From 9dd0c210ecfd0edfa9cd114b1873ec8332bab26d Mon Sep 17 00:00:00 2001
From: mtm <mtm@FreeBSD.org>
Date: Sun, 27 Jan 2008 15:15:12 +0000
Subject: [PATCH] Add a dummynet_enable knob to go with firewall_enable. If
 this knob is enabled dummynet(4) is added to the list of required modules.

Discussed on:	#freebsd-bugbusters (rwatson, trhodes)
PR:		conf/79196
MFC after:	1 week
---
 etc/defaults/rc.conf     |  1 +
 etc/rc.d/ipfw            |  8 ++++++++
 share/man/man5/rc.conf.5 | 13 ++++++++++++-
 3 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index f6f2267a16cf..195facdcc395 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -122,6 +122,7 @@ firewall_nologports="135-139,445 1026,1027 1433,1434" # List of TCP/UDP ports
 firewall_nat_enable="NO"	# Enable kernel NAT (if firewall_enable == YES)
 firewall_nat_interface=""	# Public interface or IPaddress to use
 firewall_nat_flags=""		# Additional configuration parameters
+dummynet_enable="NO"		# Load the dummynet(4) module
 ip_portrange_first="NO"		# Set first dynamically allocated port
 ip_portrange_last="NO"		# Set last dynamically allocated port
 ike_enable="NO"			# Enable IKE daemon (usually racoon or isakmpd)
diff --git a/etc/rc.d/ipfw b/etc/rc.d/ipfw
index 115d85aeb7f5..0af77d8076ee 100644
--- a/etc/rc.d/ipfw
+++ b/etc/rc.d/ipfw
@@ -14,9 +14,17 @@
 name="ipfw"
 rcvar="firewall_enable"
 start_cmd="ipfw_start"
+start_precmd="ipfw_prestart"
 stop_cmd="ipfw_stop"
 required_modules="ipfw"
 
+ipfw_prestart()
+{
+	if checkyesno dummynet_enable; then
+		required_modules="$required_modules dummynet"
+	fi
+}
+
 ipfw_start()
 {
 	# set the firewall rules script if none was specified
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index 83143446f966..af6506bdc138 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd January 23, 2008
+.Dd January 27, 2008
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -509,6 +509,16 @@ kernel NAT should run.
 .It Va firewall_nat_flags
 .Pq Vt str
 Additional configuration parameters for kernel NAT should be placed here.
+.It Va dummynet_enable
+.Pq Vt bool
+Setting this to
+.Dq Li YES
+will automatically load the
+.Xr dummynet 4
+module if
+.Va firewall_enable
+is also set to
+.Dq Li YES .
 .\" -------------------------------------------------------------------
 .It Va natd_program
 .Pq Vt str
@@ -3846,6 +3856,7 @@ enable support for sound mixer.
 .Xr vi 1 ,
 .Xr vidcontrol 1 ,
 .Xr bridge 4 ,
+.Xr dummynet 4 ,
 .Xr ip 4 ,
 .Xr ipf 4 ,
 .Xr ipfw 4 ,