#!/bin/bash
# knoppix-terminalserver - Generate initrd and config files for pxelinux
# and start/stop all services needed.
# (C) Klaus Knopper August 2001
#
# Spanish translation by Luis Llorente <luis.llorente@hispalinux.es>
# and Sergio Gonzalez <sergio.gonzalez@hispalinux.es>
# 번역 : jhumwhale(KLDP ID), 신재훈
# Knoppix 한글을 위한 코드 수정 : 신재훈

PATH="/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin"
export PATH

umask 022

[ "`id -u`" != "0" ] && exec sudo "$0" "$@"

TITLE="KNOPPIX Terminal Server"
TMPSUFFIX="-knoppix-terminalserver-orig"
# These are the config files that CAN be modified
CONFIGFILES="/etc/dhcp3/dhcpd.conf /etc/exports /etc/hosts.allow /etc/default/dhcp3-server /etc/squid/squid.conf /etc/bind/named.conf"
# The KNOPPIX-Terminalserver config file
CONFIG="/etc/sysconfig/knoppix-terminalserver"
STATUS="/var/run/knoppix-terminalserver.status"
# extra Kernel bootoptions
APPEND=""

# Services to stop
STOPSERVICES="nfs-kernel-server nfs-common portmap dhcp3-server"

# LANG et al.
[ -f /etc/sysconfig/i18n ] && { . /etc/sysconfig/i18n;  export LANG LC_ALL; }
[ -f /etc/sysconfig/knoppix-terminalserver ] && . /etc/sysconfig/knoppix-terminalserver

XDIALOG_HIGH_DIALOG_COMPAT=1
export XDIALOG_HIGH_DIALOG_COMPAT

TMP="/tmp/knoppix-terminalserver.menu.tmp$$"
   
KERNEL="$(uname -r)"

# Utility functions, usually called in $0 "start"
# Variable substitution has to be finished before

bailout(){
# Leave and remove temporary files
   rm -f "$TMP"
   [ "$1" = "2" ] && rm -f "$CONFIG"
   exit $1
}

validip(){
echo "$1" | egrep -q -e '[0-9]+\.[0-9]+\.[0-9]+.[0-9]+'
return $?
}

mkdhcpdconf(){
# Generate dhcpd.conf from template
[ ! -f /etc/dhcp3/dhcpd.conf"$TMPSUFFIX" ] && mv -f /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf"$TMPSUFFIX"
ALLNAMESERVERS=""
case "$OPTIONS" in *dns*) ALLNAMESERVERS="${IP}";; esac
for i in $NAMESERVERS; do ALLNAMESERVERS="${ALLNAMESERVERS:+$ALLNAMESERVERS,} $i"; done
GATEWAYS="$GATEWAY"
case "$OPTIONS" in *masq*) GATEWAYS="${IP} $GATEWAYS";; esac
ALLGATEWAYS=""
for i in $GATEWAYS; do ALLGATEWAYS="${ALLGATEWAYS:+$ALLGATEWAYS,} $i"; done
cat >/etc/dhcp3/dhcpd.conf <<EOT
# dhcpd.conf for KNOPPIX terminalserver

# global settings
allow booting;
allow bootp;
default-lease-time 600;
max-lease-time 7200;

subnet ${NETWORK}.0 netmask ${NETMASK} {
  next-server $IP;
  if substring (option vendor-class-identifier, 0, 9) = "Etherboot" { filename "etherboot.nbi"; }
  else { filename "pxelinux.0"; }
  option subnet-mask ${NETMASK};
  range ${IPRANGE_FROM} ${IPRANGE_TO};
  ${ALLNAMESERVERS:+option domain-name-servers $ALLNAMESERVERS;}
  ${ALLGATEWAYS:+option routers $ALLGATEWAYS;}
}
EOT
[ ! -f /etc/default/dhcp3-server"$TMPSUFFIX" ] && mv -f /etc/default/dhcp3-server /etc/default/dhcp3-server"$TMPSUFFIX"
echo "INTERFACES=\"$DEVICE\"" >/etc/default/dhcp3-server
}

mkexports(){
[ ! -f /etc/exports"$TMPSUFFIX" ] && mv -f /etc/exports /etc/exports"$TMPSUFFIX"
awk '{if(/^#/){print}else{exit}}' /etc/exports"$TMPSUFFIX" >/etc/exports
echo "/cdrom ${NETWORK}.0/${NETMASK}(ro,no_root_squash,async)" >>/etc/exports
awk '{if(body || /^[^#]/){body=1;print}}' /etc/exports"$TMPSUFFIX" >>/etc/exports
}

mkhostsallow(){
[ ! -f /etc/hosts.allow"$TMPSUFFIX" ] && mv -f /etc/hosts.allow /etc/hosts.allow"$TMPSUFFIX"
awk '{if(/^#/){print}else{exit}}' /etc/hosts.allow"$TMPSUFFIX" >/etc/hosts.allow
echo "portmap in.tftpd rpc.mountd mountd rpc.lockd lockd rpc.nfsd nfsd : 127.0.0.1 LOCAL ${NETWORK}.0/${NETMASK} : ALLOW" >>/etc/hosts.allow
awk '{if(body || /^[^#]/){body=1;print}}' /etc/hosts.allow"$TMPSUFFIX" >>/etc/hosts.allow
}

