Index: head/etc/rc.d/defaultroute =================================================================== --- head/etc/rc.d/defaultroute (revision 320801) +++ head/etc/rc.d/defaultroute (revision 320802) @@ -1,74 +1,74 @@ #!/bin/sh # # Wait for the default route to be up if DHCP is in use # # $FreeBSD$ # # PROVIDE: defaultroute # REQUIRE: devd netif stf -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr name="defaultroute" desc="Setup default router" start_cmd="defaultroute_start" stop_cmd=":" # Does any interface have a carrier? defaultroute_carrier() { local carrier nocarrier carrier=1 for _if in ${dhcp_interfaces}; do output=`/sbin/ifconfig ${_if}` nocarrier=`expr "${output}" : '.*[[:blank:]]status: \(no carrier\)'` [ -z "${nocarrier}" ] && carrier=0 done return ${carrier} } defaultroute_start() { local nl waited afexists inet || return 0 # Return without waiting if we don't have dhcp interfaces or # if none of the dhcp interfaces is plugged in. dhcp_interfaces=`list_net_interfaces dhcp` [ -z "${dhcp_interfaces}" ] && return # Wait for a default route waited=0 while [ ${waited} -lt ${defaultroute_delay} ]; do defif=`get_default_if -inet` if [ -n "${defif}" ]; then if [ ${waited} -ne 0 ]; then echo -n "($defif)" nl=1 fi break fi if [ ${waited} -eq 0 ]; then echo -n "Waiting ${defaultroute_delay}s for the default route interface: " else echo -n . fi if [ ${waited} -eq ${defaultroute_carrier_delay} ] && ! defaultroute_carrier; then echo -n "(no carrier)" break fi nl=1 sleep 1 waited=$(($waited + 1)) done [ -n "$nl" ] && echo } load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/dhclient =================================================================== --- head/etc/rc.d/dhclient (revision 320801) +++ head/etc/rc.d/dhclient (revision 320802) @@ -1,65 +1,65 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: dhclient -# KEYWORD: nojail nostart +# KEYWORD: nojailvnet nostart . /etc/rc.subr . /etc/network.subr ifn="$2" name="dhclient" desc="Dynamic Host Configuration Protocol (DHCP) client" rcvar= pidfile="/var/run/${name}.${ifn}.pid" start_precmd="dhclient_prestart" stop_precmd="dhclient_pre_check" # rc_force check can only be done at the run_rc_command # time, so we're testing it in the pre* hooks. dhclient_pre_check() { if [ -z "${rc_force}" ] && ! dhcpif $ifn; then local msg msg="'$ifn' is not a DHCP-enabled interface" if [ -z "${rc_quiet}" ]; then echo "$msg" else debug "$msg" fi exit 1 fi } dhclient_prestart() { dhclient_pre_check # Interface-specific flags (see rc.subr for $flags setting) specific=$(get_if_var $ifn dhclient_flags_IF) if [ -z "$flags" -a -n "$specific" ]; then rc_flags=$specific fi background_dhclient=$(get_if_var $ifn background_dhclient_IF $background_dhclient) if checkyesno background_dhclient; then rc_flags="${rc_flags} -b" fi rc_flags="${rc_flags} ${ifn}" } load_rc_config $name load_rc_config network if [ -z $ifn ] ; then # only complain if a command was specified but no interface if [ -n "$1" ] ; then err 1 "$0: no interface specified" fi fi run_rc_command "$1" Index: head/etc/rc.d/ip6addrctl =================================================================== --- head/etc/rc.d/ip6addrctl (revision 320801) +++ head/etc/rc.d/ip6addrctl (revision 320802) @@ -1,124 +1,124 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: ip6addrctl # REQUIRE: FILESYSTEMS # BEFORE: netif -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr name="ip6addrctl" desc="configure address selection policy for IPv6 and IPv4" rcvar="ip6addrctl_enable" start_cmd="ip6addrctl_start" stop_cmd="ip6addrctl_stop" extra_commands="status prefer_ipv6 prefer_ipv4" status_cmd="ip6addrctl" prefer_ipv6_cmd="ip6addrctl_prefer_ipv6" prefer_ipv4_cmd="ip6addrctl_prefer_ipv4" config_file="/etc/ip6addrctl.conf" set_rcvar_obsolete ipv6_enable ipv6_activate_all_interfaces set_rcvar_obsolete ipv6_prefer ip6addrctl_policy