Changeset 10590 in hybrid for branches/releng-9.0/nanobsd


Ignore:
Timestamp:
Apr 26, 2012, 2:54:48 PM (13 years ago)
Author:
rick
Message:

We are going todo musical chairs over here to auto-magically reload the pf
firewall allowing to make the normal proxy work properly (saves us from
specifing the gateway standardly).

Related-To: nodefactory#129

Location:
branches/releng-9.0/nanobsd/files/etc
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • branches/releng-9.0/nanobsd/files/etc/dhclient-exit-hooks

    r10586 r10590  
    88. /etc/rc.subr
    99
    10 : ${service_proxy="NO"}
    11 : ${service_ileiden="NO"}
     10: ${service_proxy_normal="NO"}
     11: ${service_accesspoint="NO"}
    1212
    1313load_rc_config 'ileiden'
    1414
    15 if checkyesno "service_proxy_normal" && checkyesno "service_accesspoint"; then
    16   warn "Removing default route as machine is marked as service_proxy AND service_accesspoint"
    17   route -q del default
    18 fi
     15# Little hack to load the available functions in case we are running this as an
     16# standalone script (for testing mostly).
     17[ -z "$exit_status" ] && . /sbin/dhclient-script
     18
     19
     20update_pf_conf() {
     21  if checkyesno "service_proxy_normal" && checkyesno "service_accesspoint"; then
     22    if is_default_interface; then
     23      new_ext_if_gw=`route -n get default | awk '/gateway/ {print $2}'`
     24      if [ -n "$new_ext_if_gw" ]; then
     25        if [ -a "$new_ext_if_gw" != "$ext_if_gw" ];  then
     26         info "Reloading PF firewall to load new ext_if_gw=$ext_if_gw"
     27         { grep -v '^ext_if_gw=' $rc_conf_running; echo "ext_if_gw=$new_ext_if_gw"; } > $rc_conf_running
     28         /etc/rc.d/pf reload
     29        fi
     30 
     31        warn "Removing default route as machine is marked as service_proxy AND service_accesspoint"
     32        route -q del default
     33      fi
     34    fi
     35  fi
     36}
     37
     38case $reason in
     39  BOUND|RENEW|REBIND|REBOOT)
     40    update_pf_conf
     41    ;;
     42  TIMEOUT)
     43    update_pf_conf
     44    ;;
     45esac
     46 

  • branches/releng-9.0/nanobsd/files/etc/rc.conf

    r10481 r10590  
    7070#pf_rules="/etc/pf.hybrid.conf"
    7171#pf_flags="-D ext_if=vr0 -D captive_portal_interfaces=wlan0 -D publicnat=80,443"
     72
     73# Autogenerated flags are used during runtime
     74rc_conf_running='/etc/rc.conf.running'
     75if [ -r $rc_conf_running ]; then
     76  . $rc_conf_running
     77else
     78  touch $rc_conf_running
     79fi
Note: See TracChangeset for help on using the changeset viewer.