This file is indexed.

/etc/netscript/if.conf is in netscript-2.4 5.3.0ubuntu1.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
###############################################################################
# Interface activation/deactivation functions
#  Here so that special interface commands can be called and daemons started
#  
#  Arps can be set up here, network/host routes and so forth.
#
#  This appears to be a little messy but is needed to achieve maximum 
#  functionality and flexibility.
#
###############################################################################

SED_IFSTR='s/\([A-Za-z]*\)[0-9]*$/\1/'
SED_IPV4STR='s/^.*inet \([0-9]\+\.[0-9]\+\.[0-9]\+\.[0-9]\+[/0-9]\+\) .*$/\1/'
SED_IPV6STR='s/^.*inet6 \([0-9a-f]\+\:.*\:[0-9a-f]\+[/0-9]\+\) .*$/\1/'
SED_IPV6ADDR="sed -e 's/:0\+\([0-9a-fA-F]\+\)/:\1/g' | sed -e 's/^0\+\([0-9a-fA-F]\+\)/\1/'| sed -e 's/\(:0\)\+:\(:0\)*\|\(:0\)*:\(:0\)\+/:/'"
SED_IPV4ADDR="sed -e 's/\.0\+\([0-9a-fA-F]\+\)/.\1/g' | sed -e 's/^0\+\([0-9a-fA-F]\+\)/\1/'"

if_addr_start () {
	local IPADDR2 ADDR ADDR2
	local ADDRS
	local ANS
	local OIFS
	local IFACE=$1

	# Glue stuff
	if [ -n "$MASKLEN" ]; then
		IPADDR="${IPADDR}/${MASKLEN}"
	fi

	if [ -n "$PTPADDR" ]; then
		IPADDR="${IPADDR}_peer_${PTPADDR}"
	fi

	if [ -n "$BROADCAST" ]; then
		IPADDR="${IPADDR}_brd_${BROADCAST}"
	fi

	if [ -n "$IP_EXTRA_ADDRS" ]; then
		IPADDR="$IPADDR $IP_EXTRA_ADDRS"
	fi

	# Take care of leading zeroes in supplied addresses
	for ADDR in $IPADDR; do
		if echo $ADDR | grep -q ':'; then
			#IPv6
			ADDR2=`echo $ADDR | eval $SED_IPV6ADDR` 	
			IPADDR2="$IPADDR2 $ADDR2"
		else
			#IPv4
			ADDR2=`echo $ADDR | eval $SED_IPV4ADDR`
			IPADDR2="$IPADDR2 $ADDR2"
		fi
	done
	IPADDR="$IPADDR2"

	# Set up link MTU etc
	ip link set $1 $IFCFG_MULTICAST $IFCFG_MTU
	
	# Set up IPv6 Interface sysctl here before interface goes up
	ifv6_setproc $1 accept_redirects $IPV6_ACCEPT_REDIRECTS
	ifv6_setproc $1 accept_ra $IPV6_ACCEPT_RA
	ifv6_setproc $1 accept_ra_pinfo $IPV6_ACCEPT_RA_PINFO
	ifv6_setproc $1 accept_ra_rt_info_max_plen $IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN
	ifv6_setproc $1 disable_ipv6 $IPV6_DISABLE
	ifv6_setproc $1 forwarding $IPV6_FWDING
	ifv6_setproc $1 router_solicitations $IPV6_ROUTER_SOLICITATIONS
	ifv6_setproc $1 use_tempaddr $IPV6_PRIVACY
	
	# Bring the interface up
	ip link set dev $1 up

	# This one has to be set after interface up
	ifv6_setproc $1 mtu $IPV6_MTU

	# Set up the addresses on the interface
	
	ADDRS=`ip addr show dev $IFACE |  grep '^.*inet[ 46]' \
		| sed -e "$SED_IPV4STR" | sed -e "$SED_IPV6STR"`

	for ADDR in $IPADDR; do
		for ADDR2 in $ADDRS; do
			ADDR2=`echo $ADDR2 | sed -e 's/\/32\|\/128//'`
			ANS=${ADDR#$ADDR2}
			if [ "$ANS" != "$ADDR" ]; then
				continue 2
			fi
		done
		OIFS=$IFS
		IFS="${IFS}_"
		ip addr add $ADDR dev $IFACE
		IFS=$OIFS
	done
	
