diff options
author | Jeroen Roovers <jer@gentoo.org> | 2014-03-26 13:46:37 +0000 |
---|---|---|
committer | Jeroen Roovers <jer@gentoo.org> | 2014-03-26 13:46:37 +0000 |
commit | aa4cea92f197f72e2f5d269ecea586947debd1d6 (patch) | |
tree | 5d39f1c5d2f61bc8ca0ee996ea3c7178bd4157a8 /net-firewall/conntrack-tools/files/conntrackd.initd-r1 | |
parent | Version bump. (diff) | |
download | gentoo-2-aa4cea92f197f72e2f5d269ecea586947debd1d6.tar.gz gentoo-2-aa4cea92f197f72e2f5d269ecea586947debd1d6.tar.bz2 gentoo-2-aa4cea92f197f72e2f5d269ecea586947debd1d6.zip |
Old.
(Portage version: 2.2.9-r1/cvs/Linux x86_64, signed Manifest commit with key A792A613)
Diffstat (limited to 'net-firewall/conntrack-tools/files/conntrackd.initd-r1')
-rw-r--r-- | net-firewall/conntrack-tools/files/conntrackd.initd-r1 | 99 |
1 files changed, 0 insertions, 99 deletions
diff --git a/net-firewall/conntrack-tools/files/conntrackd.initd-r1 b/net-firewall/conntrack-tools/files/conntrackd.initd-r1 deleted file mode 100644 index 9394badca125..000000000000 --- a/net-firewall/conntrack-tools/files/conntrackd.initd-r1 +++ /dev/null @@ -1,99 +0,0 @@ -#!/sbin/runscript -# Copyright 1999-2008 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 - -CONNTRACKD_BIN="/usr/sbin/conntrackd" -CONNTRACKD_CFG=${CONNTRACKD_CFG:-/etc/conntrackd/conntrackd.conf} -CONNTRACKD_LOCK=${CONNTRACKD_LOCK:-/var/lock/conntrack.lock} - -depend() { - use logger - need net -} - -checkconfig() { - # check for netfilter conntrack kernel support - local nf_ct_available=0 - for k in net.netfilter.nf_conntrack_max \ - net.ipv4.netfilter.ip_conntrack_max \ - net.nf_conntrack_max; do - if sysctl -e -n ${k} &>/dev/null; then - nf_ct_available=1 # sysctl key found - break - fi - done - if [ ${nf_ct_available} -eq 0 ]; then - eerror - eerror "Your kernel is missing netfilter conntrack support!" - eerror "Make sure your kernel was compiled with netfilter conntrack support." - eerror - eerror "If it was compiled as a module you need to ensure the module is being" - eerror "loaded before starting conntrackd." - eerror "Either add an entry to /etc/modules.autoload/[...] (for baselayout-1)" - eerror "or /etc/conf.d/modules (for baselayout-2/OpenRC) or load the module" - eerror "by hand like this, depending on your kernel version:" - eerror - eerror " modprobe nf_conntrack # (for newer kernels)" - eerror " modprobe ip_conntrack # (for older kernels)" - eerror - return 1 - fi - # check if netfilter conntrack TCP window tracking is disabled - local nf_ct_tcp_be_liberal=0 - for k in net.netfilter.nf_conntrack_tcp_be_liberal \ - net.ipv4.netfilter.ip_conntrack_tcp_be_liberal; do - nf_ct_tcp_be_liberal=$(sysctl -e -n ${k} 2>/dev/null) - if [ ${?} -ne 0 ]; then - continue # sysctl key not found - else - break # sysctl key found - fi - done - if [ ${nf_ct_tcp_be_liberal} -ne 1 ]; then - eerror - eerror "You need to disable TCP window tracking!" - eerror "Add the following line to your /etc/sysctl.conf:" - eerror - eerror " ${k} = 1" - eerror - eerror "...and run this to activate the setting: sysctl -q -p" - eerror - return 1 - fi - # check for config file - if [ ! -e "${CONNTRACKD_CFG}" ]; then - eerror - eerror "The conntrackd config file (${CONNTRACKD_CFG})" - eerror "is missing!" - eerror - return 1 - fi - # check for leftover lockfile - if [ -f "${CONNTRACKD_LOCK}" ]; then - ewarn - ewarn "The conntrackd lockfile (${CONNTRACKD_LOCK})" - ewarn "exists although the service is not marked as started." - ewarn "Will remove the lockfile and start the service in 10s" - ewarn "if not interrupted..." - ewarn - sleep 10 - if ! rm -f "${CONNTRACKD_LOCK}"; then - eerror "Failed to remove the conntrackd lockfile (${CONNTRACKD_LOCK})" - return 1 - fi - fi -} - -start() { - checkconfig || return 1 - ebegin "Starting conntrackd" - start-stop-daemon --start --exec "${CONNTRACKD_BIN}" \ - -- -d -C "${CONNTRACKD_CFG}" ${CONNTRACKD_OPTS} - eend $? -} - -stop() { - ebegin "Stopping conntrackd" - start-stop-daemon --stop --exec "${CONNTRACKD_BIN}" - eend $? -} |