Browse Source

- remove trailing blanks introduced in previous commit

- no space in redirections like </foo or >$bar
- few other minor whitespaces
OK krw@
OPENBSD_5_8
rpe 9 years ago
parent
commit
1c5ec3825b
2 changed files with 37 additions and 37 deletions
  1. +25
    -25
      src/etc/netstart
  2. +12
    -12
      src/etc/rc

+ 25
- 25
src/etc/netstart View File

@ -1,6 +1,6 @@
#!/bin/sh - #!/bin/sh -
# #
# $OpenBSD: netstart,v 1.146 2015/07/18 00:03:34 rpe Exp $
# $OpenBSD: netstart,v 1.147 2015/07/18 00:37:23 rpe Exp $
# Strip comments (and leading/trailing whitespace if IFS is set) from a file # Strip comments (and leading/trailing whitespace if IFS is set) from a file
# and spew to stdout. # and spew to stdout.
@ -120,7 +120,7 @@ ifstart() {
;; ;;
esac esac
eval "$cmd" eval "$cmd"
done < /etc/hostname.$if
done </etc/hostname.$if
} }
# Start multiple: # Start multiple:
@ -185,32 +185,32 @@ if ifconfig lo0 inet6 >/dev/null 2>&1; then
ip6kernel=YES ip6kernel=YES
# Disallow link-local unicast dest without outgoing scope identifiers. # Disallow link-local unicast dest without outgoing scope identifiers.
route -qn add -inet6 fe80:: -prefixlen 10 ::1 -reject > /dev/null
route -qn add -inet6 fe80:: -prefixlen 10 ::1 -reject >/dev/null
# Disallow site-local unicast dest without outgoing scope identifiers. # Disallow site-local unicast dest without outgoing scope identifiers.
# If you configure site-locals without scope id (it is permissible # If you configure site-locals without scope id (it is permissible
# config for routers that are not on scope boundary), you may want # config for routers that are not on scope boundary), you may want
# to comment the line out. # to comment the line out.
route -qn add -inet6 fec0:: -prefixlen 10 ::1 -reject > /dev/null
route -qn add -inet6 fec0:: -prefixlen 10 ::1 -reject >/dev/null
# Disallow "internal" addresses to appear on the wire. # Disallow "internal" addresses to appear on the wire.
route -qn add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
route -qn add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject >/dev/null
# Disallow packets to malicious IPv4 compatible prefix. # Disallow packets to malicious IPv4 compatible prefix.
route -qn add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject > /dev/null
route -qn add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
route -qn add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
route -qn add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
route -qn add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject >/dev/null
route -qn add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject >/dev/null
route -qn add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject >/dev/null
route -qn add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject >/dev/null
# Disallow packets to malicious 6to4 prefix. # Disallow packets to malicious 6to4 prefix.
route -qn add -inet6 2002:e000:: -prefixlen 20 ::1 -reject > /dev/null
route -qn add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject > /dev/null
route -qn add -inet6 2002:0000:: -prefixlen 24 ::1 -reject > /dev/null
route -qn add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject > /dev/null
route -qn add -inet6 2002:e000:: -prefixlen 20 ::1 -reject >/dev/null
route -qn add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject >/dev/null
route -qn add -inet6 2002:0000:: -prefixlen 24 ::1 -reject >/dev/null
route -qn add -inet6 2002:ff00:: -prefixlen 24 ::1 -reject >/dev/null
# Disallow packets without scope identifier. # Disallow packets without scope identifier.
route -qn add -inet6 ff01:: -prefixlen 16 ::1 -reject > /dev/null
