source: hybrid/branches/releng-9.0/nanobsd/files/etc/rc.d/pf@ 10441

Last change on this file since 10441 was 10441, checked in by rick, 13 years ago

The pf_flags are not always included causing the external definitions like
-Dif=foo not to be included, yielding false errors in the config files.

The needs to become an send-pr(1) patch, or otherwise reported (also not fixed
in CURRENT/HEAD yet).

  • Property svn:executable set to *
File size: 1.3 KB
Line 
1#!/bin/sh
2#
3# $FreeBSD: releng/9.0/etc/rc.d/pf 222007 2011-05-17 07:40:13Z hrs $
4#
5
6# PROVIDE: pf
7# REQUIRE: FILESYSTEMS netif pflog pfsync
8# BEFORE: routing
9# KEYWORD: nojail
10
11. /etc/rc.subr
12
13name="pf"
14rcvar=`set_rcvar`
15load_rc_config $name
16start_cmd="pf_start"
17stop_cmd="pf_stop"
18check_cmd="pf_check"
19reload_cmd="pf_reload"
20resync_cmd="pf_resync"
21status_cmd="pf_status"
22extra_commands="check reload resync"
23required_files="$pf_rules"
24required_modules="pf"
25
26pf_start()
27{
28 check_startmsgs && echo -n 'Enabling pf'
29 $pf_program -F all > /dev/null 2>&1
30 $pf_program -f "$pf_rules" $pf_flags
31 if ! $pf_program -s info | grep -q "Enabled" ; then
32 $pf_program -eq
33 fi
34 check_startmsgs && echo '.'
35}
36
37pf_stop()
38{
39 if $pf_program -s info | grep -q "Enabled" ; then
40 echo -n 'Disabling pf'
41 $pf_program -dq
42 echo '.'
43 fi
44}
45
46pf_check()
47{
48 echo "Checking pf rules."
49 $pf_program -n -f "$pf_rules" $pf_flags
50}
51
52pf_reload()
53{
54 echo "Reloading pf rules."
55 $pf_program -n -f "$pf_rules" $pf_flags || return 1
56 # Flush everything but existing state entries that way when
57 # rules are read in, it doesn't break established connections.
58 $pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
59 $pf_program -f "$pf_rules" $pf_flags
60}
61
62pf_resync()
63{
64 $pf_program -f "$pf_rules" $pf_flags
65}
66
67pf_status()
68{
69 $pf_program -s info
70}
71
72run_rc_command "$1"
Note: See TracBrowser for help on using the repository browser.