summaryrefslogtreecommitdiffstats
path: root/etc/rc.d/ipnat
diff options
context:
space:
mode:
Diffstat (limited to 'etc/rc.d/ipnat')
-rwxr-xr-xetc/rc.d/ipnat80
1 files changed, 66 insertions, 14 deletions
diff --git a/etc/rc.d/ipnat b/etc/rc.d/ipnat
index 1ac21c0..6d4dd3a 100755
--- a/etc/rc.d/ipnat
+++ b/etc/rc.d/ipnat
@@ -1,32 +1,84 @@
#!/bin/sh
#
-# $NetBSD: ipnat,v 1.5 2000/08/21 23:33:50 lukem Exp $
+# $NetBSD: ipnat,v 1.6 2000/09/19 13:04:38 lukem Exp $
+# $FreeBSD$
#
# PROVIDE: ipnat
# REQUIRE: ipfilter mountcritremote
+# BEFORE: DAEMON
+# KEYWORD: FreeBSD NetBSD
. /etc/rc.subr
name="ipnat"
-rcvar=$name
-config="/etc/ipnat.conf"
+rcvar=`set_rcvar`
+
+case `${CMD_OSTYPE}` in
+FreeBSD)
+ IPNATDIR="/sbin"
+ start_precmd="ipnat_precmd"
+ reload_cmd="ipnat_start"
+ ;;
+NetBSD)
+ IPNATDIR="/usr/sbin"
+ config="/etc/ipnat.conf"
+ reload_cmd="/usr/sbin/ipnat -F -C -f ${config}"
+ start_precmd=
+ ;;
+esac
+
start_cmd="ipnat_start"
-stop_cmd="/usr/sbin/ipnat -F -C"
-reload_cmd="/usr/sbin/ipnat -F -C -f ${config}"
+stop_cmd="${ipnat_program:-${IPNATDIR}/${name}} -F -C"
extra_commands="reload"
-ipnat_start()
+ipnat_precmd()
{
- if [ ! -f ${config} ]; then
- return 0
+ # Make sure ipfilter is loaded before continuing
+ if ! ${SYSCTL} net.inet.ipf.fr_pass >/dev/null 2>&1 ; then
+ err 'ipnat requires ipfilter be loaded'
+ return 1
fi
- if ! checkyesno ipfilter || [ ! -f /etc/ipf.conf ]; then
- echo "Enabling ipfilter for NAT."
- /sbin/ipf -E -Fa
- fi
- echo -n "Installing NAT rules ... "
- /usr/sbin/ipnat -F -f ${config}
+ return 0
+}
+
+ipnat_start()
+{
+ case `${CMD_OSTYPE}` in
+ FreeBSD)
+ echo -n 'Installing NAT rules ... '
+ if [ -r "${ipnat_rules}" ]; then
+ ${ipnat_program:-/sbin/ipnat} -CF -f \
+ "${ipnat_rules}" ${ipnat_flags}
+ else
+ echo -n ' NO IPNAT RULES'
+ fi
+ echo '.'
+
+ # restore filter/NAT state tables after loading the rules
+ if checkyesno ipfs_enable ; then
+ if [ -r "/var/db/ipf/ipstate.ipf" ]; then
+ echo -n ' ipfs'
+ ${ipfs_program:-/sbin/ipfs} -R ${ipfs_flags}
+ # remove files to avoid reloading old state
+ # after an ungraceful shutdown
+ rm -f /var/db/ipf/ipstate.ipf
+ rm -f /var/db/ipf/ipnat.ipf
+ fi
+ fi
+ ;;
+ NetBSD)
+ if [ ! -f ${config} ]; then
+ return 0
+ fi
+ if ! checkyesno ipfilter || [ ! -f /etc/ipf.conf ]; then
+ echo "Enabling ipfilter for NAT."
+ /sbin/ipf -E -Fa
+ fi
+ echo -n "Installing NAT rules ... "
+ /usr/sbin/ipnat -F -f ${config}
+ ;;
+ esac
}
load_rc_config $name
OpenPOWER on IntegriCloud