1) Shouldn't this be in the FAQ? John's post below is nearly good
good enough to answer "How do I start diald automatically" except
someone should check slakware, suse, and caldera distributions.
Do they all use sysv init?
Question
2) Seems like diald is started twice? See below.
Minor nits.
3) There is a skeleton in /etc/rc.d/init.d
4) Is run level 2 the right place?
Another FAQ issue.
It seems to me that if you just fire up diald as per normal instructions,
all your services are accessable from the net. Your only protection is
if tcp-wappers is installed correctly, and for things not started by
inetd, the authentication of the underlying daemon.
This seems a bit risky for the newbie.
Comments?
-- cary
>
> This is a great solution for users of the 2.0.xx kernel, but last week I
> migrated to 2.2.0 and gave myself a TON of new work to get ipmasq'ing
> running again. Bascially, ipfwadm is no longer a valid utility and has
> been replaced by ipchains. Here is what I wound up doing on my RedHat
> 5.1 box:
>
> 1)
> In the RedHat distro, most IP related services are started from links
> created in /etc/rc.d/rc2.d. These links point back to script stored in
> /etc/rc.d/init.d. I created a script called "diald" in /etc/rc.d/init.d
> that looks like this:
>
> +++++++++++++++++++++Start Here++++++++++++++++++++++++
> #!/bin/sh
> #
> # Startup script for the DIALD
> #
>
>
> # Source function library.
> . /etc/rc.d/init.d/functions
>
> # See how we were called.
> case "$1" in
> start)
> echo -n "Starting diald: "
> daemon /usr/sbin/diald
> echo
> touch /var/lock/subsys/diald
> ;;
> stop)
> echo -n "Shutting down diald: "
> [ -f /var/run/diald.pid ] && {
> kill `cat /var/run/diald.pid`
> echo -n diald
> }
> echo
> rm -f /var/lock/subsys/diald
> rm -f /var/run/diald.pid
> ;;
> status)
> status diald
> ;;
> restart)
> $0 stop
> $0 start
> ;;
> reload)
> echo -n "Reloading diald: "
> [ -f /var/run/diald.pid ] && {
> kill -HUP `cat /var/run/diald.pid`
> echo -n diald
> }
> echo
> ;;
> *)
> echo "Usage: $0 {start|stop|restart|reload|status}"
> exit 1
> esac
>
> exit 0
> +++++++++++++++++++++++++++END SCRIPT+++++++++++++++++++++++++++++
>
> OK, I actually copied the Apache script and "rewrote" it to start diald
> instead of httpd.
>
There should be a skeleton in /etc/rc.d/init.d. You can copy
that and edit it.
> I created a symlink to the script called "K15diald". Looking at the link
> in /etc/rc.d/rc2.d we see:
>
> lrwxrwxrwx 1 root root 15 Jan 27 23:00
> /etc/rc.d/rc2.d/K15diald -> ../init.d/diald
>
Depends on when you want diald to start. I run x, so I put
it in /etc/rc.d/rc5.d.
> 2)
>
> I downloaded and installed the ipchains utility needed to replace the
> old ipfwadm util.
>
> 3)
> At the end of my /etc/rc.d/rc.local I added:
>
> /usr/sbin/diald
*** HUH ***
Doesn't this start diald twice ??
> /usr/sbin/ipmasq-go
>
> Obviously /usr/sbin/diald is the diald binary. I have a habit of storing
> my scripts (ipmasq-go) in /usr/sbin for a strange reason - you can put
> them anywhere. /usr/sbin/ipmasq looks like:
>
> ipchains -F input
> ipchains -F output
> ipchains -F forward
> ipchains -P input ACCEPT
> ipchains -P output ACCEPT
> ipchains -P forward MASQ
>
*** HUH ***
This means all your services are accessable from the net, no?
Is this what you want?
>
> Pollywog wrote:
> >
> > On 01-Feb-99 Bob Hartung wrote:
> > > All,
> > >
> > > I have managed to get diald and masquerade working from the command
> > > line. Now as a relative newbie to Linux I need to show my ignorance of
> > > the boot process. I do not know what to put in the rc.local file or
> > > other files to autostart diald when I boot up the machine. I know what
> > > to put in for my simple forwarding rules but I'm not sure if they just
> > > go into rc.local or some other rc?? file.
> >
> > I have the following in my /etc/rc.d/rc.local
> >
> > /etc/rc.d/rc.firewall # the file with my ipfwadm rules
> > /usr/sbin/diald # to start diald when the machine boots
> >
> > rc.firewall contains:
> >
> > #!/bin/sh
> > # IP Masquerade
> > /sbin/ipfwadm -F -p deny
> > /sbin/ipfwadm -F -o -a m -S 192.168.1.0/24 -D 0.0.0.0/0
> > #
> > and other ipfwadm rules.
> >
> > --
> > Andrew
> >
> > -
> > To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> > the body of a message to [EMAIL PROTECTED]
>
> --
>
> John J. LeMay Jr.
> NJMC, LLC.
> http://www.njmc.com
>
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> the body of a message to [EMAIL PROTECTED]
>
-
To unsubscribe from this list: send the line "unsubscribe linux-diald" in
the body of a message to [EMAIL PROTECTED]
