conf/63519: commands in dhclient-exit-hooks may not succeed at boot
with firewall
Derek VerLee
derekverlee at comcast.net
Sat Feb 28 21:30:21 PST 2004
>Number: 63519
>Category: conf
>Synopsis: commands in dhclient-exit-hooks may not succeed at boot with firewall
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Feb 28 21:30:20 PST 2004
>Closed-Date:
>Last-Modified:
>Originator: Derek VerLee
>Release: 5.2-RELEASE #1
>Organization:
>Environment:
FreeBSD pcp02905714pcs.roylok01.mi.comcast.net 5.2-RELEASE FreeBSD 5.2-RELEASE #1: Thu Jan 15 03:31:40 GMT 2004 root at pcp02905714pcs.roylok01.mi.comcast.net:/usr/obj/usr/src/sys/PANOX i386
>Description:
I have added a line to my /etc/dhclient-exit-hooks script (which is executed (if it exists) by /sbin/dhclient-script) that sets my hostname to a name that actually resolves to something in order to make sendmail as well as several other programs run more cleanly. It does this using the host command. The problem comes because I also run a firewall, and dhcpclient starts before the firewall rules are added, so that dhclient-exit-hooks and thus host is executed under a closed firewall.
>How-To-Repeat:
Any attempt to access the network within a script initiated by dhclient while booting on a machine with ipfw enabled.
>Fix:
in the file /etc/rc.d/dhclient
change the line
# REQUIRE: network netif mountcritlocal
to
# REQUIRE: ipfw network netif mountcritlocal
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list