From a8fb738148de14bf5c8e16293780da8233154328 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Thu, 21 Feb 2002 02:32:01 +0000
Subject: [PATCH] Change the network components initialization order. Change
 from: o all interfaces o all bridges o routes to: o physical interfaces o
 routes o gif and gre interfaces o bridges

Fixeski PR #2400.
Manual page updates coming soon.
Ok angelos@ chris@ deraadt@
---
 src/etc/netstart | 339 ++++++++++++++++++++++++++++-------------------
 1 file changed, 199 insertions(+), 140 deletions(-)

diff --git a/src/etc/netstart b/src/etc/netstart
index 694f0362..fba839bf 100644
--- a/src/etc/netstart
+++ b/src/etc/netstart
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$OpenBSD: netstart,v 1.82 2001/07/31 08:27:35 hugh Exp $
+#	$OpenBSD: netstart,v 1.83 2002/02/21 02:32:01 miod Exp $
 
 # Returns true if $1 contains only alphanumerics
 isalphanumeric() {
@@ -16,22 +16,175 @@ isalphanumeric() {
 	return 0
 }
 
+# Start the $1 interface
+ifstart() {
+	# Interface names must be alphanumeric only.  We check to avoid
+	# configuring backup or temp files, and to catch the "*" case.
+	if ! isalphanumeric "$1"; then
+		return
+	fi
+
+	ifconfig $1 > /dev/null 2>&1
+	if [ "$?" != "0" ]; then
+		return
+	fi
+
+	# Now parse the hostname.* file
+	while :; do
+		if [ "$cmd2" ]; then
+			# We are carrying over from the 'read dt dtaddr'
+			# last time.
+			set -- $cmd2
+			af="$1" name="$2" mask="$3" bcaddr="$4" ext1="$5" cmd2=
+			# Make sure and get any remaining args in ext2,
+			# like the read below
+			i=1
+			while [ i -lt 6 -a -n "$1" ]; do shift; let i=i+1; done
+			ext2="$@"
+		else
+			# Read the next line or exit the while loop.
+			read af name mask bcaddr ext1 ext2 || break
+		fi
+		# $af can be "dhcp", "up", "rtsol", an address family,
+		# commands, or a comment.
+		case "$af" in
+		"#"*|"") # skip comments and empty lines
+			continue
+			;;
+		"!"*) # parse commands
+			cmd="${af#*!} ${name} ${mask} ${bcaddr} ${ext1} ${ext2}"
+			;;
+		"bridge")
+			cmd="echo /etc/hostname.$1: bridges now supported via bridgename.* files"
+			;;
+		"dhcp")
+			[ "$name" = "NONE" ] && name=
+			[ "$mask" = "NONE" ] && mask=
+			[ "$bcaddr" = "NONE" ] && bcaddr=
+			ifconfig $1 $name $mask $bcaddr $ext1 $ext2 down
+			cmd="dhclient $1"
+			;;
+		"rtsol")
+			ifconfig $1 $name $mask $bcaddr $ext1 $ext2 up
+			rtsolif="$rtsolif $1"
+			cmd=
+			;;
+		"up")
+			# The only one of these guaranteed to be set is $1.
+			# The remaining ones exist so that media controls work.
+			cmd="ifconfig $1 $name $mask $bcaddr $ext1 $ext2 up"
+			;;
+		*)
+			read dt dtaddr
+			if [ "$name"  = "alias" ]; then
+				# perform a 'shift' of sorts
+				alias=$name
+				name=$mask
+				mask=$bcaddr
+				bcaddr=$ext1
+				ext1=$ext2
+				ext2=
+			else
+				alias=
+			fi
+			cmd="ifconfig $1 $af $alias $name "
+			case "$dt" in
+			dest)
+				cmd="$cmd $dtaddr"
+				;;
+			[a-z!]*)
+				cmd2="$dt $dtaddr"
+				;;
+			esac
+			if [ ! -n "$name" ]; then
+				echo "/etc/hostname.$1: invalid network configuration file"
+				return
+			fi
+			case $af in
+			inet)
+				[ "$mask" ] && cmd="$cmd netmask $mask"
+				if [ "$bcaddr" -a "X$bcaddr" != "XNONE" ]; then
+					cmd="$cmd broadcast $bcaddr"
+				fi
+				[ "$alias" ] && rtcmd=";route -n add -host $name 127.0.0.1"
+				;;
+			inet6) [ "$mask" ] && cmd="$cmd prefixlen $mask"
+				cmd="$cmd $bcaddr"
+				;;
+			*)
+				cmd="$cmd $mask $bcaddr"
+				;;
+			esac
+			cmd="$cmd $ext1 $ext2$rtcmd" rtcmd=
+			;;
+		esac
+		eval "$cmd"
+	done < /etc/hostname.$1
+}
+
+# Start the $1 bridge
+bridgestart() {
+	# Interface names must be alphanumeric only.  We check to avoid
+	# configuring backup or temp files, and to catch the "*" case.
+	if ! isalphanumeric "$1"; then
+		return
+	fi
+	brconfig $1 > /dev/null 2>&1
+	if [ "$?" != "0" ]; then
+		return
+	fi
+
+	# Now parse the bridgename.* file
+	# All lines are run as brconfig(8) commands.
+	while read line ; do
+		line=${line%%#*}		# strip comments
+		test -z "$line" && continue
+		case "$line" in
+		"!"*)
+			cmd="${line#*!}"
+			;;
+		*)
+			cmd="brconfig $1 $line"
+			;;
+		esac
+		eval "$cmd"
+	done < /etc/bridgename.$1
+}
+
 # Re-read /etc/rc.conf
 . /etc/rc.conf
 
