3 # $FreeBSD: src/etc/rc.d/ipfw,v 1.4 2003/03/30 15:52:18 mtm Exp $
4 # $DragonFly: src/etc/rc.d/ipfw,v 1.2 2004/01/26 17:21:15 rob Exp $
15 rcvar="firewall_enable"
16 start_cmd="ipfw_start"
17 start_precmd="ipfw_precmd"
22 if ! ${SYSCTL} net.inet.ip.fw.enable > /dev/null 2>&1; then
23 if ! kldload ipfw; then
24 warn unable to load firewall module.
34 # set the firewall rules script if none was specified
35 [ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall
37 if [ -r "${firewall_script}" ]; then
38 . "${firewall_script}"
39 echo -n 'Firewall rules loaded, starting divert daemons:'
41 # Network Address Translation daemon
43 if checkyesno natd_enable; then
44 if [ -n "${natd_interface}" ]; then
45 if echo ${natd_interface} | \
46 grep -q -E '^[0-9]+(\.[0-9]+){0,3}$'; then
47 natd_flags="$natd_flags -a ${natd_interface}"
49 natd_flags="$natd_flags -n ${natd_interface}"
53 ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg}
55 elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then
56 echo 'Warning: kernel has firewall functionality, but' \
57 ' firewall rules are not enabled.'
58 echo ' All ip services are disabled.'
64 if checkyesno firewall_logging; then
65 echo 'Firewall logging enabled'
66 sysctl net.inet.ip.fw.verbose=1 >/dev/null
71 ${SYSCTL_W} net.inet.ip.fw.enable=1
76 # Disable the firewall
78 ${SYSCTL_W} net.inet.ip.fw.enable=0