13 desc="IP packet filter"
14 rcvar="ipfilter_enable"
16 stop_precmd="test -f ${ipfilter_rules} -o -f ${ipv6_ipfilter_rules}"
18 start_precmd="$stop_precmd"
19 start_cmd="ipfilter_start"
20 stop_cmd="ipfilter_stop"
21 reload_precmd="$stop_precmd"
22 reload_cmd="ipfilter_reload"
23 resync_precmd="$stop_precmd"
24 resync_cmd="ipfilter_resync"
25 status_precmd="$stop_precmd"
26 status_cmd="ipfilter_status"
27 extra_commands="reload resync"
28 required_modules="ipl:ipfilter"
32 echo "Enabling ipfilter."
33 if ! ${ipfilter_program:-/sbin/ipf} -V | grep -q 'Running: yes'; then
34 ${ipfilter_program:-/sbin/ipf} -E
36 ${ipfilter_program:-/sbin/ipf} -Fa
37 if [ -r "${ipfilter_rules}" ]; then
38 ${ipfilter_program:-/sbin/ipf} \
39 -f "${ipfilter_rules}" ${ipfilter_flags}
41 if [ -r "${ipv6_ipfilter_rules}" ]; then
42 ${ipfilter_program:-/sbin/ipf} -6 \
43 -f "${ipv6_ipfilter_rules}" ${ipfilter_flags}
49 if ${ipfilter_program:-/sbin/ipf} -V | grep -q 'Running: yes'; then
50 echo "Saving firewall state tables"
51 ${ipfs_program:-/sbin/ipfs} -W ${ipfs_flags}
52 echo "Disabling ipfilter."
53 ${ipfilter_program:-/sbin/ipf} -D
59 echo "Reloading ipfilter rules."
61 ${ipfilter_program:-/sbin/ipf} -I -Fa
62 if [ -r "${ipfilter_rules}" ]; then
63 ${ipfilter_program:-/sbin/ipf} -I \
64 -f "${ipfilter_rules}" ${ipfilter_flags}
66 err 1 'Load of rules into alternate set failed; aborting reload'
69 if [ -r "${ipv6_ipfilter_rules}" ]; then
70 ${ipfilter_program:-/sbin/ipf} -I -6 \
71 -f "${ipv6_ipfilter_rules}" ${ipfilter_flags}
73 err 1 'Load of IPv6 rules into alternate set failed; aborting reload'
76 ${ipfilter_program:-/sbin/ipf} -s
82 ${ipfilter_program:-/sbin/ipf} -y ${ipfilter_flags}
87 ${ipfilter_program:-/sbin/ipf} -V