mtree: No longer create /usr/libdata/msdosfs.
[dragonfly.git] / etc / rc.d / ipfw
CommitLineData
9c600e7d
MD
1#!/bin/sh
2#
3# $FreeBSD: src/etc/rc.d/ipfw,v 1.4 2003/03/30 15:52:18 mtm Exp $
f3a7a722 4# $DragonFly: src/etc/rc.d/ipfw,v 1.4 2008/07/06 23:55:51 thomas Exp $
9c600e7d
MD
5#
6
7# PROVIDE: ipfw
8# REQUIRE: ppp-user
9# BEFORE: NETWORKING
9c600e7d
MD
10
11. /etc/rc.subr
12
13name="ipfw"
14rcvar="firewall_enable"
15start_cmd="ipfw_start"
16start_precmd="ipfw_precmd"
17stop_cmd="ipfw_stop"
18
19ipfw_precmd()
20{
21 if ! ${SYSCTL} net.inet.ip.fw.enable > /dev/null 2>&1; then
22 if ! kldload ipfw; then
f3a7a722 23 warn "unable to load ipfw firewall module."
9c600e7d
MD
24 return 1
25 fi
26 fi
27
28 return 0
29}
30
31ipfw_start()
32{
33 # set the firewall rules script if none was specified
34 [ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall
35
36 if [ -r "${firewall_script}" ]; then
37 . "${firewall_script}"
38 echo -n 'Firewall rules loaded, starting divert daemons:'
39
40 # Network Address Translation daemon
41 #
42 if checkyesno natd_enable; then
43 if [ -n "${natd_interface}" ]; then
44 if echo ${natd_interface} | \
45 grep -q -E '^[0-9]+(\.[0-9]+){0,3}$'; then
46 natd_flags="$natd_flags -a ${natd_interface}"
47 else
48 natd_flags="$natd_flags -n ${natd_interface}"
49 fi
50 fi
51 echo -n ' natd'
52 ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
53 fi
54 elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
55 echo 'Warning: kernel has firewall functionality, but' \
56 ' firewall rules are not enabled.'
57 echo ' All ip services are disabled.'
58 fi
59 echo '.'
60
61 # Firewall logging
62 #
63 if checkyesno firewall_logging; then
64 echo 'Firewall logging enabled'
65 sysctl net.inet.ip.fw.verbose=1 >/dev/null
66 fi
67
68 # Enable the firewall
69 #
70 ${SYSCTL_W} net.inet.ip.fw.enable=1
71}
72
73ipfw_stop()
74{
75 # Disable the firewall
76 #
77 ${SYSCTL_W} net.inet.ip.fw.enable=0
78}
79
80load_rc_config $name
81run_rc_command "$1"