|
Lines 48-55
Link Here
|
| 48 |
# Establish ipfilter ruleset as early as possible (best in |
48 |
# Establish ipfilter ruleset as early as possible (best in |
| 49 |
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file) |
49 |
# addition to IPFILTER_DEFAULT_BLOCK in the kernel config file) |
| 50 |
# |
50 |
# |
|
|
51 |
if /sbin/ipfstat -i > /dev/null 2>&1; then |
| 52 |
ipfilter_in_kernel=1 |
| 53 |
else |
| 54 |
ipfilter_in_kernel=0 |
| 55 |
fi |
| 56 |
|
| 51 |
case "${ipfilter_enable}" in |
57 |
case "${ipfilter_enable}" in |
| 52 |
[Yy][Ee][Ss]) |
58 |
[Yy][Ee][Ss]) |
|
|
59 |
if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then |
| 60 |
ipfilter_in_kernel=1 |
| 61 |
echo "Kernel ipfilter module loaded." |
| 62 |
elif [ "${ipfilter_in_kernel}" -eq 0 ]; then |
| 63 |
echo "Warning: ipfilter kernel module failed to load." |
| 64 |
fi |
| 65 |
|
| 53 |
if [ -r "${ipfilter_rules}" ]; then |
66 |
if [ -r "${ipfilter_rules}" ]; then |
| 54 |
echo -n ' ipfilter'; |
67 |
echo -n ' ipfilter'; |
| 55 |
${ipfilter_program:-ipf -Fa -f} "${ipfilter_rules}" ${ipfilter_flags} |
68 |
${ipfilter_program:-ipf -Fa -f} "${ipfilter_rules}" ${ipfilter_flags} |