rc: improvements in FreeBSD startup scripting; closes #2569

* Use rcorder to correctly order the startup sequence, which will avoid further workarounds in plugins. * Defer the execution of /etc/rc.d/ipfw due to bug #2569, while also removing the previous non-functional workaround.
2026-03-13 08:09:41 +00:00 · 2018-10-22 08:48:14 +00:00 · 2018-10-22 08:48:14 +00:00 · be0cdeb690
commit be0cdeb690
parent 389b9d4839
2 changed files with 19 additions and 8 deletions
--- a/src/etc/inc/system.inc
+++ b/src/etc/inc/system.inc
@ -987,6 +987,7 @@ function system_kernel_configure($verbose = false)
        log_error(sprintf('Loading %s cryptographic accelerator module.', $config['system']['crypto_hardware']));
        $mods[] = $config['system']['crypto_hardware'];
    }
+
    if (!empty($config['system']['cryptodev_enable'])) {
        log_error('Loading cryptodev kernel module.');
        $mods[] = 'cryptodev';
@ -997,11 +998,6 @@ function system_kernel_configure($verbose = false)
        $mods[] = $config['system']['thermal_hardware'];
    }

-    if ((new \OPNsense\TrafficShaper\TrafficShaper())->isEnabled() || (new \OPNsense\CaptivePortal\CaptivePortal())->isEnabled()) {
-        $mods[] = "ipfw";
-        $mods[] = "dummynet";
-    }
-
    foreach ($mods as $mod) {
        mwexecf('/sbin/kldload %s', $mod, true);
    }
--- a/src/etc/rc.freebsd
+++ b/src/etc/rc.freebsd
@ -1,7 +1,7 @@
 #!/bin/sh

 # Copyright (c) 2015-2017 Ad Schellevis <ad@opnsense.org>
-# Copyright (c) 2015-2017 Franco Fichtner <franco@opnsense.org>
+# Copyright (c) 2015-2018 Franco Fichtner <franco@opnsense.org>
 #
 # Redistribution and use in source and binary forms, with or without
 # modification, are permitted provided that the following conditions
@ -26,6 +26,8 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.

+RCORDER="rcorder -s nostart -s firstboot"
+
 # check which services to enable
 if [ -f /etc/rc.conf ]; then
 	. /etc/rc.conf
@ -66,7 +68,20 @@ rc_enabled()
 	return 0
 }

-rc_filenames="$(ls /etc/rc.d/[a-z]* /usr/local/etc/rc.d/[a-z]* 2> /dev/null || true)"
+rc_filenames="$(${RCORDER} /etc/rc.d/[a-z]* /usr/local/etc/rc.d/[a-z]* 2> /dev/null)"
+rc_filenames_defer="
+/etc/rc.d/ipfw
+"
+
+for rc_filename in ${rc_filenames_defer}; do
+	# exclude deferred scripts from first pass, appended last instead
+	rc_filenames=$(echo "${rc_filenames}" | grep -v "^${rc_filename}$")
+done
+
+if [ -z "${1}" ]; then
+	echo "Error: no action argument given"
+	exit 1
+fi

 # run our bootstrap command on startup
 if [ "${1}" == "start" ]; then
@ -84,7 +99,7 @@ if [ "${1}" == "start" ]; then
 fi

 # pass all commands to script now
-for rc_filename in ${rc_filenames}; do
+for rc_filename in ${rc_filenames} ${rc_filenames_defer}; do
 	eval "$(grep "^name[[:blank:]]*=" ${rc_filename})"

 	if ! rc_enabled ${rc_filename} ${name}; then