From 61e7e50da95b5f761c4e81694115cb1b46303bea Mon Sep 17 00:00:00 2001
From: Marcelo Araujo <araujo@FreeBSD.org>
Date: Thu, 22 Feb 2018 08:25:39 +0000
Subject: [PATCH] The firewall_type is ignored if not set in rc.conf or
 rc.conf.local, after r190575 there is an option to call rc.firewall with the
 firewall_type passed in as an argument.

Submitted by:	David P. Discher <dpd@dpdtech.com>
MFC after:	3 weeks.
Sponsored by:	iXsystems Inc.
Differential Revision:	https://reviews.freebsd.org/D14286
---
 etc/rc.d/ipfw   |  6 +++++-
 etc/rc.firewall | 12 ++++++++++--
 2 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/etc/rc.d/ipfw b/etc/rc.d/ipfw
index b9417f6679db..1f1e5d20bf43 100755
--- a/etc/rc.d/ipfw
+++ b/etc/rc.d/ipfw
@@ -40,7 +40,11 @@ ipfw_start()
 {
 	local   _firewall_type
 
-	_firewall_type=$1
+	if [ -n "${1}" ]; then
+		_firewall_type=$1
+	else
+		_firewall_type=${firewall_type}
+	fi
 
 	# set the firewall rules script if none was specified
 	[ -z "${firewall_script}" ] && firewall_script=/etc/rc.firewall
diff --git a/etc/rc.firewall b/etc/rc.firewall
index c936da69cdcf..8389d76c5cc6 100644
--- a/etc/rc.firewall
+++ b/etc/rc.firewall
@@ -112,12 +112,20 @@ setup_ipv6_mandatory() {
 	${fwcmd} add pass ipv6-icmp from any to any icmp6types 2,135,136
 }
 
+. /etc/rc.subr
+. /etc/network.subr
+
 if [ -n "${1}" ]; then
 	firewall_type="${1}"
 fi
+if [ -z "${firewall_rc_config_load}" ]; then
+        load_rc_config ipfw
+else
+        for i in ${firewall_rc_config_load}; do
+                load_rc_config $i
+        done
+fi
 
-. /etc/rc.subr
-. /etc/network.subr
 afexists inet6
 ipv6_available=$?