diff options
author | dougb <dougb@FreeBSD.org> | 2009-06-01 05:35:03 +0000 |
---|---|---|
committer | dougb <dougb@FreeBSD.org> | 2009-06-01 05:35:03 +0000 |
commit | 96a94e728e673abb2809c29bf46b9ce6eb7630d1 (patch) | |
tree | 12b05c68db3f3a342e5ea532a1f81e411e5f5c58 /etc | |
parent | 868d2f6a927586fd01600a3c5e0aa99fbf2d7199 (diff) | |
download | FreeBSD-src-96a94e728e673abb2809c29bf46b9ce6eb7630d1.zip FreeBSD-src-96a94e728e673abb2809c29bf46b9ce6eb7630d1.tar.gz |
Make the pf and ipfw firewalls start before netif, just like ipfilter
already does. This eliminates a logical inconsistency, and a small
window where the system is open after the network comes up.
Diffstat (limited to 'etc')
-rwxr-xr-x | etc/rc.d/ip6fw | 1 | ||||
-rwxr-xr-x | etc/rc.d/ipfilter | 1 | ||||
-rwxr-xr-x | etc/rc.d/ipfs | 1 | ||||
-rwxr-xr-x | etc/rc.d/ipfw | 3 | ||||
-rwxr-xr-x | etc/rc.d/ipnat | 1 | ||||
-rwxr-xr-x | etc/rc.d/netif | 3 | ||||
-rwxr-xr-x | etc/rc.d/network_ipv6 | 2 | ||||
-rwxr-xr-x | etc/rc.d/pf | 2 | ||||
-rwxr-xr-x | etc/rc.d/pflog | 2 | ||||
-rwxr-xr-x | etc/rc.d/pfsync | 2 |
10 files changed, 7 insertions, 11 deletions
diff --git a/etc/rc.d/ip6fw b/etc/rc.d/ip6fw index 131d7a0..ca95d36 100755 --- a/etc/rc.d/ip6fw +++ b/etc/rc.d/ip6fw @@ -5,7 +5,6 @@ # PROVIDE: ip6fw # REQUIRE: routing -# BEFORE: network_ipv6 # KEYWORD: nojail . /etc/rc.subr diff --git a/etc/rc.d/ipfilter b/etc/rc.d/ipfilter index b0db802..fd1e99b 100755 --- a/etc/rc.d/ipfilter +++ b/etc/rc.d/ipfilter @@ -5,7 +5,6 @@ # PROVIDE: ipfilter # REQUIRE: FILESYSTEMS -# BEFORE: netif # KEYWORD: nojail . /etc/rc.subr diff --git a/etc/rc.d/ipfs b/etc/rc.d/ipfs index d9eb62d..9b5ccac 100755 --- a/etc/rc.d/ipfs +++ b/etc/rc.d/ipfs @@ -5,7 +5,6 @@ # PROVIDE: ipfs # REQUIRE: ipnat -# BEFORE: netif # KEYWORD: nojail shutdown . /etc/rc.subr diff --git a/etc/rc.d/ipfw b/etc/rc.d/ipfw index 2780943..43956e4 100755 --- a/etc/rc.d/ipfw +++ b/etc/rc.d/ipfw @@ -4,8 +4,7 @@ # # PROVIDE: ipfw -# REQUIRE: ppp -# BEFORE: NETWORKING +# REQUIRE: FILESYSTEMS # KEYWORD: nojail . /etc/rc.subr diff --git a/etc/rc.d/ipnat b/etc/rc.d/ipnat index 00434d5..6bf2e08 100755 --- a/etc/rc.d/ipnat +++ b/etc/rc.d/ipnat @@ -5,7 +5,6 @@ # PROVIDE: ipnat # REQUIRE: ipfilter -# BEFORE: DAEMON netif # KEYWORD: nojail . /etc/rc.subr diff --git a/etc/rc.d/netif b/etc/rc.d/netif index ad39f7f..7d630c5 100755 --- a/etc/rc.d/netif +++ b/etc/rc.d/netif @@ -26,7 +26,8 @@ # # PROVIDE: netif -# REQUIRE: atm1 cleanvar ipfilter FILESYSTEMS serial sppp sysctl +# REQUIRE: atm1 cleanvar FILESYSTEMS serial sppp sysctl +# REQUIRE: ipfilter ipfs pf ipfw # KEYWORD: nojail . /etc/rc.subr diff --git a/etc/rc.d/network_ipv6 b/etc/rc.d/network_ipv6 index d474164..381ced0 100755 --- a/etc/rc.d/network_ipv6 +++ b/etc/rc.d/network_ipv6 @@ -29,7 +29,7 @@ # # PROVIDE: network_ipv6 -# REQUIRE: routing +# REQUIRE: routing ip6fw # KEYWORD: nojail . /etc/rc.subr diff --git a/etc/rc.d/pf b/etc/rc.d/pf index f1044a3..21ce825 100755 --- a/etc/rc.d/pf +++ b/etc/rc.d/pf @@ -4,7 +4,7 @@ # # PROVIDE: pf -# REQUIRE: FILESYSTEMS netif pflog pfsync +# REQUIRE: FILESYSTEMS pflog pfsync # BEFORE: routing # KEYWORD: nojail diff --git a/etc/rc.d/pflog b/etc/rc.d/pflog index 001ad38..b6398a1 100755 --- a/etc/rc.d/pflog +++ b/etc/rc.d/pflog @@ -4,7 +4,7 @@ # # PROVIDE: pflog -# REQUIRE: FILESYSTEMS netif cleanvar +# REQUIRE: FILESYSTEMS cleanvar # KEYWORD: nojail . /etc/rc.subr diff --git a/etc/rc.d/pfsync b/etc/rc.d/pfsync index 8be8928..ba86154 100755 --- a/etc/rc.d/pfsync +++ b/etc/rc.d/pfsync @@ -4,7 +4,7 @@ # # PROVIDE: pfsync -# REQUIRE: FILESYSTEMS netif +# REQUIRE: FILESYSTEMS # KEYWORD: nojail . /etc/rc.subr |