NetBSD/etc/rc.d/ipnat

#!/bin/sh
#
# $NetBSD: ipnat,v 1.13 2004/10/12 14:51:03 lukem Exp $
#

# PROVIDE: ipnat
# REQUIRE: ipfilter mountcritremote
# BEFORE:  SERVERS

$_rc_subr_loaded . /etc/rc.subr

name="ipnat"
rcvar=$name
config="/etc/ipnat.conf"
start_cmd="ipnat_start"
stop_cmd="/usr/sbin/ipnat -F -C"
reload_cmd="/usr/sbin/ipnat -C -f ${config}"
restart_cmd="/usr/sbin/ipnat -F -C -f ${config}"
extra_commands="reload"

ipnat_start()
{
	if [ ! -f ${config} ]; then
		return 0
	fi
	if [ "$(/sbin/sysctl -n net.inet.ip.forwarding)" = "0" ]; then
		logger -s -p daemon.warning -t ipnat \
			"WARNING: net.inet.ip.forwarding is 0"
	fi
	if ! checkyesno ipfilter || [ ! -f /etc/ipf.conf ]; then
		echo "Enabling ipfilter for NAT."
		/sbin/ipf -E -Fa
	fi
	echo -n "Installing NAT rules ... "
	/usr/sbin/ipnat -F -f ${config}
}

load_rc_config $name
load_rc_config_var ipfilter ipfilter
run_rc_command "$1"
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00			`#!/bin/sh`
			`#`
Use 'load_rc_config_var CMD VAR' to set VAR for "foreign" rc.conf(5) variables that may be set in /etc/rc.conf.d/CMD instead of /etc/rc.conf. Fixes PR 20768 from Pavel Cahyna. 2004-10-12 18:51:03 +04:00			`# $NetBSD: ipnat,v 1.13 2004/10/12 14:51:03 lukem Exp $`
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00			`#`

			`# PROVIDE: ipnat`
needs to run after mountcritremote, since ipnat is in /usr/sbin 2000-08-22 03:33:50 +04:00			`# REQUIRE: ipfilter mountcritremote`
ipnat needs to be before SERVERS - one may need NAT for servers to work (eg, ntpdate). 2003-08-22 12:43:26 +04:00			`# BEFORE: SERVERS`
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00
Add an _rc_subr_loaded variable, set to ":" by rc.subr. Scripts can use this for a speedup by doing: $_rc_subr_loaded . /etc/rc.subr 2004-08-13 22:08:03 +04:00			`$_rc_subr_loaded . /etc/rc.subr`
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00
			`name="ipnat"`
- only perform the checkyesno on the variable named in $rcvar (rather than implicitly using $name if $rcvar isn't set), and always perform this check, even when using start_cmd (et al). this check is performed before the pidcmd is run, speeding up scripts that weren't going to be run anyway. this should speed up booting slow systems. - take advantage of the above and remove start_precmd="checkyesno foo" in scripts that use start_cmd. - explicitly set rcvar=foo in the rc.d/foo scripts which have an equivalent rc.conf entry - fix `rcvar' and `restart' when $rcvar isn't set. these above changes fix PR [bin/11027]. - when doing `force', ignore the return value of _precmd. this fixes PR [bin/10781]. - rename what sysdb provides from `databases' to `sysdb', to reflect the name of the script. - improve the comments in rc.subr 2000-09-19 17:04:38 +04:00			`rcvar=$name`
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00			`config="/etc/ipnat.conf"`
			`start_cmd="ipnat_start"`
			`stop_cmd="/usr/sbin/ipnat -F -C"`
change behaviour of 'reload' to only reload the NAT rules and NOT flush the state table, making it much more useful. The behaviour of 'restart' is unchanged (flush state table and reload rules), but is now done slightly more elegantly. ok'd by lukem. 2003-02-17 01:18:46 +03:00			`reload_cmd="/usr/sbin/ipnat -C -f ${config}"`
			`restart_cmd="/usr/sbin/ipnat -F -C -f ${config}"`
use extra_commands= instead of using 2nd argument to run_rc_command 2000-04-30 17:23:04 +04:00			`extra_commands="reload"`

rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00			`ipnat_start()`
			`{`
			`if [ ! -f ${config} ]; then`
			`return 0`
			`fi`
Use new style command substitution. 2004-10-11 19:00:51 +04:00			`if [ "$(/sbin/sysctl -n net.inet.ip.forwarding)" = "0" ]; then`
Print a warning message if IP forwarding is not activated (PR#10295). 2002-09-24 15:03:53 +04:00			`logger -s -p daemon.warning -t ipnat \`
			`"WARNING: net.inet.ip.forwarding is 0"`
			`fi`
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00			`if ! checkyesno ipfilter \|\| [ ! -f /etc/ipf.conf ]; then`
Rearrange so the ouput of this is a bit more cosmetic. 2000-03-12 06:49:36 +03:00			`echo "Enabling ipfilter for NAT."`
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00			`/sbin/ipf -E -Fa`
			`fi`
Rearrange so the ouput of this is a bit more cosmetic. 2000-03-12 06:49:36 +03:00			`echo -n "Installing NAT rules ... "`
rc.d scripts derived from /etc/rc 2000-03-10 14:53:23 +03:00			`/usr/sbin/ipnat -F -f ${config}`
			`}`

Use load_rc_config() (from rc.subr) instead of sourcing /etc/rc.conf. This allows us or a user to change the configuration file method in one place - rc.subr - without having to edit all of the rc.d/* files. 2000-05-13 12:45:06 +04:00			`load_rc_config $name`
Use 'load_rc_config_var CMD VAR' to set VAR for "foreign" rc.conf(5) variables that may be set in /etc/rc.conf.d/CMD instead of /etc/rc.conf. Fixes PR 20768 from Pavel Cahyna. 2004-10-12 18:51:03 +04:00			`load_rc_config_var ipfilter ipfilter`
use extra_commands= instead of using 2nd argument to run_rc_command 2000-04-30 17:23:04 +04:00			`run_rc_command "$1"`