Browse Source

start pflogd in a different place; do not block NFS in diskless situations; danh & cedric@wireless-networks.com

OPENBSD_3_0
deraadt 23 years ago
parent
commit
516864a153
1 changed files with 15 additions and 7 deletions
  1. +15
    -7
      src/etc/rc

+ 15
- 7
src/etc/rc View File

@ -1,4 +1,4 @@
# $OpenBSD: rc,v 1.183 2001/09/19 16:27:47 todd Exp $
# $OpenBSD: rc,v 1.184 2001/09/21 05:51:13 deraadt Exp $
# System startup script run by init on autoboot # System startup script run by init on autoboot
# or after single-user. # or after single-user.
@ -117,7 +117,15 @@ echo 'setting tty flags'
ttyflags -a ttyflags -a
if [ "X$pf" != X"NO" ]; then if [ "X$pf" != X"NO" ]; then
echo "block in all\nblock out all" | pfctl -R - -e
RULES="block in all\nblock out all"
case `sysctl vfs.mounts.nfs` in
*[1-9]*)
# don't kill NFS
RULES="$RULES\npass in proto udp from any port { 111, 2049 } to any"
RULES="$RULES\npass out proto udp from any to any port { 111, 2049 }"
;;
esac
echo $RULES | pfctl -R - -e
fi fi
if [ -f /etc/sysctl.conf ]; then if [ -f /etc/sysctl.conf ]; then
@ -147,11 +155,6 @@ fi
mount /usr >/dev/null 2>&1 mount /usr >/dev/null 2>&1
mount /var >/dev/null 2>&1 mount /var >/dev/null 2>&1
if [ "X$pf" != X"NO" ]; then
ifconfig pflog0 up
pflogd ${pflogd_flags}
fi
# if there's no /var/db/host.random, make one through /dev/urandom # if there's no /var/db/host.random, make one through /dev/urandom
if [ ! -f /var/db/host.random ]; then if [ ! -f /var/db/host.random ]; then
dd if=/dev/urandom of=/var/db/host.random bs=1024 count=64 \ dd if=/dev/urandom of=/var/db/host.random bs=1024 count=64 \
@ -186,6 +189,11 @@ if [ "X${named_flags}" != X"NO" -a "X${named_chroot}" != "X" ]; then
fi fi
syslogd ${syslogd_flags} syslogd ${syslogd_flags}
if [ "X$pf" != X"NO" ]; then
ifconfig pflog0 up
pflogd ${pflogd_flags}
fi
# $named_flags, $named_user, and $named_chroot are imported from /etc/rc.conf; # $named_flags, $named_user, and $named_chroot are imported from /etc/rc.conf;
# if $named_flags != NO, named is run. # if $named_flags != NO, named is run.
if [ "X${named_flags}" != X"NO" ]; then if [ "X${named_flags}" != X"NO" ]; then


Loading…
Cancel
Save