Strange Failure Mode in FreeBSD 4.11

[Greg Barniskis]

Martin McCormick wrote:
>   In
> rc.firewall, there is a place where one can include a table of local
> rules and that's where I am doing something wrong.  The place in
> rc.firewall reads:
> 
> #   filename - will load the rules in the given filename (full path required)

This section of rc.firewall refers to valid values you can place in 
rc.conf for firewall_type. In rc.conf you can name any of the types 
defined in rc.firewall /or/ you can specify a file of your own 
(instead of rc.firewall). I don't think you can invoke rc.firewall 
/and/ another file you name.

Well, OK, surely there is a way to do that, but that functionality 
is not the intent of this part of rc.firewall and rc.conf as I 
understand it. I'm sure that if you put your custom rules in a shell 
file that you can use rc or cron to load those rules at boot time; 
you'd just need to be careful with rule numbering, maybe use ipfw 
sets for rule ordering, etc.

Maybe easier to just

cp rc.firewall custom.ipfw, edit to your needs and use
firewall_type="/etc/custom.ipfw"


-- 
Greg Barniskis, Computer Systems Integrator
South Central Library System (SCLS)
Library Interchange Network (LINK)
<gregb at scls.lib.wi.us>, (608) 266-6348