From 6037bb20e32cb66cccbfb90fb8b5f3e984b56855 Mon Sep 17 00:00:00 2001
From: yar <yar@FreeBSD.org>
Date: Sun, 2 Oct 2005 19:17:49 +0000
Subject: Use available rc.subr features. Reduce code duplication. Follow the
 current style of rc.d scripting.

---
 etc/rc.d/pf | 43 ++++++++++++++++---------------------------
 1 file changed, 16 insertions(+), 27 deletions(-)

(limited to 'etc')

diff --git a/etc/rc.d/pf b/etc/rc.d/pf
index f2dc8c7..db1bf60 100644
--- a/etc/rc.d/pf
+++ b/etc/rc.d/pf
@@ -13,19 +13,15 @@
 name="pf"
 rcvar=`set_rcvar`
 load_rc_config $name
-stop_precmd="test -f ${pf_rules}"
 start_precmd="pf_prestart"
 start_cmd="pf_start"
 stop_cmd="pf_stop"
-check_precmd="$stop_precmd"
 check_cmd="pf_check"
-reload_precmd="$stop_precmd"
 reload_cmd="pf_reload"
-resync_precmd="$stop_precmd"
 resync_cmd="pf_resync"
-status_precmd="$stop_precmd"
 status_cmd="pf_status"
 extra_commands="check reload resync status"
+required_files="$pf_rules"
 
 pf_prestart()
 {
@@ -34,62 +30,55 @@ pf_prestart()
 		if kldload pf ; then
 			info 'pf module loaded.'
 		else
-			err 1 'pf module failed to load.'
+			warn 'pf module failed to load.'
+			return 1
 		fi
 	fi
-
-	# check for pf rules
-	if [ ! -r "${pf_rules}" ]; then
-		warn 'pf: NO PF RULESET FOUND'
-		return 1
-	fi
+	return 0
 }
 
 pf_start()
 {
 	echo "Enabling pf."
-	${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
-	${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
-	if ! ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
-		${pf_program:-/sbin/pfctl} -e
+	$pf_program -Fall > /dev/null 2>&1
+	$pf_program -f "$pf_rules" $pf_flags
+	if ! $pf_program -s info | grep -q "Enabled" ; then
+		$pf_program -e
 	fi
 }
 
 pf_stop()
 {
-	if ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
+	if $pf_program -s info | grep -q "Enabled" ; then
 		echo "Disabling pf."
-		${pf_program:-/sbin/pfctl} -d
+		$pf_program -d
 	fi
 }
 
 pf_check()
 {
 	echo "Checking pf rules."
-
-	${pf_program:-/sbin/pfctl} -n -f "${pf_rules}"
+	$pf_program -n -f "$pf_rules"
 }
 
 pf_reload()
 {
 	echo "Reloading pf rules."
-
-	${pf_program:-/sbin/pfctl} -n -f "${pf_rules}" || return 1
+	$pf_program -n -f "$pf_rules" || return 1
 	# Flush everything but existing state entries that way when
 	# rules are read in, it doesn't break established connections.
-	${pf_program:-/sbin/pfctl} -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
-	${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
+	$pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
+	$pf_program -f "$pf_rules" $pf_flags
 }
 
 pf_resync()
 {
-	# Don't resync if pf is not loaded
-	kldstat -q -m pf && ${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
+	$pf_program -f "$pf_rules" $pf_flags
 }
 
 pf_status()
 {
-	${pf_program:-/sbin/pfctl} -si
+	$pf_program -s info
 }
 
 run_rc_command "$1"
-- 
cgit v1.1