diff options
author | ume <ume@FreeBSD.org> | 2002-11-02 08:21:26 +0000 |
---|---|---|
committer | ume <ume@FreeBSD.org> | 2002-11-02 08:21:26 +0000 |
commit | 6866e4bdcadbb5f349d46c00e275956b679f432b (patch) | |
tree | aa5ccbd31b7b338b754059e0c9d91a49b15ee782 /etc/rc.d | |
parent | 635e3ab81e29feed15a1dbbb08bea9455a49423a (diff) | |
download | FreeBSD-src-6866e4bdcadbb5f349d46c00e275956b679f432b.zip FreeBSD-src-6866e4bdcadbb5f349d46c00e275956b679f432b.tar.gz |
Add IPv6 setup for ipfilter. `ipv6_ipfilter_rules' was added
to specify rules definition file for ipfilter. The default is
/etc/ipf6.rules. If there is a file which is specified by
'ipv6_ipfilter_rules', IPv6 rule is installed.
Reviewed by: Ronald van der Pol <Ronald.vanderPol@rvdp.org>
MFC after: 1 week
Diffstat (limited to 'etc/rc.d')
-rwxr-xr-x | etc/rc.d/ipfilter | 27 |
1 files changed, 21 insertions, 6 deletions
diff --git a/etc/rc.d/ipfilter b/etc/rc.d/ipfilter index 2ee2d28..423717e 100755 --- a/etc/rc.d/ipfilter +++ b/etc/rc.d/ipfilter @@ -16,7 +16,7 @@ load_rc_config $name case ${OSTYPE} in FreeBSD) - stop_precmd="test -f ${ipfilter_rules}" + stop_precmd="test -f ${ipfilter_rules} -o -f ${ipv6_ipfilter_rules}" ;; NetBSD) stop_precmd="test -f /etc/ipf.conf -o -f /etc/ipf6.conf" @@ -49,7 +49,8 @@ FreeBSD) fi # check for ipfilter rules - if [ ! -r "${ipfilter_rules}" ]; then + if [ ! -r "${ipfilter_rules}" ] && [ ! -r "${ipv6_ipfilter_rules}" ] + then warn 'IP-filter: NO IPF RULES' return 1 fi @@ -78,8 +79,15 @@ ipfilter_start() echo "Enabling ipfilter." case ${OSTYPE} in FreeBSD) - ${ipfilter_program:-/sbin/ipf} -Fa -f \ - "${ipfilter_rules}" ${ipfilter_flags} + ${ipfilter_program:-/sbin/ipf} -Fa + if [ -r "${ipfilter_rules}" ]; then + ${ipfilter_program:-/sbin/ipf} \ + -f "${ipfilter_rules}" ${ipfilter_flags} + fi + if [ -r "${ipv6_ipfilter_rules}" ]; then + ${ipfilter_program:-/sbin/ipf} -6 \ + -f "${ipv6_ipfilter_rules}" ${ipfilter_flags} + fi ;; NetBSD) /sbin/ipf -E -Fa @@ -114,8 +122,15 @@ ipfilter_reload() case ${OSTYPE} in FreeBSD) - ${ipfilter_program:-/sbin/ipf} -I -Fa -f \ - "${ipfilter_rules}" ${ipfilter_flags} + ${ipfilter_program:-/sbin/ipf} -I -Fa + if [ -r "${ipfilter_rules}" ]; then + ${ipfilter_program:-/sbin/ipf} -I \ + -f "${ipfilter_rules}" ${ipfilter_flags} + fi + if [ -r "${ipv6_ipfilter_rules}" ]; then + ${ipfilter_program:-/sbin/ipf} -I -6 \ + -f "${ipv6_ipfilter_rules}" ${ipfilter_flags} + fi ;; NetBSD) /sbin/ipf -I -Fa |