Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src ipfs allows state information created for NAT entries and ru...
details: https://anonhg.NetBSD.org/src/rev/2761a3e371ec
branches: trunk
changeset: 522078:2761a3e371ec
user: martti <martti%NetBSD.org@localhost>
date: Mon Feb 11 10:19:55 2002 +0000
description:
ipfs allows state information created for NAT entries and rules using
keep state to be locked (modification prevented) and then saved to disk,
allowing for the system to experience a reboot, followed by the restoration
of that information, resulting in connections not being interrupted.
To activate this feature, set ipfs=YES in /etc/rc.conf
diffstat:
distrib/sets/lists/etc/mi | 3 ++-
etc/defaults/rc.conf | 3 ++-
etc/rc.d/ipfs | 37 +++++++++++++++++++++++++++++++++++++
share/man/man5/rc.conf.5 | 15 ++++++++++++++-
4 files changed, 55 insertions(+), 3 deletions(-)
diffs (104 lines):
diff -r b7e4f8c52d76 -r 2761a3e371ec distrib/sets/lists/etc/mi
--- a/distrib/sets/lists/etc/mi Mon Feb 11 10:09:14 2002 +0000
+++ b/distrib/sets/lists/etc/mi Mon Feb 11 10:19:55 2002 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.90 2002/01/31 01:34:51 lukem Exp $
+# $NetBSD: mi,v 1.91 2002/02/11 10:20:04 martti Exp $
./.cshrc etc-util-etc
./.profile etc-util-etc
./dev/MAKEDEV.local etc-sys-etc
@@ -88,6 +88,7 @@
./etc/rc.d/ifwatchd etc-net-rc
./etc/rc.d/inetd etc-net-rc
./etc/rc.d/ipfilter etc-ipf-rc
+./etc/rc.d/ipfs etc-ipf-rc
./etc/rc.d/ipmon etc-ipf-rc
./etc/rc.d/ipnat etc-ipf-rc
./etc/rc.d/ipsec etc-net-rc
diff -r b7e4f8c52d76 -r 2761a3e371ec etc/defaults/rc.conf
--- a/etc/defaults/rc.conf Mon Feb 11 10:09:14 2002 +0000
+++ b/etc/defaults/rc.conf Mon Feb 11 10:19:55 2002 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: rc.conf,v 1.27 2002/01/21 14:33:25 lukem Exp $
+# $NetBSD: rc.conf,v 1.28 2002/02/11 10:20:01 martti Exp $
#
# /etc/defaults/rc.conf --
# default configuration of /etc/rc.conf
@@ -97,6 +97,7 @@
#
ipfilter=NO # uses /etc/ipf.conf
ipnat=NO # uses /etc/ipnat.conf
+ipfs=NO ipfs_flags="" # save/load ipnat and ipf states
ipsec=NO # uses /etc/ipsec.conf
ipmon=NO ipmon_flags="-Dns" # syslog ipfilter messages
racoon=NO # IKE daemon
diff -r b7e4f8c52d76 -r 2761a3e371ec etc/rc.d/ipfs
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/etc/rc.d/ipfs Mon Feb 11 10:19:55 2002 +0000
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+# $NetBSD: ipfs,v 1.1 2002/02/11 10:19:55 martti Exp $
+#
+
+# PROVIDE: ipfs
+# REQUIRE: ipnat mountcritremote
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name="ipfs"
+rcvar=$name
+start_cmd="ipfs_start"
+stop_cmd="ipfs_stop"
+
+ipfs_start()
+{
+ if [ -r /var/db/ipf/ipstate.ipf -a -r /var/db/ipf/ipnat.ipf ]; then
+ /usr/sbin/ipfs -R ${ipfs_flags}
+ rm -f /var/db/ipf/ipstate.ipf
+ rm -f /var/db/ipf/ipnat.ipf
+ fi
+}
+
+ipfs_stop()
+{
+ if [ ! -d /var/db/ipf ]; then
+ mkdir /var/db/ipf
+ chmod 700 /var/db/ipf
+ chown root:wheel /var/db/ipf
+ fi
+ /usr/sbin/ipfs -W ${ipfs_flags}
+}
+
+load_rc_config $name
+run_rc_command "$1"
diff -r b7e4f8c52d76 -r 2761a3e371ec share/man/man5/rc.conf.5
--- a/share/man/man5/rc.conf.5 Mon Feb 11 10:09:14 2002 +0000
+++ b/share/man/man5/rc.conf.5 Mon Feb 11 10:19:55 2002 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: rc.conf.5,v 1.51 2002/01/21 15:55:36 wiz Exp $
+.\" $NetBSD: rc.conf.5,v 1.52 2002/02/11 10:19:58 martti Exp $
.\"
.\" Copyright (c) 1996 Matthew R. Green
.\" Copyright (c) 1997 Curt J. Sampson
@@ -270,6 +270,19 @@
at network boot time, before any interfaces are configured.
See
.Xr ipnat.conf 5 .
+.It Sy ipfs
+.Sq YES
+or
+.Sq NO .
+Runs
+.Xr ipfs 8
+to save and restore information for ipnat and ipfilter state tables.
+The information is stored in
+.Pa /var/db/ipf/ipstate.ipf
+and
+.Pa /var/db/ipf/ipnat.ipf .
+Passes
+.Sy ipfs_flags .
.It Sy ipsec
.Sq YES
or
Home |
Main Index |
Thread Index |
Old Index