Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow pf flags to be specified in rc.conf. 

Add default to defaults/rc.d as suggested by lukem@
This commit is contained in:
darcy 2011-11-21 20:56:21 +00:00
parent abbdc04fd6
commit 77a099d5ff
2 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
etc/defaults/rc.conf
View File

@ -1,4 +1,4 @@
# $NetBSD: rc.conf,v 1.115 2011/09/06 21:32:29 riz Exp $ # $NetBSD: rc.conf,v 1.116 2011/11/21 20:56:21 darcy Exp $
# #
# /etc/defaults/rc.conf -- # /etc/defaults/rc.conf --
# default configuration of /etc/rc.conf # default configuration of /etc/rc.conf
@ -167,7 +167,7 @@ ipnat=NO # uses /etc/ipnat.conf
ipfs=NO ipfs_flags="" # save/load ipnat and ipf states ipfs=NO ipfs_flags="" # save/load ipnat and ipf states
ipsec=NO # uses /etc/ipsec.conf ipsec=NO # uses /etc/ipsec.conf
ipmon=NO ipmon_flags="-Dns" # syslog ipfilter messages ipmon=NO ipmon_flags="-Dns" # syslog ipfilter messages
pf=NO pf_rules="/etc/pf.conf" pf=NO pf_rules="/etc/pf.conf" pf_flags=""
pflogd=NO pflogd=NO
ftp_proxy=NO ftp_proxy=NO
racoon=NO # IKE daemon racoon=NO # IKE daemon

12
etc/rc.d/pf
View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# $NetBSD: pf,v 1.9 2008/11/22 20:23:33 tsutsui Exp $ # $NetBSD: pf,v 1.10 2011/11/21 20:56:21 darcy Exp $
# #
# PROVIDE: pf # PROVIDE: pf
@ -35,11 +35,11 @@ pf_start()
# The pf_boot script has enabled pf already. # The pf_boot script has enabled pf already.
if [ "$autoboot" != yes ]; then if [ "$autoboot" != yes ]; then
/sbin/pfctl -q -e /sbin/pfctl -q ${pf_flags} -e
fi fi
if [ -f ${pf_rules} ]; then if [ -f ${pf_rules} ]; then
/sbin/pfctl -q -f ${pf_rules} /sbin/pfctl -q ${pf_flags} -f ${pf_rules}
else else
warn "${pf_rules} not found; no pf rules loaded." warn "${pf_rules} not found; no pf rules loaded."
fi fi
@ -48,14 +48,14 @@ pf_start()
pf_stop() pf_stop()
{ {
echo "Disabling pf firewall." echo "Disabling pf firewall."
/sbin/pfctl -q -Fa -d /sbin/pfctl -q ${pf_flags} -Fa -d
} }
pf_reload() pf_reload()
{ {
echo "Reloading pf rules." echo "Reloading pf rules."
if [ -f ${pf_rules} ]; then if [ -f ${pf_rules} ]; then
/sbin/pfctl -q -f ${pf_rules} /sbin/pfctl -q ${pf_flags} -f ${pf_rules}
else else
warn "${pf_rules} not found; no pf rules loaded." warn "${pf_rules} not found; no pf rules loaded."
fi fi
@ -63,7 +63,7 @@ pf_reload()
pf_status() pf_status()
{ {
/sbin/pfctl -s info /sbin/pfctl ${pf_flags} -s info
} }
load_rc_config $name load_rc_config $name