Strange Failure Mode in FreeBSD 4.11
James Long
list at museum.rain.com
Thu Jan 12 17:11:40 PST 2006
> Date: Thu, 12 Jan 2006 13:58:09 -0600
> From: Martin McCormick <martin at dc.cis.okstate.edu>
> Subject: Re: Strange Failure Mode in FreeBSD 4.11
> To: freebsd-questions at freebsd.org
> Message-ID: <200601121958.k0CJw9hn091722 at dc.cis.okstate.edu>
>
> In the rc.conf.local, I have:
>
> firewall_enable="YES" # Set to YES to enable firewall functionality
> firewall_script="/etc/rc.firewall"
> firewall_type="OPEN" # Firewall type (see /etc/rc.firewall)
> firewall_quiet="NO" # Set to YES to suppress rule display
> firewall_logging="YES" # Set to YES to enable events logging
> firewall_flags="" # Flags passed to ipfw when type is a file
>
> That makes ipfw load the rules in rc.firewall just fine. In
> rc.firewall, there is a place where one can include a table of local
> rules and that's where I am doing something wrong. The place in
> rc.firewall reads:
>
> # filename - will load the rules in the given filename (full path required)
>
> So, I have tried various forms of
>
> filename /etc/firewall_rules.ns
>
> and even
>
> filename - /etc/firewall_rules.ns
snip
> What do I need to put in /etc/rc.firewall so it just includes
> /etc/firewall_rules.ns like the #include directive usually does?
You need to put
firewall_type="/etc/firewall_rules.ns"
in /etc/rc.conf.
If that file is readable, it will be passed to ipfw, as per these lines
in rc.firewall:
*)
if [ -r "${firewall_type}" ]; then
${fwcmd} ${firewall_flags} ${firewall_type}
fi
;;
> Many thanks.
An equal but opposite number of welcomes.
More information about the freebsd-questions
mailing list