where am I supposed to put my rc.firewall?
Eric F Crist
ecrist at adtechintegrated.com
Fri Jan 30 18:23:03 PST 2004
On Friday 30 January 2004 06:54 pm, Chuck Swiger wrote:
> Eric F Crist wrote:
> > I'm trying to add IPFW support. Where do I put my rc.firewall so that it
> > gets read at boot time? I've tried /usr/local/etc/rc.d and /etc but
> > neither seems to get read.
>
> Specify the location of your firewall script in /etc/rc.conf like so:
>
> firewall_enable='YES'
> firewall_type='/etc/ERICS_firewall'
> firewall_flags='-p /usr/bin/cpp'
>
> [ You might choose to use some other preprocessor... ]
Well, here's what I have now. I have a file in /etc called grog.firewall.
It's contents are:
grog# more grog.firewall
ipfw -f flush
ipfw add 100 pass all from any to any via lo0
ipfw add 200 deny all from any to 127.0.0.0/8
ipfw add 300 deny ip from 127.0.0.0/8 to any
ipfw add 600 allow all from any to any
In my /etc/rc.conf file, I have the following two entries pertaining to the
firewall:
firewall_enable="YES"
firewall_type="/etc/grog.firewall"
Now, this is a headless system, so I access it through the serial port. I
don't see any errors anywhere, but my ipfw show command, immediately after
boot, shows:
65535 481 38684 deny ip from any to any
What have I done wrong?
--
Eric F Crist
AdTech Integrated Systems, Inc
(612) 998-3588
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040130/520c1604/attachment-0001.bin
More information about the freebsd-questions
mailing list