mktftpboot(){
# Create tftpboot directory and config
mkdir -p /tmp/tftpboot/pxelinux.cfg
[ ! -L /tftpboot ] && ln -s /tmp/tftpboot /
install -m 644 /usr/lib/syslinux/pxelinux.0 /usr/share/knoppix-terminalserver/templates/tftpboot/* /tftpboot/
[ -e /cdrom/boot/isolinux/logo.16 ] && install -m 644 /cdrom/boot/isolinux/logo.16 /tftpboot/
install -m 644 /boot/vmlinuz-$KERNEL /tftpboot/vmlinuz
rdev /tftpboot/vmlinuz /dev/ram1
KEYTABLE=""
case "$LANGUAGE" in de|at|ch) KEYTABLE="KBDMAP german.kbd";; esac
SECURE=""
case "$OPTIONS" in *secure*) SECURE=" secure";; esac
case "$OPTIONS" in *nx*) APPEND="${APPEND:+ $APPEND} desktop=nx nx_server_host=${IP}";; esac
cat >/tftpboot/pxelinux.cfg/default <<EOT
DEFAULT vmlinuz
APPEND$SECURE nfsdir=${IP}:/cdrom nodhcp lang=$LANGUAGE ramdisk_size=100000 init=/etc/init apm=power-off nomce vga=791 initrd=miniroot.gz quiet${APPEND:+ $APPEND} BOOT_IMAGE=knoppix
TIMEOUT 300
$KEYTABLE
PROMPT 1
DISPLAY boot.msg
LABEL knoppix
KERNEL vmlinuz
APPEND$SECURE nfsdir=${IP}:/cdrom nodhcp lang=$LANGUAGE ramdisk_size=100000 init=/etc/init apm=power-off nomce vga=791 initrd=miniroot.gz quiet${APPEND:+ $APPEND} BOOT_IMAGE=knoppix
LABEL knoppix-txt
KERNEL vmlinuz
APPEND$SECURE nfsdir=${IP}:/cdrom nodhcp lang=$LANGUAGE ramdisk_size=100000 init=/etc/init apm=power-off nomce vga=normal initrd=miniroot.gz${APPEND:+ $APPEND} BOOT_IMAGE=knoppix
LABEL expert
KERNEL vmlinuz
APPEND$SECURE nfsdir=${IP}:/cdrom nodhcp lang=$LANGUAGE ramdisk_size=100000 init=/etc/init apm=power-off nomce vga=791 initrd=miniroot.gz${APPEND:+ $APPEND} BOOT_IMAGE=expert
LABEL fb1024x768
KERNEL vmlinuz
APPEND$SECURE nfsdir=${IP}:/cdrom nodhcp lang=$LANGUAGE ramdisk_size=100000 init=/etc/init apm=power-off nomce vga=791 xmodule=fbdev initrd=miniroot.gz${APPEND:+ $APPEND} BOOT_IMAGE=knoppix
LABEL fb800x600
KERNEL vmlinuz
APPEND$SECURE nfsdir=${IP}:/cdrom nodhcp lang=$LANGUAGE ramdisk_size=100000 init=/etc/init apm=power-off nomce vga=788 xmodule=fbdev initrd=miniroot.gz${APPEND:+ $APPEND} BOOT_IMAGE=knoppix
EOT
}

mketherboot(){
# Make etherboot image
rm -f /tmp/net-boot.img
drivex='drive x: file="/tmp/net-boot.img"'
( grep -v -i "drive.*x:" ~/.mtoolsrc 2>/dev/null ; echo "$drivex" ) > ~/.mtoolsrc.new
mv -f ~/.mtoolsrc.new ~/.mtoolsrc
mformat -C -t 80 -s 36 -h 2 x:
mcopy /tftpboot/pxelinux.cfg/default x:syslinux.cfg
mcopy /tftpboot/vmlinuz /tftpboot/miniroot.gz \
      /usr/share/knoppix-terminalserver/templates/tftpboot/* x:
syslinux /tmp/net-boot.img
# Kanotix uses --rdbase=0x367400, why?
mknbi-dos --rdbase=0x220000 /tmp/net-boot.img  >/tftpboot/etherboot.nbi
rm -f /tmp/net-boot.img
}

mknamedconf(){
[ ! -f /etc/bind/named.conf"$TMPSUFFIX" ] && mv -f /etc/bind/named.conf /etc/bind/named.conf"$TMPSUFFIX"
FORWARDERS=""
for i in $NAMESERVERS; do FORWARDERS="$FORWARDERS $i;"; done
[ -n "$FORWARDERS" ] && FORWARDERS=" forwarders {${FORWARDERS}};"
cat >/etc/bind/named.conf <<EOT
// bind9 configuration file for KNOPPIX-Terminalserver
options { directory "/var/cache/bind"; query-source address * port 53;${FORWARDERS} auth-nxdomain no; };
zone "."                { type hint; file "/etc/bind/db.root"; };
zone "localhost"        { type master; file "/etc/bind/db.local"; };
zone "127.in-addr.arpa" { type master; file "/etc/bind/db.127"; };
zone "0.in-addr.arpa"   { type master; file "/etc/bind/db.0"; };
zone "255.in-addr.arpa" { type master; file "/etc/bind/db.255"; };
EOT
}

