|  | #!/bin/sh | 
|  | # | 
|  | # chkconfig: 2345 26 74 | 
|  | # description: ipfilter | 
|  | # processname: ipfilter | 
|  | # config: /etc/sysconfig/ipfilter | 
|  |  | 
|  | CONFIG=/etc/sysconfig/ipfilter | 
|  | LOGPRI=user.info | 
|  | IPFCONF=/etc/ipf.conf | 
|  | IPNATCONF=/etc/ipnat.conf | 
|  | IPPOOLCONF=/etc/ippool.conf | 
|  |  | 
|  | # Source function library. | 
|  | . /etc/rc.status | 
|  | if [ ! -f /etc/ipf.conf -a ! -f /etc/ipnat.conf ] ; then | 
|  | exit 0 | 
|  | fi | 
|  | rc_reset | 
|  | rc=0 | 
|  |  | 
|  | logit() { | 
|  | if [ $1 -ne 0 ] ; then | 
|  | logger -t $2 -p $LOGPRI "$3" | 
|  | fi | 
|  | } | 
|  |  | 
|  | start() { | 
|  | modprobe ipfilter | 
|  | rc=$? | 
|  | if [ ${rc} -ne 0 ] ; then | 
|  | rc_status -v | 
|  | exit $rc | 
|  | fi | 
|  | echo -n $"Starting IPFilter: " | 
|  |  | 
|  | minor=0 | 
|  | ipfdev=`awk ' /ipf/ { print $1; } ' /proc/devices` | 
|  | for i in ipl ipnat ipstate ipauth ipsync ipscan iplookup; do | 
|  | /bin/rm -f /dev/$i | 
|  | mknod /dev/$i c $ipfdev $minor | 
|  | minor=`expr $minor + 1` | 
|  | done | 
|  | if [ -f $IPFCONF ] ; then | 
|  | msg=`/sbin/ipf -f $IPFCONF 2>&1` | 
|  | rc=$? | 
|  | logit $rc ipf "$msg" | 
|  | fi | 
|  | if [ $rc -eq 0 -a -f $IPNATCONF ] ; then | 
|  | msg=`/sbin/ipnat -f $IPNATCONF 2>&1` | 
|  | rc=$? | 
|  | logit $rc ipnat "$msg" | 
|  | fi | 
|  | if [ $rc -eq 0 -a -f $IPPOOLCONF ] ; then | 
|  | msg=`/sbin/ippool -f $IPPOOLCONF 2>&1` | 
|  | rc=$? | 
|  | logit $rc ippool "$msg" | 
|  | fi | 
|  | if [ $rc -eq 0 ] ; then | 
|  | /usr/bin/ipmon -Das | 
|  | rc=$? | 
|  | fi | 
|  | rc_status -v | 
|  | return $rc | 
|  | } | 
|  |  | 
|  | stop() { | 
|  | echo -n $"Shutting down IPFilter: " | 
|  | killproc ipmon | 
|  | rc=$? | 
|  | [ $rc -eq 0 ] && /sbin/modprobe -r ipfilter 2>&1 >/dev/null | 
|  | rc_status -v | 
|  | } | 
|  |  | 
|  | dostatus() { | 
|  | #	status ipmon | 
|  | rc=$? | 
|  | } | 
|  |  | 
|  | restart() { | 
|  | stop | 
|  | start | 
|  | rc=$? | 
|  | } | 
|  |  | 
|  | # See how we were called. | 
|  | case "$1" in | 
|  | start) | 
|  | start | 
|  | ;; | 
|  | stop) | 
|  | stop | 
|  | ;; | 
|  | status) | 
|  | dostatus | 
|  | ;; | 
|  | restart|reload) | 
|  | restart | 
|  | ;; | 
|  | *) | 
|  | echo "Usage: ipfilter {start|stop|status|restart|reload}" | 
|  | rc=1 | 
|  | esac | 
|  | rc_status -v | 
|  | exit $? |