pf rc.d changes

Mark Cullen mark.cullen at dsl.pipex.com
Sun Oct 24 02:35:35 PDT 2004


The path is wrong in the rc.d/pf and rc.d/pflog scripts, and pf_program 
is wrong in /etc/defaults/rc.conf. I think I made the right changes...
--
Internet Explorer? Try FireFox at http://www.mozilla.org/products/firefox/
Outlook Express? Try ThunderBird at 
http://www.mozilla.org/products/thunderbird/
--- /etc/defaults/rc.conf	2004-10-22 18:43:50.000000000 +0100
+++ /etc/defaults/rc.conf	2004-10-24 10:26:34.000000000 +0100
@@ -88,11 +88,11 @@
 ipfs_flags=""			# additional flags for ipfs
 pf_enable="NO"			# Set to YES to enable packet filter (pf)
 pf_rules="/etc/pf.conf"		# rules definition file for pf
-pf_program="/sbin/pfctl"	# where the pfctl program lives
+pf_program="/usr/sbin/pfctl"	# where the pfctl program lives
 pf_flags=""			# additional flags for pfctl
 pflog_enable="NO"		# Set to YES to enable packet filter logging
 pflog_logfile="/var/log/pflog"	# where pflogd shoule store the logfile
-pflog_program="/sbin/pflogd"	# where the pflogd program lives
+pflog_program="/usr/sbin/pflogd"	# where the pflogd program lives
 pflog_flags=""			# additional flags for pflogd
 tcp_extensions="YES"		# Set to NO to turn off RFC1323 extensions.
 log_in_vain="0"			# >=1 to log connects to ports w/o listeners.
--- /etc/rc.d/pflog	2004-10-22 18:44:21.000000000 +0100
+++ /etc/rc.d/pflog	2004-10-24 10:23:44.000000000 +0100
@@ -41,7 +41,7 @@
 	fi
 
 	# check for pf rules
-	if [ ! -x "${pflog_program:-/sbin/pflogd}" ]
+	if [ ! -x "${pflog_program:-/usr/sbin/pflogd}" ]
 	then
 		warn 'pflog: NO PFLOGD BINARY FOUND'
 		return 1
@@ -51,7 +51,7 @@
 pflog_start()
 {
 	echo -n "Enabling pflogd"
-	if ! ${pflog_program:-/sbin/pflogd} ${pflog_flags} \
+	if ! ${pflog_program:-/usr/sbin/pflogd} ${pflog_flags} \
 	    -f ${pflog_logfile:-/var/log/pflog}; then
 		echo " failed!"
 	else
--- /etc/rc.d/pf	2004-10-22 18:44:20.000000000 +0100
+++ /etc/rc.d/pf	2004-10-24 10:14:01.000000000 +0100
@@ -48,21 +48,21 @@
 pf_start()
 {
 	echo "Enabling pf."
-	${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
+	${pf_program:-/usr/sbin/pfctl} -Fa > /dev/null 2>&1
 	if [ -r "${pf_rules}" ]; then
-		${pf_program:-/sbin/pfctl} \
+		${pf_program:-/usr/sbin/pfctl} \
 		    -f "${pf_rules}" ${pf_flags}
 	fi
-	if ! ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
-		${pf_program:-/sbin/pfctl} -e
+	if ! ${pf_program:-/usr/sbin/pfctl} -si | grep -q "Enabled" ; then
+		${pf_program:-/usr/sbin/pfctl} -e
 	fi
 }
 
 pf_stop()
 {
-	if ${pf_program:-/sbin/pfctl} -si | grep -q "Enabled" ; then
+	if ${pf_program:-/usr/sbin/pfctl} -si | grep -q "Enabled" ; then
 		echo "Disabling pf."
-		${pf_program:-/sbin/pfctl} -d
+		${pf_program:-/usr/sbin/pfctl} -d
 	fi
 }
 
@@ -70,9 +70,9 @@
 {
 	echo "Reloading pf rules."
 
-	${pf_program:-/sbin/pfctl} -Fa > /dev/null 2>&1
+	${pf_program:-/usr/sbin/pfctl} -Fa > /dev/null 2>&1
 	if [ -r "${pf_rules}" ]; then
-		${pf_program:-/sbin/pfctl} \
+		${pf_program:-/usr/sbin/pfctl} \
 		    -f "${pf_rules}" ${pf_flags}
 	fi
 }
@@ -83,12 +83,12 @@
 	if ! kldstat -v | grep -q pf\$ ; then
 		 return
 	fi
-	${pf_program:-/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
+	${pf_program:-/usr/sbin/pfctl} -f "${pf_rules}" ${pf_flags}
 }
 
 pf_status()
 {
-	${pf_program:-/sbin/pfctl} -si
+	${pf_program:-/usr/sbin/pfctl} -si
 }
 
 run_rc_command "$1"




More information about the Users mailing list