[BACK]Return to ipfilter CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / etc / rc.d

Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.

Diff for /src/etc/rc.d/ipfilter between version 1.13 and 1.14

version 1.13, 2004/11/08 02:09:01 version 1.14, 2004/12/23 03:31:54
Line 26  ipfilter_prestart()
Line 26  ipfilter_prestart()
 {  {
         if [ ! -f /etc/ipf.conf ] && [ ! -f /etc/ipf6.conf ]; then          if [ ! -f /etc/ipf.conf ] && [ ! -f /etc/ipf6.conf ]; then
                 warn "/etc/ipf*.conf not readable; ipfilter start aborted."                  warn "/etc/ipf*.conf not readable; ipfilter start aborted."
                         #  
                         # If booting directly to multiuser, send SIGTERM to                          # If booting directly to multiuser, send SIGTERM to
                         # the parent (/etc/rc) to abort the boot                          # the parent (/etc/rc) to abort the boot
                         #                          #
Line 44  ipfilter_start()
Line 44  ipfilter_start()
 {  {
         echo "Enabling ipfilter."          echo "Enabling ipfilter."
         /sbin/ipf -E          /sbin/ipf -E
         /sbin/ipf -Fa  
         /sbin/ipf -6 -Fa                  # Do the flush first; since older ipf has different semantics.
                   #
           if [ -f /etc/ipf.conf ]; then
                   /sbin/ipf -Fa
           fi
           if [ -f /etc/ipf6.conf ]; then
                   /sbin/ipf -6 -Fa
           fi
   
                   # Now load the config files
                   #
         if [ -f /etc/ipf.conf ]; then          if [ -f /etc/ipf.conf ]; then
                 /sbin/ipf -f /etc/ipf.conf                  /sbin/ipf -f /etc/ipf.conf
         fi          fi
Line 64  ipfilter_reload()
Line 74  ipfilter_reload()
 {  {
         echo "Reloading ipfilter rules."          echo "Reloading ipfilter rules."
   
         /sbin/ipf -I -Fa                  # Do the flush first; since older ipf has different semantics.
         /sbin/ipf -6 -I -Fa                  #
           if [ -f /etc/ipf.conf ]; then
                   /sbin/ipf -I -Fa
           fi
           if [ -f /etc/ipf6.conf ]; then
                   /sbin/ipf -6 -I -Fa
           fi
   
                   # Now load the config files into the Inactive set
                   #
         if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then          if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then
                 err 1 "reload of ipf.conf failed; not swapping to new ruleset."                  err 1 "reload of ipf.conf failed; not swapping to new ruleset."
         fi          fi
         if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then          if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then
                 err 1 "reload of ipf6.conf failed; not swapping to new ruleset."                  err 1 "reload of ipf6.conf failed; not swapping to new ruleset."
         fi          fi
   
                   # Swap in the new rules
                   #
         /sbin/ipf -s          /sbin/ipf -s
 }  }
   
Legend:
Removed from v.1.13  
changed lines
  Added in v.1.14
CVSweb <webmaster@jp.NetBSD.org>