1#!/bin/sh
2#
3# $NetBSD: pf,v 1.14 2020/09/08 12:52:18 martin Exp $
4#
5
6# PROVIDE: pf
7# REQUIRE: root bootconf CRITLOCALMOUNTED tty network dhcpcd
8# BEFORE: NETWORKING
9
10$_rc_subr_loaded . /etc/rc.subr
11
12name="pf"
13rcvar=$name
14start_precmd="pf_prestart"
15start_cmd="pf_start"
16stop_cmd="pf_stop"
17reload_cmd="pf_reload"
18status_cmd="pf_status"
19extra_commands="reload status"
20
21pf_prestart()
22{
23          if [ ! -f ${pf_rules} ]; then
24                    warn "${pf_rules} not readable; pf start aborted."
25
26                    stop_boot
27                    return 1
28          fi
29          return 0
30}
31
32pf_start()
33{
34          echo "Enabling pf firewall."
35
36          # The pf_boot script has enabled pf already.
37          if [ "$autoboot" != yes ]; then
38                    /sbin/pfctl -q ${pf_flags} -e
39          fi
40
41          if [ -f ${pf_rules} ]; then
42                    /sbin/pfctl -q ${pf_flags} -f ${pf_rules}
43          else
44                    warn "${pf_rules} not found; no pf rules loaded."
45          fi
46}
47
48pf_stop()
49{
50          echo "Disabling pf firewall."
51          /sbin/pfctl -q ${pf_flags} -Fa -d
52}
53
54pf_reload()
55{
56          echo "Reloading pf rules."
57          if [ -f ${pf_rules} ]; then
58                    /sbin/pfctl -q ${pf_flags} -f ${pf_rules}
59          else
60                    warn "${pf_rules} not found; no pf rules loaded."
61          fi
62}
63
64pf_status()
65{
66          /sbin/pfctl ${pf_flags} -s info
67}
68
69load_rc_config $name
70run_rc_command "$1"
71