#!/bin/sh # # manage network interfaces and configure some networking options PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin case "$1" in start) # spoofprotect for f in /proc/sys/net/ipv4/conf/*/rp_filter; do echo 0 > $f; done # syncookies echo 0 > /proc/sys/net/ipv4/tcp_syncookies # ip_forward echo 0 > /proc/sys/net/ipv4/ip_forward # arp_filter for f in /proc/sys/net/ipv4/conf/*/arp_filter; do echo 1 > $f; done # socket buffer max sizes echo 16777216 > /proc/sys/net/core/rmem_max echo 16777216 > /proc/sys/net/core/wmem_max echo 300000 > /proc/sys/net/core/netdev_max_backlog # pci options for 10gb card setpci -d 8086:1a48 e6.b=2e # loopback - only set if not up yet if ! (ip link show lo |grep -q UP); then ip addr flush dev lo 2>/dev/null ip addr add 127.0.0.1/8 dev lo broadcast + ip link set lo up fi # start from scratch. TODO: only stop those ones that are changing $0 stop # eth0, eth1: motherboard ip link set eth0 up mtu 9000 ip link set eth1 up mtu 9000 # set ip addresses ip addr add dev eth0 198.48.76.136/27 ip addr add dev eth1 198.48.76.137/27 # create routing tables for each interface ip route add 198.48.76.128/27 dev eth0 src 198.48.76.136 table 100 ip route add default via 198.48.76.129 dev eth0 table 100 ip rule add from 198.48.76.136 table 100 ip route add 198.48.76.128/27 dev eth1 src 198.48.76.137 table 101 ip route add default via 198.48.76.129 dev eth1 table 101 ip rule add from 198.48.76.137 table 101 # create default route in main table ip route add default via 198.48.76.129 # resolv.conf cat >/etc/resolv.conf </dev/null done # flush any rules eval "`ip rule show |egrep -v 'lookup local|main|default' |sed -e 's/[^:]*:/ip rule del/'`" ;; force-reload|restart) $0 stop $0 start ;; *) echo "Usage: /etc/init.d/networking {start|stop|restart|force-reload}" exit 1 ;; esac exit 0