blob: 51d116c264c6cb8720ebbd505b7f001dfc8ff845 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
#!/bin/sh
#
# $NetBSD: ipnat,v 1.6 2000/09/19 13:04:38 lukem Exp $
# $FreeBSD$
#
# PROVIDE: ipnat
# REQUIRE: ipfilter mountcritremote
# BEFORE: DAEMON
# KEYWORD: FreeBSD NetBSD
. /etc/rc.subr
name="ipnat"
rcvar=`set_rcvar`
case ${OSTYPE} in
FreeBSD)
IPNATDIR="/sbin"
start_precmd="ipnat_precmd"
reload_cmd="ipnat_start"
;;
NetBSD)
IPNATDIR="/usr/sbin"
config="/etc/ipnat.conf"
reload_cmd="/usr/sbin/ipnat -F -C -f ${config}"
start_precmd=
;;
esac
start_cmd="ipnat_start"
stop_cmd="${ipnat_program:-${IPNATDIR}/${name}} -F -C"
extra_commands="reload"
ipnat_precmd()
{
# Make sure ipfilter is loaded before continuing
if ! ${SYSCTL} net.inet.ipf.fr_pass >/dev/null 2>&1; then
err 1 'ipnat requires ipfilter be loaded'
fi
return 0
}
ipnat_start()
{
case ${OSTYPE} in
FreeBSD)
echo -n 'Installing NAT rules ... '
if [ -r "${ipnat_rules}" ]; then
${ipnat_program:-/sbin/ipnat} -CF -f \
"${ipnat_rules}" ${ipnat_flags}
else
echo -n ' NO IPNAT RULES'
fi
echo '.'
# restore filter/NAT state tables after loading the rules
if checkyesno ipfs_enable; then
if [ -r "/var/db/ipf/ipstate.ipf" ]; then
echo -n ' ipfs'
${ipfs_program:-/sbin/ipfs} -R ${ipfs_flags}
# remove files to avoid reloading old state
# after an ungraceful shutdown
rm -f /var/db/ipf/ipstate.ipf
rm -f /var/db/ipf/ipnat.ipf
fi
fi
;;
NetBSD)
if [ ! -f ${config} ]; then
return 0
fi
if ! checkyesno ipfilter || [ ! -f /etc/ipf.conf ]; then
echo "Enabling ipfilter for NAT."
/sbin/ipf -E -Fa
fi
echo -n "Installing NAT rules ... "
/usr/sbin/ipnat -F -f ${config}
;;
esac
}
load_rc_config $name
run_rc_command "$1"
|
