HardenedBSD/etc/rc.d/ipnat
Doug Barton a3f6188b53 Make the pf and ipfw firewalls start before netif, just like ipfilter
already does. This eliminates a logical inconsistency, and a small
window where the system is open after the network comes up.
2009-06-01 05:35:03 +00:00

29 lines
476 B
Bash
Executable File

#!/bin/sh
#
# $FreeBSD$
#
# PROVIDE: ipnat
# REQUIRE: ipfilter
# KEYWORD: nojail
. /etc/rc.subr
name="ipnat"
rcvar=`set_rcvar`
load_rc_config $name
start_cmd="ipnat_start"
stop_cmd="${ipnat_program} -F -C"
reload_cmd="${ipnat_program} -F -C -f ${ipnat_rules}"
extra_commands="reload"
required_files="${ipnat_rules}"
required_modules="ipl:ipfilter"
ipnat_start()
{
echo "Installing NAT rules."
${ipnat_program} -CF -f ${ipnat_rules} ${ipnat_flags}
}
run_rc_command "$1"