route -qn add -inet6 ff02:: -prefixlen 16 ::1 -reject > /dev/null
route -qn add -inet6 ff01:: -prefixlen 16 ::1 -reject >/dev/null
route -qn add -inet6 ff02:: -prefixlen 16 ::1 -reject >/dev/null
# Completely disallow packets to IPv4 compatible prefix. # Completely disallow packets to IPv4 compatible prefix.
# #
@ -227,7 +227,7 @@ if ifconfig lo0 inet6 >/dev/null 2>&1; then
# #
# Due to rare use of IPv4 compatible addresses, and security issues # Due to rare use of IPv4 compatible addresses, and security issues
# with it, we disable it by default. # with it, we disable it by default.
route -qn add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
route -qn add -inet6 ::0.0.0.0 -prefixlen 96 ::1 -reject >/dev/null
rtsolif="" rtsolif=""
else else
@ -252,12 +252,12 @@ fi
# Look for default routes in /etc/mygate. # Look for default routes in /etc/mygate.
[[ -z $dhcpif ]] && stripcom /etc/mygate | while read gw; do [[ -z $dhcpif ]] && stripcom /etc/mygate | while read gw; do
[[ $gw == @(*:*) ]] && continue [[ $gw == @(*:*) ]] && continue
route -qn delete default > /dev/null 2>&1
route -qn delete default >/dev/null 2>&1
route -qn add -host default $gw && break route -qn add -host default $gw && break
done done
[[ -z $rtsolif ]] && stripcom /etc/mygate | while read gw; do [[ -z $rtsolif ]] && stripcom /etc/mygate | while read gw; do
[[ $gw == !(*:*) ]] && continue [[ $gw == !(*:*) ]] && continue
route -qn delete -inet6 default > /dev/null 2>&1
route -qn delete -inet6 default >/dev/null 2>&1
route -qn add -host -inet6 default $gw && break route -qn add -host -inet6 default $gw && break
done done
@ -269,10 +269,10 @@ done
# NO YES none installed daemon will run # NO YES none installed daemon will run
# YES/interface NO -interface YES=def. iface # YES/interface NO -interface YES=def. iface
# Any other combination -reject config error # Any other combination -reject config error
route -qn delete 224.0.0.0/4 > /dev/null 2>&1
route -qn delete 224.0.0.0/4 >/dev/null 2>&1
case "$multicast_host:$multicast_router" in case "$multicast_host:$multicast_router" in
NO:NO) NO:NO)
route -qn add -net 224.0.0.0/4 -interface 127.0.0.1 -reject > /dev/null
route -qn add -net 224.0.0.0/4 -interface 127.0.0.1 -reject >/dev/null
;; ;;
NO:YES) NO:YES)
;; ;;
@ -285,18 +285,18 @@ EOF
ed -s "!ifconfig $multicast_host" <<EOF ed -s "!ifconfig $multicast_host" <<EOF
/^ inet /p /^ inet /p
EOF EOF
fi 2> /dev/null`
fi 2>/dev/null`
if [ "X${maddr}" != "X" ]; then if [ "X${maddr}" != "X" ]; then
set $maddr set $maddr
route -qn add -net 224.0.0.0/4 -interface $2 > /dev/null
route -qn add -net 224.0.0.0/4 -interface $2 >/dev/null
else else
route -qn add -net 224.0.0.0/4 -interface \ route -qn add -net 224.0.0.0/4 -interface \
127.0.0.1 -reject > /dev/null
127.0.0.1 -reject >/dev/null
fi fi
;; ;;
*:*) *:*)
echo 'config error, multicasting disabled until rc.conf is fixed' echo 'config error, multicasting disabled until rc.conf is fixed'
route -qn add -net 224.0.0.0/4 -interface 127.0.0.1 -reject > /dev/null
route -qn add -net 224.0.0.0/4 -interface 127.0.0.1 -reject >/dev/null
;; ;;
esac esac
@ -307,7 +307,7 @@ esac
ifmstart "pppoe tun gif gre bridge" ifmstart "pppoe tun gif gre bridge"
# Reject 127/8 other than 127.0.0.1. # Reject 127/8 other than 127.0.0.1.
route -qn add -net 127 127.0.0.1 -reject > /dev/null
route -qn add -net 127 127.0.0.1 -reject >/dev/null
if [ "$ip6kernel" = "YES" ]; then if [ "$ip6kernel" = "YES" ]; then
# This is to make sure DAD is completed before going further. # This is to make sure DAD is completed before going further.


