diff options
author | danny <danny@FreeBSD.org> | 1997-09-11 10:59:02 +0000 |
---|---|---|
committer | danny <danny@FreeBSD.org> | 1997-09-11 10:59:02 +0000 |
commit | 347e2e3c367cf81b878169973f92ca840bdc2f79 (patch) | |
tree | d4778f03cfb9ffe99f176497f48c54a1dddcdbe9 /etc/network.subr | |
parent | 03e311c03496f6d71419c283ba3b3b5106a68144 (diff) | |
download | FreeBSD-src-347e2e3c367cf81b878169973f92ca840bdc2f79.zip FreeBSD-src-347e2e3c367cf81b878169973f92ca840bdc2f79.tar.gz |
Reviewed by: msmith, alex
Cosmetic changes to the loading of firewall rules and lkm.
Diffstat (limited to 'etc/network.subr')
-rw-r--r-- | etc/network.subr | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/etc/network.subr b/etc/network.subr index 3c5657d..fb35d2f 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -1,6 +1,6 @@ #!/bin/sh - # -# $Id: rc.network,v 1.8 1997/05/19 07:46:48 jkh Exp $ +# $Id: rc.network,v 1.9 1997/07/06 00:33:34 pst Exp $ # From: @(#)netstart 5.9 (Berkeley) 3/30/91 # Note that almost all the user-configurable behavior is no longer in @@ -54,13 +54,40 @@ network_pass1() { fi ifconfig ${ifn} done - - # If IP filtering - if [ -n "$firewall" -a "x$firewall" != "xNO" -a -f /etc/rc.firewall ] ; then - echo -n ' firewall' + + # Initialize IP filtering using ipfw + echo "" + /sbin/ipfw -q flush > /dev/null 2>&1 + if [ $? ] ; then + firewall_in_kernel=0 + else + firewall_in_kernel=1 + fi + + if [ $firewall_in_kernel = 0 -a "x$firewall_enable" = "xYES" ] ; then + modload /lkm/ipfw_mod.o + if [ $? = 0 ]; then + firewall_in_kernel=1 # module loaded successfully + echo "Kernel firewall module loaded." + else + echo "Warning: firewall kernel module failed to load." + fi + fi + + # Load the filters if required + if [ $firewall_in_kernel = 1 ]; then + if [ -n "$firewall_enable" -a -f /etc/rc.firewall -a \ + "x$firewall_enable" = "xYES" ] ; then . /etc/rc.firewall + echo "Firewall rules loaded." + else + echo "Warning: kernel has firewall functionality, but firewall rules are not enabled." + echo " All ip services are disabled." + fi fi + # Configure routing + if [ "x$defaultrouter" != "xNO" ] ; then static_routes="default ${static_routes}" route_default="default ${defaultrouter}" |