| ipfilter (164175) | ipfilter (165683) |
|---|---|
| 1#!/bin/sh 2# 3# $NetBSD: ipfilter,v 1.10 2001/02/28 17:03:50 lukem Exp $ | 1#!/bin/sh 2# 3# $NetBSD: ipfilter,v 1.10 2001/02/28 17:03:50 lukem Exp $ |
| 4# $FreeBSD: head/etc/rc.d/ipfilter 164175 2006-11-11 10:48:34Z ceri $ | 4# $FreeBSD: head/etc/rc.d/ipfilter 165683 2006-12-31 10:37:18Z yar $ |
| 5# 6 7# PROVIDE: ipfilter 8# REQUIRE: root mountcritlocal 9# BEFORE: netif 10# KEYWORD: nojail 11 12. /etc/rc.subr 13 14name="ipfilter" 15rcvar=`set_rcvar` 16load_rc_config $name 17stop_precmd="test -f ${ipfilter_rules} -o -f ${ipv6_ipfilter_rules}" 18 | 5# 6 7# PROVIDE: ipfilter 8# REQUIRE: root mountcritlocal 9# BEFORE: netif 10# KEYWORD: nojail 11 12. /etc/rc.subr 13 14name="ipfilter" 15rcvar=`set_rcvar` 16load_rc_config $name 17stop_precmd="test -f ${ipfilter_rules} -o -f ${ipv6_ipfilter_rules}" 18 |
| 19start_precmd="ipfilter_prestart" | 19start_precmd="$stop_precmd" |
| 20start_cmd="ipfilter_start" 21stop_cmd="ipfilter_stop" 22reload_precmd="$stop_precmd" 23reload_cmd="ipfilter_reload" 24resync_precmd="$stop_precmd" 25resync_cmd="ipfilter_resync" 26status_precmd="$stop_precmd" 27status_cmd="ipfilter_status" 28extra_commands="reload resync status" | 20start_cmd="ipfilter_start" 21stop_cmd="ipfilter_stop" 22reload_precmd="$stop_precmd" 23reload_cmd="ipfilter_reload" 24resync_precmd="$stop_precmd" 25resync_cmd="ipfilter_resync" 26status_precmd="$stop_precmd" 27status_cmd="ipfilter_status" 28extra_commands="reload resync status" |
| 29required_modules="ipl:ipfilter" |
|
| 29 | 30 |
| 30ipfilter_loaded() 31{ 32 if ! kldstat -v | grep "ipfilter$" > /dev/null 2>&1; then 33 return 1 34 else 35 return 0 36 fi 37} 38 39ipfilter_prestart() 40{ 41 # load ipfilter kernel module if needed 42 if ! ipfilter_loaded; then 43 if kldload ipl; then 44 info 'IP-filter module loaded.' 45 else 46 err 1 'IP-filter module failed to load.' 47 fi 48 fi 49 50 # check for ipfilter rules 51 if [ ! -r "${ipfilter_rules}" ] && [ ! -r "${ipv6_ipfilter_rules}" ] 52 then 53 warn 'IP-filter: NO IPF RULES' 54 return 1 55 fi 56 return 0 57} 58 | |
| 59ipfilter_start() 60{ 61 echo "Enabling ipfilter." 62 if [ `sysctl -n net.inet.ipf.fr_running` -le 0 ]; then 63 ${ipfilter_program:-/sbin/ipf} -E 64 fi 65 ${ipfilter_program:-/sbin/ipf} -Fa 66 if [ -r "${ipfilter_rules}" ]; then --- 39 unchanged lines hidden (view full) --- 106 fi 107 fi 108 ${ipfilter_program:-/sbin/ipf} -s 109 110} 111 112ipfilter_resync() 113{ | 31ipfilter_start() 32{ 33 echo "Enabling ipfilter." 34 if [ `sysctl -n net.inet.ipf.fr_running` -le 0 ]; then 35 ${ipfilter_program:-/sbin/ipf} -E 36 fi 37 ${ipfilter_program:-/sbin/ipf} -Fa 38 if [ -r "${ipfilter_rules}" ]; then --- 39 unchanged lines hidden (view full) --- 78 fi 79 fi 80 ${ipfilter_program:-/sbin/ipf} -s 81 82} 83 84ipfilter_resync() 85{ |
| 114 # Don't resync if ipfilter is not loaded 115 if ! ipfilter_loaded; then 116 return 117 fi | |
| 118 ${ipfilter_program:-/sbin/ipf} -y ${ipfilter_flags} 119} 120 121ipfilter_status() 122{ 123 ${ipfilter_program:-/sbin/ipf} -V 124} 125 126run_rc_command "$1" | 86 ${ipfilter_program:-/sbin/ipf} -y ${ipfilter_flags} 87} 88 89ipfilter_status() 90{ 91 ${ipfilter_program:-/sbin/ipf} -V 92} 93 94run_rc_command "$1" |