ipfw revision 175722
1#!/bin/sh 2# 3# $FreeBSD: head/etc/rc.d/ipfw 175722 2008-01-27 15:15:12Z mtm $ 4# 5 6# PROVIDE: ipfw 7# REQUIRE: ppp 8# BEFORE: NETWORKING 9# KEYWORD: nojail 10 11. /etc/rc.subr 12. /etc/network.subr 13 14name="ipfw" 15rcvar="firewall_enable" 16start_cmd="ipfw_start" 17start_precmd="ipfw_prestart" 18stop_cmd="ipfw_stop" 19required_modules="ipfw" 20 21ipfw_prestart() 22{ 23 if checkyesno dummynet_enable; then 24 required_modules="$required_modules dummynet" 25 fi 26} 27 28ipfw_start() 29{ 30 # set the firewall rules script if none was specified 31 [ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall 32 33 if [ -r "${firewall_script}" ]; then 34 if [ -f /etc/rc.d/natd ] ; then 35 /etc/rc.d/natd quietstart 36 fi 37 /bin/sh "${firewall_script}" 38 echo 'Firewall rules loaded.' 39 elif [ "`ipfw list 65535`" = "65535 deny ip from any to any" ]; then 40 echo 'Warning: kernel has firewall functionality, but' \ 41 ' firewall rules are not enabled.' 42 echo ' All ip services are disabled.' 43 fi 44 45 # Firewall logging 46 # 47 if checkyesno firewall_logging; then 48 echo 'Firewall logging enabled.' 49 sysctl net.inet.ip.fw.verbose=1 >/dev/null 50 fi 51 52 # Enable the firewall 53 # 54 ${SYSCTL_W} net.inet.ip.fw.enable=1 55} 56 57ipfw_stop() 58{ 59 # Disable the firewall 60 # 61 ${SYSCTL_W} net.inet.ip.fw.enable=0 62 if [ -f /etc/rc.d/natd ] ; then 63 /etc/rc.d/natd quietstop 64 fi 65} 66 67load_rc_config $name 68run_rc_command "$1" 69