Browse Source

move the pflog0 setup to the pflogd script and only

do that if pf is actually enabled (rely on pfctl -si)
requested by deraadt@
OPENBSD_5_0
robert 13 years ago
parent
commit
e6caed4cbf
3 changed files with 24 additions and 14 deletions
  1. +2
    -11
      src/etc/rc
  2. +8
    -2
      src/etc/rc.conf
  3. +14
    -1
      src/etc/rc.d/pflogd

+ 2
- 11
src/etc/rc View File

@ -1,4 +1,4 @@
# $OpenBSD: rc,v 1.380 2011/07/08 16:20:13 ajacoutot Exp $
# $OpenBSD: rc,v 1.381 2011/07/08 21:42:52 robert Exp $
# System startup script run by init on autoboot # System startup script run by init on autoboot
# or after single-user. # or after single-user.
@ -415,16 +415,7 @@ dmesg >/var/run/dmesg.boot
make_keys make_keys
echo -n 'starting early daemons:' echo -n 'starting early daemons:'
start_daemon syslogd ldattach
if [ X"${pf}" != X"NO" ]; then
ifconfig pflog0 create >/dev/null 2>&1
if ifconfig pflog0 >/dev/null 2>&1; then
ifconfig pflog0 up
start_daemon pflogd
fi
fi
start_daemon syslogd ldattach pflogd
start_daemon named nsd ntpd isakmpd iked sasyncd start_daemon named nsd ntpd isakmpd iked sasyncd
echo '.' echo '.'


+ 8
- 2
src/etc/rc.conf View File

@ -1,6 +1,6 @@
#!/bin/sh - #!/bin/sh -
# #
# $OpenBSD: rc.conf,v 1.153 2011/07/08 18:01:31 ajacoutot Exp $
# $OpenBSD: rc.conf,v 1.154 2011/07/08 21:42:52 robert Exp $
# set these to "NO" to turn them off. otherwise, they're used as flags # set these to "NO" to turn them off. otherwise, they're used as flags
ldpd_flags=NO # for normal use: "" ldpd_flags=NO # for normal use: ""
@ -53,7 +53,7 @@ kdc_flags=NO # for normal use: "" see 'info heimdal' for help
kadmind_flags=NO # for normal use: "" kadmind_flags=NO # for normal use: ""
kpasswdd_flags=NO # for normal use: "" kpasswdd_flags=NO # for normal use: ""
btd_flags=NO # for normal use: "" btd_flags=NO # for normal use: ""
amd_flags=NO
amd_flags=NO # for normal use: ""
# use -u to disable chroot, see httpd(8) # use -u to disable chroot, see httpd(8)
httpd_flags=NO # for normal use: "" (or "-DSSL" after reading ssl(8)) httpd_flags=NO # for normal use: "" (or "-DSSL" after reading ssl(8))
@ -127,6 +127,12 @@ if [ X"${spamd_flags}" = X"NO" -o X"${spamd_black}" != X"NO" ]; then
spamlogd_flags=NO spamlogd_flags=NO
fi fi
# special care needed for pflogd to avoid starting it up and failing
# if pf is not enabled
if [ X"${PF}" = X"NO" ]; then
pflogd_flags=NO
fi
# backward compatibility # backward compatibility
: ${inetd_flags=$([ X"${inetd-YES}" = XYES ] || echo NO)} : ${inetd_flags=$([ X"${inetd-YES}" = XYES ] || echo NO)}
: ${rwhod_flags=$([ X"${rwhod-NO}" = XYES ] || echo NO)} : ${rwhod_flags=$([ X"${rwhod-NO}" = XYES ] || echo NO)}


+ 14
- 1
src/etc/rc.d/pflogd View File

@ -1,6 +1,6 @@
#!/bin/sh #!/bin/sh
# #
# $OpenBSD: pflogd,v 1.1 2011/07/08 00:50:09 robert Exp $
# $OpenBSD: pflogd,v 1.2 2011/07/08 21:42:52 robert Exp $
daemon="/sbin/pflogd" daemon="/sbin/pflogd"
@ -8,4 +8,17 @@ daemon="/sbin/pflogd"
pexp="pflogd: \[priv\]" pexp="pflogd: \[priv\]"
rc_pre() {
if pfctl -si | grep -q Enabled; then
ifconfig pflog0 create
if ifconfig pflog0; then
ifconfig pflog0 up
else
return 1
fi
else
return 1
fi
}
rc_cmd $1 rc_cmd $1

Loading…
Cancel
Save