[BACK]Return to ipfilter CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / etc / rc.d

Annotation of src/etc/rc.d/ipfilter, Revision 1.18

1.1       lukem       1: #!/bin/sh
                      2: #
1.18    ! hannken     3: # $NetBSD: ipfilter,v 1.17 2008/11/22 20:23:33 tsutsui Exp $
1.1       lukem       4: #
                      5:
                      6: # PROVIDE: ipfilter
1.17      tsutsui     7: # REQUIRE: root bootconf mountcritlocal tty
1.1       lukem       8:
1.11      mycroft     9: $_rc_subr_loaded . /etc/rc.subr
1.1       lukem      10:
                     11: name="ipfilter"
1.7       lukem      12: rcvar=$name
1.5       lukem      13: start_precmd="ipfilter_prestart"
1.1       lukem      14: start_cmd="ipfilter_start"
1.8       lukem      15: stop_precmd="test -f /etc/ipf.conf -o -f /etc/ipf6.conf"
1.1       lukem      16: stop_cmd="ipfilter_stop"
                     17: reload_precmd="$stop_precmd"
                     18: reload_cmd="ipfilter_reload"
1.10      lukem      19: resync_precmd="$stop_precmd"
                     20: resync_cmd="ipfilter_resync"
1.5       lukem      21: status_precmd="$stop_precmd"
                     22: status_cmd="ipfilter_status"
1.10      lukem      23: extra_commands="reload resync status"
1.1       lukem      24:
1.5       lukem      25: ipfilter_prestart()
1.1       lukem      26: {
1.9       nisimura   27:        if [ ! -f /etc/ipf.conf ] && [ ! -f /etc/ipf6.conf ]; then
1.8       lukem      28:                warn "/etc/ipf*.conf not readable; ipfilter start aborted."
1.14      lukem      29:
1.15      apb        30:                stop_boot
1.5       lukem      31:                return 1
1.1       lukem      32:        fi
1.5       lukem      33:        return 0
                     34: }
                     35:
                     36: ipfilter_start()
                     37: {
1.1       lukem      38:        echo "Enabling ipfilter."
1.18    ! hannken    39:        /sbin/ipf ${rc_flags} -E
1.14      lukem      40:
                     41:                # Do the flush first; since older ipf has different semantics.
                     42:                #
                     43:        if [ -f /etc/ipf.conf ]; then
                     44:                /sbin/ipf -Fa
                     45:        fi
                     46:        if [ -f /etc/ipf6.conf ]; then
                     47:                /sbin/ipf -6 -Fa
                     48:        fi
                     49:
                     50:                # Now load the config files
                     51:                #
1.8       lukem      52:        if [ -f /etc/ipf.conf ]; then
1.13      lukem      53:                /sbin/ipf -f /etc/ipf.conf
1.8       lukem      54:        fi
                     55:        if [ -f /etc/ipf6.conf ]; then
1.13      lukem      56:                /sbin/ipf -6 -f /etc/ipf6.conf
1.8       lukem      57:        fi
1.1       lukem      58: }
                     59:
                     60: ipfilter_stop()
                     61: {
                     62:        echo "Disabling ipfilter."
                     63:        /sbin/ipf -D
                     64: }
                     65:
                     66: ipfilter_reload()
                     67: {
                     68:        echo "Reloading ipfilter rules."
1.8       lukem      69:
1.14      lukem      70:                # Do the flush first; since older ipf has different semantics.
                     71:                #
                     72:        if [ -f /etc/ipf.conf ]; then
                     73:                /sbin/ipf -I -Fa
                     74:        fi
                     75:        if [ -f /etc/ipf6.conf ]; then
                     76:                /sbin/ipf -6 -I -Fa
                     77:        fi
                     78:
                     79:                # Now load the config files into the Inactive set
                     80:                #
1.13      lukem      81:        if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then
1.8       lukem      82:                err 1 "reload of ipf.conf failed; not swapping to new ruleset."
                     83:        fi
1.13      lukem      84:        if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then
1.8       lukem      85:                err 1 "reload of ipf6.conf failed; not swapping to new ruleset."
1.1       lukem      86:        fi
1.14      lukem      87:
                     88:                # Swap in the new rules
                     89:                #
1.8       lukem      90:        /sbin/ipf -s
1.10      lukem      91: }
                     92:
                     93: ipfilter_resync()
                     94: {
                     95:        /sbin/ipf -y
1.5       lukem      96: }
                     97:
                     98: ipfilter_status()
                     99: {
                    100:        /sbin/ipf -V
1.1       lukem     101: }
                    102:
1.4       lukem     103: load_rc_config $name
1.3       lukem     104: run_rc_command "$1"

CVSweb <webmaster@jp.NetBSD.org>