ipfilter revision 1.4
1#!/bin/sh 2# 3# $NetBSD: ipfilter,v 1.4 2000/05/13 08:45:07 lukem Exp $ 4# 5 6# PROVIDE: ipfilter 7# REQUIRE: root beforenetlkm mountcritlocal tty 8 9. /etc/rc.subr 10 11name="ipfilter" 12start_cmd="ipfilter_start" 13stop_precmd="checkyesno ipfilter && [ -f /etc/ipf.conf ]" 14stop_cmd="ipfilter_stop" 15reload_precmd="$stop_precmd" 16reload_cmd="ipfilter_reload" 17extra_commands="reload" 18 19ipfilter_start() 20{ 21 if ! checkyesno ipfilter; then 22 return 0 23 fi 24 25 # if /etc/ipf.conf isn't readable, abort the boot rather 26 # than risk a security problem 27 # 28 if [ ! -f /etc/ipf.conf ]; then 29 err 1 "/etc/ipf.conf not readable; ipfilter start aborted." 30 fi 31 echo "Enabling ipfilter." 32 /sbin/ipf -E -Fa -f /etc/ipf.conf 33} 34 35ipfilter_stop() 36{ 37 echo "Disabling ipfilter." 38 /sbin/ipf -D 39} 40 41ipfilter_reload() 42{ 43 echo "Reloading ipfilter rules." 44 /sbin/ipf -I -Fa -f /etc/ipf.conf 45 if [ $? -eq 0 ]; then 46 /sbin/ipf -s 47 else 48 warn "Reload failed; not swapping to new ruleset." 49 fi 50} 51 52load_rc_config $name 53run_rc_command "$1" 54