mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-12-30 15:38:06 +01:00
a3f6188b53
already does. This eliminates a logical inconsistency, and a small window where the system is open after the network comes up.
57 lines
870 B
Bash
Executable File
57 lines
870 B
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: pflog
|
|
# REQUIRE: FILESYSTEMS cleanvar
|
|
# KEYWORD: nojail
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="pflog"
|
|
rcvar=`set_rcvar`
|
|
command="/sbin/pflogd"
|
|
pidfile="/var/run/pflogd.pid"
|
|
start_precmd="pflog_prestart"
|
|
stop_postcmd="pflog_poststop"
|
|
extra_commands="reload resync"
|
|
|
|
# for backward compatibility
|
|
resync_cmd="pflog_resync"
|
|
|
|
pflog_prestart()
|
|
{
|
|
load_kld pflog || return 1
|
|
|
|
# set pflog0 interface to up state
|
|
if ! ifconfig pflog0 up; then
|
|
warn 'could not bring up pflog0.'
|
|
return 1
|
|
fi
|
|
|
|
# prepare the command line for pflogd
|
|
rc_flags="-f $pflog_logfile $rc_flags"
|
|
|
|
# report we're ready to run pflogd
|
|
return 0
|
|
}
|
|
|
|
pflog_poststop()
|
|
{
|
|
if ! ifconfig pflog0 down; then
|
|
warn 'could not bring down pflog0.'
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
# for backward compatibility
|
|
pflog_resync()
|
|
{
|
|
run_rc_command reload
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|