ipfw revision 165683
198184Sgordon#!/bin/sh 298184Sgordon# 398184Sgordon# $FreeBSD: head/etc/rc.d/ipfw 165683 2006-12-31 10:37:18Z yar $ 498184Sgordon# 598184Sgordon 698184Sgordon# PROVIDE: ipfw 7151806Syar# REQUIRE: ppp 898184Sgordon# BEFORE: NETWORKING 9136224Smtm# KEYWORD: nojail 1098184Sgordon 1198184Sgordon. /etc/rc.subr 12118099Smbr. /etc/network.subr 1398184Sgordon 1498184Sgordonname="ipfw" 1598184Sgordonrcvar="firewall_enable" 1698184Sgordonstart_cmd="ipfw_start" 17112849Smtmstop_cmd="ipfw_stop" 18165683Syarrequired_modules="ipfw" 1998184Sgordon 2098184Sgordonipfw_start() 2198184Sgordon{ 2298184Sgordon # set the firewall rules script if none was specified 2398184Sgordon [ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall 2498184Sgordon 2598184Sgordon if [ -r "${firewall_script}" ]; then 26128714Sphk if [ -f /etc/rc.d/natd ] ; then 27128714Sphk /etc/rc.d/natd start 28128714Sphk fi 29143688Sru . "${firewall_script}" 30160672Syar echo 'Firewall rules loaded.' 31156030Swkoszek elif [ "`ipfw list 65535`" = "65535 deny ip from any to any" ]; then 3298184Sgordon echo 'Warning: kernel has firewall functionality, but' \ 3398184Sgordon ' firewall rules are not enabled.' 3498184Sgordon echo ' All ip services are disabled.' 3598184Sgordon fi 3698184Sgordon 3798184Sgordon # Firewall logging 3898184Sgordon # 39112849Smtm if checkyesno firewall_logging; then 40160672Syar echo 'Firewall logging enabled.' 41112849Smtm sysctl net.inet.ip.fw.verbose=1 >/dev/null 42112849Smtm fi 4398184Sgordon 44112849Smtm # Enable the firewall 45112849Smtm # 46112849Smtm ${SYSCTL_W} net.inet.ip.fw.enable=1 4798184Sgordon} 4898184Sgordon 49112849Smtmipfw_stop() 50112849Smtm{ 51112849Smtm # Disable the firewall 52112849Smtm # 53112849Smtm ${SYSCTL_W} net.inet.ip.fw.enable=0 54128714Sphk if [ -f /etc/rc.d/natd ] ; then 55128714Sphk /etc/rc.d/natd stop 56128714Sphk fi 57112849Smtm} 58112849Smtm 5998184Sgordonload_rc_config $name 6098184Sgordonrun_rc_command "$1" 61