IP6ADDRCTL_CMD="/usr/sbin/ip6addrctl" ip6addrctl_prefer_ipv6() { afexists inet6 || return 0 ${IP6ADDRCTL_CMD} flush >/dev/null 2>&1 cat </dev/null 2>&1 cat </dev/null 2>&1 ${IP6ADDRCTL_CMD} install "${config_file}" else if checkyesno ipv6_activate_all_interfaces; then ip6addrctl_prefer_ipv6 elif [ -n "$(list_vars ifconfig_\*_ipv6)" ]; then ip6addrctl_prefer_ipv6 else ip6addrctl_prefer_ipv4 fi fi ;; ipv4_prefer) ip6addrctl_prefer_ipv4 ;; ipv6_prefer) ip6addrctl_prefer_ipv6 ;; [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1) # Backward compatibility when ipv6_prefer=YES ip6addrctl_prefer_ipv6 ;; [Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0) # Backward compatibility when ipv6_prefer=NO ip6addrctl_prefer_ipv4 ;; [Nn][Oo][Nn][Ee]) ${IP6ADDRCTL_CMD} flush >/dev/null 2>&1 ;; *) warn "\$ip6addrctl_policy is invalid: ${ip6addrctl_policy}. " \ " \"ipv4_prefer\" is used instead." ip6addrctl_prefer_ipv4 ;; esac if checkyesno ip6addrctl_verbose; then echo 'Address selection policy table for IPv4 and IPv6:' ${IP6ADDRCTL_CMD} fi } ip6addrctl_stop() { afexists inet6 || return 0 ip6addrctl flush >/dev/null 2>&1 } load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/natd =================================================================== --- head/etc/rc.d/natd (revision 320801) +++ head/etc/rc.d/natd (revision 320802) @@ -1,44 +1,44 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: natd -# KEYWORD: nostart nojail +# KEYWORD: nostart nojailvnet . /etc/rc.subr . /etc/network.subr name="natd" desc="Network Address Translation daemon" rcvar="natd_enable" command="/sbin/${name}" pidfile="/var/run/${name}.pid" start_precmd="natd_precmd" required_modules="ipdivert" natd_precmd() { if [ -n "${natd_interface}" ]; then dhcp_list="`list_net_interfaces dhcp`" for ifn in ${dhcp_list}; do case "${natd_interface}" in ${ifn}) rc_flags="$rc_flags -dynamic" ;; esac done if echo "${natd_interface}" | \ grep -q -E '^[0-9]+(\.[0-9]+){0,3}$'; then rc_flags="$rc_flags -a ${natd_interface}" else rc_flags="$rc_flags -n ${natd_interface}" fi fi return 0 } load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/pf =================================================================== --- head/etc/rc.d/pf (revision 320801) +++ head/etc/rc.d/pf (revision 320802) @@ -1,77 +1,77 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: pf # REQUIRE: FILESYSTEMS netif pflog pfsync # BEFORE: routing -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr name="pf" desc="Packet filter" rcvar="pf_enable" load_rc_config $name start_cmd="pf_start" stop_cmd="pf_stop" check_cmd="pf_check" reload_cmd="pf_reload" resync_cmd="pf_resync" status_cmd="pf_status" extra_commands="check reload resync" required_files="$pf_rules" required_modules="pf" pf_start() { check_startmsgs && echo -n 'Enabling pf' $pf_program -F all > /dev/null 2>&1 $pf_program -f "$pf_rules" $pf_flags if ! $pf_program -s info | grep -q "Enabled" ; then $pf_program -eq fi check_startmsgs && echo '.' } pf_stop() { if $pf_program -s info | grep -q "Enabled" ; then echo -n 'Disabling pf' $pf_program -dq echo '.' fi } pf_check() { echo "Checking pf rules." $pf_program -n -f "$pf_rules" } pf_reload() { echo "Reloading pf rules." $pf_program -n -f "$pf_rules" || return 1 # Flush everything but existing state entries that way when # rules are read in, it doesn't break established connections. $pf_program -Fnat -Fqueue -Frules -FSources -Finfo -FTables -Fosfp > /dev/null 2>&1 $pf_program -f "$pf_rules" $pf_flags } pf_resync() { $pf_program -f "$pf_rules" $pf_flags } pf_status() { if ! [ -c /dev/pf ] ; then echo "pf.ko is not loaded" else $pf_program -s info fi } run_rc_command "$1" Index: head/etc/rc.d/pflog =================================================================== --- head/etc/rc.d/pflog (revision 320801) +++ head/etc/rc.d/pflog (revision 320802) @@ -1,106 +1,106 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: