CVS commit: src/etc

[David Brownlee]

Module Name:    src
Committed By:   abs
Date:           Thu Oct  5 08:19:27 UTC 2023

Modified Files:
        src/etc/defaults: rc.conf
        src/etc/rc.d: npf

Log Message:
Add support to npf_rules to rc.conf

- Allows overriding default from /etc/npf.conf
- Indicate rules file used in output
- Drop check for file presence in script - rely on npf exiting with error


To generate a diff of this commit:
cvs rdiff -u -r1.166 -r1.167 src/etc/defaults/rc.conf
cvs rdiff -u -r1.7 -r1.8 src/etc/rc.d/npf

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/etc/defaults/rc.conf
diff -u src/etc/defaults/rc.conf:1.166 src/etc/defaults/rc.conf:1.167
--- src/etc/defaults/rc.conf:1.166	Wed Sep 27 01:27:32 2023
+++ src/etc/defaults/rc.conf	Thu Oct  5 08:19:27 2023
@@ -1,4 +1,4 @@
-#	$NetBSD: rc.conf,v 1.166 2023/09/27 01:27:32 riastradh Exp $
+#	$NetBSD: rc.conf,v 1.167 2023/10/05 08:19:27 abs Exp $
 #
 # /etc/defaults/rc.conf --
 #	default configuration of /etc/rc.conf
@@ -181,7 +181,7 @@ securelevel=""					# securelevel to set 
 ifconfig_wait_dad_flags="-w 15 -W 5"
 
 mdnsd=NO
-npf=NO
+npf=NO			npf_rules="/etc/npf.conf"
 npfd=NO			npfd_flags=""
 ipfilter=NO		ipfilter_flags=""	# uses /etc/ipf.conf
 ipnat=NO					# uses /etc/ipnat.conf

Index: src/etc/rc.d/npf
diff -u src/etc/rc.d/npf:1.7 src/etc/rc.d/npf:1.8
--- src/etc/rc.d/npf:1.7	Tue Sep  8 12:52:18 2020
+++ src/etc/rc.d/npf	Thu Oct  5 08:19:27 2023
@@ -1,6 +1,6 @@
 #!/bin/sh
 #
-# $NetBSD: npf,v 1.7 2020/09/08 12:52:18 martin Exp $
+# $NetBSD: npf,v 1.8 2023/10/05 08:19:27 abs Exp $
 #
 # Public Domain.
 #
@@ -14,8 +14,6 @@ $_rc_subr_loaded . /etc/rc.subr
 name="npf"
 rcvar=$name
 
-config="/etc/npf.conf"
-
 start_cmd="npf_start"
 stop_cmd="npf_stop"
 
@@ -23,19 +21,11 @@ reload_cmd="npf_reload"
 status_cmd="npf_status"
 extra_commands="reload status"
 
-npf_cfg_check()
-{
-	if [ ! -f ${config} ]; then
-		warn "${config} is not readable; failed."
-		exit 1
-	fi
-}
 
 npf_start()
 {
-	echo "Enabling NPF."
-	npf_cfg_check
-	/sbin/npfctl reload
+	echo "Enabling NPF $npf_rules"
+	/sbin/npfctl reload "$npf_rules"
 
 	# The npf_boot script has enabled npf already.
 	if [ "$autoboot" != "yes" ]; then
@@ -52,9 +42,8 @@ npf_stop()
 
 npf_reload()
 {
-	echo "Reloading NPF ruleset."
-	npf_cfg_check
-	/sbin/npfctl reload
+	echo "Reloading NPF ruleset $npf_rules"
+	/sbin/npfctl reload "$npf_rules"
 }
 
 npf_status()