small addition to /etc/rc.d/ipfw

[Maksim Yevmenkin]

hello,

would anyone object to the attached path to /etc/rc.d/ipfw?

the idea is to introduce new "firewall_coscripts" variable that
contains the list of rc scripts that would be started/stopped via post
start and post stop hooks. unless i'm missing something it also should
be possible to just get rid of call to /etc/rc.d/natd directly and
simply stuff /etc/rc.d/natd into "firewall_coscripts" by default (via
defaults/rc.conf). the latter, however, is not implemented in the
patch.

thanks,
max
-------------- next part --------------
Index: ipfw
===================================================================
--- ipfw	(revision 202988)
+++ ipfw	(working copy)
@@ -14,7 +14,9 @@
 rcvar="firewall_enable"
 start_cmd="ipfw_start"
 start_precmd="ipfw_prestart"
+start_postcmd="ipfw_poststart"
 stop_cmd="ipfw_stop"
+stop_postcmd="ipfw_poststop"
 required_modules="ipfw"
 
 set_rcvar_obsolete ipv6_firewall_enable
@@ -73,6 +75,19 @@
 	fi
 }
 
+ipfw_poststart()
+{
+	local	_coscript
+
+	if [ -n "${firewall_coscripts}" ]; then
+		for _coscript in ${firewall_coscripts} ; do
+			if [ -f "${_coscript}" ]; then
+				${_coscript} quietstart
+			fi
+		done
+	fi
+}
+
 ipfw_stop()
 {
 	# Disable the firewall
@@ -86,5 +101,18 @@
 	fi
 }
 
+ipfw_poststop()
+{
+	local	_coscript
+
+	if [ -n "${firewall_coscripts}" ]; then
+		for _coscript in `reverse_list ${firewall_coscripts}` ; do
+			if [ -f "${_coscript}" ]; then
+				${_coscript} quietstop
+			fi
+		done
+	fi
+}
+
 load_rc_config $name
 run_rc_command $*