mksquidconf(){
# Not used yet
[ ! -f /etc/squid/squid.conf"$TMPSUFFIX" ] && mv -f /etc/squid/squid.conf /etc/squid/squid.conf"$TMPSUFFIX"
cat >/etc/squid/squid.conf <<EOT
# squid.conf for KNOPPIX-Terminalserver
# Transparent proxy config
visible_hostname Knoppix
http_port ${IP}:3128
http_port 127.0.0.1:3128
http_port ${IP}:8080
http_port 127.0.0.1:8080
cache_mem ${SQUID_CACHE_MEM:-8} MB
cache_dir ufs /var/spool/squid ${SQUID_CACHE_DISK:-16} 16 256
httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on
icp_port 0
hierarchy_stoplist cgi-bin ?
acl QUERY urlpath_regex cgi-bin \?
no_cache deny QUERY
acl all src 0.0.0.0/0.0.0.0
acl manager proto cache_object
acl localhost src 127.0.0.1/255.255.255.255
acl localnet src ${NETWORK}.0/${NETMASK}
acl SSL_ports port 443 563
acl Safe_ports port 80		# http
acl Safe_ports port 21		# ftp
acl Safe_ports port 443 563	# https, snews
acl Safe_ports port 70		# gopher
acl Safe_ports port 210		# wais
acl Safe_ports port 1025-65535	# unregistered ports
acl Safe_ports port 280		# http-mgmt
acl Safe_ports port 488		# gss-http
acl Safe_ports port 591		# filemaker
acl Safe_ports port 631		# cups
acl Safe_ports port 777		# multiling http
acl Safe_ports port 901		# SWAT
acl purge method PURGE
acl CONNECT method CONNECT
http_access allow manager localhost
http_access deny manager
http_access allow purge localhost
http_access deny purge
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost
http_access allow localnet
http_access deny all
icp_access deny all
EOT
}

mkinitrd(){
# Replaces the mkinitrd script that is normally present
echo "Making Mini Rootdisk."
MINISIZE=6000 # In kilobytes
MINIROOT="/tmp/knoppix-terminalserver-miniroot"
RAMDEV=""
rm -rf "$MINIROOT"
mkdir -p "$MINIROOT"
RAMDISK="/tmp/knoppix-ramdisk.$$"
rm -f "$RAMDISK"
dd if=/dev/zero of="$RAMDISK" bs="${MINISIZE}k" count=1
mke2fs -L "KNOPPIX Miniroot" -b 1024 -N 8192 -O none -F -q -m 0 "$RAMDISK" "${MINISIZE}"
mount -o loop,rw -t ext2 "$RAMDISK" "$MINIROOT"
rm -rf "$MINIROOT/lost+found"
for i in cdrom dev etc KNOPPIX lib mnt modules/net modules/scsi proc sys static tmp var/run; do
mkdir -p "$MINIROOT/$i"
done
for i in bin boot opt sbin usr; do
ln -s /KNOPPIX/"$i" "$MINIROOT/$i"
done
ln -s /tmp "$MINIROOT"/var/tmp
# Copy Templates
cp -a /usr/share/knoppix-terminalserver/templates/miniroot/* "${MINIROOT}/"
# Copy Programs
cp -a /bin/ash.static "${MINIROOT}/static/ash"
ln -s /static/ash "${MINIROOT}/static/init"
ln -s /static/ash "${MINIROOT}/static/sh"

# Check if we need the Kernel 2.6 insmod
INSMOD=""
case "$KERNEL" in 2.6.*) INSMOD=/sbin/insmod ;; esac

# Unfortunately, these are not integrated in ash-knoppix yet, so we need some shared
# libs. :-(
for i in /bin/mount /sbin/{pump,ifconfig,portmap} $INSMOD; do
 cp -a "$i" "${MINIROOT}/static/"
 ldd "$i" | while read lib skip path relax; do
  if [ -f "$lib" ]; then
   cp -up "$lib" "${MINIROOT}/lib/${lib##*/}"
  else
   [ -n "$path" ] && cp -up "$path" "${MINIROOT}/lib/${lib##*/}"
  fi
 done
done
cp /lib/libacl*.so.? /lib/libattr*.so.? /lib/libnss_files*.so.? /lib/libnss_dns*.so.? "${MINIROOT}/lib/"
strip "${MINIROOT}"/lib/*
# Copy device nodes
cp -a /dev/{null,zero,console,cloop*,hd*,sd*,ub*,init*,kmem,fd*,loop*,mem,ram*,*random,pts,psaux,ptmx,std*,systty,sndstat,tty,tty[0-9]*} "${MINIROOT}/dev/"
# Copy kernel modules
cp /lib/modules/$KERNEL/kernel/*/*/{af_packet,sunrpc,lockd,nfs}.*o "${MINIROOT}/modules/net/"
# New in Kernel 2.4
for i in /lib/modules/$KERNEL/kernel/lib/crc32.*o; do
cp "$i" "${MINIROOT}/modules/net/00_${i##*/}" 2>/dev/null
done
cp /lib/modules/$KERNEL/kernel/*/*/cloop.*o /lib/modules/$KERNEL/kernel/*/*/unionfs.*o "${MINIROOT}/modules/"
for i in $MODULES; do
find /lib/modules/$KERNEL/kernel/drivers/net -name "$i" -exec cp {} "${MINIROOT}/modules/net/" \;
done

