Author: dougb Date: Fri Jun 26 01:04:50 2009 New Revision: 195026 URL: http://svn.freebsd.org/changeset/base/195026
Log: Reverse the effect of r193198 for pf and ipfw which will once again allow them to start after netif. There were too many problems reported with this change in the short period of time that it lived in HEAD, and we are too late in the release cycle to properly shake it out. IMO the issue of having the firewalls up before the network is still a valid concern, particularly for pf whose default state is wide open. However properly solving this issue is going to take some investment on the part of the people who actually use those tools. This is not a strict reversion of all the changes for r193198 since it also included some simplification of the BEFORE/REQUIRE logic which is still valid for ipfilter and ip6fw. Modified: head/etc/rc.d/NETWORKING head/etc/rc.d/ipfw head/etc/rc.d/netif head/etc/rc.d/pf head/etc/rc.d/pflog head/etc/rc.d/pfsync Modified: head/etc/rc.d/NETWORKING ============================================================================== --- head/etc/rc.d/NETWORKING Fri Jun 26 01:01:50 2009 (r195025) +++ head/etc/rc.d/NETWORKING Fri Jun 26 01:04:50 2009 (r195026) @@ -4,7 +4,7 @@ # # PROVIDE: NETWORKING NETWORK -# REQUIRE: netif netoptions routing network_ipv6 ppp +# REQUIRE: netif netoptions routing network_ipv6 ppp ipfw # REQUIRE: defaultroute routed mrouted route6d mroute6d resolv # This is a dummy dependency, for services which require networking Modified: head/etc/rc.d/ipfw ============================================================================== --- head/etc/rc.d/ipfw Fri Jun 26 01:01:50 2009 (r195025) +++ head/etc/rc.d/ipfw Fri Jun 26 01:04:50 2009 (r195026) @@ -4,7 +4,7 @@ # # PROVIDE: ipfw -# REQUIRE: FILESYSTEMS +# REQUIRE: ppp # KEYWORD: nojail . /etc/rc.subr Modified: head/etc/rc.d/netif ============================================================================== --- head/etc/rc.d/netif Fri Jun 26 01:01:50 2009 (r195025) +++ head/etc/rc.d/netif Fri Jun 26 01:04:50 2009 (r195026) @@ -27,7 +27,7 @@ # PROVIDE: netif # REQUIRE: atm1 cleanvar FILESYSTEMS serial sppp sysctl -# REQUIRE: ipfilter ipfs pf ipfw +# REQUIRE: ipfilter ipfs # KEYWORD: nojail . /etc/rc.subr Modified: head/etc/rc.d/pf ============================================================================== --- head/etc/rc.d/pf Fri Jun 26 01:01:50 2009 (r195025) +++ head/etc/rc.d/pf Fri Jun 26 01:04:50 2009 (r195026) @@ -4,7 +4,7 @@ # # PROVIDE: pf -# REQUIRE: FILESYSTEMS pflog pfsync +# REQUIRE: FILESYSTEMS netif pflog pfsync # BEFORE: routing # KEYWORD: nojail Modified: head/etc/rc.d/pflog ============================================================================== --- head/etc/rc.d/pflog Fri Jun 26 01:01:50 2009 (r195025) +++ head/etc/rc.d/pflog Fri Jun 26 01:04:50 2009 (r195026) @@ -4,7 +4,7 @@ # # PROVIDE: pflog -# REQUIRE: FILESYSTEMS cleanvar +# REQUIRE: FILESYSTEMS netif cleanvar # KEYWORD: nojail . /etc/rc.subr Modified: head/etc/rc.d/pfsync ============================================================================== --- head/etc/rc.d/pfsync Fri Jun 26 01:01:50 2009 (r195025) +++ head/etc/rc.d/pfsync Fri Jun 26 01:04:50 2009 (r195026) @@ -4,7 +4,7 @@ # # PROVIDE: pfsync -# REQUIRE: FILESYSTEMS +# REQUIRE: FILESYSTEMS netif # KEYWORD: nojail . /etc/rc.subr _______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
