diff options
| author | gordon <gordon@FreeBSD.org> | 2002-06-13 22:14:37 +0000 |
|---|---|---|
| committer | gordon <gordon@FreeBSD.org> | 2002-06-13 22:14:37 +0000 |
| commit | 9c5433cb225f7a4e56e87623ea2e4011179553a5 (patch) | |
| tree | 3168589e209abd888b033397e3c46dee6131a116 /etc/rc.d/ipnat | |
| parent | 50d99cdfecd92f5323a18aa791a5b1cb9d8b7191 (diff) | |
| download | FreeBSD-src-9c5433cb225f7a4e56e87623ea2e4011179553a5.zip FreeBSD-src-9c5433cb225f7a4e56e87623ea2e4011179553a5.tar.gz | |
Merge in all the changes that Mike Makonnen has been maintaining for a
while. This is only the script pieces, the glue for the build comes next.
Submitted by: Mike Makonnen <makonnen@pacbell.net>
Reviewed by: silence on -current and -hackers
Prodded by: rwatson
Diffstat (limited to 'etc/rc.d/ipnat')
| -rwxr-xr-x | etc/rc.d/ipnat | 80 |
1 files changed, 66 insertions, 14 deletions
diff --git a/etc/rc.d/ipnat b/etc/rc.d/ipnat index 1ac21c0..6d4dd3a 100755 --- a/etc/rc.d/ipnat +++ b/etc/rc.d/ipnat @@ -1,32 +1,84 @@ #!/bin/sh # -# $NetBSD: ipnat,v 1.5 2000/08/21 23:33:50 lukem Exp $ +# $NetBSD: ipnat,v 1.6 2000/09/19 13:04:38 lukem Exp $ +# $FreeBSD$ # # PROVIDE: ipnat # REQUIRE: ipfilter mountcritremote +# BEFORE: DAEMON +# KEYWORD: FreeBSD NetBSD . /etc/rc.subr name="ipnat" -rcvar=$name -config="/etc/ipnat.conf" +rcvar=`set_rcvar` + +case `${CMD_OSTYPE}` in +FreeBSD) + IPNATDIR="/sbin" + start_precmd="ipnat_precmd" + reload_cmd="ipnat_start" + ;; +NetBSD) + IPNATDIR="/usr/sbin" + config="/etc/ipnat.conf" + reload_cmd="/usr/sbin/ipnat -F -C -f ${config}" + start_precmd= + ;; +esac + start_cmd="ipnat_start" -stop_cmd="/usr/sbin/ipnat -F -C" -reload_cmd="/usr/sbin/ipnat -F -C -f ${config}" +stop_cmd="${ipnat_program:-${IPNATDIR}/${name}} -F -C" extra_commands="reload" -ipnat_start() +ipnat_precmd() { - if [ ! -f ${config} ]; then - return 0 + # Make sure ipfilter is loaded before continuing + if ! ${SYSCTL} net.inet.ipf.fr_pass >/dev/null 2>&1 ; then + err 'ipnat requires ipfilter be loaded' + return 1 fi - if ! checkyesno ipfilter || [ ! -f /etc/ipf.conf ]; then - echo "Enabling ipfilter for NAT." - /sbin/ipf -E -Fa - fi - echo -n "Installing NAT rules ... " - /usr/sbin/ipnat -F -f ${config} + return 0 +} + +ipnat_start() +{ + case `${CMD_OSTYPE}` in + FreeBSD) + echo -n 'Installing NAT rules ... ' + if [ -r "${ipnat_rules}" ]; then + ${ipnat_program:-/sbin/ipnat} -CF -f \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi + echo '.' + + # restore filter/NAT state tables after loading the rules + if checkyesno ipfs_enable ; then + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs' + ${ipfs_program:-/sbin/ipfs} -R ${ipfs_flags} + # remove files to avoid reloading old state + # after an ungraceful shutdown + rm -f /var/db/ipf/ipstate.ipf + rm -f /var/db/ipf/ipnat.ipf + fi + fi + ;; + NetBSD) + if [ ! -f ${config} ]; then + return 0 + fi + if ! checkyesno ipfilter || [ ! -f /etc/ipf.conf ]; then + echo "Enabling ipfilter for NAT." + /sbin/ipf -E -Fa + fi + echo -n "Installing NAT rules ... " + /usr/sbin/ipnat -F -f ${config} + ;; + esac } load_rc_config $name |
