<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <HTML> <HEAD> <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9"> <TITLE>The Linux Cipe+Masquerading mini-HOWTO: Putting it all together</TITLE> <LINK HREF="Cipe+Masq-9.html" REL=next> <LINK HREF="Cipe+Masq-7.html" REL=previous> <LINK HREF="Cipe+Masq.html#toc8" REL=contents> </HEAD> <BODY> <A HREF="Cipe+Masq-9.html">Next</A> <A HREF="Cipe+Masq-7.html">Previous</A> <A HREF="Cipe+Masq.html#toc8">Contents</A> <HR> <H2><A NAME="s8">8. Putting it all together</A></H2> <P>This is an example rc.local script to start everything when your system boots. It will add spoofing protection in the kernel if you are using a 2.2 kernel, setup the masquerading firewall policies, and start the cipe interface(s). <P> <BLOCKQUOTE><CODE> <HR> <PRE> #!/bin/bash #4/4/99 #an example rc.local script #Send questions or comments to acj@home.com echo #Set up spoof protection in kernel -- from IPChains HOWTO by Paul Russell #this is only for the newer 2.1/2.2 kernels #if [ -e /proc/sys/net/ipv4/conf/all/rp_filter ]; then # echo -n "Setting up IP spoofing protection..." # for f in /proc/sys/net/ipv4/conf/*/rp_filter; do # echo 1 > $f # done # echo "done." #else # echo PROBLEMS SETTING UP IP SPOOFING PROTECTION. BE WORRIED. # echo "CONTROL-D will exit from this shell and continue system startup." # echo # # Start a single user shell on the console # /sbin/sulogin $CONSOLE #fi echo #Setup firewall policies if [ -x /etc/rc.d/rc.firewall ]; then echo Setting up firewall packet filtering policies. echo . /etc/rc.d/rc.firewall fi #Start cipe interfaces if [ -x /etc/rc.d/rc.cipe ]; then echo Starting VPN interfaces. . /etc/rc.d/rc.cipe fi exit 0 </PRE> <HR> </CODE></BLOCKQUOTE> <P> <P> <HR> <A HREF="Cipe+Masq-9.html">Next</A> <A HREF="Cipe+Masq-7.html">Previous</A> <A HREF="Cipe+Masq.html#toc8">Contents</A> </BODY> </HTML>