diff options
| author | ceri <ceri@FreeBSD.org> | 2006-11-11 10:48:34 +0000 |
|---|---|---|
| committer | ceri <ceri@FreeBSD.org> | 2006-11-11 10:48:34 +0000 |
| commit | 4e3a86984ad5f8eeaaed1a277f17cba090b93160 (patch) | |
| tree | 94ddd9a01bca5721a1d68dd5cde30cb02bf35ba6 /etc | |
| parent | 65811bee7ffb0600e2aff61a1c203f7ffda56c6d (diff) | |
| download | FreeBSD-src-4e3a86984ad5f8eeaaed1a277f17cba090b93160.zip FreeBSD-src-4e3a86984ad5f8eeaaed1a277f17cba090b93160.tar.gz | |
Ensure that the load of rules into the alternate ruleset worked before
loading them into the live one too.
PR: conf/97311
Submitted by: David Bushong
Reviewed by: silence on rc@
Approved by: ru (mentor)
MFC after: 10 days
Diffstat (limited to 'etc')
| -rwxr-xr-x | etc/rc.d/ipfilter | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/etc/rc.d/ipfilter b/etc/rc.d/ipfilter index 3d91641..9142ec2 100755 --- a/etc/rc.d/ipfilter +++ b/etc/rc.d/ipfilter @@ -93,11 +93,17 @@ ipfilter_reload() if [ -r "${ipfilter_rules}" ]; then ${ipfilter_program:-/sbin/ipf} -I \ -f "${ipfilter_rules}" ${ipfilter_flags} + if [ $? -ne 0 ]; then + err 1 'Load of rules into alternate set failed; aborting reload' + fi fi ${ipfilter_program:-/sbin/ipf} -I -6 -Fa if [ -r "${ipv6_ipfilter_rules}" ]; then ${ipfilter_program:-/sbin/ipf} -I -6 \ -f "${ipv6_ipfilter_rules}" ${ipfilter_flags} + if [ $? -ne 0 ]; then + err 1 'Load of IPv6 rules into alternate set failed; aborting reload' + fi fi ${ipfilter_program:-/sbin/ipf} -s |
