From 5ca51aad69757047f23ffca2e3f2ce8323f2bd04 Mon Sep 17 00:00:00 2001
From: Doug Barton <dougb@FreeBSD.org>
Date: Fri, 26 Jun 2009 01:04:50 +0000
Subject: [PATCH] Reverse the effect of r193198 for pf and ipfw which will once
 again allow them to start after netif. There were too many problems reported
 with this change in the short period of time that it lived in HEAD, and we
 are too late in the release cycle to properly shake it out.

IMO the issue of having the firewalls up before the network is still a
valid concern, particularly for pf whose default state is wide open.
However properly solving this issue is going to take some investment
on the part of the people who actually use those tools.

This is not a strict reversion of all the changes for r193198 since it
also included some simplification of the BEFORE/REQUIRE logic which is
still valid for ipfilter and ip6fw.
---
 etc/rc.d/NETWORKING | 2 +-
 etc/rc.d/ipfw       | 2 +-
 etc/rc.d/netif      | 2 +-
 etc/rc.d/pf         | 2 +-
 etc/rc.d/pflog      | 2 +-
 etc/rc.d/pfsync     | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/etc/rc.d/NETWORKING b/etc/rc.d/NETWORKING
index a67501b007a7..c72fe0c0267a 100755
--- a/etc/rc.d/NETWORKING
+++ b/etc/rc.d/NETWORKING
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: NETWORKING NETWORK
-# REQUIRE: netif netoptions routing network_ipv6 ppp
+# REQUIRE: netif netoptions routing network_ipv6 ppp ipfw
 # REQUIRE: defaultroute routed mrouted route6d mroute6d resolv
 
 #	This is a dummy dependency, for services which require networking
diff --git a/etc/rc.d/ipfw b/etc/rc.d/ipfw
index 43956e42ab94..872f2787ab3e 100755
--- a/etc/rc.d/ipfw
+++ b/etc/rc.d/ipfw
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: ipfw
-# REQUIRE: FILESYSTEMS
+# REQUIRE: ppp
 # KEYWORD: nojail
 
 . /etc/rc.subr
diff --git a/etc/rc.d/netif b/etc/rc.d/netif
index 7d630c5a8ab8..7d79745c91d1 100755
--- a/etc/rc.d/netif
+++ b/etc/rc.d/netif
@@ -27,7 +27,7 @@
 
 # PROVIDE: netif
 # REQUIRE: atm1 cleanvar FILESYSTEMS serial sppp sysctl
-# REQUIRE: ipfilter ipfs pf ipfw
+# REQUIRE: ipfilter ipfs
 # KEYWORD: nojail
 
 . /etc/rc.subr
diff --git a/etc/rc.d/pf b/etc/rc.d/pf
index 21ce825d7c34..f1044a36882e 100755
--- a/etc/rc.d/pf
+++ b/etc/rc.d/pf
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: pf
-# REQUIRE: FILESYSTEMS pflog pfsync
+# REQUIRE: FILESYSTEMS netif pflog pfsync
 # BEFORE:  routing
 # KEYWORD: nojail
 
diff --git a/etc/rc.d/pflog b/etc/rc.d/pflog
index b6398a1fd55a..001ad38de2cf 100755
--- a/etc/rc.d/pflog
+++ b/etc/rc.d/pflog
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: pflog
-# REQUIRE: FILESYSTEMS cleanvar
+# REQUIRE: FILESYSTEMS netif cleanvar
 # KEYWORD: nojail
 
 . /etc/rc.subr
diff --git a/etc/rc.d/pfsync b/etc/rc.d/pfsync
index ba861541ee1c..8be89282d120 100755
--- a/etc/rc.d/pfsync
+++ b/etc/rc.d/pfsync
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: pfsync
-# REQUIRE: FILESYSTEMS
+# REQUIRE: FILESYSTEMS netif
 # KEYWORD: nojail
 
 . /etc/rc.subr