# Find and copy module dependencies as well
for i in $MODULES; do
awk -F: '{if($1~/'"$i"'/) {print $2}}' /lib/modules/$KERNEL/modules.dep
done | sort | uniq | while read module relax; do [ -n "$module" ] && cp "$module" "${MINIROOT}/modules/net/00_${module##*/}"; done

umount "${MINIROOT}"
dd if="$RAMDISK" bs=${MINISIZE}k count=1 | gzip -9v > "${MINIROOT}.gz"
rm -r "$RAMDISK"
mv -f "${MINIROOT}.gz" /tftpboot/miniroot.gz
}

runnfs(){
/etc/init.d/nfs-kernel-server stop >/dev/null 2>&1
/etc/init.d/nfs-common stop >/dev/null 2>&1
/etc/init.d/portmap stop >/dev/null 2>&1
mkexports
mkhostsallow
/etc/init.d/portmap start
/etc/init.d/nfs-common start
/etc/init.d/nfs-kernel-server start
}

rundhcpd(){
/etc/init.d/dhcp3-server stop >/dev/null 2>&1
mkdhcpdconf
rm -f /var/lib/dhcp3/dhcpd.leases* 2>/dev/null
touch /var/lib/dhcp3/dhcpd.leases
/etc/init.d/dhcp3-server start
}

killtftpd(){
PID="$(ps auxww | awk '/in\.tftpd/{if(!/awk/){print $2}}')"
[ -n "$PID" ] && kill $PID 2>/dev/null
}

runtftpd(){
killtftpd
in.tftpd -l -s /tftpboot
}

runiptables(){
case "$OPTIONS" in *masq*)
iptables -P FORWARD DROP
ip6tables -P FORWARD DROP >/dev/null 2>&1
echo "1" >/proc/sys/net/ipv4/ip_forward
for ARGS in "FORWARD -i ${DEVICE} -s ${NETWORK}.0/${NETMASK} -j ACCEPT" \
            "FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT" \
	    "POSTROUTING -t nat -j MASQUERADE"; do
iptables -D $ARGS >/dev/null 2>&1 ; iptables -A $ARGS
ip6tables -D $ARGS >/dev/null 2>&1 ; ip6tables -A $ARGS >/dev/null 2>&1
done
;;
esac
}

runbind(){
case "$OPTIONS" in *dns*)
if [ -x /etc/init.d/bind9 ]; then
/etc/init.d/bind9 stop >/dev/null 2>&1; mknamedconf; /etc/init.d/bind9 start
else
echo "bind9 not installed, skipping." >&2
fi
;;
esac
}

runsquid(){
# Not used yet
case "$OPTIONS" in *squid*)
if [ -x /etc/init.d/squid ]; then
/etc/init.d/squid stop >/dev/null 2>&1
[ ! -d /var/spool/squid/00 ] && squid -z
mksquidconf
/etc/init.d/squid start
for ARGS in "PREROUTING -t nat -i ${DEVICE} -p tcp -s ${NETWORK}.0/${NETMASK} --dport 80 -j REDIRECT --to-port 8080"; do
iptables -D $ARGS >/dev/null 2>&1 ; iptables -I $ARGS
done
else
echo "squid not installed, skipping." >&2
fi
;;
esac
}

killsquid(){
case "$OPTIONS" in *squid*)
if [ -x /etc/init.d/squid ]; then
/etc/init.d/squid stop >/dev/null 2>&1
for ARGS in "PREROUTING -t nat -i ${DEVICE} -p tcp -s ${NETWORK}.0/${NETMASK} --dport 80 -j REDIRECT --to-port 8080"; do
iptables -D $ARGS >/dev/null 2>&1
done
fi
;;
esac
}

# EOF Utility functions

trap bailout 2 15

[ -f /etc/sysconfig/i18n ] && . /etc/sysconfig/i18n

DIALOG="dialog"
[ -n "$DISPLAY" ] && [ -x /usr/bin/Xdialog ] && DIALOG="Xdialog"

case "$1" in
stop)
{ [ ! -f "$STATUS" ] || [ "$(<$STATUS)" != "running" ]; } && { echo "KNOPPIX-Terminalserver not running."; exit 1; }
for s in $STOPSERVICES; do /etc/init.d/$s stop; done
killsquid
killtftpd
echo "configured" >"$STATUS"
;;
start)
[ -f "$CONFIG" ] || { echo "KNOPPIX-Terminalserver not configured yet, entering setup."; exec "$0" setup; }
[ -f "$STATUS" ] && [ "$(<$STATUS)" = "running" ] && { echo "KNOPPIX-Terminalserver already running."; exit 1; }
mktftpboot
mkinitrd
mketherboot
rundhcpd
runtftpd
runnfs
runiptables
runbind
runsquid
echo "running" >"$STATUS"
;;
unsetup|uninstall|unconfigure|deconfigure)
[ -f "$STATUS" ] && [ "$(<$STATUS)" = "running" ] && { echo "KNOPPIX-Terminalserver running, stopping services."; $0 stop; }
for f in $CONFIGFILES; do [ -f "$f$TMPSUFFIX" ] && { rm -f "$f"; mv -f "$f$TMPSUFFIX" "$f"; }; done
rm -f "$STATUS" "$CONFIG"
;;
setup|install|configure)
# Build $CONFIG configfile
rm -f "$CONFIG"
echo "# KNOPPIX Terminalserver config `date`" >"$CONFIG"

BACKTITLE="KNOPPIX TERMINALSERVER SETUP"

case "$LANGUAGE" in
de|at|ch)
TITLE_CARD="Bitte whlen Sie die Netzwerkkarte aus, die am Client-Netzwerk angeschlossen ist."
MESSAGE_CARD="Verfgbare Netzwerkkarten:"
TITLE_RUNCONFIG="Netcardconfig aufrufen"
MESSAGE_RUNCONFIG="Diese Netzwerkkarte wurde bisher noch nicht konfiguriert. Mchten Sie dies jetzt nachholen?"
TITLE_IPRANGE="IP Adressraum fr clients"
MESSAGE_IPRANGE="
Bitte geben Sie den gewnschten Bereich von IP-Adressen ein, der an Clients vergeben werden darf, Anfangs- und Endadresse durch ein einzelnes Leerzeichen getrennt.

