diff options
| author | fjoe <fjoe@FreeBSD.org> | 2004-04-05 16:29:45 +0000 |
|---|---|---|
| committer | fjoe <fjoe@FreeBSD.org> | 2004-04-05 16:29:45 +0000 |
| commit | ea768cc3c26894afa3749739a91476398c797f60 (patch) | |
| tree | e6884197eaa06686dd80bf09d55281260a168c94 | |
| parent | 5fd7f55e2fbbe15c6218a0d91683a5a33e4fc445 (diff) | |
| download | FreeBSD-src-ea768cc3c26894afa3749739a91476398c797f60.zip FreeBSD-src-ea768cc3c26894afa3749739a91476398c797f60.tar.gz | |
Add separate script for natd. This fixes race condition with "ipfw restart"
(when new natd is started before old natd died) and allows to manage natd
without touching ipfw.
natd should probably be killed with SIGKILL when stopping natd.
| -rwxr-xr-x | etc/rc.d/Makefile | 2 | ||||
| -rw-r--r-- | etc/rc.d/ipfw | 29 | ||||
| -rw-r--r-- | etc/rc.d/natd | 42 |
3 files changed, 45 insertions, 28 deletions
diff --git a/etc/rc.d/Makefile b/etc/rc.d/Makefile index 852cf12..ab9b83a 100755 --- a/etc/rc.d/Makefile +++ b/etc/rc.d/Makefile @@ -21,7 +21,7 @@ FILES= DAEMON LOGIN NETWORKING SERVERS \ ldconfig local localpkg lomac lpd \ mixer motd mountcritlocal mountcritremote \ mountd moused mroute6d mrouted msgs \ - named netif netoptions \ + named natd netif netoptions \ network_ipv6 nfsclient nfsd \ nfslocking nfsserver nisdomain ntpd ntpdate \ othermta \ diff --git a/etc/rc.d/ipfw b/etc/rc.d/ipfw index 50b8cf7..990c14e 100644 --- a/etc/rc.d/ipfw +++ b/etc/rc.d/ipfw @@ -37,31 +37,7 @@ ipfw_start() if [ -r "${firewall_script}" ]; then . "${firewall_script}" echo -n 'Firewall rules loaded, starting divert daemons:' - - # Network Address Translation daemon - # - if checkyesno natd_enable; then - dhcp_list="`list_net_interfaces dhcp`" - for ifn in ${dhcp_list}; do - case ${natd_interface} in - ${ifn}) - natd_flags="$natd_flags -dynamic" - ;; - *) - ;; - esac - done - if [ -n "${natd_interface}" ]; then - if echo ${natd_interface} | \ - grep -q -E '^[0-9]+(\.[0-9]+){0,3}$'; then - natd_flags="$natd_flags -a ${natd_interface}" - else - natd_flags="$natd_flags -n ${natd_interface}" - fi - fi - echo -n ' natd' - ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} - fi + /etc/rc.d/natd start elif [ "`ipfw l 65535`" = "65535 deny ip from any to any" ]; then echo 'Warning: kernel has firewall functionality, but' \ ' firewall rules are not enabled.' @@ -86,8 +62,7 @@ ipfw_stop() # Disable the firewall # ${SYSCTL_W} net.inet.ip.fw.enable=0 - killall natd; - sleep 2; + /etc/rc.d/natd stop } load_rc_config $name diff --git a/etc/rc.d/natd b/etc/rc.d/natd new file mode 100644 index 0000000..53a370d --- /dev/null +++ b/etc/rc.d/natd @@ -0,0 +1,42 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: natd +# KEYWORD: FreeBSD nostart nojail + +. /etc/rc.subr +. /etc/network.subr + +name="natd" +rcvar=`set_rcvar` +command="/sbin/${name}" +start_cmd="natd_start" + +natd_start() +{ + dhcp_list="`list_net_interfaces dhcp`" + for ifn in ${dhcp_list}; do + case ${natd_interface} in + ${ifn}) + natd_flags="$natd_flags -dynamic" + ;; + *) + ;; + esac + done + if [ -n "${natd_interface}" ]; then + if echo ${natd_interface} | \ + grep -q -E '^[0-9]+(\.[0-9]+){0,3}$'; then + natd_flags="$natd_flags -a ${natd_interface}" + else + natd_flags="$natd_flags -n ${natd_interface}" + fi + fi + echo -n ' natd' + ${natd_program:-/sbin/natd} ${natd_flags} ${natd_ifarg} +} + +load_rc_config $name +run_rc_command "$1" |
