16 stop_precmd="test -f ${ipfilter_rules} -o -f ${ipv6_ipfilter_rules}"
18 start_precmd="$stop_precmd"
19 start_cmd="ipfilter_start"
20 stop_cmd="ipfilter_stop"
21 reload_precmd="$stop_precmd"
22 reload_cmd="ipfilter_reload"
23 resync_precmd="$stop_precmd"
24 resync_cmd="ipfilter_resync"
25 status_precmd="$stop_precmd"
26 status_cmd="ipfilter_status"
27 extra_commands="reload resync status"
28 required_modules="ipl:ipfilter"
32 echo "Enabling ipfilter."
33 if [ `sysctl -n net.inet.ipf.fr_running` -le 0 ]; then
34 ${ipfilter_program:-/sbin/ipf} -E
36 ${ipfilter_program:-/sbin/ipf} -Fa
37 if [ -r "${ipfilter_rules}" ]; then
38 ${ipfilter_program:-/sbin/ipf} \
39 -f "${ipfilter_rules}" ${ipfilter_flags}
41 ${ipfilter_program:-/sbin/ipf} -6 -Fa
42 if [ -r "${ipv6_ipfilter_rules}" ]; then
43 ${ipfilter_program:-/sbin/ipf} -6 \
44 -f "${ipv6_ipfilter_rules}" ${ipfilter_flags}
50 # XXX - The ipf -D command is not effective for 'lkm's
51 if [ `sysctl -n net.inet.ipf.fr_running` -eq 1 ]; then
52 echo "Saving firewall state tables"
53 ${ipfs_program:-/sbin/ipfs} -W ${ipfs_flags}
54 echo "Disabling ipfilter."
55 ${ipfilter_program:-/sbin/ipf} -D
61 echo "Reloading ipfilter rules."
63 ${ipfilter_program:-/sbin/ipf} -I -Fa
64 if [ -r "${ipfilter_rules}" ]; then
65 ${ipfilter_program:-/sbin/ipf} -I \
66 -f "${ipfilter_rules}" ${ipfilter_flags}
68 err 1 'Load of rules into alternate set failed; aborting reload'
71 ${ipfilter_program:-/sbin/ipf} -I -6 -Fa
72 if [ -r "${ipv6_ipfilter_rules}" ]; then
73 ${ipfilter_program:-/sbin/ipf} -I -6 \
74 -f "${ipv6_ipfilter_rules}" ${ipfilter_flags}
76 err 1 'Load of IPv6 rules into alternate set failed; aborting reload'
79 ${ipfilter_program:-/sbin/ipf} -s
85 ${ipfilter_program:-/sbin/ipf} -y ${ipfilter_flags}
90 ${ipfilter_program:-/sbin/ipf} -V