Beispiel:
          192.168.0.100 192.168.0.200

fr Adressvergabe von 192.168.0.100 bis (einschlielich) 192.168.0.200.

"
MESSAGE_CARDS="Whlen Sie die auf den Clients zu untersttzenden Netzwerkkarten-Typen aus:"
TITLE_CARDS="Client Hardware"
TITLE_OPTIONS="Optionen"
MESSAGE_OPTIONS="Diese Optionen sind verantwortlich fr Performance und Sicherheit von Server und Clients. Die Webproxy-Option sollten Sie nur auswhlen, wenn Ihr Rechner ber mindestens 256MB Hauptspeicher verfgt."
TITLE_START="Server starten"
MESSAGE_START="Der KNOPPIX-Terminalserver wird nun im Hintergrund gestartet. Sie knnen die einzelnen Dienste (dhcpd, in.tftpd, nfsd, ...) in der Prozessliste des Systems verfolgen, und mit \"$0 stop\" oder dem entsprechenden Men den Terminalserver ggf. wieder beenden. ber PXE netzwerk-bootfhige Rechner sollten nun von diesem Rechner booten knnen, und mit den notwendigen Dateien ber das Netz versorgt werden. Server jetzt starten?"
TITLE_APPEND="Client Boot-Optionen"
MESSAGE_APPEND="Einige Hardware (bestimmte Grafikkarten, Monitore etc.) bentigen spezielle Bootoptionen, da sie nicht automatisch erkannt werden knnen (s. knoppix-cheatcodes.txt). Sie knnen hier eine durch Leerzeichen getrennte Liste von Bootoptionen und Parametern angeben, die auf den Clients ausgefhrt wird. Lassen Sie das Feld leer und whlen Sie \"OK\", falls keine speziellen Bootoptionen notwendig sind."
ITEM_SECURE="Root Zugang auf den Clients abschalten"
ITEM_DNS="Nameserver Cache/Proxy"
ITEM_SQUID="Transparenter WWW Cache/Proxy"
ITEM_IPTABLES="IP Masquerading+Forwarding"
ITEM_NX="NX ThinClient setup"
;;
es)
TITLE_CARD="Selecciona el dispositivo de red conectado a la red de clientes"
MESSAGE_CARD="Dispositivos de red disponibles:"
TITLE_RUNCONFIG="Ejecutari netcardconfig"
MESSAGE_RUNCONFIG="Esta tarjeta de red an no ha sido configurada. Le gustara hacerlo ahora?"
TITLE_IPRANGE="Rango de direcciones IP para los clientes"
MESSAGE_IPRANGE="
Por favor, introduzca los rangos de direcciones IP que deberan ser accesibles por los clientes, separados por un espacio single.

Ejemplo:
          192.168.0.101 192.168.0.200

para direcciones desde 192.168.0.101 hasta (inclusive) 192.168.0.200.

"
MESSAGE_CARDS="Seleccione tarjeta(s) de red para probar en las mquinas cliente:"
TITLE_CARDS="Hardware del cliente"
TITLE_OPTIONS="Opciones"
MESSAGE_OPTIONS="Estas opciones determinan el rendimiento y la seguridad del servidor y los clientes. Debera seleccionar la opcin webproxy slo si su servidor tiene al menos 265MB de memoria."
TITLE_START="Arrancando el servidor"
MESSAGE_START="El servidor KNOPPIX-Terminal se arrancar ahora. Puede observar los servicios individuales (dhcpd, in.tftpd, nfsd, ...) en el listado de procesos de su sistema. Si quiere finalizar el servidor de terminales, por favor, utilice \"$0 stop\" o el correspondiente elemento del men. Los ordenadores con una tarjeta de red arrancable PXE deberan ser capaces de arrancar remotamente desde este ordenador a partir de ahora. Arrancar el servidor?"
TITLE_APPEND="Opciones de arranque del cliente"
MESSAGE_APPEND="Para algn hardware (algunas tarjetas grficas, monitores) puede ser necesario tener que especificar opciones de arranque (ver knoppix-cheatcodes.txt). Aqu puede aadir una lista de opciones y parmetros separadas por espacios que sern aadidos a la lnea de comandos de arranque en las mquinas cliente. Deje vaco y pulse \"OK\" si sus clientes no necesitan ninguna."
ITEM_SECURE="Desactivar acceso root en cliente(s)"
ITEM_DNS="Cach de servidor de nombres/proxy"
ITEM_SQUID="Proxy WWW transparente cach"
ITEM_IPTABLES="Enmascaramiento IP + reenvo"
ITEM_NX="Configuracin del ThinClient NX"
;;
ko)
TITLE_CARD="클라이언트 네트워크에 연결된 네트워크 장치를 선택하십시오."
MESSAGE_CARD="사용가능한 네트워크 장치"
TITLE_RUNCONFIG="netcardconfig 시작"
MESSAGE_RUNCONFIG="이 네트워크 카드는 아직 설정되지 않았습니다. 지금 설정하시겠습니까?"
TITLE_IPRANGE="DHCP 클라이언트의 IP 주소 범위"
MESSAGE_IPRANGE="DHCP 클라이언트로서 자동으로 할당될 IP 범위를 하나의 공백으로 구별해서 입력하십시오.

