1#!/bin/sh 2# 3# $NetBSD: pf,v 1.6 2005/08/23 12:12:56 peter Exp $ 4# 5 6# PROVIDE: pf 7# REQUIRE: root beforenetlkm mountcritlocal tty network dhclient 8# BEFORE: NETWORKING 9 10$_rc_subr_loaded . /etc/rc.subr 11 12name="pf" 13rcvar=$name 14start_precmd="pf_prestart" 15start_cmd="pf_start" 16stop_cmd="pf_stop" 17reload_cmd="pf_reload" 18status_cmd="pf_status" 19extra_commands="reload status" 20 21pf_prestart() 22{ 23 if [ ! -f ${pf_rules} ]; then 24 warn "${pf_rules} not readable; pf start aborted." 25 26 # If booting directly to multiuser, send SIGTERM to 27 # the parent (/etc/rc) to abort the boot 28 if [ "$autoboot" = yes ]; then 29 echo "ERROR: ABORTING BOOT (sending SIGTERM to parent)!" 30 kill -TERM $$ 31 exit 1 32 fi 33 return 1 34 fi 35 return 0 36} 37 38pf_start() 39{ 40 echo "Enabling pf firewall." 41 42 # The pf_boot script has enabled pf already. 43 if [ "$autoboot" != yes ]; then 44 /sbin/pfctl -q -e 45 fi 46 47 if [ -f ${pf_rules} ]; then 48 /sbin/pfctl -q -f ${pf_rules} 49 else 50 warn "${pf_rules} not found; no pf rules loaded." 51 fi 52} 53 54pf_stop() 55{ 56 echo "Disabling pf firewall." 57 /sbin/pfctl -q -Fa -d 58} 59 60pf_reload() 61{ 62 echo "Reloading pf rules." 63 if [ -f ${pf_rules} ]; then 64 /sbin/pfctl -q -f ${pf_rules} 65 else 66 warn "${pf_rules} not found; no pf rules loaded." 67 fi 68} 69 70pf_status() 71{ 72 /sbin/pfctl -s info 73} 74 75load_rc_config $name 76run_rc_command "$1" 77