static void
vnet_ipf_uninit(void)
{
if (V_ipfmain.ipf_refcnt)
return;
if (V_ipfmain.ipf_running >= 0) {
if (ipfdetach(&V_ipfmain) != 0)
return;
ipf_destroy_all(&V_ipfmain);
}
V_ipfmain.ipf_running = -2;
}
static void
vnet_ipf_init(void)
{
char *defpass;
int error;
if (ipf_create_all(&V_ipfmain) == NULL)
return;
error = ipfattach(&V_ipfmain);
if (error) {
ipf_destroy_all(&V_ipfmain);
return;
}
if (FR_ISPASS(V_ipfmain.ipf_pass))
defpass = "******";
else if (FR_ISBLOCK(V_ipfmain.ipf_pass))
defpass = "******";
else
defpass = "******";
if (IS_DEFAULT_VNET(curvnet))
printf("%s initialized. Default = %s all, Logging = %s%s\n",
ipfilter_version, defpass,
#ifdef IPFILTER_LOG
"enabled",
#else
"disabled",
#endif
#ifdef IPFILTER_COMPILED
" (COMPILED)"
#else
""
#endif
);
}
static int
ipf_modunload()
{
int error, i;
if (ipfmain.ipf_refcnt)
return EBUSY;
if (ipf_fbsd_sysctl_destroy(&ipfmain) != 0)
return EIO;
error = ipf_pfil_unhook();
if (error != 0)
return error;
if (ipfmain.ipf_running >= 0) {
error = ipfdetach(&ipfmain);
if (error != 0)
return error;
ipf_fbsd_sysctl_destroy(&ipfmain);
ipf_destroy_all(&ipfmain);
ipf_unload_all();
} else
error = 0;
ipfmain.ipf_running = -2;
for (i = 0; ipf_devfiles[i]; i++) {
if (ipf_devs[i] != NULL)
destroy_dev(ipf_devs[i]);
}
printf("%s unloaded\n", ipfilter_version);
return error;
}