예:
          192.168.0.101 192.168.0.200

192.168.0.101에서 192.168.0.200까지의 주소."
TITLE_CARDS="네트워크 카드 선택"
MESSAGE_CARDS="클라이언트쪽에 연결될 네트워크 카드의 모듈을 선택하십시오."
TITLE_OPTIONS="옵션"
MESSAGE_OPTIONS="이 옵션들은 서버/클라이언트의 성능과 보안 수준을 결정합니다. 메모리가 최소>한 265MB 이상인 경우에만 웹 프록시를 선택하십시오."
TITLE_START="서버 시작"
MESSAGE_START="KNOPPIX 터미널 서버가 지금 시작됩니다. 시스템의 프로세스 목록에서 개별적으로 서비스들(dhcpd, in.tftpd, nfsd, ...)을 확인할 수 있습니다. 터미널 서비스를 중지하고 싶으면, \"$0 stop\"을 사용하거나, 메뉴 항목을 사용하십시오. PXE-bootable 네트워크 카드가 있는 클라이언트 PC는 지금 이 머신으로부터 원격으로 부팅될수 있도록 환경이 갖추어져야합니다. 서버를 시작하시겠습니까?"
TITLE_APPEND="KNOPPIX 클라이언트의 원격 부팅을 위한 옵션"
MESSAGE_APPEND="어떤 하드웨어(그래픽 카드, 모니터)를 위해 특정 부트 옵션이 필요할 수 있습니다.\n (knoppix-cheatcodes.txt 참고) 공백으로 구분된 옵션과 인자를 추가할 수 있습니다.\n 이 옵션과 인자는 클라이언트의 커맨드라인에 추가될 것입니다.\n 클라이언트가 어떠한 옵션이나 인자도 필요로 하지 않다면 아무것도 입력하지 말고 \"OK\"를 누릅니다."
ITEM_SECURE="클라이언트로 root 접근 금지"
ITEM_DNS="네임서버 캐시/프록시"
ITEM_SQUID="투명 WWW cache/proxy"
ITEM_IPTABLES="IP 마스커레이딩+포워딩"
ITEM_NX="NX 씬 클라이언트 설정"
;;
*)
TITLE_CARD="Choose network device connected to client network"
MESSAGE_CARD="Available network devices:"
TITLE_RUNCONFIG="Run netcardconfig"
MESSAGE_RUNCONFIG="This network card has not been configured yet. Would you like to do this now?"
TITLE_IPRANGE="IP Address range for clients"
MESSAGE_IPRANGE="
Please enter the desired IP-Range of addresses that should be allocated by clients, separated by a single space.

Example:
          192.168.0.101 192.168.0.200

for addresses from 192.168.0.101 to (and including) 192.168.0.200.

"
MESSAGE_CARDS="Choose network card(s) to support/probe on client machines:"
TITLE_CARDS="Client hardware"
TITLE_OPTIONS="Options"
MESSAGE_OPTIONS="These options determine performance and security of server and clients. You should select the webproxy option only if your server has at least 265MB of memory."
TITLE_START="Starting server"
MESSAGE_START="The KNOPPIX-Terminal Server will now be started. You may observe the individual services (dhcpd, in.tftpd, nfsd, ...) in the process list of your system. If you want to end the terminal server, please use \"$0 stop\" or the corresponding menu item. Computers with a PXE-bootable network card should be able to boot remotely from this machine now. Start server?"
TITLE_APPEND="Client boot options"
MESSAGE_APPEND="For some hardware (certain graphics adapters, monitors) it can be necessary to specify boot options (see knoppix-cheatcodes.txt). You may add a space-separated list of options and parameters here that will be added to the boot commandline on the client machines. Leave empty and hit \"OK\" if your clients don't require any."
ITEM_SECURE="Disable root access on client(s)"
ITEM_DNS="Nameserver cache/proxy"
ITEM_SQUID="Transparent WWW cache/proxy"
ITEM_IPTABLES="IP masquerading+forwarding"
ITEM_NX="NX ThinClient setup"
;;
esac

rm -f "$TMP"

NETDEVICES="$(cat /proc/net/dev | awk -F: '/ath.:|wlan.:|eth.:|tr.:/{print $1}')"
DEVICELIST=""
for DEVICE in $NETDEVICES; do DEVICELIST="$DEVICELIST ${DEVICE} 네트워크카드eth_${DEVICE##eth}"; done
rm -f "$TMP"
$DIALOG --backtitle "$BACKTITLE" --title "$TITLE_CARD" --menu "$MESSAGE_CARD" 18 70 12 $DEVICELIST 2>"$TMP" || bailout 0
DEVICE="$(<$TMP)" ; rm -f "$TMP"

while true; do
IP="$(LANG=C LC_ALL=C ifconfig "$DEVICE" | awk '/[Ii]net [Aa]ddr/{FS="[: 	]*"; $0=$0; print $4; exit}')"
NETMASK="$(LANG=C LC_ALL=C ifconfig "$DEVICE" | awk '/[Mm]ask/{FS="[: 	]*"; $0=$0; print $8; exit}')"
validip "$IP" && break
$DIALOG --backtitle "$BACKTITLE" --title "$TITLE_RUNCONFIG" --yesno "$MESSAGE_RUNCONFIG" 18 45 && netcardconfig || bailout 2
done

