[src/trunk]: src/etc Allow pf flags to be specified in rc.conf.

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/etc Allow pf flags to be specified in rc.conf.
From: darcy <darcy%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 21:40:47 +0000

details:   https://anonhg.NetBSD.org/src/rev/4e2388a30e71
branches:  trunk
changeset: 771466:4e2388a30e71
user:      darcy <darcy%NetBSD.org@localhost>
date:      Mon Nov 21 20:56:21 2011 +0000

description:
Allow pf flags to be specified in rc.conf.
Add default to defaults/rc.d as suggested by lukem@

diffstat:

 etc/defaults/rc.conf |   4 ++--
 etc/rc.d/pf          |  12 ++++++------
 2 files changed, 8 insertions(+), 8 deletions(-)

diffs (69 lines):

diff -r 44061bd09243 -r 4e2388a30e71 etc/defaults/rc.conf
--- a/etc/defaults/rc.conf      Mon Nov 21 19:50:37 2011 +0000
+++ b/etc/defaults/rc.conf      Mon Nov 21 20:56:21 2011 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: rc.conf,v 1.115 2011/09/06 21:32:29 riz Exp $
+#      $NetBSD: rc.conf,v 1.116 2011/11/21 20:56:21 darcy Exp $
 #
 # /etc/defaults/rc.conf --
 #      default configuration of /etc/rc.conf
@@ -167,7 +167,7 @@
 ipfs=NO                        ipfs_flags=""           # save/load ipnat and ipf states
 ipsec=NO                                       # uses /etc/ipsec.conf
 ipmon=NO               ipmon_flags="-Dns"      # syslog ipfilter messages
-pf=NO                  pf_rules="/etc/pf.conf"
+pf=NO                  pf_rules="/etc/pf.conf" pf_flags=""
 pflogd=NO
 ftp_proxy=NO
 racoon=NO                                      # IKE daemon
diff -r 44061bd09243 -r 4e2388a30e71 etc/rc.d/pf
--- a/etc/rc.d/pf       Mon Nov 21 19:50:37 2011 +0000
+++ b/etc/rc.d/pf       Mon Nov 21 20:56:21 2011 +0000
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: pf,v 1.9 2008/11/22 20:23:33 tsutsui Exp $
+# $NetBSD: pf,v 1.10 2011/11/21 20:56:21 darcy Exp $
 #
 
 # PROVIDE: pf
@@ -35,11 +35,11 @@
 
        # The pf_boot script has enabled pf already.
        if [ "$autoboot" != yes ]; then
-               /sbin/pfctl -q -e 
+               /sbin/pfctl -q ${pf_flags} -e 
        fi
 
        if [ -f ${pf_rules} ]; then
-               /sbin/pfctl -q -f ${pf_rules}
+               /sbin/pfctl -q ${pf_flags} -f ${pf_rules}
        else
                warn "${pf_rules} not found; no pf rules loaded."
        fi
@@ -48,14 +48,14 @@
 pf_stop()
 {
        echo "Disabling pf firewall."
-       /sbin/pfctl -q -Fa -d
+       /sbin/pfctl -q ${pf_flags} -Fa -d
 }
 
 pf_reload()
 {
        echo "Reloading pf rules."
        if [ -f ${pf_rules} ]; then
-               /sbin/pfctl -q -f ${pf_rules}
+               /sbin/pfctl -q ${pf_flags} -f ${pf_rules}
        else
                warn "${pf_rules} not found; no pf rules loaded."
        fi
@@ -63,7 +63,7 @@
 
 pf_status()
 {
-       /sbin/pfctl -s info
+       /sbin/pfctl ${pf_flags} -s info
 }
 
 load_rc_config $name

Prev by Date: [src/trunk]: src/external/cddl/osnet make this compile again. VOP_CLOSE is re...
Next by Date: [src/trunk]: src/sys/arch/alpha/alpha - don't clear the flags twice in the loop
Previous by Thread: [src/trunk]: src/external/cddl/osnet make this compile again. VOP_CLOSE is re...
Next by Thread: [src/trunk]: src/sys/arch/alpha/alpha - don't clear the flags twice in the loop
Indexes:

Home | Main Index | Thread Index | Old Index