Move etc/rc.firewall6 to ipfw2+v6, update related rc.d and periodic scripts.

Since ipfw2 now does dual-stack, statistics for IPv6 come from the ipfw
scripts as well.

3 files changed, 0 insertions, 118 deletions

diff --git a/etc/periodic/security/600.ip6fwdenied b/etc/periodic/security/600.ip6fwdenied
deleted file mode 100755
index 418ba17..0000000
--- a/etc/periodic/security/600.ip6fwdenied
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/bin/sh -
-#
-# Copyright (c) 2001  The FreeBSD Project
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in the
-#    documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
-    . /etc/defaults/periodic.conf
-    source_periodic_confs
-fi
-
-. /etc/periodic/security/security.functions
-
-rc=0
-
-case "$daily_status_security_ip6fwdenied_enable" in
-    [Yy][Ee][Ss])
-	TMP=`mktemp -t security`
-	if ip6fw -a l 2>/dev/null | egrep "deny|reset|unreach" > ${TMP}; then
-	  check_diff new_only ip6fw ${TMP} "${host} ip6fw denied packets:"
-	fi
-	rc=$?
-	rm -f ${TMP};;
-    *)	rc=0;;
-esac
-
-exit $rc
diff --git a/etc/periodic/security/650.ip6fwlimit b/etc/periodic/security/650.ip6fwlimit
deleted file mode 100755
index eaf4b10..0000000
--- a/etc/periodic/security/650.ip6fwlimit
+++ /dev/null
@@ -1,63 +0,0 @@
-#!/bin/sh -
-#
-# Copyright (c) 2001  The FreeBSD Project
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in the
-#    documentation and/or other materials provided with the distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
-# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
-# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
-# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
-# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
-# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
-# SUCH DAMAGE.
-#
-# $FreeBSD$
-#
-
-# Show ip6fw rules which have reached the log limit
-#
-
-# If there is a global system configuration file, suck it in.
-#
-if [ -r /etc/defaults/periodic.conf ]
-then
-    . /etc/defaults/periodic.conf
-    source_periodic_confs
-fi
-
-rc=0
-
-case "$daily_status_security_ip6fwlimit_enable" in
-    [Yy][Ee][Ss])
-	TMP=`mktemp -t security`
-	IP6FW_LOG_LIMIT=`sysctl -n net.inet6.ip6.fw.verbose_limit 2> /dev/null`
-	if [ $? -eq 0 ] && [ "${IP6FW_LOG_LIMIT}" -ne 0 ]; then
-	    ip6fw -a l | grep " log " | \
-	    grep '^[[:digit:]]\+[[:space:]]\+[[:digit:]]\+' | \
-	    awk -v limit="$IPFW_LOG_LIMIT" \
-		'{if ($2 > limit) {print $0}}' > ${TMP}
-	    if [ -s "${TMP}" ]; then
-		rc=1
-		echo ""
-		echo 'ip6fw log limit reached:'
-		cat ${TMP}
-	    fi
-	fi
-	rm -f ${TMP};;
-    *)	rc=0;;
-esac
-
-exit $rc
diff --git a/etc/periodic/security/Makefile b/etc/periodic/security/Makefile
index f8f405f..caf772c 100644
--- a/etc/periodic/security/Makefile
+++ b/etc/periodic/security/Makefile
@@ -8,8 +8,6 @@ FILES=	100.chksetuid \
 	510.ipfdenied \
 	520.pfdenied \
 	550.ipfwlimit \
-	600.ip6fwdenied \
-	650.ip6fwlimit \
 	700.kernelmsg \
 	800.loginfail \
 	900.tcpwrap \