projects / dragonfly.git / blob
? search:


a7e8cec88afb8baffbbd7cdf90a885f092103286
[dragonfly.git] / etc / rc.d / ip6fw
1 #!/bin/sh
2 #
3 # $FreeBSD: src/etc/rc.d/ip6fw,v 1.3 2003/06/29 05:15:57 mtm Exp $
4 #
5
6 # PROVIDE: ip6fw
7 # REQUIRE: routing
8 # BEFORE: network_ipv6
9
10 . /etc/rc.subr
11
12 name="ip6fw"
13 rcvar=`set_rcvar ipv6_firewall`
14 start_cmd="ip6fw_start"
15 start_precmd="ip6fw_prestart"
16 stop_cmd="${SYSCTL_W} net.inet6.ip6.fw.enable=0"
17
18 ip6fw_prestart()
19 {
20         # Load IPv6 firewall module, if not already loaded
21         if ! ${SYSCTL} net.inet6.ip6.fw.enable > /dev/null 2>&1; then
22                 kldstat -m ip6fw || kldload -n ip6fw || return 1
23         fi
24         return 0
25 }
26
27 ip6fw_start()
28 {
29         # Specify default rules file if none provided
30         if [ -z "${ipv6_firewall_script}" ]; then
31                 ipv6_firewall_script=/etc/rc.firewall6
32         fi
33
34         # Load rules
35         #
36         if [ -r "${ipv6_firewall_script}" ]; then
37                 . "${ipv6_firewall_script}"
38                 echo 'IPv6 Firewall rules loaded.'
39         elif [ "`ip6fw l 65535`" = "65535 deny ipv6 from any to any" ]; then
40                 warn 'IPv6 firewall rules have not been loaded. Default' \
41                     ' to DENY all access.'
42         fi
43
44         # Enable firewall logging
45         #
46         if checkyesno ipv6_firewall_logging; then
47                 echo 'IPv6 Firewall logging=YES'
48                 sysctl net.inet6.ip6.fw.verbose=1 >/dev/null
49         fi
50 }
51
52 load_rc_config $name
53 run_rc_command "$1"
DragonFly Project Source