my lame attempt at a shell script...
Eric F Crist
ecrist at secure-computing.net
Mon Jan 3 10:59:52 PST 2005
On Jan 3, 2005, at 12:44 PM, Timothy Luoma wrote:
> On Jan 3, 2005, at 1:19 PM, Eric F Crist wrote:
>> I'm trying to create a shell script for firewalling. What I'm hoping
>> to do is create a generic script that looks for variables in
>> /etc/rc.conf. I've tried looking at other scripts that use variables
>> placed there, but don't understand how to pull the information from
>> the file.
> Ah, now I may be a FreeBSD newbie, but I've been doing shell scripts
> for a long time.
> What specifically are you trying to pull out of /etc/rc.conf?
> ps - that said, why aren't you setting firewall configuration once and
> leaving it alone?
Well, I'm hoping to put some variables such as grog_firewall_enable,
grog_firewall_iif, grog_firewall_oif, and possibly one or two more.
These variables will change from one system to another, as this script
will be installed on multiple systems. By setting these variables in
rc.conf (or any other, separate file), I can change one copy of this
script, propagate it throughout a set of servers, without having to
customize each one for a particular server.
In regards to your ps, I AM setting the config once, but this setup
allows me to easily upgrade/improve my ruleset. Besides, I'm learning
a lot writing this damn thing. ;)
Eric F Crist "I am so smart, S.M.R.T!"
Secure Computing Networks -Homer J Simpson
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050103/689cbc4c/PGP.bin
More information about the freebsd-questions