#!/bin/sh # # chkconfig: 345 50 50 # description: Starts and stops the PPP/ATM/ADSL link to \ # Ameritech, over an NicStar \ # ATM NIC and an Alcatel 1000 ADSL "Modem" # place file in /etc/rc.d/init.d and make a links from rc.d/3 and 5 # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ ${NETWORKING} = "no" ] && exit 0 VERSION=`uname -r` #[ $VERSION != "2.4.2" -a $VERSION != "2.4.0-test5" ] && exit 0 # set to your linux version [ $VERSION != "2.4.3" -a $VERSION != "2.4.4-ac8" ] && exit 0 # See how we were called. case "$1" in start) echo -n "Starting ADSL service: " # Load up the PPP/ATM/ADSL Module, then "dial" in [ -z "`/sbin/lsmod | /bin/grep idt77105`"] && \ /sbin/insmod idt77105 [ -z "`/sbin/lsmod | /bin/grep nicstar`" ] && \ /sbin/insmod nicstar #set to your pppd setup script /usr/sbin/pppd call ameritech-adsl # Load up some of the IP Masquerade modules /sbin/modprobe ip_nat_ftp /sbin/modprobe ip_conntrack_ftp # left over stuff from /etc/rc.d/rc.local, need to go over it! # /sbin/modprobe ip_masq_irc # /sbin/modprobe ip_masq_quake # /sbin/modprobe ip_masq_raudio # /sbin/modprobe ip_masq_user # /sbin/modprobe ip_masq_vdolive # Set up IP Masquerade forwarding policies, # port forwarding policies & stealth policies /sbin/modprobe ip_tables /usr/local/sbin/iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE # example of telnet forwarding /usr/local/sbin/iptables -t nat -A PREROUTING \ -i ppp0 --protocol tcp --dport 4223 -j DNAT --to 192.168.0.9:23 /usr/local/sbin/iptables -t nat -A PREROUTING \ -i ppp0 --protocol tcp --dport 4224 -j DNAT --to 192.168.0.9:24 # # needed for Nortel VPN # /usr/local/sbin/iptables -t nat -A PREROUTING \ -i ppp0 --protocol tcp --dport 500 -j DNAT --to 192.168.0.7:500 /usr/local/sbin/iptables -t nat -A PREROUTING \ -i ppp0 --protocol udp --dport 500 -j DNAT --to 192.168.0.7:500 # under no circumstances share windows networking /usr/local/sbin/iptables -t filter -A INPUT \ -i ppp0 --protocol tcp --dport 137:139 -j DROP /usr/local/sbin/iptables -t filter -A INPUT \ -i ppp0 --protocol udp --dport 137:139 -j DROP touch /var/lock/subsys/adsl echo_success "" echo ;; stop) echo -n "Shutting down ADSL service: " killproc pppd -INT /usr/local/sbin/iptables -t nat -D POSTROUTING 1 /usr/local/sbin/iptables -t filter -D INPUT 2 /usr/local/sbin/iptables -t filter -D INPUT 1 /sbin/rmmod -r ipt_MASQUERADE iptable_filter iptable_nat \ ip_conntrack_ftp ip_nat_ftp rm -f /var/lock/subsys/adsl echo "" ;; status) if [ ! -e /var/run/ppp0.status ] then echo Point-to-Point Daemon does *not* appear to be running else PPPD_PID=`pidof pppd` PS_LINE=`ps h $PPPD_PID` echo pid = $PPPD_PID"; " peer = ${PS_LINE##* } echo local IP address = `sed -n 5p /var/run/ppp0.status` echo remote IP address = `sed -n 6p /var/run/ppp0.status` /bin/ping -c 1 `/usr/bin/tail -1 /var/run/ppp0.status` | tail -1 fi ;; restart) echo -n "Restarting ADLS service: " $0 stop $0 start echo "done." ;; *) echo "Usage: adsl {start|stop|restart|status}" exit 1 esac