1#!/bin/sh 2# 3# $FreeBSD$ 4# 5 6# PROVIDE: pf 7# REQUIRE: FILESYSTEMS netif pflog pfsync routing 8# KEYWORD: nojailvnet 9 10. /etc/rc.subr 11 12name="pf" 13desc="Packet filter" 14rcvar="pf_enable" 15load_rc_config $name 16start_cmd="pf_start" 17stop_cmd="pf_stop" 18check_cmd="pf_check" 19reload_cmd="pf_reload" 20resync_cmd="pf_resync" 21status_cmd="pf_status" 22extra_commands="check reload resync" 23required_files="$pf_rules" 24required_modules="pf" 25 26pf_start() 27{ 28 check_startmsgs && echo -n 'Enabling pf' 29 $pf_program -F all > /dev/null 2>&1 30 $pf_program -f "$pf_rules" $pf_flags 31 if ! $pf_program -s info | grep -q "Enabled" ; then 32 $pf_program -eq 33 fi 34 check_startmsgs && echo '.' 35} 36 37pf_stop() 38{ 39 if $pf_program -s info | grep -q "Enabled" ; then 40 echo -n 'Disabling pf' 41 $pf_program -dq 42 echo '.' 43 fi 44} 45 46pf_check() 47{ 48 echo "Checking pf rules." 49 $pf_program -n -f "$pf_rules" $pf_flags 50} 51 52pf_reload() 53{ 54 echo "Reloading pf rules." 55 pf_resync 56} 57 58pf_resync() 59{ 60 $pf_program -n -f "$pf_rules" $pf_flags || return 1 61 $pf_program -f "$pf_rules" $pf_flags 62} 63 64pf_status() 65{ 66 if ! [ -c /dev/pf ] ; then 67 echo "pf.ko is not loaded" 68 return 1 69 else 70 $pf_program -s info 71 $pf_program -s Running >/dev/null 72 fi 73} 74 75run_rc_command "$1" 76