pf revision 197947 
13263Sdg#!/bin/sh
23263Sdg#
33263Sdg# $FreeBSD: head/etc/rc.d/pf 197947 2009-10-10 22:17:03Z dougb $
43263Sdg#
53263Sdg
63263Sdg# PROVIDE: pf
73263Sdg# REQUIRE: FILESYSTEMS netif pflog pfsync
83263Sdg# BEFORE:  routing
93263Sdg# KEYWORD: nojail
103263Sdg
113263Sdg. /etc/rc.subr
123263Sdg
133263Sdgname="pf"
143264Sdgrcvar=`set_rcvar`
153264Sdgload_rc_config $name
163263Sdgstart_cmd="pf_start"
173263Sdgstop_cmd="pf_stop"
183263Sdgcheck_cmd="pf_check"
193263Sdgreload_cmd="pf_reload"
203263Sdgresync_cmd="pf_resync"
213263Sdgstatus_cmd="pf_status"
223263Sdgextra_commands="check reload resync status"
233263Sdgrequired_files="$pf_rules"
243263Sdgrequired_modules="pf"
253263Sdg
263263Sdgpf_start()
273263Sdg{
283263Sdg	check_startmsgs && echo -n 'Enabling pf'
293263Sdg	$pf_program -F all > /dev/null 2>&1
303263Sdg	$pf_program -f "$pf_rules" $pf_flags
313263Sdg	if ! $pf_program -s info | grep -q "Enabled" ; then
323263Sdg		$pf_program -e
333263Sdg	fi
343263Sdg	check_startmsgs && echo '.'
353263Sdg}
363263Sdg
373263Sdgpf_stop()
38{
39	if $pf_program -s info | grep -q "Enabled" ; then
40		echo -n 'Disabling pf'
41		$pf_program -d
42		echo '.'
43	fi
44}
45
46pf_check()
47{
48	echo "Checking pf rules."
49	$pf_program -n -f "$pf_rules"
50}
51
52pf_reload()
53{
54	echo "Reloading pf rules."
55	$pf_program -n -f "$pf_rules" || return 1
56	# Flush everything but existing state entries that way when
57	# rules are read in, it doesn't break established connections.
58	$pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
59	$pf_program -f "$pf_rules" $pf_flags
60}
61
62pf_resync()
63{
64	$pf_program -f "$pf_rules" $pf_flags
65}
66
67pf_status()
68{
69	$pf_program -s info
70}
71
72run_rc_command "$1"
73