diff options
| author | Darren Reed <darrenr@FreeBSD.org> | 2001-07-30 23:12:02 +0000 |
|---|---|---|
| committer | Darren Reed <darrenr@FreeBSD.org> | 2001-07-30 23:12:02 +0000 |
| commit | e58f4666201e7afc071824f20aff350c9c974cbc (patch) | |
| tree | d0703e840559baa9918222f2b479d94cec1eb124 /etc/network.subr | |
| parent | 0a6ca2a733b453973b33a587afec70966d3ce7f4 (diff) | |
| download | src-e58f4666201e7afc071824f20aff350c9c974cbc.tar.gz src-e58f4666201e7afc071824f20aff350c9c974cbc.zip | |
Merge in patch to automagically decide whether or not a kldload of ipfilter
is required into rc.network.
Person failed to use a real name so both email addresses from PR included
(Sent was different to From).
PR: 22998
Submitted by: dl@leo.org/spock@empire.trek.org
Notes
Notes:
svn path=/head/; revision=80683
Diffstat (limited to 'etc/network.subr')
| -rw-r--r-- | etc/network.subr | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/etc/network.subr b/etc/network.subr index 86db5eaa22fe..9d868af8916a 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -60,8 +60,21 @@ network_pass1() { # Establish ipfilter ruleset as early as possible (best in # addition to IPFILTER_DEFAULT_BLOCK in the kernel config file) # + if /sbin/ipfstat -i > /dev/null 2>&1; then + ipfilter_in_kernel=1 + else + ipfilter_in_kernel=0 + fi + case "${ipfilter_enable}" in [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipfilter_rules}" ]; then echo -n ' ipfilter'; ${ipfilter_program:-/sbin/ipf -Fa -f} \ |