void conf_rtables_rtable(FILE *output, int rtableid)
{
int i;
StringList *rtable_name, *rtable_daemons;
rtable_name = sl_init();
if (db_select_name_rtable(rtable_name, rtableid) < 0) {
printf("%% database failure select rtables name\n");
sl_free(rtable_name, 1);
return;
} else {
fprintf(output, "rtable %d %s\n", rtableid,
rtable_name->sl_str[0]);
}
sl_free(rtable_name, 1);
/*
* Routes must be printed before we attempt to start daemons,
* else rtables will not be created in the kernel (Unless an
* rdomain is created by specifing one on an interface prior
* to this point. An rdomain creates a new corresponding rtable)
*/
conf_arp(output, " arp ");
conf_routes(output, " route ", AF_INET, RTF_STATIC, rtableid);
conf_routes(output, " route ", AF_INET6, RTF_STATIC, rtableid);
rtable_daemons = sl_init();
if (db_select_flag_x_ctl_rtable(rtable_daemons, "ctl", rtableid) < 0) {
printf("%% database failure select ctl rtable\n");
sl_free(rtable_daemons, 1);
return;
} else {
for (i = 0; i < rtable_daemons->sl_cur; i++)
conf_ctl(output, " ", rtable_daemons->sl_str[i], rtableid);
}
sl_free(rtable_daemons, 1);
fprintf(output, "!\n");
}
int
conf(FILE *output)
{
char cpass[_PASSWORD_LEN+1];
char hostbuf[MAXHOSTNAMELEN];
fprintf(output, "!\n");
gethostname (hostbuf, sizeof(hostbuf));
fprintf(output, "hostname %s\n", hostbuf);
if (read_pass(cpass, sizeof(cpass))) {
fprintf(output, "enable secret blowfish %s\n", cpass);
} else {
if (errno != ENOENT)
printf("%% Unable to read run-time crypt repository:"
" %s\n", strerror(errno));
}
fprintf(output, "!\n");
conf_ctl(output, "dns");
conf_interfaces(output, NULL);
conf_groupattrib(output);
fprintf(output, "!\n");
/*
* check out how sysctls are doing these days
*
* Each of these options, like most other things in the config output
* (such as interface flags), must display if the kernel's default
* setting is not currently set.
*/
conf_ipsysctl(output);
fprintf(output, "!\n");
/*
* print static arp and route entries in configuration file format
*/
conf_routes(output, "arp ", AF_LINK, RTF_STATIC);
conf_routes(output, "route ", AF_INET, RTF_STATIC);
fprintf(output, "!\n");
conf_ctl(output, "pf");
conf_interfaces(output, "pfsync");
conf_ctl(output, "ospf");
conf_ctl(output, "bgp");
conf_ctl(output, "rip");
conf_ctl(output, "ipsec");
conf_ctl(output, "dvmrp");
conf_ctl(output, "relay");
conf_ctl(output, "sasync");
conf_ctl(output, "dhcp");
conf_ctl(output, "snmp");
conf_ctl(output, "ntp");
conf_ctl(output, "ftp-proxy");
conf_ctl(output, "inet");
conf_ctl(output, "sshd");
return(0);
}
int
conf(FILE *output)
{
char cpass[_PASSWORD_LEN+1];
char hostbuf[MAXHOSTNAMELEN];
fprintf(output, "!\n");
gethostname (hostbuf, sizeof(hostbuf));
fprintf(output, "hostname %s\n", hostbuf);
if (read_pass(cpass, sizeof(cpass))) {
fprintf(output, "enable secret blowfish %s\n", cpass);
} else {
if (errno != ENOENT)
printf("%% Unable to read run-time crypt repository:"
" %s\n", strerror(errno));
}
fprintf(output, "!\n");
conf_ctl(output, "", "dns", 0);
conf_ctl(output, "", "rtadv", 0);
conf_ctl(output, "", "motd", 0);
/*
* start all intefaces not listed in 'latestartifs'
*/
conf_interfaces(output, NULL);
/*
* start these interfaces in specific order
*/
conf_interfaces(output, "trunk");
conf_interfaces(output, "svlan");
conf_interfaces(output, "vlan");
conf_interfaces(output, "carp");
#ifdef notyet
conf_groupattrib(output);
#endif
fprintf(output, "!\n");
/*
* check out how sysctls are doing these days
*
* Each of these options, like most other things in the config output
* (such as interface flags), must display if the kernel's default
* setting is not currently set.
*/
conf_sysctls(output);
fprintf(output, "!\n");
/*
* print static arp and route entries in configuration file format
*/
conf_arp(output, "arp ");
conf_routes(output, "route ", AF_INET, RTF_STATIC, 0);
conf_routes(output, "route ", AF_INET6, RTF_STATIC, 0);
fprintf(output, "!\n");
/*
* these interfaces must start after routes are set
*/
conf_interfaces(output, "pppoe");
conf_interfaces(output, "tun");
conf_interfaces(output, "gif");
conf_interfaces(output, "gre");
conf_interfaces(output, "bridge");
fprintf(output, "!\n");
conf_ctl(output, "", "pf", 0);
/*
* this interface must start after pf is loaded
*/
conf_interfaces(output, "pfsync");
conf_ctl(output, "", "snmp", 0);
conf_ctl(output, "", "ldp", 0);
conf_ctl(output, "", "rip", 0);
conf_ctl(output, "", "ospf", 0);
conf_ctl(output, "", "ospf6", 0);
conf_ctl(output, "", "bgp", 0);
conf_ctl(output, "", "ifstate", 0);
conf_ctl(output, "", "ipsec", 0);
conf_ctl(output, "", "ike", 0);
conf_ctl(output, "", "dvmrp", 0);
conf_ctl(output, "", "relay", 0);
conf_ctl(output, "", "sasync", 0);
conf_ctl(output, "", "dhcp", 0);
conf_ctl(output, "", "ntp", 0);
conf_ctl(output, "", "smtp", 0);
conf_ctl(output, "", "ldap", 0);
conf_ctl(output, "", "ftp-proxy", 0);
conf_ctl(output, "", "inet", 0);
conf_ctl(output, "", "sshd", 0);
conf_rtables(output);
return(0);
}
