xref: /dragonfly/etc/rc.d/pf (revision 7485684f) 
1#!/bin/sh
2#
3# $FreeBSD: src/etc/rc.d/pf,v 1.3 2004/06/23 01:42:06 mlaier Exp $
4#
5
6# PROVIDE: pf
7# REQUIRE: FILESYSTEMS netif pflog
8# BEFORE:  DAEMON
9# KEYWORD: nojail
10
11. /etc/rc.subr
12
13name="pf"
14rcvar=`set_rcvar`
15load_rc_config $name
16stop_precmd="test -f ${pf_rules}"
17start_precmd="pf_prestart"
18start_cmd="pf_start"
19stop_cmd="pf_stop"
20reload_precmd="$stop_precmd"
21reload_cmd="pf_reload"
22resync_precmd="$stop_precmd"
23resync_cmd="pf_resync"
24status_precmd="$stop_precmd"
25status_cmd="pf_status"
26extra_commands="reload resync status"
27
28pf_prestart()
29{
30	# load pf kernel module if needed
31	kldstat -qm pf || kldload -n pf || exit 1
32
33	# check for pf rules
34	if [ ! -r "${pf_rules}" ]
35	then
36		warn 'pf: NO PF RULESET FOUND'
37		return 1
38	fi
39}
40
41pf_start()
42{
43	echo "Enabling pf."
44	${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
45	if [ -r "${pf_rules}" ]; then
46		${pf_program:-/sbin/pfctl} \
47		    -f "${pf_rules}" ${pf_flags}
48	fi
49	if ! ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
50		${pf_program:-/sbin/pfctl} -e
51	fi
52}
53
54pf_stop()
55{
56	if ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
57		echo "Disabling pf."
58		${pf_program:-/sbin/pfctl} -d
59	fi
60}
61
62pf_reload()
63{
64	echo "Reloading pf rules."
65
66	${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
67	if [ -r "${pf_rules}" ]; then
68		${pf_program:-/sbin/pfctl} \
69		    -f "${pf_rules}" ${pf_flags}
70	fi
71}
72
73pf_resync()
74{
75	# Don't resync if pf is not loaded
76	if ! kldstat -q -m "pf"; then
77		 return
78	fi
79	${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
80}
81
82pf_status()
83{
84	${pf_program:-/sbin/pfctl} -si
85}
86
87run_rc_command "$1"
88