CVS commit: src/etc

Mon, 21 Nov 2011 12:56:32 -0800 

Module Name:    src
Committed By:   darcy
Date:           Mon Nov 21 20:56:21 UTC 2011

Modified Files:
        src/etc/defaults: rc.conf
        src/etc/rc.d: pf

Log Message:
Allow pf flags to be specified in rc.conf.
Add default to defaults/rc.d as suggested by lukem@


To generate a diff of this commit:
cvs rdiff -u -r1.115 -r1.116 src/etc/defaults/rc.conf
cvs rdiff -u -r1.9 -r1.10 src/etc/rc.d/pf

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/etc/defaults/rc.conf
diff -u src/etc/defaults/rc.conf:1.115 src/etc/defaults/rc.conf:1.116
--- src/etc/defaults/rc.conf:1.115	Tue Sep  6 21:32:29 2011
+++ src/etc/defaults/rc.conf	Mon Nov 21 20:56:21 2011
@@ -1,4 +1,4 @@
-#	$NetBSD: rc.conf,v 1.115 2011/09/06 21:32:29 riz Exp $
+#	$NetBSD: rc.conf,v 1.116 2011/11/21 20:56:21 darcy Exp $
 #
 # /etc/defaults/rc.conf --
 #	default configuration of /etc/rc.conf
@@ -167,7 +167,7 @@ ipnat=NO					# uses /etc/ipnat.conf
 ipfs=NO			ipfs_flags=""		# save/load ipnat and ipf states
 ipsec=NO					# uses /etc/ipsec.conf
 ipmon=NO		ipmon_flags="-Dns"	# syslog ipfilter messages
-pf=NO			pf_rules="/etc/pf.conf"
+pf=NO			pf_rules="/etc/pf.conf" pf_flags=""
 pflogd=NO
 ftp_proxy=NO
 racoon=NO					# IKE daemon

Index: src/etc/rc.d/pf
diff -u src/etc/rc.d/pf:1.9 src/etc/rc.d/pf:1.10
--- src/etc/rc.d/pf:1.9	Sat Nov 22 20:23:33 2008
+++ src/etc/rc.d/pf	Mon Nov 21 20:56:21 2011
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: pf,v 1.9 2008/11/22 20:23:33 tsutsui Exp $
+# $NetBSD: pf,v 1.10 2011/11/21 20:56:21 darcy Exp $
 #
 
 # PROVIDE: pf
@@ -35,11 +35,11 @@ pf_start()
 
 	# The pf_boot script has enabled pf already.
 	if [ "$autoboot" != yes ]; then
-		/sbin/pfctl -q -e 
+		/sbin/pfctl -q ${pf_flags} -e 
 	fi
 
 	if [ -f ${pf_rules} ]; then
-		/sbin/pfctl -q -f ${pf_rules}
+		/sbin/pfctl -q ${pf_flags} -f ${pf_rules}
 	else
 		warn "${pf_rules} not found; no pf rules loaded."
 	fi
@@ -48,14 +48,14 @@ pf_start()
 pf_stop()
 {
 	echo "Disabling pf firewall."
-	/sbin/pfctl -q -Fa -d
+	/sbin/pfctl -q ${pf_flags} -Fa -d
 }
 
 pf_reload()
 {
 	echo "Reloading pf rules."
 	if [ -f ${pf_rules} ]; then
-		/sbin/pfctl -q -f ${pf_rules}
+		/sbin/pfctl -q ${pf_flags} -f ${pf_rules}
 	else
 		warn "${pf_rules} not found; no pf rules loaded."
 	fi
@@ -63,7 +63,7 @@ pf_reload()
 
 pf_status()
 {
-	/sbin/pfctl -s info
+	/sbin/pfctl ${pf_flags} -s info
 }
 
 load_rc_config $name

Reply via email to