diff options
| author | darrenr <darrenr@FreeBSD.org> | 2001-07-30 23:12:02 +0000 |
|---|---|---|
| committer | darrenr <darrenr@FreeBSD.org> | 2001-07-30 23:12:02 +0000 |
| commit | a1ee75086a86420f9cc544cb50d9ca6806db9485 (patch) | |
| tree | d0703e840559baa9918222f2b479d94cec1eb124 /etc/rc.network | |
| parent | 55ce885ee7f4109bfff3176d4e38d284a4ca7eec (diff) | |
| download | FreeBSD-src-a1ee75086a86420f9cc544cb50d9ca6806db9485.zip FreeBSD-src-a1ee75086a86420f9cc544cb50d9ca6806db9485.tar.gz | |
Merge in patch to automagically decide whether or not a kldload of ipfilter
is required into rc.network.
Person failed to use a real name so both email addresses from PR included
(Sent was different to From).
PR: 22998
Submitted by: dl@leo.org/spock@empire.trek.org
Diffstat (limited to 'etc/rc.network')
| -rw-r--r-- | etc/rc.network | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/etc/rc.network b/etc/rc.network index 86db5ea..9d868af 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -60,8 +60,21 @@ network_pass1() { # Establish ipfilter ruleset as early as possible (best in # addition to IPFILTER_DEFAULT_BLOCK in the kernel config file) # + if /sbin/ipfstat -i > /dev/null 2>&1; then + ipfilter_in_kernel=1 + else + ipfilter_in_kernel=0 + fi + case "${ipfilter_enable}" in [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipfilter_rules}" ]; then echo -n ' ipfilter'; ${ipfilter_program:-/sbin/ipf -Fa -f} \ |
