diff options
| author | Kjell Wooding <kjell@cvs.openbsd.org> | 2001-07-01 08:39:00 +0000 |
|---|---|---|
| committer | Kjell Wooding <kjell@cvs.openbsd.org> | 2001-07-01 08:39:00 +0000 |
| commit | 50a44088dcbe45123c2ff5c67a7ffeedebed0fa0 (patch) | |
| tree | 4f349f24000f30e681e4da96885126ca01f4beab /etc/rc | |
| parent | e32f8044d557930423869cc2b2523e30db658b2e (diff) | |
Initialization infrastruture for pf. Based on initial patches
by ian@, and much input and mangling from theo.
Diffstat (limited to 'etc/rc')
| -rw-r--r-- | etc/rc | 15 |
1 files changed, 14 insertions, 1 deletions
@@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.175 2001/06/27 03:34:08 hin Exp $ +# $OpenBSD: rc,v 1.176 2001/07/01 08:38:59 kjell Exp $ # System startup script run by init on autoboot # or after single-user. @@ -113,6 +113,10 @@ rm -f /fastboot # XXX (root now writeable) echo 'setting tty flags' ttyflags -a +if [ "X$pf" != X"NO" ]; then + echo "block in all\nblock out all" | pfctl -R - -e +fi + if [ -f /etc/sysctl.conf ]; then ( # delete comments and blank lines @@ -128,6 +132,15 @@ fi echo 'starting network' . /etc/netstart +if [ "X$pf" != X"NO" ]; then + if [ -f ${nat_rules} ]; then + pfctl -N ${nat_rules} + fi + if [ -f ${pf_rules} ]; then + pfctl -R ${pf_rules} + fi +fi + mount /usr >/dev/null 2>&1 mount /var >/dev/null 2>&1 |