Merge in patch to automagically decide whether or not a kldload of ipfilter
is required into rc.network. Person failed to use a real name so both email addresses from PR included (Sent was different to From). PR: 22998 Submitted by: dl@leo.org/spock@empire.trek.org
This commit is contained in:
parent
55ce885ee7
commit
a1ee75086a
@ -60,8 +60,21 @@ network_pass1() {
|
||||
# Establish ipfilter ruleset as early as possible (best in
|
||||
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
|
||||
#
|
||||
if /sbin/ipfstat -i > /dev/null 2>&1; then
|
||||
ipfilter_in_kernel=1
|
||||
else
|
||||
ipfilter_in_kernel=0
|
||||
fi
|
||||
|
||||
case "${ipfilter_enable}" in
|
||||
[Yy][Ee][Ss])
|
||||
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then
|
||||
ipfilter_in_kernel=1
|
||||
echo "Kernel ipfilter module loaded."
|
||||
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then
|
||||
echo "Warning: ipfilter kernel module failed to load."
|
||||
fi
|
||||
|
||||
if [ -r "${ipfilter_rules}" ]; then
|
||||
echo -n ' ipfilter';
|
||||
${ipfilter_program:-/sbin/ipf -Fa -f} \
|
||||
|
@ -60,8 +60,21 @@ network_pass1() {
|
||||
# Establish ipfilter ruleset as early as possible (best in
|
||||
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
|
||||
#
|
||||
if /sbin/ipfstat -i > /dev/null 2>&1; then
|
||||
ipfilter_in_kernel=1
|
||||
else
|
||||
ipfilter_in_kernel=0
|
||||
fi
|
||||
|
||||
case "${ipfilter_enable}" in
|
||||
[Yy][Ee][Ss])
|
||||
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then
|
||||
ipfilter_in_kernel=1
|
||||
echo "Kernel ipfilter module loaded."
|
||||
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then
|
||||
echo "Warning: ipfilter kernel module failed to load."
|
||||
fi
|
||||
|
||||
if [ -r "${ipfilter_rules}" ]; then
|
||||
echo -n ' ipfilter';
|
||||
${ipfilter_program:-/sbin/ipf -Fa -f} \
|
||||
|
@ -60,8 +60,21 @@ network_pass1() {
|
||||
# Establish ipfilter ruleset as early as possible (best in
|
||||
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
|
||||
#
|
||||
if /sbin/ipfstat -i > /dev/null 2>&1; then
|
||||
ipfilter_in_kernel=1
|
||||
else
|
||||
ipfilter_in_kernel=0
|
||||
fi
|
||||
|
||||
case "${ipfilter_enable}" in
|
||||
[Yy][Ee][Ss])
|
||||
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then
|
||||
ipfilter_in_kernel=1
|
||||
echo "Kernel ipfilter module loaded."
|
||||
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then
|
||||
echo "Warning: ipfilter kernel module failed to load."
|
||||
fi
|
||||
|
||||
if [ -r "${ipfilter_rules}" ]; then
|
||||
echo -n ' ipfilter';
|
||||
${ipfilter_program:-/sbin/ipf -Fa -f} \
|
||||
|
@ -60,8 +60,21 @@ network_pass1() {
|
||||
# Establish ipfilter ruleset as early as possible (best in
|
||||
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
|
||||
#
|
||||
if /sbin/ipfstat -i > /dev/null 2>&1; then
|
||||
ipfilter_in_kernel=1
|
||||
else
|
||||
ipfilter_in_kernel=0
|
||||
fi
|
||||
|
||||
case "${ipfilter_enable}" in
|
||||
[Yy][Ee][Ss])
|
||||
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then
|
||||
ipfilter_in_kernel=1
|
||||
echo "Kernel ipfilter module loaded."
|
||||
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then
|
||||
echo "Warning: ipfilter kernel module failed to load."
|
||||
fi
|
||||
|
||||
if [ -r "${ipfilter_rules}" ]; then
|
||||
echo -n ' ipfilter';
|
||||
${ipfilter_program:-/sbin/ipf -Fa -f} \
|
||||
|
@ -60,8 +60,21 @@ network_pass1() {
|
||||
# Establish ipfilter ruleset as early as possible (best in
|
||||
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
|
||||
#
|
||||
if /sbin/ipfstat -i > /dev/null 2>&1; then
|
||||
ipfilter_in_kernel=1
|
||||
else
|
||||
ipfilter_in_kernel=0
|
||||
fi
|
||||
|
||||
case "${ipfilter_enable}" in
|
||||
[Yy][Ee][Ss])
|
||||
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then
|
||||
ipfilter_in_kernel=1
|
||||
echo "Kernel ipfilter module loaded."
|
||||
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then
|
||||
echo "Warning: ipfilter kernel module failed to load."
|
||||
fi
|
||||
|
||||
if [ -r "${ipfilter_rules}" ]; then
|
||||
echo -n ' ipfilter';
|
||||
${ipfilter_program:-/sbin/ipf -Fa -f} \
|
||||
|
@ -60,8 +60,21 @@ network_pass1() {
|
||||
# Establish ipfilter ruleset as early as possible (best in
|
||||
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
|
||||
#
|
||||
if /sbin/ipfstat -i > /dev/null 2>&1; then
|
||||
ipfilter_in_kernel=1
|
||||
else
|
||||
ipfilter_in_kernel=0
|
||||
fi
|
||||
|
||||
case "${ipfilter_enable}" in
|
||||
[Yy][Ee][Ss])
|
||||
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then
|
||||
ipfilter_in_kernel=1
|
||||
echo "Kernel ipfilter module loaded."
|
||||
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then
|
||||
echo "Warning: ipfilter kernel module failed to load."
|
||||
fi
|
||||
|
||||
if [ -r "${ipfilter_rules}" ]; then
|
||||
echo -n ' ipfilter';
|
||||
${ipfilter_program:-/sbin/ipf -Fa -f} \
|
||||
|
@ -60,8 +60,21 @@ network_pass1() {
|
||||
# Establish ipfilter ruleset as early as possible (best in
|
||||
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file)
|
||||
#
|
||||
if /sbin/ipfstat -i > /dev/null 2>&1; then
|
||||
ipfilter_in_kernel=1
|
||||
else
|
||||
ipfilter_in_kernel=0
|
||||
fi
|
||||
|
||||
case "${ipfilter_enable}" in
|
||||
[Yy][Ee][Ss])
|
||||
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then
|
||||
ipfilter_in_kernel=1
|
||||
echo "Kernel ipfilter module loaded."
|
||||
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then
|
||||
echo "Warning: ipfilter kernel module failed to load."
|
||||
fi
|
||||
|
||||
if [ -r "${ipfilter_rules}" ]; then
|
||||
echo -n ' ipfilter';
|
||||
${ipfilter_program:-/sbin/ipf -Fa -f} \
|
||||
|
Loading…
Reference in New Issue
Block a user