[BACK]Return to ipfilter CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / etc / rc.d

Annotation of src/etc/rc.d/ipfilter, Revision 1.8

1.1       lukem       1: #!/bin/sh
                      2: #
1.8     ! lukem       3: # $NetBSD: ipfilter,v 1.7 2000/09/19 13:04:38 lukem Exp $
1.1       lukem       4: #
                      5:
                      6: # PROVIDE: ipfilter
                      7: # REQUIRE: root beforenetlkm mountcritlocal tty
                      8:
                      9: . /etc/rc.subr
                     10:
                     11: name="ipfilter"
1.7       lukem      12: rcvar=$name
1.5       lukem      13: start_precmd="ipfilter_prestart"
1.1       lukem      14: start_cmd="ipfilter_start"
1.8     ! lukem      15: stop_precmd="test -f /etc/ipf.conf -o -f /etc/ipf6.conf"
1.1       lukem      16: stop_cmd="ipfilter_stop"
                     17: reload_precmd="$stop_precmd"
                     18: reload_cmd="ipfilter_reload"
1.5       lukem      19: status_precmd="$stop_precmd"
                     20: status_cmd="ipfilter_status"
                     21: extra_commands="reload status"
1.1       lukem      22:
1.5       lukem      23: ipfilter_prestart()
1.1       lukem      24: {
1.8     ! lukem      25:        if [ ! -f /etc/ipf.conf -a ! -f /etc/ipf6.conf ]; then
        !            26:                warn "/etc/ipf*.conf not readable; ipfilter start aborted."
1.6       lukem      27:                        #
                     28:                        # If booting directly to multiuser, send SIGTERM to
                     29:                        # the parent (/etc/rc) to abort the boot
                     30:                        #
                     31:                if [ "$autoboot" = yes ]; then
                     32:                        echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!"
                     33:                        kill -TERM $$
                     34:                        exit 1
                     35:                fi
1.5       lukem      36:                return 1
1.1       lukem      37:        fi
1.5       lukem      38:        return 0
                     39: }
                     40:
                     41: ipfilter_start()
                     42: {
1.1       lukem      43:        echo "Enabling ipfilter."
1.8     ! lukem      44:        /sbin/ipf -E -Fa
        !            45:        if [ -f /etc/ipf.conf ]; then
        !            46:                /sbin/ipf -f /etc/ipf.conf
        !            47:        fi
        !            48:        if [ -f /etc/ipf6.conf ]; then
        !            49:                /sbin/ipf -6 -f /etc/ipf6.conf
        !            50:        fi
1.1       lukem      51: }
                     52:
                     53: ipfilter_stop()
                     54: {
                     55:        echo "Disabling ipfilter."
                     56:        /sbin/ipf -D
                     57: }
                     58:
                     59: ipfilter_reload()
                     60: {
                     61:        echo "Reloading ipfilter rules."
1.8     ! lukem      62:
        !            63:        /sbin/ipf -I -Fa
        !            64:        if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then
        !            65:                err 1 "reload of ipf.conf failed; not swapping to new ruleset."
        !            66:        fi
        !            67:        if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then
        !            68:                err 1 "reload of ipf6.conf failed; not swapping to new ruleset."
1.1       lukem      69:        fi
1.8     ! lukem      70:        /sbin/ipf -s
1.5       lukem      71: }
                     72:
                     73: ipfilter_status()
                     74: {
                     75:        /sbin/ipf -V
1.1       lukem      76: }
                     77:
1.4       lukem      78: load_rc_config $name
1.3       lukem      79: run_rc_command "$1"

CVSweb <webmaster@jp.NetBSD.org>