Hallo, dies ist ein Test.

PWD: /www/data-lst1/unixsoft/unixsoft/kaempfer/.public_html

Running in File Mode
Relative path: ./../../.././../../../lib/svc/method/firewall
Real path: /lib/svc/method/firewall
Zurück

#!/sbin/sh

#
# Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.
#
# This method script can be invoked from either svcadm or from the libscf APIs
# smf_enable_/disable_instance_synchronous() called from pfctl_enable() and
# pfctl_disable(). If we arrived from svcadm enable/disable, there is extra
# work performed by the start and stop cases.
#
# Configuration for firewall:default is supposed to be defined by system
# administrator. Whenever firewall:default instance gets enabled with
# default configuration (pf.conf shipped by pkg:/network/firewall), it
# is transitioned to degraded state to alert administrator no policy
# is enforced by firewall.
#
. /lib/svc/share/smf_include.sh

# avoid file name generation for this script
set -f

SVCS=/usr/bin/svcs
PFCTL=/lib/svc/method/pfctl.smf

if [[ -z "$SMF_FMRI" ]] ; then
	echo "this script can only be invoked by smf(7)"        
	exit $SMF_EXIT_ERR_NOSMF
fi

if smf_dont_configure_ip; then
	smf_method_exit $SMF_EXIT_TEMP_DISABLE  "shared_stack" \
	    "$SMF_FMRI does not run in a shared stack zone"
fi

export PF_OSFP="$2"
CONFIG_FILE="$3"

case "$1" in
	start)
		$PFCTL -e start -q -a '*' -Fa -f $CONFIG_FILE
		EXIT_CODE=$?
		if [[ "$EXIT_CODE" == "$SMF_EXIT_DEGRADED" ]] ; then
			smf_method_exit $SMF_EXIT_DEGRADED "default_fw_config" \
			"Using default configuration, which provides no protection"
		elif [[ "$EXIT_CODE" == "0" ]] ; then
			smf_method_exit $SMF_EXIT_OK "firewall" \
			"$SMF_FMRI started successfully"
		else
			smf_method_exit $SMF_EXIT_ERR_FATAL "fatal_error" \
			"$SMF_FMRI transferring service to maintenance state"
		fi
		;;

stop)
		$PFCTL -dq
		;;

refresh)
		ERROR="$($PFCTL -f "$CONFIG_FILE" -e refresh 2>&1)"
		EXIT_CODE=$?
		if [[ "$EXIT_CODE" == "0" ]] ; then
			if [[ "$ERROR" != "" ]] ; then
				echo "$ERROR"
				smf_method_exit $SMF_EXIT_OK "firewall" \
				"$SMF_FMRI refresh failed, keeping old rules"
			else
				smf_method_exit $SMF_EXIT_OK "firewall" \
				"$SMF_FMRI rules refreshed" ;
			fi
		elif [[ "$EXIT_CODE" == "$SMF_EXIT_DEGRADED" ]] ; then
			smf_method_exit $SMF_EXIT_DEGRADED "default_fw_config" \
			"Using default configuration, which provides no protection"
		else
			smf_method_exit $SMF_EXIT_ERR_FATAL "fatal_error" \
			"$SMF_FMRI PF driver ?offline?, no firewall available."
		fi
		;;

cleanup)
		$PFCTL -dq
		;;

*)
		# Should never arrive here.
		echo "Usage: $0 (start|stop|refresh)'" >&2
		exit 1
		;;

esac
exit $SMF_EXIT_OK