+ 12
- 12
src/etc/rc View File

@ -1,4 +1,4 @@
# $OpenBSD: rc,v 1.450 2015/07/18 00:03:34 rpe Exp $
# $OpenBSD: rc,v 1.451 2015/07/18 00:37:23 rpe Exp $
# System startup script run by init on autoboot or after single-user. # System startup script run by init on autoboot or after single-user.
# Output and error are redirected to console by init, and the console is the # Output and error are redirected to console by init, and the console is the
@ -19,7 +19,7 @@ stripcom() {
test -z "$_line" && continue test -z "$_line" && continue
echo $_line echo $_line
done done
} < $_file
} <$_file
} }
# Update resource limits when sysctl changes. # Update resource limits when sysctl changes.
@ -51,7 +51,7 @@ update_limit() {
done done
} }
# Apply sysctl(8) settings.
# Apply sysctl(8) settings.
sysctl_conf() { sysctl_conf() {
test -s /etc/sysctl.conf || return test -s /etc/sysctl.conf || return
@ -80,7 +80,7 @@ mixerctl_conf()
# delete comments and blank lines # delete comments and blank lines
set -- `stripcom /etc/mixerctl.conf` set -- `stripcom /etc/mixerctl.conf`
while [ $# -ge 1 ] ; do while [ $# -ge 1 ] ; do
mixerctl -q $1 > /dev/null 2>&1
mixerctl -q $1 >/dev/null 2>&1
shift shift
done done
} }
@ -116,7 +116,7 @@ random_seed()
# Populate net.inet.(tcp|udp).baddynamic with the contents of /etc/services so # Populate net.inet.(tcp|udp).baddynamic with the contents of /etc/services so
# as to avoid randomly allocating source ports that correspond to well-known # as to avoid randomly allocating source ports that correspond to well-known
# services.
# services.
fill_baddynamic() fill_baddynamic()
{ {
local _service=$1 local _service=$1
@ -138,7 +138,7 @@ fill_baddynamic()
} }
# Start daemon using the rc.d daemon control scripts. # Start daemon using the rc.d daemon control scripts.
# Usage: start_daemon daemon1 daemon2 daemon3
# Usage: start_daemon daemon1 daemon2 daemon3
start_daemon() start_daemon()
{ {
local _n local _n
@ -369,7 +369,7 @@ if [ -f /etc/resolv.conf.save ]; then
touch /etc/resolv.conf touch /etc/resolv.conf
fi fi
sh /etc/netstart sh /etc/netstart
dmesg > /dev/random # Any write triggers a rekey.
dmesg >/dev/random # Any write triggers a rekey.
# Load pf rules and bring up pfsync interface. # Load pf rules and bring up pfsync interface.
if [ X"${pf}" != X"NO" ]; then if [ X"${pf}" != X"NO" ]; then
@ -470,9 +470,9 @@ if [ ! -f /etc/motd ]; then
install -c -o root -g wheel -m 664 /dev/null /etc/motd install -c -o root -g wheel -m 664 /dev/null /etc/motd
fi fi
if T=`mktemp /tmp/_motd.XXXXXXXXXX`; then if T=`mktemp /tmp/_motd.XXXXXXXXXX`; then
sysctl -n kern.version | sed 1q > $T
echo "" >> $T
sed '1,/^$/d' < /etc/motd >> $T
sysctl -n kern.version | sed 1q >$T
echo "" >>$T
sed '1,/^$/d' </etc/motd >>$T
cmp -s $T /etc/motd || cp $T /etc/motd cmp -s $T /etc/motd || cp $T /etc/motd
rm -f $T rm -f $T
fi fi
@ -481,7 +481,7 @@ if [ X"${accounting}" = X"YES" ]; then
if [ ! -f /var/account/acct ]; then if [ ! -f /var/account/acct ]; then
touch /var/account/acct touch /var/account/acct
fi fi
echo 'turning on accounting'; accton /var/account/acct
echo 'turning on accounting'; accton /var/account/acct
fi fi
if [ -f /sbin/ldconfig ]; then if [ -f /sbin/ldconfig ]; then
@ -495,7 +495,7 @@ if [ -f /sbin/ldconfig ]; then
ldconfig $shlib_dirs ldconfig $shlib_dirs
fi fi
echo 'preserving editor files.'; /usr/libexec/vi.recover
echo 'preserving editor files.'; /usr/libexec/vi.recover
echo -n 'starting network daemons:' echo -n 'starting network daemons:'
start_daemon ldomd sshd snmpd ldpd ripd ospfd ospf6d bgpd ifstated start_daemon ldomd sshd snmpd ldpd ripd ospfd ospf6d bgpd ifstated


Loading…
Cancel
Save