这是一个示例 rc.local 脚本,用于在系统启动时启动所有内容。 如果您使用的是 2.2 内核,它将在内核中添加欺骗保护,设置伪装防火墙策略,并启动 cipe 接口。
#!/bin/bash
#4/4/99
#an example rc.local script
#Send questions or comments to acj@home.com
echo
#Set up spoof protection in kernel -- from IPChains HOWTO by Paul Russell
#this is only for the newer 2.1/2.2 kernels
#if [ -e /proc/sys/net/ipv4/conf/all/rp_filter ]; then
# echo -n "Setting up IP spoofing protection..."
# for f in /proc/sys/net/ipv4/conf/*/rp_filter; do
# echo 1 > $f
# done
# echo "done."
#else
# echo PROBLEMS SETTING UP IP SPOOFING PROTECTION. BE WORRIED.
# echo "CONTROL-D will exit from this shell and continue system startup."
# echo
# # Start a single user shell on the console
# /sbin/sulogin $CONSOLE
#fi
echo
#Setup firewall policies
if [ -x /etc/rc.d/rc.firewall ]; then
echo Setting up firewall packet filtering policies.
echo
. /etc/rc.d/rc.firewall
fi
#Start cipe interfaces
if [ -x /etc/rc.d/rc.cipe ]; then
echo Starting VPN interfaces.
. /etc/rc.d/rc.cipe
fi
exit 0