ipfilter revision 1.13
1 #!/bin/sh 2 # 3 # $NetBSD: ipfilter,v 1.13 2004/11/08 02:09:01 lukem Exp $ 4 # 5 6 # PROVIDE: ipfilter 7 # REQUIRE: root beforenetlkm mountcritlocal tty 8 9 $_rc_subr_loaded . /etc/rc.subr 10 11 name="ipfilter" 12 rcvar=$name 13 start_precmd="ipfilter_prestart" 14 start_cmd="ipfilter_start" 15 stop_precmd="test -f /etc/ipf.conf -o -f /etc/ipf6.conf" 16 stop_cmd="ipfilter_stop" 17 reload_precmd="$stop_precmd" 18 reload_cmd="ipfilter_reload" 19 resync_precmd="$stop_precmd" 20 resync_cmd="ipfilter_resync" 21 status_precmd="$stop_precmd" 22 status_cmd="ipfilter_status" 23 extra_commands="reload resync status" 24 25 ipfilter_prestart() 26 { 27 if [ ! -f /etc/ipf.conf ] && [ ! -f /etc/ipf6.conf ]; then 28 warn "/etc/ipf*.conf not readable; ipfilter start aborted." 29 # 30 # If booting directly to multiuser, send SIGTERM to 31 # the parent (/etc/rc) to abort the boot 32 # 33 if [ "$autoboot" = yes ]; then 34 echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!" 35 kill -TERM $$ 36 exit 1 37 fi 38 return 1 39 fi 40 return 0 41 } 42 43 ipfilter_start() 44 { 45 echo "Enabling ipfilter." 46 /sbin/ipf -E 47 /sbin/ipf -Fa 48 /sbin/ipf -6 -Fa 49 if [ -f /etc/ipf.conf ]; then 50 /sbin/ipf -f /etc/ipf.conf 51 fi 52 if [ -f /etc/ipf6.conf ]; then 53 /sbin/ipf -6 -f /etc/ipf6.conf 54 fi 55 } 56 57 ipfilter_stop() 58 { 59 echo "Disabling ipfilter." 60 /sbin/ipf -D 61 } 62 63 ipfilter_reload() 64 { 65 echo "Reloading ipfilter rules." 66 67 /sbin/ipf -I -Fa 68 /sbin/ipf -6 -I -Fa 69 if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then 70 err 1 "reload of ipf.conf failed; not swapping to new ruleset." 71 fi 72 if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then 73 err 1 "reload of ipf6.conf failed; not swapping to new ruleset." 74 fi 75 /sbin/ipf -s 76 } 77 78 ipfilter_resync() 79 { 80 /sbin/ipf -y 81 } 82 83 ipfilter_status() 84 { 85 /sbin/ipf -V 86 } 87 88 load_rc_config $name 89 run_rc_command "$1" 90
Indexes created Wed Oct 29 18:09:52 GMT 2025