etc/rc.d/pf

127342Smlaier#!/bin/sh
127342Smlaier#
127342Smlaier# $FreeBSD: stable/10/etc/rc.d/pf 332591 2018-04-16 16:02:54Z kp $
127342Smlaier#
127342Smlaier
127342Smlaier# PROVIDE: pf
195026Sdougb# REQUIRE: FILESYSTEMS netif pflog pfsync
150836Syar# BEFORE:  routing
136224Smtm# KEYWORD: nojail
127342Smlaier
127342Smlaier. /etc/rc.subr
127342Smlaier
127342Smlaiername="pf"
230099Sdougbrcvar="pf_enable"
127342Smlaierload_rc_config $name
127342Smlaierstart_cmd="pf_start"
127342Smlaierstop_cmd="pf_stop"
136942Spjdcheck_cmd="pf_check"
127342Smlaierreload_cmd="pf_reload"
127342Smlaierresync_cmd="pf_resync"
127342Smlaierstatus_cmd="pf_status"
222007Shrsextra_commands="check reload resync"
150839Syarrequired_files="$pf_rules"
165683Syarrequired_modules="pf"
127342Smlaier
127342Smlaierpf_start()
127342Smlaier{
197947Sdougb	check_startmsgs && echo -n 'Enabling pf'
159243Sobrien	$pf_program -F all > /dev/null 2>&1
150839Syar	$pf_program -f "$pf_rules" $pf_flags
150839Syar	if ! $pf_program -s info | grep -q "Enabled" ; then
216499Skevlo		$pf_program -eq
130954Smlaier	fi
197947Sdougb	check_startmsgs && echo '.'
127342Smlaier}
127342Smlaier
127342Smlaierpf_stop()
127342Smlaier{
150839Syar	if $pf_program -s info | grep -q "Enabled" ; then
197947Sdougb		echo -n 'Disabling pf'
216499Skevlo		$pf_program -dq
197947Sdougb		echo '.'
127342Smlaier	fi
127342Smlaier}
127342Smlaier
136942Spjdpf_check()
136942Spjd{
136942Spjd	echo "Checking pf rules."
331287Skp	$pf_program -n -f "$pf_rules" $pf_flags
136942Spjd}
136942Spjd
127342Smlaierpf_reload()
127342Smlaier{
127342Smlaier	echo "Reloading pf rules."
332591Skp	pf_resync
127342Smlaier}
127342Smlaier
127342Smlaierpf_resync()
127342Smlaier{
332591Skp	$pf_program -n -f "$pf_rules" $pf_flags || return 1
150839Syar	$pf_program -f "$pf_rules" $pf_flags
127342Smlaier}
127342Smlaier
127342Smlaierpf_status()
127342Smlaier{
150839Syar	$pf_program -s info
127342Smlaier}
127342Smlaier
127342Smlaierrun_rc_command "$1"