pf revision 165683
1127342Smlaier#!/bin/sh 2127342Smlaier# 3127342Smlaier# $FreeBSD: head/etc/rc.d/pf 165683 2006-12-31 10:37:18Z yar $ 4127342Smlaier# 5127342Smlaier 6127342Smlaier# PROVIDE: pf 7150836Syar# REQUIRE: root mountcritlocal netif pflog pfsync 8150836Syar# BEFORE: routing 9136224Smtm# KEYWORD: nojail 10127342Smlaier 11127342Smlaier. /etc/rc.subr 12127342Smlaier 13127342Smlaiername="pf" 14127342Smlaierrcvar=`set_rcvar` 15127342Smlaierload_rc_config $name 16127342Smlaierstart_cmd="pf_start" 17127342Smlaierstop_cmd="pf_stop" 18136942Spjdcheck_cmd="pf_check" 19127342Smlaierreload_cmd="pf_reload" 20127342Smlaierresync_cmd="pf_resync" 21127342Smlaierstatus_cmd="pf_status" 22152271Srseextra_commands="check reload resync status" 23150839Syarrequired_files="$pf_rules" 24165683Syarrequired_modules="pf" 25127342Smlaier 26127342Smlaierpf_start() 27127342Smlaier{ 28127342Smlaier echo "Enabling pf." 29159243Sobrien $pf_program -F all > /dev/null 2>&1 30150839Syar $pf_program -f "$pf_rules" $pf_flags 31150839Syar if ! $pf_program -s info | grep -q "Enabled" ; then 32150839Syar $pf_program -e 33130954Smlaier fi 34127342Smlaier} 35127342Smlaier 36127342Smlaierpf_stop() 37127342Smlaier{ 38150839Syar if $pf_program -s info | grep -q "Enabled" ; then 39127342Smlaier echo "Disabling pf." 40150839Syar $pf_program -d 41127342Smlaier fi 42127342Smlaier} 43127342Smlaier 44136942Spjdpf_check() 45136942Spjd{ 46136942Spjd echo "Checking pf rules." 47150839Syar $pf_program -n -f "$pf_rules" 48136942Spjd} 49136942Spjd 50127342Smlaierpf_reload() 51127342Smlaier{ 52127342Smlaier echo "Reloading pf rules." 53150839Syar $pf_program -n -f "$pf_rules" || return 1 54144638Sseanc # Flush everything but existing state entries that way when 55144638Sseanc # rules are read in, it doesn't break established connections. 56150839Syar $pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1 57150839Syar $pf_program -f "$pf_rules" $pf_flags 58127342Smlaier} 59127342Smlaier 60127342Smlaierpf_resync() 61127342Smlaier{ 62150839Syar $pf_program -f "$pf_rules" $pf_flags 63127342Smlaier} 64127342Smlaier 65127342Smlaierpf_status() 66127342Smlaier{ 67150839Syar $pf_program -s info 68127342Smlaier} 69127342Smlaier 70127342Smlaierrun_rc_command "$1" 71