Allow the user to specify a different firewall script than /etc/rc.firewall.

svn path=/head/; revision=45542
1999-04-10 10:56:58 +00:00 · 1999-04-10 10:56:58 +00:00 · 3e297f8d95 · 2020-12-20 02:59:44 +00:00
commit 3e297f8d95
parent 09c1cbfe92
8 changed files with 44 additions and 22 deletions
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@ -9,7 +9,7 @@
 #
 # All arguments must be in double or single quotes.
 #
-#	$Id: rc.conf,v 1.6 1999/03/28 20:36:03 imp Exp $
+#	$Id: rc.conf,v 1.7 1999/04/02 07:15:44 grog Exp $

 ##############################################################
 ### Important initial Boot-time options  #####################
@ -32,6 +32,7 @@ rc_conf_files="/etc/rc.conf /etc/rc.conf.local"
 hostname="myname.my.domain"	# Set this!
 nisdomainname="NO"		# Set to NIS domain if using NIS (or NO).
 firewall_enable="NO"		# Set to YES to enable firewall functionality
+firewall_script="/etc/rc.firewall" # Which script to run to set up the firewall
 firewall_type="UNKNOWN"		# Firewall type (see /etc/rc.firewall)
 firewall_quiet="NO"		# Set to YES to suppress rule display
 natd_program="/sbin/natd"	# path to natd, if you want a different one.
--- a/etc/network.subr
+++ b/etc/network.subr
@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $
+#	$Id: rc.network,v 1.42 1999/03/28 20:36:03 imp Exp $
 #	From: @(#)netstart	5.9 (Berkeley) 3/30/91

 # Note that almost all the user-configurable behavior is no longer in
@ -100,8 +100,11 @@ network_pass1() {

    # Load the filters if required
    if [ $firewall_in_kernel = 1 ]; then
-	if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then
-	    . /etc/rc.firewall
+	if [ -z "${firewall_script}" ] ; then
+	    firewall_script="/etc/rc.firewall"
+	fi
+	if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then
+	    . ${firewall_script}
 	    echo -n 'Firewall rules loaded, starting divert daemons: '

 	    # Network Address Translation daemon
--- a/etc/rc.d/netoptions
+++ b/etc/rc.d/netoptions
@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $
+#	$Id: rc.network,v 1.42 1999/03/28 20:36:03 imp Exp $
 #	From: @(#)netstart	5.9 (Berkeley) 3/30/91

 # Note that almost all the user-configurable behavior is no longer in
@ -100,8 +100,11 @@ network_pass1() {

    # Load the filters if required
    if [ $firewall_in_kernel = 1 ]; then
-	if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then
-	    . /etc/rc.firewall
+	if [ -z "${firewall_script}" ] ; then
+	    firewall_script="/etc/rc.firewall"
+	fi
+	if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then
+	    . ${firewall_script}
 	    echo -n 'Firewall rules loaded, starting divert daemons: '

 	    # Network Address Translation daemon
--- a/etc/rc.d/network1
+++ b/etc/rc.d/network1
@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $
+#	$Id: rc.network,v 1.42 1999/03/28 20:36:03 imp Exp $
 #	From: @(#)netstart	5.9 (Berkeley) 3/30/91

 # Note that almost all the user-configurable behavior is no longer in
@ -100,8 +100,11 @@ network_pass1() {

    # Load the filters if required
    if [ $firewall_in_kernel = 1 ]; then
-	if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then
-	    . /etc/rc.firewall
+	if [ -z "${firewall_script}" ] ; then
+	    firewall_script="/etc/rc.firewall"
+	fi
+	if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then
+	    . ${firewall_script}
 	    echo -n 'Firewall rules loaded, starting divert daemons: '

 	    # Network Address Translation daemon
--- a/etc/rc.d/network2
+++ b/etc/rc.d/network2
@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $
+#	$Id: rc.network,v 1.42 1999/03/28 20:36:03 imp Exp $
 #	From: @(#)netstart	5.9 (Berkeley) 3/30/91

 # Note that almost all the user-configurable behavior is no longer in
@ -100,8 +100,11 @@ network_pass1() {

    # Load the filters if required
    if [ $firewall_in_kernel = 1 ]; then
-	if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then
-	    . /etc/rc.firewall
+	if [ -z "${firewall_script}" ] ; then
+	    firewall_script="/etc/rc.firewall"
+	fi
+	if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then
+	    . ${firewall_script}
 	    echo -n 'Firewall rules loaded, starting divert daemons: '

 	    # Network Address Translation daemon
--- a/etc/rc.d/network3
+++ b/etc/rc.d/network3
@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $
+#	$Id: rc.network,v 1.42 1999/03/28 20:36:03 imp Exp $
 #	From: @(#)netstart	5.9 (Berkeley) 3/30/91

 # Note that almost all the user-configurable behavior is no longer in
@ -100,8 +100,11 @@ network_pass1() {

    # Load the filters if required
    if [ $firewall_in_kernel = 1 ]; then
-	if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then
-	    . /etc/rc.firewall
+	if [ -z "${firewall_script}" ] ; then
+	    firewall_script="/etc/rc.firewall"
+	fi
+	if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then
+	    . ${firewall_script}
 	    echo -n 'Firewall rules loaded, starting divert daemons: '

 	    # Network Address Translation daemon
--- a/etc/rc.d/routing
+++ b/etc/rc.d/routing
@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $
+#	$Id: rc.network,v 1.42 1999/03/28 20:36:03 imp Exp $
 #	From: @(#)netstart	5.9 (Berkeley) 3/30/91

 # Note that almost all the user-configurable behavior is no longer in
@ -100,8 +100,11 @@ network_pass1() {

    # Load the filters if required
    if [ $firewall_in_kernel = 1 ]; then
-	if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then
-	    . /etc/rc.firewall
+	if [ -z "${firewall_script}" ] ; then
+	    firewall_script="/etc/rc.firewall"
+	fi
+	if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then
+	    . ${firewall_script}
 	    echo -n 'Firewall rules loaded, starting divert daemons: '

 	    # Network Address Translation daemon
--- a/etc/rc.network
+++ b/etc/rc.network
@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$Id: rc.network,v 1.41 1999/03/24 10:28:49 brian Exp $
+#	$Id: rc.network,v 1.42 1999/03/28 20:36:03 imp Exp $
 #	From: @(#)netstart	5.9 (Berkeley) 3/30/91

 # Note that almost all the user-configurable behavior is no longer in
@ -100,8 +100,11 @@ network_pass1() {

    # Load the filters if required
    if [ $firewall_in_kernel = 1 ]; then
-	if [ -f /etc/rc.firewall -a X"$firewall_enable" = X"YES" ]; then
-	    . /etc/rc.firewall
+	if [ -z "${firewall_script}" ] ; then
+	    firewall_script="/etc/rc.firewall"
+	fi
+	if [ -f ${firewall_script} -a X"$firewall_enable" = X"YES" ]; then
+	    . ${firewall_script}
 	    echo -n 'Firewall rules loaded, starting divert daemons: '

 	    # Network Address Translation daemon