init vnet-start: support custom pf.conf

Author: pizzamig

share/pot/init.sh

@@ -85,17 +85,18 @@ pot-init()
 	# service syslogd restart
 
 	# Add pot anchors if needed
-	if [ -r /etc/pf.conf ] && [ "$(grep -c '^nat-anchor pot-nat$' /etc/pf.conf )" -eq 1 ] && [ "$(grep -c '^rdr-anchor "pot-rdr/\*"$' /etc/pf.conf )" -eq 1 ] ; then
+	pf_file="$(sysrc -n pf_rules)"
+	if [ -r "$pf_file" ] && [ "$(grep -c '^nat-anchor pot-nat$' "$pf_file" )" -eq 1 ] && [ "$(grep -c '^rdr-anchor "pot-rdr/\*"$' "$pf_file" )" -eq 1 ] ; then
 		_debug "pf alredy properly configured"
 	else
-		if [ -w /etc/pf.conf ]; then
+		if [ -w "$pf_file" ]; then
 			# delete incomplete/broken ancory entries - just in case
-			sed -i '' '/^nat-anchor pot-nat$/d' /etc/pf.conf
-			sed -i '' '/^rdr-anchor "pot-rdr\/\*"$/d' /etc/pf.conf
+			sed -i '' '/^nat-anchor pot-nat$/d' "$pf_file"
+			sed -i '' '/^rdr-anchor "pot-rdr\/\*"$/d' "$pf_file"
 		else
-			touch /etc/pf.conf
+			touch "$pf_file"
 		fi
-		printf "%s\n" 0a "nat-anchor pot-nat" "rdr-anchor \"pot-rdr/*\"" . x | ex /etc/pf.conf
+		printf "%s\n" 0a "nat-anchor pot-nat" "rdr-anchor \"pot-rdr/*\"" . x | ex "$pf_file"
 	fi
 }
 

share/pot/vnet-start.sh

@@ -73,11 +73,12 @@ pot-vnet-start()
 
 	# load pf module
 	kldload -n pf
+	pf_file="$(sysrc -n pf_rules)"
 	# check anchors
 	if ! pfctl -s Anchors | grep -q '^[ \t]*pot-nat$' ||
 		! pfctl -s Anchors | grep -q '^[ \t]*pot-rdr$' ; then
-		_debug "Pot anchors are missing - load pf.conf"
-		pfctl -f /etc/pf.conf
+		_debug "Pot anchors are missing - load $pf_file"
+		pfctl -f "$pf_file"
 	fi
 	_nat_rules="/tmp/pot_pf_nat_rules"
 	if [ -w "$_nat_rules" ]; then