pflog # REQUIRE: FILESYSTEMS netif -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr name="pflog" desc="Packet filter logging interface" rcvar="pflog_enable" command="/sbin/pflogd" pidfile="/var/run/pflogd.pid" start_precmd="pflog_prestart" stop_postcmd="pflog_poststop" extra_commands="reload resync" # for backward compatibility resync_cmd="pflog_resync" pflog_prestart() { load_kld pflog || return 1 # create pflog_dev interface if needed if ! ifconfig $pflog_dev > /dev/null 2>&1; then if ! ifconfig $pflog_dev create; then warn "could not create $pflog_dev." return 1 fi fi # set pflog_dev interface to up state if ! ifconfig $pflog_dev up; then warn "could not bring up $pflog_dev." return 1 fi # -p flag requires stripping pidfile's leading /var/run and trailing .pid pidfile=$(echo $pidfile | sed -e 's|/var/run/||' -e 's|.pid$||') # prepare the command line for pflogd rc_flags="-p $pidfile -f $pflog_logfile -i $pflog_dev $rc_flags" # report we're ready to run pflogd return 0 } pflog_poststop() { if ! ifconfig $pflog_dev down; then warn "could not bring down $pflog_dev." return 1 fi if [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then rm $pidfile fi return 0 } # for backward compatibility pflog_resync() { run_rc_command reload } load_rc_config $name # Check if spawning multiple pflogd and told what to spawn if [ -n "$2" ]; then # Set required variables eval pflog_dev=\$pflog_${2}_dev eval pflog_logfile=\$pflog_${2}_logfile eval pflog_flags=\$pflog_${2}_flags # Check that required vars have non-zero length, warn if not. if [ -z $pflog_dev ]; then warn "pflog_dev not set" continue fi if [ -z $pflog_logfile ]; then warn "pflog_logfile not set" continue fi # Provide a unique pidfile name for pflogd -p flag pidfile="/var/run/pflogd.$2.pid" # Override service name and execute command name=$pflog_dev run_rc_command "$1" # Check if spawning multiple pflogd and not told what to spawn elif [ "$pflog_instances" ] && [ -n "$pflog_instances" ]; then # Interate through requested instances. for i in $pflog_instances; do /etc/rc.d/pflog $1 $i done else # Typical case, spawn single instance only. pflog_dev=${pflog_dev:-"pflog0"} run_rc_command "$1" fi Index: head/etc/rc.d/pfsync =================================================================== --- head/etc/rc.d/pfsync (revision 320801) +++ head/etc/rc.d/pfsync (revision 320802) @@ -1,50 +1,49 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: pfsync # REQUIRE: FILESYSTEMS netif -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr name="pfsync" desc="Packet filter state table sychronisation interface" rcvar="pfsync_enable" start_precmd="pfsync_prestart" start_cmd="pfsync_start" stop_cmd="pfsync_stop" -required_modules="pf" +required_modules="pf pfsync" pfsync_prestart() { case "$pfsync_syncdev" in '') warn "pfsync_syncdev is not set." return 1 ;; esac return 0 } pfsync_start() { local _syncpeer echo "Enabling pfsync." if [ -n "${pfsync_syncpeer}" ]; then _syncpeer="syncpeer ${pfsync_syncpeer}" fi - load_kld pfsync ifconfig pfsync0 $_syncpeer syncdev $pfsync_syncdev $pfsync_ifconfig up } pfsync_stop() { echo "Disabling pfsync." ifconfig pfsync0 -syncdev -syncpeer down } load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/rarpd =================================================================== --- head/etc/rc.d/rarpd (revision 320801) +++ head/etc/rc.d/rarpd (revision 320802) @@ -1,22 +1,22 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: rarpd # REQUIRE: DAEMON FILESYSTEMS # BEFORE: LOGIN -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr name="rarpd" desc="Reverse ARP daemon" rcvar="rarpd_enable" command="/usr/sbin/${name}" required_files="/etc/ethers" load_rc_config $name pidfile="${rarpd_pidfile:-/var/run/${name}.pid}" run_rc_command "$1" Index: head/etc/rc.d/route6d =================================================================== --- head/etc/rc.d/route6d (revision 320801) +++ head/etc/rc.d/route6d (revision 320802) @@ -1,21 +1,21 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: route6d # REQUIRE: netif routing -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr name="route6d" desc="RIP6 routing daemon" rcvar="route6d_enable" set_rcvar_obsolete ipv6_router_enable route6d_enable set_rcvar_obsolete ipv6_router route6d_program set_rcvar_obsolete ipv6_router_flags route6d_flags load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/routed =================================================================== --- head/etc/rc.d/routed (revision 320801) +++ head/etc/rc.d/routed (revision 320802) @@ -1,22 +1,22 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: routed # REQUIRE: netif routing # BEFORE: NETWORK -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr name="routed" desc="Network RIP and router discovery routing daemon" rcvar="routed_enable" set_rcvar_obsolete router_enable routed_enable set_rcvar_obsolete router routed_program set_rcvar_obsolete router_flags routed_flags load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/rtsold =================================================================== --- head/etc/rc.d/rtsold (revision 320801) +++ head/etc/rc.d/rtsold (revision 320802) @@ -1,27 +1,27 @@ #!/bin/sh # # $FreeBSD$ # # PROVIDE: rtsold # REQUIRE: netif # BEFORE: NETWORKING -# KEYWORD: nojail shutdown +# KEYWORD: nojailvnet shutdown . /etc/rc.subr name="rtsold" desc="Router solicitation daemon" rcvar="rtsold_enable" command="/usr/sbin/${name}" pidfile="/var/run/${name}.pid" start_postcmd="rtsold_poststart" rtsold_poststart() { # wait for DAD sleep $(($(${SYSCTL_N} net.inet6.ip6.dad_count) + 1)) } load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/static_arp =================================================================== --- head/etc/rc.d/static_arp (revision 320801) +++ head/etc/rc.d/static_arp (revision 320802) @@ -1,75 +1,75 @@ #!/bin/sh # # Copyright (c) 2009 Xin LI # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # Configure static ARP table # # $FreeBSD$ # # PROVIDE: static_arp # REQUIRE: netif -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr name="static_arp" desc="Static ARP Configuration" start_cmd="static_arp_start" stop_cmd="static_arp_stop" static_arp_start() { local e arp_args if [ -n "${static_arp_pairs}" ]; then echo -n 'Binding static ARP pair(s):' for e in ${static_arp_pairs}; do echo -n " ${e}" eval arp_args=\$static_arp_${e} arp -S ${arp_args} >/dev/null 2>&1 done echo '.' fi } static_arp_stop() { local e arp_args if [ -n "${static_arp_pairs}" ]; then echo -n 'Unbinding static ARP pair(s):' for e in ${static_arp_pairs}; do echo -n " ${e}" eval arp_args=\$static_arp_${e} arp -d ${arp_args%%[ ]*} > /dev/null 2>&1 done echo '.' fi } load_rc_config $name run_rc_command "$1" Index: head/etc/rc.d/static_ndp =================================================================== --- head/etc/rc.d/static_ndp (revision 320801) +++ head/etc/rc.d/static_ndp (revision 320802) @@ -1,74 +1,74 @@ #!/bin/sh # # Copyright (c) 2011 Xin Li # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # Configure static NDP table # # $FreeBSD$ # # PROVIDE: static_ndp # REQUIRE: netif -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr name="static_ndp" start_cmd="static_ndp_start" stop_cmd="static_ndp_stop" static_ndp_start() { local e ndp_args if [ -n "${static_ndp_pairs}" ]; then echo -n 'Binding static NDP pair(s):' for e in ${static_ndp_pairs}; do echo -n " ${e}" eval ndp_args=\$static_ndp_${e} ndp -s ${ndp_args} >/dev/null 2>&1 done echo '.' fi } static_ndp_stop() { local e ndp_args if [ -n "${static_ndp_pairs}" ]; then echo -n 'Unbinding static NDP pair(s):' for e in ${static_ndp_pairs}; do echo -n " ${e}" eval ndp_args=\$static_ndp_${e} ndp -d ${ndp_args%%[ ]*} > /dev/null 2>&1 done echo '.' fi } load_rc_config $name run_rc_command "$1"