	# Strip out addresses that should not be there
	for ADDR in $ADDRS; do
		# Don't delete IPv6 link local addresses
		if echo $ADDR | grep -q -i '^fe[89ab]'; then
			continue
		fi
		ANS=`echo $IPADDR | grep $ADDR`
		if [ -z "$ANS" ]; then
			ip addr del $ADDR dev $IFACE
		fi
	done

	return 0
}


if_addr_stop () {
	local FILE
	
	qt ip link set $1 down
	qt ip addr flush dev $1		
}

if_up () {
	local ADDR

        # sort out a few things to make life easier - here so that you
        # can see what is done and so that you can add anything if needed
        eval IPADDR=\${"$1"_IPADDR:-""}     # I am also a good genius
	eval MASKLEN=\${"$1"_MASKLEN:-""}
	eval BROADCAST=\${"$1"_BROADCAST:-""}
        eval PTPADDR=\${"$1"_PTPADDR:-""}
        eval IP_EXTRA_ADDRS=\${"$1"_IP_EXTRA_ADDRS:-""}
        eval MTU=\${"$1"_MTU:-""}
        eval MULTICAST=\${"$1"_MULTICAST:-""}
	eval HB_TICKLE=\${"$1"_HB_TICKLE:-""}
	eval BRIDGE=\${"$1"_BRIDGE:-""}
	eval RESOLVCONF=\${"$1"_RESOLVCONF:-""}
	eval local DEFAULT_GW=\${"$1"_DEFAULT_GW:-""}
        eval local FAIRQ=\${"$1"_FAIRQ:-""}
        eval local TXQLEN=\${"$1"_TXQLEN:-""}
        eval local IP_SPOOF=\${"$1"_IP_SPOOF:-""}
        eval local IP_KRNL_LOGMARTIANS=\${"$1"_IP_KRNL_LOGMARTIANS:-""}
        eval local IP_SHARED_MEDIA=\${"$1"_IP_SHARED_MEDIA:-""}
        eval local IP_SEND_REDIRECTS=\${"$1"_IP_SEND_REDIRECTS:-""}
        eval local PROXY_ARP=\${"$1"_PROXY_ARP:-""}
	eval IPV6_ACCEPT_REDIRECTS=\${"$1"_IPV6_ACCEPT_REDIRECTS:-""}
	eval IPV6_ACCEPT_RA=\${"$1"_IPV6_ACCEPT_RA:-""}
	eval IPV6_ACCEPT_RA_PINFO=\${"$1"_IPV6_ACCEPT_RA_PINFO:-""}
	eval IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=\${"$1"_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN:-""}
	eval IPV6_DISABLE=\${"$1"_IPV6_DISABLE:-""}
	eval IPV6_FWDING=\${"$1"_IPV6_FWDING:-""}
	eval IPV6_PRIVACY=\${"$1"_IPV6_PRIVACY:-""}
	eval IPV6_ROUTER_SOLICITATIONS=\${"$1"_IPV6_ROUTER_SOLICITATIONS:-""}
	eval IPV6_MTU=\${"$1"_IPV6_MTU:-""}
	if [ -n "DEFAULT_GW" -a -z "$IPV4_DEFAULT_GW" ]; then
		IPV4_DEFAULT_GW="$DEFAULT_GW"
		IPV4_DEFAULT_GWDEV="$1"
	fi
	unset IFCFG_BROADCAST IFCFG_MULTICAST IFCFG_MTU
	if [ -n "$BROADCAST" ] ; then
                IFCFG_BROADCAST="broadcast $BROADCAST"
        fi
	if [ -n "$MTU" ] ; then
		IFCFG_MTU="mtu $MTU"
	fi
	if [ -n "$MULTICAST" ] ; then
		case $MULTICAST in
		No|no|NO|off|Off|OFF)
			IFCFG_MULTICAST="multicast off"
			;;
		Yes|YES|yes|on|On|ON)
			IFCFG_MULTICAST="multicast on"
			;;
		*)
			unset IFCFG_MUTLICAST
			;;
		esac
	fi
	local IFTYPE=`echo $1 | sed -e $SED_IFSTR`

	# Do dee global bridge stuff
	brg_global
		 
	# Set default interface flags here - used for PPP and WAN interfaces
        # IPv4
	ifv4_setproc default rp_filter $DEF_IP_SPOOF
        ifv4_setproc default log_martians $DEF_IP_KRNL_LOGMARTIANS
	ifv4_setproc all accept_redirects $ALLIF_ACCEPT_REDIRECTS

        # Set up each interface
	if qt type ${1}_start ; then
		# execute user supplied individual interface start up
		${1}_start $1
	elif qt type ${IFTYPE}_start ; then
		# execute user supplied typed interface start up
		${IFTYPE}_start $1
	else
		# default interface startup
                brg_iface $1 up "$BRIDGE" "$IPV6_DISABLE"
		# Start interface
		if_addr_start $1
	fi
        
