Ignore:
Timestamp:
04/15/13 13:06:48 (17 months ago)
Author:
Kris Moore <kris@…>
Branches:
master, 9.1-release, 9.2-release, releng/10.0, releng/10.0.1, releng/10.0.2, releng/10.0.3
Children:
8901c47
Parents:
4d2a365
Message:

Merge changes from John Hixson and FreeNAS work

File:
1 edited

Legend:

Unmodified
Added
Removed
  • src-sh/warden/scripts/backend/startjail.sh

    r0988d23 r17235d6  
    208208   if ! ipv4_configured "${BRIDGE}" ; then 
    209209      ifconfig ${BRIDGE} inet "${BRIDGEIP4}" 
    210    else 
     210 
     211   elif ! ipv4_address_configured "${BRIDGE}" "${BRIDGEIP4}" ; then 
    211212      ifconfig ${BRIDGE} inet alias "${BRIDGEIP4}" 
    212213   fi 
     
    215216   for _ip in ${BRIDGEIPS4} 
    216217   do 
    217       ifconfig ${BRIDGE} inet alias "${_ip}" 
     218      if ! ipv4_address_configured "${BRIDGE}" "${_ip}" ; then 
     219         ifconfig ${BRIDGE} inet alias "${_ip}" 
     220      fi  
    218221   done 
    219222fi 
     
    222225   if ! ipv6_configured "${BRIDGE}" ; then 
    223226      ifconfig ${BRIDGE} inet6 "${BRIDGEIP6}" 
    224    else 
     227 
     228   elif ! ipv6_address_configured "${BRIDGE}" "${BRIDGEIP6}" ; then 
    225229      ifconfig ${BRIDGE} inet6 alias "${BRIDGEIP6}" 
    226230   fi 
     
    229233   for _ip in ${BRIDGEIPS6} 
    230234   do 
    231       ifconfig ${BRIDGE} inet6 alias "${_ip}" 
     235      if ! ipv6_address_configured "${BRIDGE}" "${_ip}" ; then 
     236         ifconfig ${BRIDGE} inet6 alias "${_ip}" 
     237      fi 
    232238   done 
    233239fi 
     
    261267   ipv4_configured ${EPAIRB} ${JID} 
    262268   if [ "$?" = "0" ] ; then 
    263       jexec ${JID} ifconfig ${EPAIRB} inet alias ${ip4} 
     269      if ! ipv4_address_configured "${EPAIRB}" "${ip4}" "${JID}" ; then 
     270         jexec ${JID} ifconfig ${EPAIRB} inet alias ${ip4} 
     271      fi 
    264272   else 
    265273      jexec ${JID} ifconfig ${EPAIRB} inet ${ip4} 
     
    275283   ipv6_configured ${EPAIRB} ${JID} 
    276284   if [ "$?" = "0" ] ; then 
    277       jexec ${JID} ifconfig ${EPAIRB} inet6 alias ${ip6} 
     285      if ! ipv6_address_configured "${EPAIRB}" "${ip6}" "${JID}" ; then 
     286         jexec ${JID} ifconfig ${EPAIRB} inet6 alias ${ip6} 
     287      fi 
    278288   else 
    279289      jexec ${JID} ifconfig ${EPAIRB} inet6 ${ip6} 
     
    316326# with VIMAGE. 
    317327# 
    318 sysctl net.inet.ip.forwarding=1 
    319 sysctl net.inet6.ip6.forwarding=1 
    320  
    321 tmp_rcconf=`mktemp /tmp/.wdn.XXXXXX` 
    322  
    323 egrep -v '^(firewall_(enable|type)|natd_(enable|interface|flags))' \ 
    324    /etc/rc.conf >> "${tmp_rcconf}" 
    325 cat<<__EOF__>>"${tmp_rcconf}" 
     328ip_forwarding=`sysctl -n net.inet.ip.forwarding` 
     329if [ "${ip_forwarding}" = "0" ] ; then 
     330   sysctl net.inet.ip.forwarding=1 
     331fi 
     332 
     333ip6_forwarding=`sysctl -n net.inet6.ip6.forwarding` 
     334if [ "${ip6_forwarding}" = "0" ] ; then 
     335   sysctl net.inet6.ip6.forwarding=1 
     336fi 
     337 
     338firewall_enable=`egrep '^firewall_enable' /etc/rc.conf|cut -f2 -d'='|sed 's|"||g'` 
     339firewall_type=`egrep '^firewall_type' /etc/rc.conf|cut -f2 -d'='|sed 's|"||g'` 
     340 
     341if [ "${firewall_enable}" != "YES" -o "${firewall_type}" != "open" ] ; then 
     342   tmp_rcconf=`mktemp /tmp/.wdn.XXXXXX` 
     343   egrep -v '^firewall_(enable|type)' /etc/rc.conf >> "${tmp_rcconf}" 
     344 
     345   cat<<__EOF__>>"${tmp_rcconf}" 
    326346firewall_enable="YES" 
    327347firewall_type="open" 
    328 natd_enable="YES" 
    329 natd_interface="${IFACE}" 
    330 natd_flags="-dynamic -m" 
    331348__EOF__ 
    332 if [ -s "${tmp_rcconf}" ] ; then 
    333    cp /etc/rc.conf /var/tmp/rc.conf.bak 
    334    mv "${tmp_rcconf}" /etc/rc.conf 
    335    if [ "$?" != "0" ] ; then 
    336       mv /var/tmp/rc.conf.bak /etc/rc.conf 
    337    fi 
    338 fi 
    339  
    340 ipfw list | grep -Eq '^00500 divert' 2>/dev/null 
    341 if [ "$?" != "0" ] ; then 
    342    /etc/rc.d/ipfw restart 
    343    ipfw -q add 00050 divert 8668 ip4 from any to any via ${IFACE} 
     349 
     350   if [ -s "${tmp_rcconf}" ] ; then 
     351      cp /etc/rc.conf /var/tmp/rc.conf.bak 
     352      mv "${tmp_rcconf}" /etc/rc.conf 
     353      if [ "$?" != "0" ] ; then 
     354         mv /var/tmp/rc.conf.bak /etc/rc.conf 
     355      fi 
     356   fi 
     357   /etc/rc.d/ipfw forcerestart 
     358fi 
     359 
     360instance=`get_ipfw_nat_instance "${IFACE}"` 
     361if [ -z "${instance}" ] ; then 
     362echo "NAT IS NULL" 
     363   priority=`get_ipfw_nat_priority` 
     364   instance=`get_ipfw_nat_instance` 
     365 
     366   ipfw "${priority}" add nat "${instance}" all from any to any 
     367   ipfw nat "${instance}" config if "${IFACE}" reset 
    344368fi 
    345369 
Note: See TracChangeset for help on using the changeset viewer.