svn commit: r299104 - user/ngie/detangle-rc/etc/rc.d

Garrett Cooper ngie at FreeBSD.org
Thu May 5 01:30:02 UTC 2016 

Author: ngie
Date: Thu May  5 01:30:00 2016
New Revision: 299104
URL: https://svnweb.freebsd.org/changeset/base/299104

Log:
  - Make generic FIREWALL service; make ipfilter, ipfw, and pf PROVIDE that
    functionality.
  - Conditionalize script install based on MK_{IPFILTER,IPFW,PF}. Move all
    appropriate REQUIREs as necessary -- some to BEFOREs.
  - Add more ipv6 scripts to the MK_INET6 block.

Modified:
  user/ngie/detangle-rc/etc/rc.d/Makefile
  user/ngie/detangle-rc/etc/rc.d/NETWORKING
  user/ngie/detangle-rc/etc/rc.d/ipfilter
  user/ngie/detangle-rc/etc/rc.d/ipfs
  user/ngie/detangle-rc/etc/rc.d/ipfw
  user/ngie/detangle-rc/etc/rc.d/natd
  user/ngie/detangle-rc/etc/rc.d/netif
  user/ngie/detangle-rc/etc/rc.d/netwait
  user/ngie/detangle-rc/etc/rc.d/pf
  user/ngie/detangle-rc/etc/rc.d/securelevel
  user/ngie/detangle-rc/etc/rc.d/static_ndp

Modified: user/ngie/detangle-rc/etc/rc.d/Makefile
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/Makefile	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/Makefile	Thu May  5 01:30:00 2016	(r299104)
@@ -8,6 +8,7 @@ FILESMODE=	${BINMODE}
 
 FILES=	DAEMON \
 	FILESYSTEMS \
+	FIREWALL \
 	LOGIN \
 	NETWORKING \
 	SERVERS \
@@ -44,11 +45,6 @@ FILES=	DAEMON \
 	hostid_save \
 	hostname \
 	iovctl \
-	ipfilter \
-	ipfs \
-	ipfw \
-	ipmon \
-	ipnat \
 	ipsec \
 	${_kadmind} \
 	${_kdc} \
@@ -69,7 +65,6 @@ FILES=	DAEMON \
 	mdconfig2 \
 	mountd \
 	msgs \
-	natd \
 	netif \
 	netoptions \
 	netwait \
@@ -83,9 +78,6 @@ FILES=	DAEMON \
 	nsswitch \
 	ntpdate \
 	${_opensm} \
-	pf \
-	pflog \
-	pfsync \
 	ppp \
 	pppoed \
 	pwcheck \
@@ -105,7 +97,6 @@ FILES=	DAEMON \
 	sppp \
 	statd \
 	static_arp \
-	static_ndp \
 	stf \
 	swap \
 	swaplate \
@@ -203,12 +194,29 @@ FILES+=		ip6addrctl
 FILES+=		route6d
 FILES+=		rtadvd
 FILES+=		rtsold
+FILES+=		static_ndp
 .endif
 
 .if ${MK_INETD} != "no"
 FILES+=		inetd
 .endif
 
+.if ${MK_IPFILTER} != "no"
+FILESGROUPS+=	IPFILTER
+IPFILTER+=	ipfilter
+IPFILTER+=	ipmon
+IPFILTER+=	ipnat
+IPFILTER+=	ipfs
+IPFILTERPACKAGE=	ipfilter
+.endif
+
+.if ${MK_IPFW} != "no"
+FILESGROUPS+=	IPFW
+IPFW+=		ipfw
+IPFW+=		natd
+IPFWPACKAGE=	ipfw
+.endif
+
 .if ${MK_ISCSI} != "no"
 FILES+=		iscsictl
 FILES+=		iscsid
@@ -265,7 +273,12 @@ SSHPACKAGE=	ssh
 .endif
 
 .if ${MK_PF} != "no"
-FILES+=		ftp-proxy
+FILESGROUPS+=	PF
+PF+=		ftp-proxy
+PF+=		pf
+PF+=		pflog
+PF+=		pfsync
+PFPACKAGE=	pf
 .endif
 
 .if ${MK_RCMDS} != "no"

Modified: user/ngie/detangle-rc/etc/rc.d/NETWORKING
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/NETWORKING	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/NETWORKING	Thu May  5 01:30:00 2016	(r299104)
@@ -4,9 +4,9 @@
 #
 
