small addition to /etc/rc.d/ipfw
Maksim Yevmenkin
maksim.yevmenkin at gmail.com
Tue Jan 26 00:15:14 UTC 2010
hello,
would anyone object to the attached path to /etc/rc.d/ipfw?
the idea is to introduce new "firewall_coscripts" variable that
contains the list of rc scripts that would be started/stopped via post
start and post stop hooks. unless i'm missing something it also should
be possible to just get rid of call to /etc/rc.d/natd directly and
simply stuff /etc/rc.d/natd into "firewall_coscripts" by default (via
defaults/rc.conf). the latter, however, is not implemented in the
patch.
thanks,
max
-------------- next part --------------
Index: ipfw
===================================================================
--- ipfw (revision 202988)
+++ ipfw (working copy)
@@ -14,7 +14,9 @@
rcvar="firewall_enable"
start_cmd="ipfw_start"
start_precmd="ipfw_prestart"
+start_postcmd="ipfw_poststart"
stop_cmd="ipfw_stop"
+stop_postcmd="ipfw_poststop"
required_modules="ipfw"
set_rcvar_obsolete ipv6_firewall_enable
@@ -73,6 +75,19 @@
fi
}
+ipfw_poststart()
+{
+ local _coscript
+
+ if [ -n "${firewall_coscripts}" ]; then
+ for _coscript in ${firewall_coscripts} ; do
+ if [ -f "${_coscript}" ]; then
+ ${_coscript} quietstart
+ fi
+ done
+ fi
+}
+
ipfw_stop()
{
# Disable the firewall
@@ -86,5 +101,18 @@
fi
}
+ipfw_poststop()
+{
+ local _coscript
+
+ if [ -n "${firewall_coscripts}" ]; then
+ for _coscript in `reverse_list ${firewall_coscripts}` ; do
+ if [ -f "${_coscript}" ]; then
+ ${_coscript} quietstop
+ fi
+ done
+ fi
+}
+
load_rc_config $name
run_rc_command $*
More information about the freebsd-rc
mailing list