Use the new kldstat -q/-m options instead of "| grep"
[dragonfly.git] / etc / rc.d / pf
blob4c6db8d15033460f549e1df0b95c446f07407f0b
1 #!/bin/sh
3 # $FreeBSD: src/etc/rc.d/pf,v 1.3 2004/06/23 01:42:06 mlaier Exp $
4 # $DragonFly: src/etc/rc.d/pf,v 1.4 2008/01/08 15:30:34 matthias Exp $
7 # PROVIDE: pf
8 # REQUIRE: root mountcritlocal netif pflog
9 # BEFORE: DAEMON LOGIN
10 # KEYWORD: nojail
12 . /etc/rc.subr
14 name="pf"
15 rcvar=`set_rcvar`
16 load_rc_config $name
17 stop_precmd="test -f ${pf_rules}"
18 start_precmd="pf_prestart"
19 start_cmd="pf_start"
20 stop_cmd="pf_stop"
21 reload_precmd="$stop_precmd"
22 reload_cmd="pf_reload"
23 resync_precmd="$stop_precmd"
24 resync_cmd="pf_resync"
25 status_precmd="$stop_precmd"
26 status_cmd="pf_status"
27 extra_commands="reload resync status"
29 pf_prestart()
31 # load pf kernel module if needed
32 if [ `kldstat -q -m "pf"` -eq 1 ]; then
33 if kldload pf; then
34 info 'pf module loaded.'
35 else
36 err 1 'pf module failed to load.'
40 # check for pf rules
41 if [ ! -r "${pf_rules}" ]
42 then
43 warn 'pf: NO PF RULESET FOUND'
44 return 1
48 pf_start()
50 echo "Enabling pf."
51 ${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
52 if [ -r "${pf_rules}" ]; then
53 ${pf_program:-/sbin/pfctl} \
54 -f "${pf_rules}" ${pf_flags}
56 if ! ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
57 ${pf_program:-/sbin/pfctl} -e
61 pf_stop()
63 if ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
64 echo "Disabling pf."
65 ${pf_program:-/sbin/pfctl} -d
69 pf_reload()
71 echo "Reloading pf rules."
73 ${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
74 if [ -r "${pf_rules}" ]; then
75 ${pf_program:-/sbin/pfctl} \
76 -f "${pf_rules}" ${pf_flags}
80 pf_resync()
82 # Don't resync if pf is not loaded
83 if [ `kldstat -q -m "pf"` -eq 1 ]; then
84 return
86 ${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
89 pf_status()
91 ${pf_program:-/sbin/pfctl} -si
94 run_rc_command "$1"