From 505f3e0be89b99c2badc4058ab20e59267b33d64 Mon Sep 17 00:00:00 2001
From: cjc <cjc@FreeBSD.org>
Date: Tue, 19 Mar 2002 01:56:04 +0000
Subject: IPFilter may need to be re-sync'ed even if we are not filtering, but
 only doing ipnat(8). Go back to using $ipfilter_active, but turn off
 $ipfilter_active when loading ipl.ko has failed.

Submitted by:	devet@devet.org (Arjan de Vet)
MFC after:	3 days
---
 etc/network.subr | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'etc/network.subr')

diff --git a/etc/network.subr b/etc/network.subr
index 2146b90..59f5370 100644
--- a/etc/network.subr
+++ b/etc/network.subr
@@ -85,6 +85,7 @@ network_pass1() {
 			else
 				echo 'Warning: IP-filter module failed to load.'
 				# avoid further errors
+				ipfilter_active="NO"
 				ipmon_enable="NO"
 				ipfilter_enable="NO"
 				ipnat_enable="NO"
@@ -298,11 +299,12 @@ network_pass1() {
 
 	# Re-Sync ipfilter so it picks up any new network interfaces
 	#
-	case ${ipfilter_enable} in
+	case ${ipfilter_active} in
 	[Yy][Ee][Ss])
 		${ipfilter_program:-/sbin/ipf} -y ${ipfilter_flags} >/dev/null
 		;;
 	esac
+	unset ipfilter_active
 
 	# Initialize IP filtering using ipfw
 	#
-- 
cgit v1.1