Justin de Vesine was less than thrilled with his internet service. On a good day, his high-speed would pretend to be dial-up; usually, it seemed that things would just give up loading half-way through. Through some trial and error, he narrowed it down to the brand-name DSL modem that his ISP gave him. Since it was running a stripped down version of Linux, and supported telnet administration, Justin decided to log in and poke around some of the scripts and config files to see if he could find the source of his problems.

When he came across this gem of a start-up script, Justin was not surprised that his DSL modem was the source of his troubles.

#! /bin/sh # # rcS Call all S??* scripts in /etc/rcS.d in # numerical/alphabetical order. # # Version: @(#)/etc/init.d/rcS 2.76 19-Apr-1999 miquels@cistron.nl # # FOXME: clean up comments for release trap "" SIGHUP PATH=/sbin:/bin:/usr/sbin:/usr/bin runlevel=S prevlevel=N umask 022 export PATH runlevel prevlevel # # Trap CTRL-C &c only in this shell so we can interrupt subprocesses. # trap ":" INT QUIT TSTP mount -n /proc #mount -n -o remount,rw / mount /var #ACTION_TEC mkdir /var/etc mkdir /var/etc/ppp mkdir /var/etc/pc echo "/bin/cp /etc/ppp/* /var/etc/ppp" /bin/cp /etc/ppp/* /var/etc/ppp /bin/cp /etc/* /var/etc /bin/cp /etc/localhosts /var/etc/pc /bin/rm -f /var/etc/config.xml /bin/rm -f /var/etc/sysdef.xml /bin/rm -f /var/etc/firewall* /bin/rm -f /var/etc/progdefs.xml /bin/rm -f /var/etc/strings.xml /bin/rm -f /var/etc/services /bin/rm -f /var/etc/led.conf /bin/rm -f /var/etc/tr-69para.txt # unreserve for unp systems echo "0 0" > /proc/sys/vm/pagetable_cache # router echo 1 > /proc/sys/net/ipv4/ip_forward # pppox echo 1 > /proc/sys/net/ipv4/ip_dynaddr # ignore_all not yet used: this should be satisfactory echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts # drop spoofed addr: turn this off on non-loop-free networks echo 1 > /proc/sys/net/ipv4/conf/default/rp_filter echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter # do not honor source route flags echo 0 > /proc/sys/net/ipv4/conf/default/accept_source_route echo 0 > /proc/sys/net/ipv4/conf/all/accept_source_route # protect against syn flood attacks echo 1 >/proc/sys/net/ipv4/tcp_syncookies # this needs proper sampling on av_blog to determine optimal value # idiots cant figure out how to do this in a reasonable amoutn of time # for now just observe softnet_stats to see # time was throttled # historical value was 300 echo 100 > /proc/sys/net/core/netdev_max_backlog # default value was 8192 echo 2048 > /proc/sys/net/ipv4/route/max_size (cd /; tar xf var.tar) mkdir /var/tmp/html cp -f /usr/www/html/pc_*.html /var/tmp/html #add for pushbutton cp -f /usr/bin/add_dev /var/tmp/add_dev /sbin/ledcfg /sbin/ledapp -b powerred 0 /sbin/ledapp -b powergreen 4 /sbin/ledapp -b pppoe 0 /sbin/ledapp -b pppoered 0 sleep 1 /sbin/insmod tiatm sleep 1 /sbin/insmod avalanche_usb sleep 1 /sbin/insmod avalanche_i2c sleep 1 # UPnP is a piece of crap and requires loopback ifconfig lo 127.0.0.1 /usr/sbin/thttpd -d /usr/www -u root -p 80 -c '/cgi-bin/*' #WHO WROTE THIS JUNK /usr/bin/cm_pc > /dev/tts/0 & #start modules needed for website block, I think following add by Steven ipq_act& #turn power led to green after 10s i guess powergreen& sleep 1 syslogd /sbin/iptables -I OUTPUT -o br0 -p icmp --icmp-type 3 -j DROP /bin/ln -s /proc/net/ip_conntrack /var/tmp/ip_conntrack #for stunnel mkdir /var/run mkdir /var/run/stunnel #mkdir /var/run/stunnel/trusted #mkdir /var/run/stunnel/certs #only need to copy the server conf, client conf gets fucked by config.xml cp -f /sbin/stunnel1.conf /var/etc/ #rm -f /var/etc/stunnel.conf #cp -f /etc/*.pem /var/run/stunnel/trusted/ #cp -f /etc/*.pem /var/run/stunnel/certs/ /sbin/stunnel /var/etc/stunnel1.conf &