#! /bin/csh -f # # (c) Copyright 1993-1997 Check Point Software Technologies Ltd. # All rights reserved. # # This is proprietary information of Check Point Software Technologies # Ltd., which is provided for informational purposes only and for use # solely in conjunction with the authorized use of Check Point Software # Technologies Ltd. products. The viewing and use of this information is # subject, to the extent appropriate, to the terms and conditions of the # license agreement that authorizes the use of the relevant product. # if (! $?FWDIR) then echo "FireWall-1: You must setenv FWDIR before starting FireWall-1" exit 1 endif if ( -f /kernel/genunix || -f /kernel/unix ) then set solaris2 = 1 else set solaris2 = 0 endif if ( -f /usr/lib/drivers/netinet ) then set aix = 1 else set aix = 0 endif if ( -f /hp-ux || -f /stand/vmunix ) then set hpux = 1 else set hpux = 0 endif if ( -f /kernel) then set freebsd = 1 else set freebsd = 0 endif #set dir = $0:h #set dir = $dir:h #if (-d $dir && -x $dir/bin/fwstart) then # setenv FWDIR $dir #endif #if (! $?FWDIR) setenv FWDIR /etc/fw if (-d $FWDIR/boot) then setenv FW_BOOT_DIR `cd $FWDIR/boot; pwd` else setenv FW_BOOT_DIR /etc/fw.boot endif set path = ( $FWDIR/bin /bin /usr/bin /etc /usr/etc /sbin /usr/sbin ) set name = `uname -m`.`uname -r` set name1 = `uname -r` source ${FWDIR}/scripts/readprod set masters if ( -f $FWDIR/conf/masters ) then set masters = ( `cat $FWDIR/conf/masters` ) endif if ($fw1_firewall) then if ( $solaris2 != 1 && $hpux != 1 && $aix != 1 ) set fwload if ($?fwload) then if ($freebsd) then set fwmod = $FW_BOOT_DIR/modules/fwmod.o set fwmod1 = $FW_BOOT_DIR/modules/fwmod.freebsd.o else set fwmod = $FW_BOOT_DIR/modules/fwmod.$name.o set fwmod1 = $FW_BOOT_DIR/modules/fwmod.$name1.o endif if (! -f $fwmod && ! -f $fwmod1) then echo "FireWall-1: No module for $name" echo "FireWall-1: failed" exit 1 endif if (! -f $fwmod) set fwmod = $fwmod1 modstat | grep -s fw if ($status == 0) then set kernelloaded = 1 else set kernelloaded = 0 endif if (X"$1" != "X-o" && $kernelloaded == 1) then echo "FireWall-1: Module already installed, perform fwstop" echo "FireWall-1: failed" exit 1 endif if ($kernelloaded == 0) then echo 'FireWall-1: Loading kernel module...' if ($freebsd) then /usr/ips/flowutil set forward 0 >& /dev/null (cd $FW_BOOT_DIR/modules ; modload -v -A /kernel -e fw1_init -p fw.mkdev -o fwmod fwmod.o) fw putlic -k fw ctl install else modload $fwmod -sym -exec $FW_BOOT_DIR/modules/fw.mkdev endif endif else if ($aix) then $FWDIR/modules/fw_cfg -l fw putlic -k if ($status) then echo 'FireWall-1: failed to install license' exit 1 endif endif if ($hpux) then fw putlic -k if ($status) then echo 'FireWall-1: failed to install license' exit 1 endif endif fw ctl install if($status) then echo 'FireWall-1: failed to install' exit 1 endif endif endif sync ; sync ; sync echo 'FireWall-1: Starting fwd' if ($fw1_firewall) then fwd $masters else fwd -n $masters endif if ($status) then echo 'FireWall-1: failed to start fwd' echo 'FireWall-1: failed' exit 1 endif if ($fw1_firewall) then set dosnmp = `cat $FWDIR/conf/product.conf | grep -i snmp | awk -F\= '{print $2}'` if ("X$dosnmp" == "X") set dosnmp = 0 if ($dosnmp) then echo 'FireWall-1: Starting snmpd' if ( $aix ) then nohup /usr/sbin/snmpd > /dev/null endif nohup $FWDIR/bin/snmpd > /dev/null if ($status) then echo 'FireWall-1: failed to start snmpd' endif endif endif if ($fw1_management && -f $FWDIR/bin/fwm) then echo 'FireWall-1: Starting fwm (Remote Management Server)' fwm if ($status) then echo 'FireWall-1: failed to start fwm' endif endif echo "" #fw isonlycontrol >& /dev/null #if ($status) then if (!($fw1_firewall)) then echo "FireWall-1: This is a Management Station. No Security Policy will be Loaded" echo "FireWall-1 started" exit 0 endif set masters = ( $masters localhost ) echo "FireWall-1: Fetching Security Policy from $masters" fw fetch $masters set err = $status echo 'FireWall-1 started' exit $err