+# If we were invoked with a list of interface names, just reconfigure these
+# interfaces (or bridges) and return.
+if [ $1x = autobootx ]; then
+	shift
+fi
+if [ $# -gt 0 ]; then
+	while [ $# -gt 0 ]; do
+		if [ -f /etc/bridgename.$1 ]; then
+			bridgestart $1
+		else
+			ifstart $1
+		fi
+		shift
+	done
+	return
+fi
+
+# Otherwise, process with the complete network initialization.
+
 # /etc/myname contains my symbolic name
-#
 hostname=`cat /etc/myname`
 hostname $hostname
 if [ -f /etc/defaultdomain ]; then
 	domainname `cat /etc/defaultdomain`
 fi
 
-# set the address for the loopback interface
-# it will also initialize IPv6 address for lo0 (::1 and others).
+# Set the address for the loopback interface.
+# It will also initialize IPv6 address for lo0 (::1 and others).
 ifconfig lo0 inet localhost
 
-# use loopback, not the wire
+# Use loopback, not the wire.
 route -n add -host $hostname localhost > /dev/null
 route -n add -net 127 127.0.0.1 -reject > /dev/null
 
@@ -39,25 +192,25 @@ if ifconfig lo0 inet6 >/dev/null 2>&1; then
 	# IPv6 configurations.
 	ip6kernel=YES
 
-	# disallow link-local unicast dest without outgoing scope identifiers.
+	# Disallow link-local unicast dest without outgoing scope identifiers.
 	route add -inet6 fe80:: -prefixlen 10 ::1 -reject > /dev/null
 
-	# disallow site-local unicast dest without outgoing scope identifiers.
+	# Disallow site-local unicast dest without outgoing scope identifiers.
 	# If you configure site-locals without scope id (it is permissible
 	# config for routers that are not on scope boundary), you may want
 	# to comment the line out.
 	route add -inet6 fec0:: -prefixlen 10 ::1 -reject > /dev/null
 
-	# disallow "internal" addresses to appear on the wire.
+	# Disallow "internal" addresses to appear on the wire.
 	route add -inet6 ::ffff:0.0.0.0 -prefixlen 96 ::1 -reject > /dev/null
 
-	# disallow packets to malicious IPv4 compatible prefix.
+	# Disallow packets to malicious IPv4 compatible prefix.
 	route add -inet6 ::224.0.0.0 -prefixlen 100 ::1 -reject > /dev/null
 	route add -inet6 ::127.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
 	route add -inet6 ::0.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
 	route add -inet6 ::255.0.0.0 -prefixlen 104 ::1 -reject > /dev/null
 
-	# disallow packets to malicious 6to4 prefix.
+	# Disallow packets to malicious 6to4 prefix.
 	route add -inet6 2002:e000:: -prefixlen 20 ::1 -reject > /dev/null
 	route add -inet6 2002:7f00:: -prefixlen 24 ::1 -reject > /dev/null
 	route add -inet6 2002:0000:: -prefixlen 24 ::1 -reject > /dev/null
@@ -83,108 +236,22 @@ else
 	ip6kernel=NO
 fi
 
-# configure all of the non-loopback interfaces which we know about.
-# refer to hostname.if(5) and bridgename.if(5)
+# Configure all the non-loopback interfaces which we know about.
+# Refer to hostname.if(5) and bridgename.if(5)
 for hn in /etc/hostname.*; do
-    # Strip off /etc/hostname. prefix
-    if=${hn#/etc/hostname.}
-
-    # Interface names must be alphanumeric only.  We check to avoid
-    # configuring backup or temp files, and to catch the "*" case.
-    if ! isalphanumeric "$if"; then
-	continue
-    fi
-    ifconfig $if > /dev/null 2>&1
-    if [ "$?" != "0" ]; then
-	continue
-    fi
+	# Strip off /etc/hostname. prefix
+	if=${hn#/etc/hostname.}
 
