From owner-freebsd-questions Tue Feb 18 21:12:19 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A588837B401 for ; Tue, 18 Feb 2003 21:12:17 -0800 (PST) Received: from famine.e-raist.com (famine.e-raist.com [65.100.40.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id F27CD43F85 for ; Tue, 18 Feb 2003 21:12:16 -0800 (PST) (envelope-from aburke@nullplusone.com) Received: from thebe (evrtwa1-ar10-4-40-153-150.evrtwa1.dsl-verizon.net [4.40.153.150]) (authenticated bits=0) by famine.e-raist.com (8.12.2/8.12.2) with ESMTP id h1J5CCau013246 for ; Tue, 18 Feb 2003 21:12:16 -0800 (PST) From: "Aaron Burke" To: Subject: RE: IPFW: rc.firewall script doesn't load when loading rules from a file Date: Tue, 18 Feb 2003 21:12:03 -0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Jason Williams > Sent: Tuesday, February 18, 2003 3:50 PM > To: freebsd-questions@FreeBSD.ORG > Subject: IPFW: rc.firewall script doesn't load when loading rules from a > file > > > I'm using FBSD 4.7 and have compiled ipfw into the kernel. My rc.conf > file has the following: > > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="/etc/ipfw.rules" I am not sure how your situation is different than most, but I use firewall_type="OPEN" instead of "/etc/ipfw.rules". The other options will be listed in the file /etc/rc.firewall . You may want to look at the following in the freebsd handbook. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html > firewall_quiet="NO" > firewall_logging_enable="YES" > log_in_vain="YES" > icmp_drop_redirect="YES" > > On reboot, ipfw is not reading rc.firewall before loading my rules - > /etc/ipfw.rules - as I've assumed it would. I thought I could let > rc.firewall take care of housekeeping ( flush and loopback rules ) > before moving on to the the custom rules in ipfw.rules. Am I missing > something here or is it normal to bypass rc.firewall altogether and set > up a rules file with everything needed in there? All the tutorials seem > to suggest that ipfw reads rc.firewall first before moving onto custom > rules files, but that has not been my experience here. Thanks for your > help > > Jason Williams > jason@seanet.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message