diff options
| author |   robert <robert@openbsd.org> | 2011-07-08 21:42:52 +0000 |
|---|---|---|
| committer | robert <robert@openbsd.org> | 2011-07-08 21:42:52 +0000 |
| commit | 310760ca5304a3af706d31e16d33fafed1d08623 (patch) | |
| tree | dd2dc4ce0f510efeebd96e9393b5ed368b0e89bd | |
| parent | Allow the elf rdsetroot operation to function on 32 bit and 64 bit binaries. (diff) | |
| download | wireguard-openbsd-310760ca5304a3af706d31e16d33fafed1d08623.tar.xz wireguard-openbsd-310760ca5304a3af706d31e16d33fafed1d08623.zip | |
move the pflog0 setup to the pflogd script and only
do that if pf is actually enabled (rely on pfctl -si)
requested by deraadt@
| -rw-r--r-- | etc/rc | 13 | ||||
| -rw-r--r-- | etc/rc.conf | 10 | ||||
| -rw-r--r-- | etc/rc.d/pflogd | 15 |
3 files changed, 24 insertions, 14 deletions
@@ -1,4 +1,4 @@ -# $OpenBSD: rc,v 1.380 2011/07/08 16:20:13 ajacoutot Exp $ +# $OpenBSD: rc,v 1.381 2011/07/08 21:42:52 robert Exp $ # System startup script run by init on autoboot # or after single-user. @@ -415,16 +415,7 @@ dmesg >/var/run/dmesg.boot make_keys echo -n 'starting early daemons:' -start_daemon syslogd ldattach - -if [ X"${pf}" != X"NO" ]; then - ifconfig pflog0 create >/dev/null 2>&1 - if ifconfig pflog0 >/dev/null 2>&1; then - ifconfig pflog0 up - start_daemon pflogd - fi -fi - +start_daemon syslogd ldattach pflogd start_daemon named nsd ntpd isakmpd iked sasyncd echo '.' diff --git a/etc/rc.conf b/etc/rc.conf index 0c6a93e7d3e..aea684a4372 100644 --- a/etc/rc.conf +++ b/etc/rc.conf @@ -1,6 +1,6 @@ #!/bin/sh - # -# $OpenBSD: rc.conf,v 1.153 2011/07/08 18:01:31 ajacoutot Exp $ +# $OpenBSD: rc.conf,v 1.154 2011/07/08 21:42:52 robert Exp $ # set these to "NO" to turn them off. otherwise, they're used as flags ldpd_flags=NO # for normal use: "" @@ -53,7 +53,7 @@ kdc_flags=NO # for normal use: "" see 'info heimdal' for help kadmind_flags=NO # for normal use: "" kpasswdd_flags=NO # for normal use: "" btd_flags=NO # for normal use: "" -amd_flags=NO +amd_flags=NO # for normal use: "" # use -u to disable chroot, see httpd(8) httpd_flags=NO # for normal use: "" (or "-DSSL" after reading ssl(8)) @@ -127,6 +127,12 @@ if [ X"${spamd_flags}" = X"NO" -o X"${spamd_black}" != X"NO" ]; then spamlogd_flags=NO fi +# special care needed for pflogd to avoid starting it up and failing +# if pf is not enabled +if [ X"${PF}" = X"NO" ]; then + pflogd_flags=NO +fi + # backward compatibility : ${inetd_flags=$([ X"${inetd-YES}" = XYES ] || echo NO)} : ${rwhod_flags=$([ X"${rwhod-NO}" = XYES ] || echo NO)} diff --git a/etc/rc.d/pflogd b/etc/rc.d/pflogd index 0c4be02a318..372129540ee 100644 --- a/etc/rc.d/pflogd +++ b/etc/rc.d/pflogd @@ -1,6 +1,6 @@ #!/bin/sh # -# $OpenBSD: pflogd,v 1.1 2011/07/08 00:50:09 robert Exp $ +# $OpenBSD: pflogd,v 1.2 2011/07/08 21:42:52 robert Exp $ daemon="/sbin/pflogd" @@ -8,4 +8,17 @@ daemon="/sbin/pflogd" pexp="pflogd: \[priv\]" +rc_pre() { + if pfctl -si | grep -q Enabled; then + ifconfig pflog0 create + if ifconfig pflog0; then + ifconfig pflog0 up + else + return 1 + fi + else + return 1 + fi +} + rc_cmd $1 |