Justin de Vesine was less than thrilled with his internet service. On a good day, his high-speed would pretend to be dial-up; usually, it seemed that things would just give up loading half-way through. Through some trial and error, he narrowed it down to the brand-name DSL modem that his ISP gave him. Since it was running a stripped down version of Linux, and supported telnet administration, Justin decided to log in and poke around some of the scripts and config files to see if he could find the source of his problems.

When he came across this gem of a start-up script, Justin was not surprised that his DSL modem was the source of his troubles.

#! /bin/sh
# rcS           Call all S??* scripts in /etc/rcS.d in
#               numerical/alphabetical order.
# Version:      @(#)/etc/init.d/rcS  2.76  19-Apr-1999  [email protected]
# FOXME: clean up comments for release
trap "" SIGHUP

umask 022
export PATH runlevel prevlevel

#       Trap CTRL-C &c only in this shell so we can interrupt subprocesses.
trap ":" INT QUIT TSTP

mount -n /proc
#mount -n -o remount,rw /
mount /var

mkdir /var/etc
mkdir /var/etc/ppp
mkdir /var/etc/pc
echo "/bin/cp  /etc/ppp/* /var/etc/ppp"
/bin/cp /etc/ppp/* /var/etc/ppp
/bin/cp /etc/* /var/etc
/bin/cp /etc/localhosts /var/etc/pc

/bin/rm -f /var/etc/config.xml
/bin/rm -f /var/etc/sysdef.xml
/bin/rm -f /var/etc/firewall*
/bin/rm -f /var/etc/progdefs.xml
/bin/rm -f /var/etc/strings.xml
/bin/rm -f /var/etc/services
/bin/rm -f /var/etc/led.conf
/bin/rm -f /var/etc/tr-69para.txt

# unreserve for unp systems
echo "0 0" > /proc/sys/vm/pagetable_cache
# router
echo 1 > /proc/sys/net/ipv4/ip_forward
# pppox
echo 1 > /proc/sys/net/ipv4/ip_dynaddr
# ignore_all not yet used: this should be satisfactory
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
# drop spoofed addr: turn this off on non-loop-free networks
echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter
echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter
# do not honor source route flags
echo 0 > /proc/sys/net/ipv4/conf/default/accept_source_route
echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route
# protect against syn flood attacks
echo 1 >/proc/sys/net/ipv4/tcp_syncookies
# this needs proper sampling on av_blog to determine optimal value
# idiots cant figure out how to do this in a reasonable amoutn of time
# for now just observe softnet_stats to see # time was throttled
# historical value was 300
echo 100 > /proc/sys/net/core/netdev_max_backlog

# default value was 8192
echo 2048 > /proc/sys/net/ipv4/route/max_size

(cd /; tar xf var.tar)

mkdir /var/tmp/html
cp -f /usr/www/html/pc_*.html /var/tmp/html
#add for pushbutton
cp -f /usr/bin/add_dev /var/tmp/add_dev

/sbin/ledapp -b powerred 0
/sbin/ledapp -b powergreen 4
/sbin/ledapp -b pppoe 0
/sbin/ledapp -b pppoered 0
sleep 1

/sbin/insmod tiatm
sleep 1

/sbin/insmod avalanche_usb
sleep 1

/sbin/insmod avalanche_i2c
sleep 1

# UPnP is a piece of crap and requires loopback
ifconfig lo

/usr/sbin/thttpd -d /usr/www -u root -p 80 -c '/cgi-bin/*'

/usr/bin/cm_pc > /dev/tts/0 &

#start modules needed for website block, I think following add by Steven

#turn power led to green after 10s i guess
sleep 1

/sbin/iptables -I OUTPUT -o br0 -p icmp --icmp-type 3 -j DROP
/bin/ln -s /proc/net/ip_conntrack /var/tmp/ip_conntrack
#for stunnel
mkdir /var/run
mkdir /var/run/stunnel
#mkdir /var/run/stunnel/trusted
#mkdir /var/run/stunnel/certs
#only need to copy the server conf, client conf gets fucked by config.xml
cp -f /sbin/stunnel1.conf /var/etc/
#rm -f /var/etc/stunnel.conf
#cp -f /etc/*.pem /var/run/stunnel/trusted/
#cp -f /etc/*.pem /var/run/stunnel/certs/
/sbin/stunnel /var/etc/stunnel1.conf &
[Advertisement] BuildMaster allows you to create a self-service release management platform that allows different teams to manage their applications. Explore how!