NETWORK="${IP%.*}"
HOST="${IP##*.}"

[ "$HOST" -lt 201 ] && START=201 || START=151
[ "$START" = "201" ] && END=250 || END=200

IPRANGE_FROM=""
IPRANGE_TO=""
while [ -z "$IPRANGE_FROM" -o -z "$IPRANGE_TO" -o -z "$IPRANGE" ]; do
IPRANGE="$NETWORK.$START $NETWORK.$END"
rm -f "$TMP"
$DIALOG --clear --backtitle "$BACKTITLE" --title "$TITLE_IPRANGE ($DEVICE=$IP/$NETMASK)" --inputbox "$MESSAGE_IPRANGE" 18 75 "$IPRANGE" 2>"$TMP" || bailout 2
IPRANGE="$(<$TMP)"
IPRANGE_FROM="${IPRANGE%% *}"
IPRANGE_TO="${IPRANGE##* }"
for i in "$IPRANGE_FROM" "$IPRANGE_TO"; do
validip "$i" || IPRANGE=""
done
done

NAMESERVERS="$(awk '/^nameserver/{printf "%s ",$2}' /etc/resolv.conf)"
GATEWAY="$(LANG=C LC_ALL=C route -n | awk '/^0\.0\.0\.0/{print $2; exit}')"

echo "DEVICE=\"$DEVICE\"" >>"$CONFIG"
echo "IP=\"$IP\"" >>"$CONFIG"
echo "NETWORK=\"$NETWORK\"" >>"$CONFIG"
echo "NETMASK=\"$NETMASK\"" >>"$CONFIG"
echo "GATEWAY=\"$GATEWAY\"" >>"$CONFIG"
echo "NAMESERVERS=\"$NAMESERVERS\"" >>"$CONFIG"
echo "IPRANGE_FROM=\"$IPRANGE_FROM\"" >>"$CONFIG"
echo "IPRANGE_TO=\"$IPRANGE_TO\"" >>"$CONFIG"

find /lib/modules/$KERNEL/kernel/drivers/net -name \*.\*o | awk -F/ '{print $NF}' > $TMP
CARDLIST=$(echo -e $(modinfo -d $(find /lib/modules/$KERNEL/kernel/drivers/net -name \*.\*o) | sed 's/"$/"\\n/g; s/>$/>\\n/g') | paste $TMP - | sort | sed 's/<none>/Kernel-Module/g;' | awk -F"\t" '{printf("%s|%s|",$1,$2)}; /^8139too|^3c59x|^tulip|^eepro100|^sis900/{ print "on|" }; { print "off|" }' | grep "\..*o" | tr -d '\n' )
rm -f "$TMP"
IFS='|'
$DIALOG --clear --backtitle "$BACKTITLE" --title "$TITLE_CARDS" --checklist "$MESSAGE_CARDS" 22 70 15 \
$CARDLIST 2>"$TMP" || bailout 2
unset IFS
MODULES="$(sed 's,",,g;s,/, ,g;s,'\'',,g;' <$TMP)"
echo "MODULES=\"$MODULES\"" >>"$CONFIG"

# Check if iptables, bind9 or squid are present to build option list
USE_SQUID=""; [ -x /etc/init.d/squid ] && USE_SQUID="true"
# Caution: Use DNS cache only if we have other nameservers
USE_BIND=""; [ -x /etc/init.d/bind9 -a -n "$NAMESERVERS" ] && USE_BIND="true"
USE_IPTABLES=""; [ -x /sbin/iptables ] && USE_IPTABLES="true"
USE_NX=""; [ -x /usr/bin/nxserver ] && USE_NX="true"
rm -f "$TMP"
$DIALOG --clear --backtitle "$BACKTITLE" --title "$TITLE_OPTIONS" --checklist "$MESSAGE_OPTIONS" 22 70 15 \
"secure" "$ITEM_SECURE" on \
${USE_IPTABLES:+masq "$ITEM_IPTABLES" on} \
${USE_BIND:+dns "$ITEM_DNS (+4MB)" on} \
${USE_SQUID:+squid "$ITEM_SQUID (+40MB)" off} \
${USE_NX:+nx "$ITEM_NX" off} \
2>"$TMP" || bailout 2
OPTIONS="$(sed 's,",,g;s,/, ,g' <$TMP)"
echo "OPTIONS=\"$OPTIONS\"" >>"$CONFIG"
rm -f "$TMP"
$DIALOG --clear --backtitle "$BACKTITLE" --title "$TITLE_APPEND" --inputbox "$MESSAGE_APPEND" 18 75 "" 2>"$TMP" || bailout 2
APPEND="$(<$TMP)"
[ -n "$APPEND" ] && echo "APPEND=\"$APPEND\"" >>"$CONFIG"
rm -f "$TMP"
echo "configured" >"$STATUS"
$DIALOG --clear --backtitle "$BACKTITLE" --title "$TITLE_START" --yesno "$MESSAGE_START" 20 75 || bailout 0
# Finally start it.
exec $0 start
;;
*)
# No options given, display chooser
BACKTITLE="KNOPPIX TERMINALSERVER"
case "$LANGUAGE" in
de|at|ch)
TITLE_INTRO="Informationen zum KNOPPIX-Terminalserver"
MESSAGE_INTRO="Der KNOPPIX-Terminalserver ist eine Sammlung von Skripten und Utilities, um auf einem Rechner, auf dem bereits KNOPPIX luft, Services wie DHCP, TFTP und NFS zu starten, so dass der Kernel, eine dynamisch generierte Init-Ramdisk sowie das komprimierte KNOPPIX-Image ber das Netzwerk exportiert werden knnen.

