summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeroen Roovers <jer@gentoo.org>2014-03-26 13:46:37 +0000
committerJeroen Roovers <jer@gentoo.org>2014-03-26 13:46:37 +0000
commitaa4cea92f197f72e2f5d269ecea586947debd1d6 (patch)
tree5d39f1c5d2f61bc8ca0ee996ea3c7178bd4157a8 /net-firewall/conntrack-tools/files/conntrackd.initd-r1
parentVersion bump. (diff)
downloadgentoo-2-aa4cea92f197f72e2f5d269ecea586947debd1d6.tar.gz
gentoo-2-aa4cea92f197f72e2f5d269ecea586947debd1d6.tar.bz2
gentoo-2-aa4cea92f197f72e2f5d269ecea586947debd1d6.zip
Old.
(Portage version: 2.2.9-r1/cvs/Linux x86_64, signed Manifest commit with key A792A613)
Diffstat (limited to 'net-firewall/conntrack-tools/files/conntrackd.initd-r1')
-rw-r--r--net-firewall/conntrack-tools/files/conntrackd.initd-r199
1 files changed, 0 insertions, 99 deletions
diff --git a/net-firewall/conntrack-tools/files/conntrackd.initd-r1 b/net-firewall/conntrack-tools/files/conntrackd.initd-r1
deleted file mode 100644
index 9394badca125..000000000000
--- a/net-firewall/conntrack-tools/files/conntrackd.initd-r1
+++ /dev/null
@@ -1,99 +0,0 @@
-#!/sbin/runscript
-# Copyright 1999-2008 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-CONNTRACKD_BIN="/usr/sbin/conntrackd"
-CONNTRACKD_CFG=${CONNTRACKD_CFG:-/etc/conntrackd/conntrackd.conf}
-CONNTRACKD_LOCK=${CONNTRACKD_LOCK:-/var/lock/conntrack.lock}
-
-depend() {
- use logger
- need net
-}
-
-checkconfig() {
- # check for netfilter conntrack kernel support
- local nf_ct_available=0
- for k in net.netfilter.nf_conntrack_max \
- net.ipv4.netfilter.ip_conntrack_max \
- net.nf_conntrack_max; do
- if sysctl -e -n ${k} &>/dev/null; then
- nf_ct_available=1 # sysctl key found
- break
- fi
- done
- if [ ${nf_ct_available} -eq 0 ]; then
- eerror
- eerror "Your kernel is missing netfilter conntrack support!"
- eerror "Make sure your kernel was compiled with netfilter conntrack support."
- eerror
- eerror "If it was compiled as a module you need to ensure the module is being"
- eerror "loaded before starting conntrackd."
- eerror "Either add an entry to /etc/modules.autoload/[...] (for baselayout-1)"
- eerror "or /etc/conf.d/modules (for baselayout-2/OpenRC) or load the module"
- eerror "by hand like this, depending on your kernel version:"
- eerror
- eerror " modprobe nf_conntrack # (for newer kernels)"
- eerror " modprobe ip_conntrack # (for older kernels)"
- eerror
- return 1
- fi
- # check if netfilter conntrack TCP window tracking is disabled
- local nf_ct_tcp_be_liberal=0
- for k in net.netfilter.nf_conntrack_tcp_be_liberal \
- net.ipv4.netfilter.ip_conntrack_tcp_be_liberal; do
- nf_ct_tcp_be_liberal=$(sysctl -e -n ${k} 2>/dev/null)
- if [ ${?} -ne 0 ]; then
- continue # sysctl key not found
- else
- break # sysctl key found
- fi
- done
- if [ ${nf_ct_tcp_be_liberal} -ne 1 ]; then
- eerror
- eerror "You need to disable TCP window tracking!"
- eerror "Add the following line to your /etc/sysctl.conf:"
- eerror
- eerror " ${k} = 1"
- eerror
- eerror "...and run this to activate the setting: sysctl -q -p"
- eerror
- return 1
- fi
- # check for config file
- if [ ! -e "${CONNTRACKD_CFG}" ]; then
- eerror
- eerror "The conntrackd config file (${CONNTRACKD_CFG})"
- eerror "is missing!"
- eerror
- return 1
- fi
- # check for leftover lockfile
- if [ -f "${CONNTRACKD_LOCK}" ]; then
- ewarn
- ewarn "The conntrackd lockfile (${CONNTRACKD_LOCK})"
- ewarn "exists although the service is not marked as started."
- ewarn "Will remove the lockfile and start the service in 10s"
- ewarn "if not interrupted..."
- ewarn
- sleep 10
- if ! rm -f "${CONNTRACKD_LOCK}"; then
- eerror "Failed to remove the conntrackd lockfile (${CONNTRACKD_LOCK})"
- return 1
- fi
- fi
-}
-
-start() {
- checkconfig || return 1
- ebegin "Starting conntrackd"
- start-stop-daemon --start --exec "${CONNTRACKD_BIN}" \
- -- -d -C "${CONNTRACKD_CFG}" ${CONNTRACKD_OPTS}
- eend $?
-}
-
-stop() {
- ebegin "Stopping conntrackd"
- start-stop-daemon --stop --exec "${CONNTRACKD_BIN}"
- eend $?
-}