Expand PMF_FN_* macros.
[netbsd-mini2440.git] / etc / rc.d / ipfilter
blobce66b0cabe900f0724a2a35614811111ef8415d5
1 #!/bin/sh
3 # $NetBSD: ipfilter,v 1.17 2008/11/22 20:23:33 tsutsui Exp $
6 # PROVIDE: ipfilter
7 # REQUIRE: root bootconf mountcritlocal tty
9 $_rc_subr_loaded . /etc/rc.subr
11 name="ipfilter"
12 rcvar=$name
13 start_precmd="ipfilter_prestart"
14 start_cmd="ipfilter_start"
15 stop_precmd="test -f /etc/ipf.conf -o -f /etc/ipf6.conf"
16 stop_cmd="ipfilter_stop"
17 reload_precmd="$stop_precmd"
18 reload_cmd="ipfilter_reload"
19 resync_precmd="$stop_precmd"
20 resync_cmd="ipfilter_resync"
21 status_precmd="$stop_precmd"
22 status_cmd="ipfilter_status"
23 extra_commands="reload resync status"
25 ipfilter_prestart()
27 if [ ! -f /etc/ipf.conf ] && [ ! -f /etc/ipf6.conf ]; then
28 warn "/etc/ipf*.conf not readable; ipfilter start aborted."
30 stop_boot
31 return 1
33 return 0
36 ipfilter_start()
38 echo "Enabling ipfilter."
39 /sbin/ipf ${rc_flags} -E
41 # Do the flush first; since older ipf has different semantics.
43 if [ -f /etc/ipf.conf ]; then
44 /sbin/ipf -Fa
46 if [ -f /etc/ipf6.conf ]; then
47 /sbin/ipf -6 -Fa
50 # Now load the config files
52 if [ -f /etc/ipf.conf ]; then
53 /sbin/ipf -f /etc/ipf.conf
55 if [ -f /etc/ipf6.conf ]; then
56 /sbin/ipf -6 -f /etc/ipf6.conf
60 ipfilter_stop()
62 echo "Disabling ipfilter."
63 /sbin/ipf -D
66 ipfilter_reload()
68 echo "Reloading ipfilter rules."
70 # Do the flush first; since older ipf has different semantics.
72 if [ -f /etc/ipf.conf ]; then
73 /sbin/ipf -I -Fa
75 if [ -f /etc/ipf6.conf ]; then
76 /sbin/ipf -6 -I -Fa
79 # Now load the config files into the Inactive set
81 if [ -f /etc/ipf.conf ] && ! /sbin/ipf -I -f /etc/ipf.conf; then
82 err 1 "reload of ipf.conf failed; not swapping to new ruleset."
84 if [ -f /etc/ipf6.conf ] && ! /sbin/ipf -I -6 -f /etc/ipf6.conf; then
85 err 1 "reload of ipf6.conf failed; not swapping to new ruleset."
88 # Swap in the new rules
90 /sbin/ipf -s
93 ipfilter_resync()
95 /sbin/ipf -y
98 ipfilter_status()
100 /sbin/ipf -V
103 load_rc_config $name
104 run_rc_command "$1"