From owner-svn-src-head@FreeBSD.ORG  Fri Jun 26 01:04:51 2009
Return-Path: <owner-svn-src-head@FreeBSD.ORG>
Delivered-To: svn-src-head@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4F6021065670;
	Fri, 26 Jun 2009 01:04:51 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c])
	by mx1.freebsd.org (Postfix) with ESMTP id 3D3DC8FC1C;
	Fri, 26 Jun 2009 01:04:51 +0000 (UTC)
	(envelope-from dougb@FreeBSD.org)
Received: from svn.freebsd.org (localhost [127.0.0.1])
	by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id n5Q14pL4070050;
	Fri, 26 Jun 2009 01:04:51 GMT (envelope-from dougb@svn.freebsd.org)
Received: (from dougb@localhost)
	by svn.freebsd.org (8.14.3/8.14.3/Submit) id n5Q14pRu070043;
	Fri, 26 Jun 2009 01:04:51 GMT (envelope-from dougb@svn.freebsd.org)
Message-Id: <200906260104.n5Q14pRu070043@svn.freebsd.org>
From: Doug Barton <dougb@FreeBSD.org>
Date: Fri, 26 Jun 2009 01:04:51 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
	svn-src-head@freebsd.org
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Cc: 
Subject: svn commit: r195026 - head/etc/rc.d
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
	<svn-src-head.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-head>,
	<mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jun 2009 01:04:51 -0000

Author: dougb
Date: Fri Jun 26 01:04:50 2009
New Revision: 195026
URL: http://svn.freebsd.org/changeset/base/195026

Log:
  Reverse the effect of r193198 for pf and ipfw which will once again
  allow them to start after netif. There were too many problems reported
  with this change in the short period of time that it lived in HEAD, and
  we are too late in the release cycle to properly shake it out.
  
  IMO the issue of having the firewalls up before the network is still a
  valid concern, particularly for pf whose default state is wide open.
  However properly solving this issue is going to take some investment
  on the part of the people who actually use those tools.
  
  This is not a strict reversion of all the changes for r193198 since it
  also included some simplification of the BEFORE/REQUIRE logic which is
  still valid for ipfilter and ip6fw.

Modified:
  head/etc/rc.d/NETWORKING
  head/etc/rc.d/ipfw
  head/etc/rc.d/netif
  head/etc/rc.d/pf
  head/etc/rc.d/pflog
  head/etc/rc.d/pfsync

Modified: head/etc/rc.d/NETWORKING
==============================================================================
--- head/etc/rc.d/NETWORKING	Fri Jun 26 01:01:50 2009	(r195025)
+++ head/etc/rc.d/NETWORKING	Fri Jun 26 01:04:50 2009	(r195026)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: NETWORKING NETWORK
-# REQUIRE: netif netoptions routing network_ipv6 ppp
+# REQUIRE: netif netoptions routing network_ipv6 ppp ipfw
 # REQUIRE: defaultroute routed mrouted route6d mroute6d resolv
 
 #	This is a dummy dependency, for services which require networking

Modified: head/etc/rc.d/ipfw
==============================================================================
--- head/etc/rc.d/ipfw	Fri Jun 26 01:01:50 2009	(r195025)
+++ head/etc/rc.d/ipfw	Fri Jun 26 01:04:50 2009	(r195026)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: ipfw
-# REQUIRE: FILESYSTEMS
+# REQUIRE: ppp
 # KEYWORD: nojail
 
 . /etc/rc.subr

Modified: head/etc/rc.d/netif
==============================================================================
--- head/etc/rc.d/netif	Fri Jun 26 01:01:50 2009	(r195025)
+++ head/etc/rc.d/netif	Fri Jun 26 01:04:50 2009	(r195026)
@@ -27,7 +27,7 @@
 
 # PROVIDE: netif
 # REQUIRE: atm1 cleanvar FILESYSTEMS serial sppp sysctl
-# REQUIRE: ipfilter ipfs pf ipfw
+# REQUIRE: ipfilter ipfs
 # KEYWORD: nojail
 
 . /etc/rc.subr

Modified: head/etc/rc.d/pf
==============================================================================
--- head/etc/rc.d/pf	Fri Jun 26 01:01:50 2009	(r195025)
+++ head/etc/rc.d/pf	Fri Jun 26 01:04:50 2009	(r195026)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: pf
-# REQUIRE: FILESYSTEMS pflog pfsync
+# REQUIRE: FILESYSTEMS netif pflog pfsync
 # BEFORE:  routing
 # KEYWORD: nojail
 

Modified: head/etc/rc.d/pflog
==============================================================================
--- head/etc/rc.d/pflog	Fri Jun 26 01:01:50 2009	(r195025)
+++ head/etc/rc.d/pflog	Fri Jun 26 01:04:50 2009	(r195026)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: pflog
-# REQUIRE: FILESYSTEMS cleanvar
+# REQUIRE: FILESYSTEMS netif cleanvar
 # KEYWORD: nojail
 
 . /etc/rc.subr

Modified: head/etc/rc.d/pfsync
==============================================================================
--- head/etc/rc.d/pfsync	Fri Jun 26 01:01:50 2009	(r195025)
+++ head/etc/rc.d/pfsync	Fri Jun 26 01:04:50 2009	(r195026)
@@ -4,7 +4,7 @@
 #
 
 # PROVIDE: pfsync
-# REQUIRE: FILESYSTEMS
+# REQUIRE: FILESYSTEMS netif
 # KEYWORD: nojail
 
 . /etc/rc.subr