my lame attempt at a shell script...

Eric F Crist ecrist at secure-computing.net
Mon Jan 3 10:59:52 PST 2005


On Jan 3, 2005, at 12:44 PM, Timothy Luoma wrote:

>
> On Jan 3, 2005, at 1:19 PM, Eric F Crist wrote:
>
>> I'm trying to create a shell script for firewalling.  What I'm hoping 
>> to do is create a generic script that looks for variables in 
>> /etc/rc.conf.  I've tried looking at other scripts that use variables 
>> placed there, but don't understand how to pull the information from 
>> the file.
>
> Ah, now I may be a FreeBSD newbie, but I've been doing shell scripts 
> for a long time.
>
> What specifically are you trying to pull out of /etc/rc.conf?
>
> TjL
>
> ps - that said, why aren't you setting firewall configuration once and 
> leaving it alone?

Well, I'm hoping to put some variables such as grog_firewall_enable, 
grog_firewall_iif, grog_firewall_oif, and possibly one or two more.  
These variables will change from one system to another, as this script 
will be installed on multiple systems.  By setting these variables in 
rc.conf (or any other, separate file), I can change one copy of this 
script, propagate it throughout a set of servers, without having to 
customize each one for a particular server.

In regards to your ps, I AM setting the config once, but this setup 
allows me to easily upgrade/improve my ruleset.  Besides, I'm learning 
a lot writing this damn thing.  ;)

_______________________________________________________
Eric F Crist                  "I am so smart, S.M.R.T!"
Secure Computing Networks              -Homer J Simpson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20050103/689cbc4c/PGP.bin


More information about the freebsd-questions mailing list