1#!/bin/sh 2# 3# $FreeBSD$ 4# 5 6# PROVIDE: pf 7# REQUIRE: FILESYSTEMS netif pflog pfsync 8# BEFORE: routing 9# KEYWORD: nojailvnet 10 11. /etc/rc.subr 12 13name="pf" 14desc="Packet filter" 15rcvar="pf_enable" 16load_rc_config $name 17start_cmd="pf_start" 18stop_cmd="pf_stop" 19check_cmd="pf_check" 20reload_cmd="pf_reload" 21resync_cmd="pf_resync" 22status_cmd="pf_status" 23extra_commands="check reload resync" 24required_files="$pf_rules" 25required_modules="pf" 26 27pf_start() 28{ 29 check_startmsgs && echo -n 'Enabling pf' 30 $pf_program -F all > /dev/null 2>&1 31 $pf_program -f "$pf_rules" $pf_flags 32 if ! $pf_program -s info | grep -q "Enabled" ; then 33 $pf_program -eq 34 fi 35 check_startmsgs && echo '.' 36} 37 38pf_stop() 39{ 40 if $pf_program -s info | grep -q "Enabled" ; then 41 echo -n 'Disabling pf' 42 $pf_program -dq 43 echo '.' 44 fi 45} 46 47pf_check() 48{ 49 echo "Checking pf rules." 50 $pf_program -n -f "$pf_rules" $pf_flags 51} 52 53pf_reload() 54{ 55 echo "Reloading pf rules." 56 pf_resync 57} 58 59pf_resync() 60{ 61 $pf_program -n -f "$pf_rules" $pf_flags || return 1 62 $pf_program -f "$pf_rules" $pf_flags 63} 64 65pf_status() 66{ 67 if ! [ -c /dev/pf ] ; then 68 echo "pf.ko is not loaded" 69 return 1 70 else 71 $pf_program -s info 72 $pf_program -s Running >/dev/null 73 fi 74} 75 76run_rc_command "$1" 77