ipfilter revision 78344
1#!/bin/sh 2# 3# $NetBSD: ipfilter,v 1.8 2000/10/01 05:58:06 lukem Exp $ 4# 5 6# PROVIDE: ipfilter 7# REQUIRE: root beforenetlkm mountcritlocal tty 8 9. /etc/rc.subr 10 11name="ipfilter" 12rcvar=$name 13start_precmd="ipfilter_prestart" 14start_cmd="ipfilter_start" 15stop_precmd="test -f /etc/ipf.conf -o -f /etc/ipf6.conf" 16stop_cmd="ipfilter_stop" 17reload_precmd="$stop_precmd" 18reload_cmd="ipfilter_reload" 19status_precmd="$stop_precmd" 20status_cmd="ipfilter_status" 21extra_commands="reload status" 22 23ipfilter_prestart() 24{ 25 if [ ! -f /etc/ipf.conf ] && [ ! -f /etc/ipf6.conf ]; then 26 warn "/etc/ipf*.conf not readable; ipfilter start aborted." 27 # 28 # If booting directly to multiuser, send SIGTERM to 29 # the parent (/etc/rc) to abort the boot 30 # 31 if [ "$autoboot" = yes ]; then 32 echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!" 33 kill -TERM $$ 34 exit 1 35 fi 36 return 1 37 fi 38 return 0 39} 40 41ipfilter_start() 42{ 43 echo "Enabling ipfilter." 44 /sbin/ipf -E -Fa 45 if [ -f /etc/ipf.conf ]; then 46 /sbin/ipf -f /etc/ipf.conf 47 fi 48 if [ -f /etc/ipf6.conf ]; then 49 /sbin/ipf -6 -f /etc/ipf6.conf 50 fi 51} 52 53ipfilter_stop() 54{ 55 echo "Disabling ipfilter." 56 /sbin/ipf -D 57} 58 59ipfilter_reload() 60{ 61 echo "Reloading ipfilter rules." 62 63 /sbin/ipf -I -Fa 64 if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then 65 err 1 "reload of ipf.conf failed; not swapping to new ruleset." 66 fi 67 if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then 68 err 1 "reload of ipf6.conf failed; not swapping to new ruleset." 69 fi 70 /sbin/ipf -s 71} 72 73ipfilter_status() 74{ 75 /sbin/ipf -V 76} 77 78load_rc_config $name 79run_rc_command "$1" 80