diff options
| -rw-r--r-- | etc/network.subr | 27 | ||||
| -rw-r--r-- | etc/rc.d/netoptions | 27 | ||||
| -rw-r--r-- | etc/rc.d/network1 | 27 | ||||
| -rw-r--r-- | etc/rc.d/network2 | 27 | ||||
| -rw-r--r-- | etc/rc.d/network3 | 27 | ||||
| -rw-r--r-- | etc/rc.d/routing | 27 | ||||
| -rw-r--r-- | etc/rc.network | 27 |
7 files changed, 112 insertions, 77 deletions
diff --git a/etc/network.subr b/etc/network.subr index 51c2926fe597..340be2832916 100644 --- a/etc/network.subr +++ b/etc/network.subr @@ -85,17 +85,6 @@ network_pass1() { ${ipmon_program:-/sbin/ipmon} ${ipmon_flags} ;; esac - case "${ipnat_enable}" in - [Yy][Ee][Ss]) - if [ -r "${ipnat_rules}" ]; then - echo -n ' ipnat'; - eval ${ipnat_program:-/sbin/ipnat -CF -f} \ - "${ipnat_rules}" ${ipnat_flags} - else - echo -n ' NO IPNAT RULES' - fi - ;; - esac case "${ipfs_enable}" in [Yy][Ee][Ss]) if [ -r "/var/db/ipf/ipstate.ipf" ]; then @@ -109,6 +98,22 @@ network_pass1() { ipfilter_enable="NO" echo -n ' NO IPF RULES' fi + esac + case "${ipnat_enable}" in + [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipnat_rules}" ]; then + echo -n ' ipnat'; + eval ${ipnat_program:-/sbin/ipnat -CF -f} \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi ;; esac diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions index 51c2926fe597..340be2832916 100644 --- a/etc/rc.d/netoptions +++ b/etc/rc.d/netoptions @@ -85,17 +85,6 @@ network_pass1() { ${ipmon_program:-/sbin/ipmon} ${ipmon_flags} ;; esac - case "${ipnat_enable}" in - [Yy][Ee][Ss]) - if [ -r "${ipnat_rules}" ]; then - echo -n ' ipnat'; - eval ${ipnat_program:-/sbin/ipnat -CF -f} \ - "${ipnat_rules}" ${ipnat_flags} - else - echo -n ' NO IPNAT RULES' - fi - ;; - esac case "${ipfs_enable}" in [Yy][Ee][Ss]) if [ -r "/var/db/ipf/ipstate.ipf" ]; then @@ -109,6 +98,22 @@ network_pass1() { ipfilter_enable="NO" echo -n ' NO IPF RULES' fi + esac + case "${ipnat_enable}" in + [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipnat_rules}" ]; then + echo -n ' ipnat'; + eval ${ipnat_program:-/sbin/ipnat -CF -f} \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi ;; esac diff --git a/etc/rc.d/network1 b/etc/rc.d/network1 index 51c2926fe597..340be2832916 100644 --- a/etc/rc.d/network1 +++ b/etc/rc.d/network1 @@ -85,17 +85,6 @@ network_pass1() { ${ipmon_program:-/sbin/ipmon} ${ipmon_flags} ;; esac - case "${ipnat_enable}" in - [Yy][Ee][Ss]) - if [ -r "${ipnat_rules}" ]; then - echo -n ' ipnat'; - eval ${ipnat_program:-/sbin/ipnat -CF -f} \ - "${ipnat_rules}" ${ipnat_flags} - else - echo -n ' NO IPNAT RULES' - fi - ;; - esac case "${ipfs_enable}" in [Yy][Ee][Ss]) if [ -r "/var/db/ipf/ipstate.ipf" ]; then @@ -109,6 +98,22 @@ network_pass1() { ipfilter_enable="NO" echo -n ' NO IPF RULES' fi + esac + case "${ipnat_enable}" in + [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipnat_rules}" ]; then + echo -n ' ipnat'; + eval ${ipnat_program:-/sbin/ipnat -CF -f} \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi ;; esac diff --git a/etc/rc.d/network2 b/etc/rc.d/network2 index 51c2926fe597..340be2832916 100644 --- a/etc/rc.d/network2 +++ b/etc/rc.d/network2 @@ -85,17 +85,6 @@ network_pass1() { ${ipmon_program:-/sbin/ipmon} ${ipmon_flags} ;; esac - case "${ipnat_enable}" in - [Yy][Ee][Ss]) - if [ -r "${ipnat_rules}" ]; then - echo -n ' ipnat'; - eval ${ipnat_program:-/sbin/ipnat -CF -f} \ - "${ipnat_rules}" ${ipnat_flags} - else - echo -n ' NO IPNAT RULES' - fi - ;; - esac case "${ipfs_enable}" in [Yy][Ee][Ss]) if [ -r "/var/db/ipf/ipstate.ipf" ]; then @@ -109,6 +98,22 @@ network_pass1() { ipfilter_enable="NO" echo -n ' NO IPF RULES' fi + esac + case "${ipnat_enable}" in + [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipnat_rules}" ]; then + echo -n ' ipnat'; + eval ${ipnat_program:-/sbin/ipnat -CF -f} \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi ;; esac diff --git a/etc/rc.d/network3 b/etc/rc.d/network3 index 51c2926fe597..340be2832916 100644 --- a/etc/rc.d/network3 +++ b/etc/rc.d/network3 @@ -85,17 +85,6 @@ network_pass1() { ${ipmon_program:-/sbin/ipmon} ${ipmon_flags} ;; esac - case "${ipnat_enable}" in - [Yy][Ee][Ss]) - if [ -r "${ipnat_rules}" ]; then - echo -n ' ipnat'; - eval ${ipnat_program:-/sbin/ipnat -CF -f} \ - "${ipnat_rules}" ${ipnat_flags} - else - echo -n ' NO IPNAT RULES' - fi - ;; - esac case "${ipfs_enable}" in [Yy][Ee][Ss]) if [ -r "/var/db/ipf/ipstate.ipf" ]; then @@ -109,6 +98,22 @@ network_pass1() { ipfilter_enable="NO" echo -n ' NO IPF RULES' fi + esac + case "${ipnat_enable}" in + [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipnat_rules}" ]; then + echo -n ' ipnat'; + eval ${ipnat_program:-/sbin/ipnat -CF -f} \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi ;; esac diff --git a/etc/rc.d/routing b/etc/rc.d/routing index 51c2926fe597..340be2832916 100644 --- a/etc/rc.d/routing +++ b/etc/rc.d/routing @@ -85,17 +85,6 @@ network_pass1() { ${ipmon_program:-/sbin/ipmon} ${ipmon_flags} ;; esac - case "${ipnat_enable}" in - [Yy][Ee][Ss]) - if [ -r "${ipnat_rules}" ]; then - echo -n ' ipnat'; - eval ${ipnat_program:-/sbin/ipnat -CF -f} \ - "${ipnat_rules}" ${ipnat_flags} - else - echo -n ' NO IPNAT RULES' - fi - ;; - esac case "${ipfs_enable}" in [Yy][Ee][Ss]) if [ -r "/var/db/ipf/ipstate.ipf" ]; then @@ -109,6 +98,22 @@ network_pass1() { ipfilter_enable="NO" echo -n ' NO IPF RULES' fi + esac + case "${ipnat_enable}" in + [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipnat_rules}" ]; then + echo -n ' ipnat'; + eval ${ipnat_program:-/sbin/ipnat -CF -f} \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi ;; esac diff --git a/etc/rc.network b/etc/rc.network index 51c2926fe597..340be2832916 100644 --- a/etc/rc.network +++ b/etc/rc.network @@ -85,17 +85,6 @@ network_pass1() { ${ipmon_program:-/sbin/ipmon} ${ipmon_flags} ;; esac - case "${ipnat_enable}" in - [Yy][Ee][Ss]) - if [ -r "${ipnat_rules}" ]; then - echo -n ' ipnat'; - eval ${ipnat_program:-/sbin/ipnat -CF -f} \ - "${ipnat_rules}" ${ipnat_flags} - else - echo -n ' NO IPNAT RULES' - fi - ;; - esac case "${ipfs_enable}" in [Yy][Ee][Ss]) if [ -r "/var/db/ipf/ipstate.ipf" ]; then @@ -109,6 +98,22 @@ network_pass1() { ipfilter_enable="NO" echo -n ' NO IPF RULES' fi + esac + case "${ipnat_enable}" in + [Yy][Ee][Ss]) + if [ "${ipfilter_in_kernel}" -eq 0 ] && kldload ipl; then + ipfilter_in_kernel=1 + echo "Kernel ipfilter module loaded." + elif [ "${ipfilter_in_kernel}" -eq 0 ]; then + echo "Warning: ipfilter kernel module failed to load." + fi + if [ -r "${ipnat_rules}" ]; then + echo -n ' ipnat'; + eval ${ipnat_program:-/sbin/ipnat -CF -f} \ + "${ipnat_rules}" ${ipnat_flags} + else + echo -n ' NO IPNAT RULES' + fi ;; esac |