![[BACK]](/icons/back.gif){kind=icon}
Return to ipfilter CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / etc / rc.d|
Return to ipfilter CVS log | Up to [cvs.NetBSD.org] / src / etc / rc.d |
| File: [cvs.NetBSD.org] / src / etc / rc.d / ipfilter (download)
Revision 1.4, Sat May 13 08:45:07 2000 UTC (18 years, 9 months ago) by lukem
Use load_rc_config() (from rc.subr) instead of sourcing /etc/rc.conf. This allows us or a user to change the configuration file method in one place - rc.subr - without having to edit all of the rc.d/* files. |
#!/bin/sh
#
# $NetBSD: ipfilter,v 1.4 2000/05/13 08:45:07 lukem Exp $
#
# PROVIDE: ipfilter
# REQUIRE: root beforenetlkm mountcritlocal tty
. /etc/rc.subr
name="ipfilter"
start_cmd="ipfilter_start"
stop_precmd="checkyesno ipfilter && [ -f /etc/ipf.conf ]"
stop_cmd="ipfilter_stop"
reload_precmd="$stop_precmd"
reload_cmd="ipfilter_reload"
extra_commands="reload"
ipfilter_start()
{
if ! checkyesno ipfilter; then
return 0
fi
# if /etc/ipf.conf isn't readable, abort the boot rather
# than risk a security problem
#
if [ ! -f /etc/ipf.conf ]; then
err 1 "/etc/ipf.conf not readable; ipfilter start aborted."
fi
echo "Enabling ipfilter."
/sbin/ipf -E -Fa -f /etc/ipf.conf
}
ipfilter_stop()
{
echo "Disabling ipfilter."
/sbin/ipf -D
}
ipfilter_reload()
{
echo "Reloading ipfilter rules."
/sbin/ipf -I -Fa -f /etc/ipf.conf
if [ $? -eq 0 ]; then
/sbin/ipf -s
else
warn "Reload failed; not swapping to new ruleset."
fi
}
load_rc_config $name
run_rc_command "$1"