Date: Wed, 19 Feb 2003 05:20:13 +0100 (CET) From: 520023893678-0001@t-online.de (P. U. Kruppa) To: Jason Williams <jason@seanet.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW: rc.firewall script doesn't load when loading rules from a file Message-ID: <20030219051338.B3399@small.pukruppa.de> In-Reply-To: <A588EF8C-439B-11D7-8842-00306555B1FA@seanet.com> References: <A588EF8C-439B-11D7-8842-00306555B1FA@seanet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 18 Feb 2003, Jason Williams wrote: > I'm using FBSD 4.7 and have compiled ipfw into the kernel. My rc.conf > file has the following: > > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="/etc/ipfw.rules" > firewall_quiet="NO" > firewall_logging_enable="YES" > log_in_vain="YES" > icmp_drop_redirect="YES" all you need to do, is to put your list of ipfw ... statements into your /etc/ipfw.rules and make it executable by # chmod 750 /etc/ipfw.rules and they will be executed on bootup. The line firewall_type="/etc/ipfw.rules" in your rc.conf is not necessary. Uli. > > On reboot, ipfw is not reading rc.firewall before loading my rules - > /etc/ipfw.rules - as I've assumed it would. I thought I could let > rc.firewall take care of housekeeping ( flush and loopback rules ) > before moving on to the the custom rules in ipfw.rules. Am I missing > something here or is it normal to bypass rc.firewall altogether and set > up a rules file with everything needed in there? All the tutorials seem > to suggest that ipfw reads rc.firewall first before moving onto custom > rules files, but that has not been my experience here. Thanks for your > help > > Jason Williams > jason@seanet.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > +-----------------------------------+ | Peter Ulrich Kruppa | | - Wuppertal - | | Germany | +-----------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030219051338.B3399>