diff options
| -rw-r--r-- | etc/defaults/rc.conf | 6 | ||||
| -rw-r--r-- | etc/network.subr | 19 | ||||
| -rw-r--r-- | etc/rc.d/netoptions | 19 | ||||
| -rw-r--r-- | etc/rc.d/network1 | 19 | ||||
| -rw-r--r-- | etc/rc.d/network2 | 19 | ||||
| -rw-r--r-- | etc/rc.d/network3 | 19 | ||||
| -rw-r--r-- | etc/rc.d/routing | 19 | ||||
| -rw-r--r-- | etc/rc.network | 19 |
8 files changed, 137 insertions, 2 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index dd178ca25f18..ff8f45b3535d 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -48,6 +48,10 @@ firewall_type="UNKNOWN" # Firewall type (see /etc/rc.firewall) firewall_quiet="NO" # Set to YES to suppress rule display firewall_logging="NO" # Set to YES to enable events logging firewall_flags="" # Flags passed to ipfw when type is a file +ip_portrange_first="NO" # Set first dynamically allocated port +ip_portrange_last="NO" # Set last dynamically allocated port +ipsec_enable="NO" # Set to YES to run setkey on ipsec_file +ipsec_file="/etc/ipsec.conf" # Name of config file for setkey natd_program="/sbin/natd" # path to natd, if you want a different one. natd_enable="NO" # Enable natd (if firewall_enable == YES). natd_interface="fxp0" # Public interface or IPaddress to use. @@ -158,8 +162,6 @@ nis_yppasswdd_flags="" # Flags to rpc.yppasswdd (if enabled). defaultrouter="NO" # Set to default gateway (or NO). static_routes="" # Set to static route list (or leave empty). gateway_enable="NO" # Set to YES if this host will be a gateway. -ipsec_enable="NO" # Set to YES to run setkey on ipsec_file -ipsec_file="/etc/ipsec.conf" # Name of config file for setkey router_enable="NO" # Set to YES to enable a routing daemon. router="routed" # Name of routing daemon to use if enabled. router_flags="-q" # Flags for routing daemon. diff --git a/etc/network.subr b/etc/network.subr index fc7cdd07c014..4a3c1ec58fde 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -350,6 +350,25 @@ network_pass1() { sysctl -w net.link.ether.inet.proxyall=1 >/dev/null ;; esac + + case ${ip_portrange_first} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_first=$ip_portrange_first' + sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null + ;; + esac + + case ${ip_portrange_last} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_last=$ip_portrange_last' + sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null + ;; + esac + echo '.' case ${ipsec_enable} in diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions index fc7cdd07c014..4a3c1ec58fde 100644 --- a/etc/rc.d/netoptions +++ b/etc/rc.d/netoptions @@ -350,6 +350,25 @@ network_pass1() { sysctl -w net.link.ether.inet.proxyall=1 >/dev/null ;; esac + + case ${ip_portrange_first} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_first=$ip_portrange_first' + sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null + ;; + esac + + case ${ip_portrange_last} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_last=$ip_portrange_last' + sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null + ;; + esac + echo '.' case ${ipsec_enable} in diff --git a/etc/rc.d/network1 b/etc/rc.d/network1 index fc7cdd07c014..4a3c1ec58fde 100644 --- a/etc/rc.d/network1 +++ b/etc/rc.d/network1 @@ -350,6 +350,25 @@ network_pass1() { sysctl -w net.link.ether.inet.proxyall=1 >/dev/null ;; esac + + case ${ip_portrange_first} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_first=$ip_portrange_first' + sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null + ;; + esac + + case ${ip_portrange_last} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_last=$ip_portrange_last' + sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null + ;; + esac + echo '.' case ${ipsec_enable} in diff --git a/etc/rc.d/network2 b/etc/rc.d/network2 index fc7cdd07c014..4a3c1ec58fde 100644 --- a/etc/rc.d/network2 +++ b/etc/rc.d/network2 @@ -350,6 +350,25 @@ network_pass1() { sysctl -w net.link.ether.inet.proxyall=1 >/dev/null ;; esac + + case ${ip_portrange_first} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_first=$ip_portrange_first' + sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null + ;; + esac + + case ${ip_portrange_last} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_last=$ip_portrange_last' + sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null + ;; + esac + echo '.' case ${ipsec_enable} in diff --git a/etc/rc.d/network3 b/etc/rc.d/network3 index fc7cdd07c014..4a3c1ec58fde 100644 --- a/etc/rc.d/network3 +++ b/etc/rc.d/network3 @@ -350,6 +350,25 @@ network_pass1() { sysctl -w net.link.ether.inet.proxyall=1 >/dev/null ;; esac + + case ${ip_portrange_first} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_first=$ip_portrange_first' + sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null + ;; + esac + + case ${ip_portrange_last} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_last=$ip_portrange_last' + sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null + ;; + esac + echo '.' case ${ipsec_enable} in diff --git a/etc/rc.d/routing b/etc/rc.d/routing index fc7cdd07c014..4a3c1ec58fde 100644 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -350,6 +350,25 @@ network_pass1() { sysctl -w net.link.ether.inet.proxyall=1 >/dev/null ;; esac + + case ${ip_portrange_first} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_first=$ip_portrange_first' + sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null + ;; + esac + + case ${ip_portrange_last} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_last=$ip_portrange_last' + sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null + ;; + esac + echo '.' case ${ipsec_enable} in diff --git a/etc/rc.network b/etc/rc.network index fc7cdd07c014..4a3c1ec58fde 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -350,6 +350,25 @@ network_pass1() { sysctl -w net.link.ether.inet.proxyall=1 >/dev/null ;; esac + + case ${ip_portrange_first} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_first=$ip_portrange_first' + sysctl -w net.inet.ip.portrange.first=$ip_portrange_first >/dev/null + ;; + esac + + case ${ip_portrange_last} in + [Nn][Oo] | '') + ;; + *) + echo -n ' ip_portrange_last=$ip_portrange_last' + sysctl -w net.inet.ip.portrange.last=$ip_portrange_last >/dev/null + ;; + esac + echo '.' case ${ipsec_enable} in |