-    # Now parse the hostname.* file
-    while :; do
-	if [ "$cmd2" ]; then
-	    # we are carrying over from the 'read dt dtaddr' last time
-	    set -- $cmd2
-	    af="$1" name="$2" mask="$3" bcaddr="$4" ext1="$5" cmd2=
-	    # make sure and get any remaining args in ext2, like the read below
-	    i=1; while [ i -lt 6 -a -n "$1" ]; do shift; let i=i+1; done
-	    ext2="$@"
-	else
-	    # read the next line or exit the while loop
-	    read af name mask bcaddr ext1 ext2 || break
-	fi
-	# $af can be "dhcp", "up", "rtsol", an address family, commands, or
-	# a comment.
-	case "$af" in
-	"#"*|"") # skip comments and empty lines
-	    continue
-	    ;;
-	"!"*) # parse commands
-	    cmd="${af#*!} ${name} ${mask} ${bcaddr} ${ext1} ${ext2}"
-	    ;;
-	"bridge")
-	    cmd="echo ${hn}: bridges now supported via bridgename.* files"
-	    ;;
-	"dhcp")
-	    [ "$name" = "NONE" ] && name=
-	    [ "$mask" = "NONE" ] && mask=
-	    [ "$bcaddr" = "NONE" ] && bcaddr=
-	    ifconfig $if $name $mask $bcaddr $ext1 $ext2 down
-	    cmd="dhclient $if"
-	    ;;
-	"rtsol")
-	    ifconfig $if $name $mask $bcaddr $ext1 $ext2 up
-	    rtsolif="$rtsolif $if"
-	    cmd=
-	    ;;
-	"up")
-	    # The only one of these guaranteed to be set is $if
-	    # the remaining ones exist so that media controls work
-	    cmd="ifconfig $if $name $mask $bcaddr $ext1 $ext2 up"
-	    ;;
-	*)
-	    read dt dtaddr
-	    if [ "$name"  = "alias" ]; then
-		# perform a 'shift' of sorts
-		alias=$name
-		name=$mask
-		mask=$bcaddr
-		bcaddr=$ext1
-		ext1=$ext2
-		ext2=
-	    else
-		alias=
-	    fi
-	    cmd="ifconfig $if $af $alias $name "
-	    case "$dt" in
-	    dest)
-		cmd="$cmd $dtaddr"
-		;;
-	    [a-z!]*)
-		cmd2="$dt $dtaddr"
-		;;
-	    esac
-	    if [ ! -n "$name" ]; then
-		    echo "/etc/hostname.$if: invalid network configuration file"
-		return
-	    fi
-	    case $af in
-	    inet)
-		[ "$mask" ] && cmd="$cmd netmask $mask"
-		if [ "$bcaddr" -a "X$bcaddr" != "XNONE" ]; then
-		    cmd="$cmd broadcast $bcaddr"
-		fi
-		[ "$alias" ] && rtcmd="; route -n add -host $name 127.0.0.1"
+	case $if in
+	"gif"*|"gre"*)
+		# GIF and GRE interfaces need the routes to be setup before
+		# they are configured.
+		continue
 		;;
-	    inet6) [ "$mask" ] && cmd="$cmd prefixlen $mask"
-		cmd="$cmd $bcaddr"
+	*)
+		ifstart $if
 		;;
-	    *) cmd="$cmd $mask $bcaddr"
-	    esac
-	    cmd="$cmd $ext1 $ext2$rtcmd" rtcmd=
-	    ;;
 	esac
-	eval "$cmd"
-    done < /etc/hostname.$if
 done
 
 if [ "$ip6kernel" = "YES" -a "x$rtsolif" != "x" ]; then
@@ -203,39 +270,6 @@ if [ "$ip6kernel" = "YES" ]; then
 	sleep 1
 fi
 
-for bn in /etc/bridgename.*; do
-    # Strip off /etc/bridgename. prefix
-    if=${bn#/etc/bridgename.}
-
-    # Interface names must be alphanumeric only.  We check to avoid
-    # configuring backup or temp files, and to catch the "*" case.
-    if ! isalphanumeric "$if"; then
-        continue
-    fi
-    brconfig $if > /dev/null 2>&1
-    if [ "$?" != "0" ]; then
-	continue
-    fi
-
-    # Now parse the bridgename.* file
-    {
-	# All lines are run as brconfig(8) commands.
-	while read line ; do
-	    line=${line%%#*}		# strip comments
-	    test -z "$line" && continue
-	    case "$line" in
-	    "!"*)
-		cmd="${line#*!}"
-		;;
-	    *)
-		cmd="brconfig $if $line"
-		;;
-	    esac
-	    eval "$cmd"
-	done
-    } < /etc/bridgename.$if
-done
-
 # /etc/mygate, if it exists, contains the name of my gateway host
 # that name must be in /etc/hosts.
 if [ -f /etc/mygate ]; then
@@ -273,3 +307,28 @@ EOF
 	route -n add -net 224.0.0.0/4 -interface 127.0.0.1 -reject > /dev/null
 	;;
 esac
+
+# Configure all the gif and gre interfaces which we know about.
+# They were delayed because they require the routes to be set.
+for hn in /etc/hostname.*; do
+	# Strip off /etc/hostname. prefix
+	if=${hn#/etc/hostname.}
+
+	case $if in
+	"gif"*|"gre"*)
+		ifstart $if
+		;;
+	*)
+		# Regular interfaces have already been configured.
+		continue
+		;;
+	esac
+done
+
+# Configure all the bridges.
+for bn in /etc/bridgename.*; do
+	# Strip off /etc/bridgename. prefix
+	if=${bn#/etc/bridgename.}
+
+	bridgestart $if
+done