projects / dragonfly.git / blame
| Commit | Line | Data |
|---|---|---|
| 95cc27f0 JS |
1 | #!/bin/sh |
| 2 | # | |
| 3 | # $FreeBSD: src/etc/rc.d/pf,v 1.3 2004/06/23 01:42:06 mlaier Exp $ | |
| 95cc27f0 JS |
4 | # |
| 5 | ||
| 6 | # PROVIDE: pf | |
| ce083385 AL |
7 | # REQUIRE: FILESYSTEMS netif pflog |
| 8 | # BEFORE: DAEMON | |
| 696a5717 | 9 | # KEYWORD: nojail |
| 95cc27f0 JS |
10 | |
| 11 | . /etc/rc.subr | |
| 12 | ||
| 13 | name="pf" | |
| 14 | rcvar=`set_rcvar` | |
| 15 | load_rc_config $name | |
| 16 | stop_precmd="test -f ${pf_rules}" | |
| 17 | start_precmd="pf_prestart" | |
| 18 | start_cmd="pf_start" | |
| 19 | stop_cmd="pf_stop" | |
| 20 | reload_precmd="$stop_precmd" | |
| 21 | reload_cmd="pf_reload" | |
| 22 | resync_precmd="$stop_precmd" | |
| 23 | resync_cmd="pf_resync" | |
| 24 | status_precmd="$stop_precmd" | |
| 25 | status_cmd="pf_status" | |
| 26 | extra_commands="reload resync status" | |
| 27 | ||
| 28 | pf_prestart() | |
| 29 | { | |
| 30 | # load pf kernel module if needed | |
| 0dfdc028 | 31 | kldstat -qm pf || kldload -n pf || exit 1 |
| 95cc27f0 JS |
32 | |
| 33 | # check for pf rules | |
| 34 | if [ ! -r "${pf_rules}" ] | |
| 35 | then | |
| 36 | warn 'pf: NO PF RULESET FOUND' | |
| 37 | return 1 | |
| 38 | fi | |
| 39 | } | |
| 40 | ||
| 41 | pf_start() | |
| 42 | { | |
| 43 | echo "Enabling pf." | |
| 44 | ${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1 | |
| 45 | if [ -r "${pf_rules}" ]; then | |
| 46 | ${pf_program:-/sbin/pfctl} \ | |
| 47 | -f "${pf_rules}" ${pf_flags} | |
| 48 | fi | |
| 49 | if ! ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then | |
| 50 | ${pf_program:-/sbin/pfctl} -e | |
| 51 | fi | |
| 52 | } | |
| 53 | ||
| 54 | pf_stop() | |
| 55 | { | |
| 56 | if ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then | |
| 57 | echo "Disabling pf." | |
| 58 | ${pf_program:-/sbin/pfctl} -d | |
| 59 | fi | |
| 60 | } | |
| 61 | ||
| 62 | pf_reload() | |
| 63 | { | |
| 64 | echo "Reloading pf rules." | |
| 65 | ||
| 66 | ${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1 | |
| 67 | if [ -r "${pf_rules}" ]; then | |
| 68 | ${pf_program:-/sbin/pfctl} \ | |
| 69 | -f "${pf_rules}" ${pf_flags} | |
| 70 | fi | |
| 71 | } | |
| 72 | ||
| 73 | pf_resync() | |
| 74 | { | |
| 75 | # Don't resync if pf is not loaded | |
| 779e1014 | 76 | if ! kldstat -q -m "pf"; then |
| 95cc27f0 JS |
77 | return |
| 78 | fi | |
| 79 | ${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags} | |
| 80 | } | |
| 81 | ||
| 82 | pf_status() | |
| 83 | { | |
| 84 | ${pf_program:-/sbin/pfctl} -si | |
| 85 | } | |
| 86 | ||
| 87 | run_rc_command "$1" |