Man Linux: Main Page and Category List

NAME

       /etc/netscript/network.conf   -   interface,   firewalling,   and   QoS
       configuration file.

       /etc/netscript/if.conf - interface setup shell script file

       /etc/netscript/qos.conf - QoS setup shell script file

       /etc/netscript/ipfilter.conf - IP chains filtering shell script file

       /etc/netscript/srvfilter.conf - server IP filter shell script file

DESCRIPTION

       This manpage is a place holder until something better is  written  when
       the netscript itself has stopped changing rapidly.

       Please  see  the  README file in the /etc/netscript directory, and READ
       the configuration files  if  you  need  to  change  them.   Apart  from
       network.conf,  all  of them contain sh (1) shell script functions which
       are there so that various things can be altered or  hooked  in  at  the
       right  place.  Network.conf  contains  the  full network setup details,
       including    special    interface    setup    for    the    likes    of
       ciped/pppd/wanconfig, and is fully commented with examples given.

UPGRADE PATH FROM KERNEL 2.2.X

       The  firewall/IP  filtering  stuff  in  ipfilter.conf  is the part that
       changed radically with the move to iptables and a  far  better  way  of
       setting  up  the  IP  filtering  rules,  however  the QoS and interface
       startup/shutdown in if.conf have changed but are  backwards  compatible
       with  the  old  2.2.x  ipchains  version of netscript for the interface
       address configuration settings.  You will have to set up the  filtering
       again to use iptables by directly using the iptables commands.

       Also,  the  kernel 2.2.x version scripts are set up so that iptables is
       only run on a 2.4.x kernel, otherwise  IP  forwarding  is  disabled  if
       beforehand you set IPFWDING_KERNEL to FILTER_ON in network.conf.

       This  means  that  when you upgrade a box to a 2.4.x router kernel, you
       should then be able to reboot it and  log  into  remotely  and  upgrade
       netscript  to  the version that will support 2.4.x.  In this situation,
       if you have set old IPFWDING_KERNEL setting to FILTER_ON beforehand  in
       network.conf,  all IP forwarding through the box will also be disabled.
       This means that you can safely remotely upgrade a firewall.

SEE ALSO

       netscript(8), ipchains(8), iproute(8), brcfg(8).

AUTHOR

       This    manual    page     was     written     by     Matthew     Grant
       <grantma@anathoth.gen.nz>,  for the Debian GNU/Linux system (but may be
       used by others).

BUGS

       The author is lazy.  He needs to write btter man pages...

                               November 23, 2000