kernel - Make certain sysctl's unlocked

[dragonfly.git] / etc / rc.d / pf

#!/bin/sh
#
# $FreeBSD: src/etc/rc.d/pf,v 1.3 2004/06/23 01:42:06 mlaier Exp $
#

# PROVIDE: pf
# REQUIRE: root mountcritlocal netif pflog
# BEFORE:  DAEMON LOGIN
# KEYWORD: nojail

. /etc/rc.subr

name="pf"
rcvar=`set_rcvar`
load_rc_config $name
stop_precmd="test -f ${pf_rules}"
start_precmd="pf_prestart"
start_cmd="pf_start"
stop_cmd="pf_stop"
reload_precmd="$stop_precmd"
reload_cmd="pf_reload"
resync_precmd="$stop_precmd"
resync_cmd="pf_resync"
status_precmd="$stop_precmd"
status_cmd="pf_status"
extra_commands="reload resync status"

pf_prestart()
{
        # load pf kernel module if needed
        kldstat -m pf || kldload -n pf || exit 1

        # check for pf rules
        if [ ! -r "${pf_rules}" ]
        then
                warn 'pf: NO PF RULESET FOUND'
                return 1
        fi
}

pf_start()
{
        echo "Enabling pf."
        ${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
        if [ -r "${pf_rules}" ]; then
                ${pf_program:-/sbin/pfctl} \
                    -f "${pf_rules}" ${pf_flags}
        fi
        if ! ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
                ${pf_program:-/sbin/pfctl} -e
        fi
}

pf_stop()
{
        if ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
                echo "Disabling pf."
                ${pf_program:-/sbin/pfctl} -d
        fi
}

pf_reload()
{
        echo "Reloading pf rules."

        ${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
        if [ -r "${pf_rules}" ]; then
                ${pf_program:-/sbin/pfctl} \
                    -f "${pf_rules}" ${pf_flags}
        fi
}

pf_resync()
{
        # Don't resync if pf is not loaded
        if ! kldstat -q -m "pf"; then
                 return
        fi
        ${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
}

pf_status()
{
        ${pf_program:-/sbin/pfctl} -si
}

run_rc_command "$1"