1 dev $IFE1 nexthop via $GWE2 dev $IFE2 ip route add default table 9 equalize proto static nexthop via $GWE1 dev $IFE1 weight 2 nexthop via $GWE2 dev $IFE2 # ip route del default table main 2>/dev/null ip route del default table main equalize scope global 2>/dev/null # LARTC: ip route add default scope global nexthop via $GWE1 dev $IFE1 nexthop via $GWE2 dev $IFE2 ip route add default table main equalize proto static scope global nexthop via $GWE1 dev $IFE1 weight 2 nexthop via $GWE2 dev $IFE2 cp -a /etc/resolv.conf.sv /etc/resolv.conf 2>/dev/null # Done.