ipfilter revision 1.3
1#!/bin/sh 2# 3# $NetBSD: ipfilter,v 1.3 2000/04/30 13:23:33 lukem Exp $ 4# 5 6# PROVIDE: ipfilter 7# REQUIRE: root beforenetlkm mountcritlocal tty 8 9. /etc/rc.subr 10. /etc/rc.conf 11 12name="ipfilter" 13start_cmd="ipfilter_start" 14stop_precmd="checkyesno ipfilter && [ -f /etc/ipf.conf ]" 15stop_cmd="ipfilter_stop" 16reload_precmd="$stop_precmd" 17reload_cmd="ipfilter_reload" 18extra_commands="reload" 19 20ipfilter_start() 21{ 22 if ! checkyesno ipfilter; then 23 return 0 24 fi 25 26 # if /etc/ipf.conf isn't readable, abort the boot rather 27 # than risk a security problem 28 # 29 if [ ! -f /etc/ipf.conf ]; then 30 err 1 "/etc/ipf.conf not readable; ipfilter start aborted." 31 fi 32 echo "Enabling ipfilter." 33 /sbin/ipf -E -Fa -f /etc/ipf.conf 34} 35 36ipfilter_stop() 37{ 38 echo "Disabling ipfilter." 39 /sbin/ipf -D 40} 41 42ipfilter_reload() 43{ 44 echo "Reloading ipfilter rules." 45 /sbin/ipf -I -Fa -f /etc/ipf.conf 46 if [ $? -eq 0 ]; then 47 /sbin/ipf -s 48 else 49 warn "Reload failed; not swapping to new ruleset." 50 fi 51} 52 53run_rc_command "$1" 54