1#!/bin/sh
2#
3# $FreeBSD: head/etc/rc.d/pf 165683 2006-12-31 10:37:18Z yar $
4#
5
6# PROVIDE: pf
7# REQUIRE: root mountcritlocal netif pflog pfsync
8# BEFORE: routing
9# KEYWORD: nojail
10
11. /etc/rc.subr
12
13name="pf"
14rcvar=`set_rcvar`
15load_rc_config $name
16start_cmd="pf_start"
17stop_cmd="pf_stop"
18check_cmd="pf_check"
19reload_cmd="pf_reload"
20resync_cmd="pf_resync"
21status_cmd="pf_status"
22extra_commands="check reload resync status"
23required_files="$pf_rules"
24required_modules="pf"
25
26pf_start()
27{
28 echo "Enabling pf."
29 $pf_program -F all > /dev/null 2>&1
30 $pf_program -f "$pf_rules" $pf_flags
31 if ! $pf_program -s info | grep -q "Enabled" ; then
32 $pf_program -e
33 fi
34}
35
36pf_stop()
37{
38 if $pf_program -s info | grep -q "Enabled" ; then
39 echo "Disabling pf."
40 $pf_program -d
41 fi
42}
43
44pf_check()
45{
46 echo "Checking pf rules."
47 $pf_program -n -f "$pf_rules"
48}
49
50pf_reload()
51{
52 echo "Reloading pf rules."
53 $pf_program -n -f "$pf_rules" || return 1
54 # Flush everything but existing state entries that way when
55 # rules are read in, it doesn't break established connections.
56 $pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
57 $pf_program -f "$pf_rules" $pf_flags
58}
59
60pf_resync()
61{
62 $pf_program -f "$pf_rules" $pf_flags
63}
64
65pf_status()
66{
67 $pf_program -s info
68}
69
70run_rc_command "$1"
2#
3# $FreeBSD: head/etc/rc.d/pf 165683 2006-12-31 10:37:18Z yar $
4#
5
6# PROVIDE: pf
7# REQUIRE: root mountcritlocal netif pflog pfsync
8# BEFORE: routing
9# KEYWORD: nojail
10
11. /etc/rc.subr
12
13name="pf"
14rcvar=`set_rcvar`
15load_rc_config $name
16start_cmd="pf_start"
17stop_cmd="pf_stop"
18check_cmd="pf_check"
19reload_cmd="pf_reload"
20resync_cmd="pf_resync"
21status_cmd="pf_status"
22extra_commands="check reload resync status"
23required_files="$pf_rules"
24required_modules="pf"
25
26pf_start()
27{
28 echo "Enabling pf."
29 $pf_program -F all > /dev/null 2>&1
30 $pf_program -f "$pf_rules" $pf_flags
31 if ! $pf_program -s info | grep -q "Enabled" ; then
32 $pf_program -e
33 fi
34}
35
36pf_stop()
37{
38 if $pf_program -s info | grep -q "Enabled" ; then
39 echo "Disabling pf."
40 $pf_program -d
41 fi
42}
43
44pf_check()
45{
46 echo "Checking pf rules."
47 $pf_program -n -f "$pf_rules"
48}
49
50pf_reload()
51{
52 echo "Reloading pf rules."
53 $pf_program -n -f "$pf_rules" || return 1
54 # Flush everything but existing state entries that way when
55 # rules are read in, it doesn't break established connections.
56 $pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
57 $pf_program -f "$pf_rules" $pf_flags
58}
59
60pf_resync()
61{
62 $pf_program -f "$pf_rules" $pf_flags
63}
64
65pf_status()
66{
67 $pf_program -s info
68}
69
70run_rc_command "$1"