 # PROVIDE: NETWORKING NETWORK
-# REQUIRE: netif netwait netoptions routing ppp ipfw stf
+# REQUIRE: netif netwait netoptions routing ppp stf
 # REQUIRE: defaultroute resolv bridge
-# REQUIRE: static_arp static_ndp
+# REQUIRE: static_arp
 
 #	This is a dummy dependency, for services which require networking
 #	to be operational before starting.

Modified: user/ngie/detangle-rc/etc/rc.d/ipfilter
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/ipfilter	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/ipfilter	Thu May  5 01:30:00 2016	(r299104)
@@ -3,8 +3,9 @@
 # $FreeBSD$
 #
 
-# PROVIDE: ipfilter
+# PROVIDE: ipfilter FIREWALL
 # REQUIRE: FILESYSTEMS
+# BEFORE: netif
 # KEYWORD: nojail
 
 . /etc/rc.subr

Modified: user/ngie/detangle-rc/etc/rc.d/ipfs
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/ipfs	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/ipfs	Thu May  5 01:30:00 2016	(r299104)
@@ -5,6 +5,7 @@
 
 # PROVIDE: ipfs
 # REQUIRE: ipnat
+# BEFORE: netif
 # KEYWORD: nojail shutdown
 
 . /etc/rc.subr

Modified: user/ngie/detangle-rc/etc/rc.d/ipfw
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/ipfw	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/ipfw	Thu May  5 01:30:00 2016	(r299104)
@@ -3,8 +3,9 @@
 # $FreeBSD$
 #
 
-# PROVIDE: ipfw
+# PROVIDE: ipfw FIREWALL
 # REQUIRE: ppp
+# BEFORE: NETWORKING
 # KEYWORD: nojailvnet
 
 . /etc/rc.subr

Modified: user/ngie/detangle-rc/etc/rc.d/natd
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/natd	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/natd	Thu May  5 01:30:00 2016	(r299104)
@@ -4,6 +4,7 @@
 #
 
 # PROVIDE: natd
+# REQUIRE: ipfw
 # KEYWORD: nostart nojail
 
 . /etc/rc.subr

Modified: user/ngie/detangle-rc/etc/rc.d/netif
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/netif	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/netif	Thu May  5 01:30:00 2016	(r299104)
@@ -27,7 +27,7 @@
 
 # PROVIDE: netif
 # REQUIRE: FILESYSTEMS iovctl serial sppp sysctl
-# REQUIRE: hostid ipfilter ipfs
+# REQUIRE: hostid
 # KEYWORD: nojailvnet
 
 . /etc/rc.subr

Modified: user/ngie/detangle-rc/etc/rc.d/netwait
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/netwait	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/netwait	Thu May  5 01:30:00 2016	(r299104)
@@ -3,7 +3,7 @@
 # $FreeBSD$
 #
 # PROVIDE: netwait
-# REQUIRE: devd ipfilter ipfw pf routing
+# REQUIRE: devd FIREWALL routing
 # KEYWORD: nojail
 #
 # The netwait script helps handle two situations:

Modified: user/ngie/detangle-rc/etc/rc.d/pf
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/pf	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/pf	Thu May  5 01:30:00 2016	(r299104)
@@ -3,7 +3,7 @@
 # $FreeBSD$
 #
 
-# PROVIDE: pf
+# PROVIDE: pf FIREWALL
 # REQUIRE: FILESYSTEMS netif pflog pfsync
 # BEFORE:  routing
 # KEYWORD: nojail

Modified: user/ngie/detangle-rc/etc/rc.d/securelevel
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/securelevel	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/securelevel	Thu May  5 01:30:00 2016	(r299104)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: securelevel
-# REQUIRE: adjkerntz ipfw ipfilter pf
+# REQUIRE: adjkerntz FIREWALL
 
 . /etc/rc.subr
 

Modified: user/ngie/detangle-rc/etc/rc.d/static_ndp
==============================================================================
--- user/ngie/detangle-rc/etc/rc.d/static_ndp	Thu May  5 01:29:53 2016	(r299103)
+++ user/ngie/detangle-rc/etc/rc.d/static_ndp	Thu May  5 01:30:00 2016	(r299104)
@@ -31,6 +31,7 @@
 
 # PROVIDE: static_ndp
 # REQUIRE: netif
+# BEFORE: NETWORKING
 # KEYWORD: nojail
 
 . /etc/rc.subr

More information about the svn-src-user mailing list