etc/rc.d/pf

   1 #!/bin/sh
   2 #
   3 # $FreeBSD$
   4 #
   5
   6 # PROVIDE: pf
   7 # REQUIRE: FILESYSTEMS netif pflog pfsync
   8 # BEFORE:  routing
   9 # KEYWORD: nojail
  10
  11 . /etc/rc.subr
  12
  13 name="pf"
  14 desc="Packet filter"
  15 rcvar="pf_enable"
  16 load_rc_config $name
  17 start_cmd="pf_start"
  18 stop_cmd="pf_stop"
  19 check_cmd="pf_check"
  20 reload_cmd="pf_reload"
  21 resync_cmd="pf_resync"
  22 status_cmd="pf_status"
  23 extra_commands="check reload resync"
  24 required_files="$pf_rules"
  25 required_modules="pf"
  26
  27 pf_start()
  28 {
  29         check_startmsgs && echo -n 'Enabling pf'
  30         $pf_program -F all > /dev/null 2>&1
  31         $pf_program -f "$pf_rules" $pf_flags
  32         if ! $pf_program -s info | grep -q "Enabled" ; then
  33                 $pf_program -eq
  34         fi
  35         check_startmsgs && echo '.'
  36 }
  37
  38 pf_stop()
  39 {
  40         if $pf_program -s info | grep -q "Enabled" ; then
  41                 echo -n 'Disabling pf'
  42                 $pf_program -dq
  43                 echo '.'
  44         fi
  45 }
  46
  47 pf_check()
  48 {
  49         echo "Checking pf rules."
  50         $pf_program -n -f "$pf_rules" $pf_flags
  51 }
  52
  53 pf_reload()
  54 {
  55         echo "Reloading pf rules."
  56         pf_resync
  57 }
  58
  59 pf_resync()
  60 {
  61         $pf_program -n -f "$pf_rules" $pf_flags || return 1
  62         $pf_program -f "$pf_rules" $pf_flags
  63 }
  64
  65 pf_status()
  66 {
  67         if ! [ -c /dev/pf ] ; then
  68                 echo "pf.ko is not loaded"
  69                 return 1
  70         else
  71                 $pf_program -s info
  72                 $pf_program -s Running >/dev/null
  73         fi
  74 }
  75
  76 run_rc_command "$1"