Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. =================================================================== RCS file: /ftp/cvs/cvsroot/src/etc/rc.d/ipfilter,v rcsdiff: /ftp/cvs/cvsroot/src/etc/rc.d/ipfilter,v: warning: Unknown phrases like `commitid ...;' are present. retrieving revision 1.4.4.3 retrieving revision 1.5 diff -u -p -r1.4.4.3 -r1.5 --- src/etc/rc.d/ipfilter 2001/12/27 12:17:20 1.4.4.3 +++ src/etc/rc.d/ipfilter 2000/07/17 12:58:14 1.5 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: ipfilter,v 1.4.4.3 2001/12/27 12:17:20 he Exp $ +# $NetBSD: ipfilter,v 1.5 2000/07/17 12:58:14 lukem Exp $ # # PROVIDE: ipfilter @@ -9,32 +9,23 @@ . /etc/rc.subr name="ipfilter" -rcvar=$name start_precmd="ipfilter_prestart" start_cmd="ipfilter_start" -stop_precmd="test -f /etc/ipf.conf -o -f /etc/ipf6.conf" +stop_precmd="checkyesno ipfilter && [ -f /etc/ipf.conf ]" stop_cmd="ipfilter_stop" reload_precmd="$stop_precmd" reload_cmd="ipfilter_reload" -resync_precmd="$stop_precmd" -resync_cmd="ipfilter_resync" status_precmd="$stop_precmd" status_cmd="ipfilter_status" -extra_commands="reload resync status" +extra_commands="reload status" ipfilter_prestart() { - if [ ! -f /etc/ipf.conf ] && [ ! -f /etc/ipf6.conf ]; then - warn "/etc/ipf*.conf not readable; ipfilter start aborted." - # - # If booting directly to multiuser, send SIGTERM to - # the parent (/etc/rc) to abort the boot - # - if [ "$autoboot" = yes ]; then - echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!" - kill -TERM $$ - exit 1 - fi + if ! checkyesno ipfilter; then + return 1 + fi + if [ ! -f /etc/ipf.conf ]; then + warn "/etc/ipf.conf not readable; ipfilter start aborted." return 1 fi return 0 @@ -43,13 +34,7 @@ ipfilter_prestart() ipfilter_start() { echo "Enabling ipfilter." - /sbin/ipf -E -Fa - if [ -f /etc/ipf.conf ]; then - /sbin/ipf -f /etc/ipf.conf - fi - if [ -f /etc/ipf6.conf ]; then - /sbin/ipf -6 -f /etc/ipf6.conf - fi + /sbin/ipf -E -Fa -f /etc/ipf.conf } ipfilter_stop() @@ -61,20 +46,12 @@ ipfilter_stop() ipfilter_reload() { echo "Reloading ipfilter rules." - - /sbin/ipf -I -Fa - if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then - err 1 "reload of ipf.conf failed; not swapping to new ruleset." + /sbin/ipf -I -Fa -f /etc/ipf.conf + if [ $? -eq 0 ]; then + /sbin/ipf -s + else + warn "Reload failed; not swapping to new ruleset." fi - if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then - err 1 "reload of ipf6.conf failed; not swapping to new ruleset." - fi - /sbin/ipf -s -} - -ipfilter_resync() -{ - /sbin/ipf -y } ipfilter_status()