Provided by: netscript-2.4-upstart_5.3.0ubuntu1_all bug


       /etc/netscript/network.conf - interface, firewalling, and QoS configuration file.

       /etc/netscript/if.conf - interface setup shell script file

       /etc/netscript/qos.conf - QoS setup shell script file

       /etc/netscript/ipfilter.conf - IP chains filtering shell script file

       /etc/netscript/srvfilter.conf - server IP filter shell script file


       This manpage is a place holder until something better is written when the netscript itself
       has stopped changing rapidly.

       Please see the README file in the /etc/netscript directory,  and  READ  the  configuration
       files  if  you  need  to change them.  Apart from network.conf, all of them contain sh (1)
       shell script functions which are there so that various things can be altered or hooked  in
       at  the  right  place.  Network.conf  contains  the  full network setup details, including
       special interface setup for the likes of ciped/pppd/wanconfig, and is fully commented with
       examples given.


       The  firewall/IP  filtering stuff in ipfilter.conf is the part that changed radically with
       the move to iptables and a far better way of setting up the IP  filtering  rules,  however
       the  QoS  and  interface  startup/shutdown  in  if.conf  have  changed  but  are backwards
       compatible with the old 2.2.x ipchains version of  netscript  for  the  interface  address
       configuration  settings.   You  will have to set up the filtering again to use iptables by
       directly using the iptables commands.

       Also, the kernel 2.2.x version scripts are set up so that iptables is only run on a  2.4.x
       kernel,  otherwise  IP  forwarding  is  disabled  if beforehand you set IPFWDING_KERNEL to
       FILTER_ON in network.conf.

       This means that when you upgrade a box to a 2.4.x router kernel, you should then  be  able
       to  reboot it and log into remotely and upgrade netscript to the version that will support
       2.4.x.  In this situation, if you  have  set  old  IPFWDING_KERNEL  setting  to  FILTER_ON
       beforehand in network.conf, all IP forwarding through the box will also be disabled.  This
       means that you can safely remotely upgrade a firewall.


       netscript(8), ipchains(8), iproute(8), brcfg(8).


       This manual page was written by Matthew Grant <>,  for  the  Debian
       GNU/Linux system (but may be used by others).


       The author is lazy.  He needs to write btter man pages...

                                        November 23, 2000                   NETSCRIPT-2.2.conf(5)