diff options
| -rw-r--r-- | etc/defaults/rc.conf | 4 | ||||
| -rw-r--r-- | etc/network.subr | 9 | ||||
| -rw-r--r-- | etc/rc.d/netoptions | 9 | ||||
| -rw-r--r-- | etc/rc.d/network1 | 9 | ||||
| -rw-r--r-- | etc/rc.d/network2 | 9 | ||||
| -rw-r--r-- | etc/rc.d/network3 | 9 | ||||
| -rw-r--r-- | etc/rc.d/routing | 9 | ||||
| -rw-r--r-- | etc/rc.network | 9 | ||||
| -rw-r--r-- | etc/rc.shutdown | 11 |
9 files changed, 78 insertions, 0 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index 1c778d6cbf66..a1245d100dcb 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -73,6 +73,10 @@ ipnat_enable="NO" # Set to YES for ipnat; needs ipfilter, too! ipnat_program="/sbin/ipnat -CF -f" # program and how to specify rules file ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat ipnat_flags="" # additional flags for ipnat +ipfs_enable="NO" # Set to YES to enable saving and restoring + # of state tables at shutdown and boot +ipfs_flags="" # additional flags for ipfs +ipfs_program="/sbin/ipfs" # where the ipfs program lives ipmon_enable="NO" # Set to YES for ipmon; needs ipfilter, too! ipmon_program="/sbin/ipmon" # where the ipfilter monitor program lives ipmon_flags="-Ds" # typically "-Ds" or "-D /var/log/ipflog" diff --git a/etc/network.subr b/etc/network.subr index 8f3f5a6ad1af..51c2926fe597 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -96,6 +96,15 @@ network_pass1() { fi ;; esac + case "${ipfs_enable}" in + [Yy][Ee][Ss]) + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs'; + eval ${ipfs_program:-/sbin/ipfs -R} \ + ${ipfs_flags} + fi + ;; + esac else ipfilter_enable="NO" echo -n ' NO IPF RULES' diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions index 8f3f5a6ad1af..51c2926fe597 100644 --- a/etc/rc.d/netoptions +++ b/etc/rc.d/netoptions @@ -96,6 +96,15 @@ network_pass1() { fi ;; esac + case "${ipfs_enable}" in + [Yy][Ee][Ss]) + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs'; + eval ${ipfs_program:-/sbin/ipfs -R} \ + ${ipfs_flags} + fi + ;; + esac else ipfilter_enable="NO" echo -n ' NO IPF RULES' diff --git a/etc/rc.d/network1 b/etc/rc.d/network1 index 8f3f5a6ad1af..51c2926fe597 100644 --- a/etc/rc.d/network1 +++ b/etc/rc.d/network1 @@ -96,6 +96,15 @@ network_pass1() { fi ;; esac + case "${ipfs_enable}" in + [Yy][Ee][Ss]) + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs'; + eval ${ipfs_program:-/sbin/ipfs -R} \ + ${ipfs_flags} + fi + ;; + esac else ipfilter_enable="NO" echo -n ' NO IPF RULES' diff --git a/etc/rc.d/network2 b/etc/rc.d/network2 index 8f3f5a6ad1af..51c2926fe597 100644 --- a/etc/rc.d/network2 +++ b/etc/rc.d/network2 @@ -96,6 +96,15 @@ network_pass1() { fi ;; esac + case "${ipfs_enable}" in + [Yy][Ee][Ss]) + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs'; + eval ${ipfs_program:-/sbin/ipfs -R} \ + ${ipfs_flags} + fi + ;; + esac else ipfilter_enable="NO" echo -n ' NO IPF RULES' diff --git a/etc/rc.d/network3 b/etc/rc.d/network3 index 8f3f5a6ad1af..51c2926fe597 100644 --- a/etc/rc.d/network3 +++ b/etc/rc.d/network3 @@ -96,6 +96,15 @@ network_pass1() { fi ;; esac + case "${ipfs_enable}" in + [Yy][Ee][Ss]) + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs'; + eval ${ipfs_program:-/sbin/ipfs -R} \ + ${ipfs_flags} + fi + ;; + esac else ipfilter_enable="NO" echo -n ' NO IPF RULES' diff --git a/etc/rc.d/routing b/etc/rc.d/routing index 8f3f5a6ad1af..51c2926fe597 100644 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -96,6 +96,15 @@ network_pass1() { fi ;; esac + case "${ipfs_enable}" in + [Yy][Ee][Ss]) + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs'; + eval ${ipfs_program:-/sbin/ipfs -R} \ + ${ipfs_flags} + fi + ;; + esac else ipfilter_enable="NO" echo -n ' NO IPF RULES' diff --git a/etc/rc.network b/etc/rc.network index 8f3f5a6ad1af..51c2926fe597 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -96,6 +96,15 @@ network_pass1() { fi ;; esac + case "${ipfs_enable}" in + [Yy][Ee][Ss]) + if [ -r "/var/db/ipf/ipstate.ipf" ]; then + echo -n ' ipfs'; + eval ${ipfs_program:-/sbin/ipfs -R} \ + ${ipfs_flags} + fi + ;; + esac else ipfilter_enable="NO" echo -n ' NO IPF RULES' diff --git a/etc/rc.shutdown b/etc/rc.shutdown index 1a565c750f5c..3984f683827f 100644 --- a/etc/rc.shutdown +++ b/etc/rc.shutdown @@ -124,6 +124,17 @@ case ${local_startup} in ;; esac +# Save IP Filter state tables + +case ${ipfs_enable} in +[Yy][Ee][Ss]) + echo -n 'Saving IP Filter state tables:' + eval ${ipfs_program:-/sbin/ipfs -W} ${ipfs_flags} + ;; +esac + +echo . + # Insert other shutdown procedures here echo '.' |