Um KNOPPIX ber das Netzwerk zu booten, bentigen die Client-Rechner eine von Linux untersttzte, PXE-bootfhige Netzwerkkarte. Die serverseitig gestarteten Skripte erlauben es, die IP-Bereiche fr die Clients festzulegen und einige sicherheitsrelevante Optionen zu setzen (beispielsweise, ob ein Root-Zugang auf den Clients erlaubt sein soll oder nicht)."
TITLE_CHOOSER="Terminalserver Men"
MESSAGE_CHOOSER="Bitte auswhlen"
MESSAGE_CONFIG="Server (neu) konfigurieren und (neu) starten"
MESSAGE_START="Server starten"
MESSAGE_STOP="Server anhalten"
;;
es)
TITLE_INTRO="Informacin sobre el servidor de terminal KNOPPIX"
MESSAGE_INTRO="El servidor de terminal KNOPPIX es una coleccin de scripts que arranca servicios como dhcp, tftp, nfs en una mquina que ya est ejecutando KNOPPIX, de manera que el Kernel, una imagen dinmica generada por initrd y la imagen-loop comprimida se comparten a travs de la red.

Para arrancar Knoppix a travs de la red, necesita una tarjeta de red soportada por linux y arrancable mediante PXE en cada mquina cliente. Los scripts de arranque en el servidor le dejan elegir el rango de direcciones IP asignadas as como algunas opciones relativas a la seguridad (por ejemplo, el permitir o no root-Shells en las mquinas cliente)."
TITLE_CHOOSER="Men Terminalserver"
MESSAGE_CHOOSER="Por favor, seleccione:"
MESSAGE_CONFIG="(Re)configurar el servidor y (re)arrancar"
MESSAGE_START="Arrancar el servidor"
MESSAGE_STOP="Parar el servidor"
;;
ko)
TITLE_INTRO="KNOPPIX 터미널 서버에 대한 정보"
MESSAGE_INTRO="KNOPPIX 터미널 서버는 KNOPPIX로 운영중인 머신에서 dhcp, tftp, nfs등의 네트워크 서비스를 시작하는 스크립트들을 모아놓은 프로그램입니다. 이를 통해 커널,동적으로 생성되는 초기화파일, 압축된 루프 이미지를 네트워크를 통해 공유할 수 있습니다.

네트워크를 통해 원격으로 KNOPPIX를 부팅하고자 한다면 각각의 클라이언트에 리눅스에서 지원되는 PXE-bootable 네트워크 카드가 필요합니다. 서버의 네트워크 서비스 시작 스크립트에서 동적으로 할당될 IP주소 범위를 비롯한 보안에 관계된 몇몇 옵션을 설정할 수 있습니다. 이를테면 클라이언트에 루트 쉘을 할당할 것인지 여부 등을 설정할 수 있습니다."
 TITLE_CHOOSER="터미널 서버 메뉴"
 MESSAGE_CHOOSER="메뉴 설명"
 MESSAGE_CONFIG="서버 설정/재설정 및 시작/재시작"
 MESSAGE_START="서버 시작"
 MESSAGE_STOP="서버 중지"
 ;;
*)
TITLE_INTRO="Information about the KNOPPIX terminal server"
MESSAGE_INTRO="The KNOPPIX terminal server is a collection of scripts that starts services like dhcp, tftp, nfs on a machine already running KNOPPIX, so that the Kernel, a dynamically generated initrd and the compressed loop-image are shared over the network.

To boot Knoppix over the network, you need a Linux-supported, PXE-bootable Network card on each client machine. The server-side startup scripts let you chose the range of dynamically assigned IP addresses and some options concerning security (for example, whether or not to allow root-Shells on the client machines)."
TITLE_CHOOSER="Terminalserver Menu"
MESSAGE_CHOOSER="Please select:"
MESSAGE_CONFIG="(Re)configure server and (re)start"
MESSAGE_START="Start server"
MESSAGE_STOP="Stop server"
;;
esac
$DIALOG --clear --backtitle "$BACKTITLE" --title "$TITLE_INTRO" --msgbox "$MESSAGE_INTRO" 18 75
rm -f "$TMP"
$DIALOG --backtitle "$BACKTITLE" --title "$TITLE_CHOOSER" --menu "$MESSAGE_CHOOSER" 18 45 12 \
"setup" "$MESSAGE_CONFIG" \
"start" "$MESSAGE_START" \
"stop"  "$MESSAGE_STOP"  \
2>"$TMP" || bailout 0
OPTION="$(<$TMP)" ; rm -f "$TMP"
exec $0 $OPTION
;;
esac
bailout 0