	# Do universal interface config items here
	# QoS setup
	ip_QoSclear $1
	ip_QoS $1
        # Set the TX Queue Length
        [ -n "$TXQLEN" ] \
                && ip link set $1 txqlen $TXQLEN
	
	# Default route support
	ipv4_default_route $1
	ipv6_default_route $1

	# Set up routes and ARP etc
	if qt type ${1}_network ; then
		${1}_network $1
	fi

	# Resolvconf support
	if [ -n "$RESOLVCONF" ]; then
		if_resolvconf_up $1 "$RESOLVCONF"
	fi

	# Interface sysctl stuff here
	# IPv4
	# Spoof protection
        ifv4_setproc $1 rp_filter $IP_SPOOF
        # Kernel logging of martians on this interface
        ifv4_setproc $1 log_martians $IP_KRNL_LOGMARTIANS
	# Shared Media stuff
	ifv4_setproc $1 shared_media $IP_SHARED_MEDIA
	# Sending of Redirects
	ifv4_setproc $1 send_redirects $IP_SEND_REDIRECTS
	# Proxy ARP support
	ifv4_setproc $1 proxy_arp $PROXY_ARP

	# Emit required upstart event - this can be adjusted
	iface_upstart_emit 'net-device-up' "IFACE=${1}" 'LOGICAL=${1}' \
				'ADDRFAM=inet' 'METHOD=static'

	unset IPADDR MASKLEN BROADCAST PTPADDR IP_EXTRA_ADDRS MTU MULTICAST
	unset BROADCAST RESOLVCONF
	unset IPV6_ACCEPT_REDIRECTS IPV6_ACCEPT_RA IPV6_FWDING IPV6_MTU 
	unset IPV6_ROUTER_SOLICITATIONS IPV6_PRIVACY IPV6_ACCEPT_RA_PINFO 
	unset IPV6_DISABLE
	unset IFCFG_BROADCAST IFCFG_MULTICAST IFCFG_MTU

        return 0
}

if_down () {
	local IFTYPE=`echo $1 | sed -e $SED_IFSTR`

	# Clean up any resolvconf stuff
	if_resolvconf_down $1

	# Do Dee global bridge stuff
	brg_global

	if qt type ${1}_stop ;  then
		# execute user supplied individual interface shutdown
		${1}_stop $1
	elif qt type ${IFTYPE}_stop ; then
		# execute user supplied typed interface shutdown
		${IFTYPE}_stop $1
	else
		# default action
       		brg_iface $1 down $IPV6_DISABLE
		if_addr_stop $1
	fi

        # Clean up any QoS/fair queuing stuff
        ip_QoSclear $1

	# Clean up IPv6 stuff
	if [ -d ${IPV6_PROC}/conf/${1} ]; then
		for FILE in accept_redirects accept_ra forwarding \
			router_solicitations use_tempaddr; do
			echo  `cat $IPV6_PROC/conf/default/$FILE` \
				> $IPV6_PROC/conf/$1/$FILE
		done
	fi

	# Emit required upstart event - this can be adjusted
	iface_upstart_emit 'net-device-down' "IFACE=${1}" "LOGICAL=${1}" \
				'ADDRFAM=inet' 'METHOD=static'

	true

}       #END if_down

if_lo_up () {

	# Bring up interface lo
	case "$IPV4_DISABLE" in
	YES|Yes|yes)
		;;
	*)
		qt ip addr add 127.0.0.1/8 broadcast 127.255.255.255 dev lo
		;;
	esac

	ip link set lo up \
	&& iface_upstart_emit 'net-device-up' 'IFACE=lo' 'LOGICAL=lo' \
		'ADDRFAM=inet' 'METHOD=static'

}

if_resolvconf_up () {
	if [ $# != 2 -a $# != 3 ]; then
		echo "  Usage: `basename $0`: fn if_resolvconf_up <if-name>  <search-path> <ns1-ip>" 1>&2
		echo "         `basename $0`: fn if_resolvconf_up <if-name> <resolvconf-stdin>" 1>&2
		return 1;
	fi
	
	! qt type resolvconf && return 1

	if [ $# = 3 ]; then
		echo -ne "search ${2}\nnameserver ${3}\n" | resolvconf -a $1
	else
		echo -ne "$2" | resolvconf -a $1
	fi
}

if_resolvconf_down () {
	if [ $# != 1 ]; then
		echo "  Usage: `basename $0`: fn if_resolvconf_down <if-name>" 1>&2
		return 1;
	fi

	! qt type resolvconf && return 1

	# Go and do it...
	resolvconf -d $1
}