ipfilter revision 1.2
1#!/bin/sh 2# 3# $NetBSD: ipfilter,v 1.2 2000/03/11 20:10:21 veego Exp $ 4# 5 6# PROVIDE: ipfilter 7# REQUIRE: root beforenetlkm mountcritlocal tty 8 9. /etc/rc.subr 10. /etc/rc.conf 11 12name="ipfilter" 13start_cmd="ipfilter_start" 14stop_precmd="checkyesno ipfilter && [ -f /etc/ipf.conf ]" 15stop_cmd="ipfilter_stop" 16reload_precmd="$stop_precmd" 17reload_cmd="ipfilter_reload" 18 19ipfilter_start() 20{ 21 if ! checkyesno ipfilter; then 22 return 0 23 fi 24 25 # if /etc/ipf.conf isn't readable, abort the boot rather 26 # than risk a security problem 27 # 28 if [ ! -f /etc/ipf.conf ]; then 29 err 1 "/etc/ipf.conf not readable; ipfilter start aborted." 30 fi 31 echo "Enabling ipfilter." 32 /sbin/ipf -E -Fa -f /etc/ipf.conf 33} 34 35ipfilter_stop() 36{ 37 echo "Disabling ipfilter." 38 /sbin/ipf -D 39} 40 41ipfilter_reload() 42{ 43 echo "Reloading ipfilter rules." 44 /sbin/ipf -I -Fa -f /etc/ipf.conf 45 if [ $? -eq 0 ]; then 46 /sbin/ipf -s 47 else 48 warn "Reload failed; not swapping to new ruleset." 49 fi 50} 51 52run_rc_command "$1" "reload" 53