mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-27 21:44:34 +01:00
8801556beb
systems are fully "ready to go". 'FILESYSTEMS' states: "This is a dummy dependency, for services which require file systems to be mounted before starting." However, we have 'var' which is was run after 'FILESYSTEMS' and can mount /var if it already isn't mounted. Furthermore, several scripts cannot use /var until 'cleanvar' has done its thing. Thus "FILESYSTEMS" hasn't really meant all critical file systems are fully usable.
34 lines
640 B
Bash
Executable File
34 lines
640 B
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: ipmon
|
|
# REQUIRE: FILESYSTEMS hostname sysctl FILESYSTEMS ipfilter
|
|
# BEFORE: SERVERS
|
|
# KEYWORD: nojail
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="ipmon"
|
|
rcvar="ipmon_enable"
|
|
command="/sbin/${name}"
|
|
start_precmd="ipmon_precmd"
|
|
|
|
ipmon_precmd()
|
|
{
|
|
# Continue only if ipfilter or ipnat is enabled and the
|
|
# ipfilter module is loaded.
|
|
#
|
|
if ! checkyesno ipfilter_enable && ! checkyesno ipnat_enable ; then
|
|
err 1 "${name} requires either ipfilter or ipnat enabled"
|
|
fi
|
|
if ! sysctl net.inet.ipf.fr_pass >/dev/null 2>&1; then
|
|
err 1 "ipfilter module is not loaded"
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|