Use available rc.subr features.

Reduce code duplication. Follow the current style of rc.d scripting.
2005-10-02 19:17:49 +00:00 · 2005-10-02 19:17:49 +00:00 · 22124484e2
commit 22124484e2
parent d5edd47e8f
1 changed files with 16 additions and 27 deletions
--- a/etc/rc.d/pf
+++ b/etc/rc.d/pf
@ -13,19 +13,15 @@
 name="pf"
 rcvar=`set_rcvar`
 load_rc_config $name
-stop_precmd="test -f ${pf_rules}"
 start_precmd="pf_prestart"
 start_cmd="pf_start"
 stop_cmd="pf_stop"
-check_precmd="$stop_precmd"
 check_cmd="pf_check"
-reload_precmd="$stop_precmd"
 reload_cmd="pf_reload"
-resync_precmd="$stop_precmd"
 resync_cmd="pf_resync"
-status_precmd="$stop_precmd"
 status_cmd="pf_status"
 extra_commands="check reload resync status"
+required_files="$pf_rules"

 pf_prestart()
 {
@ -34,62 +30,55 @@ pf_prestart()
 		if kldload pf ; then
 			info 'pf module loaded.'
 		else
-			err 1 'pf module failed to load.'
+			warn 'pf module failed to load.'
+			return 1
 		fi
 	fi
-
-	# check for pf rules
-	if [ ! -r "${pf_rules}" ]; then
-		warn 'pf: NO PF RULESET FOUND'
-		return 1
-	fi
+	return 0
 }

 pf_start()
 {
 	echo "Enabling pf."
-	${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
-	${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
-	if ! ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
-		${pf_program:-/sbin/pfctl} -e
+	$pf_program -Fall > /dev/null 2>&1
+	$pf_program -f "$pf_rules" $pf_flags
+	if ! $pf_program -s info | grep -q "Enabled" ; then
+		$pf_program -e
 	fi
 }

 pf_stop()
 {
-	if ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
+	if $pf_program -s info | grep -q "Enabled" ; then
 		echo "Disabling pf."
-		${pf_program:-/sbin/pfctl} -d
+		$pf_program -d
 	fi
 }

 pf_check()
 {
 	echo "Checking pf rules."
-
-	${pf_program:-/sbin/pfctl} -n -f "${pf_rules}"
+	$pf_program -n -f "$pf_rules"
 }

 pf_reload()
 {
 	echo "Reloading pf rules."
-
-	${pf_program:-/sbin/pfctl} -n -f "${pf_rules}" || return 1
+	$pf_program -n -f "$pf_rules" || return 1
 	# Flush everything but existing state entries that way when
 	# rules are read in, it doesn't break established connections.
-	${pf_program:-/sbin/pfctl} -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
-	${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
+	$pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1
+	$pf_program -f "$pf_rules" $pf_flags
 }

 pf_resync()
 {
-	# Don't resync if pf is not loaded
-	kldstat -q -m pf && ${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
+	$pf_program -f "$pf_rules" $pf_flags
 }

 pf_status()
 {
-	${pf_program:-/sbin/pfctl} -si
+	$pf_program -s info
 }

 run_rc_command "$1"