etc/rc.d/pf

   1 #!/bin/sh
   2 #
   3 # $NetBSD: pf,v 1.8 2008/11/12 12:35:52 ad Exp $
   4 #
   5
   6 # PROVIDE: pf
   7 # REQUIRE: root bootconf mountcritlocal tty network dhclient
   8 # BEFORE: NETWORKING
   9
  10 $_rc_subr_loaded . /etc/rc.subr
  11
  12 name="pf"
  13 rcvar=$name
  14 start_precmd="pf_prestart"
  15 start_cmd="pf_start"
  16 stop_cmd="pf_stop"
  17 reload_cmd="pf_reload"
  18 status_cmd="pf_status"
  19 extra_commands="reload status"
  20
  21 pf_prestart()
  22 {
  23         if [ ! -f ${pf_rules} ]; then
  24                 warn "${pf_rules} not readable; pf start aborted."
  25
  26                 stop_boot
  27                 return 1
  28         fi
  29         return 0
  30 }
  31
  32 pf_start()
  33 {
  34         echo "Enabling pf firewall."
  35
  36         # The pf_boot script has enabled pf already.
  37         if [ "$autoboot" != yes ]; then
  38                 /sbin/pfctl -q -e
  39         fi
  40
  41         if [ -f ${pf_rules} ]; then
  42                 /sbin/pfctl -q -f ${pf_rules}
  43         else
  44                 warn "${pf_rules} not found; no pf rules loaded."
  45         fi
  46 }
  47
  48 pf_stop()
  49 {
  50         echo "Disabling pf firewall."
  51         /sbin/pfctl -q -Fa -d
  52 }
  53
  54 pf_reload()
  55 {
  56         echo "Reloading pf rules."
  57         if [ -f ${pf_rules} ]; then
  58                 /sbin/pfctl -q -f ${pf_rules}
  59         else
  60                 warn "${pf_rules} not found; no pf rules loaded."
  61         fi
  62 }
  63
  64 pf_status()
  65 {
  66         /sbin/pfctl -s info
  67 }
  68
  69 load_rc_config $name
  70 run_rc_command "$1"